CN104243152B - Security information interaction system, apparatus and method - Google Patents
Security information interaction system, apparatus and method Download PDFInfo
- Publication number
- CN104243152B CN104243152B CN201310222736.9A CN201310222736A CN104243152B CN 104243152 B CN104243152 B CN 104243152B CN 201310222736 A CN201310222736 A CN 201310222736A CN 104243152 B CN104243152 B CN 104243152B
- Authority
- CN
- China
- Prior art keywords
- safety
- binding
- safety barrier
- information
- interactive terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Credit Cards Or The Like (AREA)
- Storage Device Security (AREA)
Abstract
The present invention proposes security information interaction system, apparatus and method, and methods described includes:Communication link is established first between safety barrier and safety information interactive terminal;The safety information interactive terminal performs the binding authentication operation for the safety barrier based on safety barrier list of bindings, and the result then operated according to the binding authentication performs related safety information interaction.By security information interaction system disclosed in this invention, apparatus and method, safety barrier internal information can be avoided maliciously to be read in the case of unauthorized in the case where keeping separation between machine and card, so as to considerably improve the security of system.
Description
Technical field
The present invention relates to information interaction system, apparatus and method, more particularly, to security information interaction system, set
Standby and method.
Background technology
At present, increasingly extensive and different field the class of business applied with cyber-net becomes increasingly abundant,
Interacted for safety information(Information exchange i.e. higher to security requirement, such as the trading processing process in financial field)
System, apparatus and method(It is based especially on the security information interaction system of mobile terminal)Become more and more important.
The basic functional principle of existing technical scheme is as follows:Safety barrier(Can be stored thereon and run one or
Multiple security applications, such as SIM card, SD card)Exist with safety information interactive terminal (such as mobile terminal, POS etc.)
It is physically separated, both sides are in communication with each other by the interface of standard to carry out the safety information interaction of correlation.
However, there are the following problems for existing technical scheme:Because safety barrier can be in any support relevant criterion
Used on the safety information interactive terminal of interface, therefore the possibility of leakage be present in the safety information on safety barrier, so as to lead
Cause potential potential safety hazard.
Accordingly, there exist following demand:Offer enable safety barrier mutually bound with safety information interactive terminal and
The security information interaction system of certification, apparatus and method.
The content of the invention
In order to solve the problems of above-mentioned prior art, the present invention, which proposes, enables safety barrier and peace
Full property information interactive terminal is mutually bound and the security information interaction system of certification, apparatus and method.
The purpose of the present invention is achieved through the following technical solutions:
A kind of safety information interaction method, the safety information interaction method comprise the following steps:
(A1)Communication link is established first between safety barrier and safety information interactive terminal;
(A2)The safety information interactive terminal is performed for the safety barrier based on safety barrier list of bindings
Binding authentication operates, and the result then operated according to the binding authentication performs related safety information interaction.
In scheme disclosed above, it is preferable that the step(A2)Further comprise:Performing the binding authentication
Before operation, the legitimacy of the safety barrier is verified in the safety information interactive terminal, and is only " peace in the result
Full carrier is legal " in the case of binding authentication described in subsequent execution operate.
In scheme disclosed above, it is preferable that each record in the safety barrier list of bindings includes following
Field:Safety barrier identifier field and safety barrier confidential information field, wherein, the safety barrier identifier field is used for
The identifier of the safety barrier corresponding to the record is stored, the safety barrier confidential information field is used to store to be carried safely with this
First binding authentication confidential information of body phase association.
In scheme disclosed above, it is preferable that the safety barrier provides secure storage section to be recognized with storing binding
Information is demonstrate,proved, wherein, the binding authentication information includes binding logo symbol and the second binding authentication confidential information, the binding logo
Symbol is the unique mark associated with specific binding relationship, and the second binding authentication confidential information and corresponding first
Binding authentication confidential information is associated.
In scheme disclosed above, it is preferable that the binding authentication operation includes:(1)The safety information is handed over
Mutual terminal is accorded with by the binding logo of safety barrier described in the data communication inquiry with the safety barrier;(2)If it find that institute
State safety barrier not bind with any safety information interactive terminal, then prompt user to input bound secret, and by predetermined
The password that is inputted based on user of computing mode generate the safety barrier identifier associated with the safety barrier, first bind and recognize
Demonstrate,prove confidential information, binding logo symbol and the second binding authentication confidential information;(3)Created in the safety barrier list of bindings new
Record, and the safety barrier identifier, the first binding authentication confidential information are stored in the record;(4)Tied up described
Determine identifier and the second binding authentication confidential information is sent to the safety barrier;(5)What the safety barrier storage received
The binding logo symbol and the second binding authentication confidential information.
In scheme disclosed above, it is preferable that the step(A2)Further comprise:When the binding authentication operates
When the safety barrier again connects to the safety information interactive terminal bound in it after successfully completing, the safety barrier
The safety information interactive terminal is authenticated using the second binding authentication confidential information, and only in certification success
In the case of allow the follow-up data between the safety barrier and the safety information interactive terminal to communicate to perform phase
The safety information interaction of pass.
In scheme disclosed above, it is preferable that the safety information interactive terminal can provide security context, and
And user inputs the bound secret under the security context, and under the security context by binding logo symbol and
Second binding authentication confidential information is sent to the safety barrier.
In scheme disclosed above, it is preferable that perform solution bindings as follows:(1)Perform the safety
Authentication operation between carrier and the safety information interactive terminal;(2)If certification success, prompt described in user's input
Bound secret;(3)If the bound secret of user's input is correct, the related binding logo symbol in the safety barrier is deleted
With the safety barrier list of bindings in the second binding authentication confidential information and the deletion safety information interactive terminal
In corresponding record.
In scheme disclosed above, it is preferable that a safety barrier can only be tied to a safety information interaction
In terminal, and a safety information interactive terminal can bind multiple safety barriers.
The purpose of the present invention can also be achieved through the following technical solutions:
A kind of security information interaction system, the security information interaction system include safety information interactive terminal and
Safety barrier, wherein, after establishing communication link first between the safety barrier and the safety information interactive terminal, institute
State safety information interactive terminal and the binding authentication operation for being directed to the safety barrier is performed based on safety barrier list of bindings, and
The result then operated according to the binding authentication performs related safety information interaction.
The purpose of the present invention can also be achieved through the following technical solutions:
A kind of safety information interactive terminal, the safety information interactive terminal communicate being established first with safety barrier
The binding authentication operation for the safety barrier is performed based on safety barrier list of bindings after link, and then tied up according to
The result for determining authentication operation performs related safety information interaction.
The purpose of the present invention can also be achieved through the following technical solutions:
A kind of safety barrier, after the safety barrier establishes communication link first between safety information interactive terminal
Assist the safety information interactive terminal to perform the binding authentication operation for the safety barrier, and then tied up according to
The result for determining authentication operation performs related safety information interaction.
Security information interaction system disclosed in this invention, apparatus and method have following advantages:Can be in the machine of holding
Safety barrier internal information is avoided maliciously to be read in the case of unauthorized in the case of card separation, so as to considerably improve
The security of system.
Brief description of the drawings
With reference to accompanying drawing, technical characteristic of the invention and advantage will be more fully understood by those skilled in the art, wherein:
Fig. 1 is the schematic diagram of security information interaction system according to an embodiment of the invention;
Fig. 2 is the flow chart of safety information interaction method according to an embodiment of the invention.
Embodiment
Fig. 1 is the schematic diagram of security information interaction system according to an embodiment of the invention.As shown in figure 1,
Security information interaction system disclosed in this invention includes safety information interactive terminal 1 and safety barrier 2.Wherein, in institute
State after establishing communication link first between safety barrier 2 and the safety information interactive terminal 1, the safety information interaction
Terminal 1 performs the binding authentication operation for the safety barrier 2 based on safety barrier list of bindings, and is then tied up according to
The result for determining authentication operation performs related safety information interaction(Such as the payment transaction process in financial field).
Preferably, in security information interaction system disclosed in this invention, it is operated performing the binding authentication
Before, the legitimacy of the safety barrier 2 is verified in the safety information interactive terminal 1, and only in the result for " safety carries
Body is legal " in the case of described in subsequent execution binding authentication operate.
Preferably, in security information interaction system disclosed in this invention, the safety information interactive terminal 1 is entered
One step includes:Secure storage module 3 and binding authentication module 4.Wherein, the secure storage module 3 provides secure storage section
To store the safety barrier list of bindings.The binding authentication module 4 is used to perform the binding authentication operation.
Preferably, in security information interaction system disclosed in this invention, in the safety barrier list of bindings
Each record includes fields:Safety barrier identifier field and safety barrier confidential information field, wherein, the safety carries
Body identifier field is used for the identifier for storing the safety barrier corresponding to the record, and the safety barrier confidential information field is used
In the storage first binding authentication confidential information associated with the safety barrier.
Preferably, in security information interaction system disclosed in this invention, the safety barrier 2 further comprises tying up
Determine authentication module 5 and secure storage module 6.Wherein, the binding authentication module 5 is based on the safety barrier 2 and the safety
Property information interactive terminal 1 between data communications assistance perform binding authentication operation.The secure storage module 6 provides peace
Full storage region to store binding authentication information, wherein, the binding authentication information includes binding logo symbol and the second binding is recognized
Confidential information is demonstrate,proved, the binding logo symbol is the unique mark associated with specific binding relationship, and described second binds
Certification confidential information is associated with corresponding first binding authentication confidential information.
Preferably, in security information interaction system disclosed in this invention, the binding authentication operation includes:(1)
Binding authentication module 4 in the safety information interactive terminal 1 by with the binding authentication module 5 in the safety barrier 2
Data communication inquiry described in safety barrier 2 binding logo symbol;(2)If it find that the safety barrier 2 not with any peace
Full property information interactive terminal binding(Binding logo is not present to accord with), then prompt user to input bound secret, and by predetermined
Computing mode generates the safety barrier identifier associated with the safety barrier, the first binding authentication based on the password that user inputs
Confidential information, binding logo symbol and the second binding authentication confidential information;(3)Created newly in the safety barrier list of bindings
Record, and the safety barrier identifier, the first binding authentication confidential information are stored in the record;(4)By the binding
Identifier and the second binding authentication confidential information are sent to the binding authentication module 5 in the safety barrier 2;(5)The safety
The binding logo received symbol and the second binding authentication confidential information are stored in institute by the binding authentication module 5 in carrier 2
State in secure storage module 6.
Preferably, in security information interaction system disclosed in this invention, when the binding authentication operate it is successfully complete
Into when the safety barrier 2 again connects to the safety information interactive terminal 1 bound in it afterwards, in the safety barrier 2
Binding authentication module 5 the safety information interactive terminal 1 will be recognized using the second binding authentication confidential information
Card, and only after allowing between the safety barrier 2 and the safety information interactive terminal 1 in the case of certification is successful
Continuous data communicate to perform the safety information interaction of correlation.
Preferably, in security information interaction system disclosed in this invention, the energy of safety information interactive terminal 1
Security context is enough provided(Such as SOS), and user inputs the bound secret under the security context, with
And binding logo symbol and the second binding authentication confidential information are sent in the safety barrier 2 under the security context
Binding authentication module 5.
Preferably, in security information interaction system disclosed in this invention, the safety information interactive terminal 1 with
Following manner performs solution bindings:(1)Perform recognizing between the safety barrier 2 and the safety information interactive terminal 1
Card operation;(2)If certification success, prompts user to input the bound secret;(3)If the bound secret of user's input is just
Really, then delete described in related binding logo symbol and the second binding authentication confidential information and the deletion in the safety barrier 2
The corresponding record in the safety barrier list of bindings in safety information interactive terminal 1.If in addition, because security is believed
Breath interactive terminal is damaged and can not carry out unbinding operation, then can be by the service provider of safety barrier(That is the confession of safety barrier
Answer business)Carry out unbinding operation for the safety barrier.
Exemplarily, in the first embodiment of security information interaction system disclosed in this invention, the safety
Property information interactive terminal 1 be mobile terminal, and crucial binding authentication operating process is as follows:User inputs 6 bit digital passwords
As bound secret, mobile terminal is using the password that user inputs as sequence number number, public private key pair corresponding to lookup(The public private key pair
As binding authentication confidential information);Mobile terminal preserves private key, and public key is sent to safety barrier preservation;When safety barrier is with moving
During dynamic terminal connection, mobile terminal is by the peculiar information of some safety barriers(As safety barrier sent in this dialogue it is random
Number etc.)Safety barrier is sent to after carrying out private key encryption, safety barrier uses public key decryptions, the errorless then certification success of information.
Preferably, in security information interaction system disclosed in this invention, a safety barrier 2 can only be tied to one
On individual safety information interactive terminal 1, and a safety information interactive terminal 1 can bind multiple safety barriers 2.
Alternately, in security information interaction system disclosed in this invention, a safety barrier 2 can only be tied to
On one safety information interactive terminal 1, and a safety information interactive terminal 1 is also only capable of binding a safety barrier 2.
In this case it is desirable to perform the mutual authentication process between safety barrier 2 and safety information interactive terminal 1.Can for this
The scheme of replacement, in the exemplary second embodiment of the present invention, the safety information interactive terminal 1 is mobile whole
End, and the critical process of the two-way authentication is as follows:User inputs 6 bit digital passwords will as bound secret, mobile terminal
The password is converted to the binary data of 16 byte lengths and does XOR with specific 16 byte length data in mobile terminal, raw
Into data be binding authentication confidential information, be stored in the secure storage areas of oneself and be sent to safety barrier and protected
Deposit;When safety barrier is attached with mobile terminal again, mobile terminal uses symmetric encipherment algorithm 3DES, uses the binding
The peculiar information that certification confidential information encryption safe carrier is sent(The random number that such as safety barrier is sent in this dialogue),
Safety barrier is sent the result to, safety barrier is decrypted using the binding authentication confidential information of oneself storage, and information is errorless, recognizes
Demonstrate,prove mobile terminal success;Mobile terminal certification safety barrier in the same way.
Therefore security information interaction system disclosed in this invention has following advantages:Machine card can kept
Avoid safety barrier internal information maliciously to be read in the case of unauthorized in the case of separation, be so as to considerably improve
The security of system.
As shown in figure 1, the invention discloses a kind of safety information interactive terminal 1, the safety information interactive terminal 1
Tying up for the safety barrier 2 is performed based on safety barrier list of bindings being established first after communication link with safety barrier 2
Determine authentication operation, and the result then operated according to the binding authentication performs related safety information interaction(Such as
Payment transaction process in financial field).
Preferably, safety information interactive terminal 1 disclosed in this invention is tested before the binding authentication operation is performed
Demonstrate,prove the legitimacy of the safety barrier 2, and only described in subsequent execution in the case that the result is " safety barrier is legal "
Binding authentication operates.
Preferably, safety information interactive terminal 1 disclosed in this invention further comprises:Secure storage module 3 and tie up
Determine authentication module 4.Wherein, the secure storage module 3 provides secure storage section to store the safety barrier list of bindings.
The binding authentication module 4 is used to perform the binding authentication operation.
Preferably, in safety information interactive terminal 1 disclosed in this invention, in the safety barrier list of bindings
Each record includes fields:Safety barrier identifier field and safety barrier confidential information field, wherein, the safety carries
Body identifier field is used for the identifier for storing the safety barrier corresponding to the record, and the safety barrier confidential information field is used
In the storage first binding authentication confidential information associated with the safety barrier.
Preferably, in safety information interactive terminal 1 disclosed in this invention, the binding authentication operation includes:(1)
Binding authentication module 4 in the safety information interactive terminal 1 by with described in the data communication inquiry of the safety barrier 2
The binding logo symbol of safety barrier 2;(2)If it find that the safety barrier 2 is not tied up with any safety information interactive terminal
It is fixed(Binding logo is not present to accord with), then prompt user to input bound secret, and it is defeated based on user by predetermined computing mode
The password entered generates the safety barrier identifier associated with the safety barrier, the first binding authentication confidential information, binding logo
Symbol and the second binding authentication confidential information;(3)Create new record in the safety barrier list of bindings, and by the safety
Signal of carrier symbol, the first binding authentication confidential information are stored in the record;(4)Binding logo symbol and the second binding are recognized
Card confidential information is sent to the safety barrier 2;(5)The safety barrier 2 stores the binding logo symbol that receives and the
Two binding authentication confidential information.
Preferably, in safety information interactive terminal 1 disclosed in this invention, when the binding authentication operate it is successfully complete
Into when the safety barrier 2 again connects to the safety information interactive terminal 1 afterwards, described in the use of safety barrier 2
Second binding authentication confidential information is authenticated to the safety information interactive terminal 1, and only in the successful situation of certification
The lower follow-up data allowed between the safety barrier 2 and the safety information interactive terminal 1 communicate related to perform
Safety information interaction.
Preferably, safety information interactive terminal 1 disclosed in this invention can provide security context(Such as safety operation
System), and user inputs the bound secret under the security context, and by the binding under the security context
Identifier and the second binding authentication confidential information are sent to the safety barrier 2.
Preferably, safety information interactive terminal 1 disclosed in this invention performs solution bindings as follows:(1)
Perform the authentication operation between the safety barrier 2 and the safety information interactive terminal 1;(2)If certification success, is carried
Show that user inputs the bound secret;(3)If the bound secret of user's input is correct, delete in the safety barrier 2
It is described in related binding logo symbol and the second binding authentication confidential information and the deletion safety information interactive terminal 1
Corresponding record in safety barrier list of bindings.If in addition, it can not be solved because safety information interactive terminal is damaged
Tie up operation, then can be by the service provider of safety barrier(That is the supplier of safety barrier)Carry out the solution for the safety barrier
Tie up operation.
As shown in figure 1, the invention discloses a kind of safety barrier 2, the safety barrier 2 is interacting eventually with safety information
The safety information interactive terminal 1 is assisted to perform tying up for the safety barrier 2 after establishing communication link between end 1 first
Determine authentication operation, and the result then operated according to the binding authentication performs related safety information interaction(Such as
Payment transaction process in financial field).
Preferably, safety barrier 2 disclosed in this invention further comprises binding authentication module 5 and secure storage module 6.
Wherein, the binding authentication module 5 is led to based on the data between the safety barrier 2 and the safety information interactive terminal 1
Letter assists to perform the binding authentication operation.The secure storage module 6 provides secure storage section to store binding authentication letter
Breath, wherein, the binding authentication information includes binding logo symbol and binding authentication confidential information, and the binding logo symbol is and spy
The associated unique mark of fixed binding relationship, and the binding authentication confidential information and the safety information interactive terminal
Corresponding binding authentication confidential information is associated in 1.
Preferably, it is described after binding authentication operation successfully completes in safety barrier 2 disclosed in this invention
When safety barrier 2 again connects to the safety information interactive terminal 1 bound in it, described in the use of binding authentication module 5
Binding authentication confidential information is authenticated to the safety information interactive terminal 1, and is permitted only in the case of certification is successful
Perhaps the follow-up data between described safety barrier 2 and the safety information interactive terminal 1 communicate to perform related safety
Property information interactive process.
Fig. 2 is the flow chart of safety information interaction method according to an embodiment of the invention.It is as shown in Fig. 2 of the invention
Disclosed safety information interaction method comprises the following steps:(A1)Between safety barrier and safety information interactive terminal
Communication link is established first;(A2)The safety information interactive terminal is based on the execution of safety barrier list of bindings and is directed to the peace
The binding authentication operation of full carrier, and the result then operated according to the binding authentication performs related safety information and interacted
Process(Such as the payment transaction process in financial field).
Preferably, in safety information interaction method disclosed in this invention, the step(A2)Further comprise:
Before performing the binding authentication operation, the legitimacy of the safety barrier is verified in the safety information interactive terminal, and
Only in the case where the result is " safety barrier is legal ", binding authentication described in subsequent execution operates.
Preferably, in safety information interaction method disclosed in this invention, in the safety barrier list of bindings
Each record includes fields:Safety barrier identifier field and safety barrier confidential information field, wherein, the safety carries
Body identifier field is used for the identifier for storing the safety barrier corresponding to the record, and the safety barrier confidential information field is used
In the storage first binding authentication confidential information associated with the safety barrier.
Preferably, in safety information interaction method disclosed in this invention, the safety barrier 2 provides safe storage
Region to store binding authentication information, wherein, the binding authentication information include binding logo symbol and the second binding authentication secret
Information, binding logo symbol are the unique marks associated with specific binding relationship, and the second binding authentication machine
Confidential information is associated with corresponding first binding authentication confidential information.
Preferably, in safety information interaction method disclosed in this invention, the binding authentication operation includes:(1)
The safety information interactive terminal passes through the binding logo with safety barrier described in the data communication inquiry of the safety barrier 2
Symbol;(2)If it find that the safety barrier is not bound with any safety information interactive terminal(Binding logo is not present
Symbol), then user is prompted to input bound secret, and the password generation inputted by predetermined computing mode based on user and the safety
The associated safety barrier identifier of carrier, the first binding authentication confidential information, binding logo symbol and the second binding authentication secret
Information;(3)New record is created in the safety barrier list of bindings, and the safety barrier identifier, first are bound
Certification confidential information is stored in the record;(4)Binding logo symbol and the second binding authentication confidential information are sent to institute
State safety barrier;(5)The binding logo symbol and the second binding authentication confidential information that the safety barrier storage receives.
Preferably, in safety information interaction method disclosed in this invention, the step(A2)Further comprise:When
The safety information interaction that the safety barrier is again connected to bound in it after the binding authentication operation successfully completes is whole
During end, the safety barrier is recognized the safety information interactive terminal using the second binding authentication confidential information
Card, and only allow in the case of certification is successful it is follow-up between the safety barrier and the safety information interactive terminal
Data communicate with perform correlation safety information interaction.
Preferably, in safety information interaction method disclosed in this invention, safety information interactive terminal energy
Security context is enough provided(Such as SOS), and user inputs the bound secret under the security context, with
And binding logo symbol and the second binding authentication confidential information are sent to the safety barrier under the security context.
Preferably, in safety information interaction method disclosed in this invention, solution bindings are performed as follows:
(1)Perform the authentication operation between the safety barrier and the safety information interactive terminal;(2)If certification success,
User is prompted to input the bound secret;(3)If the bound secret of user's input is correct, delete in the safety barrier
It is described in related binding logo symbol and the second binding authentication confidential information and the deletion safety information interactive terminal
Corresponding record in safety barrier list of bindings.If in addition, it can not be solved because safety information interactive terminal is damaged
Tie up operation, then can be by the service provider of safety barrier(That is the supplier of safety barrier)Carry out the solution for the safety barrier
Tie up operation.
Exemplarily, in the first embodiment of safety information interaction method disclosed in this invention, the safety
Property information interactive terminal be mobile terminal, and crucial binding authentication operating process is as follows:User inputs 6 bit digital passwords and made
For bound secret, mobile terminal is using the password that user inputs as sequence number number, public private key pair corresponding to lookup(The public private key pair is
For binding authentication confidential information);Mobile terminal preserves private key, and public key is sent to safety barrier preservation;When safety barrier and movement
When terminal connects, mobile terminal is by the peculiar information of some safety barriers(The random number sent such as safety barrier in this dialogue
Deng)Safety barrier is sent to after carrying out private key encryption, safety barrier uses public key decryptions, the errorless then certification success of information.
Preferably, in safety information interaction method disclosed in this invention, a safety barrier can only be tied to one
On individual safety information interactive terminal, and a safety information interactive terminal can bind multiple safety barriers.
Alternately, in safety information interaction method disclosed in this invention, a safety barrier can only be tied to
On one safety information interactive terminal, and a safety information interactive terminal is also only capable of binding a safety barrier.
In this case, need to perform the mutual authentication process between safety barrier and safety information interactive terminal.It is alternative for this
Scheme, in the exemplary second embodiment of safety information interaction method disclosed in this invention, the security
Information interactive terminal is mobile terminal, and the critical process of the two-way authentication is as follows:User inputs 6 bit digital password conducts
Bound secret, mobile terminal by the password be converted to 16 byte lengths binary data and with specific 16 word in mobile terminal
Section length data does XOR, and the data of generation are binding authentication confidential information, is stored in the secure storage areas of oneself concurrent
Safety barrier is sent to be preserved;When safety barrier is attached with mobile terminal again, mobile terminal uses symmetric cryptography
Algorithm 3DES, the peculiar information sent using the binding authentication confidential information encryption safe carrier(As safety barrier is right at this
Random number sent in words etc.), safety barrier is sent the result to, safety barrier is believed using the binding authentication secret of oneself storage
Breath decryption, the errorless then certification mobile terminal success of information;Mobile terminal certification safety barrier in the same way.
Therefore safety information interaction method disclosed in this invention has following advantages:Machine card can kept
Avoid safety barrier internal information maliciously to be read in the case of unauthorized in the case of separation, be so as to considerably improve
The security of system.
Although the present invention is described by above-mentioned preferred embodiment, its way of realization is not limited to
Above-mentioned embodiment.It should be realized that:In the case where not departing from spirit and scope of the present invention, those skilled in the art can be with
Different change and modifications is made to the present invention.
Claims (9)
1. a kind of safety information interaction method, the safety information interaction method comprises the following steps:
(A1)Communication link is established first between safety barrier and safety information interactive terminal;
(A2)The safety information interactive terminal performs the binding for the safety barrier based on safety barrier list of bindings
Authentication operation, and the result then operated according to the binding authentication performs related safety information interaction, wherein, institute
Stating binding authentication operation includes:(1)The safety information interactive terminal passes through the data communication inquiry with the safety barrier
The binding logo symbol of the safety barrier;(2)If it find that the safety barrier not with any safety information interactive terminal
Binding, then user is prompted to input bound secret, and the password generation inputted by predetermined computing mode based on user and the peace
The associated safety barrier identifier of full carrier, the first binding authentication confidential information, binding logo symbol and the second binding authentication machine
Confidential information;(3)New record is created in the safety barrier list of bindings, and the safety barrier identifier, first are tied up
Determine certification confidential information to be stored in the record;(4)Binding logo symbol and the second binding authentication confidential information are sent to
The safety barrier;(5)The binding logo symbol and the second binding authentication confidential information that the safety barrier storage receives,
Wherein, the binding logo symbol is the unique mark associated with specific binding relationship, and second binding is recognized
Card confidential information is associated with corresponding first binding authentication confidential information,
Wherein, solution bindings are performed as follows:
(1)Perform the authentication operation between the safety barrier and the safety information interactive terminal;(2)If certification into
Work(, then user is prompted to input the bound secret;(3)If the bound secret of user's input is correct, deletes the safety and carry
In related binding logo symbol and the second binding authentication confidential information and the deletion safety information interactive terminal in body
The safety barrier list of bindings in corresponding record,
Wherein, a safety barrier can only be tied on a safety information interactive terminal, and a safety information interaction
Terminal can bind multiple safety barriers.
2. safety information interaction method according to claim 1, it is characterised in that the step(A2)Further bag
Include:Before the binding authentication operation is performed, the legitimacy of the safety barrier is verified in the safety information interactive terminal,
And only in the case where the result is " safety barrier is legal ", binding authentication described in subsequent execution operates.
3. safety information interaction method according to claim 2, it is characterised in that in the safety barrier list of bindings
Each record include fields:Safety barrier identifier field and safety barrier confidential information field, wherein, the safety
Signal of carrier symbol field is used for the identifier for storing the safety barrier corresponding to the record, the safety barrier confidential information field
For storing the first binding authentication confidential information associated with the safety barrier.
4. safety information interaction method according to claim 3, it is characterised in that the safety barrier provides safety and deposited
Storage area domain to store binding authentication information, wherein, the binding authentication information include binding logo symbol and the second binding authentication machine
Confidential information.
5. safety information interaction method according to claim 4, it is characterised in that the step(A2)Further bag
Include:The safety information that the safety barrier is again connected to bound in it after binding authentication operation successfully completes is handed over
During mutual terminal, the safety barrier is carried out using the second binding authentication confidential information to the safety information interactive terminal
Certification, and only after allowing between the safety barrier and the safety information interactive terminal in the case of certification is successful
Continuous data communicate to perform the safety information interaction of correlation.
6. safety information interaction method according to claim 5, it is characterised in that the safety information interactive terminal
Security context can be provided, and user inputs the bound secret under the security context, and in the security context
It is lower that binding logo symbol and the second binding authentication confidential information are sent to the safety barrier.
7. a kind of security information interaction system, the security information interaction system includes safety information interactive terminal and peace
Full carrier, wherein, it is described after establishing communication link first between the safety barrier and the safety information interactive terminal
Safety information interactive terminal is operated based on binding authentication of the safety barrier list of bindings execution for the safety barrier, and with
The result operated afterwards according to the binding authentication performs related safety information interaction,
Wherein, the binding authentication operation includes:(1)The safety information interactive terminal passes through the number with the safety barrier
Accorded with according to the binding logo of safety barrier described in communication inquiry;(2)If it find that the safety barrier is not believed with any security
Interactive terminal binding is ceased, then prompts user to input bound secret, and the password inputted by predetermined computing mode based on user
The generation safety barrier identifier associated with the safety barrier, the first binding authentication confidential information, binding logo symbol and second
Binding authentication confidential information;(3)New record is created in the safety barrier list of bindings, and the safety barrier is identified
Symbol, the first binding authentication confidential information are stored in the record;(4)By binding logo symbol and the second binding authentication secret letter
Breath is sent to the safety barrier;(5)The binding logo symbol and the second binding authentication that the safety barrier storage receives
Confidential information,
Wherein, the binding logo symbol is the unique mark associated with specific binding relationship, and second binding is recognized
Card confidential information is associated with corresponding first binding authentication confidential information,
Wherein, solution bindings are performed as follows:
(1)Perform the authentication operation between the safety barrier and the safety information interactive terminal;(2)If certification into
Work(, then user is prompted to input the bound secret;(3)If the bound secret of user's input is correct, deletes the safety and carry
In related binding logo symbol and the second binding authentication confidential information and the deletion safety information interactive terminal in body
The safety barrier list of bindings in corresponding record,
Wherein, a safety barrier can only be tied on a safety information interactive terminal, and a safety information interaction
Terminal can bind multiple safety barriers.
8. a kind of safety information interactive terminal, communication chain is being established in the safety information interactive terminal first with safety barrier
The binding authentication operation for the safety barrier is performed based on safety barrier list of bindings behind road, and then according to the binding
The result of authentication operation performs related safety information interaction,
Wherein, the binding authentication operation includes:(1)The safety information interactive terminal passes through the number with the safety barrier
Accorded with according to the binding logo of safety barrier described in communication inquiry;(2)If it find that the safety barrier is not believed with any security
Interactive terminal binding is ceased, then prompts user to input bound secret, and the password inputted by predetermined computing mode based on user
The generation safety barrier identifier associated with the safety barrier, the first binding authentication confidential information, binding logo symbol and second
Binding authentication confidential information;(3)New record is created in the safety barrier list of bindings, and the safety barrier is identified
Symbol, the first binding authentication confidential information are stored in the record;(4)By binding logo symbol and the second binding authentication secret letter
Breath is sent to the safety barrier;(5)The binding logo symbol and the second binding authentication that the safety barrier storage receives
Confidential information,
Wherein, the binding logo symbol is the unique mark associated with specific binding relationship, and second binding is recognized
Card confidential information is associated with corresponding first binding authentication confidential information,
Wherein, solution bindings are performed as follows:
(1)Perform the authentication operation between the safety barrier and the safety information interactive terminal;(2)If certification into
Work(, then user is prompted to input the bound secret;(3)If the bound secret of user's input is correct, deletes the safety and carry
In related binding logo symbol and the second binding authentication confidential information and the deletion safety information interactive terminal in body
The safety barrier list of bindings in corresponding record,
Wherein, a safety barrier can only be tied on a safety information interactive terminal, and a safety information interaction
Terminal can bind multiple safety barriers.
9. a kind of safety barrier, the safety barrier is assisted after establishing communication link first between safety information interactive terminal
The safety information interactive terminal is helped to perform the binding authentication operation for the safety barrier, and then according to the binding
The result of authentication operation performs related safety information interaction,
Wherein, the binding authentication operation includes:(1)The safety information interactive terminal passes through the number with the safety barrier
Accorded with according to the binding logo of safety barrier described in communication inquiry;(2)If it find that the safety barrier is not believed with any security
Interactive terminal binding is ceased, then prompts user to input bound secret, and the password inputted by predetermined computing mode based on user
The generation safety barrier identifier associated with the safety barrier, the first binding authentication confidential information, binding logo symbol and second
Binding authentication confidential information;(3)New record is created in the safety barrier list of bindings, and the safety barrier is identified
Symbol, the first binding authentication confidential information are stored in the record;(4)By binding logo symbol and the second binding authentication secret letter
Breath is sent to the safety barrier;(5)The binding logo symbol and the second binding authentication that the safety barrier storage receives
Confidential information,
Wherein, the binding logo symbol is the unique mark associated with specific binding relationship, and second binding is recognized
Card confidential information is associated with corresponding first binding authentication confidential information,
Wherein, solution bindings are performed as follows:
(1)Perform the authentication operation between the safety barrier and the safety information interactive terminal;(2)If certification into
Work(, then user is prompted to input the bound secret;(3)If the bound secret of user's input is correct, deletes the safety and carry
In related binding logo symbol and the second binding authentication confidential information and the deletion safety information interactive terminal in body
The safety barrier list of bindings in corresponding record,
Wherein, a safety barrier can only be tied on a safety information interactive terminal, and a safety information interaction
Terminal can bind multiple safety barriers.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310222736.9A CN104243152B (en) | 2013-06-06 | 2013-06-06 | Security information interaction system, apparatus and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310222736.9A CN104243152B (en) | 2013-06-06 | 2013-06-06 | Security information interaction system, apparatus and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104243152A CN104243152A (en) | 2014-12-24 |
| CN104243152B true CN104243152B (en) | 2018-01-12 |
Family
ID=52230563
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310222736.9A Active CN104243152B (en) | 2013-06-06 | 2013-06-06 | Security information interaction system, apparatus and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104243152B (en) |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1798437A (en) * | 2004-12-28 | 2006-07-05 | 华为技术有限公司 | Method for validating security of mobile terminal in CDMA network |
| CN101330387A (en) * | 2008-07-24 | 2008-12-24 | 深圳华为通信技术有限公司 | Method for authentication of machine card, communication apparatus and authentication system |
| CN101465019A (en) * | 2009-01-14 | 2009-06-24 | 北京华大智宝电子系统有限公司 | Method and system for implementing network authentication |
| CN101610241A (en) * | 2008-06-16 | 2009-12-23 | 华为技术有限公司 | A kind of mthods, systems and devices of binding authentication |
| CN101931941A (en) * | 2010-09-26 | 2010-12-29 | 联通兴业科贸有限公司 | Method and system for authentication/binding of telecom smart card and mobile terminal |
| CN102257790A (en) * | 2009-11-26 | 2011-11-23 | 华为技术有限公司 | Method, system and device for user dial authentication |
| CN102404113A (en) * | 2010-09-08 | 2012-04-04 | 中国银联股份有限公司 | Method and system both for safety information interaction |
| CN102833067A (en) * | 2011-06-15 | 2012-12-19 | 中兴通讯股份有限公司 | Trilateral authentication method and system and authentication state management method of terminal equipment |
| CN102833068A (en) * | 2011-06-15 | 2012-12-19 | 中兴通讯股份有限公司 | Method for bidirectional authentication of terminal and smart card, protocol and smart card |
| CN102843669A (en) * | 2012-08-17 | 2012-12-26 | 中兴通讯股份有限公司 | Data access method and device |
| US8380819B2 (en) * | 2009-05-14 | 2013-02-19 | Avaya Inc. | Method to allow seamless connectivity for wireless devices in DHCP snooping/dynamic ARP inspection/IP source guard enabled unified network |
-
2013
- 2013-06-06 CN CN201310222736.9A patent/CN104243152B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1798437A (en) * | 2004-12-28 | 2006-07-05 | 华为技术有限公司 | Method for validating security of mobile terminal in CDMA network |
| CN101610241A (en) * | 2008-06-16 | 2009-12-23 | 华为技术有限公司 | A kind of mthods, systems and devices of binding authentication |
| CN101330387A (en) * | 2008-07-24 | 2008-12-24 | 深圳华为通信技术有限公司 | Method for authentication of machine card, communication apparatus and authentication system |
| CN101465019A (en) * | 2009-01-14 | 2009-06-24 | 北京华大智宝电子系统有限公司 | Method and system for implementing network authentication |
| US8380819B2 (en) * | 2009-05-14 | 2013-02-19 | Avaya Inc. | Method to allow seamless connectivity for wireless devices in DHCP snooping/dynamic ARP inspection/IP source guard enabled unified network |
| CN102257790A (en) * | 2009-11-26 | 2011-11-23 | 华为技术有限公司 | Method, system and device for user dial authentication |
| CN102404113A (en) * | 2010-09-08 | 2012-04-04 | 中国银联股份有限公司 | Method and system both for safety information interaction |
| CN101931941A (en) * | 2010-09-26 | 2010-12-29 | 联通兴业科贸有限公司 | Method and system for authentication/binding of telecom smart card and mobile terminal |
| CN102833067A (en) * | 2011-06-15 | 2012-12-19 | 中兴通讯股份有限公司 | Trilateral authentication method and system and authentication state management method of terminal equipment |
| CN102833068A (en) * | 2011-06-15 | 2012-12-19 | 中兴通讯股份有限公司 | Method for bidirectional authentication of terminal and smart card, protocol and smart card |
| CN102843669A (en) * | 2012-08-17 | 2012-12-26 | 中兴通讯股份有限公司 | Data access method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104243152A (en) | 2014-12-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10135614B2 (en) | Integrated contactless MPOS implementation | |
| JP5959410B2 (en) | Payment method, payment server for executing the method, program for executing the method, and system for executing the same | |
| EP3794491A1 (en) | Systems, methods, and devices for secure blockchain transaction and subnetworks | |
| CN101448001B (en) | System for realizing WAP mobile banking transaction security control and method thereof | |
| US10791106B2 (en) | Digital credential with embedded authentication instructions | |
| CN106789018A (en) | Secret key remote acquisition methods and device | |
| RU2560810C2 (en) | Method and system for protecting information from unauthorised use (versions thereof) | |
| CN107784499B (en) | Secure payment system and method of near field communication mobile terminal | |
| US20200342459A1 (en) | Trusted customer identity systems and methods | |
| CN107423964A (en) | A kind of online payment method, apparatus and system | |
| CN102930435A (en) | Authentication method and system for mobile payment | |
| CN106936774A (en) | Authentication method and system in credible performing environment | |
| CN102202300A (en) | System and method for dynamic password authentication based on dual channels | |
| CN101399666A (en) | Safety control method and system for digital certificate of file | |
| CN106845304A (en) | A kind of method and system for realizing reader and smart-tag authentication in rfid system | |
| CN111131416A (en) | Business service providing method and device, storage medium and electronic device | |
| Alpár et al. | Using NFC phones for proving credentials | |
| CN104683109A (en) | RFID authentication system and authentication method based on position privacy cloud | |
| US20200244457A1 (en) | Blockchain intelligent security implementation | |
| CN110278180A (en) | Exchange method, device, equipment and the storage medium of Financial Information | |
| CN109711824A (en) | Resource transfers method, apparatus, computer equipment and storage medium | |
| CN105682092B (en) | Bidirectional authentication method based on short-distance wireless communication technology | |
| CN102693478A (en) | Trading method of bid security during bidding procedure and system thereof | |
| CA3239475A1 (en) | Key recovery based on contactless card authentication | |
| CN114143312A (en) | Block chain-based edge computing terminal authentication method, system and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |