CN104252591A - Authorization and information encrypted communication method based on USBKey - Google Patents
Authorization and information encrypted communication method based on USBKey Download PDFInfo
- Publication number
- CN104252591A CN104252591A CN201410485817.2A CN201410485817A CN104252591A CN 104252591 A CN104252591 A CN 104252591A CN 201410485817 A CN201410485817 A CN 201410485817A CN 104252591 A CN104252591 A CN 104252591A
- Authority
- CN
- China
- Prior art keywords
- client software
- usb key
- account
- private client
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a user authorization and information encrypted communication method by adopting a USBKey and special client software. In the conventional information inquiry service system, to verify the service user account and inquiry limits, users are required to provide information including account and password in sending the inquiry request. In this way, once someone knows the account and the password, he/she can pretend to be the user to send the request to inquire the data, thus safety and benefits of the user fail to be protected. The user authorization and information encryption communication method by adopting the USBKey and the special client software has the advantages that safety of the user account is guaranteed, and communication safety is ensured.
Description
Technical field
The present invention relates to a kind of USB of use Key and private client software and carry out the method that subscriber authorisation communicates with information encryption, belong to field of information security technology.
Background technology
Now in a lot of information inquiry service system, in order to service for checking credentials user account and search access right, capital requires that user provides the information such as account, password when initiating inquiry request, but the problem of this checking is, as long as know that account, encrypted message just can pretend this user and initiate request usage data inquiry service, safety and the rights and interests of user can not be guaranteed.
In order to address this problem, use authority equipment on subscriber computer, such as USB Key(key), store account and encrypted message in USB Key, can not revise and forge.Also need to install on the user computer a special client software, this client software not only will read account and encrypted message in USB Key, also will be responsible for being encrypted communication work with inquiry service.Namely can ensure the safety of user account in this way, the safety communicated can also be ensured.
Summary of the invention
The present invention relates to a kind of USB of use Key and private client software and carry out the method that subscriber authorisation communicates with information encryption.Comprising: 1, hardware device USB Key.2, private client software.3, data encryption.
Below will specifically describe main realization of the present invention:
1. on the user computer USB Key device driver (being provided by USB Key producer) is installed;
2. insert USB Key equipment on the user computer;
3. on the user computer private client software is installed;
4. subscriber computer initiates inquiry request, and solicited message sends to private client software, can adopt Socket communication mode;
5. first private client software attempted reading USB Key equipment, if read unsuccessfully, prompting USB Key reads unsuccessfully, and prompting user inserts USB Key equipment, otherwise this client software will read account and encrypted message from USB Key equipment;
6., after private client software successfully reads account and encrypted message, account, password after the encryption of usage data cryptographic algorithm, are sent to information inquiry service system together with solicited message, waiting system feedback;
7. data encryption can adopt comparative maturity and widely used AES encryption algorithm now;
8. the solicited message that information inquiry service system sends according to private client software, carries out the deciphering of data;
9. information inquiry service system is verified the account obtained after deciphering and encrypted message, and whether the checking account obtains the authorization;
10. if the verification passes, Query Result can be issued private client software according to the condition query data in request by information inquiry service system, if checking not by; will verify that the information do not passed through issues private client software;
Query Result is transmitted to subscriber computer by 11. private client softwares.
Accompanying drawing explanation
Fig. 1 is process flow diagram of the present invention.
Embodiment
Below by specific embodiment, the invention will be further described.
1) suppose that certain information service company A externally provides certain industry sales data to serve, certain company B, in order to strengthen industrial competition, thinks that the sales data of use company A does statistical study.
2) USB Key, USB Key driving and private client software are given company B by company A.
3) company A provides by company B technician USB Key, USB Key drive and the installations of private client software.
4) company B technician develops program S(hereinafter referred to as program S), program S adopts Socket communication mode and private client software to carry out data communication, program S sends inquiry request to private client software, requires the industry sales data of inquiry last year.
5) after the inquiry request condition of program S received by private client software, first read the account stored in USB Key and encrypted message, if read unsuccessful, can point out " USB Key reads unsuccessfully ", if read successfully, after the request condition of program S, account and password together being encrypted (adopting AES enciphering and deciphering algorithm), issue the server of company A.
6) after the server of company A receives request, first decoding request data (adopting AES enciphering and deciphering algorithm).
7) server of company A is verified the account obtained after deciphering and encrypted message, and whether the checking account obtains the authorization.If the verification passes then according to inquiry request condition, result is also returned to private client software by data query result.If checking is not passed through, information " your account is not obtained the authorization " is issued private client software.
8) Query Result is transmitted to program S by private client software.
In addition to the implementation, the present invention can also have other embodiments, and all employings are equal to the technical scheme of replacement or equivalent transformation formation, all drop in the protection domain of application claims.
Claims (1)
1., based on the method that USB Key communicates with information encryption with private client software simulating subscriber authorisation, it is characterized in that, comprise the following steps:
1) USB Key device driver is installed on the user computer (by USB Key
Producer provides);
2) USB Key equipment is inserted on the user computer;
3) on the user computer private client software is installed;
4) subscriber computer initiates inquiry request, and solicited message sends to private client software,
Socket communication mode can be adopted;
5) first private client software attempted reading USB Key equipment, if read unsuccessfully
Then point out USB Key to read unsuccessfully, prompting user inserts USB Key equipment, otherwise this client software will read account and encrypted message from USB Key equipment;
6) after private client software successfully reads account and encrypted message, by account, close
Code after the encryption of usage data cryptographic algorithm, sends to information inquiry service system together with solicited message, and waiting system feeds back;
7) data encryption can adopt comparative maturity and widely used AES encryption algorithm now;
8) solicited message that information inquiry service system sends according to private client software, enters
The deciphering of row data;
9) information inquiry service system is verified the account obtained after deciphering and encrypted message,
Whether the checking account obtains the authorization;
10) if the verification passes, information inquiry service system can according to the condition query in request
Query Result is also issued private client software by data, if checking is not passed through, will verify that the information do not passed through issues private client software;
11) Query Result is transmitted to subscriber computer by private client software.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410485817.2A CN104252591A (en) | 2014-09-23 | 2014-09-23 | Authorization and information encrypted communication method based on USBKey |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410485817.2A CN104252591A (en) | 2014-09-23 | 2014-09-23 | Authorization and information encrypted communication method based on USBKey |
Publications (1)
Publication Number | Publication Date |
---|---|
CN104252591A true CN104252591A (en) | 2014-12-31 |
Family
ID=52187477
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410485817.2A Pending CN104252591A (en) | 2014-09-23 | 2014-09-23 | Authorization and information encrypted communication method based on USBKey |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104252591A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104809823A (en) * | 2015-03-13 | 2015-07-29 | 东方通信股份有限公司 | ATM (Automatic Teller Machine) encryption authorization hub and method |
CN105072107A (en) * | 2015-08-03 | 2015-11-18 | 四川效率源信息安全技术有限责任公司 | System and method for enhancing data transmission and storage security |
CN109766685A (en) * | 2019-01-21 | 2019-05-17 | 安徽养和医疗器械设备有限公司 | A kind of hardware digital authorization module and its authorization method realized by USB interface |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101252437A (en) * | 2008-01-15 | 2008-08-27 | 深圳市九思泰达技术有限公司 | Dynamic verification method, system and apparatus of client terminal identification under C/S architecture |
CN101441695A (en) * | 2008-12-30 | 2009-05-27 | 中国工商银行股份有限公司 | USBKey safe protection method |
-
2014
- 2014-09-23 CN CN201410485817.2A patent/CN104252591A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101252437A (en) * | 2008-01-15 | 2008-08-27 | 深圳市九思泰达技术有限公司 | Dynamic verification method, system and apparatus of client terminal identification under C/S architecture |
CN101441695A (en) * | 2008-12-30 | 2009-05-27 | 中国工商银行股份有限公司 | USBKey safe protection method |
Non-Patent Citations (1)
Title |
---|
中国工商银行: "U盾工具使用说明", 《客户证书安装使用手册》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104809823A (en) * | 2015-03-13 | 2015-07-29 | 东方通信股份有限公司 | ATM (Automatic Teller Machine) encryption authorization hub and method |
CN105072107A (en) * | 2015-08-03 | 2015-11-18 | 四川效率源信息安全技术有限责任公司 | System and method for enhancing data transmission and storage security |
CN109766685A (en) * | 2019-01-21 | 2019-05-17 | 安徽养和医疗器械设备有限公司 | A kind of hardware digital authorization module and its authorization method realized by USB interface |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106656488B (en) | Key downloading method and device for POS terminal | |
CN108376211B (en) | Software authorization management method, server and system | |
WO2013188599A4 (en) | Securely communicating between a card reader and a mobile device | |
JP6911122B2 (en) | Permission method and system to acquire terminal attack warning message log | |
CN103684766A (en) | Private key protection method and system for terminal user | |
WO2008026060B1 (en) | Method, system and device for synchronizing between server and mobile device | |
CN103701757A (en) | Identity authentication method and system for service access | |
CN108667784B (en) | System and method for protecting internet identity card verification information | |
CN104811303B (en) | The method, apparatus and system of two-way authentication | |
CN103560892A (en) | Secret key generation method and secret key generation device | |
CN104125239B (en) | A kind of method for network authorization transmitted based on data link encryption and system | |
CN104469736A (en) | Data processing method, server and terminal | |
CN104252591A (en) | Authorization and information encrypted communication method based on USBKey | |
CN103592927A (en) | Method for binding product server and service function through license | |
CN108234126B (en) | System and method for remote account opening | |
KR101206854B1 (en) | Authentication system and method based by unique identifier | |
CN107395600B (en) | Service data verification method, service platform and mobile terminal | |
KR101388935B1 (en) | Two channel based user authentication apparatus and method | |
JP6760631B1 (en) | Authentication request system and authentication request method | |
CN104506509A (en) | Multifunctional security authentication terminal and authentication method based on terminal | |
CN106712952B (en) | Radio frequency tag security identification method and system | |
KR102053993B1 (en) | Method for Authenticating by using Certificate | |
EP3396581B1 (en) | Mobile-based equipment service system using encrypted code offloading | |
CN103281188A (en) | Method and system for backing up private key in electronic signature token | |
CN105072136A (en) | Method and system for security authentication between devices based on virtual drive |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20141231 |