CN104574176A - USBKEY-based secure online tax declaration method - Google Patents
USBKEY-based secure online tax declaration method Download PDFInfo
- Publication number
- CN104574176A CN104574176A CN201510017514.2A CN201510017514A CN104574176A CN 104574176 A CN104574176 A CN 104574176A CN 201510017514 A CN201510017514 A CN 201510017514A CN 104574176 A CN104574176 A CN 104574176A
- Authority
- CN
- China
- Prior art keywords
- usbkey
- taxpayer
- user
- data
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 20
- 238000012795 verification Methods 0.000 claims abstract description 4
- 230000029305 taxis Effects 0.000 claims description 7
- 238000012550 audit Methods 0.000 claims description 3
- 238000007726 management method Methods 0.000 claims description 3
- 230000035945 sensitivity Effects 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 abstract 1
- 238000005516 engineering process Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000001629 sign test Methods 0.000 description 1
Abstract
The invention discloses a safe online tax declaration method based on USBKEY, which comprises the following steps: the taxpayer applies for online tax return USBKEY, and the tax office worker issues a digital certificate with taxpayer information, makes a certificate to the USBKEY and issues the certificate to the taxpayer; inserting USBKEY by the taxpayer to obtain a ciphertext user login token, and simultaneously encrypting the session key by using the application portal service public key to generate a digital envelope; the signature authentication server provides corresponding tax declaring services; the user fills in corresponding declaration data and uses USBKEY to carry out digital signature; and after the application server passes the verification, completing the corresponding tax declaring service. The invention solves the identity authentication of the online tax declarers through USBKEY dual-factor authentication, can automatically eject the tax declaring website to effectively prevent the phishing website by setting the online tax declaring website, prevents information tampering in the transmission process by signing the information abstract of the online tax declaring data, encrypts important data to prevent information leakage, and well solves the information security problem of online tax declarations.
Description
Technical field
The present invention relates to Online Taxation technical field, specifically a kind of safe web-based registration method based on USBKEY.
Background technology
Along with development that is information-based and E-Government, revenue department of China has adopted advanced computer and network technologies, is launched gradually by the work in every such as routine office work, tax declaration, directly spent again working procedure on network; Do tax on the net and also become the tax declaration mode that numerous taxpayers more and more like employing.Relate to taxpayer/enterprise-essential information owing to doing tax on the net, the sensitive informations such as state revenue and expenditure tax revenue, therefore it has strict requirement to information security.
Based on PKI technology USBKEY digital certificate authentication with encryption be the novel authentication and encryption device that grew up in recent years.USBKEY is a kind of hardware device of USB interface, and its built-in intelligence the core of the card sheet, has certain memory space, can store private key and the digital certificate of user.In public/private key cryptographic system, USBKEY is as crypto key memory, and signature private key is produced by hardware and is kept at USBKEY inside, can only use and can not derive.Himself hardware interface determines the DLL (dynamic link library) visit data that user can only be provided by manufacturer, the built-in CPU of USBKEY, the data that it will be encrypted are imported KEY inside into and are carried out computing, fundamentally ensure that the data of encryption are not distorted by people by the isolation of hardware.
USBKEY with digital certificate is applied to and does tax business on the net, the confidentiality of web-based registration business datum, integrality and non-repudiation can be solved well, safeguard the interests of taxpayer/enterprise and revenue department, at taxpayer/build between enterprise and revenue department reliable network trust mechanism and security assurance information.But also do not have desirable way to be applied to by the USBKEY with digital certificate at present and do tax business on the net.
Summary of the invention
Technical assignment of the present invention is to provide a kind of safe web-based registration method based on USBKEY.
Technical assignment of the present invention realizes in the following manner, and this web-based registration method step is as follows:
1) taxpayer makes a report on taxpayer's information applications web-based registration USBKEY by network or to tax office hall of paying taxes;
2) tax office staff audits taxpayer's information, signs and issues the digital certificate with taxpayer's information, and accreditation, to USBKEY, is handed down to taxpayer; After taxpayer takes the USBKEY with digital certificate, USBKEY management tool is installed, website of correctly declaring dutiable goods is set;
3) taxpayer plugs USBKEY, input correct USBKEY in the relevant position, website of declaring dutiable goods of automatic spring and verify password, after password authentication passes through, user profile session key is encrypted by website, obtain ciphertext user and log in token, adopt application portal service PKI that session key is produced digital envelope simultaneously;
4), after signature authentication server receives taxpayer's solicited message, decipher and verify the validity of taxpayer's information and digital certificate, for user provides business of declaring dutiable goods accordingly after being verified;
5) user makes a report on corresponding declaration data, to the advanced row hash operations of data during submission, then carries out digital signature with user's signature private key in USBKEY to hash data; Sensitivity, significant data and taxpayer's user certificate are encrypted simultaneously, adopt application portal service PKI that session key is produced digital envelope simultaneously;
6) application server first carries out certifying signature to corresponding data signature verification service device after receiving data, after being verified, then enciphered data is carried out data deciphering by encryption server, completes business of declaring dutiable goods accordingly;
7) if the user that pays taxes exceedes certain hour when not accessing this service, User Status is set to ' stopping ', needs repetition 3 afterwards)-6) step logged in business of declaring dutiable goods accordingly again.
In described step 3), user profile is user certificate, the USBKEY term of validity, User Status, customer digital certificate, taxpayer's essential information.
In described step 3), session key adopts SSF33, SM1 or SM4 algorithm for encryption.
A kind of safe web-based registration method based on USBKEY of the present invention compared to the prior art, the authentication of web-based registration people is solved by USBKEY double factor authentication, effectively fishing website can be taken precautions against from bullet website of declaring dutiable goods by arranging web-based registration network address, prevent information in transmitting procedure from distorting to signature after net report data message summary, significant data is encrypted and prevents information leakage, solve the information security issue of web-based registration well.
Accompanying drawing explanation
Accompanying drawing 1 is a kind of illustraton of model of the safe web-based registration method based on USBKEY.
Accompanying drawing 2 is a kind of flow chart of the safe web-based registration method based on USBKEY.
Embodiment
Embodiment 1:
This web-based registration method step is as follows:
1) taxpayer makes a report on taxpayer's information applications web-based registration USBKEY by network or to tax office hall of paying taxes;
2) tax office staff audits taxpayer's information, signs and issues the digital certificate with taxpayer's information, and accreditation, to USBKEY, is handed down to taxpayer; After taxpayer takes the USBKEY with digital certificate, USBKEY management tool is installed, website of correctly declaring dutiable goods is set;
3) taxpayer plugs USBKEY, and input correct USBKEY in the relevant position, website of declaring dutiable goods of automatic spring and verify password, after password authentication passes through, user profile session key is encrypted by website, and session key adopts SSF33, SM1 or SM4 algorithm for encryption; Family information is user certificate, the USBKEY term of validity, User Status, customer digital certificate, taxpayer's essential information; Obtain ciphertext user and log in token, adopt application portal service PKI session key to be produced digital envelope, signature algorithm SM2 algorithm for encryption simultaneously;
4), after signature authentication server receives taxpayer's solicited message, decipher and verify the validity of taxpayer's information and digital certificate, for user provides business of declaring dutiable goods accordingly after being verified;
5) user makes a report on corresponding declaration data, and to the advanced row hash operations of data during submission, the close algorithm of hashing algorithm SM3 state, then carries out digital signature with user's signature private key in USBKEY to hash data, and signature algorithm adopts the close algorithm of SM2 state; Sensitivity, significant data and taxpayer's user certificate are encrypted simultaneously, encryption method session key, the encryption of employing SSF33, SM1 scheduling algorithm, adopt application portal service PKI session key to be produced digital envelope, signature algorithm SM2 algorithm for encryption simultaneously;
6) application server first carries out certifying signature to corresponding data signature verification service device after receiving data, after being verified, then enciphered data is carried out data deciphering by encryption server, completes business of declaring dutiable goods accordingly;
7) if the user that pays taxes exceedes certain hour when not accessing this service, User Status is set to ' stopping ', needs repetition 3 afterwards)-6) step logged in business of declaring dutiable goods accordingly again.
Said method comprises following function:
1) authentication:
The digital certificate signed and issued based on third party CA and hardware USBKEY, adopt encryption and the digital signature technology of high strength.Identity authorization system is divided into client and server end two parts, and server end is configured with the digital certificate for showing plateform system server identity; Client needs taxpayer to use USBKEY with digital certificate, and can realize seamless combination with browser.
2) secure communication
Between taxpayer's client and Internet taxpaying system server, each communication all first will carry out authentication, then by Digital Envelope Technology, realizes the confidentiality and integrity that user communicates to server end.
3) flow process safety of declaring dutiable goods is ensured
When submitting the files such as tax form in taxpayer's client, use taxpayer is exchanged certificate and responsive, critical data are encrypted, and use the signing certificate of oneself to sign.File of paying taxes after ciphering signature is submitted to Internet taxpaying system, and net reporting system carries out signature sign test to data and is decrypted, and the data file after deciphering is submitted to background system, has ensured the confidentiality of flow process of declaring dutiable goods, integrality and non repudiation.
By embodiment above, described those skilled in the art can be easy to realize the present invention.But should be appreciated that the present invention is not limited to above-mentioned several embodiments.On the basis of disclosed execution mode, described those skilled in the art can the different technical characteristic of combination in any, thus realizes different technical schemes.
Claims (3)
1. based on a safe web-based registration method of USBKEY, it is characterized in that, this web-based registration method step is as follows:
1) taxpayer makes a report on taxpayer's information applications web-based registration USBKEY by network or to tax office hall of paying taxes;
2) tax office staff audits taxpayer's information, signs and issues the digital certificate with taxpayer's information, and accreditation, to USBKEY, is handed down to taxpayer; After taxpayer takes the USBKEY with digital certificate, USBKEY management tool is installed, website of correctly declaring dutiable goods is set;
3) taxpayer plugs USBKEY, input correct USBKEY in the relevant position, website of declaring dutiable goods of automatic spring and verify password, after password authentication passes through, user profile session key is encrypted by website, obtain ciphertext user and log in token, adopt application portal service PKI that session key is produced digital envelope simultaneously;
4), after signature authentication server receives taxpayer's solicited message, decipher and verify the validity of taxpayer's information and digital certificate, for user provides business of declaring dutiable goods accordingly after being verified;
5) user makes a report on corresponding declaration data, to the advanced row hash operations of data during submission, then carries out digital signature with user's signature private key in USBKEY to hash data; Sensitivity, significant data and taxpayer's user certificate are encrypted simultaneously, adopt application portal service PKI that session key is produced digital envelope simultaneously;
6) application server first carries out certifying signature to corresponding data signature verification service device after receiving data, after being verified, then enciphered data is carried out data deciphering by encryption server, completes business of declaring dutiable goods accordingly;
7) if the user that pays taxes exceedes certain hour when not accessing this service, User Status is set to ' stopping ', needs repetition 3 afterwards)-6) step logged in business of declaring dutiable goods accordingly again.
2. a kind of safe web-based registration method based on USBKEY according to claim 1, it is characterized in that, in described step 3), user profile is user certificate, the USBKEY term of validity, User Status, customer digital certificate, taxpayer's essential information.
3. a kind of safe web-based registration method based on USBKEY according to claim 1, is characterized in that, in described step 3), session key adopts SSF33, SM1 or SM4 algorithm for encryption.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510017514.2A CN104574176A (en) | 2015-01-14 | 2015-01-14 | USBKEY-based secure online tax declaration method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510017514.2A CN104574176A (en) | 2015-01-14 | 2015-01-14 | USBKEY-based secure online tax declaration method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104574176A true CN104574176A (en) | 2015-04-29 |
Family
ID=53090170
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510017514.2A Pending CN104574176A (en) | 2015-01-14 | 2015-01-14 | USBKEY-based secure online tax declaration method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104574176A (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106204259A (en) * | 2016-07-25 | 2016-12-07 | 贝才禾兑网络科技南京有限公司 | A kind of method of automatization based on browser taxation declaration |
| CN106302675A (en) * | 2016-08-08 | 2017-01-04 | 浪潮软件集团有限公司 | Method for collecting tax information and synchronizing with tax system |
| CN107784573A (en) * | 2017-10-26 | 2018-03-09 | 海闻科技有限公司 | A kind of tax administration platform service system |
| CN108989278A (en) * | 2017-05-30 | 2018-12-11 | 三星Sds株式会社 | Identification service system and method |
| CN109561075A (en) * | 2018-11-02 | 2019-04-02 | 王亚萍 | A kind of enterprise does tax safe passageway system |
| CN110868443A (en) * | 2019-07-05 | 2020-03-06 | 方欣科技有限公司 | Block chain-based core levee data decoupling method and device |
| CN110990820A (en) * | 2019-12-04 | 2020-04-10 | 爱信诺征信有限公司 | Tax disk authorization method and device, electronic equipment and storage medium |
| CN111210287A (en) * | 2019-12-26 | 2020-05-29 | 大象慧云信息技术有限公司 | Tax UKey-based invoicing method and system |
| CN111210194A (en) * | 2019-12-26 | 2020-05-29 | 大象慧云信息技术有限公司 | Business support system and method special for enterprise tax system |
| CN111241605A (en) * | 2019-12-31 | 2020-06-05 | 航天信息股份有限公司 | Safety storage device and method based on tax digital certificate |
| CN111651745A (en) * | 2020-05-12 | 2020-09-11 | 长春吉大正元信息技术股份有限公司 | Application authorization signature method based on password equipment |
| CN112381634A (en) * | 2020-11-20 | 2021-02-19 | 湖南智慧政务区块链科技有限公司 | Tax statistics and settlement method, device, equipment and storage medium |
| CN112468506A (en) * | 2016-03-23 | 2021-03-09 | 创新先进技术有限公司 | Method and device for realizing acquisition and issuing of electronic certificate |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10224A (en) * | 1853-11-15 | Supplemental valve to the equilibrium-pipe of the cornish engine | ||
| CN102103777A (en) * | 2009-12-21 | 2011-06-22 | 航天信息股份有限公司 | Network tax declaration system and tax declaration method thereof for fiscal cash register |
| CN102244575A (en) * | 2010-05-10 | 2011-11-16 | 航天信息股份有限公司 | Secure transmission system and method for online tax filling data of value-added tax |
-
2015
- 2015-01-14 CN CN201510017514.2A patent/CN104574176A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10224A (en) * | 1853-11-15 | Supplemental valve to the equilibrium-pipe of the cornish engine | ||
| CN102103777A (en) * | 2009-12-21 | 2011-06-22 | 航天信息股份有限公司 | Network tax declaration system and tax declaration method thereof for fiscal cash register |
| CN102244575A (en) * | 2010-05-10 | 2011-11-16 | 航天信息股份有限公司 | Secure transmission system and method for online tax filling data of value-added tax |
Non-Patent Citations (1)
| Title |
|---|
| 王媛: "基于PKI的网上报税系统安全模块的研究与实现", 《中国优秀硕士学位论文全文数据库(信息科技辑)》 * |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112468506A (en) * | 2016-03-23 | 2021-03-09 | 创新先进技术有限公司 | Method and device for realizing acquisition and issuing of electronic certificate |
| CN112468506B (en) * | 2016-03-23 | 2023-08-01 | 创新先进技术有限公司 | Method and device for obtaining and issuing electronic certificate |
| CN106204259A (en) * | 2016-07-25 | 2016-12-07 | 贝才禾兑网络科技南京有限公司 | A kind of method of automatization based on browser taxation declaration |
| CN106302675A (en) * | 2016-08-08 | 2017-01-04 | 浪潮软件集团有限公司 | Method for collecting tax information and synchronizing with tax system |
| CN108989278A (en) * | 2017-05-30 | 2018-12-11 | 三星Sds株式会社 | Identification service system and method |
| CN107784573A (en) * | 2017-10-26 | 2018-03-09 | 海闻科技有限公司 | A kind of tax administration platform service system |
| CN109561075A (en) * | 2018-11-02 | 2019-04-02 | 王亚萍 | A kind of enterprise does tax safe passageway system |
| CN109561075B (en) * | 2018-11-02 | 2021-07-13 | 青岛微智慧信息有限公司 | Enterprise tax handling safety channel system |
| CN110868443A (en) * | 2019-07-05 | 2020-03-06 | 方欣科技有限公司 | Block chain-based core levee data decoupling method and device |
| CN110990820A (en) * | 2019-12-04 | 2020-04-10 | 爱信诺征信有限公司 | Tax disk authorization method and device, electronic equipment and storage medium |
| CN110990820B (en) * | 2019-12-04 | 2022-03-29 | 爱信诺征信有限公司 | Tax disk authorization method and device, electronic equipment and storage medium |
| CN111210287A (en) * | 2019-12-26 | 2020-05-29 | 大象慧云信息技术有限公司 | Tax UKey-based invoicing method and system |
| CN111210194A (en) * | 2019-12-26 | 2020-05-29 | 大象慧云信息技术有限公司 | Business support system and method special for enterprise tax system |
| CN111241605A (en) * | 2019-12-31 | 2020-06-05 | 航天信息股份有限公司 | Safety storage device and method based on tax digital certificate |
| CN111651745A (en) * | 2020-05-12 | 2020-09-11 | 长春吉大正元信息技术股份有限公司 | Application authorization signature method based on password equipment |
| CN111651745B (en) * | 2020-05-12 | 2023-06-30 | 长春吉大正元信息技术股份有限公司 | Application authorization signature method based on password equipment |
| CN112381634A (en) * | 2020-11-20 | 2021-02-19 | 湖南智慧政务区块链科技有限公司 | Tax statistics and settlement method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104574176A (en) | USBKEY-based secure online tax declaration method | |
| US11470054B2 (en) | Key rotation techniques | |
| US11924358B2 (en) | Method for issuing digital certificate, digital certificate issuing center, and medium | |
| US10848492B2 (en) | Certificate system for verifying authorized and unauthorized secure sessions | |
| EP3585032B1 (en) | Data security service | |
| JP6329970B2 (en) | Policy enforcement with relevant data | |
| CN103685282B (en) | A kind of identity identifying method based on single-sign-on | |
| CN109547445B (en) | Method and system for verifying legality of network request of client | |
| US10361852B2 (en) | Secure verification system | |
| EP2905925B1 (en) | System and method for remote access, Remote digital signature | |
| US9300639B1 (en) | Device coordination | |
| US10432595B2 (en) | Secure session creation system utililizing multiple keys | |
| JP6678457B2 (en) | Data security services | |
| CN102377788B (en) | Single sign-on (SSO) system and single sign-on (SSO) method | |
| CN103051453A (en) | Digital certificate-based mobile terminal network security trading system and digital certificate-based mobile terminal network security trading method | |
| CN103856478A (en) | Certificate signing and issuing method of trusted network, attestation method of trusted network and corresponding devices | |
| US10374808B2 (en) | Verification system for creating a secure link | |
| CN104394172A (en) | Single sign-on device and method | |
| CN106796630A (en) | User authentication | |
| CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
| CN103929743A (en) | Method for encrypting transmission data of intelligent mobile terminal | |
| Oliveira | Dynamic QR codes for Ticketing Systems | |
| CN116401638A (en) | Single sign-on method, device, equipment and storage medium | |
| CN114448707A (en) | Data transmission method based on supply chain finance | |
| JP2011119952A (en) | Apparatus for verification of communication data, and computer program for the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150429 |