CN104579663A - Method for limiting validity of digital certificate - Google Patents
Method for limiting validity of digital certificate Download PDFInfo
- Publication number
- CN104579663A CN104579663A CN201310507583.2A CN201310507583A CN104579663A CN 104579663 A CN104579663 A CN 104579663A CN 201310507583 A CN201310507583 A CN 201310507583A CN 104579663 A CN104579663 A CN 104579663A
- Authority
- CN
- China
- Prior art keywords
- digital certificate
- signature
- data part
- application
- field
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention provides a method for limiting validity of a digital certificate. The method comprises the steps of attaching an application data part after a certification signature at the end of a file of the digital certificate, performing digital signature on body data part of the digital certificate, the certification signature and the application data part to obtain an application signature, and attaching the application signature after the application data part, wherein the application data part comprises an application condition field.
Description
Technical field
The present invention relates to digital certificate, particularly relating to the method for the validity for limiting digital certificate.
Background technology
At present, in fields such as administrative notice, administrative services, administrative permission examination & approval, qualification certifications, be applied as master still with papery voucher.The application process of papery voucher is complicated, make efficiency is low, data sharing is difficult, management cost is high, is difficult to meet modern service demand that is simple, quick, that share.By credential information, use digital certificate (also known as electronic certificate) replace papery voucher, can enhance administrative efficiency, realize data transmit fast and share.Such as papery voucher circulates between each unit to be needed manually in person to transmit, and digital certificate directly can be transmitted by network, substantially increases efficiency.
While offering convenience property, how to ensure that the validity of digital certificate is most important.Because digital certificate easily carries out copying and destroying thus falsely used and abuse in intermediate links, therefore must have the ability to differentiate the validity of digital certificate in applying unit.
As shown in Figure 1, digital certificate mainly issues unit at digital certificate, digital certificate holds unit and circulate between this three classes unit of digital certificate applying unit.First, digital certificate is presented to " digital certificate holds unit B " by " digital certificate issues unit A ".The circulation of this process is single and controlled safely.Then, digital certificate is held unit B and is handled affairs with this digital certificate to many digital certificate applying unit C1-C3.Because same digital certificate can have a lot of working purposes, therefore, same digital certificate will circulate multiple applying unit.How to ensure that holding the safe and reliable of digital certificate circulated between unit and applying unit is not abused, most crucial.
Be " new high-tech enterprise's certificate " (hereinafter referred to as high enterprise certificate) for digital certificate.The Shanghai City State Scientific and Technological Commission (digital certificate issues unit A) makes " high enterprise certificate " (digital certificate), and is presented to a new high-tech enterprise (digital certificate holds unit B).This new high-tech enterprise uses this certificate can do different things by Qu Duojia unit, such as go to the tax bureau (digital certificate applying unit C1) that refund matters may be handled, go to industrial and commercial bureau (digital certificate applying unit C2) that enterprise's examination matters may be carried out, go house property medium (digital certificate applying unit C3) that high enterprise certificate may be utilized to obtain the matters that reduce rents of somewhere office building.Height is looked forward to certificate and is adopted network to send or use the mode of USB flash disk to allow office worker go to working unit to handle dependencies by enterprise often, even likely allows agency help and handles affairs.Therefore, how to limit the right of digital certificate in office worker's hand or in agency's hand, such as limit useful life and be three days, limit and can only be used for doing corresponding thing thus separately doing it with most important after preventing office worker or agency from copying voucher.
Therefore, this area needs a kind of method of the validity for limiting digital certificate badly to prevent falsely using and abusing of digital certificate.
Summary of the invention
Below provide the brief overview of one or more aspect to provide the basic comprehension to these aspects.Detailed the combining of this not all aspect contemplated of general introduction is look at, and both not intended to be pointed out out the scope of key or decisive any or all aspect of elements nor delineate of all aspects.Its unique object is the sequence that some concepts that will provide one or more aspect in simplified form think the more detailed description provided after a while.
According to an aspect of the present invention, providing a kind of method of the validity for limiting digital certificate, comprising: attached application data part after the signature of issuing licence of the end of file of this digital certificate, this application data part comprises application conditions field; To the ontology data part of this digital certificate, this issue licence signature and this application data part combine digital signature to obtain application signature; And after this application data part this application signature attached.
In one example, the method also comprises: use unique keys to be encrypted this issue licence signature and this application data part, and wherein this combine digital signature obtains this ontology data part of this digital certificate and encrypted signature and the application data part combine digital signature calculation of issuing licence.
In one example, this ontology data part of this digital certificate comprises dispersion factor field, and the method also comprises: use the dispersion factor in this dispersion factor field and this unique keys of female secret generating.
In one example, this application conditions field comprises operating period field.
According to a further aspect in the invention, providing a kind of method of the validity for limiting digital certificate, comprising: checking is performed to the application signature of the end of file of this digital certificate; If be proved to be successful, then the application data part be positioned at from this digital certificate before this application signature reads application conditions field; If this application conditions field does not meet predetermined condition, then this digital certificate is invalid; And if this application conditions field conforms to a predetermined condition, then checking is performed to the signature of issuing licence before being positioned at this application data part in this digital certificate.
In one example, the ontology data part be positioned in this digital certificate before this signature of issuing licence comprises file size field, and the method also comprises: the file size reading this digital certificate from this file length field; The actual file length of institute's file reading length and this digital certificate is compared; If etc., then do not perform the step of this application signature checking; If equal, then directly perform the step of this signature verification of issuing licence.
In one example, the method also comprises: if this application signature is proved to be successful, unique keys is then used to be decrypted the application data part be positioned in this digital certificate before this application signature and the signature of issuing licence be positioned at before this application data part, wherein, this reading application conditions field reads this application conditions field from the application data part after deciphering, and this signature verification of issuing licence verifies decrypted signature of issuing licence.
In one example, this ontology data part of this digital certificate comprises dispersion factor field, and the method also comprises: use the dispersion factor in this dispersion factor field and this unique keys of female secret generating.
In one example, this application conditions field comprises operating period field.
In one example, if current date is not within the time limit of this operating period field, then this digital certificate is invalid.
Accompanying drawing explanation
After the detailed description of reading embodiment of the present disclosure in conjunction with the following drawings, above-mentioned feature and advantage of the present invention can be understood better.In the accompanying drawings, each assembly is not necessarily drawn in proportion, and the assembly with similar correlation properties or feature may have identical or close Reference numeral.
Fig. 1 shows the schematic diagram of the environment for use of digital certificate;
Fig. 2 shows the schematic diagram of the file structure of the digital certificate of prior art;
Fig. 3 shows the schematic diagram of the file structure of digital certificate according to an aspect of the present invention;
Fig. 4 shows the flow chart of the method for the validity for limiting digital certificate according to an aspect of the present invention;
Fig. 5 shows the flow chart of the method for the validity for limiting digital certificate according to an aspect of the present invention;
Fig. 6 shows the schematic diagram of the file structure of digital certificate according to a further aspect in the invention;
Fig. 7 shows the flow chart of the method for the validity for limiting digital certificate according to a further aspect in the invention; And
Fig. 8 shows the flow chart of the method for the validity for limiting digital certificate according to a further aspect in the invention.
Embodiment
Below in conjunction with the drawings and specific embodiments, the present invention is described in detail.Note, the aspects described below in conjunction with the drawings and specific embodiments is only exemplary, and should not be understood to carry out any restriction to protection scope of the present invention.
Fig. 2 shows the schematic diagram of the file structure of the digital certificate 200 of prior art.Digital certificate 200 is issued unit making by digital certificate and is issued.As shown in Figure 2, digital certificate 200 comprises ontology data part 202 and signature 204 of issuing licence.Digital certificate is issued unit and is used digital signature technology to ensure that digital certificate is the unique voucher issued by it, also ensures that the amendment of any one byte of ontology data part of digital certificate all can cause the checking of signature 204 of issuing licence not passed through simultaneously.But as discussed above, in the circulation process of digital certificate, probably can cause falsely using and abusing of digital certificate.Therefore, the invention provides the scheme of the validity for limiting digital certificate.
According to an aspect of the present invention, digital certificate holds unit can arrange effective life for digital certificate, thus only within this operating period, digital certificate is only effectively.Once outside exceeding this operating period, digital certificate will lose efficacy, thus effectively prevent falsely using and abusing of digital certificate.
Fig. 3 shows the schematic diagram of the file structure of digital certificate 300 according to an aspect of the present invention.Digital certificate 300 except have conventional numerical voucher ontology data part and issue licence signature except, also comprise by digital certificate hold unit expand application data part 306 and application signature 308.Application data part 306 comprises application conditions field 310.When using digital certificate 300, if the application conditions in application conditions field 310 does not meet, then digital certificate 300 is invalid.In one example, application conditions field 310 comprises operating period field.If current date is not within this operating period, then this digital certificate 300 is invalid.Such as, operating period field comprises the starting time field of 8 bytes and the end time field of 8 bytes.Starting time field form is 4 byte times of Arabic numerals, 2 byte months, 2 byte date value, and this initial time must be more than or equal to issuing licence the time of issuing organization.If during checking, current time is less than this initial time, authentication failed, digital certificate is not within effective life.End time field format is similar to starting time field.This end time must be less than or equal to date of the last day of the voucher term of validity that voucher issuing organization is arranged at first.Such as, if current time is greater than this end time during checking, authentication failed, digital certificate is not within effective life.
In other instances, other application conditions fields also can be set, such as application purpose field.Unit held by voucher can with the purposes of the formatting digital certificate 300 of ASCII character character string in the application purpose field of such as 64 byte lengths, as " refund ", " industrial and commercial annual audit " etc.If do not meet above-mentioned application conditions, then also can think that digital certificate is invalid.
The application signature 308 that ontology data part 302, issue licence signature 304 and application data part 306 are calculated is comprised, to prevent any amendment to above-mentioned part after application data part 306.Once the data of ontology data part 302, issue licence signature 304 and application data part 306 are revised, then when using digital certificate 300 by not by the signature verification of application signature 308.
Fig. 4 shows the flow chart 400 of the method for the validity for limiting digital certificate according to an aspect of the present invention.The method is held unit by digital certificate and is performed.In step 402, attached application data part after the signature of issuing licence of the end of file of digital certificate, this application data part comprises application conditions field.In step 404, the ontology data part of this digital certificate, this issue licence signature and this application data part combine digital signature are signed with computing application.In step 406, this application signature attached after this application data part.In one example, this application conditions field comprises operating period field.Such as this operating period field comprises initial time and end time field.
In practice, digital certificate is held unit and can be issued to voucher the digital certificate that unit issues and carry out validity restriction.Such as, digital certificate holds unit can use client software, utilizes and arranges initial time and the end time that interface arranges the operating period of digital certificate, and arrange application purpose.Thus, generate " the application data part " of such as 80 bytes and be attached to the afterbody of original certificate.Then, re-use the PKI that voucher holds the enterprise CA that unit applies for from ca authentication center and sign, the signature value of application signature is put into the afterbody of file.If adopt RSA1024 signature, then the signature value of application signature is 128 bytes, if adopt RSA2048 signature, then the signature value of application signature is 256 bytes.
Fig. 5 shows the flow chart 500 of the method for the validity for limiting digital certificate according to an aspect of the present invention.The method is performed by digital certificate applying unit.In step 502, checking is performed to the application signature of the end of file of this digital certificate.In step 504, judge whether application signature is proved to be successful.If failure, then digital certificate is invalid, and flow process terminates.If be proved to be successful, then flow process marches to step 506, and the application data part before being wherein positioned at application signature from this digital certificate reads application conditions field.Then, in step 508, judge whether this application conditions field conforms to a predetermined condition.If meet, then flow process marches to step 510 to perform checking to the signature of issuing licence before being positioned at described application data part in described digital certificate.If do not meet, then digital certificate is invalid, and flow process terminates.
In practice, digital certificate applying unit uses client software to verify digital certificate.Such as, the application signature of PKI to voucher afterbody using voucher to hold the enterprise CA of unit is verified.If be verified, then read " the application data part " of such as 80 bytes, then verify whether current date meets in lifetime limit, and whether set application purpose is consistent with practical use etc.If eligible, then carry out conventional signature verification of issuing licence.If otherwise ineligible, then directly think that digital certificate is invalid.Thus falsely used and abuse after effectively prevent digital certificate outflow.
Above-mentioned aspect of the present invention digital certificate is held effectiveness condition that unit can arrange digital certificate voluntarily, thus prevent the abuse of digital certificate.But, in actual use, if a certain class digital certificate does not have cogent provision to hold unit must carry out extra application conditions (such as operating period) setting, the while that so the client software of voucher applying unit needing, the initial credential format (ontology data adds signature of issuing licence) that unit issues issued by compatible voucher, namely do not have application data part and application signature.Now, likely another problem can be caused.Such as, if unit held by voucher in fact arranged application conditions, but by office worker or act on behalf of unit and have modified digital certificate, by " application data part " with " application signature " section is complete blocks, the new file now obtained is exactly the original certificate that initial licence issuing authority being presented to holds unit.Now, this distort after voucher also can be identified as effective voucher by the client software of applying unit.Another aspect provides further scheme to avoid the generation of this situation.
Fig. 6 shows the schematic diagram of the file structure of digital certificate 600 according to a further aspect in the invention.The file structure of digital certificate 600 and the file structure of digital certificate 300 similar, difference is, issue licence signature 604 and application data part 606 encrypted, application signature 608 is the digital signature performed ontology data part 602, encrypted issue licence signature 604 and application data part 606.Such as, this issue licence signature 604 and application data part 606 can use unique keys to be encrypted.Generally comprised file size field and dispersion factor field in the ontology data part of digital certificate, these two fields generate when making digital certificate by issuing unit.File size field is generally 4 byte lengths, have recorded the total length of digital certificate, i.e. the total byte length of " ontology data part " and " signature of issuing licence ".Dispersion factor field is generally 8 byte lengths, is synthesized by digital certificate numbering, Production Time, making machine MAC Address element when digital certificate makes, from but for the unique byte arrays string of digital certificate.The present invention utilizes this dispersion factor and female key to use decentralized algorithm acquisition often to open the unique key of voucher, to be encrypted " signature of issuing licence " and " application data part ".Thus, only by the signature verification of application signature 608 and the checking of the signature 604 that just can carry out after deciphering issuing licence.Otherwise, if block application data part 606 and application signature 608, because signature 604 of issuing licence is through encryption, issue licence signature 604 signature verification not by, thus to prevent by blocking digital certificate and hold application data part 606 that unit adds and application signature 608 abusing digital certificate 600.
Fig. 7 shows the flow chart 700 of the method for the validity for limiting digital certificate according to a further aspect in the invention.The method is held unit by digital certificate and is performed.In step 702, attached application data part after the signature of issuing licence of the end of file of this digital certificate, this application data part comprises application conditions field.In step 704, use unique keys to this issue licence signature and this application data part be encrypted.In one example, the dispersion factor in the dispersion factor field of the ontology data part of digital certificate and female key can be utilized such as to carry out 3DES computing to obtain this unique keys.This female key can from the publicly-owned USB Key(of such as digital certificate holder and user namely, Ukey).In step 706, the ontology data part of this digital certificate, encrypted signature and the application data part combine digital signature of issuing licence are signed with computing application.In step 708, this application signature attached after encrypted application data part.
In practice, digital certificate is held unit and can be issued to voucher the digital certificate that unit issues and carry out validity restriction.Such as, digital certificate holds unit can use client software, utilizes and arranges initial time and the end time that interface arranges the operating period of digital certificate, and arrange application purpose.Thus, generate " the application data part " of such as 80 bytes and be attached to the afterbody of original certificate.Then, the dispersion factor of 8 bytes of the female key of such as 16 bytes in Ukey and the ontology data part of original certificate is utilized to generate the unique keys of such as 16 bytes.Re-use the issue licence signature (such as, RSA1024) of this unique keys to the application data part of 80 bytes and 128 bytes and perform encryption.Finally, the PKI using voucher to hold the enterprise CA that unit applies for from ca authentication center is signed to preceding sections entirety, the signature value of application signature is put into the afterbody of file.Thus, the setting to validity is completed.
Fig. 8 shows the flow chart 800 of the method for the validity for limiting digital certificate according to a further aspect in the invention.The method is held unit by digital certificate and is performed.In step 802, read the file size of this digital certificate from the file size field of the ontology data part of digital certificate.In step 804, judge that whether institute's file reading length is equal with the actual file length of digital certificate.If equal, then illustrate that digital certificate is held unit and do not carried out validity setting, flow process marches to step 816, the signature of issuing licence of direct checking digital certificate as checking conventional numerical voucher.If unequal, illustrate that digital certificate is held unit and carried out validity setting, flow process marches to step 806, performs checking with the application signature of the end of file to digital certificate.In step 808, if verify unsuccessful, then digital certificate is invalid, and flow process terminates.If be proved to be successful, then flow process marches to step 810.In step 810, unique keys can be used to be decrypted with the signature of issuing licence be positioned at before this application data part the application data part before being positioned at application signature in this digital certificate.In one example, the dispersion factor in the dispersion factor field of the ontology data part of digital certificate and female key can be utilized such as to carry out 3DES computing to obtain this unique keys.This female key can from the publicly-owned USB Key(of such as digital certificate holder and user namely, Ukey).In step 812, the decrypted application data part be positioned at application signature from this digital certificate before reads application conditions field.In step 814, judge whether this application conditions field conforms to a predetermined condition.If meet, then flow process marches to step 816 to perform checking to the signature of issuing licence before being positioned at described application data part in described digital certificate.If do not meet, then digital certificate is invalid, and flow process terminates.
In practice, digital certificate applying unit uses client software to verify digital certificate.Such as, first judge that whether the actual file length of digital certificate is equal with read file size.If equal, represent that voucher is held unit and do not carried out validity setting, then directly carry out conventional signature verification of issuing licence.If unequal, then represent that voucher is held unit and carried out validity setting, the application signature of PKI to voucher afterbody using voucher to hold the enterprise CA of unit is thus verified.If be verified, then the dispersion factor of 8 bytes of the female key of such as 16 bytes in Ukey and the ontology data part of original certificate is used to generate the unique keys of such as 16 bytes.Re-use the issue licence signature (such as, RSA1024) of this unique keys to the application data part of 80 bytes and 128 bytes and perform deciphering.Then read " the application data part " of decrypted such as 80 bytes, and verify whether current date meets in lifetime limit, and whether set application purpose is consistent with practical use etc.If eligible, then conventional signature verification of issuing licence is carried out to decrypted signature of issuing licence.If otherwise ineligible, then directly think that digital certificate is invalid.Thus falsely used and abuse after effectively prevent digital certificate outflow.
Note, method illustrated although simplify for making explanation and is described as a series of actions, it should be understood that and understand, these methods not limit by the order of action, because according to one or more embodiment, some actions can occur by different order and/or with from illustrating herein and describe or not shown and to describe but other actions that it will be appreciated by those skilled in the art that occur concomitantly herein.Such as, the encryption to issue licence signature and application data part in Fig. 7, also first can be performed, then after encrypted application data part being attached in encrypted signature of issuing licence.
By arranging application data part in addition in conventional numerical voucher, the unit that holds of digital certificate can be the validity applying restriction of digital certificate.In addition, perform encryption by application data part and signature of issuing licence, can prevent someone from blocking digital certificate and hold application data part attached by unit and application signature to defraud of confidence.Because only by after the checking of application signature, could be decrypted issue licence signature and application data part, and then perform conventional signature verification of issuing licence.If application data part and application signature are truncated, then inevitable not by the checking of application signature, thus can not be decrypted signature of issuing licence, also just not by the signature verification of issuing licence of routine.Ensure that digital signature is abused thus high safety.
Thering is provided previous description of the present disclosure is for making any person skilled in the art all can make or use the disclosure.To be all apparent for a person skilled in the art to various amendment of the present disclosure, and generic principles as defined herein can be applied to other variants and can not depart from spirit or scope of the present disclosure.Thus, the disclosure not intended to be is defined to example described herein and design, but the widest scope consistent with principle disclosed herein and novel features should be awarded.
Claims (10)
1., for limiting a method for the validity of digital certificate, described method comprises:
Attached application data part after the signature of issuing licence of the end of file of described digital certificate, described application data part comprises application conditions field;
To the ontology data part of described digital certificate, described in issue licence signature and described application data part combine digital signature to obtain application signature; And
Attached described application signature after described application data part.
2. the method for claim 1, is characterized in that, also comprises:
Use unique keys to described issue licence signature and described application data part be encrypted,
Wherein said combine digital signature obtains the described ontology data part of described digital certificate and encrypted signature and the application data part combine digital signature calculation of issuing licence.
3. method as claimed in claim 2, it is characterized in that, the described ontology data part of described digital certificate comprises dispersion factor field, and described method also comprises: use unique keys described in dispersion factor in described dispersion factor field and female secret generating.
4. the method for claim 1, is characterized in that, described application conditions field comprises operating period field.
5., for limiting a method for the validity of digital certificate, described method comprises:
Checking is performed to the application signature of the end of file of described digital certificate;
If be proved to be successful, then the application data part be positioned at from described digital certificate before described application signature reads application conditions field;
If described application conditions field does not meet predetermined condition, then described digital certificate is invalid; And
If described application conditions field conforms to a predetermined condition, then checking is performed to the signature of issuing licence before being positioned at described application data part in described digital certificate.
6. method as claimed in claim 5, is characterized in that, the ontology data part before signature of issuing licence described in being positioned in described digital certificate comprises file size field, and described method also comprises:
The file size of described digital certificate is read from described file size field;
The actual file length of institute's file reading length and described digital certificate is compared;
If etc., then do not perform the step of described application signature checking;
If equal, then the step of signature verification of issuing licence described in directly performing.
7. method as claimed in claim 5, is characterized in that, also comprise:
If described application signature is proved to be successful, then unique keys is used to be decrypted the application data part be positioned in described digital certificate before described application signature and the signature of issuing licence be positioned at before described application data part,
Wherein, described reading application conditions field reads described application conditions field from the application data part after deciphering, and described in signature verification of issuing licence be that decrypted signature of issuing licence is verified.
8. method as claimed in claim 7, it is characterized in that, the described ontology data part of described digital certificate comprises dispersion factor field, and described method also comprises: use unique keys described in dispersion factor in described dispersion factor field and female secret generating.
9. method as claimed in claim 5, it is characterized in that, described application conditions field comprises operating period field.
10. method as claimed in claim 9, it is characterized in that, if current date is not within the time limit of described operating period field, then described digital certificate is invalid.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310507583.2A CN104579663B (en) | 2013-10-24 | 2013-10-24 | For the method for the validity for limiting digital certificate |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310507583.2A CN104579663B (en) | 2013-10-24 | 2013-10-24 | For the method for the validity for limiting digital certificate |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104579663A true CN104579663A (en) | 2015-04-29 |
| CN104579663B CN104579663B (en) | 2018-03-27 |
Family
ID=53094947
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310507583.2A Active CN104579663B (en) | 2013-10-24 | 2013-10-24 | For the method for the validity for limiting digital certificate |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104579663B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017011993A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Electronic certificate setting method, and data interaction processing method, device and system |
| WO2017012026A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Method and system for setting contract completion time limitation for electronic certificate |
| WO2017011992A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Electronic certificate setting method, and data interaction processing method, device and system |
| WO2017011991A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Electronic certificate setting method, and data interaction processing method, device and system |
| WO2017045155A1 (en) * | 2015-09-16 | 2017-03-23 | 深圳市银信网银科技有限公司 | Processing method for obtaining target data, server, and online financing method |
| WO2017045154A1 (en) * | 2015-09-16 | 2017-03-23 | 深圳市银信网银科技有限公司 | Processing method for acquiring target data, server, and online funding method |
| CN110324283A (en) * | 2018-03-30 | 2019-10-11 | 中移(苏州)软件技术有限公司 | Licensing Methods, apparatus and system based on asymmetric encryption |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0328232B1 (en) * | 1988-02-12 | 1995-05-03 | Addison M. Fischer | Public key/signature cryptosystem with enhanced digital signature certification |
| CN101694685A (en) * | 2009-10-12 | 2010-04-14 | 南京联创科技集团股份有限公司 | Safety product license management method based on XML encryption and digital certificate |
| CN101872399A (en) * | 2010-07-01 | 2010-10-27 | 武汉理工大学 | Dynamic digital copyright protection method based on dual identity authentication |
| CN102970140A (en) * | 2012-11-15 | 2013-03-13 | 郑铭浚 | Electronic authentication system for enterprise or personal authorization information |
-
2013
- 2013-10-24 CN CN201310507583.2A patent/CN104579663B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0328232B1 (en) * | 1988-02-12 | 1995-05-03 | Addison M. Fischer | Public key/signature cryptosystem with enhanced digital signature certification |
| CN101694685A (en) * | 2009-10-12 | 2010-04-14 | 南京联创科技集团股份有限公司 | Safety product license management method based on XML encryption and digital certificate |
| CN101872399A (en) * | 2010-07-01 | 2010-10-27 | 武汉理工大学 | Dynamic digital copyright protection method based on dual identity authentication |
| CN102970140A (en) * | 2012-11-15 | 2013-03-13 | 郑铭浚 | Electronic authentication system for enterprise or personal authorization information |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017011993A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Electronic certificate setting method, and data interaction processing method, device and system |
| WO2017012026A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Method and system for setting contract completion time limitation for electronic certificate |
| WO2017011992A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Electronic certificate setting method, and data interaction processing method, device and system |
| WO2017011991A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Electronic certificate setting method, and data interaction processing method, device and system |
| WO2017045155A1 (en) * | 2015-09-16 | 2017-03-23 | 深圳市银信网银科技有限公司 | Processing method for obtaining target data, server, and online financing method |
| WO2017045154A1 (en) * | 2015-09-16 | 2017-03-23 | 深圳市银信网银科技有限公司 | Processing method for acquiring target data, server, and online funding method |
| CN110324283A (en) * | 2018-03-30 | 2019-10-11 | 中移(苏州)软件技术有限公司 | Licensing Methods, apparatus and system based on asymmetric encryption |
| CN110324283B (en) * | 2018-03-30 | 2021-08-06 | 中移(苏州)软件技术有限公司 | Permission method, device and system based on asymmetric encryption |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104579663B (en) | 2018-03-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104579663A (en) | Method for limiting validity of digital certificate | |
| CN109040090B (en) | A kind of data ciphering method and device | |
| US8528104B2 (en) | Security and ticketing system control and management | |
| CN109074434A (en) | Method and system for verifying ownership of digital assets using distributed hash tables and point-to-point distributed ledgers | |
| CN110149322A (en) | A kind of block chain encryption method that irreversible dynamic failure re-examination is rebuild | |
| CN106951788A (en) | Client vehicles data security methods | |
| CN108206831A (en) | Implementation method and server, the client and readable storage medium storing program for executing of E-seal | |
| CN105915502A (en) | Method and system for facilitating network joining | |
| CN105468990A (en) | Sensitive information management control method and apparatus | |
| CN104636444B (en) | A kind of encryption and decryption method and device of database | |
| CN104574176A (en) | USBKEY-based secure online tax declaration method | |
| CN102281143B (en) | Remote unlocking system of intelligent card | |
| JP2015514269A (en) | Offline authentication with built-in authorization attributes | |
| CN113326533B (en) | Electronic license service system and method based on blockchain and distributed file storage | |
| CN104637117A (en) | Intelligent lock pin realization method, key realization method, intelligent lock pin, lock and key | |
| CN102255732B (en) | Safe certificate issuing method based on USB (Universal Serial Bus) key | |
| CN111435390A (en) | Safety protection method for operation and maintenance tool of power distribution terminal | |
| CN104579659A (en) | Device for safety information interaction | |
| CN105554038A (en) | Control method for data security during on-line system and off-line system data interaction | |
| CN110855441B (en) | Method, device and equipment for authenticating electronic identity and storage medium | |
| CN112884485B (en) | Symmetrical encryption traceability transaction method, system and storage medium based on blockchain network | |
| CN111435389A (en) | Power distribution terminal operation and maintenance tool safety protection system | |
| CN103259689A (en) | Method for changing password of equipment and recovering password after failure | |
| CN110232570B (en) | Information supervision method and device | |
| CN101795194B (en) | Method for protecting multi-digital certificate of intelligent card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 200083 B building, No. 420, Guang Zhong Road, Hongkou District, Shanghai Patentee after: Shanghai middle shift information technology Co., Ltd. Address before: 200083 B building, No. 420, Guang Zhong Road, Hongkou District, Shanghai Patentee before: SHANGHAI ZHONGYI COMMUNICATION TECHNOLOGY ENGINEERING CO., LTD. |
|
| CP01 | Change in the name or title of a patent holder |