CN104579690B - High in the clouds KEY systems and application method - Google Patents

High in the clouds KEY systems and application method Download PDF

Info

Publication number
CN104579690B
CN104579690B CN201510035738.6A CN201510035738A CN104579690B CN 104579690 B CN104579690 B CN 104579690B CN 201510035738 A CN201510035738 A CN 201510035738A CN 104579690 B CN104579690 B CN 104579690B
Authority
CN
China
Prior art keywords
key
server
client
verification
clouds
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510035738.6A
Other languages
Chinese (zh)
Other versions
CN104579690A (en
Inventor
王永起
薛福旗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tongzhi Weiye Software Co.,Ltd.
Original Assignee
JINAN TONGZHI WEIYE SOFTWARE CO Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by JINAN TONGZHI WEIYE SOFTWARE CO Ltd filed Critical JINAN TONGZHI WEIYE SOFTWARE CO Ltd
Priority to CN201510035738.6A priority Critical patent/CN104579690B/en
Publication of CN104579690A publication Critical patent/CN104579690A/en
Application granted granted Critical
Publication of CN104579690B publication Critical patent/CN104579690B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

Based on the secure encryption system of high in the clouds KEY, including client, the server being connect with client network, several KEY being connect with the server, client further includes fingerprint input device.Safe encryption method under this systems:First multiple registered KEY are connect with server;Client user inputs server log information and carries out normal data interaction with server;If you need to call KEY, solicited message need to be sent to server, transfer KEY data;If server is transferred corresponding KEY and is matched with client, can be returned to data for customer end in KEY at this time and used by checking solicited message;If not over verification, any KEY cannot be transferred, and prompts solicited message mistake.By the present invention in that with high in the clouds KEY, it can effectively solve the problem that user in operation needs the cumbersome flow of circumscribed USB KEY, can solve the problems, such as that KEY is carried.

Description

High in the clouds KEY systems and application method
Technical field
The present invention relates to safe field of encryption, specifically a kind of high in the clouds KEY systems and application method.
Background technology
With information-based and internet high speed development, individual also gets over the security requirement of self information and online transaction Come higher;Can be current effectively and rapidly to file encryption and online transaction on the original use habit of user is not changed The emphasis of internet information security fields.
At present as user will realize file encryption and online transaction, need to could be carried out after client circumscribed USB KEY corresponding Operation, and reach the result that user wants.In USBKEY operating process is used, cumbersome operation brings inconvenience, and nothing Method solves the problems, such as that USBKEY loses and leaves behind, and excessive USBKEY also results in waste.If USBKEY lose or It leaves behind, will be unable to carry out the operations such as file encryption and online transaction, some emergency managements also will be unable to be handled, simultaneously The loss of USBKEY also can cause security risk to the property of user.
Invention content
Need the cumbersome flow of circumscribed USB KEY and solution USBKEY portable to solve user in operation Problem, the purpose of the present invention is to provide a kind of high in the clouds KEY systems and application methods.
To solve the above problems, the present invention uses following technical scheme:A kind of high in the clouds KEY systems, which is characterized in that including Client, the server being connect with client network and several KEY being connect with the server, each KEY is interior to be wrapped It includes for the digital signature of digital signature and signature key pair, for the encrypted certificate of file encryption and encryption key pair, Personal document for the verification information verified to KEY identity and for storing personal attribute's file.
Further, several KEY are connect by USBHUB with server.
Further, the client further includes fingerprint input device.
A kind of application method of high in the clouds KEY systems, includes the following steps:
Multiple registered KEY are connect by the first step with server;
Second step, client user input server log information and carry out normal data interaction with server;
Third walks, and if you need to call KEY, need to send solicited message to server, transfer KEY data;If server is by testing Solicited message is demonstrate,proved, then transfers corresponding KEY and is matched with client, data for customer end in KEY can be returned at this time and used;If no By verification, then any KEY cannot be transferred, and prompt solicited message mistake.
Further, the verification of solicited message is included to verify comprising verification information in the solicited message of third step The verification information of information and server reserves carries out contrast verification.
Further, the verification information includes finger print information and/or PIN code.
Further, in the third step, it if not over verification information, prompts to ask user's input validation letter again Breath still cannot shield the client, set if user is inputted after n times verification information by verification, server Client is not allowed to be transferred KEY data again in time.
The beneficial effects of the present invention are:It can effectively solve the problem that user needs in operation by using high in the clouds KEY The cumbersome flow of circumscribed USB KEY can solve the problems, such as that KEY is carried;In file encryption and online transaction with using The method of USBKEY is consistent, can be conveniently accomplished payment and user's property safety in this way;And it can effectively solve The problems such as USBKEY loses and leaves behind.
Description of the drawings
Fig. 1 is the systematic schematic diagram of the present invention;
Fig. 2 is the KEY of the present invention and server catenation principle figure;
Fig. 3 is flow chart of the method for the present invention.
Specific embodiment
Below in conjunction with the accompanying drawings and the present invention is described in detail in specific embodiment.
High in the clouds KEY systems as shown in Figure 1, it includes client, the server being connect with client network, with the clothes Be engaged in several KEY that device connects.Preferably, as shown in Fig. 2, several KEY are connect by USBHUB with server, in Fig. 2 The conversion chip of GL850/GL850A chips, that is, USBHUB, safety chip are KEY, and each KEY carries USB interface, they It is connect respectively with each USB interface of USBHUB.Certainly, the connection mode of KEY and server is not limited to shown in Fig. 2, All safety chips can be grouped, every group of all safety chips can be integrated into a chip, then pass through a USB Interface is connect with USBHUB.Include in each KEY for the digital signature of digital signature and signature key pair, be used for The encrypted certificate of file encryption and an encryption key pair, for the verification information verified to KEY identity and for storing The personal document of humanized file.Digital certificate is authoritative electronic document, by the just third-party institution of authority, i.e. CA centers The certificate signed and issued, digital signature and encrypted certificate belong to digital certificate scope, and digital signature mainly apply with Digital signature, encrypted certificate are mainly used in file encryption.Signature key can be divided into signature private key and sign test to being generated by terminal Name public key, signature private key are used for digital signature, test public signature key for verifying digital signature.Encryption key pair:By key management Center (KMC) or server generate, and can be divided into encrypted public key and decrypted private key, make encryption and decryption functions respectively;Verification information is main To KEY authentications, such as:It verifies whether to meet the information such as KPI specifications.Personal property file is mainly stored in personal document.
Further, the client further includes fingerprint input device, in this way, when client obtains high in the clouds KEY information, , by verification, safety is improved by verifying user fingerprints.
A kind of application method of high in the clouds KEY systems, as shown in figure 3, its substantially flow is:Client inputs log-on message, Login service device carries out data interaction with server, if desired calls KEY, then validation information, verification information is correct, then Client accesses KEY.Specifically include following steps:
According to the application of user, KEY is registered for the first step, one KEY of a user, by multiple registered KEY with Server connects;
Second step, client normally access the process of server end:User inputs the log-on message of server, log-on message Server is entered correctly into, client and server end is normally carried out data interaction at this time, and client can transfer server end number According to;If log-on message is incorrect, error code is returned, prompts log-on message mistake.
Third walks, if user needs to call KEY, need to send solicited message to server, transfer KEY data, request letter Comprising verification information in breath, the verification of solicited message is included comparing the verification information of verification information and server reserves Verification.Further, the verification information includes finger print information and/or PIN code, and user needs typing fingerprint and input PIN Code can call KEY data.
If server is transferred corresponding KEY and is matched with client, can be returned in KEY at this time by checking solicited message Data for customer end uses;If not over verification, any KEY cannot be transferred, and prompts solicited message mistake, asks user again Secondary validation information, if user's input (can voluntarily set number) three times, verification information cannot be serviced by verification Device shields the client, client is not allowed to be transferred KEY data again in setting time, but the client is also Normal data interaction can be carried out with server.
The above combination attached drawing is described above in detail the preferred embodiment of the present invention and embodiment, but the present invention is not The above-described embodiment and examples are confined to, for those skilled in the art, are not departing from structure of the present invention Under the premise of think of, several improvement and modification can also be made, these improvements and modifications also should be regarded as protection scope of the present invention.

Claims (5)

1. a kind of high in the clouds KEY systems, which is characterized in that including client, the server being connect with client network and with institute Several KEY of server connection are stated, digital signature and signature key for digital signature are included in each KEY It is right, for the encrypted certificate of file encryption and encryption key pair, for the verification information verified to KEY identity, Yi Jiyong In the personal document of storage personal attribute's file;Signature key is signed to being generated by terminal, being divided into signature private key and testing public signature key Name private key tests public signature key for verifying digital signature for digital signature;Encryption key is to by Key Management Center or service Device generates, and is divided into encrypted public key and decrypted private key, makees encryption and decryption functions respectively.
2. KEY systems in high in the clouds according to claim 1, which is characterized in that several KEY pass through USBHUB and server Connection.
3. KEY systems in high in the clouds according to claim 1, which is characterized in that the client further includes fingerprint input device.
4. a kind of application method of high in the clouds KEY systems, includes the following steps:
Multiple registered KEY are connect by the first step with server;
Second step, client user input server log information and carry out normal data interaction with server;
Third walks, and if you need to call KEY, need to send solicited message to server, transfer KEY data;If server please by verification Information is sought, then transfers corresponding KEY and is matched with client, data for customer end in KEY can be returned at this time and used;If not over Verification, then cannot transfer any KEY, and prompt solicited message mistake;
Comprising verification information in the solicited message of third step, the verification of solicited message is included verification information is pre- with server The verification information stayed carries out contrast verification;The verification information includes finger print information and/or PIN code.
5. the application method of a kind of high in the clouds KEY systems according to claim 4, which is characterized in that in the third step, if not having Have through verification information, then user's validation information again is asked in prompting, if user cannot still lead to after inputting n times verification information Verification is crossed, then server shields the client, client is not allowed to be transferred KEY numbers again in setting time According to.
CN201510035738.6A 2015-01-23 2015-01-23 High in the clouds KEY systems and application method Active CN104579690B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510035738.6A CN104579690B (en) 2015-01-23 2015-01-23 High in the clouds KEY systems and application method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510035738.6A CN104579690B (en) 2015-01-23 2015-01-23 High in the clouds KEY systems and application method

Publications (2)

Publication Number Publication Date
CN104579690A CN104579690A (en) 2015-04-29
CN104579690B true CN104579690B (en) 2018-07-10

Family

ID=53094969

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510035738.6A Active CN104579690B (en) 2015-01-23 2015-01-23 High in the clouds KEY systems and application method

Country Status (1)

Country Link
CN (1) CN104579690B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107169316A (en) * 2017-04-13 2017-09-15 北京深思数盾科技股份有限公司 A kind of method and system of trustship hardware controls lock
CN106936588B (en) * 2017-04-13 2020-04-24 北京深思数盾科技股份有限公司 Hosting method, device and system of hardware control lock
CN107229874B (en) * 2017-05-27 2020-12-15 北京世纪龙脉科技有限公司 Method, device and server for realizing VR-Key

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1921395A (en) * 2006-09-19 2007-02-28 北京飞天诚信科技有限公司 Method and system for improving security of network software
CN101221641A (en) * 2007-12-20 2008-07-16 魏恺言 On-line trading method and its safety affirmation equipment
CN101848090A (en) * 2010-05-11 2010-09-29 武汉珞珈新世纪信息有限公司 Authentication device and system and method using same for on-line identity authentication and transaction
CN102420692A (en) * 2011-12-28 2012-04-18 广州杰赛科技股份有限公司 Safety authentication method and system of universal serial bus (USB) key of client terminal based on cloud computation
CN102426715A (en) * 2011-09-30 2012-04-25 华为技术有限公司 Unlocking method for electronic door lock, electronic door lock and electronic door lock system
CN102710611A (en) * 2012-05-11 2012-10-03 福建联迪商用设备有限公司 Network security authentication method and system
CN103095650A (en) * 2011-10-31 2013-05-08 广东电子工业研究院有限公司 Cloud service identity authentication method suitable for thin client terminal
CN103618719A (en) * 2013-11-29 2014-03-05 北京奇虎科技有限公司 Cloud service identity authentication method and equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10248803B2 (en) * 2013-05-08 2019-04-02 Intermedia.Net, Inc. Internal folder sharing

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1921395A (en) * 2006-09-19 2007-02-28 北京飞天诚信科技有限公司 Method and system for improving security of network software
CN101221641A (en) * 2007-12-20 2008-07-16 魏恺言 On-line trading method and its safety affirmation equipment
CN101848090A (en) * 2010-05-11 2010-09-29 武汉珞珈新世纪信息有限公司 Authentication device and system and method using same for on-line identity authentication and transaction
CN102426715A (en) * 2011-09-30 2012-04-25 华为技术有限公司 Unlocking method for electronic door lock, electronic door lock and electronic door lock system
CN103095650A (en) * 2011-10-31 2013-05-08 广东电子工业研究院有限公司 Cloud service identity authentication method suitable for thin client terminal
CN102420692A (en) * 2011-12-28 2012-04-18 广州杰赛科技股份有限公司 Safety authentication method and system of universal serial bus (USB) key of client terminal based on cloud computation
CN102710611A (en) * 2012-05-11 2012-10-03 福建联迪商用设备有限公司 Network security authentication method and system
CN103618719A (en) * 2013-11-29 2014-03-05 北京奇虎科技有限公司 Cloud service identity authentication method and equipment

Also Published As

Publication number Publication date
CN104579690A (en) 2015-04-29

Similar Documents

Publication Publication Date Title
US10341109B2 (en) Controlling exposure of sensitive data and operation using process bound security tokens in cloud computing environment
TWI667585B (en) Method and device for safety authentication based on biological characteristics
KR102044747B1 (en) Method for providing user authentication service based on blockchain
US10305891B2 (en) Preventing unauthorized access to secured information systems using multi-device authentication techniques
US10091194B2 (en) Preventing unauthorized access to secured information systems using multi-device authentication techniques
US10586229B2 (en) Anytime validation tokens
JP6498358B2 (en) Integrated authentication system that authenticates using disposable random numbers
JP6468013B2 (en) Authentication system, service providing apparatus, authentication apparatus, authentication method, and program
US20190190723A1 (en) Authentication system and method, and user equipment, authentication server, and service server for performing same method
CN105227324B (en) A kind of method and device of cloud platform authenticating user identification
CN101221641B (en) On-line trading method and its safety affirmation equipment
EP3206329B1 (en) Security check method, device, terminal and server
CN103634328A (en) Authentication method, device and system for network platform authentication server
CN104579690B (en) High in the clouds KEY systems and application method
CN104038509A (en) Fingerprint authentication cloud system
CN108989346A (en) The effective identity trustship agility of third party based on account concealment authenticates access module
US11188630B1 (en) Dynamic enrollment using biometric tokenization
CN106789059B (en) A kind of long-range two-way access control system and method based on trust computing
US20120234923A1 (en) Method and/or device for managing authentication data
CN112425114A (en) Password manager protected by public-private key pair
CN103929310A (en) Mobile phone client side password unified authentication method and system
CN109889342A (en) Interface testing method for authenticating, device, electronic equipment and storage medium
CN103297398A (en) Method and system for improving safety of intelligent information equipment
TWI392310B (en) Method for implementing and authenticating an one time password (otp) for integrated circuit cards
Mogal et al. HOW TWO FACTOR AUTHENTICATION HELPS IN CYBERSECURITY

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 250101 room 2301, 6 tower, Shun Tai Plaza, 2000 Shun Hua Road, hi tech Zone, Ji'nan, Shandong.

Patentee after: Albert Shandong software Limited by Share Ltd

Address before: 250101 7, 2, Shun Tai Plaza, 2000 Shun Hua Road, Ji'nan high tech Zone, Shandong.

Patentee before: JINAN TONGZHI WEIYE SOFTWARE CO., LTD.

CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: 250101 room 2301, 6 tower, Shun Tai Plaza, 2000 Shun Hua Road, hi tech Zone, Ji'nan, Shandong.

Patentee after: Tongzhi Weiye Software Co.,Ltd.

Address before: 250101 room 2301, 6 tower, Shun Tai Plaza, 2000 Shun Hua Road, hi tech Zone, Ji'nan, Shandong.

Patentee before: SHANDONG TONGZHI WEIYE SOFTWARE Co.,Ltd.