CN104618306A - Novel integrated mobile phone data transmission key signal encryption method - Google Patents

Novel integrated mobile phone data transmission key signal encryption method Download PDF

Info

Publication number
CN104618306A
CN104618306A CN201310537436.XA CN201310537436A CN104618306A CN 104618306 A CN104618306 A CN 104618306A CN 201310537436 A CN201310537436 A CN 201310537436A CN 104618306 A CN104618306 A CN 104618306A
Authority
CN
China
Prior art keywords
mobile phone
data
key
server
enterprise
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310537436.XA
Other languages
Chinese (zh)
Inventor
周晓蕾
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANGHAI LEIPANG ELECTRONIC TECHNOLOGY Co Ltd
Original Assignee
SHANGHAI LEIPANG ELECTRONIC TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANGHAI LEIPANG ELECTRONIC TECHNOLOGY Co Ltd filed Critical SHANGHAI LEIPANG ELECTRONIC TECHNOLOGY Co Ltd
Priority to CN201310537436.XA priority Critical patent/CN104618306A/en
Publication of CN104618306A publication Critical patent/CN104618306A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

A novel integrated mobile phone data transmission key signal encryption method of the invention adopts an ordinary mobile phone as an application terminal, combines a wireless network and business intelligence software with the globally advanced marketing idea to help enterprises to conduct efficient, convenient and intelligent paperless mobile marketing management, and has extremely high practical values in increasing income and reducing expenditure for enterprises. The method of the invention is mainly applied to consumer goods stimulating domestic demand and ten support industries (such as finance, petrochemical, automobile, and the like), and has a huge market demand. The product of the invention is enterprise management software, and has a very wide range of applications. The product not only can be widely used in domestic demand stimulating daily food, cosmetics, pharmaceuticals and other consumer goods industry markets which are our focus and gain national attention, but also plays a very positive role in and has considerable value of business management for enterprises in top ten support industries of China such as petrochemical, automobile, steel and logistics during the financial crisis last year and the post-recovery phase.

Description

Novel all-in-one data in mobile phone transmission security key signal is encrypted method
Novel all-in-one data in mobile phone transmission security key signal of the present invention is encrypted method and belongs to network safety filed.
It is only application terminal with regular handset that novel all-in-one data in mobile phone transmission security key signal is encrypted method, by wireless network, the advanced marketing ideas of BO combining global, help enterprise to carry out efficient, convenient, intelligent with no paper mobile marketing management, have high practical value of increasing income and decreasing expenditure for enterprise.Industry (as finance, petrochemical industry, automobile etc.) helped greatly by the consumer goods and ten that invention emphasis is applied to promote domestic demands, and the market demand is huge.Product of the present invention is business management software; the scope of application widely; not only can be widely used in I take charge of be absorbed in and be also the consumer goods industry market such as daily food, cosmetics, medicine of promote domestic demands that country payes attention to; and to financial crisis and rear revival phase last year, China ten helps greatly industries such as the industry and enterprises such as petrochemical industry, automobile, iron and steel, logistics also to play a part equally very actively to be worth with sizable business administration.
  
Novel all-in-one data in mobile phone transmission security key signal is encrypted method product help enterprise marketing personnel only need with regular handset (comprising non intelligent or smart mobile phone) for operating terminal, by wireless networks such as 2G/2.5G/2.75G/3G, mobile client relation management is carried out to enterprise or consumer, build the Trinitarian information mutual communication bridge of company-employee-consumer, incorporate leading mobile marketing management theory; Take charge of powerful backstage business intelligence (BI) analytic function in conjunction with me, assist enterprise management level carry out monitoring to point-of-sale terminal in real time and analyze; Selling group is efficiently managed, achieves the non-support cable of enterprise easily, for enterprise economizes on the use of funds and time cost, thus improve sale implementation capacity and customer satisfaction, finally make Business Economic Benefit significantly improve.
1. use native system the data such as goods entry, stock and sales on the same day, client of retail terminal or channel customer to be conveniently submitted in server database, and synchronous produce us by the customized Intellectual analysis form of client, promote the with no paper mobile office of enterprise greatly.
Dynamic device submit to comparatively efficiently, the point of type field operation atmosphere be applied to pull domestic in two of future
2. for the manager of enterprise, can easily for point-of-sale terminal or the enterprise staff of handling official business outside assign instruction or related news, check that the data such as goods entry, stock and sales and client carry out query analysis in time, make correct decision-making for management level and establish solid foundation.
  
The home rival of current similar product of the present invention is few, and understands from their technology, industry and typical case etc. is many-sided takes charge of the present invention with me and compare, and all occupies weak tendency.Chief competitor overview:
(1) product " MAS " of China Mobile, the products " commercial affairs are navigated " of China Telecom etc. take operator as the similar products of representative;
Above rival only carries out enterprise marketing management with note or WAP mode from technological means, have that note is delayed, delay, inconvenient operation, hommization not, function be difficult to technical problems such as running business into strong one, and cannot shooting be carried out, enterprise's acceptance is not high;
(2) both at home and abroad as large software enterprise similar products such as SAP, Oracle, UFSOFT.What above enterprise more paid close attention to is how existing business do better, the contact so mobile management software market is not also able to do in time, and generally there is the slow problem of new business decision-making in them, because external mobile phone terminal market is completely different from China's Mainland, (China's Mainland is the most complicated region of whole world mobile phone terminal in these external software enterprises, also be have the country started an undertaking with investment opportunity most), if software enterprise of U.S. mobile management is with Blackberry, iPhone is main, add to China's actual conditions do not understand and the industry just in the whole world, especially China rise thus by have huge market has openings give similar I take charge of enterprise of the present invention.And the mobile management software of the domestic software enterprises such as UFSOFT is also more by note or WAP, can meet above similar problem equally, enterprise's acceptance is not high too.
   
Innovation key point is that mobile phone transmits data by GPRS/EDGE/3G to server end, after server operation process, by WEB, feeds back to administrative staff.Fail safe in data transfer, many people use the concurrency of system jointly, and the high efficiency of the operation of system, and the flexible Application of mobile phone terminal RMS and photo automatic Compression etc. are all the key innovations in development process.
In sum, only replace computer with regular handset, replace Internet with GPRS/EDGE/3G, make usage space of the present invention extremely wide.This invention can realize all functional modules of user, networking speeds is fast, flow is little, management level and user are communicated with each other rationally by system.
basis is former
The present invention adopts mobile phone terminal direct-connected via GPRS/EDGE/3G by native system, or act on behalf of via mobile WAP, data-interface in access services device, the data-interface in server is resolved the data transmitted and is stored in database, feeds back relevant data to mobile phone terminal system simultaneously.Interaction process and so forth.
  
List of references is as follows:
" study course of J2ME development technique principle and structure " Lu Donglin, guest is bright, and state just writes
" J2ME develops complete works " James Keogh writes
" exploitation of J2ME Mobile solution " Hao Yulong, Li Xiangqian writes
《Think in Java》Bruce Eckel
main technical content
The present invention take J2ME as the system of development platform, synchronous exchanges data is carried out with server through GPRS/EDGE/3G the Internet, the key point of technology is that mobile phone transmits the fail safe of data to server end by GPRS/EDGE/3G, produce the efficiency of data sheet, the synchronism of data, many people use the concurrency of system jointly, and the operational efficiency of system is all the key point in development process.
novelty:
In the mode that leading mobile communication technology combines with advanced marketing management theory, convenient, carry out data interaction and information communication with enterprise management level, client rapidly, accurately, support that the GPRS/EDGE/3G(whole world all operators cell phone network is all supported) etc. wireless network;
Can go calling mobile phone camera function being effectively applied in work arbitrarily, namely originally needed enterprise staff to utilize computer to coordinate the data such as information in just can completely writing task process and photo with digital camera, and only needed now a common mobile phone just can realize real enterprise that is with no paper, mobile completely and handled official business.
The comprehensive office of Intranet and mobile communication network can be realized, comprise official document management, conference management, file administration etc.
  
1) carry out network (carry out transfer of data by http protocol or wap protocol, versatility is extremely wide) with CMNET or CMWAP;
2) in data transmission procedure, signal is encrypted;
The basis of RSA cryptographic algorithms is improved, coordinate two keys, the work such as data check are carried out between this at mobile phone and server, server end is not decrypted after receiving data, be decrypted when background application management system and display, so namely, ensure that data are transmitted with ciphertext in the process of transmission, in turn ensure that the correctness of Data Source, greatly improve the fail safe of data.
3) support that mobile phone model is more, the regular handset substantially at present on the market with camera and smart mobile phone are all supported, enterprise is without the need to changing mobile phone, and invention provides multiple mobile phone hardware solution.
4) flexible Application of mobile phone terminal RMS, with pick up speed and saving flow.
5) derived field of management level Customizable Reporting, makes Report form application more flexible.
  
Novel all-in-one data in mobile phone transmission security key signal is encrypted method and refers to an information (or title plaintext--plaintext) through encryption key pair (Encrypt ionkey) and encryption function conversion, become insignificant ciphertext (ciphertext), this ciphertext is then reduced into expressly through decryption function, deciphering key (Decryti on key) by recipient.Encryption technology is the foundation stone of network security technology.The method that in mobile phone mobile platform data transmission procedure, two key signals are encrypted requires only under the user specified or network, could password be removed and obtain original data, this just to need to data receiver and reciever with some special information for encryption and decryption, Here it is so-called key.The value of its key chooses from a large amount of random numbers.Private key and public-key cryptography two kinds is divided into by cryptographic algorithm.In mobile phone mobile platform data transmission procedure two key signals be encrypted method encryption time use same key, i.e. same algorithm.As the Kerberos algorithm of DES and MIT.Single key is most plain mode, and communicating pair must exchange key each other, when need to the other side's photos and sending messages time, be encrypted with the encryption key of oneself, and after recipient receives data, be decrypted with the key that the other side gives.This mode is becoming very complicated with during multi-party communication because of needing to preserve a lot of key, and the safety of key itself is exactly a problem.DES is a kind of cryptographic algorithm of packet, and data are divided into the data block that length is 64 by it, and wherein 8 are used as parity check, remaining 56 length as password.Original text is replaced by the first step, obtains the rambling data group of 64; Second step is divided into impartial two sections; 3rd step encryption function converts, and under given key parameter condition, carries out successive ignition and obtain encrypted cipher text.Public-key cryptography, also known as unsymmetrical key, uses different keys, namely different algorithms during encryption, have the encryption key that public, has many decruption key, as RSA Algorithm.In a computer network, encryption can be divided into " communication encryption " (data encryption namely in transmitting procedure) and " file encryption " (i.e. storage data encryption).Communication encryption has again node encrytion, link encryption and end--end encryption 3 kinds.1. node encrytion, from time coordinate, it carried out before information is passed into practical communication tie point (Physical communication link); From the coordinate (logical space) of OSI 7 layers of reference model, it carries out between ground floor, the second layer; From objective for implementation, be that the data transmitted between adjacent two nodes are encrypted, but it is only to message encryption, and not to packet encryption, so that the selection of transmission route.2. link encryption (Link Encryption), it carries out in data link layer, be to adjacent node between link on the data transmitted be encrypted, not only to data encryption also to packet encryption.3. hold--end encryption (End-to-End Encryption), it carries out at layer 6 or layer 7, be for transmit data between user and provide continuous print protection.Origination node implements encryption, transmits in intermediary node with ciphertext form, be just decrypted when finally arriving destination node, this leaks also very effective to preventing copy network software and software.In OSI Reference Model, except session layer can not implement encryption, other each layers can implement certain encryption measures.But normally encrypt on top, each application namely in application layer is modified by cipher coding, therefore can play secret effect to each application, thus protection investment on the application layer.If below certain one deck implements encryption, as on TCP layer, just can only play a protective role to this layer.Can it should be noted that and play the effect of encryption mechanism by efficiently and effectively, crucial problem be the management of key to comprise the existence of key, distribution, installation, keeping, use and calcellation overall process.(1) though the encryption mechanism of digital signature public-key cryptography provides good confidentiality, be difficult to differentiate sender, namely any people obtaining public-key cryptography can generate and send message.Data signature mechanism provides a kind of discrimination method, with the problem such as solve forgery, deny, pretend to be and distort.Digital signature generally adopts asymmetric cryptosystem technology (as RSA), by carrying out certain conversion to whole plaintext, obtains a value, as signature verification.Recipient uses the public-key cryptography of sender to be decrypted computing to signature, and if its result is expressly, then signature effectively, proves that the identity of the other side is real.Certainly, signature also can adopt various ways, such as, after being attached to by signature expressly.Digital signature is commonly used to bank, electronic trade etc.Digital signature is different from handwriting: digital signature changes with the change of text, and handwriting reflection someone personal characteristics is constant; Digital signature and text message are indivisible, and after handwriting is attached to text, are separated with text message.The user asked carries out authentication, confirms whether it is legal user; User legal in this way, then audit service that whether this user have the right to ask him or main frame conducts interviews.From cryptographic algorithm, its checking is based upon on the basis of symmetric cryptography.1. fail safe is high; the password of method to user that in mobile phone mobile platform data transmission procedure, two key signals are encrypted is encrypted the rear private key as user; thus the password avoiding user shows transmission on network, listener-in is made to be difficult on network, obtain corresponding password information; 2. transparent high, in use, only require input password when logging in, just the same with usual operation, the existence of Ker beros is transparent to user for validated user; 3. extensibility is good, and the method that in mobile phone mobile platform data transmission procedure, two key signals are encrypted provides certification for each service, guarantees the safety applied.The method server that in mobile phone mobile platform data transmission procedure, two key signals are encrypted and the secret that user shares are the passwords of user, and the authenticity of server not authentication of users when responding, supposes to only have validated user to have password.As assailant records application reply message, just easily form code book and attack.The method server that in mobile phone mobile platform data transmission procedure, two key signals are encrypted and the secret that user shares are the passwords of user, and the authenticity of server not authentication of users when responding, supposes to only have validated user to have password.As assailant records application reply message, with regard to easily being formed, 3. code book is attacked, AS and TGS is centralized management, easily forms bottleneck, performance and the performance and the safety that also depend critically upon safely AS and TGS of system.Access control should be had, to strengthen the safety of AS and TGS before AS and TGS.4., with number of users increase, key management is more complicated.Kerberos has the hashed value of the password of each user, and AS and TGS is responsible for the distribution of communication key between family.When N number of user thinks to communicate simultaneously; still need the method public-key cryptography employing RSA cryptographic algorithms that in N* (N-1)/2 key (3), PGP algorithm mobile phone mobile platform data transmission procedure, two key signals are encrypted, implement the management to key; Packet key have employed IDEA algorithm, implements the encryption to information.First feature of PGP application program is that its speed is fast, and efficiency is high; Another distinguishing feature is exactly that its portability is outstanding, and it can run on multiple operating platform.PGP mainly has the E-mail, digital signature etc. that encrypt file, transmission and reception are encrypted.(4), PEM algorithm all provides such as all messages: the security service functions such as checking, integrality, anti-repudiation; There is provided optional security service function, as confidentiality etc.PEM to the process of message through following process: the first step, make standardization processing: in order to make PEM and MTA (mail transport agent) compatible, by S MTP, standardization processing is carried out to message; Second step, MIC (Message Integrity Code) calculates; 3rd step, is converted into the message processed the form being suitable for SMTP system transfers.Identity validation technology identification (Identification) is that designated user shows the proof of identification process of oneself to system.Authentication (Authertication) is the process that system checks the proof of identification of user.People are often referred to as authentication (or identity verify) these two work, are two important steps distinguishing and confirm communicating pair true identity.The safe practice that Web adopts on the net realizes network security on the net at Web generally SHTTP/HTTP and SSL two kinds of modes.(1), SHTTP/HTTP SHTTP/HTTP can adopt various ways to encapsulate information.The content of encapsulation comprises encryption, signature and the certification based on MAC.And a message can be encapsulated encryption repeatedly.In addition, SHTTP also defines header packet information to carry out cipher key delivery, certification transmission and similar management function.SHTTP can support multiple cryptographic protocol, also for programmer provides ring of programming flexibly.SHTTP does not also rely on specific key proof system, and it supports RSA, band and out-of-band and Kerberos cipher key change at present.(2), SSL (Secure Socket Layer) SSL is a kind of industrial standard utilizing public key technique.SSL is widely used in Intranet and Internet net, and its product comprises the client-server of the support SSL provided by companies such as Netscape, Microsoft, IBM, Open Market, and the product such as such as Apa che-SSL.SSL provides three kinds of basic security services, and they all use public key technique.1. information private, by using public-key cryptography and symmetric key technique to reach information private.All business between SSL client computer and SSL server are used in the key set up in SSL handshake process and algorithm is encrypted.This prevents certain user by using the illegal wiretapping of IP packet sniffer instrument.Although packet sniffer still can capture the content of communication, cannot decode.2. information integrity, guarantees that SSL business all achieves the goal.If Internet becomes feasible e-business platform, should guarantee that the information content between server and client computer is from destruction.SSL utilizes secret to share and hash group of functions provides information completely sex service.3. certification mutually, is the process that client-server identifies mutually.Their identifier public-key cryptography is encoded, and exchanges respective identifier when SSL shakes hands.Prove that holder is its validated user (instead of the user that assumes another's name) to verify, SSL requires to prove that holder carries out digital mark when shaking hands to swap data.Proving that holder identifies to illustrate to all information datas comprising proof oneself is the lawful owner proved.This prevents other users to assume another's name to use proof.Proof itself does not provide certification, only has and proves just to work together with key.4. the Security Service of SSL is accomplished transparent as far as possible to terminal use.Generally, user only need click a button on desktop or connect and just can be connected with the main frame of SSL.Different from the HTTP connection application of standard, a default port supporting that the representative network main frame of SSL accepts SSL connection is 443 instead of 80.When client computer connects this port, first initialization handshake agreement, talks with the period to set up a SSL.Shake hands after terminating, will to communication encryption, and inspection message integrality, until this dialogue period terminates.Each SSL dialogue period only occurs once to shake hands.By contrast, the connection each time of HTTP all will perform once shakes hands, and causes communication efficiency to reduce.One time SSL shakes hands following for generation event: 1. X.509 client-server exchanges proves so that both sides confirm mutually.Whole proof chains can be exchanged in this process, also can select the proof only exchanging some bottoms.The checking proved comprises: the signature authority that inspection validity date and checking prove.2. client computer produces a group key randomly, and they calculate for information encryption and MAC.These keys first will be sent to server by the public key encryption of server again.Always have four keys and be respectively used to the communication to server of server to client machine and client computer.3. Information Encryption Algorithm (for encryption) and hash function (for guaranteeing information integrity) combine use.The SSL implementation of Netscape is: all algorithm inventories that client computer provides oneself to support, server selects it to think the most effective password.Server managers can use or forbid some specific password.
The Internet brings great convenience to people's life.But people at enjoyment network simultaneously easily, but often easily ignore the potential safety hazard that network is hidden.The development of information technology makes the double-edged sword effect of the Internet day by day manifest.Many lawless persons, illegal tissue or spy service also make full use of " dark place " of the hidden resource of network, the feeler of crime is stretched to other people, the individual privacy of other country, strategy are secret, wantonly steal or these information of illicit distributions, to reach specific object.
For enterprise; the financial expense situation of enterprise, project application and research and development document etc. are all very secret materials; some illegal competitors steal secret frequently by technological means; victim is made to suffer huge economic loss; thus; our network management personnel, while carrying out network protection and management, should note carrying out network security work.The many levels such as this paper maintains secrecy from transfer of data, Http application data is maintained secrecy introduce how to build efficient network security environment.
The confidentiality of transfer of data is an important content of network security, and in enterprise network information system, we can adopt SSH technology and software thereof to reach this object.
The English full name of SSH is Secure Shell.By using SSH, user can be encrypted the data of all transmission, and like this, " go-between " this attack pattern just can not achieve, and can prevent DNS and IP spoofing.The data of an extra benefit transmission are also had to be through compression, so the speed transmitted can be accelerated.SSH has a lot of function, and it both can replace Telnet, and can be again FTP, POP, even PPP provides " passage " of a safety.
SSH agreement is based upon the security protocol on application layer and transport layer basis, and it, primarily of following three part compositions, realizes the security mechanism of SSH jointly:
● transport layer protocol.This agreement provides the safety measures such as such as certification, trust and integrity check, can provide data compression function in addition.Under normal circumstances, these transport layer protocols are all based upon on connection-oriented tcp data stream.
● user authentication protocol layer.Be used for the authentication realized between server and client user, operate on transport layer protocol.
● connection protocol layer.Distribute multiple encrypted tunnel in some logical channels, it operates on user authentication layer protocol.
From client, SSH provides the safety verification of two kinds of ranks:
The first rank is the safety verification based on password.As long as user knows oneself account and password, just distance host can be signed in.The data of all transmission all can be encrypted, but can not ensure that the server that user is connecting is exactly the server that user wants to connect.Other server may be had to pretend to be real server, be namely subject to the attack of " go-between " this mode.
The second rank is the safety verification based on key.Need to rely on key, namely user is necessary for oneself and creates pair of secret keys, and Public key is placed on the server of needs access.If user is connected on SSH server, client software will send request to server, and request carries out safety verification with the key of user.After server receives request, under assigned catalogue, find the Public key of user, then the Public key that it and user send over is compared.If two key agreements, server just sends to client software with public-key encryption " inquiry " (challenge) it.Just again it can be sent to server with the private key deciphering of user after client software receives " inquiry ".
In this way, the password of oneself key must be known.But compared with the first rank, the second rank does not need to transmit password on network.The second rank is owing to encrypting the data of all transmission, so " go-between " this attack pattern is impossible (because he does not have the private key of user).
Use in the process of SSH user, should be noted that what SSH was made up of the software of client and service end, have two incompatible versions respectively: 1.x and 2.x.Can not be connected on the service routine of SSH 1.x by the CLIENT PROGRAM of SSH 2.x.Current, SSH technology Windows and Linux platform exchange visits and exchanges data time application very general.Ordinary circumstance is the SSH server by using under Linux, then uses the client software under the Windows such as Putty, Secure Shell Client to visit.
Along with the development of network and computer technology, data store and have become more and more important with the fail safe of exchanges data, integrality and consistency.In the network information security, the encryption technology of core is also applied to data storage and exchange.Meanwhile, in order to ensure correctness and the non repudiation of both sides' identity during network data exchange, visa system also reaches its maturity.How to ensure that on unsafe network, transmit data is safely difficult problems, and just greatly can ensure that the network user is transmitted and the fail safe of usage data based on the encryption of PGP (Pretty Good Privacy) mechanism and signature mechanism.
PGP is the email encryption software based on RSA public key encryption system.It not only can be read to prevent unauthorized person the data confidentiality of user, digital signature can also be added to mail thus receiver is be sure of mail is that desired people sends, let us can communicate with the people having never seen face safely, and is used for transmitting key without any need for the channel of maintaining secrecy in advance.
PGP have employed scrupulous key management---the Hybrid method of a kind of RSA and conventional cryptography, comprises mail digest algorithm, the front compression of encryption etc. for digital signature.It is powerful, and speed is very fast.The founder PhilZimmermann of PGP creatively combines the high speed of the convenience of RSA Public Key Infrastructure and conventional cryptography system, and have in digital signature and key authentication administrative mechanism and design very cleverly, thus make PGP become almost most popular public key encryption software kit.Wherein, RSA (Rivest-Shamir-Adleman) algorithm is a kind of Public Key Infrastructure based on " the impossible prime factor of large number decomposes hypothesis ".Be exactly briefly look for two very large prime numbers, one open to the world, do not tell anyone for one.Be called " PKI " and " private key ".These two keys are complementary, can decipher in other words, vice versa by the ciphertext of public key encryption with private key.
Because PGP employs IDEA proprietary algorithms, so use PGP to have the trouble of licence.People have found out some alternatives, and such as under Linux environment, people use GnuPG, and because GnuPG does not use IDEA proprietary algorithms, so use GnuPG without any restriction concerning user, and functionally it and PGP are the same.GnuPG uses rivest, shamir, adelman, and safe coefficient is higher.So-called rivest, shamir, adelman is exactly that each user has pair of secret keys: PKI and private key.Wherein, key is preserved by user, and PKI is then distributed to other people as much as possible by user, so that user communicates with other people.
Use GnuPG in fact very simple, provide a lot of order in linux system to carry out this software of assisted user and carry out encryption and decryption and digital signature, comprised and generate public/private keys to importing, the encryption and decryption of the derivation of, PKI, PKI, carry out signing etc. order to file.
In the process using PGP, should be noted that following Railway Project:
1. need the valid expiration date that should be used for determining to generate the algorithm of key, the length of key and key according to reality.
2. need user to be ensured the randomness of the double secret key generated by mutual rolling mouse, keyboard, otherwise, very likely by hack.
3. the safety of PKI is the core of PGP safety, and ripe encryption system must have a ripe key management mechanism supporting.The proposition of public key system is exactly that encryption key distribution in order to solve conventional cryptography system is difficult to ensure close shortcoming.Such as, but still there is safety issue in the issue of PKI, PKI is tampered, this may be leak maximum in public key cryptography system, because most of new hand can not find this point very soon.User must be sure of that PKI that you take belongs to it and looks that people belonged to.
4. maintaining secrecy of private key is also conclusive.Relatively public spoon, there is not the problem be tampered in private key, but there is the problem revealed.The way of PGP allows user be that the RSA private key of stochastic generation specifies a password.Only providing password and private key could be discharged use, itself is the same by the method privacy degrees and PGP of password encryption private key, so in fact first the safety issue of private key is maintaining secrecy to user password.Certain private key file itself is given away secrets also danger close, because just feel out your password by the method for exhaustion required for code breaker, have lost one deck fail safe after all though very difficult.Need most it is noted that will as any privacy your private key of preservation, do not allow anyone have an opportunity to touch it.
5. in the use procedure of reality, PGP software flexible can be applied to network data transmission by user, comprises each applications such as Email transmission, ftp file transmission.
Web communication is normally propagated on network with unencrypted form, and this is just likely arrived by illegal wiretapping, in particular for the password information of certification.In order to avoid these security breaches, just must be encrypted transmitting procedure.Transmitting to HTTP the agreement be encrypted is HTTP, it is the agreement of being carried out HTTP transmission by SSL, not only can be encrypted by the algorithm of Public key the fail safe ensureing transmission, but also can access authentication certificate CA be passed through, ensure that the server that client connects is not counterfeiting.SSL is a kind of encryption and authentication communication protocol of international standard, and this agreement all supported by general browser.
SSL (Secure Sockets Layer) is found out by Netscape company of the U.S. at first, becomes the standard of secure internet communication and transaction afterwards.Ssl protocol uses customer's certificate and the CA root certificate of communicating pair, allows client/server application can not to be communicated by the mode of eavesdropping with a kind of, establishes a safety, communication port trusty between communicating pair.It possesses following essential characteristic: information privacy, information integrity, mutually identify.This agreement mainly uses Hash coding, encryption technology, is no longer introduced these technology here.
In SSL traffic, first adopt asymmetric encryption exchange message, make server obtain the key of the symmetric cryptography that browser end provides, then utilize this key to carry out the encryption and decryption of information in communication process.In order to ensure that message is not tampered in transmittance process, the integrality that Hash coding guarantees information can be encrypted.
Server digital certificate is mainly presented to Web site or other need the server of authentication, to prove the identity information of server, equally also can issue client digital certificate for proving the identity of client.
Use the mode of Public key can ensure that transfer of data is no problem, if but the website of browser clients access is counterfeiting, and this is also a serious safety problem.This problem does not belong to encryption itself, but will ensure the correctness of key itself.Ensure that other obtained website Public keys are its correct key, but not the key of personation website, just must pass through an authentication mechanism, certification can be carried out to the key of website.Certainly, even without through certification, still can the safety of guarantee information transmission, just client can not be sure of that the server of accessing is not counterfeiting.If not the service in order to provide the aspects such as ecommerce very high to security requirement, generally do not need so strict consideration.
Here uses SSL to carry out the process communicated:
1. client initiates dialogue, consults to transmit cryptographic algorithm.Such as: symmetric encipherment algorithm has DES, RC5, Diffie-Hellman has RSA and DH, and digest algorithm has MD5 and SHA.
2. server sends server digital certificate to client.Such as: use DES-RSA-MD5 this to being combined into Serial Communication.Client can the identity of authentication server, determines the need of foundation communication.
3. user end to server transmits the key of this dialogue, reexamine the whether correct certificate issued by CA mechanism of digital certificate of server, after demonstrating the real effectiveness of server certificate, client generates and utilizes the key of this dialogue of the public key encryption of server to send to server.
4. server obtains the key of this communication with the private key deciphering of oneself.
5. the communication of both sides formally starts.
In the ordinary course of things, when client is the transmitter of security information, he does not need the authenticity of digital certificate authentication oneself identity, internet bank trade as normally used in us is movable, client needs the secret information of oneself (as account and password) to send to bank, therefore the server of bank needs to install digital certificate to show the validity of oneself identity, otherwise will make information leakage.Certainly, the B2B application very high to some security requirement, server end also needs to verify the identity of client, and when at this moment client also needs to install digital certificate to ensure to communicate, server can pick out the identity of client, and proof procedure is similar to the proof procedure of server identity.And under normal conditions, browser all can complete above-mentioned communication process by mutual mode.
user password is maintained secrecy
At present, Password Cracker adopts dictionary attack and brute force attack means mostly, if user cipher setting is improper, is very easily subject to the threat of dictionary attack.A lot of user likes the information such as the English name with oneself, birthday or account to carry out setting code, and like this, hacker can carry out decryption by the means of dictionary attack or social engineering.So suggestion user is in the process of setting code, the combining characters occurred in non-dictionary should be used as far as possible, and adopt the password set-up mode that numeral combines with character, capital and small letter combines, increase password by the difficulty of hack.And the mode also can use periodic modification password, making password regularly cancel, protects the login password of oneself.The reference principle specifically listing several setting security passwords is as follows:
● password length is at least 8 characters: the longer the better for password.If use MD5 password, it should have 15 characters at least.If use DES password, extreme length (8 characters) should be used.
● mixed upper and lower case letter, mixed letter and number, comprise the character (as &, $ and >) etc. beyond letter and number.
● select your password that can remember.
Secondly, some principles are also had to need to keep firmly in mind:
● only do not use word or numeral, do not use ready-made vocabulary, do not use the vocabulary in foreign language, also do not use hacker's term and personal information.
● do not reverse existing vocabulary: outstanding password code breaker always reverses common words, and the weak password that therefore reverses can't make it safer.
● do not put down your password, on all machines, all do not use same password yet.
In addition, we can also pass through some tool software, crack out expressly for attempting when known ciphertext, thus the safe coefficient of checking current password, a software as John the Ripper is exactly.
the correlation principle that linked network is maintained secrecy
Network management personnel, in daily work, especially should note the approach of divulging a secret of following several respects:
1. electromagenetic wave radiation is divulged a secret: computer network exists electromagenetic wave radiation when carrying out work, as long as there is special receiving system, just can receives radiation information thus cause and divulge a secret.Its radiation mainly contains four processes: connection line radiation, radiation monitor, main frame radiation, output equipment radiation.There is data to show, about 100 meters in open ground, just can receive radiation signal with audiomonitor.
2. secrets disclosed by net: the foundation of LAN (Local Area Network) and three grades of nets thereof, secondary net, one-level net progressively build up operation, it is the direction of current network application development, the computer that the application of these networks makes to be distributed in diverse location not commensurate is provided with the channel that information is transmitted, expand computer application scope, substantially increase operating efficiency and reduce administration cost, the file, the data that each user terminal can be utilized store in each computer.But while information sharing, there is a lot of leaks between main frame and user, between user and user, some unwarranted disabled users or molecule of stealing secret information to be soundd out or other ways enter network system and steal secret information by acting as fraudulent substitute for a person, for a long time.In addition, after networking, line channel branch is more, and the region of mail message is also comparatively wide, and the condition intercepting institute's carry information is just more convenient, the person of stealing secret information on any branched line of network or some nodes, terminal intercept, just can obtain the mail message of whole network.
3. operating personnel divulge a secret: divulging a secret of computer operator is the severely afflicated area of divulging a secret at present, and operating personnel likely cause from the following aspects and divulge a secret.(1) because ignorant is divulged a secret: as do not known, storage medium has the information can extracting reduction, is exchanged away by the storage medium once storing secret information, causes and divulge a secret; (2) confidential notions are strong, violate rules and regulations and divulge a secret: as computer break down after repair not according to established procedure, or process secret information on the computer that can not process secret information; The even cross-reference computer etc. had; (3) deliberately divulge a secret, this divulging a secret in order to other objects of individual interest or individual that be only a few people.This belongs to the behavior that be subject to discipline or law and investigate.
4. USB divulges a secret: the mobile memory with important informations such as confidential information, source code file, design drawings is connected on the computer of connection the Internet by staff, may just be stolen by spyware unconsciously.There is now the trojan horse that a kind of disguise is extremely strong, not only infect computer, also infect memory disc.The flash disk of user, once use on the computer infecting this program, will infect this virus.If this flash disk is used further to your office computer, will automatically in confidence the information reproduction on your computer on flash disk.When next time, this dish was inserted the computer of online by again, automatically will send the information on dish to the Web specify place.Whole process is secret, automatically completes, and user is difficult to discover.
According to these approach of mainly divulging a secret, network management personnel can reach common understanding with senior enterprise leader, take corresponding means to carry out network security work, for example physical network isolation or GAP is adopted to isolate security network and the Internet, operating personnel are giveed training and explains and publicises and emphasize secrecy technology, analyze and formulate relevant regulations to using the safety problem of USB and retrain etc.The method that in mobile phone mobile platform data transmission procedure, two key signals are encrypted is for the more sales type enterprise of point-of-sale terminal, and main using function is embodied in following two aspects:
1, the type of cell phone of native system support widely, and the mobile phone of all support Java rowization MIDP1.0 can use this software to carry out data submission.
2, reliability, durability, security test complete.
This Product Safety is comparatively strong, and transfer of data is all through GPRS/EDGE/3G transmission, and carry out data encryption in transmitting procedure, data are not easily revealed, and account can distribute authority by administrative staff, and user can not bypass the immediate leadership inquiry or more new data.
3, the stability of quality, rate of finished products complete.
When mobile phone signal is unimpeded, through reality test, the successful success rate of the disposable submission of data is more than 99%, and there is not the situation using this software that mobile phone is crashed, and stability is very high.
4, system users test completes.
Product of the present invention has signed on probation and purchase intention agreement with 3 famous consumer goods enterprises (comprising the esbablished corporations such as Tsingtao beer) in the whole world, after on probation, client's repercussion is strong, and wherein one will extend to Hong Kong even other areas, Asia-Pacific (trial state sees appendix) after product improves.
5, system maturation degree
The system of J2ME version is repeatedly tested through us and customer, runs very normal.Native system secondary development is high, can be the quick customized system being applicable to himself of enterprise for enterprise demand.For the system of Android version, we also in the middle of research and development, are not also applied in enterprise and go at present, and this is we next step main target, also needs the support energetically of friends from all walks of life.
industry market Analysis on Prospect:
a.the industry of the present invention is wireless telecommunications industry (i.e. mobile Internet industry), the whole world one of four large accounting firms " moral is diligent " just predict that as far back as 2005 the sector becomes global have prospect and the highest industry of rate of return on investment most by exceeding biological medicine industry at coming 10 years, and mobile management Software Industry residing for the present invention will become most potential branch industry in wireless telecommunications industry;
b.china has the cellphone subscriber basis of global No.1, has mobile operator maximum in the world, the present invention the hand that is suitable for
Machine user market is huge;
c.3G network sets up on a large scale, and the intellectuality of mobile terminal becomes by the network that transfer of data of the present invention uses
For main flow.
large enterprise client:
Large and medium-sized enterprise client mostly has about 1000 sales forces to spread all over the country, live through such as the how minimum cost of the enterprise management level after economic crisis and control terminal market and customer information, how to reduce operation cost and (reduce stock, reduce employee and link up cost, be reduced to the huge IT hardware investment that sales force is equipped with), how anywhere (2, 3 line city IT infrastructure imperfections cause carrying out access to netwoks) when still can see sales force dynamically and assign instruction rapidly, how to allow accurate enterprise market analysis diagram at any time with before mode is presented in management layer the most easily? these have become the problem of the most headache that nearly all large and medium-sized enterprise will face future ... and numerous domestic large enterprise at present or originally carried out the management of customer relationship by the notes of note or costliness, safeguard, be badly in need of the business administration function that just can be realized computer by regular handset.
medium-sized and small enterprises client:
The danger such as bankruptcy or business atrophy are all faced with by the numerous medium-sized and small enterprises client of economic impact, how to consolidate frequent customer, for frequent customer provides rapidly good follow-up service, how really to accomplish to increase income and decrease expenditure while carrying out selling, how but to realize mobile sale management in company without any IT system basis not being dropped into any hardware and software cost in the same old way? how to control and help the more effective managing customer of sales force? everything has become China's more than 4,000 ten thousand medium-sized and small enterprises and has all faced and urgent problem ... because bankroll problem cannot implement the invention of CRM management software, therefore they more use phone to go to carry out customer account management at present, waste a large amount of communications, manpower and time cost, finally also really do not maintain customer resources.
And along with the develop rapidly of wireless technology, in the whole nation, hundreds of cities realize the whole network and cover operator wireless network.Especially open-minded along with China's Mainland 3G, online supported all by nearly all mobile phone, especially China mobile number far exceedes online (PC) number, number of mobile phone users world No.1, adds mobile phone price, the rapid lifting of day by day cheap and surfing Internet with cell phone speed of wireless Internet access expense has made to carry out our mobile management software application of the present invention similar for enterprise and implemented (B2B) and carry out mobile marketing application (B2C) for consumer to become trend gradually.
According to iResearch prediction, next three years mobile Internet CAGR(compound annual growth rate) will more than 40%.
invention product overseas market capacity
Claim according to market research agency's up-to-date research report delivered of Frost & Sullivan, a large amount of enterprises will invest Mobile solution software, before wherein mobile sale management software comes.This research company of family predicts, within 2007, European mobile sale management software market is 2.555 hundred million Euros (3.922 hundred million dollars), expects 2013 and will rise to 8.695 hundred million Euros (13.34 hundred million dollars).
Analyst claims, and mobile sale management software is the second largest market being only second to push mail (PUSH MAIL) in mobile enterprise application program market.Trend shows that market is preparing to apply these solutions.Comprise the improvement of the equipment performance such as internal memory and disposal ability, SOA(Enterprise SOA) etc. the support of industry standard fau structure user, the application of the architecture standard such as J2EE and .Net will promote the growth in this market.
And the nearest investigation display of Compass Intelligence LLC, by 2011, US enterprise will spend 9,000,000,000 dollars on Mobile solution, comprising mobile CRM.
The domestic and international enterprise that the present invention not only can be China's Mainland provides mobile management service, along with product of the present invention more perfect with maturation after after the countries such as Hong Kong, Asia-Pacific, Austria implement, will more will have an opportunity as the areas such as Asia-Pacific, Europe, the U.S. provide respective service.
  
The target market general layout of product of the present invention is divided into following 3 large industries:
(1). fast consumables industry: (industry such as daily cosmetics, food, medicine);
(2). durable consumer goods industry: (house property, building materials, automobile, the consumer electronics industry);
(3). energy industry: (tradition such as oil, chemical industry, iron and steel or new forms of energy industry).
And the ten large industries that after 3 large industries are just belonging to economic crisis above, national government is given special assistance to and the most important industry " consumer goods industry " pulling domestic domestic demand that stimulates economic growth.Along with increasing rapidly of above industrial economy, certainly will have to the profit of product of the present invention, profit margin the effect significantly improved.
  
1) product advantage:
Product is leading domesticly to segment market, and reaches advanced world standards, close to the leading level in the world;
Product interactivity is good, hommization is had outstanding performance;
Product be simple and easy to, efficient and convenient;
The mobile phone of product support widely (supports each different mobile phone operating system);
Incorporate the comprehensive mobile phone mobile management turn-key solution service platform that hardware (mobile phone), software, consulting and service form domestic unique innovation;
2) business excellence:
Company technique research and development all come from 500 tops of the world IT and global famous consumer goods enterprise with counseling services team, have abundant the Internet and development of Mobile Internet technology is researched and developed and experience is seeked advice from consumer goods trade management;
Corporate team's vigor, passion, diligent, innovation, with " services client " for team's first object;
Company has contracted and has obtained the enforcement on probation of many whole world famous consumer goods enterprises, has accumulated certain industry experience and customer success story;
The partner resource that the mobile industrial chains such as built Li Shuojia IT software vendor of company, operator, communication manufacturer, consulting firm are important;
The hommization of Products and profit model are innovated.
the market advantage (Market and Technology barrier advantage):
Product of the present invention has obtained the famous enterprise accreditation of 4 the sector bellwethers at fast-moving consumer goods and the large industry of top luxury consumer goods two, higher Market and Technology barrier has been built to the rival of this two large industry, and cooperating with PetroChina Company Limited., China Petrochemical Industry, Shanghai Volkswagen, the negotiation of Baosteel equal energy source class enterprise at present, in following 3 ~ 5 years, more than the present invention 3 industries will take charge of main direction as me.
  
invention product technology Performance comparision advantage:
1. the main competitor of invention product
(1) mobile OA (MAS) invention of China Mobile
The major function of mobile OA:
Document treatment
Bulletin is issued
Group address book
Information inquiry
Schedule management
Mail reminder
Advantage: brand is large, supports that mobile phone terminal is many; Inferior position: data interaction can not reach 100%, data speed is slow, and the time prolongs
Late, there is no friendly user application interface, operate inadequate hommization.
  
(2) SAP/R3 wireless data acquisition terminal software (PDA/Windows Mobile)
The system module comprising supply chain, material and asset tracking management function in SAP system has storehouse management (WM), stock control (IM), sale and dispensing (SD), factory repair (PM) and automatically identifies foundation structure (AII).Wireless mobile calculates solution, supports bar code and RFID automatic data acquisition, can with SAP system Seamless integration-, support and expand the operation flow of SAP system, helping the user of SAP to improve the efficiency of management further, increase income, reduce costs, improve customer service, strengthen enterprise competitiveness.Integrated solution adopts the SAP technology such as SAPConsole, WebSAPConsole or Web Dynpro, or through third party's middleware Technology of SAP certification.
Advantage: brand influence is large, inferior position: support that enterprise customer's mobile phone terminal is few, do not support regular handset, only support smart mobile phone, the customized underaction of functional module.
  
(3) Kingdee WAP management software
Can understand whenever and wherever possible and inquire about financial position of the enterprise, receive the warning that indices sends, make decisions in the very first time; Business personnel also can whenever and wherever possible quick search stock, submit the operation such as examination & approval to, the real-time monitoring and management of efficient hardening to enterprise, substantially increases the operating efficiency of enterprise, saving operation cost of enterprises.
Advantage: brand is large, is absorbed in financial management and applied software market, inferior position: speed is slow, operates inadequate hommization etc.
  
Product technology safety of the present invention, hommization, innovation, versatility are extremely wide:
high safety(the signal encryption algorithm that independent research is leading in the world thus guarantee the high safety of client data transfers, my department is in order to ensure customer data simultaneously the safety of 100%, removing huge fund is that client purchases enterprise-specific rack and is hosted in the Ministry of Information industry four large template processing machine rooms, the whole nation and the best 6 large carrier class machine rooms in Shanghai;
speed is fast, flow is little(automatic Compression data make flow minimize, significantly cost saving);
hommization is given prominence to, and interactivity is good, convenient(design team is from apple, Baidu and ZTE Corporation);
support mobile phone is extensive(supporting the mobile phone of nearly all operating system platforms such as J2ME, WM, Symbian, Blackberry, iPhone, Android, guaranteeing that client is without the need to dropping into any hardware);
fully integrated(incorporating the service platform that hardware " mobile phone ", software, consulting and service form the mobile marketing management comprehensive solution of domestic unique innovation).
This product is the good product of increasing income and decreasing expenditure, and market sale is without Industry Regulation, and Products comes into the market medium.
  
exploitation the intent of the present inventionallow client's real-time collecting terminal market data and customer information in order to realize in most economical mode, enterprise can monitor oneself end message in real time, strengthen the decision edge of enterprise management level, and improve sale or market team implementation capacity and realize efficient customer relation management, improve enterprise profit rate.
application target of the present invention:
The target market general layout of product of the present invention is divided into following 3 large industries:
(1). fast consumables industry: (industry such as daily cosmetics, food, medicine);
(2). durable consumer goods industry: (house property, building materials, automobile, the consumer electronics industry);
(3). energy industry: (tradition such as oil, chemical industry, iron and steel or new forms of energy industry).
And the ten large industries that after 3 large industries are just belonging to economic crisis above, national government is given special assistance to and the most important industry " consumer goods industry " pulling domestic domestic demand that stimulates economic growth.Along with increasing rapidly of above industrial economy, certainly will have to the profit of product of the present invention, profit margin the effect significantly improved.
(1) engineering present situation of the present invention and designing requirement:
I takes charge of current system is J2ME exploitation, is applicable to the mobile phone supporting MIDP 1.0 or 2.0.
The major function of current invention comprises:
Mobile phone terminal:
Assigning of l message;
Shop plan is patrolled in l setting;
L performs and patrols shop plan (submission of data and photograph);
L is outside the plan to take pictures;
L message feedback;
WEB terminal:
L basic setup (shops, the setting of the essential informations such as personnel);
Shop of the patrolling plan of l examination & verification or setting sales force;
L checks the sale daily sheet data of sales force;
L statistical history data, regularly generating report forms;
In 1 to two years of future, I will to need on the basis constantly improving existing capability successful implantation in following two platforms, Pda and Android; Integrate the 3rd year of future our compatibility that will complete iPhone.
Need in invention drop into module be:
Mobile phone terminal:
Full Canvas interface in n J2ME module
In the system of current J2ME, what also have some interfaces is control, and do not have real drawing with Canvas, in order to hommization more, we will carry out perfect to this part.
N J2ME module customized fast
In order to can the demand of client be completed fast, will improve in existing module basis, such as: can self-defining data storehouse field, the content etc. of self-defined information, to reach the object of fast Development.
The UI design and fabrication that n PDA invents
PDA is due to generally large compared with the screen in Java mobile phone on screen, so the design of UI can redesign to reach the most attractive in appearance and most hommization;
The coding work of each module of n PDA
Coding change or rewriting are carried out to each module of J2ME, enables stable operating on the platform of PDA.
The UI design and fabrication that n Android invents
Android is due to generally large compared with the screen in Java mobile phone on screen, so the design of UI can redesign to reach the most attractive in appearance and most hommization;
The coding work of each module of n Android
Coding change or rewriting are carried out to each module of J2ME, enables stable operating on the platform of Android.
The UI design and fabrication that n iPhone invents
Redesign UI to reach the most attractive in appearance and most hommization;
The coding work of each module of n iPhone
Coding change or rewriting are carried out to each module of J2ME, enables stable operating on the platform of iPhone.
WEB terminal:
The hommization more of the n WEB terminal page;
Making one to five is overlapped template by us, is gone to select personal like by client oneself;
The improved efficiency of n module;
By carrying out generation adjustment to all modules relating to form, the highest to reach operation efficiency
(3) system device parameter, parameter declaration:
(4) system design scheme illustrates:
Mobile phone terminal development technique main points:
Development language is: J2ME;
Mobile phone passes through GPRS transmission data to server.The development language used is J2ME, and Kjava software all supported by the mobile phone of current more than 80%, and its versatility is stronger.
Background end WEB development technique main points:
Development language is: PHP, HTML, JavaScript, XML;
Database is: MySQL
By Internet and server communication, obtain sales force and submit the related data of coming up to.The development language of background end is PHP.With regard to current be the development environment of comparative maturity, the features such as have fail safe high, operational efficiency is high, and secondary development is stronger.
Software general nature:
A. the logical wireless shop management software that patrols of G news employs Kjava platform, and is alternative scheme with WAP, and sales force transmits data through GPRS to server end by mobile phone, after server operation process, feeds back to administrative staff by WEB;
As long as B. mobile phone has signal, user just can upload sales data and picture concerned (mobile phone needs camera function) whenever and wherever possible;
C. sales data can be led to and is temporarily stored in above mobile phone, disposable submission after completing input service.
D. the working condition of firm sale personnel can be carried out according to the uplink time of data or photograph;
E. the sales data of mobile phone collection, does not need artificial treatment, can generate relevant form in real time;
F. by background program, administrative staff can assign to sales force easily and patrol shop instruction or relevant determining
Plan and notice etc.
(5) framework flow process underdraws as follows:
Mobile phone terminal system carries out data interaction by GPRS networking with server, carries out Data Update in real time;
The key point of technology is that mobile phone transmits data by GPRS to server end, after server operation process, by WEB, feeds back to administrative staff.Fail safe in data transfer, many people use the concurrency of system jointly, and the operational efficiency of system, the application of mobile phone terminal RMS, are all the key points in development process.
  
In addition; for webmaster; protection system also has safely a most simple effective method, and that is exactly download up-to-date security patch (discovery of these patches is very likely the contribution of hacker, is perhaps that they have found system vulnerability place) to system distribution business there.Finally, it is emphasized that good awareness of safety will be set up, from the simplest security setting, Appropriate application security tool.
  

Claims (10)

1. novel all-in-one data in mobile phone transmission security key signal of the present invention is encrypted method take regular handset as application terminal; by wireless network, the advanced marketing ideas of BO combining global; help enterprise to carry out efficient, convenient, intelligent with no paper mobile marketing management, have high practical value of increasing income and decreasing expenditure for enterprise;
J2ME is the system of development platform; synchronous exchanges data is carried out with server through GPRS/EDGE/3G the Internet; the key point of technology is that mobile phone transmits the fail safe of data to server end by GPRS/EDGE/3G; produce the efficiency of data sheet; the synchronism of data; many people use the concurrency of system jointly, and the operational efficiency of system is all the key point in development process;
Can go calling mobile phone camera function being effectively applied in work arbitrarily; namely originally needed enterprise staff to utilize computer to coordinate the data such as information in just can completely writing task process and photo with digital camera, and only needed now a common mobile phone just can realize real enterprise that is with no paper, mobile completely and handled official business;
Novel all-in-one data in mobile phone transmission security key signal is encrypted the consumer goods and ten that method is applied to promote domestic demands and helps greatly industry (as finance, petrochemical industry, automobile etc.), and the market demand is huge;
Novel all-in-one data in mobile phone transmission security key signal is encrypted method help enterprise marketing personnel only need with regular handset (comprising non intelligent or smart mobile phone) for operating terminal, by wireless networks such as 2G/2.5G/2.75G/3G, mobile client relation management is carried out to enterprise or consumer, build the Trinitarian information mutual communication bridge of company-employee-consumer, incorporate leading mobile marketing management theory; Take charge of powerful backstage business intelligence (BI) analytic function in conjunction with me, assist enterprise management level carry out monitoring to point-of-sale terminal in real time and analyze; Selling group is efficiently managed, achieves the non-support cable of enterprise easily, for enterprise economizes on the use of funds and time cost, thus improve sale implementation capacity and customer satisfaction, finally make Business Economic Benefit significantly improve.
2. novel all-in-one data in mobile phone transmission security key signal is encrypted method is safety verification based on key;
Need to rely on key, namely user is necessary for oneself and creates pair of secret keys, and Public key is placed on the server of needs access;
If user is connected on SSH server, client software will send request to server, and request carries out safety verification with the key of user.
3. after server receives request, under assigned catalogue, find the Public key of user, then the Public key that it and user send over is compared;
If two key agreements, server just sends to client software with public-key encryption " inquiry " (challenge) it;
Just again it can be sent to server with the private key deciphering of user after client software receives " inquiry ".
4. the password of oneself key in this way, must be known;
But compared with the first rank, the second rank does not need to transmit password on network.
5. novel all-in-one data in mobile phone transmission security key signal is encrypted method the second rank owing to encrypting the data of all transmission, so " go-between " this attack pattern is impossible (because he does not have the private key of user);
Use in the process of SSH user, should be noted that what SSH was made up of the software of client and service end, have two incompatible versions respectively: 1.x and 2.x;
Can not be connected on the service routine of SSH 1.x by the CLIENT PROGRAM of SSH 2.x.
6. novel all-in-one data in mobile phone transmission security key signal be encrypted method SSH technology Windows and Linux platform exchange visits and exchanges data time application very general.
7. ordinary circumstance is the SSH server by using under Linux, then uses the client software under the Windows such as Putty, Secure Shell Client to visit.
8. password length is at least 8 characters: the longer the better for password.
9., if use MD5 password, it should have 15 characters at least;
If use DES password, extreme length (8 characters) should be used;
Mixed upper and lower case letter, mixed letter and number, comprise the character (as &, $ and >) etc. beyond letter and number.
10. the comprehensive office of Intranet and mobile communication network be can realize, official document management, conference management, file administration etc. comprised;
In data transmission procedure, signal is encrypted, coordinates two keys, carry out the work such as data check at mobile phone and server between this;
Support mobile phone model is more, and the regular handset substantially at present on the market with camera and smart mobile phone are all supported;
The flexible Application of mobile phone terminal RMS, to accelerate 2 times of speeds of service and to save 30% flow.
CN201310537436.XA 2013-11-04 2013-11-04 Novel integrated mobile phone data transmission key signal encryption method Pending CN104618306A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310537436.XA CN104618306A (en) 2013-11-04 2013-11-04 Novel integrated mobile phone data transmission key signal encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310537436.XA CN104618306A (en) 2013-11-04 2013-11-04 Novel integrated mobile phone data transmission key signal encryption method

Publications (1)

Publication Number Publication Date
CN104618306A true CN104618306A (en) 2015-05-13

Family

ID=53152588

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310537436.XA Pending CN104618306A (en) 2013-11-04 2013-11-04 Novel integrated mobile phone data transmission key signal encryption method

Country Status (1)

Country Link
CN (1) CN104618306A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106534275A (en) * 2016-10-25 2017-03-22 公安部第三研究所 Universal safe and reliable data switching method
CN107437191A (en) * 2016-05-26 2017-12-05 湖南移商动力网络技术有限公司 The Network Distribution system of a developing the whole network Sales Channel
CN108768998A (en) * 2018-05-24 2018-11-06 王逸人 A kind of intelligent wireless communication system based on SSL encryption
CN113434851A (en) * 2021-06-28 2021-09-24 国网山东省电力公司电力科学研究院 Key management method and system based on data acquisition

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107437191A (en) * 2016-05-26 2017-12-05 湖南移商动力网络技术有限公司 The Network Distribution system of a developing the whole network Sales Channel
CN106534275A (en) * 2016-10-25 2017-03-22 公安部第三研究所 Universal safe and reliable data switching method
CN106534275B (en) * 2016-10-25 2019-12-06 公安部第三研究所 Universal safe and reliable data exchange method
CN108768998A (en) * 2018-05-24 2018-11-06 王逸人 A kind of intelligent wireless communication system based on SSL encryption
CN113434851A (en) * 2021-06-28 2021-09-24 国网山东省电力公司电力科学研究院 Key management method and system based on data acquisition

Similar Documents

Publication Publication Date Title
CN109768988B (en) Decentralized Internet of things security authentication system, equipment registration and identity authentication method
Alketbi et al. Blockchain for government services—Use cases, security benefits and challenges
CN109858262A (en) Workflow examination and approval method, apparatus, system and storage medium based on block catenary system
US20060072745A1 (en) Encryption system using device authentication keys
CN106027501B (en) A kind of system and method for being traded safety certification in a mobile device
CN109687965A (en) The real name identification method of subscriber identity information in a kind of protection network
CN101808077B (en) Information security input processing system and method and smart card
CN101304569A (en) Mobile authentication system based on intelligent mobile phone
Glaessner et al. Electronic Security: Risk Mitigation in Financial Transactions: Public Policy Issues
CN104125230A (en) Short message authentication service system and authentication method
CN104618306A (en) Novel integrated mobile phone data transmission key signal encryption method
CN114363013B (en) Supervision-friendly blockchain content privacy protection system, message sending and query method
Akinyede et al. Development of a secure mobile e-banking system
Kumar et al. Ultra-lightweight blockchain-enabled RFID authentication protocol for supply chain in the domain of 5G mobile edge computing
Mukte et al. Smart Data Transfer for Data Monetization
CN103188212A (en) Security management method and service terminal of electronic wallet, and electronic wallet system
Suryotrisongko et al. A novel mobile payment scheme based on secure quick response payment with minimal infrastructure for cooperative enterprise in developing countries
Sung et al. Mobile Payment Based on Transaction Certificate Using Cloud Self‐Proxy Server
CN201717885U (en) Code providing equipment and code identification system
Nosrati et al. Security assessment of mobile-banking
Zhao et al. A comprehensive overview of security vulnerability penetration methods in blockchain cross-chain bridges
CN103188215A (en) Security management method and service terminal of electronic bank, and electronic bank system
Jabłoński et al. Information systems development and usage with consideration of privacy and cyber security aspects
CN109165485A (en) A kind of decryption system and method for service transaction system of networking
Amaka et al. Determining the adoption of e-transaction authentication frameworks in Nigerian Commercial Banks

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20150513

WD01 Invention patent application deemed withdrawn after publication