CN105099710A - Cross-domain access control method for trusted radio frequency identification network - Google Patents
Cross-domain access control method for trusted radio frequency identification network Download PDFInfo
- Publication number
- CN105099710A CN105099710A CN201510543335.2A CN201510543335A CN105099710A CN 105099710 A CN105099710 A CN 105099710A CN 201510543335 A CN201510543335 A CN 201510543335A CN 105099710 A CN105099710 A CN 105099710A
- Authority
- CN
- China
- Prior art keywords
- access controller
- information
- access
- territory
- application system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a cross-domain access control method for a trusted radio frequency identification network. The cross-domain access control method comprises the following steps: establishing inter-domain trust of access controllers; performing integrity verification on each inter-domain access controller; and performing cross-domain access, including: a reader-writer initiates an access request specific to another domain through a first access controller of a local domain, the first access controller inquires whether or not a trust relationship is established for the other domain after reception of request information, a back-end application system of the other domain verifies the stored identity information of the reader-writer and the state integrity information of the reader-writer after reception of the information if the trust relationship is established, and a second access controller permits the reader-writer to access the other domain if verification is successful; and the reader-writer initiates an access request specific to the back-end application system through the second access controller, the back-end application system judges whether or not the reader-writer has permissions for accessing corresponding resources after reception of access request information, and provides application services of corresponding permissions for the reader-writer if the reader-writer has the permissions.
Description
Technical field
The present invention relates to a kind of cross-domain access control method of radio-frequency (RF) identification network, particularly a kind of cross-domain access control method of credible radio-frequency (RF) identification network.
Background technology
The develop rapidly of development of Mobile Internet technology, having higher requirement with sharing to information exchange, becoming a kind of urgent demand across security domain access network access resources.In the practical application of radio-frequency (RF) identification network, between the RF identifying safety territory of different safety class, there is information exchange, shared demand equally.Break the wall of mistrust between the security domain of radio-frequency (RF) identification network in the process of relation and cross-domain access, between access controller and between read write line and access controller, there is the security risk of following two aspects.The first, the communication between security domain lacks necessary authentication and information transmission cryptographic means, and make communication equipment there is security risk that is counterfeiting, that substitute, the communication information exists the security risk being stolen, distorting and destroying; The second, during the related service resource of cross-domain access destination security domain, lack necessary authentication and the safety prevention measure of access control, there is the security risk of the personation of access terminal identity, unauthorized access.
Summary of the invention
The object of the invention is to for there is the shared demand of information exchange between security domain multiple in radio-frequency (RF) identification network, design a kind of cross-domain access control method of credible radio-frequency (RF) identification network, solve identity spoofing that radio-frequency (RF) identification network may exist in across security domain access process, information is distorted, the illegal problem such as access and unauthorized access.
The cross-domain access control method of a kind of credible radio-frequency (RF) identification network of the present invention, wherein, comprising: each territory respectively has an access controller, trusts between the territory setting up access controller; Carry out the integrity verification of access controller between each territory; Carry out cross-domain access, comprising: a read write line initiates the access request to another territory by first access controller in this territory, and this read write line sends to this first access controller by the accessing request information in another territory; After this first access controller receives solicited message, inquire about this another territory and whether establish trusting relationship with oneself, if do not set up, trust between the territory then setting up access controller and carry out the step of integrity verification of access controller between territory, as this another territory establishes trusting relationship, then continue to perform; This first access controller initiates the request of authentication and state integrity verification to this read write line; After this read write line receives solicited message, the identity information of this read write line self and integrity information are sent to this first access controller; The read write line information received is sent to this second access controller by this first access controller; After second access controller in this another territory receives the information of this first access controller, send to backend application system; After this backend application system receives information, the identity information of this read write line that inquiry stores and the state integrity information of this read write line, this backend application system carries out correctness verification according to the state integrity information of the identity information of this read write line of storage in advance and this read write line to two category informations, and check results is sent to this second access controller; If authentication failed, backspace authentication failed information; If be proved to be successful, this second access controller agrees to that this read write line accesses this another territory; This read write line initiates the access request to this backend application system by this second access controller, and accessing request information is sent to this backend application system; After this backend application system receives accessing request information, according to identity and the access control policy of this read write line, judge whether it has the authority of access respective resources, if had, for this read write line provides the application service of corresponding authority, flow process terminates; Otherwise, refuse, for it provides respective service, the information of this read write line unauthorized access to be sent to this read write line.
According to an embodiment of the cross-domain access control method of credible radio-frequency (RF) identification network of the present invention, wherein, trust between the territory setting up access controller, comprise: between first access controller in this territory and second access controller in another territory, carry out two-way authentication, comprise: this second access controller receives the identity information of this first access controller, and send to this backend application system, the identity information of this first access controller that this backend application system is stored by inquiry, verifies the identity legitimacy of this first access controller; If authentication failed, then the failed information of verification is sent to the second access controller, by the identity information of this first access controller write blacklist; If the verification passes, check results is sent to this second access controller by this backend application system; This second access controller sends to the first access controller together with the solicited message verified the state integrity of this first access controller after being encrypted by its identity information; After this first access controller receives this information, information is decrypted, the identity information of this second access controller after deciphering is sent to the backend application system in this territory, the identity information of this second access controller that backend application system is stored by inquiry, verifies the identity legitimacy of this second access controller; If authentication failed, the failed information of verification is sent to this first access controller by this backend application system, by the identity information of this second access controller write blacklist; If the verification passes, check results is sent to this first access control by the backend application system in this territory.
According to an embodiment of the cross-domain access control method of credible radio-frequency (RF) identification network of the present invention, wherein, also comprise: this first access controller initiates Trust Establishment request to this second access controller, the solicited message of the relation of breaking the wall of mistrust is sent to this second access controller; After this second access controller receives solicited message, generate random number, and send to this first access controller; This first access controller is encrypted after receiving the random number that this second access controller sends, and the result after encryption is sent to the second access controller in the lump together with to the authentication request of access controller; After this second access controller receives this information, enciphered message is decrypted, the random number before the random number after encryption and encryption is carried out correctness comparison; Comparison by after this second access controller receive the identity information of this first access controller; Otherwise, terminate.
According to an embodiment of the cross-domain access control method of credible radio-frequency (RF) identification network of the present invention, wherein, carry out the integrity verification of access controller between each territory, comprise: after the integrity state information of self is encrypted by this first access controller, send to this second access controller in the lump together with to the state integrity checking solicited message of this second access controller; The information received is decrypted by this second access controller, the integrity information of the first access controller after deciphering is sent to this backend application system, the integrity information of this first access controller that this backend application system is stored by inquiry, verifies the state integrity of this first access controller; If authentication failed, the information of authentication failed is sent to this second access controller; If the verification passes, then continue to perform; The state integrity information of self is encrypted by this second access controller, sends to this first access controller together with the break the wall of mistrust solicited message of relation of this first access controller; The information received is decrypted by this first access controller, the integrity information of this second access controller after deciphering is sent to the backend application system in this territory, the backend application system in this this territory, by the integrity information of this second access controller of inquiry storage, is verified the state integrity of this second access controller; If authentication failed, the information of authentication failed is sent to the first access controller; If the verification passes, then by the trusting relationship table of the identity information of this second access controller write oneself, the identity information of this first access controller is written in the trusting relationship table of oneself by this second access controller.
According to an embodiment of the cross-domain access control method of credible radio-frequency (RF) identification network of the present invention, wherein, after having trusted between the mutual integrity verification of access controller and territory between territory, also generate and trust label information, be stored in each territory, this trust label information is used for the safety certification between each territory.
To sum up, the cross-domain access control method of a kind of credible radio-frequency (RF) identification network of the present invention, solves identity spoofing that radio-frequency (RF) identification network may exist in across security domain access process, information is distorted, the illegal problem such as access and unauthorized access.
Accompanying drawing explanation
Figure 1 shows that the schematic diagram of security domain;
Figure 2 shows that the method flow graph of inter-realm authentication;
Figure 3 shows that the method flow graph of state integrity verification between territory;
Figure 4 shows that the method flow graph of cross-domain access.
Embodiment
For making object of the present invention, content and advantage clearly, below in conjunction with drawings and Examples, the specific embodiment of the present invention is described in further detail.
The cross-domain access control method of a kind of credible radio-frequency (RF) identification network of the present invention, according to the difference of the aspect such as safe class, functional localization, can be divided into multiple security domain by frequency recognition network.Figure 1 shows that the schematic diagram of security domain, as shown in Figure 1, each security domain forms by terminating layer, access control layer and application service layer, the device systems that corresponding read write line 12, access controller 11 and backend application system 10 are concrete respectively.
As shown in Figure 1, security domain is that in territory, all networking read write lines are provided services on the Internet and types of applications service.Read write line 12 accessing terminal as security domain, when there is the demand of access back end application system 10, network connecting request is initiated to access controller 11, and provide corresponding identity information and integrity state information according to the corresponding strategies of access controller 11, when being allowed to access network, the related service of access back end application system 10; Access controller 11, as the core access control equipment in security domain, by carrying out identity verify and integrity state verification assessment to read write line 12 to be accessed, realizes the authentication to read write line 12 and access control; Backend application system 10, as the supplier of types of applications resource, according to access control policy, provides the resource service of corresponding authority to read write line 12 equipment of access.
With reference to figure 1, in a kind of cross-domain access control method of the present invention, the cross-domain access control method in the present invention can be applied in the application scenarios of cross-domain access between multiple security domain.For ease of understanding, the present invention chooses security domain 1 and security domain 2 two security domains are that example is described, and security domain 1 and security domain 2 are two security domains of equity completely.Agreement initiates the security domain of access is in the present invention local domain, and accessed security domain is aiming field, and accessing terminal in a security domain cross-domainly can be linked into the related resource in another security domain in access domain, and vice versa.Backend application system in security domain 1 and security domain 2 all can inquire about identity information and the integrity state information of access controller and read write line in the other side territory.Parts and the randomizer of crypto-operation is all comprised in following middle read write line and access controller; Identity information refers to the characteristic information of unique identification read write line (access controller) own identification, is its setting when read write line or access controller initialization; Integrity state information refers to the characteristic information of the crucial software and hardware parts of composition read write line or access controller; Trust for identifying the information of the other side's identity between two access controllers that label information refers to the relation of breaking the wall of mistrust, same information non-with the identity information of access controller.
The workflow of cross-domain access control method of the present invention is divided into two stages by priority execution sequence: Trust Establishment stage and cross-domain dial-tone stage between territory.Between territory, the Trust Establishment stage refers to and sets up mutual Trusted channel relation between two security domains.Whether cross-domain dial-tone stage refers to that read write line 1 initiates access request to access controller 2, by access controller 2 according to authentication and access control corresponding strategies, just allow its access security territory and provide relevant share service to carry out decision-making.
One, between territory, the Trust Establishment stage comprises:
The Trust Establishment stage between territory, two-way authentication and integrity state verification is carried out between two access controllers, verify by the mutual Trusted channel relation of rear foundation, generate and trust label information, upgrade trusting relationship table, its workflow is divided into two parts: flow for authenticating ID and state integrity checking process, specific as follows:
Figure 2 shows that the method flow graph of inter-realm authentication, as shown in Figure 2, identity identifying method comprises:
S1, access controller 1 initiate Trust Establishment request to access controller 2, and the solicited message of the relation of breaking the wall of mistrust is sent to access controller 2;
After S2, access controller 2 receive solicited message, need to carry out authentication to access controller 1, and generate random number R 1, access controller 2 sends to access controller 1 in the lump by the ID authentication request information of access controller 1 and random number R 1;
After S3, access controller 1 receive the authentication request information and random number R 1 that access controller 2 sends, the identity information of access controller 1 and random number R 1 are encrypted, the result after encryption is sent to access controller 2 in the lump together with to the authentication request of access controller;
After S4, access controller 2 receive this information, enciphered message is decrypted, the random number before the random number after encryption and encryption is carried out correctness comparison; Comparison is by rear execution step S5, otherwise flow process terminates; Wherein, random number is when verifying in order to avoid between territory, is access in data tampering, when there is the mismatch problem of random number, can judges, may there is data tampering;
The identity information of access controller 1 after deciphering is sent to backend application system 2 by S5, access controller 2, and the identity information of the access controller 1 that backend application system 2 is stored by inquiry, verifies the identity legitimacy of access controller 1;
If S6 authentication failed, the failed information of verification is sent to access controller 2 by backend application system 2, and by the identity information of access controller 1 write blacklist, generate the system journal of this operation, flow process terminates simultaneously; If the verification passes, check results is sent to access control 2 by backend application system 2, performs step S7;
S7, access controller 2 send to access controller 1 together with the solicited message verified the state integrity of access controller 1 after being encrypted by its identity information;
After S8, access controller 1 receive this information, information is decrypted, the identity information of the access controller 2 after deciphering is sent to backend application system 1, and the identity information of the access controller 2 that backend application system 1 is stored by inquiry, verifies the identity legitimacy of access controller 2;
If S9 authentication failed, the failed information of verification is sent to access controller 1 by backend application system 1, and by the identity information of access controller 2 write blacklist, generate the system journal of this operation, flow process terminates simultaneously; If the verification passes, check results is sent to access control 1 by backend application system 1, and flow process terminates.
Figure 3 shows that the method flow graph of state integrity verification between territory, as shown in Figure 3, state integrity checking process comprises:
After the integrity state information of self is encrypted by S1, access controller 1, send to access control 2 in the lump together with to the state integrity checking solicited message of access controller 2;
The information received is decrypted by S2, access controller 2, the integrity information of the access controller 1 after deciphering is sent to backend application system 2, the integrity information of the access controller 1 that backend application system 2 is stored by inquiry, verifies the state integrity of access controller 1;
If S3 authentication failed, the information of authentication failed is sent to access controller 2 by backend application system 2, and flow process terminates; If the verification passes, check results is sent to access control 2 by backend application system 2, performs step S4;
The state integrity information of self is encrypted by S4, access controller 2, together with access controller 1 break the wall of mistrust relation solicited message and trust label information and send to access controller 1 in the lump;
The information received is decrypted by S5, access controller 1, the integrity information of the access controller 2 after deciphering is sent to backend application system 1, the integrity information of the access controller 2 that backend application system 1 is stored by inquiry, verifies the state integrity of access controller 2;
If S6 authentication failed, the information of authentication failed is sent to access controller 1 by backend application system 1, and flow process terminates; If the verification passes, check results is sent to access control 1 by backend application system 1, performs step S7;
The trust label information of access control 2 is preserved by S7, access controller 1, and by the trusting relationship table of the identity information of access controller 2 write oneself, the information and trust label information of agreeing to the relation that breaks the wall of mistrust is sent to access controller 2 in the lump simultaneously;
After S8, access control 2 receive information, preserved by the trust label information of access control 1, be written to by the identity information of access controller 1 in the trusting relationship table of oneself, flow process terminates.
Two, cross-domain dial-tone stage
Figure 4 shows that the method flow graph of cross-domain access, as shown in Figure 4,
The precondition of cross-domain access is the relation that broken the wall of mistrust between security domain, and read write line 1 has been linked in security domain 1, and the workflow of cross-domain dial-tone stage is described below:
S1, read write line 1 initiate the access request to security domain 2, and read write line 1 sends to access controller 1 by the accessing request information of security domain 2;
After S2, access controller 1 receive solicited message, inquire about the trusting relationship table of oneself, check whether security domain 2 establishes trusting relationship with oneself, if inquire about unsuccessfully, then the workflow in Trust Establishment stage between execution domains; Otherwise perform step S3;
S3, access controller 1 initiate the request of authentication and state integrity verification to read write line 1, solicited message are sent to read write line 1;
After S4, read write line 1 receive solicited message, the identity information of self and integrity information are sent to access controller 1;
The read write line information received is encrypted by S5, access controller 1, and the information after encryption is sent to access controller 2 together with the trust label information of access controller 2;
After S6, access controller 2 receive the information of access controller 1, correctness verification is carried out to the trust label information of self, verifies and by rear, enciphered message is decrypted, and the information after deciphering is sent to backend application system 2;
After S7, backend application system 2 receive information, the identity information of the read write line 1 that inquiry stores and state integrity information, carry out correctness verification to two category informations, and check results sent to access controller 2;
If S8 authentication failed, then generate the audit log of this operation, flow process terminates; If be proved to be successful, read write line 1 access security territory 2 agreed to by controller 2, and by the trust label information of access controller and agree to that setting up the information that network is connected sends to access controller 1 in the lump;
After S9, access controller 1 receive information, carry out correctness verification to the trust label information received, if verify unsuccessfully, then generate the audit log of this operation, flow process terminates; Otherwise, will agree to that the information connected sends to read write line 1;
S10, read write line 1 initiate the access request to backend application system 2 by access controller 2, and accessing request information is sent to backend application system 2;
After S11, backend application system 2 receive accessing request information, according to identity and the access control policy of read write line 1, judge whether it has the authority of access respective resources, if had, for read write line 1 provides the application service of corresponding authority, flow process terminates; Otherwise refuse as it provides respective service, the information of read write line 1 unauthorized access is sent to read write line 1, and flow process terminates.
To sum up, the cross-domain access control method of a kind of credible radio-frequency (RF) identification network of the present invention, solves identity spoofing that radio-frequency (RF) identification network may exist in across security domain access process, information is distorted, the illegal problem such as access and unauthorized access.
The above is only the preferred embodiment of the present invention; it should be pointed out that for those skilled in the art, under the prerequisite not departing from the technology of the present invention principle; can also make some improvement and distortion, these improve and distortion also should be considered as protection scope of the present invention.
Claims (5)
1. a cross-domain access control method for credible radio-frequency (RF) identification network, is characterized in that, comprising:
Each territory respectively has an access controller, trusts between the territory setting up access controller;
Carry out the integrity verification of access controller between each territory;
Carry out cross-domain access, comprising:
One read write line initiates the access request to another territory by first access controller in this territory, and this read write line sends to this first access controller by the accessing request information in another territory;
After this first access controller receives solicited message, inquire about this another territory and whether establish trusting relationship with oneself, if do not set up, trust between the territory then setting up access controller and carry out the step of integrity verification of access controller between territory, as this another territory establishes trusting relationship, then continue to perform;
This first access controller initiates the request of authentication and state integrity verification to this read write line;
After this read write line receives solicited message, the identity information of this read write line self and integrity information are sent to this first access controller;
The read write line information received is sent to this second access controller by this first access controller;
After second access controller in this another territory receives the information of this first access controller, send to backend application system;
After this backend application system receives information, the identity information of this read write line that inquiry stores and the state integrity information of this read write line, this backend application system carries out correctness verification according to the state integrity information of the identity information of this read write line of storage in advance and this read write line to two category informations, and check results is sent to this second access controller;
If authentication failed, backspace authentication failed information; If be proved to be successful, this second access controller agrees to that this read write line accesses this another territory;
This read write line initiates the access request to this backend application system by this second access controller, and accessing request information is sent to this backend application system;
After this backend application system receives accessing request information, according to identity and the access control policy of this read write line, judge whether it has the authority of access respective resources, if had, for this read write line provides the application service of corresponding authority, flow process terminates; Otherwise, refuse, for it provides respective service, the information of this read write line unauthorized access to be sent to this read write line.
2. the cross-domain access control method of credible radio-frequency (RF) identification network as claimed in claim 1, is characterized in that, trusts, comprising between the territory setting up access controller:
Carry out two-way authentication between first access controller in this territory and second access controller in another territory, comprising:
This second access controller receives the identity information of this first access controller, and send to this backend application system, the identity information of this first access controller that this backend application system is stored by inquiry, verifies the identity legitimacy of this first access controller;
If authentication failed, then the failed information of verification is sent to the second access controller, by the identity information of this first access controller write blacklist; If the verification passes, check results is sent to this second access controller by this backend application system;
This second access controller sends to the first access controller together with the solicited message verified the state integrity of this first access controller after being encrypted by its identity information;
After this first access controller receives this information, information is decrypted, the identity information of this second access controller after deciphering is sent to the backend application system in this territory, the identity information of this second access controller that backend application system is stored by inquiry, verifies the identity legitimacy of this second access controller;
If authentication failed, the failed information of verification is sent to this first access controller by this backend application system, by the identity information of this second access controller write blacklist; If the verification passes, check results is sent to this first access control by the backend application system in this territory.
3. the cross-domain access control method of credible radio-frequency (RF) identification network as claimed in claim 2, is characterized in that, also comprise:
This first access controller initiates Trust Establishment request to this second access controller, the solicited message of the relation of breaking the wall of mistrust is sent to this second access controller;
After this second access controller receives solicited message, generate random number, and send to this first access controller;
This first access controller is encrypted after receiving the random number that this second access controller sends, and the result after encryption is sent to the second access controller in the lump together with to the authentication request of access controller;
After this second access controller receives this information, enciphered message is decrypted, the random number before the random number after encryption and encryption is carried out correctness comparison; Comparison by after this second access controller receive the identity information of this first access controller; Otherwise, terminate.
4. the cross-domain access control method of credible radio-frequency (RF) identification network as claimed in claim 1, is characterized in that, carry out the integrity verification of access controller between each territory, comprising:
After the integrity state information of self is encrypted by this first access controller, send to this second access controller in the lump together with to the state integrity checking solicited message of this second access controller;
The information received is decrypted by this second access controller, the integrity information of the first access controller after deciphering is sent to this backend application system, the integrity information of this first access controller that this backend application system is stored by inquiry, verifies the state integrity of this first access controller;
If authentication failed, the information of authentication failed is sent to this second access controller; If the verification passes, then continue to perform;
The state integrity information of self is encrypted by this second access controller, sends to this first access controller together with the break the wall of mistrust solicited message of relation of this first access controller;
The information received is decrypted by this first access controller, the integrity information of this second access controller after deciphering is sent to the backend application system in this territory, the backend application system in this this territory, by the integrity information of this second access controller of inquiry storage, is verified the state integrity of this second access controller;
If authentication failed, the information of authentication failed is sent to the first access controller; If the verification passes, then by the trusting relationship table of the identity information of this second access controller write oneself, the identity information of this first access controller is written in the trusting relationship table of oneself by this second access controller.
5. the cross-domain access control method of credible radio-frequency (RF) identification network as claimed in claim 4, it is characterized in that, after having trusted between the mutual integrity verification of access controller and territory between territory, also generate and trust label information, be stored in each territory, this trust label information is used for the safety certification between each territory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510543335.2A CN105099710A (en) | 2015-08-28 | 2015-08-28 | Cross-domain access control method for trusted radio frequency identification network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510543335.2A CN105099710A (en) | 2015-08-28 | 2015-08-28 | Cross-domain access control method for trusted radio frequency identification network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105099710A true CN105099710A (en) | 2015-11-25 |
Family
ID=54579342
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510543335.2A Pending CN105099710A (en) | 2015-08-28 | 2015-08-28 | Cross-domain access control method for trusted radio frequency identification network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105099710A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108234468A (en) * | 2017-12-28 | 2018-06-29 | 中国电子科技集团公司第三十研究所 | A kind of cross-domain data transmission guard method based on label |
| CN109214221A (en) * | 2018-08-23 | 2019-01-15 | 武汉普利商用机器有限公司 | A kind of identity card reader verification method, host computer and identity card reader |
| CN111428527A (en) * | 2020-03-06 | 2020-07-17 | 南京邮电大学 | Static ID-based RFID cross-domain bidirectional authentication method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932338A (en) * | 2012-10-24 | 2013-02-13 | 中国航天科工集团第二研究院七〇六所 | System and method for safe network access of radio-frequency identification system |
| CN103532963A (en) * | 2013-10-22 | 2014-01-22 | 中国联合网络通信集团有限公司 | IOT (Internet of Things) based equipment authentication method, device and system |
| CN103795530A (en) * | 2012-10-31 | 2014-05-14 | 华为技术有限公司 | Cross-domain controller authentication method, cross-domain controller authentication device and host |
-
2015
- 2015-08-28 CN CN201510543335.2A patent/CN105099710A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932338A (en) * | 2012-10-24 | 2013-02-13 | 中国航天科工集团第二研究院七〇六所 | System and method for safe network access of radio-frequency identification system |
| CN103795530A (en) * | 2012-10-31 | 2014-05-14 | 华为技术有限公司 | Cross-domain controller authentication method, cross-domain controller authentication device and host |
| CN103532963A (en) * | 2013-10-22 | 2014-01-22 | 中国联合网络通信集团有限公司 | IOT (Internet of Things) based equipment authentication method, device and system |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108234468A (en) * | 2017-12-28 | 2018-06-29 | 中国电子科技集团公司第三十研究所 | A kind of cross-domain data transmission guard method based on label |
| CN109214221A (en) * | 2018-08-23 | 2019-01-15 | 武汉普利商用机器有限公司 | A kind of identity card reader verification method, host computer and identity card reader |
| CN109214221B (en) * | 2018-08-23 | 2022-02-01 | 武汉普利商用机器有限公司 | Authentication method of identity card reader, upper computer and identity card reader |
| CN111428527A (en) * | 2020-03-06 | 2020-07-17 | 南京邮电大学 | Static ID-based RFID cross-domain bidirectional authentication method |
| CN111428527B (en) * | 2020-03-06 | 2022-10-14 | 南京邮电大学 | Static ID-based RFID cross-domain bidirectional authentication method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108684041B (en) | System and method for login authentication | |
| CN111049660B (en) | Certificate distribution method, system, device and equipment, and storage medium | |
| AU2011309758B2 (en) | Mobile handset identification and communication authentication | |
| CN101588245B (en) | Method of identity authentication, system and memory device thereof | |
| CN104767731B (en) | A kind of Restful move transactions system identity certification means of defence | |
| CN106452782A (en) | Method and system for producing a secure communication channel for terminals | |
| CN103517273A (en) | Authentication method, managing platform and Internet-of-Things equipment | |
| KR20160127167A (en) | Multi-factor certificate authority | |
| CN101841525A (en) | Secure access method, system and client | |
| CN101241528A (en) | Terminal access trusted PDA method and access system | |
| CN101986598B (en) | Authentication method, server and system | |
| CN105635062A (en) | Network access equipment verification method and device | |
| CN107204985A (en) | Purview certification method based on encryption key, apparatus and system | |
| CN109167771B (en) | Authentication method, device and equipment based on alliance chain and readable storage medium | |
| CN110929231A (en) | Digital asset authorization method and device and server | |
| CN107566393A (en) | A kind of dynamic rights checking system and method based on trust certificate | |
| CN104486322B (en) | Terminal access authentication authorization method and terminal access authentication authoring system | |
| CN105099710A (en) | Cross-domain access control method for trusted radio frequency identification network | |
| CN111800270B (en) | Certificate signing method and device, storage medium and computer equipment | |
| WO2017020530A1 (en) | Enhanced wlan certificate authentication method, device and system | |
| CN106027256B (en) | A kind of identity card card reading response system | |
| CN112261103A (en) | Node access method and related equipment | |
| US10834063B2 (en) | Facilitating provisioning of an out-of-band pseudonym over a secure communication channel | |
| CN111224965A (en) | Information interaction method and device | |
| CN106412904B (en) | Method and system for preventing counterfeit user authentication authority |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20151125 |