CN105653965A - Smart card encryption equipment monitoring device and method - Google Patents
Smart card encryption equipment monitoring device and method Download PDFInfo
- Publication number
- CN105653965A CN105653965A CN201610044365.3A CN201610044365A CN105653965A CN 105653965 A CN105653965 A CN 105653965A CN 201610044365 A CN201610044365 A CN 201610044365A CN 105653965 A CN105653965 A CN 105653965A
- Authority
- CN
- China
- Prior art keywords
- risk class
- security module
- encryption equipment
- encryption
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
- H04L67/1074—Peer-to-peer [P2P] networks for supporting data block transmission mechanisms
- H04L67/1078—Resource delivery mechanisms
Abstract
The embodiment of the invention discloses a smart card encryption equipment monitoring device and method. The technical problem that for a manually configured mode of current encryption equipment, due to lack of monitoring, the safety during operation of the encryption equipment is low is solved. The smart card encryption equipment monitoring device comprises the encryption equipment and a security module; the encryption equipment is connected with the security module through a communication interface; when the security module stops communicating with an external device, the encryption equipment is used for reading a state value of an assigned data field in the security module to be matched with a preset risk grade, and an executive command corresponding to the matched risk grade is executed.
Description
Technical field
The present invention relates to technical field of data processing, particularly relate to a kind of smart card encryption equipment supervising device and method.
Background technology
Encryption equipment belongs to safety equipment, and it is to using environment to have strict requirement, once after disposing, be difficult to by the mode of network, its duty is managed. In smart card industry, the production of smart card, running environment are required for encryption equipment, it is contemplated that the problem of network security, and the duty of encryption equipment can only be controlled by manual type at present. The present invention, is used thus reaching the requirement of location, monitoring, managing encrypted machine with encryption equipment (GB/T16649) (ISO/IEC7816) Interference fit by a kind of security module with wireless data exchange ability.
After encryption equipment is configured by artificial mode, entering working environment, it does not have effective means knows that the regulatory measure of the existing encryption equipment of its duty is realized by manual type, the duty changing encryption equipment must flow through manual operations realization. Encryption equipment once dispose after, management personnel cannot monitor the particular state of encryption equipment, including: whether positional information (remains in the working environment specified), duty (access times, encryption and decryption number of times) etc.; Owing to encryption equipment is likely to be deployed in a physically relatively independent network, therefore management personnel also cannot pass through public network and remotely control the state of encryption equipment, such as: startup, stopping, cipher key destruction etc.
But, the mode of above-mentioned encryption equipment human configuration, owing to supervision lacks, thus result in the technical problem that in encryption equipment work, safety is low.
Summary of the invention
Embodiments provide a kind of smart card encryption equipment supervising device and method, solve the mode of current encryption equipment human configuration, owing to supervision lacks, and the technical problem that in the encryption equipment work caused, safety is low.
A kind of smart card encryption equipment supervising device provided in the embodiment of the present invention, including encryption equipment and security module;
Described encryption equipment is connected by communication interface with described security module;
Wherein, when described security module stops communicating with external equipment, described encryption equipment, for reading the state value specifying data field in described security module, matches with preset risk class, and performs the execution order corresponding with the described risk class after pairing.
Preferably, described encryption equipment specifically includes:
First matched sub-block, for reading the state value specifying data field in described security module, matches with preset risk class, if the described risk class of pairing is the first estate, then described encryption equipment performs cipher key destruction instruction;
And/or
Second matched sub-block, for reading the state value specifying data field in described security module, matches with preset risk class, if the described risk class of pairing is the second grade, then described encryption equipment performs to quit work instruction.
Preferably, if the described risk class of pairing is the second grade, then described encryption equipment performs the instruction that quits work and specifically includes:
If the described risk class of pairing is the second grade, then described encryption equipment performs to quit work instruction, and judges described security module stops communicating whether exceed preset time period with external equipment, if so, the then described cipher key destruction instruction of described encryption equipment execution.
Preferably, described smart card encryption supervising device also includes external equipment, communicates to connect with described security module.
Preferably, described external equipment specifically includes:
MCU and gyroscope, described MCU is connected with described gyroscope, described MCU is for after described external equipment moves, extract the data of described gyroscope, and described data transmission to described security module is carried out the conversion of described appointment data field, make described encryption equipment read the described state value of the described appointment data field in described security module, match with preset described risk class, and perform the execution order corresponding with the described risk class after pairing.
Preferably, described external equipment also includes reset key, after changing for the reset key state according to self, to determine that described external equipment moves.
A kind of smart card encryption monitoring method provided in the embodiment of the present invention, including:
When described security module stops communicating with external equipment, described encryption equipment is for reading the state value specifying data field in described security module;
Described state value and preset risk class are matched, and performs the execution order corresponding with the described risk class after pairing.
Preferably, described state value and preset risk class are matched, and perform with match after the corresponding execution order of described risk class specifically include:
Described state value and preset described risk class being matched, if the described risk class of pairing is the first estate, then described encryption equipment performs cipher key destruction instruction;
And/or
Described state value and preset described risk class being matched, if the described risk class of pairing is the second grade, then described encryption equipment performs to quit work instruction.
Preferably, described state value and preset described risk class being matched, if the described risk class of pairing is the second grade, then the instruction that performs to quit work of described encryption equipment specifically includes:
Described state value and preset described risk class are matched, if the described risk class of pairing is the second grade, then described encryption equipment performs to quit work instruction, and judge described security module stops communicating whether exceed preset time period with external equipment, if so, then described encryption equipment performs described cipher key destruction instruction.
Preferably, described smart card encryption monitoring method also includes:
After described external equipment moves, extract the data of described gyroscope, and described data transmission to described security module is carried out the conversion of described appointment data field, described encryption equipment is made to read the described state value of the described appointment data field in described security module, match with preset described risk class, and perform the execution order corresponding with the described risk class after pairing.
As can be seen from the above technical solutions, the embodiment of the present invention has the advantage that
A kind of smart card encryption equipment supervising device provided in the embodiment of the present invention and method, wherein, smart card encryption equipment supervising device includes: encryption equipment and security module;Encryption equipment is connected by communication interface with security module; Wherein, when security module stops communicating with external equipment, encryption equipment, for reading the state value specifying data field in security module, matches with preset risk class, and performs the execution order corresponding with the risk class after pairing. In the present embodiment, it is determined by security module and external equipment when stopping communicating, encryption equipment is for reading the state value specifying data field in security module, match with preset risk class, and perform the execution order corresponding with the risk class after pairing, solve the mode of current encryption equipment human configuration, owing to supervision lacks, and the technical problem that in the encryption equipment work caused, safety is low.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, the accompanying drawing used required in embodiment or description of the prior art will be briefly described below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the premise not paying creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the structural representation of an embodiment of a kind of smart card encryption equipment supervising device of offer in the embodiment of the present invention;
Fig. 2 is the structural representation of another embodiment of a kind of smart card encryption equipment supervising device of offer in the embodiment of the present invention;
Fig. 3 is the structural representation of the external equipment of a kind of smart card encryption equipment supervising device of offer in the embodiment of the present invention;
Fig. 4 monitors the schematic flow sheet of an embodiment of method for a kind of smart card encryption equipment provided in the embodiment of the present invention;
Fig. 5 monitors the schematic flow sheet of another embodiment of method for a kind of smart card encryption equipment provided in the embodiment of the present invention.
Detailed description of the invention
Embodiments provide a kind of smart card encryption equipment supervising device and method, solve the mode of current encryption equipment human configuration, owing to supervision lacks, and the technical problem that in the encryption equipment work caused, safety is low.
For making the goal of the invention of the present invention, feature, the advantage can be more obvious and understandable, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, the embodiments described below are only a part of embodiment of the present invention, and not all embodiment. Based on the embodiment in the present invention, all other embodiments that those of ordinary skill in the art obtain under not making creative work premise, broadly fall into the scope of protection of the invention.
Referring to Fig. 1, an embodiment of a kind of smart card encryption equipment supervising device provided in the embodiment of the present invention includes:
Encryption equipment 1 and security module 2;
Encryption equipment 1 is connected by communication interface with security module 2, and aforesaid communication interface can be (GB/T16649) (ISO/IEC7816) interface of encryption equipment 1 self, and security module 2 has the security module 2 of data exchange capability;
Wherein, when security module 2 stops communicating with external equipment 3, encryption equipment 1, for reading the state value specifying data field in security module 2, matches with preset risk class, and performs the execution order corresponding with the risk class after pairing.
It should be noted that, the state value of aforesaid appointment data field can be through (GB/T16649) (ISO/IEC7816) interface of encryption equipment 1 self specific data field write running log (including but not limited to: secret number of times, outside access times) in the security module 2 have wireless data exchange ability, in order to backstage can monitor duty and the daily record of encryption equipment 1.
In the present embodiment, it is determined by security module 1 and external equipment 3 when stopping communicating, encryption equipment 1 is for reading the state value specifying data field in security module 2, match with preset risk class, and perform the execution order corresponding with the risk class after pairing, solve the mode of current encryption equipment 1 human configuration, owing to supervision lacks, and the technical problem that in encryption equipment 1 work caused, safety is low.
The above is that kind of a structure for smart card encryption equipment supervising device is described in detail, it is described in detail encryption equipment being performed the execution order corresponding with risk class below, referring to Fig. 2, another embodiment of a kind of smart card encryption equipment supervising device provided in the embodiment of the present invention includes:
Encryption equipment 1 and security module 2;
Encryption equipment 1 is connected by communication interface with security module 2, and aforesaid communication interface can be (GB/T16649) (ISO/IEC7816) interface of encryption equipment 1 self, and security module 2 has the security module 2 of data exchange capability;
Wherein, when security module 2 stops communicating with external equipment 3, encryption equipment 1, for reading the state value specifying data field in security module 2, matches with preset risk class, and performs the execution order corresponding with the risk class after pairing.
It should be noted that, the state value of aforesaid appointment data field can be through (GB/T16649) (ISO/IEC7816) interface of encryption equipment 1 self specific data field write running log (including but not limited to: secret number of times, outside access times) in the security module 2 have wireless data exchange ability, in order to backstage can monitor duty and the daily record of encryption equipment 1.
Further, encryption equipment 1 specifically includes:
First matched sub-block 11, for reading the state value specifying data field in security module 2, matches with preset risk class, if the risk class of pairing is the first estate, then encryption equipment 1 performs cipher key destruction instruction;
And/or
Second matched sub-block 12, for reading the state value specifying data field in security module 2, matches with preset risk class, if the risk class of pairing is the second grade, then encryption equipment 1 performs to quit work instruction.
Further, if the risk class of pairing is the second grade, then encryption equipment 1 performs the instruction that quits work and specifically includes:
If the risk class of pairing is the second grade, then encryption equipment 1 performs to quit work instruction, and judges security module 2 communicates whether exceed preset time period with external equipment 3 stopping, and if so, then encryption equipment 1 performs cipher key destruction instruction.
Should be noted that, aforesaid the first estate, the second grade can be in advance can according to the grade of encryption equipment 1 or deployed environment, formulate corresponding risk class, if risk class is decided to be the first estate such as " height ", then when security module 2 cannot communication with the outside world time, encryption equipment 1 destroys key immediately; If risk class be decided to be the second grade such as " in ", then when security module 2 cannot communication with the outside world time, encryption equipment 1 quits work immediately, when security module 2 cannot communication with the outside world and after exceeding certain time, encryption equipment 1 destroys key; The defining principle of risk class can be have a plurality of risk class by that analogy, does not specifically limit herein.
Further, smart card encryption supervising device also includes external equipment 3, communicates to connect with security module 2.
Further, as it is shown on figure 3, external equipment 3 specifically includes:
MCU31 and gyroscope 32, MCU31 is connected with gyroscope 32, MCU31 is for after external equipment 3 moves, extract the data of gyroscope 32, and send data to security module 2 carry out specify data field conversion, make encryption equipment 1 read the state value specifying data field in security module 2, match with preset risk class, and perform the execution order corresponding with the risk class after pairing.
Further, external equipment 3 also includes reset key 33, after changing for reset key 33 state according to self, to determine that external equipment 3 moves.
It should be noted that external equipment 3 is communicated with management system 4 by public mobile communications network realizes management function. Have the security module 2 of wireless data exchange ability and external equipment 3 with the use of, have the relation that one_to_one corresponding is corresponding. External equipment 3 built-in electronic gyroscope 32 and the reset key 33 used when being positioned at installation. External equipment 3 is necessarily mounted at certain immovable position (wall, pillar etc.), during installation, reset key 33 is close to wall, and trigger reset key 33, after external equipment 3 switches on power, set up with background management system 4 and communicate, to send in the state of reset key 33, after management system 4 confirms, record information also enables this equipment. Sending the data in electronic gyroscope 32 on external equipment 3, this management system 4 can be PC etc. simultaneously.
After aforesaid external equipment 3 is installed, the change again of reset key 33 state can be determined that and moved for external equipment 3, and external equipment 3 send the data of reset key 33 information and gyroscope 32 on simultaneously. The management instruction of encryption equipment 1 is sent in the security module 2 with wireless data exchange ability by external equipment 3 by management system 4, have after the security module 2 of wireless data exchange ability receives instruction, change the data field specified, read for encryption equipment 1, encryption equipment 1 is according to the numerical value (risk class data) in data field, it is judged that oneself follow-up duty (work on, break-off, destruction key etc.). The definition method of risk class data: in advance can according to the grade of encryption equipment 1 or deployed environment, formulate corresponding risk class, the first estate as the aforementioned, the second grade can be in advance can according to the grade of encryption equipment 1 or deployed environment, formulate corresponding risk class, if risk class is decided to be the first estate such as " height ", then when security module 2 cannot communication with the outside world time, encryption equipment 1 destroys key immediately; If risk class be decided to be the second grade such as " in ", then when security module 2 cannot communication with the outside world time, encryption equipment 1 quits work immediately, when security module 2 cannot communication with the outside world and after exceeding certain time, encryption equipment 1 destroys key; The defining principle of risk class can be have a plurality of risk class by that analogy, does not specifically limit herein.
In the present embodiment, it is determined by security module 1 and external equipment 3 when stopping communicating, encryption equipment 1 is for reading the state value specifying data field in security module 2, match with preset risk class, and perform the execution order corresponding with the risk class after pairing, solve the mode of current encryption equipment 1 human configuration, owing to supervision lacks, and the technical problem that in encryption equipment 1 work caused, safety is low, and the monitoring of positional information, further increase the safety of encryption equipment.
Referring to Fig. 4, an embodiment of a kind of smart card encryption equipment monitoring method provided in the embodiment of the present invention includes:
401, when security module stops communicating with external equipment, encryption equipment is for reading the state value specifying data field in security module;
In the present embodiment, after encryption equipment is started working, when security module stops communicating with external equipment, encryption equipment is for reading the state value specifying data field in security module.
It should be noted that, the state value of aforesaid appointment data field can be through (GB/T16649) (ISO/IEC7816) interface of encryption equipment self specific data field write running log (including but not limited to: secret number of times, outside access times) in the security module have wireless data exchange ability, in order to backstage can monitor duty and the daily record of encryption equipment.
402, state value and preset risk class are matched, and perform the execution order corresponding with the risk class after pairing.
When security module stops communicating with external equipment, encryption equipment is for after reading the state value specifying data field in security module, it is necessary to state value and preset risk class are matched, and performs the execution order corresponding with the risk class after pairing.
In the present embodiment, it is determined by security module and external equipment when stopping communicating, encryption equipment is for reading the state value specifying data field in security module, match with preset risk class, and perform the execution order corresponding with the risk class after pairing, solve the mode of current encryption equipment human configuration, owing to supervision lacks, and the technical problem that in the encryption equipment work caused, safety is low.
The above is that the process that smart card encryption equipment is monitored method is described in detail, to match to by state value and preset risk class below, and perform with match after the corresponding exectorial process of risk class be described in detail, referring to Fig. 5, another embodiment of a kind of smart card encryption equipment monitoring method provided in the embodiment of the present invention includes:
501, when security module stops communicating with external equipment, encryption equipment is for reading the state value specifying data field in security module;
In the present embodiment, after encryption equipment is started working, when security module stops communicating with external equipment, encryption equipment is for reading the state value specifying data field in security module.
It should be noted that, the state value of aforesaid appointment data field can be through (GB/T16649) (ISO/IEC7816) interface of encryption equipment self specific data field write running log (including but not limited to: secret number of times, outside access times) in the security module have wireless data exchange ability, in order to backstage can monitor duty and the daily record of encryption equipment.
502, state value and preset risk class are matched, if the risk class of pairing is the first estate, then encryption equipment performs cipher key destruction instruction and/or state value and preset risk class is matched, if the risk class of pairing is the second grade, then encryption equipment performs to quit work instruction;
When security module stops communicating with external equipment, encryption equipment is for after reading the state value specifying data field in security module, need to match state value and preset risk class, if the risk class of pairing is the first estate, then encryption equipment performs cipher key destruction instruction and/or state value and preset risk class is matched, if the risk class of pairing is the second grade, then encryption equipment performs to quit work instruction.
Aforesaid state value and preset risk class being matched, if the risk class of pairing is the second grade, then the encryption equipment instruction that performs to quit work specifically includes:
State value and preset risk class are matched, if the risk class of pairing is the second grade, then encryption equipment performs to quit work instruction, and judges security module communicates whether exceed preset time period with external equipment stopping, if so, then encryption equipment performs cipher key destruction instruction.
503, after external equipment moves, extract the data of gyroscope, and send data to security module carry out specify data field conversion, encryption equipment is made to read the state value specifying data field in security module, match with preset risk class, and perform the execution order corresponding with the risk class after pairing.
While step 501 and 502, after external equipment moves, extract the data of gyroscope, and send data to security module carry out specify data field conversion, encryption equipment is made to read the state value specifying data field in security module, match with preset risk class, and perform the execution order corresponding with the risk class after pairing.
Should be noted that, the first estate in the present embodiment, the second grade can be in advance can according to the grade of encryption equipment or deployed environment, formulate corresponding risk class, if risk class is decided to be the first estate such as " height ", then when security module cannot communication with the outside world time, encryption equipment destroys key immediately; If risk class be decided to be the second grade such as " in ", then when security module cannot communication with the outside world time, encryption equipment quits work immediately, when security module cannot communication with the outside world and after exceeding certain time, encryption equipment destroys key; The defining principle of risk class can be have a plurality of risk class by that analogy, does not specifically limit herein.
In the present embodiment, it is determined by security module and external equipment when stopping communicating, encryption equipment is for reading the state value specifying data field in security module, match with preset risk class, and perform the execution order corresponding with the risk class after pairing, solve the mode of current encryption equipment human configuration, owing to supervision lacks, and the technical problem that in the encryption equipment work caused, safety is low, and the monitoring of positional information, further increase the safety of encryption equipment.
Those skilled in the art is it can be understood that arrive, for convenience and simplicity of description, the system of foregoing description, the specific works process of device and unit, it is possible to reference to the corresponding process in preceding method embodiment, do not repeat them here.
In several embodiments provided herein, it should be understood that disclosed system, apparatus and method, it is possible to realize by another way. Such as, device embodiment described above is merely schematic, such as, the division of described unit, being only a kind of logic function to divide, actual can have other dividing mode when realizing, for instance multiple unit or assembly can in conjunction with or be desirably integrated into another system, or some features can ignore, or do not perform. Another point, shown or discussed coupling each other or direct-coupling or communication connection can be through INDIRECT COUPLING or the communication connection of some interfaces, device or unit, it is possible to be electrical, machinery or other form.
The described unit illustrated as separating component can be or may not be physically separate, and the parts shown as unit can be or may not be physical location, namely may be located at a place, or can also be distributed on multiple NE. Some or all of unit therein can be selected according to the actual needs to realize the purpose of the present embodiment scheme.
It addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it is also possible to be that unit is individually physically present, it is also possible to two or more unit are integrated in a unit.Above-mentioned integrated unit both can adopt the form of hardware to realize, it would however also be possible to employ the form of SFU software functional unit realizes.
If described integrated unit is using the form realization of SFU software functional unit and as independent production marketing or use, it is possible to be stored in a computer read/write memory medium. Based on such understanding, part or all or part of of this technical scheme that prior art is contributed by technical scheme substantially in other words can embody with the form of software product, this computer software product is stored in a storage medium, including some instructions with so that a computer equipment (can be personal computer, server, or the network equipment etc.) perform all or part of step of method described in each embodiment of the present invention. And aforesaid storage medium includes: USB flash disk, portable hard drive, read only memory (ROM, Read-OnlyMemory), the various media that can store program code such as random access memory (RAM, RandomAccessMemory), magnetic disc or CD.
The above, above example only in order to technical scheme to be described, is not intended to limit; Although the present invention being described in detail with reference to previous embodiment, it will be understood by those within the art that: the technical scheme described in foregoing embodiments still can be modified by it, or wherein portion of techniques feature is carried out equivalent replacement; And these amendments or replacement, do not make the essence of appropriate technical solution depart from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (10)
1. a smart card encryption equipment supervising device, it is characterised in that include encryption equipment and security module;
Described encryption equipment is connected by communication interface with described security module;
Wherein, when described security module stops communicating with external equipment, described encryption equipment, for reading the state value specifying data field in described security module, matches with preset risk class, and performs the execution order corresponding with the described risk class after pairing.
2. smart card according to claim 1 encryption supervising device, it is characterised in that described encryption equipment specifically includes:
First matched sub-block, for reading the state value specifying data field in described security module, matches with preset risk class, if the described risk class of pairing is the first estate, then described encryption equipment performs cipher key destruction instruction;
And/or
Second matched sub-block, for reading the state value specifying data field in described security module, matches with preset risk class, if the described risk class of pairing is the second grade, then described encryption equipment performs to quit work instruction.
3. smart card according to claim 2 encryption supervising device, it is characterised in that if the described risk class of pairing is the second grade, then described encryption equipment performs the instruction that quits work and specifically includes:
If the described risk class of pairing is the second grade, then described encryption equipment performs to quit work instruction, and judges described security module stops communicating whether exceed preset time period with external equipment, if so, the then described cipher key destruction instruction of described encryption equipment execution.
4. smart card as claimed in any of claims 1 to 3 encryption supervising device, it is characterised in that described smart card encryption supervising device also includes external equipment, is connected with described security module radio communication.
5. smart card according to claim 4 encryption supervising device, it is characterised in that described external equipment specifically includes:
MCU and gyroscope, described MCU is connected with described gyroscope, described MCU is for after described external equipment moves, extract the data of described gyroscope, and described data transmission to described security module is carried out the conversion of described appointment data field, make described encryption equipment read the described state value of the described appointment data field in described security module, match with preset described risk class, and perform the execution order corresponding with the described risk class after pairing.
6. smart card according to claim 5 encryption supervising device, it is characterised in that described external equipment also includes reset key, after changing for the reset key state according to self, to determine that described external equipment moves.
7. a smart card encryption monitoring method, it is characterised in that including:
When security module stops communicating with external equipment, described encryption equipment is for reading the state value specifying data field in described security module;
Described state value and preset risk class are matched, and performs the execution order corresponding with the described risk class after pairing.
8. smart card according to claim 7 encryption monitoring method, it is characterised in that described state value and preset risk class are matched, and perform with match after the corresponding execution order of described risk class specifically include:
Described state value and preset described risk class being matched, if the described risk class of pairing is the first estate, then described encryption equipment performs cipher key destruction instruction;
And/or
Described state value and preset described risk class being matched, if the described risk class of pairing is the second grade, then described encryption equipment performs to quit work instruction.
9. smart card according to claim 8 encryption monitoring method, it is characterized in that, described state value and preset described risk class being matched, if the described risk class of pairing is the second grade, then the instruction that performs to quit work of described encryption equipment specifically includes:
Described state value and preset described risk class are matched, if the described risk class of pairing is the second grade, then described encryption equipment performs to quit work instruction, and judge described security module stops communicating whether exceed preset time period with external equipment, if so, then described encryption equipment performs described cipher key destruction instruction.
10. the smart card encryption monitoring method according to any one in claim 7 to 9, it is characterised in that described smart card encryption monitoring method also includes:
After described external equipment moves, extract the data of described gyroscope, and described data transmission to described security module is carried out the conversion of described appointment data field, described encryption equipment is made to read the described state value of the described appointment data field in described security module, match with preset described risk class, and perform the execution order corresponding with the described risk class after pairing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610044365.3A CN105653965B (en) | 2016-01-22 | 2016-01-22 | A kind of intelligence card encoder monitoring device and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610044365.3A CN105653965B (en) | 2016-01-22 | 2016-01-22 | A kind of intelligence card encoder monitoring device and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105653965A true CN105653965A (en) | 2016-06-08 |
| CN105653965B CN105653965B (en) | 2018-09-11 |
Family
ID=56487836
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610044365.3A Active CN105653965B (en) | 2016-01-22 | 2016-01-22 | A kind of intelligence card encoder monitoring device and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105653965B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090232312A1 (en) * | 2004-11-24 | 2009-09-17 | Matsushita Electric Industrial Co., Ltd. | Encrypted content reproduction device, encrypted content reproduction method, program, and recording medium for storing the program |
| CN101794260A (en) * | 2010-03-11 | 2010-08-04 | 上海北大方正科技电脑系统有限公司 | Automatically imported method of encryption key for mobile storage device |
| CN102013975A (en) * | 2010-06-29 | 2011-04-13 | 北京飞天诚信科技有限公司 | Secret key management method and system |
| CN102147662A (en) * | 2011-03-14 | 2011-08-10 | 张龙其 | Input terminal with keyboard and encryption module |
| CN103138939A (en) * | 2013-03-28 | 2013-06-05 | 武汉大学 | Secret key use time management method based on credible platform module under cloud storage mode |
| CN104202369A (en) * | 2014-08-19 | 2014-12-10 | 西安邮电大学 | Novel multi-application authentication card issuing system for smart card |
| CN104506483A (en) * | 2014-10-21 | 2015-04-08 | 中兴通讯股份有限公司 | Method for encrypting and decrypting information and managing secret key as well as terminal and network server |
-
2016
- 2016-01-22 CN CN201610044365.3A patent/CN105653965B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090232312A1 (en) * | 2004-11-24 | 2009-09-17 | Matsushita Electric Industrial Co., Ltd. | Encrypted content reproduction device, encrypted content reproduction method, program, and recording medium for storing the program |
| CN101794260A (en) * | 2010-03-11 | 2010-08-04 | 上海北大方正科技电脑系统有限公司 | Automatically imported method of encryption key for mobile storage device |
| CN102013975A (en) * | 2010-06-29 | 2011-04-13 | 北京飞天诚信科技有限公司 | Secret key management method and system |
| CN102147662A (en) * | 2011-03-14 | 2011-08-10 | 张龙其 | Input terminal with keyboard and encryption module |
| CN103138939A (en) * | 2013-03-28 | 2013-06-05 | 武汉大学 | Secret key use time management method based on credible platform module under cloud storage mode |
| CN104202369A (en) * | 2014-08-19 | 2014-12-10 | 西安邮电大学 | Novel multi-application authentication card issuing system for smart card |
| CN104506483A (en) * | 2014-10-21 | 2015-04-08 | 中兴通讯股份有限公司 | Method for encrypting and decrypting information and managing secret key as well as terminal and network server |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105653965B (en) | 2018-09-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11003976B2 (en) | Methods and apparatus for RFID communications in a process control system | |
| RU2722390C2 (en) | Methods and apparatus for multi-mode communication of radio-frequency sensor marks in process control systems | |
| RU2668410C2 (en) | Methods and apparatus for long range rfid communications in a process control system | |
| CN103287942B (en) | Elevator maintenance maintenance device and elevator maintenance monitoring and managing method | |
| RU2669705C2 (en) | Method and apparatus to manage and maintain process control system field devices using radio-frequency identification (rfid) devices | |
| CN104734277A (en) | Wireless charging and communication | |
| CN107590874A (en) | Safety route inspection method and inspection mobile terminal | |
| CN104410435A (en) | Method for triggering networking, node and gateway | |
| CN103838612A (en) | Device, method and system for burning firmware by factory | |
| CN103021054A (en) | Method and system for monitoring lock state in real time | |
| US20240113540A1 (en) | Storage and charging station for storing and charging a plurality of mobile electronic devices, system including the station, and method of communication among the same | |
| CN103997797A (en) | Building method for Internet of Things and Internet-of-Things device | |
| CN101149811B (en) | Memory device information mark system and method | |
| CN105653965A (en) | Smart card encryption equipment monitoring device and method | |
| CN104184612A (en) | Power supply fault processing method and device | |
| CN105095801A (en) | Method for destroying hard disk in toll breakdown of notebook computer enclosure | |
| CN101539981B (en) | Method, system and sensor node for controlling data security | |
| CN104170321A (en) | Network equipment finding method, network equipment, and network equipment finding system | |
| CN203084736U (en) | Computer network safety control system | |
| CN103268434A (en) | Embedded type system and remote injection running method thereof | |
| CN104834274A (en) | Machine lock control method of remote control system and system | |
| CN216118759U (en) | Monitoring system for management equipment | |
| CN108121226A (en) | A kind of system of mobile terminal substitution control device man-machine interface | |
| CN107306225A (en) | A kind of computer network router of new break alarm | |
| CN104270356A (en) | Intelligent server safety control terminal and server monitoring method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |