CN105812334A - Network authentication method - Google Patents
Network authentication method Download PDFInfo
- Publication number
- CN105812334A CN105812334A CN201410852736.1A CN201410852736A CN105812334A CN 105812334 A CN105812334 A CN 105812334A CN 201410852736 A CN201410852736 A CN 201410852736A CN 105812334 A CN105812334 A CN 105812334A
- Authority
- CN
- China
- Prior art keywords
- identification card
- subscriber identification
- user
- phone number
- certificate server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention discloses a network authentication method, and the method comprises the steps: logging in a server to receive a logging request, transmitting a cellphone number of a user and the logging request to an authentication server, and transmitting the characteristic value of a current authentication object to a user identity recognition card corresponding to the cellphone number of the user; enabling the authentication server to generate a random number, and transmitting a secret key object corresponding to the cellphone number of the user, the characteristic value of the authentication object and the generated random number to the user identity recognition card corresponding to the cellphone number of the user; enabling the user identity recognition card to carry out the decryption of the secret key object and obtaining a secret key, verifying the characteristic value of a current authentication object according to the characteristic value of the authentication object, enabling the user identity recognition card to carry out the signing of the random number through the secret key when the characteristic value of the current authentication object passes the verification, and sending a signing result to the authentication server; and carrying out the verification of the signature through a public key after the authentication server receives the signing result. According to the embodiment of the invention, the method can save the storage space of the user identity recognition card, and improves the safety of network authentication.
Description
Technical field
The present invention relates to internet security field, particularly relate to a kind of method for network authorization.
Background technology
At present, user, when stepping on the application used under internet environment, service or information system, is typically necessary and first carries out login authentication.It is most commonly used that and carries out user authentication by the mode of username and password.But, safety is poor on the one hand for the login mode of this username and password, easily illegally intercepted and captured and attack and cause password stolen, on the other hand, different application or service are required for respective username and password, and user sometimes can forget Password, and user to reset cryptographic process general all more complicated, cause the user trouble, the application of increase or the expense of system, reduce work efficiency.
Currently, in order to improve the safety of network authentication, it is possible to by subscriber identification card (such as SIM, usim card, UIM card etc.) as authentication assembly, by registering cell-phone number and subscriber identification card certification, carry out network authentication.Subscriber identification card self possesses multiple hardwares protective measure, has significantly high safety.Also has the coprocessor of symmetric encipherment algorithm and rivest, shamir, adelman, it is possible to ensure the performance of computing.
Conventional steps based on the authentication method of subscriber identification card is: subscriber identification card generates public private key pair, and stores private key certificate in subscriber identification card, and public key certificate is passed to server.When doing signature sign test, server passes information to subscriber identification card, and subscriber identification card private key is encrypted, and will add confidential information and pass to server, and server PKI is decrypted, it is judged that the legitimacy of user identity.
Prior art there is problems in that due to for different services, application or information system, it may be necessary to different private key certificate, thus need in subscriber identification card, store multiple different private key certificate.The length of each certificate is from hundreds of byte to thousands of byte, and multiple certificates are accomplished by occupying substantial amounts of memory space in subscriber identification card.And the memory space of private key certificate is mostly reserved, once memory space is full, it is possible to the development of follow-up business can be limited.And, when actually used, in addition it is also necessary to develop corresponding STK menu on subscriber identification card, certificate can be managed user, such as adds, delete, renewal etc., operate more complicated, management inconvenience.
Summary of the invention
Embodiments provide a kind of method for network authorization, it is possible to increase the safety of user authentication under internet environment, save the memory space of subscriber identification card.
In view of this, the present invention provides a kind of method for network authorization, it may include:
Login service device receives logging request, the cell-phone number of user and described logging request is sent to certificate server, and current authentication characteristics of objects value is sent to the subscriber identification card corresponding with the cell-phone number of user;
Certificate server generates random number, and the random number of the key object corresponding with the cell-phone number of user, certification characteristics of objects value and generation is sent to the subscriber identification card corresponding with the cell-phone number of user;
Described key object is decrypted and obtains private key by subscriber identification card, described current authentication characteristics of objects value is verified according to certification characteristics of objects value, when described current authentication characteristics of objects value is by verifying, described random number is signed by subscriber identification card with described private key, and signature result is sent to described certificate server;
After described certificate server receives described signature result, carry out sign test with corresponding PKI, if by sign test, be then verified, without by sign test, then authentication failed.
In the implementation that the first is possible, before described login service device receives logging request, may also include that memory mobile phone number and the certification characteristics of objects value corresponding with described cell-phone number, PKI, key in described certificate server.
In the implementation that the second is possible, in described certificate server memory mobile phone number and the certification characteristics of objects value corresponding with described cell-phone number, PKI, key step comprise the steps that
Login service device to certificate server send registration request, user input cell-phone number and certification characteristics of objects value;
After certificate server receives described registration request, send subscriber identification card registration request to the subscriber identification card corresponding with the cell-phone number of described input;
After subscriber identification card receives described subscriber identification card registration request, generate public private key pair, private key is encrypted formation key object, and described key object and described PKI are sent to described certificate server;
Described certificate server receives described key object and described PKI, and stores the cell-phone number that user inputs, certification characteristics of objects value, PKI and key object that described cell-phone number is corresponding.
In the implementation that the third is possible, after described subscriber identification card receives described subscriber identification card registration request, generate public private key pair, private key is encrypted the step forming key object and comprises the steps that described private key is encrypted by described subscriber identification card symmetric key, form key object.
In the 4th kind of possible implementation, described key object is decrypted and obtains private key by subscriber identification card, verify that the step of described current authentication characteristics of objects value comprises the steps that when described current authentication characteristics of objects value is not verified according to certification characteristics of objects value, send abnormal information to described login service device, notify that described login service device refusal user logs in.
In the 5th kind of possible implementation, after described certificate server receives described signature result, sign test is carried out with PKI, if by sign test, be then verified, without passing through sign test, then the step of authentication failed comprises the steps that if passing through sign test, then described certificate server notifies that described login service device refusal user logs in, without by sign test, then notifying that described login service device allows user to log in.
In the 6th kind of possible implementation, described certification characteristics of objects value can include following at least one: the IP address of the login service device of user, port numbers, app encapsulate certificate cryptographic Hash.
As can be seen from the above technical solutions, the embodiment of the present invention has the advantage that
In the embodiment of the present invention, need not private key be stored on the subscriber identification card of user mobile phone, but PKI and private key are stored on certificate server, by certificate server, private key is sent to subscriber identification card when certification to be authenticated, save the memory space of subscriber identification card, and, due to private key be with encryption after key object store and transmit, and encryption key is only stored in subscriber identification card, so safety is higher.And with the conventional mode being verified by user name password different, it is verified by cell-phone number, it is to avoid user forgets Password the trouble caused.
Accompanying drawing explanation
Fig. 1 is the flow chart of one embodiment of method for network authorization in the embodiment of the present invention.
Detailed description of the invention
Embodiments provide a kind of method for network authorization, it is possible to save the memory space of subscriber identification card, improve the safety of certification.
In order to make those skilled in the art be more fully understood that the present invention program, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the embodiment of a present invention part, rather than whole embodiments.Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art obtain under not making creative work premise, all should belong to the scope of protection of the invention.
Referring to Fig. 1, in the embodiment of the present invention, one embodiment of method for network authorization includes:
S101, login service device receives logging request, the cell-phone number of user and described logging request is sent to certificate server, and current authentication characteristics of objects value is sent to the subscriber identification card corresponding with the cell-phone number of user;
Wherein, user is logging in Internet service, when application or information system, and (all submission buttons as by clicking on login page) submit logging request to, after login service device receives the logging request that user submits to, server can search corresponding phone number according to login account, the cell-phone number of user is sent collectively to certificate server together with logging request, and current authentication characteristics of objects value is sent to the subscriber identification card corresponding with the cell-phone number of user, this subscriber identification card can be available for 2G, 3G, the communication networks such as 4G carry out the SIM of client identity discriminating, usim card, UIM card etc..
S102, certificate server generates random number (or comprising a stack features value of random number), and the random number of the key object corresponding with the cell-phone number of user, certification characteristics of objects value and generation is sent to the subscriber identification card corresponding with the cell-phone number of user.
Wherein, described key object is the information after private key is encrypted.Certificate server is after receiving logging request, random number can be generated, then key object corresponding for the cell-phone number with user prestored in certificate server, certification characteristics of objects value are sent collectively to, together with the random number generated, the subscriber identification card that the cell-phone number of user is corresponding.
S103, described key object is decrypted and obtains private key by subscriber identification card, described current authentication characteristics of objects value is verified according to certification characteristics of objects value, when described current authentication characteristics of objects value is by verifying, described random number is signed by subscriber identification card with described private key, and signature result is sent to described certificate server.
Wherein, subscriber identification card receives the current authentication characteristics of objects value that login service device is sent to, after receiving key object, certification characteristics of objects value and the random number that certificate server sends, the current authentication characteristics of objects value received is compared with the certification characteristics of objects value prestored, if it is consistent with each other, then current authentication characteristics of objects value is by verifying, then random number is signed by the private key after subscriber identification card decompression.
S104, described certificate server carries out sign test with PKI after receiving described signature result, if by sign test, is then verified, without by sign test, then authentication failed.
Utilize method for network authorization provided by the invention, need not private key be stored on the subscriber identification card of user mobile phone, but PKI and private key are stored on certificate server, by certificate server, private key is sent to subscriber identification card when certification to be authenticated, save the memory space of subscriber identification card, further, owing to being store with the key object after encrypting and transmit private key, so safety is higher.And with the conventional mode being verified by user name password different, it is verified by cell-phone number, it is to avoid user forgets Password the trouble caused.
Preferably, described certification characteristics of objects value can include the cryptographic Hash etc. of the IP address of login service device of user, port numbers, app encapsulation certificate.
In a preferred embodiment of the present invention, before described login service device receives logging request, it is also possible to including: memory mobile phone number and the certification characteristics of objects value corresponding with described cell-phone number, PKI, key in described certificate server.
Preferably, the information such as the PKI corresponding with cell-phone number with memory mobile phone number, key, certification characteristics of objects value are generated by the following method:
Login service device to certificate server send registration request, user input cell-phone number and certification characteristics of objects value;
After certificate server receives described registration request, send subscriber identification card registration request to the subscriber identification card corresponding with the cell-phone number of described input;
After subscriber identification card receives described subscriber identification card registration request, generate public private key pair, private key is encrypted formation key object, and described key object and described PKI are sent to described certificate server;
Described certificate server receives described key object and described PKI, and stores the cell-phone number that user inputs, certification characteristics of objects value, PKI and key object that described cell-phone number is corresponding.
By with upper type, user first passes through login page and user mobile phone number is registered, PKI and key is generated by subscriber identification card, and PKI and key are sent on certificate server, by certificate server memory mobile phone number and the certification characteristics of objects value corresponding with cell-phone number, PKI and key object.In this manner it is possible to be stored in certificate server by the information such as private key and key, save space for subscriber identification card, be also convenient for the data such as PKI, key are added, delete, the management of the operation such as renewal.
Preferably, described subscriber identification card when being encrypted formation key object by private key, it is possible to symmetric key, described private key is encrypted, for instance the symmetric keys such as AES or 3DES.Accordingly, during user log-in authentication, subscriber identification card is when receiving key object from certificate server, it is possible to use key object is decrypted by same symmetric key, obtains private key.This symmetric key can be stored on subscriber identification card.
Preferably, subscriber identification card verifies described current authentication characteristics of objects value according to certification characteristics of objects value, when described current authentication characteristics of objects value is not verified, send abnormal information to described login service device, notify that described login service device refusal user logs in.
Preferably, after described certificate server receives described signature result, sign test is carried out with PKI, if passing through sign test, then described certificate server notifies that described login service device refusal user logs in, without by sign test, then notifying that described login service device allows user to log in.
In several embodiments provided herein, it should be understood that disclosed system, apparatus and method, it is possible to realize by another way.Such as, device embodiment described above is merely schematic, such as, the division of described unit, being only a kind of logic function to divide, actual can have other dividing mode when realizing, for instance multiple unit or assembly can in conjunction with or be desirably integrated into another system, or some features can ignore, or do not perform.Another point, shown or discussed coupling each other or direct-coupling or communication connection can be through INDIRECT COUPLING or the communication connection of some interfaces, device or unit, it is possible to be electrical, machinery or other form.
The described unit illustrated as separating component can be or may not be physically separate, and the parts shown as unit can be or may not be physical location, namely may be located at a place, or can also be distributed on multiple NE.Some or all of unit therein can be selected according to the actual needs to realize the purpose of the present embodiment scheme.
It addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it is also possible to be that unit is individually physically present, it is also possible to two or more unit are integrated in a unit.Above-mentioned integrated unit both can adopt the form of hardware to realize, it would however also be possible to employ the form of SFU software functional unit realizes.
If described integrated unit is using the form realization of SFU software functional unit and as independent production marketing or use, it is possible to be stored in a computer read/write memory medium.Based on such understanding, part or all or part of of this technical scheme that prior art is contributed by technical scheme substantially in other words can embody with the form of software product, this computer software product is stored in a storage medium, including some instructions with so that a computer equipment (can be personal computer, server, or the network equipment etc.) perform all or part of step of method described in each embodiment of the present invention.And aforesaid storage medium includes: USB flash disk, portable hard drive, read only memory (ROM, Read-OnlyMemory), the various media that can store program code such as random access memory (RAM, RandomAccessMemory), magnetic disc or CD.
Term " first " in description and claims of this specification and above-mentioned accompanying drawing, " second ", " the 3rd " " the 4th " etc. (if existence) are for distinguishing similar object, without being used for describing specific order or precedence.Should be appreciated that the data of so use can be exchanged in the appropriate case, in order to the embodiments described herein can be implemented with the order except the content of here diagram or description.In addition, term " includes " and " having " and their any deformation, it is intended to cover non-exclusive comprising, such as, contain series of steps or the process of unit, method, system, product or equipment be not necessarily limited to those steps or the unit clearly listed, but can include clearly not listing or for intrinsic other step of these processes, method, product or equipment or unit.
The above, above example only in order to technical scheme to be described, is not intended to limit;Although the present invention being described in detail with reference to previous embodiment, it will be understood by those within the art that: the technical scheme described in foregoing embodiments still can be modified by it, or wherein portion of techniques feature is carried out equivalent replacement;And these amendments or replacement, do not make the essence of appropriate technical solution depart from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (7)
1. a method for network authorization, it is characterised in that including:
Login service device receives logging request, the cell-phone number of user and described logging request is sent to certificate server, and current authentication characteristics of objects value is sent to the subscriber identification card corresponding with the cell-phone number of user;
Certificate server generates random number, and the random number of the key object corresponding with the cell-phone number of user, certification characteristics of objects value and generation is sent to the subscriber identification card corresponding with the cell-phone number of user;
Described key object is decrypted and obtains private key by subscriber identification card, described current authentication characteristics of objects value is verified according to certification characteristics of objects value, when described current authentication characteristics of objects value is by verifying, described random number is signed by subscriber identification card with described private key, and signature result is sent to described certificate server;
Described certificate server carries out sign test with PKI after receiving described signature result, if by sign test, is then verified, without by sign test, then and authentication failed.
2. method for network authorization according to claim 1, it is characterised in that before described login service device receives logging request, also include:
Memory mobile phone number and the certification characteristics of objects value corresponding with described cell-phone number, PKI, key in described certificate server.
3. method for network authorization according to claim 2, it is characterised in that in described certificate server memory mobile phone number and the certification characteristics of objects value corresponding with described cell-phone number, PKI, key step include:
Login service device to certificate server send registration request, user input cell-phone number and certification characteristics of objects value;
After certificate server receives described registration request, send subscriber identification card registration request to the subscriber identification card corresponding with the cell-phone number of described input;
After subscriber identification card receives described subscriber identification card registration request, generate public private key pair, private key is encrypted formation key object, and described key object and described PKI are sent to described certificate server;
Described certificate server receives described key object and described PKI, and stores the cell-phone number that user inputs, certification characteristics of objects value, PKI and key object that described cell-phone number is corresponding.
4. method for network authorization according to claim 3, it is characterised in that after described subscriber identification card receives described subscriber identification card registration request, generates public private key pair, private key is encrypted the step forming key object and includes:
Described private key is encrypted by described subscriber identification card symmetric key, forms key object.
5. method for network authorization according to claim 1, it is characterised in that described key object is decrypted and obtains private key by subscriber identification card, verifies that according to certification characteristics of objects value the step of described current authentication characteristics of objects value includes:
When described current authentication characteristics of objects value is not verified, send abnormal information to described login service device, notify that described login service device refusal user logs in.
6. method for network authorization according to claim 1, it is characterised in that described certificate server carries out sign test with PKI after receiving described signature result, if by sign test, be then verified, without by sign test, then the step of authentication failed includes:
If by sign test, then described certificate server notifies that described login service device refusal user logs in, without by sign test, then notifying that described login service device allows user to log in.
7. the method for network authorization according to any one of claim 1-6, it is characterised in that described certification characteristics of objects value includes following at least one: the IP address of the login service device of user, port numbers, app encapsulate certificate cryptographic Hash.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410852736.1A CN105812334B (en) | 2014-12-31 | 2014-12-31 | A kind of method for network authorization |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410852736.1A CN105812334B (en) | 2014-12-31 | 2014-12-31 | A kind of method for network authorization |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105812334A true CN105812334A (en) | 2016-07-27 |
| CN105812334B CN105812334B (en) | 2019-02-05 |
Family
ID=56420920
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410852736.1A Active CN105812334B (en) | 2014-12-31 | 2014-12-31 | A kind of method for network authorization |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105812334B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302544A (en) * | 2016-10-18 | 2017-01-04 | 深圳市金立通信设备有限公司 | A kind of safe verification method and system |
| CN106850209A (en) * | 2017-02-28 | 2017-06-13 | 苏州福瑞思信息科技有限公司 | A kind of identity identifying method and device |
| CN108768650A (en) * | 2018-04-12 | 2018-11-06 | 济南大学 | A kind of short-message verification system based on biological characteristic |
| CN109005155A (en) * | 2018-07-04 | 2018-12-14 | 北京奇安信科技有限公司 | Identity identifying method and device |
| CN110417848A (en) * | 2019-05-22 | 2019-11-05 | 无锡源致科技有限公司 | Pigeon racing decentralization contest method |
| CN110492989A (en) * | 2019-08-23 | 2019-11-22 | 广州华多网络科技有限公司 | The processing method of private key, the medium of access method and corresponding method, device |
| CN110602076A (en) * | 2019-08-15 | 2019-12-20 | 中国人民银行数字货币研究所 | Identity using method, device and system based on master identity multiple authentication |
| CN114244565A (en) * | 2021-11-16 | 2022-03-25 | 广东电网有限责任公司 | Key distribution method, device, equipment, storage medium and computer program product |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050149734A1 (en) * | 2004-01-02 | 2005-07-07 | Nokia Corporation | Replay prevention mechanism for EAP/SIM authentication |
| US20090190562A1 (en) * | 2003-09-26 | 2009-07-30 | Samsung Electronics Co., Ltd. | Hrpd network access authentication method based on cave algorithm |
| US20100135491A1 (en) * | 2007-03-27 | 2010-06-03 | Dhiraj Bhuyan | Authentication method |
| CN102254380A (en) * | 2010-05-31 | 2011-11-23 | 北京汇冠金财科技有限公司 | Safe mobile phone payment method and system based on hybrid encryption mechanism |
| CN103346887A (en) * | 2013-07-02 | 2013-10-09 | 山东科技大学 | Low-complexity identity authentication method based on intelligent card and under multiserver environment |
| CN103813333A (en) * | 2014-02-21 | 2014-05-21 | 天地融科技股份有限公司 | Data processing method based on negotiation keys |
| CN103944715A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data processing method based on agreement key |
| CN103944724A (en) * | 2014-04-18 | 2014-07-23 | 天地融科技股份有限公司 | User identity identification card |
-
2014
- 2014-12-31 CN CN201410852736.1A patent/CN105812334B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090190562A1 (en) * | 2003-09-26 | 2009-07-30 | Samsung Electronics Co., Ltd. | Hrpd network access authentication method based on cave algorithm |
| US20050149734A1 (en) * | 2004-01-02 | 2005-07-07 | Nokia Corporation | Replay prevention mechanism for EAP/SIM authentication |
| US20100135491A1 (en) * | 2007-03-27 | 2010-06-03 | Dhiraj Bhuyan | Authentication method |
| CN102254380A (en) * | 2010-05-31 | 2011-11-23 | 北京汇冠金财科技有限公司 | Safe mobile phone payment method and system based on hybrid encryption mechanism |
| CN103346887A (en) * | 2013-07-02 | 2013-10-09 | 山东科技大学 | Low-complexity identity authentication method based on intelligent card and under multiserver environment |
| CN103813333A (en) * | 2014-02-21 | 2014-05-21 | 天地融科技股份有限公司 | Data processing method based on negotiation keys |
| CN103944724A (en) * | 2014-04-18 | 2014-07-23 | 天地融科技股份有限公司 | User identity identification card |
| CN103944715A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data processing method based on agreement key |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302544A (en) * | 2016-10-18 | 2017-01-04 | 深圳市金立通信设备有限公司 | A kind of safe verification method and system |
| CN106850209A (en) * | 2017-02-28 | 2017-06-13 | 苏州福瑞思信息科技有限公司 | A kind of identity identifying method and device |
| CN108768650B (en) * | 2018-04-12 | 2021-06-22 | 济南大学 | Short message verification system based on biological characteristics |
| CN108768650A (en) * | 2018-04-12 | 2018-11-06 | 济南大学 | A kind of short-message verification system based on biological characteristic |
| CN109005155B (en) * | 2018-07-04 | 2021-11-12 | 奇安信科技集团股份有限公司 | Identity authentication method and device |
| CN109005155A (en) * | 2018-07-04 | 2018-12-14 | 北京奇安信科技有限公司 | Identity identifying method and device |
| CN110417848A (en) * | 2019-05-22 | 2019-11-05 | 无锡源致科技有限公司 | Pigeon racing decentralization contest method |
| CN110417848B (en) * | 2019-05-22 | 2022-04-01 | 无锡源致科技有限公司 | Racing pigeon decentralized competition method |
| CN110602076A (en) * | 2019-08-15 | 2019-12-20 | 中国人民银行数字货币研究所 | Identity using method, device and system based on master identity multiple authentication |
| CN110492989A (en) * | 2019-08-23 | 2019-11-22 | 广州华多网络科技有限公司 | The processing method of private key, the medium of access method and corresponding method, device |
| CN110492989B (en) * | 2019-08-23 | 2020-11-13 | 广州华多网络科技有限公司 | Private key processing method, access method, and medium and device corresponding to method |
| CN114244565A (en) * | 2021-11-16 | 2022-03-25 | 广东电网有限责任公司 | Key distribution method, device, equipment, storage medium and computer program product |
| CN114244565B (en) * | 2021-11-16 | 2023-09-19 | 广东电网有限责任公司 | Key distribution method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105812334B (en) | 2019-02-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11588637B2 (en) | Methods for secure cryptogram generation | |
| EP2954448B1 (en) | Provisioning sensitive data into third party network-enabled devices | |
| CN101828357B (en) | Credential provisioning method and device | |
| EP3255832B1 (en) | Dynamic encryption method, terminal and server | |
| US11349675B2 (en) | Tamper-resistant and scalable mutual authentication for machine-to-machine devices | |
| CN103067401B (en) | Method and system for key protection | |
| CN105812334A (en) | Network authentication method | |
| US9445269B2 (en) | Terminal identity verification and service authentication method, system and terminal | |
| CN111512608B (en) | Trusted execution environment based authentication protocol | |
| CN110417797A (en) | Authenticate the method and device of user | |
| CN105450406A (en) | Data processing method and device | |
| CN103078742A (en) | Generation method and system of digital certificate | |
| CN101296083A (en) | Enciphered data transmission method and system | |
| CN111435389A (en) | Power distribution terminal operation and maintenance tool safety protection system | |
| KR101329789B1 (en) | Encryption Method of Database of Mobile Communication Device | |
| CN103312671B (en) | The method and system of validate service device | |
| Yoon et al. | Security enhancement scheme for mobile device using H/W cryptographic module | |
| CN110225515B (en) | Authentication management system, method and device | |
| JP2013179473A (en) | Account generation management system, account generation management server, account generation management method, account generation management program | |
| Oliveira | Dynamic QR codes for Ticketing Systems | |
| KR102104094B1 (en) | Authentication device, program for controlling authentication between a mobile communication device and recording media for the program | |
| Anand et al. | Enhancing Security for IoT Devices using Software Defined Networking (SDN) | |
| CN104901932A (en) | Secure login method based on CPK (Combined Public Key Cryptosystem) identity authentication technology | |
| CN118233218A (en) | Remote authentication system and method based on distributed trusted execution environment application |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 100089 Floor 12 1506, Building A 1, 66 Zhongguancun East Road, Haidian District, Beijing Patentee after: Beijing Huahong Integrated Circuit Design Co., Ltd. Address before: 100080 Beijing City, Haidian District Zhongguancun Road No. 66, building 1, 12 layers of 1501-1510 Patentee before: Beijing Huahong Integrated Circuit Design Co., Ltd. |