CN106302352A - A kind of method and apparatus of new digital certificate application - Google Patents

A kind of method and apparatus of new digital certificate application Download PDF

Info

Publication number
CN106302352A
CN106302352A CN201510300171.0A CN201510300171A CN106302352A CN 106302352 A CN106302352 A CN 106302352A CN 201510300171 A CN201510300171 A CN 201510300171A CN 106302352 A CN106302352 A CN 106302352A
Authority
CN
China
Prior art keywords
digital certificate
digital
converter
user
middle device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510300171.0A
Other languages
Chinese (zh)
Inventor
李华
杨珣
徐磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Kai Shot Mdt Infotech Ltd
Original Assignee
Shanghai Kai Shot Mdt Infotech Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Kai Shot Mdt Infotech Ltd filed Critical Shanghai Kai Shot Mdt Infotech Ltd
Priority to CN201510300171.0A priority Critical patent/CN106302352A/en
Publication of CN106302352A publication Critical patent/CN106302352A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides the method and apparatus of a kind of new digital certificate application.By introducing novel quadrature digital up-converter middle device;While meeting digital certificate authentication; realize the compatibility to other reliable authentication means such as dynamic password, SMS, living things feature recognition, second channel certifications; break away from the tradition trust systems dependence to digital certificate terminal security medium; and organically combine digital certificate technique advantage in terms of sensitive information protection and the property of can not be substituted in terms of confirmation of responsibility thereof, collectively form new generation network foundation of trust facility.Greatly breach current network and trust the limitation of security system, solve cost-effectively quadrature digital up-converter under the complex network environments such as at present different use crowd, multiple intelligent terminal, all kinds of transmission network, differentiated service forms etc. many puzzlement industries key issue for many years, consolidate and improve new generation network foundation of trust establishment construct.

Description

A kind of method and apparatus of new digital certificate application
Technical field
The invention provides a kind of method and apparatus providing new digital certificate to apply.By introducing novel quadrature digital up-converter middle device;While meeting digital certificate authentication; realize the compatibility to other reliable authentication means such as dynamic password, SMS, living things feature recognition, second channel certifications; break away from the tradition trust systems dependence to digital certificate terminal security medium; and organically combine digital certificate technique advantage in terms of sensitive information protection and the property of can not be substituted in terms of confirmation of responsibility thereof, collectively form new generation network foundation of trust facility.Greatly breach current network and trust the limitation of security system, solve cost-effectively quadrature digital up-converter under the complex network environments such as at present different use crowd, multiple intelligent terminal, all kinds of transmission network, differentiated service forms etc. many puzzlement industries key issue for many years, consolidate and improve new generation network foundation of trust establishment construct.
Background technology
Under the situation of current web universe great development, the features such as Network Mobility, Internet of Things networking, terminal variation, popular, the cloud service of network application increasingly highlight, but, legacy network foundation of trust facility with digital certificate technique as core locks into several key issue the most always, entirety rests under traditional support system pattern, it is difficult to adapt to day by day complicated network environment;First, apply realization to smooth with mobile network to dock and migrate by having tended to network trust infrastructure ripe, with digital certificate as core on conventional internet the most cost-effectively, this problem is directly related to the mobile of conventional internet application, has profound influence to the further in-depth of mobile Internet is universal;Secondly, for individual's public user, how on the premise of ensureing Digital Certificate Security application system, economy solves individual's public user Digital Certificate Security storage and the problem used easily, is that digital certificate industry develops another major issue that must solve further.The Digital Certificate Security storage medium of current main-stream cost, issue, there is a set threshold and deficiency in the aspect such as use, current application is the most also limited to specific industry and enterprise, but, the most wide public's application and public user, because it is completely in public environment more lacks foundation of trust, often with greater need for the network trust infrastructure with digital certificate technique as core;3rd, under including the most diversified situation of the subscriber network terminal such as mobile phone, pc, pad, how by sharing the correlation function of user identity digital certificate and secure storage medium thereof between user multiple terminals secure and trusted, realize the multiple terminals integral application of user identity digital certificate, avoid affecting concordance and the uniqueness of user's trusted identity because of the difference of the used terminal of user, meet the principles and requirements of service environment customer-centric;4th, under the situation that Internet of Things application is more universal, how in the case of various internet-of-things terminal abilities and communication protocol are limited, realize network trust guarantee, ensure the network trust guarantee under the whole network environment including Internet of Things, avoiding short-board effect, this is also the Basic Problems of puzzle industry;5th, in the face of current network application cloud increasingly, existing take, for technical network foundation of trust facility, the key issue that the most supporting Yun Huaye of realization is current industry development with digital certificate technique;6th, for a long time, the technology opposition such as digital certificate technique and such as dynamic token, SMS, living things feature recognition, second channel certification are got up, are striven length mutually always by industry.For reality, with regard to this link of authentication, digital certificate technique is not outshined othersOne branch of the tree is particularly thriving, and even there is likely to be inferior position under concrete application scenarios;But, digital certificate technique is as complete network trust security system, a kind of method that should seek combination, use its chief, above-mentioned technological means is included in the complete network based on digital certificate technique and trusts in security system, realize improving and surmounting of self, preferably serve day by day complicated network world.Such as, in cipher envelope technology, it is exactly a typical example by the combination of digital certificate technique Yu conventional symmetrical cryptographic technique;Above-mentioned Railway Project puzzlement digital certificate industry for many years, is the most effectively solved.The proposition of the present invention is based on this background;The purpose of the present invention is exactly the key issue solving the quadrature digital up-converter under current complex network environment cost-effectively, meets the network world requirement to network trust safety guarantee under the new situation, consolidates and improves new generation network foundation of trust establishment construct.
Summary of the invention
The present invention relates to the content of many aspects, specific as follows: to the invention provides a kind of method providing new digital certificate to apply.By in other reliable authentication means such as certification link compatibility dynamic password, SMS, living things feature recognition, second channel certifications; break away from tradition trust systems to digital certificate particular terminal secure storage medium rely on while; organically combine digital certificate technique advantage in terms of sensitive information protection and the property of can not be substituted in terms of confirmation of responsibility thereof, common structure new generation network trust systems.
Accompanying drawing explanation
Fig. 1 is system structure schematic diagram.By introducing novel quadrature digital up-converter middle device, user or equipment can pass through dynamic password thereon, SMS, living things feature recognition, other reliable authentication means such as second channel certification realize authentication, break away from the tradition trust systems dependence to digital certificate terminal security medium, the digital certificate related service that user is corresponding is called again by quadrature digital up-converter middle device, digital certificate technique advantage in terms of sensitive information protection and the property of can not be substituted in terms of confirmation of responsibility thereof are organically combined with other convenient reliable authentication means, collectively form new generation network foundation of trust facility.Adapt to the needs of quadrature digital up-converter under the complex network environments such as current different use crowd, multiple intelligent terminal, all kinds of transmission network, differentiated service forms;Fig. 2 be whole invoked procedure call schematic diagram.The procedure declaration of this figure and figure below is intended merely to the principle of the signal present invention, and do not represent the present invention uniquely realizes flow process, as long as meeting the spirit of the present invention, is accordingly to be regarded as within the scope of right expression of the presently claimed invention;Fig. 3 is that the illustrative view of functional configuration of quadrature digital up-converter middle device includes quadrature digital up-converter middle device self and operates in end side and the client software of cert services side.

Claims (8)

1. the invention provides a kind of method providing new digital certificate to apply; it is characterized in that: by introducing quadrature digital up-converter middle device; in other reliable authentication means such as certification link compatibility dynamic password, SMS, living things feature recognition, second channel certifications; break away from tradition trust systems digital certificate particular terminal secure storage medium is relied on; simultaneously; organically combine digital certificate technique advantage in terms of sensitive information protection and the property of can not be substituted in terms of confirmation of responsibility thereof, common structure new generation network trust systems.
2. a kind of method that the invention provides novel mobile digital certificate application, it is characterized in that: in the case of not requiring customer mobile terminal to support Credential-Security storage medium and certificate GL, the dynamic password that user is supported by mobile terminal, SMS, living things feature recognition, the reliable authentication hands section such as second channel certification, after accessing quadrature digital up-converter middle device and realizing authentication, connected by quadrature digital up-converter middle device again and use the customer digital certificate on online host equipment and repertoire thereof, build network trust security system complete under mobile network environment, its typical case's application scenarios includes that doctor moves and makes the rounds of the wards, enterprise mobile working etc..
3. the invention provides a kind of method of quadrature digital up-converter under novel environment of internet of things;It is characterized in that: in the case of not requiring Internet-of-things terminal intelligent equipment to support Credential-Security storage medium and certificate GL, authentication means by applicable Internet-of-things terminal intelligent equipment, after accessing quadrature digital up-converter middle device and realizing authentication, connected by quadrature digital up-converter middle device again and use the customer digital certificate on online host equipment and repertoire thereof, network trust security system complete under construction networked environment, its typical case's application scenarios includes Smart Home, intelligent monitoring.
4. the invention provides a kind of method of quadrature digital up-converter integration under novel multiple users, it is characterized in that: user has computer simultaneously, hands machine, during the different intelligent terminals such as pad, the dynamic password that user is supported by different intelligent terminal, SMS, living things feature recognition, the reliable authentication hands section such as second channel certification, after accessing quadrature digital up-converter middle device and realizing authentication, connected by quadrature digital up-converter middle device again and use the customer digital certificate on online host equipment and repertoire thereof, realize realizing concordance and the integration of customer digital certificate under the conditions of user multiple terminals, avoid because a multiple identity of user (multiple digital certificate) occurs in multiple terminals.
5. the invention provides a kind of novel quadrature digital up-converter cloud service method, it is characterized in that: user is by the reliable authentication means such as dynamic password, SMS, living things feature recognition, second channel certification, after accessing quadrature digital up-converter middle device and realizing authentication, connected by quadrature digital up-converter middle device again and use the customer digital certificate on online host equipment and repertoire thereof, do not rely on specific Credential-Security storage medium, provide the user high in the clouds digital certificate related service.
6. the invention provides the simple and easy method of a kind of novel quadrature digital up-converter, it is characterized in that: in the case of not requiring user intelligent terminal to support certificate specific secure storage medium and certificate GL, user passes through intelligent terminal, with dynamic password, SMS, living things feature recognition, after the reliable authentication means such as second channel certification access quadrature digital up-converter middle device and realize authentication, connected by quadrature digital up-converter middle device again and use the customer digital certificate on online host equipment and repertoire thereof, meet the network trust for ordinary populace user and popular application and ensure requirement.
7. the invention provides a kind of novel quadrature digital up-converter middle device, it is characterized in that: this device location is the middle device between Digital Certificate Security storage medium (containing digital certificate) and host and user terminal, its functional localization mainly includes two aspects, on the one hand realizing user or the reliable authentication of terminal unit, specific means can be any reliable identity identifying technologies such as digital certificate, dynamic password, SMS, living things feature recognition, second channel certification;On the other hand it is after certification is passed through, proxy user or terminal unit call the correlation function of the Digital Certificate Security storage medium (containing digital certificate) on coupled host online, and its composition includes quadrature digital up-converter middle device and operates in the corresponding client software of subscriber terminal side and cert services side and collectively constitute.
8. the intelligent terminal that the present invention relates to, it is characterised in that: include but not limited to smart mobile phone, pad, Internet of Things intelligence sensor or other special purpose intelligent terminals;Online host equipment may include but be not limited to user computer, unit/home server, work station, encryption equipment, smart mobile phone etc.;Customer digital certificate on host equipment can be stored in encryption equipment, USBKey, SDKey, SIMKey, hard disc of computer or other safety storage apparatus, finally, the present invention relates to a kind of new design thought and method, do not limited by implementing technology, equipment form and deployment way.
CN201510300171.0A 2015-06-05 2015-06-05 A kind of method and apparatus of new digital certificate application Pending CN106302352A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510300171.0A CN106302352A (en) 2015-06-05 2015-06-05 A kind of method and apparatus of new digital certificate application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510300171.0A CN106302352A (en) 2015-06-05 2015-06-05 A kind of method and apparatus of new digital certificate application

Publications (1)

Publication Number Publication Date
CN106302352A true CN106302352A (en) 2017-01-04

Family

ID=57656457

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510300171.0A Pending CN106302352A (en) 2015-06-05 2015-06-05 A kind of method and apparatus of new digital certificate application

Country Status (1)

Country Link
CN (1) CN106302352A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111953493A (en) * 2019-05-16 2020-11-17 上海铠射信息科技有限公司 Novel portable digital certificate application method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102970141A (en) * 2012-11-30 2013-03-13 国泰君安证券股份有限公司 Client identity authorization system and method
CN103051453A (en) * 2012-12-17 2013-04-17 连连银通电子支付有限公司 Digital certificate-based mobile terminal network security trading system and digital certificate-based mobile terminal network security trading method
CN104052713A (en) * 2013-03-11 2014-09-17 李华 Novel network trust guarantee service method and device
US20150142670A1 (en) * 2013-11-20 2015-05-21 Sue Zloth Systems and methods for software based encryption

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102970141A (en) * 2012-11-30 2013-03-13 国泰君安证券股份有限公司 Client identity authorization system and method
CN103051453A (en) * 2012-12-17 2013-04-17 连连银通电子支付有限公司 Digital certificate-based mobile terminal network security trading system and digital certificate-based mobile terminal network security trading method
CN104052713A (en) * 2013-03-11 2014-09-17 李华 Novel network trust guarantee service method and device
US20150142670A1 (en) * 2013-11-20 2015-05-21 Sue Zloth Systems and methods for software based encryption

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111953493A (en) * 2019-05-16 2020-11-17 上海铠射信息科技有限公司 Novel portable digital certificate application method and device

Similar Documents

Publication Publication Date Title
CN104378210B (en) Across the identity identifying method of trust domain
CN104113552B (en) A kind of platform authorization method, platform service end and applications client and system
CN104113551B (en) A kind of platform authorization method, platform service end and applications client and system
EP2391083B1 (en) Method for realizing authentication center and authentication system
CN109525570A (en) A kind of data hierarchy safety access control method of Cargo Oriented on Group client
CN113114632B (en) Can peg graft formula intelligence financial auditing platform
CN108123795A (en) Distributing method, application process, publishing platform and the system of quantum key chip
CN102377788A (en) Single sign-on (SSO) system and single sign-on (SSO) method
CN106713236A (en) End-to-end identity authentication and encryption method based on CPK identifier authentication
CN105075219A (en) Network system comprising a security management server and a home network, and method for including a device in the network system
CN104579687A (en) CSP implementation based on USBKEY
CN102571874B (en) On-line audit method and device in distributed system
Chinnasamy et al. A scalable multilabel‐based access control as a service for the cloud (SMBACaaS)
CN107566393A (en) A kind of dynamic rights checking system and method based on trust certificate
Chang et al. User authentication in cloud computing
CN106789845A (en) A kind of method of network data security transmission
CN106302352A (en) A kind of method and apparatus of new digital certificate application
CN109802927A (en) A kind of security service providing method and device
Chauhan Iot network identity management using smart contract and blockchain technology
Binu et al. A mobile based remote user authentication scheme without verifier table for cloud based services
CN113595877B (en) Instant communication method based on block chain
CN109218318A (en) A kind of things-internet gateway login detecting method based on equipment knowledge
CN106877996A (en) User in PKI domains accesses the authentication key agreement method of the resource in IBC domains
CN103905376B (en) A kind of method and system that two-way authentication is carried out based on OAUTH agreements
Fries et al. Handling role-based access control in the digital grid

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20170104