CN107171784B - Emergency command scheduling method and system for emergency environment events - Google Patents
Emergency command scheduling method and system for emergency environment events Download PDFInfo
- Publication number
- CN107171784B CN107171784B CN201710334252.1A CN201710334252A CN107171784B CN 107171784 B CN107171784 B CN 107171784B CN 201710334252 A CN201710334252 A CN 201710334252A CN 107171784 B CN107171784 B CN 107171784B
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- key
- network server
- user
- rsa public
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 230000006854 communication Effects 0.000 claims abstract description 14
- 238000004891 communication Methods 0.000 claims abstract description 13
- 230000007613 environmental effect Effects 0.000 claims description 12
- 230000006870 function Effects 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 description 12
- 230000008569 process Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000012795 verification Methods 0.000 description 2
- 230000001010 compromised effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/302—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a method and a system for emergency command and scheduling of an emergency environment event, wherein the method comprises the steps that a mobile terminal acquires an RSA public key from a network server and stores the RSA public key in a local memory; the mobile terminal encrypts login information by using an RSA public key, and sends the encrypted login information to the network server, wherein the login information comprises a session key, an account name, a login password and hardware equipment information of the mobile terminal; after verifying the authenticity of the login information, the network server generates login credentials and a user ID from the login information, and stores the user credentials and the user ID into a database server; the network server encrypts the user certificate and the user ID by using the session key and then sends the encrypted user certificate and the encrypted user ID to the mobile terminal; the communication between the mobile terminal and the network server uses the session key to encrypt the session data and the user certificate and then sends the encrypted session data and the user certificate. The system is used for realizing the method. The invention can ensure the data communication safety between the mobile terminal and the server.
Description
Technical Field
The invention relates to the field of communication, in particular to an emergency command scheduling method aiming at an emergency environment event and a system for realizing the method.
Background
In recent years, the frequency of emergencies in China and abroad is increasing, the difficulty of handling is also increasing, and effective prevention and reliable handling of emergencies become a serious challenge facing all the communities. In order to orderly do the job according to the established scheme when the emergency happens, the construction of the emergency plan system is generally regarded as the important basis for preventing and treating the emergency.
At present, emergency plans are mostly stored in a file cabinet or a computer hard disk in the form of paper texts or electronic files, for example, in the form of electronic files such as WORD documents, PDF documents, and the like. Once an emergency occurs, it is difficult for emergency personnel to accurately and quickly query and acquire a relevant emergency plan and to effectively extract useful information in the plan. For personnel who arrive at the on-site command temporarily, various resources such as expert information, materials and the like cannot be obtained in time, so that the efficiency and the effect of emergency disposal are influenced.
Disclosure of Invention
In order to solve the above problems, the present invention provides an emergency command scheduling method capable of quickly implementing resource transmission when an emergency occurs.
Another object of the present invention is to provide an emergency command and dispatch system capable of rapidly implementing resource transmission in case of emergency.
In order to achieve the main purpose, the emergency command scheduling method of the emergency environment event provided by the invention comprises the steps that the mobile terminal acquires an RSA public key from a network server and stores the RSA public key in a local memory of the mobile terminal; the mobile terminal encrypts login information by using an RSA public key and sends the encrypted login information to the network server, wherein the login information comprises a session key, an account name, a login password and hardware equipment information of the mobile terminal, and the session key is an AES type key; after verifying the authenticity of the login information, the network server generates login credentials and a user ID from the login information, and stores the user credentials and the user ID into a database server; the network server encrypts the user certificate and the user ID by using the session key and then sends the encrypted user certificate and the encrypted user ID to the mobile terminal; the communication between the mobile terminal and the network server uses the session key to encrypt the session data and the user certificate and then sends the encrypted session data and the user certificate.
A preferred scheme is that when the mobile terminal sends data to the network server, the data is sent to the network server together with the user ID; the network server decrypts the received data using the session key and returns the encrypted data to the mobile terminal after verifying the authenticity of the data.
Further, the mobile terminal obtaining the RSA public key from the network server includes: and the network server judges whether the RSA public key of the mobile terminal is stored or not, if not, the RSA public key of the mobile terminal is generated and sent to the mobile terminal, and the RSA public key is stored in the database server.
Further, the network server verifies the authenticity of the login information and comprises the following steps: and after the network server acquires the login information, the RSA private key is acquired from the database server, the login information is decrypted by using the RSA private key, and the decrypted login information is verified.
The mobile terminal judges whether a session key is stored locally before encrypting the login information by using the RSA public key, and if the session key is not stored, a key function library is used for generating a session key.
In a further aspect, the hardware device information of the mobile terminal is a SIM card number of the mobile terminal.
In order to achieve the above-mentioned another object, the emergency command and dispatch system for emergency environmental events provided by the present invention comprises: the RSA public key acquisition module acquires the RSA public key from the network server and stores the RSA public key on the local memory; the login information encryption module is used for encrypting login information by using an RSA public key and sending the encrypted login information to the network server, wherein the login information comprises a session key, an account name, a login password and hardware equipment information of the mobile terminal, and the session key is an AES (advanced encryption standard) type key; the login credential generation module is used for generating a login credential and a user ID from the login information after the network server verifies the authenticity of the login information, and storing the user credential and the user ID into the database server; the login credential sending module is used for encrypting the user credential and the user ID by using the session key by the network server and then sending the encrypted user credential and the encrypted user ID to the mobile terminal; and the session data sending module is used for sending the session data to the network server, and sending the session data and the user credentials after encrypting the session data and the user credentials by using the session key.
According to the scheme, the emergency environment event commanding and dispatching system can convert the preset text plan into the emergency response flow which evolves along with the progress of event disposal, and assists a decision maker to judge when and how to do according to the specific information of the event, so that the emergency scientific and intelligent level is improved, the capability of an environmental protection department for dealing with the emergency environment pollution accident is improved, the maximum efficiency can be exerted at the fastest speed when the accident happens, rescue is carried out in order, the situation development is controlled as soon as possible, the damage caused by the accident is reduced, the casualties and property loss caused by the accident are reduced to the maximum extent, and the health and the safety of residents are guaranteed.
In order to ensure the safety, reliability and smoothness of communication during emergency disposal, the emergency command and dispatching system for the emergency environmental events fully utilizes the established public and special communication networks and wired and wireless communication resources to realize information transmission with various levels of emergency command platforms and emergency event sites.
In the information interaction process, the accuracy, uniqueness and integrity of data transmission are guarantee for smoothly executing the plan. However, these data depend on public network transmission, and are inevitably intercepted, cracked and attacked, and the plaintext information without encryption has no secret in the eyes of network hackers, so a set of secure encryption system is required to encrypt the data transmitted on the public network, and the security of the information interaction process is ensured.
Encryption and decryption algorithms and keys are required to perform encryption and decryption operations during the transmission of information. At present, the general encryption and decryption algorithm principle is public, and the confidentiality of information mainly depends on the security of a secret key. The distribution and storage of the key determine the security of the whole system information transmission. The encryption algorithm used by the system of the invention is RSA algorithm and AES algorithm, and the two encryption and decryption algorithms are commonly used algorithms at present and have higher security.
The RSA algorithm is a public key cryptosystem, which uses different encryption and decryption keys. In the public key cryptosystem, an encryption key, i.e., a public key PK, is public information, a decryption key, i.e., a private key SK, needs to be kept secret, and an encryption algorithm E and a decryption algorithm D are also public. Although the private key SK is determined by the public key PK, SK cannot be calculated from PK. The plaintext information is encrypted by a private key SK, and a receiving party can decrypt the ciphertext by using a public key PK to obtain the original plaintext information. On the contrary, if the plaintext information is encrypted with the public key PK, it can be decrypted with the private key SK. The RSA algorithm is based on this theory, and usually generates a pair of RSA keys, one of which is a secret key and is stored by the user; the other is a public key which can be disclosed to the outside. RSA is the most widely studied public key algorithm, has experienced various attacks over thirty years from the point of view to the present day, and is considered to be one of the most elegant public key schemes at present.
The AES algorithm is an iterative, symmetric key block cipher that uses the same key pair to encrypt and decrypt data, as opposed to a public key cipher. The number of bits of the encrypted data returned by the block cipher is the same as the input data. The AES algorithm was proposed from 2002 to date, and has been widely used due to its advantages of strong security, high performance, high efficiency, easy use, flexibility, and the like.
The method of the invention just applies the double encryption of RSA algorithm and AES algorithm to ensure the safety of data communication between the mobile terminal and the network server, when the emergency occurs, the data stored on the network server can be transmitted to the mobile terminal through a safe channel, and the mobile terminal can decrypt the received data by using the AES session key, thereby obtaining the plan file for dealing with the emergency, thereby providing convenience for dealing with the emergency, and enabling the emergency to be processed quickly and effectively.
Drawings
Fig. 1 is a block diagram of an embodiment of an emergency command and dispatch system for emergency environmental events according to the present invention.
Fig. 2 is a timing diagram illustrating a mobile terminal logging in a network server in an embodiment of the emergency command and dispatch method for emergency events in an emergency environment.
Fig. 3 is a timing diagram illustrating communication between a mobile terminal and a network server in an embodiment of the emergency command and dispatch method for emergency events in an emergency environment.
The invention is further explained with reference to the drawings and the embodiments.
Detailed Description
The emergency command scheduling method for the emergency environmental event is applied to communication between a mobile terminal and a network server, preferably, a network server is pre-stored with a plan file for dealing with the emergency environmental event, such as a WORD document or a PTD document, and the mobile terminal can be run with an application program, such as an APP for dealing with the emergency environmental event, and the mobile terminal and the network server can communicate through a public communication network, such as an internet, a 3G network or a 4G network. The emergency command and dispatching system for the emergency environmental events comprises modules running on hardware equipment such as a mobile terminal and a network server and is used for realizing the method.
The embodiment of the emergency command and dispatching system for the emergency environmental events comprises:
referring to fig. 1, the embodiment includes a mobile terminal 10, a network server 20, a secure socket layer password library 30 and a database server 40, wherein an RSA public key obtaining module 11, a login information encryption module 12 and a session data sending module 13 are run on the mobile terminal 10, and an RSA public key generating module 21, a login credential generating module 22 and a login credential sending module 23 are run on the network server 20.
The mobile terminal 10 may have an APP installed and running thereon, such as an emergency command scheduling application for handling emergency situations, and after running the APP, the mobile terminal may communicate with a network server through a public network, such as the internet, a 3G network or a 4G network, so as to transmit data to the network server or receive data transmitted by the network server.
The RSA public key obtaining module 11 may detect whether the mobile terminal local storage stores the RSA public key, and if the mobile terminal local storage does not store the RSA public key, send request information for obtaining the RSA public key to the network server, and store the RSA public key in the local storage after receiving the RSA public key sent by the network server.
The login information encryption module 12 is configured to generate login information, where the login information may include a session key, an account name, a login password, and hardware device information of the mobile terminal. In this embodiment, the session key is an AES type key, and preferably, before the mobile terminal generates the login information, it first checks whether the session key is already stored locally, and if the session key is not stored, it generates a session key through its own key function library. The hardware device information of the mobile terminal may be a SIM card number used by the mobile terminal, a terminal device number, an identification number of the bluetooth module, or the like.
The session data sending module 13 is configured to send session data to the network server 20, and preferably, in this embodiment, the session data is sent after being encrypted. For example, the mobile terminal 10 generates plaintext session data, and then encrypts the plaintext data using the session key. Preferably, the network server 20 generates a user credential, and the session data sending module 13 stores the user credential, and when encrypting the session data by using the session key, the session data and the user credential need to be encrypted and then sent to the network server 20 together with the user ID.
The RSA public key generation module 21 of the network server 20 is configured to generate an RSA public key, for example, generate an RSA public-private key pair through the secure socket layer key store 30, and obtain the generated public key from the secure socket layer key store 30 as an RSA public key, and the RSA public key may be sent to the mobile terminal 20. In this way, after receiving the login information sent by the mobile terminal 10, the network server 20 may obtain the corresponding RSA private key and decrypt the login information, thereby obtaining the session key, the account name, the login password, the hardware device information of the mobile terminal, and the like in the login information.
The login credential generation module 22 may verify the authenticity of the login information after acquiring the decrypted login information, generate a login credential and a user ID using the login information if the login information is verified, and save the user credential and the user ID in the database server 40. Meanwhile, the login credential transmitting module 23 may transmit the generated login credential and the user ID information to the mobile terminal 10.
The embodiment of the emergency command scheduling method of the emergency environment event comprises the following steps:
the process of the mobile terminal 10 logging in to the network server 20 is described below with reference to fig. 2. First, step S1 is executed, before the application program of the mobile terminal 10 logs in the network server 20, it checks whether the local storage, such as the SharedPreferences storage area, stores the RSA public key of the network server, and if the local storage does not store the RSA public key, it sends an HTTPS command to obtain the RSA public key from the network server 20 through the network.
Then, after receiving the request for obtaining the RSA public key sent by the mobile terminal 10, the network server 20 performs step S2, connects the MySql database server 40 with the php code, and checks whether the RSA public/private key pair is stored in the database server 40, and if the RSA public/private key pair is stored, performs step S3, and the database server 40 sends the stored RSA public/private key pair to the network server 20.
If the RSA public and private key pair is not stored in the database server 40, step S101 is executed, the openssl function library is called, that is, the secure socket layer password library 30 generates the RSA public and private key pair, and the secure socket layer password library 30 executes step S102, and sends the generated RSA public and private key pair to the network server 20. Then, the network server 20 executes step S103 to store the RSA public and private key pair in the database server 40, and the database server 40 receives the RSA public and private key pair and sends information of successful storage to the network server 20.
When the web server 20 receives the HTTPS command sent by the mobile terminal 10 to obtain the RSA public key, the corresponding RSA public key is retrieved from the database server 40 and returned to the mobile terminal, that is, step S2 and step S3 are executed, and the database server 40 sends the RSA public key to the web server 20. Then, step S4 and step S5 are executed, the mobile terminal 10 sends request information requesting acquisition of the RSA public key to the web server 20, and the web server 20 sends the RSA public key to the mobile terminal 10.
After the mobile terminal 10 obtains the RSA public key from the network server 20, step S6 is executed to store the RSA public key in the local Shared Preferences storage area, and then read the RSA public key from the local storage area directly into the memory of the mobile terminal 10 when the RSA public key is needed to be used.
Before sending the login information to the server, the mobile terminal 10 performs step S7 to check whether the session key is stored in the local SharedPreferences storage area, where the session key is an AES symmetric encryption/decryption key in this embodiment. If the session key is not stored in the local memory, step S8 is executed to call the key function library provided by the android system to generate a 128-bit AES type key, and then step S9 is executed to store the generated session key in the local SharedPreferences storage area.
After completing the above-mentioned operation, the mobile terminal 10 may encrypt the login information using the RSA public key and transmit the login information to the web server 20. Specifically, if the session key is stored in the local memory of the mobile terminal 10, step S10 is directly performed, and the RSA public key is used to encrypt the login information, where in this embodiment, the login information includes the session key, the user login account, the login password, and the hardware device number of the mobile terminal 10, such as the SIM card number, the bluetooth module identification number, and then step S11 is performed, and the encrypted login information is sent to the network server 20 through the HTTPS protocol.
After receiving the user login information encrypted by the RSA public key, the network server 20 decrypts the user login information by using the RSA private key to obtain the login information plaintext. Specifically, step S12 is executed to send the request information for obtaining the RSA private key to the database server 40, and the database server 40 executes step S13 to send the RSA private key to the web server 20. After the network server 20 receives the private key, step S14 is executed to decrypt the login information, so as to obtain plaintext information, and further verify whether the login user account, the password, and the SIM card number in the text are correct.
In this embodiment, the information such as the login user account, the password, and the SIM card number should be stored in the database server 40 in advance. Therefore, when the login information is verified, the step S15 is executed to transmit the verification information to the database server 40, and after the database server 40 verifies the login information, the step S16 is executed to transmit the information that the login information is verified to the web server 20.
After the login information is verified, the web server 20 stores the session key of the user, and specifically, executes step S17 to send a request for storing the session key of the user to the database server 40, and after the session key of the user is successfully stored, the database server 40 executes step S18 to send information that the storage of the session key of the user is successful to the web server 20. Preferably, if the database server 40 already stores the session key of the user, the new session key just received is used to replace the already stored session key.
Next, the web server executes step S19 to generate a login credential and a user ID, specifically, the web server 20 performs a hash operation on the information such as the user login name, the login password, the session key, and the SIM card number by calling the MD5 function provided by the PHP hypertext preprocessor, and obtains 32 bytes as the user login credential through the MD5 hash operation. After the user certificate is generated, the uniqid function provided by the PHP hypertext preprocessor is called to generate a globally unique 13-byte numerical value as the user ID, and finally step S20 is executed to request the generated user certificate and user ID to be stored in the database server 40. After the database server 40 succeeds in storing, step S21 is executed to feed back information of successful storage.
Then, the web server performs step S22, performs AES encryption using the session key of the user on the generated user credential, user ID, and login success status information, and returns the encryption result to the login user, that is, to the mobile terminal 10.
After receiving the information returned from the web server 20, the mobile terminal 10 executes step S23 to store the information of the user certificate and the user ID in the local memory. Specifically, after the mobile terminal 10 performs AES decryption on the returned data using the session key stored locally, the login status returned by the network server 20 is first determined, and if the login status is successful, the returned user credential and user ID are stored in the local memory of the mobile terminal 10, such as a SharedPreferences storage area.
At this point, the preparation for secure transmission between the mobile terminal 10 and the network server 20 is completed, and in the subsequent data interaction process, both the mobile terminal 10 and the network server 20 use the session key to encrypt the plaintext to be transmitted and also use the session key to decrypt the received data. Therefore, the mobile terminal 10 performs step S24 to encrypt the session data using the session key, and performs step S25 to transmit the encrypted data to the web server 20.
The following describes a process of transmitting and receiving session data between the mobile terminal 10 and the network server 20 with reference to fig. 3. First, the mobile terminal 10 performs step S31 to generate plaintext session data, then performs step S32 to obtain information of a session key, a user credential, and a user ID, and performs step S33 to encrypt the session data and the user credential using the session key, and performs step S34 to transmit the encrypted data to the web server 20 together with the user ID.
After receiving the data transmitted from the mobile terminal 10, the web server 20 executes step S35 to obtain the session key of the user by the user ID. Since the session key is stored in the database server 40, the network server 20 will obtain the session key from the database server 40, and the database server 40 executes step S36 to transmit the session key to the network server 20. Then, step S37 is executed to decrypt the data using the session key, and step S38 is executed to verify whether the login credentials in the decrypted plaintext data, i.e., the login credentials obtained by comparing the decryption and the login credentials stored in the database server, are consistent. Specifically, step S39 is executed, the web server 20 sends a request for verifying the login credential to the database server 40, and the database server 40 verifies the login credential. If the login credentials received by the database server 40 are the same as the login credentials stored by the database server, the login credentials are valid, otherwise, the login credentials are invalid, i.e., are not verified. After the login credential passes the authentication, step S40 is executed to transmit information that the authentication has been passed to the web server 20.
Then, the web server 20 executes step S41 to request the database server 40 to store the information that the login credential is valid, and the database server 40 executes step S42 to return the information that the storage is successful. The web server 20 performs the step S43 of requesting to acquire session data returned to the mobile terminal 10, the database server 40 performs the step S44 of transmitting the session data required to be transmitted to the mobile terminal 10 to the web server 20, the web server 20 performs the step S45 of encrypting the returned state information and the session data using the session key, and then performs the step S46 of transmitting the encrypted data to the mobile terminal 10.
Upon receiving the information returned from the web server 20, the mobile terminal 10 performs step S47 to interface the data using the session key, and performs step S48 to determine the returned status, i.e., whether the web server 20 correctly received the data.
Therefore, the emergency command and dispatch system for the emergency environmental events adopts a double encryption system of an RSA algorithm and an AES algorithm to ensure the information safety in the communication process. The private key of RSA algorithm is stored in the database server, the public key is stored in the mobile terminal, the public key and the private key are used for encrypting and decrypting the temporary session key, and the temporary session key adopts AES encryption algorithm to encrypt and decrypt the interactive information between the network server and the mobile terminal. Because the temporary session key only exists in a certain period, for example, in a complete emergency plan, a different session key is regenerated when the emergency plan occurs next time. And the session key of each mobile terminal is different, so the risk of leakage of the temporary session key is greatly reduced.
In addition, specific hardware information of equipment, such as a serial number of an SIM card of the mobile terminal and the like, is added to the information sent by the mobile terminal every time, after the network server decrypts the information sent by the mobile terminal, the hardware information is analyzed from the information and then compared with the hardware information stored in the database server, the legality of the mobile terminal is confirmed through verification, and the communication safety is further ensured.
In addition, since the session key of each mobile terminal is different, the session keys are scattered, and even if the session key of one mobile terminal is leaked, the session keys of other mobile terminals are not compromised. In addition, in the transmission process of the AES session key, an RSA encryption system is adopted, so that the security of the session key in the transmission process is also ensured. By adopting the transmission encryption system, the security of the transmission of the sensitive data on the public network is ensured to a great extent.
It is to be understood that the above-mentioned embodiments are only preferred embodiments of the present invention, and in practical applications, the present invention has more changes, for example, when the network server can communicate with a plurality of mobile terminals at the same time, the network server needs to record information such as login credentials and user IDs of the plurality of mobile terminals, and such changes can also achieve the object of the present invention.
Claims (6)
1. The emergency command scheduling method for the emergency environmental events is characterized by comprising the following steps:
the mobile terminal acquires an RSA public key from a network server and stores the RSA public key on a local memory of the mobile terminal;
the mobile terminal encrypts login information by using the RSA public key and sends the encrypted login information to the network server, wherein the login information comprises a session key, an account name, a login password and hardware equipment information of the mobile terminal, the session key is an AES (advanced encryption standard) type key, and the session key is stored in a database server;
after verifying the authenticity of the login information, the network server generates login credentials and a user ID from the login information, and stores the user credentials and the user ID into the database server;
the network server encrypts the user certificate and the user ID by using the session key and then sends the encrypted user certificate and the encrypted user ID to the mobile terminal;
the communication between the mobile terminal and the network server uses the session key to encrypt session data and the user certificate and then sends the encrypted session data and the user certificate, and when the mobile terminal sends data to the network server, the encrypted session data and the user certificate are sent to the network server together with the user ID;
the network server decrypts the received data by using the session key, and returns the encrypted data to the mobile terminal after verifying the authenticity of the data;
wherein, the mobile terminal obtaining the RSA public key from the network server comprises: if the mobile terminal determines that the local storage does not store the RSA public key, a request for obtaining the RSA public key is sent to the network server, the network server judges whether the database server stores the RSA public and private key pair, if not, the database server generates the RSA public and private key pair and sends the RSA public and private key pair to the network server, and the network server sends the RSA public key to the mobile terminal and stores the RSA public key into the database server.
2. The emergency command and dispatch method of claim 1, wherein:
the network server verifying the authenticity of the login information comprises: and after the network server acquires the login information, acquiring an RSA private key from the database server, decrypting the login information by using the RSA private key, and verifying the decrypted login information.
3. The emergency command and dispatch method of claim 1, wherein:
before the RSA public key is used for encrypting the login information, the mobile terminal judges whether the session key is stored locally, and if the session key is not stored, a key function library is used for generating a session key.
4. The emergency command and dispatch method of claim 1, wherein:
and the hardware equipment information of the mobile terminal is the SIM card number of the mobile terminal.
5. Emergency command dispatch system of emergency environmental events, characterized by, include:
the RSA public key acquisition module acquires the RSA public key of the mobile terminal from the network server and stores the RSA public key on a local memory;
the login information encryption module is used for encrypting login information by using the RSA public key and sending the encrypted login information to the network server, wherein the login information comprises a session key, an account name, a login password and hardware equipment information of the mobile terminal, the session key is an AES (advanced encryption standard) type key, and the session key is stored in the database server;
the login credential generation module is used for generating a login credential and a user ID from the login information after the network server verifies the authenticity of the login information, and storing the user credential and the user ID into the database server;
the login credential sending module is used for the network server to encrypt the user credential and the user ID by using the session key and then send the encrypted user credential and the encrypted user ID to the mobile terminal;
a session data sending module, configured to send session data and the user ID to the network server, and encrypt the session data and the user credential by using the session key and send the encrypted session data and user credential;
wherein, the mobile terminal obtaining the RSA public key from the network server comprises: if the mobile terminal determines that the local storage does not store the RSA public key, a request for obtaining the RSA public key is sent to the network server, the network server judges whether the database server stores the RSA public and private key pair, if not, the database server generates the RSA public and private key pair and sends the RSA public and private key pair to the network server, and the network server sends the RSA public key to the mobile terminal and stores the RSA public key into the database server.
6. The emergency command and dispatch system of claim 5, wherein:
and when verifying the authenticity of the login information, the login certificate generation module acquires an RSA private key from the database server, decrypts the login information by using the RSA private key, and verifies the decrypted login information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710334252.1A CN107171784B (en) | 2017-05-12 | 2017-05-12 | Emergency command scheduling method and system for emergency environment events |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710334252.1A CN107171784B (en) | 2017-05-12 | 2017-05-12 | Emergency command scheduling method and system for emergency environment events |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107171784A CN107171784A (en) | 2017-09-15 |
| CN107171784B true CN107171784B (en) | 2020-07-31 |
Family
ID=59815012
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710334252.1A Active CN107171784B (en) | 2017-05-12 | 2017-05-12 | Emergency command scheduling method and system for emergency environment events |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107171784B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112612922A (en) * | 2020-12-16 | 2021-04-06 | 平安普惠企业管理有限公司 | Method and device for safely storing mobile phone number, computer equipment and medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102006306A (en) * | 2010-12-08 | 2011-04-06 | 广东高新兴通信股份有限公司 | Security authentication method for WEB service |
| CN103036880A (en) * | 2012-12-12 | 2013-04-10 | 华为技术有限公司 | Network information transmission method, transmission equipment and transmission system |
| CN106411715A (en) * | 2016-11-02 | 2017-02-15 | 中国人民公安大学 | Cloud-based secure instant messaging method and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100925329B1 (en) * | 2007-12-03 | 2009-11-04 | 한국전자통신연구원 | Method and apparatus of mutual authentication and key distribution for downloadable conditional access system in digital cable broadcasting network |
-
2017
- 2017-05-12 CN CN201710334252.1A patent/CN107171784B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102006306A (en) * | 2010-12-08 | 2011-04-06 | 广东高新兴通信股份有限公司 | Security authentication method for WEB service |
| CN103036880A (en) * | 2012-12-12 | 2013-04-10 | 华为技术有限公司 | Network information transmission method, transmission equipment and transmission system |
| CN106411715A (en) * | 2016-11-02 | 2017-02-15 | 中国人民公安大学 | Cloud-based secure instant messaging method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107171784A (en) | 2017-09-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111079128B (en) | Data processing method and device, electronic equipment and storage medium | |
| US9253162B2 (en) | Intelligent card secure communication method | |
| CN107295011B (en) | Webpage security authentication method and device | |
| CN111435913B (en) | Identity authentication method and device for terminal of Internet of things and storage medium | |
| KR20180075513A (en) | Method and apparatus for realizing session identifier synchronization | |
| US8904195B1 (en) | Methods and systems for secure communications between client applications and secure elements in mobile devices | |
| CN101515319B (en) | Cipher key processing method, cipher key cryptography service system and cipher key consultation method | |
| CN108418691A (en) | Dynamic network identity identifying method based on SGX | |
| CN112565265B (en) | Authentication method, authentication system and communication method between terminal devices of Internet of things | |
| CN111159684B (en) | Safety protection system and method based on browser | |
| US7913096B2 (en) | Method and system for the cipher key controlled exploitation of data resources, related network and computer program products | |
| CN110362984B (en) | Method and device for operating service system by multiple devices | |
| KR20150059347A (en) | Mobile terminal, terminal and method for authentication using security cookie | |
| CN115065472B (en) | Security chip encryption and decryption method and device based on multi-key encryption and decryption | |
| CN105281902A (en) | Web system safety login method based on mobile terminal | |
| CN112311533A (en) | Terminal identity authentication method, system and storage medium | |
| KR20130037607A (en) | Authentication process using of one time password | |
| CN111654503A (en) | Remote control method, device, equipment and storage medium | |
| CN107888548A (en) | A kind of Information Authentication method and device | |
| CN111435389A (en) | Power distribution terminal operation and maintenance tool safety protection system | |
| KR20190040443A (en) | Apparatus and method for creating secure session of smart meter | |
| CN107171784B (en) | Emergency command scheduling method and system for emergency environment events | |
| KR101745482B1 (en) | Communication method and apparatus in smart-home system | |
| CN100561913C (en) | A kind of method of access code equipment | |
| CN105828330B (en) | Access method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 519000, No. 805 and 806, Unit 2, No. 1323 Meijie Road, Xiangzhou District, Zhuhai City, Guangdong Province Patentee after: ZHUHAI FUHONG TECHNOLOGY Co.,Ltd. Country or region after: China Address before: Room 601, Unit 3, Building 3, No. 68 Renmin West Road (Nancun Haoyuan), Xiangzhou District, Zhuhai City, Guangdong Province, 519000 Patentee before: ZHUHAI FUHONG TECHNOLOGY Co.,Ltd. Country or region before: China |