CN107317925B - Mobile terminal - Google Patents

Mobile terminal Download PDF

Info

Publication number
CN107317925B
CN107317925B CN201710471788.8A CN201710471788A CN107317925B CN 107317925 B CN107317925 B CN 107317925B CN 201710471788 A CN201710471788 A CN 201710471788A CN 107317925 B CN107317925 B CN 107317925B
Authority
CN
China
Prior art keywords
module
system module
information
destruction
mobile terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710471788.8A
Other languages
Chinese (zh)
Other versions
CN107317925A (en
Inventor
谢松波
朱少杰
周佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Eren Eben Information Technology Co Ltd
Original Assignee
Beijing Eren Eben Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Eren Eben Information Technology Co Ltd filed Critical Beijing Eren Eben Information Technology Co Ltd
Priority to CN201710471788.8A priority Critical patent/CN107317925B/en
Publication of CN107317925A publication Critical patent/CN107317925A/en
Application granted granted Critical
Publication of CN107317925B publication Critical patent/CN107317925B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality

Abstract

The invention discloses a mobile terminal, which comprises: the first system module comprises first system hardware and a first operating system, and is used for communicating with the outside; the second system module comprises second system hardware and a second operating system, and is used for processing local information and interacting with input information, wherein the second system module is independent from the first system module; and the safety module is connected between the first system hardware and the second system hardware, so that the first system module and the second system module can communicate with each other, and is used for decrypting first information received by the first system module from the outside and then sending the decrypted first information to the second system module, and encrypting second information required to be sent to the outside by the second system module and then sending the encrypted second information to the first system module. Through the mode, the mobile terminal provided by the invention can improve the security of network data transmission.

Description

Mobile terminal
Technical Field
The present invention relates to the field of mobile communication technologies, and in particular, to a mobile terminal.
Background
With the continuous deepening of the informatization degree, the requirements of information interaction and sharing between internal networks and the internet of enterprises and public institutions and between low-security networks and high-security networks are increasingly strong.
With these increasing demands, security isolation and secure exchange of data with networks have become more and more of a concern. In order to guarantee data security and standardize various types of network data interaction, various enterprises and units take a plurality of protective measures.
The inventor of the application finds that most of protection measures and methods can only carry out simple network layer filtering such as addresses, ports, protocols and the like in a long-term research and development process, and can not effectively ensure the network data transmission safety.
Disclosure of Invention
The invention mainly solves the technical problem of providing a mobile terminal which can improve the security of network data transmission.
In order to solve the technical problems, the invention adopts a technical scheme that: there is provided a mobile terminal, comprising: the first system module comprises first system hardware and a first operating system, and is used for communicating with the outside; the second system module comprises second system hardware and a second operating system, and is used for processing local information and interacting with input information, wherein the second system module is independent from the first system module; and the security module is connected between the first system hardware and the second system hardware, so that the first system module and the second system module can communicate with each other, and is used for decrypting first information received by the first system module from the outside and then sending the decrypted first information to the second system module, and encrypting second information required to be sent to the outside by the second system module and then sending the encrypted second information to the first system module.
The invention has the beneficial effects that: different from the prior art, the mobile terminal provided by the invention comprises a first system module and a second system module which are independent from each other, and a security module connected between the first system hardware of the first system module and the second system hardware of the second system module; when information is sent, the security module encrypts information needing to be sent to the outside by the second system module and sends the information to the first system module, and the first system module sends the encrypted information; when receiving information, the security module decrypts the first information received by the first system module from the outside and sends the decrypted first information to the second system module; data transmission between the first system module and the second system module is bridged through the security module, so that all data transmission is guaranteed to be processed by the security module, and the security of network data transmission is further improved.
Drawings
FIG. 1 is a schematic diagram of a mobile terminal according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of another embodiment of the mobile terminal of the present invention;
FIG. 3 is a schematic structural diagram of another embodiment of a mobile terminal according to the present invention;
fig. 4 is a schematic structural diagram of another embodiment of the mobile terminal of the present invention.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and embodiments.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention, where the mobile terminal includes a first system module 10, a second system module 12, and a security module 14.
Wherein, the first system module 10 includes a first system hardware 100 and a first operating system 102, the first system module 10 is used for communicating with the outside; in an application scenario, the first system hardware 100 includes a first Central Processing Unit (CPU), a memory, and a communication unit; specifically, the first CPU is mainly used for reading instructions, processing data, and the like, and in one embodiment, the first CPU may be a high-pass CPU MSM8916, and in other embodiments, the first CPU may be other; the memory is mainly used for temporarily storing operation data in the first CPU and data exchanged with external storage equipment such as a hard disk and the like, when the mobile terminal is in the operation process, the first CPU transfers the data needing to be operated to the memory for operation, and after the operation is finished, the first CPU transmits the result; the communication unit is mainly used for communicating with the outside, and in other embodiments, the communication unit may also be a network connection unit, including at least one of 4G (fourth generation mobile communication technology), 3G (third generation mobile communication technology), GSM (global system for mobile communication), WIFI (wireless local area network technology), and bluetooth; in another application scenario, the first operating system 102 may be any one of an Android (Android) operating system, a Symbian (Symbian) operating system, an apple mobile terminal operating system (IOS), and the like; the first system module 10 is not visible to the user in the mobile terminal provided in this embodiment, and in other embodiments, the first system module 10 may also be configured to be visible to the user.
The second system module 12 comprises second system hardware 120 and a second operating system 122, the second system module 12 is used for processing local information and interacting with input information, wherein the second system module 12 is independent from the first system module 10, that is, the second system module 12 does not interfere with the first system module 10, when one of the first system module 10 or the second system module 12 is damaged, the application of the other system module is not affected, and thus the first system module 10 and the second system module 12 have good isolation, security and maintainability; in one application scenario, the second system hardware 120 includes a second Central Processing Unit (CPU), a camera unit, a sensor unit, a Universal Serial Bus (USB) interface, and a human interface input unit; specifically, the second CPU is mainly used for reading instructions, processing data, and the like, in one embodiment, the second CPU may be a high-pass CPU MSM8974, and in other embodiments, the second CPU may be other; the camera shooting unit comprises at least one of a front camera and a rear camera and is used for collecting and inputting video pictures; the sensor unit comprises a gravity sensor, a distance sensor, a light sensor, a temperature sensor and the like, and is mainly used for sensing the measured information and converting the sensed information into an electric signal or other information in a required form according to a certain rule for output; the USB interface is mainly used for connection and communication between the mobile terminal and external equipment; the human-computer interface input unit comprises a handwriting input unit, a liquid crystal display unit, a touch screen and the like, is mainly used for interaction between a user and the mobile terminal, and has the function of information input/output; in another application scenario, the second operating system 122 may be any one of an Android (Android) operating system, a Symbian (Symbian) operating system, an apple mobile terminal operating system (IOS), and the like; because the processing complexity is higher when data interaction is performed between different operating systems, in this embodiment, the first operating system 102 and the second operating system 122 are operating systems of the same type, for example, the first operating system and the second operating system are both android operating systems, which can reduce the complexity of data interaction processing between the operating systems and improve data compatibility, and in other embodiments, the operating systems between the first operating system 102 and the second operating system 122 may also be different.
The security module 14 is connected between the first system hardware 100 and the second system hardware 120, so that the first system module 10 and the second system module 12 can communicate with each other, and is used for decrypting first information received by the first system module 10 from the outside and then sending the decrypted first information to the second system module 12, and encrypting second information required to be sent by the second system module 12 to the outside and then sending the encrypted second information to the first system module 10, so as to ensure that all data transmission is processed by the security module 14; specifically, the security module 14 embeds at least one of an Error Checking and Correcting (ECC) public key algorithm, a symmetric cryptographic algorithm, and a HASH (HASH) algorithm, and in other embodiments, may be other types of algorithms; when the security module 14 receives the first information from the first system module 10, the security module 14 decrypts the first information by using a target algorithm of the at least one algorithm and then sends the decrypted first information to the second system module 12; when the security module 14 receives the second information from the second system module 12, the security module 14 encrypts the second information through the target algorithm and sends the encrypted second information to the first system module 10. Referring to fig. 1, in one embodiment, the security module 14 is connected to the first system module 10 (i.e., the first system hardware 100) through a secure digital input output card (SDIO) interface and a universal asynchronous receiver/transmitter (UART) interface, and is connected to the second system module 12 (i.e., the second system hardware 120) through the SDIO interface and the UART interface, wherein the SDIO interface is used for transmitting data, and the UART interface is used for transmitting control signals.
In an application scenario, as shown in fig. 1, the security module 14 is separately disposed outside the first system module 10 and the second system module 12, for example, the security module 14 may be a chip separately disposed on a main board of the mobile terminal and used for encryption/decryption, for example, the security module 14 is an independent FPGA (field programmable gate array) security chip, and an ARM hard-core processor is integrated in the FPGA security chip, so that encryption and decryption can be completed quickly and efficiently, and when a network packet with a high requirement on time efficiency is processed, a high-speed encryption and decryption algorithm can be implemented, thereby increasing the speed of information transmission encryption and storage encryption. In an application scenario, the FPGA security chip may be available from Xilinx corporation
Figure BDA0001327282840000041
7XC7K160T, the FPGA security chip realizes communicationThe interface includes: the system comprises an External Bus (EBI) interface, four secure digital input/output card (SDIO) interfaces, two Serial Peripheral Interface (SPI) interfaces and two Universal Asynchronous Receiver Transmitter (UART) interfaces; when the security module 14 is an independent security chip, the first system module 10, the second system module 12 and the security module 14 can be independently started, and the three are not dependent on each other and interfere with each other; the start-up procedure of the first system module 10 or the second system module 14 includes: the method comprises the steps that boot loader (Bootloader), Kernel start (Linux Kernel), int process, local (Native) service start, System (System) service start and Home start are sequentially carried out, so that start is completed; the start-up procedure of the security module 14 includes: the starting is completed after initialization, interface configuration and main program starting in sequence.
In yet another application scenario, as shown in fig. 2 or fig. 3, the security module may be provided in the first system module or the second system module, i.e. the security module is part of the first system module or the second system module.
To further improve the security of network data transmission, please continue to refer to fig. 1, the security module 14 includes a bluetooth cryptographic key authentication permission mechanism, in an application scenario, the authentication permission mechanism is a so-called check-response scheme, and is mainly verified by whether an applicant knows that a secret key uses a symmetric secret key, i.e., a correct applicant/verifier pair, in the check-response scheme, the same secret key is shared, and the security module 14 strengthens the control of data sending authority through the authentication permission mechanism, so as to avoid unauthorized sending out of data and information file leakage, thereby further improving the security of network data transmission; specifically, in an application scenario, in order to ensure the security control of the external transmission right, the mobile terminal provided by the invention further comprises a Radio Frequency Identification (RFID) password key, wherein an Advanced Encryption Standard (AES) encryption accelerator and a random number generator which generates an unconfirmed bit stream by using thermal noise are embedded in the RFID password key, wherein the random number generator outputs the bit stream which is uniformly distributed by using a digital correction algorithm, and the password data can be effectively protected and the security control of the external transmission right can be realized by the method.
Taking a specific application scenario as an example, please refer to fig. 4, and fig. 4 is a schematic structural diagram of another embodiment of the mobile terminal of the present invention. Assuming that a first operating system in a first system module of the mobile terminal is an android operating system, and a second operating system in a second system module is also the android operating system; the safety module is an independent safety chip; the current process of sending data by the mobile terminal comprises the following steps: the data to be transmitted of the second system module is processed and then transmitted to the security module through a secure digital input output card (SDIO) interface, and the security module encrypts the data to be transmitted through at least one algorithm of an embedded ECC public key algorithm, a symmetric cipher algorithm and a HASH algorithm to form first encrypted data; the security module transmits the first encrypted data to the first system module through the SDIO interface, and the first system module sends the first encrypted data out by using a communication unit (for example, 3G, WIFI, GSM, Bluetooth and the like) after correspondingly processing the first encrypted data; at this time, the mobile terminal at the data receiving end can obtain the data to be sent by the current mobile terminal only if the mobile terminal has corresponding decryption equipment/software; the current process of receiving data by the mobile terminal comprises the following steps: the first system module receives second encrypted data sent by an external mobile terminal through a communication unit (for example, 3G, WIFI, GSM, Bluetooth and the like), the first system module sends the second encrypted data to the security module through an SDIO interface, if the security module has corresponding decryption software, the second encrypted data is decrypted into second data, the second data is sent to the second system module through the SDIO interface, and the second system module performs corresponding processing on the received second data; if the security module does not have corresponding decryption software, the security module intercepts or destroys the second encrypted data, and the current mobile terminal cannot acquire the data content of the second encrypted data, so that the security of network data transmission is improved.
In other application scenarios, the mobile terminal may also adopt other security measures besides the security measures in any of the above embodiments, for example:
A. identity authentication; specifically, when the mobile terminal is started, the user certificate is sent to the mobile terminal by the radio frequency identification RFID password key, and certificate verification is completed; B. password resource security control; specifically, an independent password resource protection area is designed, password resources are encrypted and stored, key information is protected by a micro-electric protection circuit, and classified destruction is performed on secret-related parts; in one embodiment, the secret-related part may be destroyed in two stages, where one stage of destruction is to destroy all the secret resources, and the destruction time is not more than 90 seconds (e.g., 90 seconds, 80 seconds, 70 seconds, etc.); the second-level destruction is to destroy the initial installation and installation data, the destruction time is not more than 60 seconds (for example, 60 seconds, 50 seconds, 40 seconds and the like), and in other embodiments, the confidential part can be divided into three-level destruction, four-level destruction and the like, or non-level destruction; in an application scene, the data destroying mode comprises a software command data destroying mode or a hardware switch data destroying mode; specifically, the data destroying mode by the software command comprises the following steps: adding a destruction control in a setting menu, when a user clicks the control, issuing a destruction command by a second CPU of a second system module, issuing the command through an SDIO interface, wherein the format of the destruction command can be set by the system, and the system automatically clears all related data stored in a Random Access Memory (RAM) and an embedded multimedia card (EMMC) after receiving the command; the data destroying mode of the hardware switch comprises the following steps: the mobile terminal comprises a shell, wherein a pulling trigger device which is triggered to generate a destruction signal and transmits the destruction signal to a second CPU (central processing unit) is arranged in the shell, the pulling trigger device comprises a pull strip which extends out of the shell and is used for a user to pull and trigger the destruction signal, and the second CPU is electrically connected with the pulling trigger device and is used for controlling the destruction of stored data on a storage chip (such as SRAM, RAM, EMMC and the like) according to the destruction signal. In an emergency, when the mobile terminal is in a power-on state, when the pull bar is pulled out, a destruction signal is generated, and the second CPU controls related data (preset data) on at least one of a Static Random Access Memory (SRAM), a RAM and an EMMC to be cleared according to the destruction signal. Specifically, for example, when the current mobile terminal is in an on state, the first system module, the second system module, and the security module all receive a DESTROY signal of a preset connection node, the DESTROY signal is controlled by a pull-bar, when the DESTROY signal is at a low level, the DESTROY signal is a DESTROY signal, in a normal use case, the DESTROY signal is at a high level, in an emergency case, the pull-bar is pulled out, the DESTROY signal level is changed to a low level signal, and all the RAMs, the EMMCs, and the data are triggered to be removed. C. Detecting physical attack; specifically, the mobile terminal comprises a casing with strong destructiveness prevention, a micro switch or a photosensitive sensor for detecting the opening and closing state of the casing or a sensor capable of detecting abnormal changes of voltage, humidity, temperature and the like in the environment are integrated on the casing, the micro switch or the sensor is associated with a sensitive data protection circuit, and when the micro switch or the sensor detects that the mobile terminal is under external physical attack, the sensitive data protection circuit destroys data, so that the reliability of the physical safety protection technology of the mobile terminal is enhanced; D. a master key protection measure; specifically, the master key is composed of two components and stored separately, and the user must hold a bluetooth key matched with the mobile terminal to unlock the cryptographic module of the mobile terminal.
In summary, unlike the prior art, the mobile terminal provided by the present invention includes two independent first system modules and second system modules, and a security module connected between the first system hardware of the first system module and the second system hardware of the second system module; when information is sent, the security module encrypts information needing to be sent to the outside by the second system module and sends the information to the first system module, and the first system module sends the encrypted information; when receiving information, the security module decrypts the first information received by the first system module from the outside and sends the decrypted first information to the second system module; data transmission between the first system module and the second system module is bridged through the security module, so that all data transmission is guaranteed to be processed by the security module, and the security of network data transmission is further improved.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes performed by the present specification and drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (4)

1. A mobile terminal, characterized in that the mobile terminal comprises:
the first system module comprises first system hardware and a first operating system, and is used for communicating with the outside;
the first system hardware includes: the system comprises a first central processing unit, a memory and a communication unit;
the second system module comprises second system hardware and a second operating system, and is used for processing local information and interacting with input information, wherein the second system module is independent from the first system module;
the second system hardware includes: the camera comprises a second central processing unit, a camera shooting unit, a sensor unit, a Universal Serial Bus (USB) interface and a human-computer interface input unit;
the security module is connected between the first system hardware and the second system hardware, so that the first system module and the second system module can communicate with each other, and is used for decrypting first information received by the first system module from the outside and then sending the decrypted first information to the second system module, and encrypting second information required to be sent to the outside by the second system module and then sending the encrypted second information to the first system module;
the safety module is connected with the first system module through a SDIO interface of a safety digital input/output card and a Universal Asynchronous Receiver Transmitter (UART) interface, and is connected with the second system module through the SDIO interface and the UART interface, wherein the SDIO interface is used for transmitting data, and the UART interface is used for transmitting control signals;
at least one algorithm of an ECC public key algorithm, a symmetric cryptographic algorithm and a Hash algorithm is embedded in the security module;
when first information from the first system module is received, the security module decrypts the first information through a target algorithm in the at least one algorithm and then sends the first information to the second system module, and when second information from the second system module is received, the security module encrypts the second information through the target algorithm and then sends the second information to the first system module;
the security module is an independent field programmable gate array FPGA security chip, an ARM hard core processor is integrated in the FPGA security chip, and encryption and decryption can be completed quickly and efficiently;
the independent password resource protection area is used for encrypting and storing password resources, protecting key information by using a micro-electric protection circuit, and performing classified destruction on the confidential part;
the independent password resource protection area encrypts and stores password resources and protects key information by using a micro-electric protection circuit, and classified destruction of the confidential part comprises the following steps:
the secret-related part is divided into two stages of destruction, wherein the first stage of destruction is to destroy all the password resources, the destruction time is less than or equal to 90 seconds, the second stage of destruction is to destroy initial installation and installation data, and the destruction time is less than or equal to 60 seconds;
the mode for destroying the secret-related part comprises a software command mode or a hardware switching mode;
the hardware switching mode comprises: the mobile terminal comprises a shell, the shell is provided with a pulling trigger device which is triggered to generate a destruction signal when being pulled and transmits the destruction signal to the second central processing unit, the pulling trigger device comprises a pulling strip which extends out of the shell and is used for a user to pull and trigger the destruction signal, and the second central processing unit is electrically connected with the pulling trigger device and is used for controlling the storage data on the destruction storage chip according to the destruction signal.
2. The mobile terminal of claim 1, further comprising a Radio Frequency Identification (RFID) cryptographic key having an Advanced Encryption Standard (AES) encryption accelerator embedded therein and a random number generator that generates an unconfirmed bit stream using thermal noise, wherein the random number generator outputs an evenly distributed bit stream using a digital correction algorithm.
3. The mobile terminal of claim 1, wherein the first operating system and the second operating system are the same type of operating system.
4. The mobile terminal of claim 1, wherein the first system module, the second system module, and the security module are all independently enabled when the security module is an independent security chip.
CN201710471788.8A 2017-06-20 2017-06-20 Mobile terminal Active CN107317925B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710471788.8A CN107317925B (en) 2017-06-20 2017-06-20 Mobile terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710471788.8A CN107317925B (en) 2017-06-20 2017-06-20 Mobile terminal

Publications (2)

Publication Number Publication Date
CN107317925A CN107317925A (en) 2017-11-03
CN107317925B true CN107317925B (en) 2021-02-26

Family

ID=60181951

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710471788.8A Active CN107317925B (en) 2017-06-20 2017-06-20 Mobile terminal

Country Status (1)

Country Link
CN (1) CN107317925B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115801388B (en) * 2022-11-11 2024-04-09 中国联合网络通信集团有限公司 Message transmission method, device and storage medium
CN117056252B (en) * 2023-10-11 2024-04-02 金邦达有限公司 Instant card issuing system and method compatible with multiple service systems

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103457729A (en) * 2012-05-31 2013-12-18 阿里巴巴集团控股有限公司 Safety equipment, service terminal and encryption method

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100452891B1 (en) * 2004-02-26 2004-10-15 엔에이치엔(주) certification system in network and method thereof
US7692503B2 (en) * 2007-03-23 2010-04-06 Intel Corporation Random number generator based on oscillator noise
CN102831736B (en) * 2012-08-06 2015-03-25 无锡矽鼎科技有限公司 System-changeable modulation mobile payment terminal system
CN103973438B (en) * 2014-03-25 2017-11-17 深圳天源迪科信息技术股份有限公司 communication channel dynamic encrypting method
CN106548084A (en) * 2015-09-02 2017-03-29 北京壹人壹本信息科技有限公司 File security means of defence and device
CN106548095A (en) * 2015-09-23 2017-03-29 深圳市全智达科技有限公司 External equipment connects control method and device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103457729A (en) * 2012-05-31 2013-12-18 阿里巴巴集团控股有限公司 Safety equipment, service terminal and encryption method

Also Published As

Publication number Publication date
CN107317925A (en) 2017-11-03

Similar Documents

Publication Publication Date Title
US9954826B2 (en) Scalable and secure key management for cryptographic data processing
US9509502B2 (en) Symmetric keying and chain of trust
US9768951B2 (en) Symmetric keying and chain of trust
US10929572B2 (en) Secure data storage device with security function implemented in a data security bridge
JP6275653B2 (en) Data protection method and system
KR101891420B1 (en) Content protection for data as a service (daas)
WO2016070382A1 (en) Secure information configuration method, secure authentication method and related chip
US10706179B2 (en) Secure provisioning of secrets into MPSoC devices using untrusted third-party systems
CN113032763A (en) Privacy and data protection on intelligent edge devices
US20150264021A1 (en) Pseudonymous remote attestation utilizing a chain-of-trust
CN107567630A (en) The isolation of trusted input-output apparatus
CN105099705A (en) Safety communication method and system based on USB protocol
US20180041343A1 (en) Forged command filtering system, collaborative operating system, and related command authentication circuit
CN107317925B (en) Mobile terminal
US11520859B2 (en) Display of protected content using trusted execution environment
EP3221996B1 (en) Symmetric keying and chain of trust
CN112703500A (en) Protecting data stored in memory of IoT devices during low power mode
US20210126776A1 (en) Technologies for establishing device locality
WO2017135942A1 (en) Heartbeat signal verification
CN108154037B (en) Inter-process data transmission method and device
CN104834845A (en) Implementation method for credible industrial camera
CN104636655A (en) Credibility verifying method of hot plug device
US20230379142A1 (en) Authentication mechanism for computational storage download program
KR101368772B1 (en) Method and Device for Protecting Key Input
CN116361863A (en) Trusted environment construction method, data transmission method and data processing system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant