CN108512862A - Internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques - Google Patents
Internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques Download PDFInfo
- Publication number
- CN108512862A CN108512862A CN201810535798.8A CN201810535798A CN108512862A CN 108512862 A CN108512862 A CN 108512862A CN 201810535798 A CN201810535798 A CN 201810535798A CN 108512862 A CN108512862 A CN 108512862A
- Authority
- CN
- China
- Prior art keywords
- terminal
- control platform
- platform
- internet
- things
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 238000012795 verification Methods 0.000 claims description 69
- 230000004913 activation Effects 0.000 claims description 16
- 238000004891 communication Methods 0.000 claims description 11
- 230000005540 biological transmission Effects 0.000 claims description 8
- 230000003993 interaction Effects 0.000 claims description 3
- 238000007726 management method Methods 0.000 description 54
- 238000001994 activation Methods 0.000 description 14
- 238000005516 engineering process Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 3
- 238000010200 validation analysis Methods 0.000 description 3
- 241001310793 Podium Species 0.000 description 2
- 241000030538 Thecla Species 0.000 description 2
- 238000013475 authorization Methods 0.000 description 2
- 235000013399 edible fruits Nutrition 0.000 description 2
- 230000008447 perception Effects 0.000 description 2
- 241000208340 Araliaceae Species 0.000 description 1
- 235000005035 Panax pseudoginseng ssp. pseudoginseng Nutrition 0.000 description 1
- 235000003140 Panax quinquefolius Nutrition 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 235000008434 ginseng Nutrition 0.000 description 1
- 238000013095 identification testing Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003032 molecular docking Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000036544 posture Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention provides a kind of internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques, and safety certification control platform includes:Internet-of-things terminal side apparatus, the Internet of Things trusted identity authentication platform communicated with the equipment;Internet-of-things terminal side apparatus includes:Multiple terminals;Each terminal includes:Sensor, the safety chip and die set for presetting terminal iidentification key;Sensor and safety chip are communicated to connect with die set;Internet of Things trusted identity authentication platform includes:Application server, terminal security control platform, the key management platform without certificate and the authentication management platform without certificate;Application server is communicated with die set, and terminal security control platform is communicated with die set, and application server, the key management platform without certificate and the authentication management platform without certificate are communicated with the terminal security control platform respectively.Above-mentioned platform solves the safety of the certification of magnanimity internet-of-things terminal, management and control and service application.
Description
Technical field
The present invention relates to Internet technical field, especially a kind of internet-of-things terminal based on no certificates identified authentication techniques
Safety certification control platform.
Background technology
Internet of Things has not countable perception terminal, has complicated information communication channel, has huge data to deposit
Storage and processing center.But from the point of view of being abstracted, Internet of Things is exactly the framework of one very " cloud-pipe-mist-end " of standard.
Compared with Internet era, the terminal of Internet of Things has many characteristics, such as mobile, micromation, magnanimity, transmission
Pipeline is even more to tend to wireless network from cable network, may be programmed, can communicate in Internet of Things architectural framework, is intelligent, networking
Characteristic element is more notable, and the specific safety challenge that Internet of Things is faced also is given birth to therefrom.Verizon data in 2017 are let out
Dew report display, 81% leaking data are all stolen with identity and have relationship.As increasingly multi-user access is long-range or cloud
Resource, identity is held to have become the current object of attack most made a difference.Traditional Border Protection pattern can not prove effective.
As the development of Internet of Things includes the Rapid Expansion of the number of terminals connected in Internet of Things, to the technology of information security,
More stringent requirements are proposed for intensity, adaptability, convenience etc..Traditional network security, the docking of informatization security solution face
Enter the novel intelligent equipment of network and the emerging malicious attack for smart machine, does not solve identity and access management.Now
Common certification mode such as SMS, picture, Digital verification code etc., these are only a kind of technology mechanism, bio-identification base
In the unique physical features of user, more terrible consequences can be brought by being not added with secret emissary's used time.And the scene of Internet of Things, it is more M2M
Verification process, traditional CA certificate authentication techniques can aggravate the load of Internet of things system, while also increase the place of whole system
Link is managed, increases Time Delay of Systems, reduces the reliability of system.Especially in the environment of narrowband Internet of Things, MCU itself does not have full
The condition of sequitur book application, entire industrial chain have faced serious technical bottleneck problem, are badly in need of a kind of novel authentication
Technology, to meet the application demand of Internet of Things industrial chain.
Invention content
For the problems of the prior art, the present invention provides a kind of internet-of-things terminal based on no certificates identified authentication techniques
Safety certification control platform, certification control platform can solve magnanimity internet-of-things terminal without certificate verification, management and control and business
The safety of application.
In a first aspect, the present invention provides a kind of internet-of-things terminal safety certification management and control based on no certificates identified authentication techniques
Platform, including:
Internet-of-things terminal side apparatus, the Internet of Things trusted identity authentication platform communicated with internet-of-things terminal side apparatus;
The internet-of-things terminal side apparatus includes:Multiple terminals;
Each terminal includes:Sensor, preset the terminal tagged keys safety chip and be used for and the Internet of Things
The die set of net trusted identity authentication platform communication;The sensor and the safety chip are communicated with the die set
Connection;
The Internet of Things trusted identity authentication platform includes:Terminal security control platform and Verification System without certificate;
The terminal security control platform is communicated with the die set, Verification System and the terminal of the no certificate
Safety control platform communicates;
Be provided with the mark of each terminal in the terminal security control platform in advance;Match in advance in the safety chip
It is equipped with the mark of the terminal security control platform.
Optionally, the die set includes:Application program in the terminal, module security management and control device, safe core
The interface module of piece interface module and terminal security control platform;
The module security management and control device accesses the safety chip, the module by the safety chip interface module
Security management and control device is communicated by the interface module of the terminal security control platform with the terminal security control platform.
Optionally, the Verification System of the no certificate includes:Key management platform without certificate and the certification pipe without certificate
Platform.
Optionally, the terminal supports 2G, 3G, 4G, 5G and/or NB-IOT network.
Second aspect, the present invention also provides a kind of based on above-mentioned internet-of-things terminal safety certification control platform without certificate
Authentication method, including:
After terminal power-up starts, the activation for carrying the terminal iidentification is sent to the terminal security control platform
Request, the terminal iidentification include:The die set of the terminal activation when generate terminal random number, the die set
Mark;
The terminal receives the authentication information that the terminal security control platform is sent, and the authentication information is the safety
The authentication information for the terminal that control platform is obtained after being interacted with the Verification System of no certificate based on the activation request, it is described
Authentication information includes:The public key mark of the key management platform of no certificate, the signing messages of terminal random number;
The authentication information is carried out safety verification by the terminal by the safety chip in the terminal;In safety verification
Afterwards, the terminal sends the safety verification of chip safe to carry according to the information of safety verification to the terminal security control platform
The request active information of information and terminal iidentification;
The terminal receives the session identification that the terminal security control platform returns, and is based on the session identification and answers
Session is established with server;
The session identification tests the safety for the Verification System of the terminal security control platform and the no certificate
Card information and terminal iidentification be verified after be the terminal distribution mark.
The third aspect, the present invention also provides a kind of based on above-mentioned internet-of-things terminal safety certification control platform without certificate
Authentication method, including:
After the terminal receives the instruction of configuration user identifier password, the safety chip into the terminal sends request and matches
Set the instruction of user password;
The terminal receives the safety chip and configures the cryptographic parameter that the instruction of user password generates according to the request,
And the request for the configuration user identifier password for carrying the cryptographic parameter is sent to terminal security control platform;
The terminal receives the password configuration parameter that the terminal security control platform returns, and the password configuration parameter is
The parameter that the interaction of the key management platform of the terminal security control platform and the no certificate obtains;
Password configuration parameter is sent the safety chip in the terminal by the terminal, so that safety chip carries out password
Configuration;
After the password configuration successful of the safety chip, the terminal sends user to the terminal security control platform
The information of id password configuration successful;
The terminal receive that the terminal security control platform sends according to the user identifier password configuration successful
The activated information of the SOT state of termination that information generates.
Fourth aspect, the present invention also provides a kind of based on above-mentioned internet-of-things terminal safety certification control platform without certificate
Authentication method, including:
When the application program of terminal accesses third-party application server, the terminal is sent out to terminal security control platform
Application access is sent to ask, the application access request includes:The identification mark of the address information of the application server, the terminal
Know;
The terminal receives the certification requested to generate based on the application access that the terminal security control platform is sent
Notification information, the authentication notification information include the terminal security control platform according to the application access request to generate with
Machine number;
The terminal is handled based on the authentication notification information by the safety chip in the terminal, and safe core is obtained
The random number signing messages and public key identification information of piece;
To the terminal security control platform sending application access instruction, the application access instructs includes the terminal:
The identification marking, the address information of server, random number and random number signing messages, public key identification information;
The terminal receives the session information that the terminal security control platform returns, and the session information is the terminal
Safety control platform is interacted with the Verification System of no certificate, and is determined and obtained when the information in application access instruction is correct
Information;
The application program of the terminal is based on the session information and sends access instruction, the visit to the application server
Ask that instruction includes the information in the identification marking and the session information;
The terminal receives the information for allowing to access that the application server returns, described that the information accessed is allowed to be
After the application server is succeeded based on the information in the access instruction with the terminal security control platform validation-cross
Information.
5th aspect, the present invention also provides a kind of based on above-mentioned internet-of-things terminal safety certification control platform without certificate
Authentication method, including:
After the application program of the terminal receives the operational order of application server, the module security management and control of the terminal
Device generates the corresponding random number of the operational order, and the terminal sends to the application server and carries the random number
The certification request of value;
The certification request is sent terminal security control platform by the application server;
The application server receives the signing messages and platform including random number that the safety control platform returns
The authentication information of public key mark, the authentication information are that the terminal security control platform and the Verification System of the no certificate are handed over
Mutually obtain;
The authentication information and operational order are sent the terminal by the application server, and the safety chip of the terminal is tested
Demonstrate,prove the authentication information, the terminal executes the operational order according to the verification result, and described in implementing result sent
Application server.
6th aspect, a kind of internet-of-things terminal, including:Sensor, preset the terminal tagged keys safety chip
With the die set for being communicated with Internet of Things trusted identity authentication platform;The sensor and the safety chip with it is described
Die set communicates to connect;
Be provided with the mark of terminal security control platform in Internet of Things trusted identity authentication platform in the safety chip in advance
Know.
Optionally, the internet-of-things terminal executes the method described in any of the above-described aspect.
7th aspect, the present invention provide a kind of Internet of Things trusted identity authentication platform, including:
The Internet of Things trusted identity authentication platform includes:Terminal security control platform and Verification System without certificate;
The terminal security control platform is communicated with the die set of terminal, Verification System and the end of the no certificate
Hold safety control platform communication;
Be provided with the mark of each internet-of-things terminal in the terminal security control platform in advance.
Optionally, the Verification System of the no certificate includes:Key management platform without certificate and the certification pipe without certificate
Platform;
The Verification System is interacted with the internet-of-things terminal, executes any method of the claims 5 to 8.
The device have the advantages that:
1, the method for the embodiment of the present invention solve using the ID of internet of things equipment itself as public key carry out authentication and
Data encryption need not obtain certificate to third party and carry out certification, meet the NB Internet of Things certifications that cannot achieve under certificate verification
The technical barrier of scene;
2, the safety certification control platform of the embodiment of the present invention solves Internet of Things industrial chain chips side, inductor, mould
Prescription and software system integration side encounter without certificate verification technology unification interface service the problem of;
3, the safety certification control platform of the embodiment of the present invention solve internet of things equipment side, using side terminal applies with
And the unified identity authentication in service application and security management and control service.
4, application identities cryptographic technique improves the performance of magnanimity internet-of-things terminal trusted identity certification, on this basis
It ensure that the safety of terminal device and business.
5, safety certification control platform can be that Internet of Things industry solves using the technical interface for providing standard as product form
Scheme quotient, the full chain of the sensing layer of industrial chain, network layer, podium level, application layer provide professional trusted identity certification technology and
Service with opening, is shared, accesses new service industry ecology, to tamp the security infrastructure effort of Internet of Things industry.
Description of the drawings
Fig. 1 is the integrated stand composition of the Verification System of internet-of-things terminal trusted identity certification in the embodiment of the present invention;
Fig. 2 is the basic framework figure of internet-of-things terminal in the embodiment of the present invention;
Fig. 3 is the schematic diagram without the device activation flow of internet-of-things terminal in certificate authentication method of the embodiment of the present invention;
Fig. 4 is that the user identifier key sky without internet-of-things terminal in certificate authentication method of the embodiment of the present invention sends out flow
Schematic diagram;
Fig. 5 is the signal without internet-of-things terminal application access authentication flow in certificate authentication method of the embodiment of the present invention
Figure;
Fig. 6 is the signal without the legitimate verification flow of application server in certificate authentication method of the embodiment of the present invention
Figure.
Specific implementation mode
In order to preferably explain the present invention, in order to understand, below in conjunction with the accompanying drawings, by specific implementation mode, to this hair
It is bright to be described in detail.
Core of the invention thought is to have done a set of security platform in the technology of no certificates identified authentication techniques, this is flat
The function of platform is in addition to id password management system (report the loss, solve and hang and the overall process pipe of the life cycles such as cancellation by the initialization of key
Reason), Security Authentication Service system (provides authentication, digital signature and verification, data encrypting and deciphering, the reading of public key mark and solution
Analysis etc. services), also have terminal security managing and control system (terminal activate management, device authorization, using under unified certification, security strategy
Hair, data security transmission, equipment remote-control, SOT state of termination inquiry etc.), big data analysis system (security postures perception, data
Abnormal, security threat information), secure accessing ability system (traffic monitoring alarm, black and white lists, url filtering) etc..
Embodiment 1
In conjunction with shown in Fig. 1 and Fig. 2, the internet-of-things terminal safety certification control platform of the present embodiment includes:Internet-of-things terminal
Side apparatus, the Internet of Things trusted identity authentication platform communicated with internet-of-things terminal side apparatus;
The internet-of-things terminal side apparatus includes:Multiple terminals (i.e. multiple internet-of-things terminals);
Each terminal includes:Sensor, preset the terminal tagged keys safety chip and be used for and the Internet of Things
The die set of net trusted identity authentication platform communication;The sensor and the safety chip are communicated with the die set
Connection;
The Internet of Things trusted identity authentication platform includes:Terminal security control platform and Verification System without certificate;
The Verification System of no certificate is communicated with the terminal security control platform, the terminal security control platform with it is described
Die set communicates.
The Verification System without certificate includes in the present embodiment:Key management platform without certificate and the authentication management without certificate
Platform.
Be provided with the mark of each terminal in above-mentioned terminal security control platform in advance;In the safety chip in advance
Mark configured with the terminal security control platform.
As shown in Fig. 2, the die set in terminal includes:Application program in the terminal, module security management and control device,
The interface module of safety chip interface module and terminal security control platform;
The module security management and control device accesses the safety chip, the module by the safety chip interface module
Security management and control device is communicated by the interface module of the terminal security control platform with the terminal security control platform.
Terminal built-in has safety chip in the present embodiment, and supports 2G, 3G, 4G, 5G and NB-IOT network.
In addition, referring to Fig. 2, IF1 interfaces the connecing between module security management and control device and terminal control platform in Fig. 2
Mouthful;IF1 interfaces are terminal management interface, and major function includes:It realizes terminal activation process, application authorization flow and applies data
The flow of transmission.
Interface between key management platform of the IF2 interfaces for terminal security control platform and without certificate;The IF2 interfaces by
The key management platform of no certificate is defined, and realizes that request is that terminal signs and issues tagged keys.
IF3 interfaces are the interface between the safety chip in module security management and control device and terminal.The function of the IF3 interfaces
Including:Tagged keys generation, data signature, Crypted password negotiation, data encryption.
Interface between safety certification management platform of the IF4 interfaces for terminal security control platform and without certificate.
IF5 interfaces are the module security management and control device in terminal and the interface between terminal applies.
Interface of the IF6 interfaces between terminal security control platform and application server.
(1) the tagged keys management function on safety chip:It needs to realize tagged keys management function in safety chip,
Safety chip need to be on module security management and control device provide access interface, the preset terminal iidentification key of safety chip.
(2) the module security management and control device on die set can be realized:1. endpoint registration:When die set is run for the first time,
Control platform is actively connected, is registered to control platform.2. tagged keys sky is sent out:The Password Management platform of die set and no certificate
Tagged keys initialization is completed in communication.3. applying unified certification:Application in terminal provides interface, uses die set
Tagged keys complete the communication authentication (two-way) between application server of application.4. applying data security transmission:Module with
The TLS connections based on tagged keys are established between control platform, and data security transmission channel is provided for application.
(3) terminal security control platform can be realized:1. terminal activation management:It is pre-configured with end message, receives terminal note
It is compared when volume request, comparing successfully allows endpoint registration, and starts tagged keys sky hair;2. applying unified certification:It provides
Interface provides the access authentication (terminal accesses application server authentication) based on tagged keys and manages instruction and tests for terminal applies
Card;3. data security transmission service:Safety-oriented data transfer provides escape way (based on mark between terminal and application server
The TLS connections of key);4. administration interface:Activated terminal can be inquired.
In the present embodiment, authentication platform can be Internet of Things industry solution using the technical interface for providing standard as product form
Certainly scheme quotient, the full chain of the sensing layer of industrial chain, network layer, podium level, application layer provide the technology of professional trusted identity certification
And service, with opening, shared, access new demand servicing industry ecological, to tamp the security infrastructure effort of Internet of Things industry.
Embodiment 2
As shown in figure 3, the present embodiment provides the device activation flows of internet-of-things terminal in a kind of no certificate authentication method
Schematic diagram, this method include the steps that as follows:
301, after the module terminal control device power-up of terminal starts, judge whether to need to execute terminal activation step, such as
Fruit needs, then generates terminal n once (random number).
302, module terminal control device to terminal security control platform send carry IMEI/EID, terminal n once swash
Request living.
303, terminal security control platform asks to send for asking to end to CLA authentication management platforms according to the activation
Hold the signature request of nonce signatures.
304, CLA authentication managements platform signs the terminal n once in the signature request using platform identification password
Name.
305, the terminal n once of signature and platform public key mark are sent the terminal security pipe by CLA authentication managements platform
Control platform.
Wherein, the platform identification password and platform public key mark be no certificate Verification System in without certificate verification
The information of preset and corresponding present terminal in management platform.
306, terminal security control platform by the terminal n once of the signature received and platform public key mark, platform
Nonce, terminal n once send module terminal control device.
307, module terminal control device by the terminal n once of the signature of reception and platform public key mark, platform nonce,
Terminal n once sends safety chip.
308, the terminal n once to sign described in identity verification of the safety chip using preset terminal security control platform;
And
309, safety chip uses preset terminal iidentification cryptographic signatures nonce.
310, the nonce of using terminal identification signature and terminal public key mark are sent module terminal management and control by safety chip
Device.
311, module terminal control device will carry nonce and the end of IMEI/EID, nonce, using terminal identification signature
Public key mark is held to send terminal security control platform.
312, terminal security control platform asks using terminal identification signature described in the CLA authentication managements platform validation
Nonce and terminal public key mark.
313, the nonce of using terminal identification signature described in CLA authentication managements platform validation is errorless, obtains correct verification knot
Fruit.
314, the SOT state of termination is set to according to the correct verification result of reception and has verified that by terminal security control platform, distributes meeting
Talk about token.
315, session token is sent module terminal control device by terminal security control platform, to establish session.
The above method realizes the device activation that terminal can be also realized without using CA certificate, and the terminal activation for being is more square
Just, and using safer.
Embodiment 3
As shown in figure 4, the present embodiment provides a kind of user identifier key of internet-of-things terminal in no certificate authentication method is empty
The schematic diagram of flow is sent out, this method includes the steps that as follows:
401, the module terminal control device of internet-of-things terminal receives the instruction of configuration user identifier password.
402, module terminal control device sends request according to safety chip of the instruction in step 401 into the terminal and matches
Set the instruction of user password (MSISDN).
403, the safety chip is according to the instruction of reception, generating portion private key.
404, cryptographic parameter (such as User ID and temporary public key etc.) is sent module terminal control device by safety chip.
405, it after module terminal control device receives cryptographic parameter, sends request configuration to terminal security control platform and uses
Family id password.
406, terminal security control platform sends request configuration user identifier password to CLA Password Management platforms.
407, CLA Password Managements platform sends password to terminal security control platform and configures parameter.For example, configuration ginseng
Number includes:User ID, public key mark, the term of validity and encrypted part private key etc..
408, terminal security control platform sends password to module terminal control device and configures parameter.
409, module terminal control device configures parameter according to password and completes password configuration, and password configuration parameter is sent
Safety chip.
410, safety chip calculates according to password configuration parameter and completes private key.
411, after configuration successful, module terminal control device sends configuration to terminal security control platform and uses safety chip
The successful information of family id password.
Configuration successful in this step can be regarded as private key generation, the process of the completions verification such as public key generation.
412, the state of terminal is set as having activated by terminal security control platform.
413, terminal security control platform sends the information that activation is completed to module terminal control device.
Activation is to complete with the state that postpones in the present embodiment, and sky hair is a kind of means or communication mode for realizing configuration.
In the present embodiment, terminal is realized without the safety control platform of certificate and terminal, the interaction of CLA Password Management platforms
Activation to terminal and user identifier key sky hair.
Embodiment 4
As shown in figure 5, the present embodiment provides internet-of-things terminal application access authentication flows in a kind of no certificate authentication method
Schematic diagram, this method includes the steps that as follows:
501, when the application program of terminal accesses the application server, the end application is to module terminal conduit
Control device sends the request for asking access registrar for carrying server address.
502, module terminal control device sends the information for asking application access to terminal control platform, which takes
Band MSISDN and server address.
503, terminal security control platform after receipt of said information, generates nonce.
504, module terminal control device receives the information for the requirement certification that terminal security control platform is sent, in the information
The nonce that control platform safe to carry generates.
505, the information to ask for an autograph that safety chip receiving module terminal control device is sent carries upper one in the information
Nonce in step.
506, safety chip signs to nonce using user identifier password.
507, the nonce of signature and public key mark are sent module terminal control device by safety chip.Public key mark at this
Knowledge can be configuration parameter above-mentioned.
508, module terminal control device sends the information for asking use to access, the letter to terminal security control platform
Breath carries MSISDN, server address, nonce signatures, public key mark.
509, terminal security control platform sends the information that requests verification is signed to CLA authentication management platforms, which takes
Band:Nonce, nonce signature, public key mark.
510, the verification signature of CLA authentication managements platform validation safety chip, obtains verification result.
Pre-set cryptographic algorithm agreement can be used in verification method.
511, verification result is sent terminal security control platform by CLA authentication managements platform.
512, terminal security control platform is generated based on verification result and records token.
513, token is sent module terminal control device by terminal security control platform.
514, token, MSISDN are sent end application by module terminal control device.
515, end application accesses application server according to token, MSISDN.
516, application server is based on token, and requesting terminal safety control platform is verified, and obtains verification result.
517, application server receives verification result, and the information for allowing to access is sent to end application.
Above-mentioned steps realize identifying procedure of the terminal applies intervention without certificate, realize the secure accessing of terminal applies
Certification.
Embodiment 5
As shown in fig. 6, the present embodiment provides a kind of legitimate verification flows of application server in no certificate authentication method
Schematic diagram, this method includes the steps that as follows:
601, the application program of terminal receives the operational order of application server.
602, the application program of terminal is based on the operational order to module terminal control device application nonce.
603, module terminal control device generates nonce, the application program at end of concurrently making arrangements for his funeral.
604, the application program of terminal will carry the information sending application server of the requirement certification of nonce.
605, the information for the request certification for carrying nonce is sent terminal security control platform by application server.
606, terminal security control platform request CLA authentication management platforms sign to nonce.
607, CLA authentication managements platform signs to nonce using the platform identification password of the CLA authentication management platforms.
Platform identification password represents safety control platform.
608, nonce signatures, platform public key are identified (CLA authentication management platform initializations generation by CLA authentication managements platform
) transmission terminal security control platform.Platform public key mark generates when can be CLA authentication management platform initializations.
609, nonce signatures, platform public key are identified sending application server by terminal security control platform.
610, operational order, nonce, nonce signature, platform public key mark are sent module terminal management and control by application server
Device.
611, module terminal control device request safety chip verification signature.
612, the verification result after safety chip verification sends module terminal control device.
613, verification result is sent the application program of terminal by module terminal control device.
614, application program is correctly in verification result, executes operational order, and by implementing result sending application server.
According to another aspect of the present invention, the embodiment of the present invention also provides a kind of internet-of-things terminal, including:It is sensor, pre-
It is equipped with the safety chip of the tagged keys of the terminal and the die set for being communicated with Internet of Things trusted identity authentication platform;Institute
Sensor and the safety chip is stated to communicate to connect with the die set;
Be provided with the mark of terminal security control platform in Internet of Things trusted identity authentication platform in the safety chip in advance
Know.
It should be noted that the internet-of-things terminal of the present embodiment can perform above-mentioned any embodiment without certificate verification side
Method.
In accordance with a further aspect of the present invention, the embodiment of the present invention also provides a kind of Internet of Things trusted identity authentication platform, packet
It includes:
The Internet of Things trusted identity authentication platform includes:Terminal security control platform and Verification System without certificate;
The terminal security control platform is communicated with the die set of terminal, Verification System and the end of the no certificate
Hold safety control platform communication;
Be provided with the mark of each internet-of-things terminal in the terminal security control platform in advance.
It should be noted that the Verification System without certificate includes:Key management platform without certificate and the certification without certificate
Management platform;
The Verification System is interacted with the internet-of-things terminal, execute described in above-mentioned any embodiment without certificate verification
Method.
It should also be noted that, the exemplary embodiment referred in the present invention, is retouched based on a series of step or device
State certain methods or system.But the present invention is not limited to the sequence of above-mentioned steps, that is to say, that can be according in embodiment
The sequence referred to executes step, may also be distinct from that the sequence in embodiment or several steps are performed simultaneously.
Above-mentioned each embodiment can be cross-referenced, and the present embodiment is not defined each embodiment.
Finally it should be noted that:Above-described embodiments are merely to illustrate the technical scheme, rather than to it
Limitation;Although the present invention is described in detail referring to the foregoing embodiments, it will be understood by those of ordinary skill in the art that:
It can still modify to the technical solution recorded in previous embodiment, or to which part or all technical features into
Row equivalent replacement;And these modifications or substitutions, it does not separate the essence of the corresponding technical solution various embodiments of the present invention technical side
The range of case.
Claims (12)
1. a kind of internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques, which is characterized in that including:
Internet-of-things terminal side apparatus, the Internet of Things trusted identity authentication platform communicated with internet-of-things terminal side apparatus;
The internet-of-things terminal side apparatus includes:Multiple terminals;
Each terminal includes:Sensor, preset the terminal tagged keys safety chip and for can with the Internet of Things
Believe the die set of identity authentication platform communication;The sensor and the safety chip with the die set communication link
It connects;
The Internet of Things trusted identity authentication platform includes:Terminal security control platform and Verification System without certificate;
The terminal security control platform is communicated with the die set, Verification System and the terminal security of the no certificate
Control platform communicates;
Be provided with the mark of each terminal in the terminal security control platform in advance;It is provided in advance in the safety chip
The mark of the terminal security control platform.
2. internet-of-things terminal safety certification control platform according to claim 1, it is characterised in that:
The die set includes:Application program in the terminal, module security management and control device, safety chip interface module and
The interface module of terminal security control platform;
The module security management and control device accesses the safety chip, the module safety by the safety chip interface module
Control device is communicated by the interface module of the terminal security control platform with the terminal security control platform.
3. internet-of-things terminal safety certification control platform according to claim 2, it is characterised in that:
The Verification System of the no certificate includes:Key management platform without certificate and the authentication management platform without certificate.
4. internet-of-things terminal safety certification control platform according to any one of claims 1 to 3, which is characterized in that the end
Support 2G, 3G, 4G, 5G and/or NB-IOT network in end.
5. a kind of recognizing without certificate based on any internet-of-things terminal safety certification control platform of the claims 1 to 4
Card method, including:
After terminal power-up starts, the activation that the carrying terminal iidentification is sent to the terminal security control platform is asked
It asks, the terminal iidentification includes:Terminal random number that the die set of the terminal is generated in activation, the die set
Mark;
The terminal receives the authentication information that the terminal security control platform is sent, and the authentication information is the security management and control
The authentication information for the terminal that platform is obtained after being interacted with the Verification System of no certificate based on the activation request, the certification
Information includes:The public key mark of the key management platform of no certificate, the signing messages of terminal random number;
The authentication information is carried out safety verification by the terminal by the safety chip in the terminal;After safety verification, institute
State the secure authentication information that terminal sends chip safe to carry according to the information of safety verification to the terminal security control platform
With the request active information of terminal iidentification;
The terminal receives the session identification that the terminal security control platform returns, and is taken based on the session identification and application
Business device establishes session;
The session identification believes the safety verification for the Verification System of the terminal security control platform and the no certificate
Breath and terminal iidentification be verified after be the terminal distribution mark.
6. a kind of recognizing without certificate based on any internet-of-things terminal safety certification control platform of the claims 1 to 4
Card method, including:
After the terminal receives the instruction of configuration user identifier password, the safety chip into the terminal sends request configuration and uses
The instruction of family password;
The terminal receives the safety chip according to the cryptographic parameter for asking the instruction for configuring user password to generate, and to
Terminal security control platform sends the request for the configuration user identifier password for carrying the cryptographic parameter;
The terminal receives the password configuration parameter that the terminal security control platform returns, and the password configuration parameter is described
The parameter that the interaction of the key management platform of terminal security control platform and the no certificate obtains;
Password configuration parameter is sent the safety chip in the terminal by the terminal, is matched so that safety chip carries out password
It sets;
After the password configuration successful of the safety chip, the terminal sends user identifier to the terminal security control platform
The information of password configuration successful;
The terminal receives the information according to the user identifier password configuration successful that the terminal security control platform is sent
The activated information of the SOT state of termination of generation.
7. a kind of recognizing without certificate based on any internet-of-things terminal safety certification control platform of the claims 1 to 4
Card method, including:
When the application program of terminal accesses third-party application server, the terminal is answered to the transmission of terminal security control platform
With access request, the application access request includes:The identification marking of the address information of the application server, the terminal;
The terminal receives the authentication notification requested to generate based on the application access that the terminal security control platform is sent
Information, the authentication notification information include the terminal security control platform requested to generate according to the application access it is random
Number;
The terminal is handled based on the authentication notification information by the safety chip in the terminal, and safety chip is obtained
Random number signing messages and public key identification information;
To the terminal security control platform sending application access instruction, the application access instructs includes the terminal:It is described
Identification marking, the address information of server, random number and random number signing messages, public key identification information;
The terminal receives the session information that the terminal security control platform returns, and the session information is the terminal security
Control platform is interacted with the Verification System of no certificate, and determines the letter obtained when the information in the application access instruction is correct
Breath;
The application program of the terminal is based on the session information and sends access instruction to the application server, and the access refers to
Order includes the information in the identification marking and the session information;
The terminal receives the information for allowing to access that the application server returns, described that the information accessed is allowed to be described
Application server is based on the information in the access instruction and the information after terminal security control platform validation-cross success.
8. a kind of recognizing without certificate based on any internet-of-things terminal safety certification control platform of the claims 1 to 4
Card method, including:
After the application program of the terminal receives the operational order of application server, the module security management and control device of the terminal
The corresponding random number of the operational order is generated, the terminal sends to the application server and carries the random number
Certification request;
The certification request is sent terminal security control platform by the application server;
The application server receives the signing messages and platform public key including random number that the safety control platform returns
The authentication information of mark, the authentication information are interacted with the Verification System of the no certificate for the terminal security control platform and are obtained
;
The authentication information and operational order are sent the terminal by the application server, and the safety chip of the terminal verifies institute
Authentication information is stated, the terminal executes the operational order according to the verification result, and implementing result is sent the application
Server.
9. a kind of internet-of-things terminal, which is characterized in that including:Sensor, preset the terminal tagged keys safety chip
With the die set for being communicated with Internet of Things trusted identity authentication platform;The sensor and the safety chip with it is described
Die set communicates to connect;
Be provided with the mark of terminal security control platform in Internet of Things trusted identity authentication platform in the safety chip in advance.
10. internet-of-things terminal according to claim 9, which is characterized in that the internet-of-things terminal executes aforesaid right and wants
Seek 5 to 8 any methods.
11. a kind of Internet of Things trusted identity authentication platform, which is characterized in that including:
The Internet of Things trusted identity authentication platform includes:Terminal security control platform and Verification System without certificate;
The terminal security control platform is communicated with the die set of terminal, and Verification System and the terminal of the no certificate are pacified
Full control platform communication;
Be provided with the mark of each internet-of-things terminal in the terminal security control platform in advance.
12. authentication platform according to claim 11, it is characterised in that:
The Verification System of the no certificate includes:Key management platform without certificate and the authentication management platform without certificate;
The Verification System is interacted with the internet-of-things terminal, executes any method of the claims 5 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810535798.8A CN108512862B (en) | 2018-05-30 | 2018-05-30 | Internet of things terminal security authentication management and control platform based on certificate-free identification authentication technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810535798.8A CN108512862B (en) | 2018-05-30 | 2018-05-30 | Internet of things terminal security authentication management and control platform based on certificate-free identification authentication technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108512862A true CN108512862A (en) | 2018-09-07 |
| CN108512862B CN108512862B (en) | 2023-12-05 |
Family
ID=63402183
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810535798.8A Active CN108512862B (en) | 2018-05-30 | 2018-05-30 | Internet of things terminal security authentication management and control platform based on certificate-free identification authentication technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108512862B (en) |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108833101A (en) * | 2018-09-28 | 2018-11-16 | 腾讯科技(深圳)有限公司 | Data transmission method, internet of things equipment and the authentication platform of internet of things equipment |
| CN109068324A (en) * | 2018-09-25 | 2018-12-21 | 北京仁信证科技有限公司 | Identity identification system and authentication identifying method based on NB-iot mould group |
| CN110099065A (en) * | 2019-05-10 | 2019-08-06 | 北京百度网讯科技有限公司 | Internet of things equipment and authentication method, Cloud Server, processing equipment, readable medium |
| CN110929300A (en) * | 2019-12-11 | 2020-03-27 | 中国人民解放军国防科技大学 | Trusted computing security chip construction method based on identification password |
| CN110933058A (en) * | 2019-11-21 | 2020-03-27 | 深圳渊联技术有限公司 | Internet of things system and safety control method thereof |
| CN111131906A (en) * | 2020-01-13 | 2020-05-08 | 贵服通网络科技有限责任公司 | Service system for realizing trusted security authentication on intelligent set top box based on CLA technology |
| CN111245847A (en) * | 2020-01-15 | 2020-06-05 | 北京三未信安科技发展有限公司 | Lightweight certificateless authentication method, client and system |
| CN111526130A (en) * | 2020-04-03 | 2020-08-11 | 杭州电子科技大学 | Lightweight certificateless industrial Internet of things access control method and system |
| CN111757324A (en) * | 2020-06-28 | 2020-10-09 | 四川长虹电器股份有限公司 | NB-IOT equipment identity activation method |
| CN111786799A (en) * | 2020-07-24 | 2020-10-16 | 郑州信大捷安信息技术股份有限公司 | Digital certificate signing and issuing method and system based on Internet of things communication module |
| CN111835755A (en) * | 2020-07-09 | 2020-10-27 | 中国联合网络通信集团有限公司 | Mutual authentication method and equipment for Internet of things equipment and Internet of things service system |
| CN111917789A (en) * | 2020-08-08 | 2020-11-10 | 詹能勇 | Data processing method based on big data and Internet of things communication and cloud computing platform |
| CN111918284A (en) * | 2020-07-24 | 2020-11-10 | 郑州信大捷安信息技术股份有限公司 | Safe communication method and system based on safe communication module |
| CN112200530A (en) * | 2020-09-10 | 2021-01-08 | 北京科蓝软件系统股份有限公司 | Distributed cooperative authentication design method based on credible exhibition equipment |
| CN114268643A (en) * | 2021-11-26 | 2022-04-01 | 许继集团有限公司 | Power distribution internet of things terminal based on active identification technology and management method |
| CN114666074A (en) * | 2020-12-04 | 2022-06-24 | 中移物联网有限公司 | Product identification authentication method and device |
| CN115225323A (en) * | 2022-06-15 | 2022-10-21 | 福建海峡基石科技集团有限公司 | Public certificate-based password-free authentication method |
| CN115696318A (en) * | 2023-01-05 | 2023-02-03 | 中国电子科技集团公司第三十研究所 | Secure communication device, secure authentication method, and secure communication method |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1902694A (en) * | 2004-01-16 | 2007-01-24 | 松下电器产业株式会社 | Server device for authentication, and method and system for detecting unauthorized terminal |
| CN103179130A (en) * | 2013-04-06 | 2013-06-26 | 杭州盈高科技有限公司 | Intranet security unified management platform and management method of management platform |
| CN103490881A (en) * | 2013-09-06 | 2014-01-01 | 广东数字证书认证中心有限公司 | Authentication service system, user authentication method, and authentication information processing method and system |
| CN103517273A (en) * | 2013-10-09 | 2014-01-15 | 中国联合网络通信集团有限公司 | Authentication method, managing platform and Internet-of-Things equipment |
| CN105101194A (en) * | 2014-04-28 | 2015-11-25 | 华为技术有限公司 | Terminal security authentication method, device and system |
| CN105429991A (en) * | 2015-12-02 | 2016-03-23 | 成都汇合乾元科技有限公司 | Efficient data transmission method for mobile terminal |
| US20160373418A1 (en) * | 2015-06-17 | 2016-12-22 | Telefonaktiebolaget L M Ericsson (Publ) | Method for Enabling a Secure Provisioning of a Credential, and Related Wireless Devices and Servers |
| US20170064554A1 (en) * | 2014-04-25 | 2017-03-02 | Tendyron Corporation | Secure data interaction method and system |
| CN107277061A (en) * | 2017-08-08 | 2017-10-20 | 四川长虹电器股份有限公司 | End cloud security communication means based on IOT equipment |
| WO2018010150A1 (en) * | 2016-07-14 | 2018-01-18 | 华为技术有限公司 | Authentication method and authentication system |
| CN107733657A (en) * | 2017-10-24 | 2018-02-23 | 沈阳师范大学 | A kind of high in the clouds is based on PTPM and without CertPubKey signature double factor authentication method |
| CN108632231A (en) * | 2017-03-24 | 2018-10-09 | 中移(杭州)信息技术有限公司 | A kind of internet of things equipment, Internet of Things authentication platform, authentication method and system |
-
2018
- 2018-05-30 CN CN201810535798.8A patent/CN108512862B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1902694A (en) * | 2004-01-16 | 2007-01-24 | 松下电器产业株式会社 | Server device for authentication, and method and system for detecting unauthorized terminal |
| CN103179130A (en) * | 2013-04-06 | 2013-06-26 | 杭州盈高科技有限公司 | Intranet security unified management platform and management method of management platform |
| CN103490881A (en) * | 2013-09-06 | 2014-01-01 | 广东数字证书认证中心有限公司 | Authentication service system, user authentication method, and authentication information processing method and system |
| CN103517273A (en) * | 2013-10-09 | 2014-01-15 | 中国联合网络通信集团有限公司 | Authentication method, managing platform and Internet-of-Things equipment |
| US20170064554A1 (en) * | 2014-04-25 | 2017-03-02 | Tendyron Corporation | Secure data interaction method and system |
| CN105101194A (en) * | 2014-04-28 | 2015-11-25 | 华为技术有限公司 | Terminal security authentication method, device and system |
| US20160373418A1 (en) * | 2015-06-17 | 2016-12-22 | Telefonaktiebolaget L M Ericsson (Publ) | Method for Enabling a Secure Provisioning of a Credential, and Related Wireless Devices and Servers |
| CN105429991A (en) * | 2015-12-02 | 2016-03-23 | 成都汇合乾元科技有限公司 | Efficient data transmission method for mobile terminal |
| WO2018010150A1 (en) * | 2016-07-14 | 2018-01-18 | 华为技术有限公司 | Authentication method and authentication system |
| CN108632231A (en) * | 2017-03-24 | 2018-10-09 | 中移(杭州)信息技术有限公司 | A kind of internet of things equipment, Internet of Things authentication platform, authentication method and system |
| CN107277061A (en) * | 2017-08-08 | 2017-10-20 | 四川长虹电器股份有限公司 | End cloud security communication means based on IOT equipment |
| CN107733657A (en) * | 2017-10-24 | 2018-02-23 | 沈阳师范大学 | A kind of high in the clouds is based on PTPM and without CertPubKey signature double factor authentication method |
Non-Patent Citations (1)
| Title |
|---|
| 周彦伟;吴振强;: "TA-ONS――新型的物联网查询机制", 计算机应用, no. 08 * |
Cited By (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109068324A (en) * | 2018-09-25 | 2018-12-21 | 北京仁信证科技有限公司 | Identity identification system and authentication identifying method based on NB-iot mould group |
| CN109068324B (en) * | 2018-09-25 | 2022-04-08 | 北京仁信证科技有限公司 | Identity authentication system and identity authentication method based on NB-iot module |
| CN108833101A (en) * | 2018-09-28 | 2018-11-16 | 腾讯科技(深圳)有限公司 | Data transmission method, internet of things equipment and the authentication platform of internet of things equipment |
| CN108833101B (en) * | 2018-09-28 | 2024-04-12 | 腾讯科技(北京)有限公司 | Data transmission method of Internet of things equipment, internet of things equipment and authentication platform |
| CN110099065A (en) * | 2019-05-10 | 2019-08-06 | 北京百度网讯科技有限公司 | Internet of things equipment and authentication method, Cloud Server, processing equipment, readable medium |
| US11522854B2 (en) | 2019-05-10 | 2022-12-06 | Beijing Baidu Netcom Science And Technology Co., Ltd. | IoT device and authentication method thereof, cloud server, processing device and readable medium |
| CN110933058A (en) * | 2019-11-21 | 2020-03-27 | 深圳渊联技术有限公司 | Internet of things system and safety control method thereof |
| CN110929300A (en) * | 2019-12-11 | 2020-03-27 | 中国人民解放军国防科技大学 | Trusted computing security chip construction method based on identification password |
| CN110929300B (en) * | 2019-12-11 | 2022-02-08 | 中国人民解放军国防科技大学 | Trusted computing security chip construction method based on identification password |
| CN111131906A (en) * | 2020-01-13 | 2020-05-08 | 贵服通网络科技有限责任公司 | Service system for realizing trusted security authentication on intelligent set top box based on CLA technology |
| CN111245847A (en) * | 2020-01-15 | 2020-06-05 | 北京三未信安科技发展有限公司 | Lightweight certificateless authentication method, client and system |
| CN111526130B (en) * | 2020-04-03 | 2021-12-21 | 杭州电子科技大学 | Lightweight certificateless industrial Internet of things access control method and system |
| CN111526130A (en) * | 2020-04-03 | 2020-08-11 | 杭州电子科技大学 | Lightweight certificateless industrial Internet of things access control method and system |
| CN111757324A (en) * | 2020-06-28 | 2020-10-09 | 四川长虹电器股份有限公司 | NB-IOT equipment identity activation method |
| CN111835755B (en) * | 2020-07-09 | 2022-06-10 | 中国联合网络通信集团有限公司 | Mutual authentication method and equipment for Internet of things equipment and Internet of things service system |
| CN111835755A (en) * | 2020-07-09 | 2020-10-27 | 中国联合网络通信集团有限公司 | Mutual authentication method and equipment for Internet of things equipment and Internet of things service system |
| CN111786799B (en) * | 2020-07-24 | 2022-02-11 | 郑州信大捷安信息技术股份有限公司 | Digital certificate signing and issuing method and system based on Internet of things communication module |
| CN111918284B (en) * | 2020-07-24 | 2022-02-11 | 郑州信大捷安信息技术股份有限公司 | Safe communication method and system based on safe communication module |
| CN111786799A (en) * | 2020-07-24 | 2020-10-16 | 郑州信大捷安信息技术股份有限公司 | Digital certificate signing and issuing method and system based on Internet of things communication module |
| CN111918284A (en) * | 2020-07-24 | 2020-11-10 | 郑州信大捷安信息技术股份有限公司 | Safe communication method and system based on safe communication module |
| CN111917789A (en) * | 2020-08-08 | 2020-11-10 | 詹能勇 | Data processing method based on big data and Internet of things communication and cloud computing platform |
| CN112200530A (en) * | 2020-09-10 | 2021-01-08 | 北京科蓝软件系统股份有限公司 | Distributed cooperative authentication design method based on credible exhibition equipment |
| CN114666074A (en) * | 2020-12-04 | 2022-06-24 | 中移物联网有限公司 | Product identification authentication method and device |
| CN114666074B (en) * | 2020-12-04 | 2024-04-09 | 中移物联网有限公司 | Product identification authentication method and device |
| CN114268643A (en) * | 2021-11-26 | 2022-04-01 | 许继集团有限公司 | Power distribution internet of things terminal based on active identification technology and management method |
| CN114268643B (en) * | 2021-11-26 | 2024-04-16 | 许继集团有限公司 | Active identification technology-based power distribution Internet of things terminal and management method |
| CN115225323A (en) * | 2022-06-15 | 2022-10-21 | 福建海峡基石科技集团有限公司 | Public certificate-based password-free authentication method |
| CN115696318A (en) * | 2023-01-05 | 2023-02-03 | 中国电子科技集团公司第三十研究所 | Secure communication device, secure authentication method, and secure communication method |
| CN115696318B (en) * | 2023-01-05 | 2023-05-09 | 中国电子科技集团公司第三十研究所 | Secure communication device, secure authentication method, and secure communication method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108512862B (en) | 2023-12-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108512862A (en) | Internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques | |
| CN105307108B (en) | A kind of Internet of Things information exchange communication means and system | |
| CN102595404B (en) | For storing and executing the method and device of access control clients | |
| TWI455559B (en) | Virtual subscriber identity module | |
| CN110290525A (en) | A kind of sharing method and system, mobile terminal of vehicle number key | |
| CN108881304A (en) | A kind of pair of internet of things equipment carries out the method and system of safety management | |
| CN104704789B (en) | Network authentication | |
| CN106059869A (en) | Internet of things smart home equipment safety control method and system | |
| CN106452782A (en) | Method and system for producing a secure communication channel for terminals | |
| KR102299865B1 (en) | Method and system related to authentication of users for accessing data networks | |
| CN101014958A (en) | System and method for managing user authentication and service authorization to achieve single-sign-on to access multiple network interfaces | |
| CN112203271B (en) | Communication connection method, device and system | |
| CN110278084B (en) | eID establishing method, related device and system | |
| CN106850680A (en) | A kind of intelligent identity identification method and device for Transit Equipment | |
| CN108022100B (en) | Cross authentication system and method based on block chain technology | |
| CN104052775A (en) | Authority management method of cloud platform service, device and system | |
| CN108235306A (en) | The number distributing in air method and device of smart card | |
| CN110535877A (en) | Internet-of-things terminal identity identifying method and Verification System based on double authentication | |
| CN104424676A (en) | Identity information sending method, identity information sending device, access control card reader and access control system | |
| CN102143492B (en) | Method for establishing virtual private network (VPN) connection, mobile terminal and server | |
| WO2019056971A1 (en) | Authentication method and device | |
| CN109831311A (en) | A kind of server validation method, system, user terminal and readable storage medium storing program for executing | |
| CN108011873A (en) | A kind of illegal connection determination methods based on set covering | |
| JP2023505471A (en) | Provisioning method and terminal equipment | |
| CN108234119B (en) | Digital certificate management method and platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |