CN111049654A - Tamper-proof protection method and system for bank USBKey certificate application - Google Patents

Tamper-proof protection method and system for bank USBKey certificate application Download PDF

Info

Publication number
CN111049654A
CN111049654A CN201911094193.0A CN201911094193A CN111049654A CN 111049654 A CN111049654 A CN 111049654A CN 201911094193 A CN201911094193 A CN 201911094193A CN 111049654 A CN111049654 A CN 111049654A
Authority
CN
China
Prior art keywords
certificate
use information
key pair
online
bank
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911094193.0A
Other languages
Chinese (zh)
Inventor
张伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing WatchSmart Technologies Co Ltd
Original Assignee
Beijing WatchSmart Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing WatchSmart Technologies Co Ltd filed Critical Beijing WatchSmart Technologies Co Ltd
Priority to CN201911094193.0A priority Critical patent/CN111049654A/en
Publication of CN111049654A publication Critical patent/CN111049654A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a method and a system for applying anti-tampering protection on a bank USBKey certificate, wherein the method comprises the following steps: s100, the internet bank application calls a certificate application module and transmits a certificate request parameter; s200, the certificate application module acquires the use information of the online banking certificate in the certificate request parameter and sends a key pair generation instruction to the USBKey; s300, the USBKey generates a corresponding key pair according to the key pair generation instruction, and binds the key pair with the use information of the online bank certificate; s400, the certificate application module sends a signature generation instruction to the USBKey; s500, the USBKey analyzes and obtains a public key in the certificate request information source and the use information of the online bank certificate, and obtains the use information of the online bank certificate bound by the key pair according to the public key; s600, comparing the use information of the online banking certificate in the certificate request information source with the use information of the online banking certificate bound by the key pair through the USBKey; and S700, the certificate application module organizes the certificate request data and returns the certificate request data to the online bank application. The invention can solve the problem that the use of the online bank certificate is tampered in the certification process.

Description

Tamper-proof protection method and system for bank USBKey certificate application
Technical Field
The invention relates to the field of bank internet bank application, in particular to a method and a system for applying anti-tampering protection on a bank USBKey certificate.
Background
The bank defines the application scene of the certificate and defines the use of the online bank certificate, namely, the transaction signature certificate can only be used for signing data in a specific format, and the common signature certificate can only be used for signing data in a non-specific format. In a certificate request link in a certificate downloading process, a key pair generation process of the USBKey and the application of the online bank application request have the risk of being tampered when the key pair is generated, and in order to avoid the risk, anti-tampering protection needs to be carried out aiming at the application.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a method and a system for tamper-proof protection of a bank USBKey certificate application, and the method and the system can solve the problem that the use of an online bank certificate is tampered in the certification process.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
a bank USBKey certificate application tamper-proof protection method comprises the following steps:
(1) the internet bank application calls a certificate application module and transmits a certificate request parameter;
(2) the certificate application module analyzes the parameters, acquires the use information of the online banking certificate in the certificate request parameters, and sends a key pair generation instruction to the USBKey according to the use information of the online banking certificate;
(3) the USBKey receives the use information of the online bank certificate and the key pair generation instruction, generates a corresponding key pair according to the key pair generation instruction, and binds the key pair with the use information of the online bank certificate;
(4) the certificate application module analyzes the public key of the key pair generated by the USBKey, analyzes the use information of the online bank certificate acquired by the parameters and other information organizations and generates a certificate request information original text, and sends a signature generation instruction to the USBKey according to the certificate request information original text;
(5) the USBKey receives the certificate request information original text and the signature generation instruction, analyzes and obtains a public key and the online bank certificate use information in the certificate request information original text, and obtains the online bank certificate use information bound by the key pair according to the public key;
(6) the USBKey compares the use information of the online banking certificate in the certificate request information original text with the use information of the online banking certificate bound by the key pair according to the signature generation instruction, generates a corresponding signature if the use information of the online banking certificate is consistent with the use information of the online banking certificate bound by the key pair, and returns a signature result to the certificate application module;
(7) and the certificate application module organizes certificate request data according to the signature result and returns the certificate request data to the online bank application.
Further, the method as described above, step (1) comprising:
the online bank application calls a certificate application module through a caller and transmits parameters;
the caller includes: installer processes, uninstaller processes, and other program processes that need to deal with occupancy problems.
Further, the method as described above, in step (3), the binding the key pair to the information on usage of the online banking certificate includes:
binding a private key in the key pair with the use information of the online bank certificate;
in step (5), the obtaining of the usage information of the online banking certificate bound to the key pair according to the public key includes:
and acquiring a corresponding private key according to the public key, and acquiring the use information of the online bank certificate bound by the private key.
Further, in the method as described above, the step (6) further includes:
and the USBKey compares the use information of the online banking certificate in the certificate request information source with the use information of the online banking certificate bound by the key pair according to the signature generation instruction, and refuses to sign if the use information of the online banking certificate is inconsistent with the use information of the online banking certificate bound by the key pair.
Further, the method as described above, the internet banking application comprises: the system comprises a background service related to a certificate of a bank and online banking client software, wherein the certificate application module is a control or a dynamic library supporting certificate issuing for a client.
The invention also provides a system for applying for tamper-proof protection of the bank USBKey certificate, which comprises: the system comprises an internet bank application, a certificate application module and a USBKey;
the online bank application is used for calling the certificate application module and transmitting a certificate request parameter;
the certificate application module is used for analyzing the parameters, acquiring the use information of the online banking certificate in the certificate request parameters, and sending a key pair generation instruction to the USBKey according to the use information of the online banking certificate;
the USBKey is used for receiving the use information of the online banking certificate and the key pair generation instruction, generating a corresponding key pair according to the key pair generation instruction, and binding the key pair with the use information of the online banking certificate;
the certificate application module is used for organizing the public key of the key pair generated by the acquired USBKey, analyzing the use information of the online bank certificate acquired by the parameters and other information and generating a certificate request information original text, and sending a signature generation instruction to the USBKey according to the certificate request information original text;
the USBKey is used for receiving the certificate request information original text and the signature generation instruction, analyzing and acquiring a public key and the online bank certificate use information in the certificate request information original text, and acquiring the online bank certificate use information bound by the key pair according to the public key;
the USBKey is used for comparing the use information of the online banking certificate in the certificate request information original text with the use information of the online banking certificate bound by the key pair according to the signature generation instruction, if the use information of the online banking certificate is consistent with the use information of the online banking certificate bound by the key pair, generating a corresponding signature, and returning a signature result to the certificate application module;
the certificate application module is used for organizing certificate request data according to the signature result and returning the certificate request data to the online bank application.
Further, as with the system described above, the cyber-banking application is specifically configured to:
calling a certificate application module through a caller and transmitting parameters;
the caller includes: installer processes, uninstaller processes, and other program processes that need to deal with occupancy problems.
Further, as in the system described above, the usb key is specifically configured to:
receiving the use information of the online bank certificate and the key pair generation instruction, generating a corresponding key pair according to the key pair generation instruction, and binding a private key in the key pair with the use information of the online bank certificate; it is also specifically used for:
and receiving the certificate request information original text and the signature generation instruction, analyzing and acquiring a public key and the online bank certificate use information in the certificate request information original text, acquiring a corresponding private key according to the public key, and acquiring the online bank certificate use information bound by the private key.
Further, in the system as described above, the USBKey is further configured to:
and comparing the use information of the online bank certificate in the certificate request information source with the use information of the online bank certificate bound by the key pair according to the signature generation instruction, and if the use information of the online bank certificate is not consistent, rejecting the signature.
Further, as in the system above, the cyber-banking application comprises: the system comprises a background service related to a certificate of a bank and online banking client software, wherein the certificate application module is a control or a dynamic library supporting certificate issuing for a client.
The invention has the beneficial effects that: according to the method and the system provided by the invention, whether the use information of the online bank certificate is tampered when the secret key pair is generated is detected through the USBKey before data signing is carried out, if the detection result is tampered, signing is refused, and data signing is carried out only if the detection result is not tampered, so that the problem that the use of the online bank certificate is tampered in the certificate issuing process is effectively solved, and the safety of the certificate issuing process is improved.
Drawings
Fig. 1 is a schematic flow chart of a method for applying tamper-proof protection for a bank usb key certificate according to an embodiment of the present invention;
fig. 2 is an overall framework diagram of a method for applying tamper-proof protection for a bank usb key certificate provided in the embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the drawings and the detailed description.
As shown in fig. 1, a method for applying for tamper-proof protection to a bank usb key certificate includes:
s100, the internet bank application calls a certificate application module and transmits a certificate request parameter;
the step S100 includes:
the online bank application calls a certificate application module through a caller and transmits parameters;
the caller includes: installer processes, uninstaller processes, and other program processes that need to deal with occupancy problems.
The online silver application comprises the following steps: the bank is related to the background service of the certificate and the internet bank client software, and the certificate application module is a control or a dynamic library for supporting certificate issuing for the client.
S200, the certificate application module analyzes the parameters, obtains the use information of the online banking certificate in the certificate request parameters, and sends a key pair generation instruction to the USBKey according to the use information of the online banking certificate;
s300, the USBKey receives the use information of the online banking certificate and the key pair generation instruction, generates a corresponding key pair according to the key pair generation instruction, and binds the key pair with the use information of the online banking certificate;
in step S300, the information on the usage of the key pair bound with the online banking certificate includes:
and binding the private key in the key pair with the use information of the online bank certificate.
S400, the certificate application module organizes the public key of the key pair generated by the acquired USBKey, the use information of the online bank certificate acquired by analysis parameters and other information and generates a certificate request information original text, and sends a signature generation instruction to the USBKey according to the certificate request information original text;
s500, the USBKey receives a certificate request information original text and a signature generation instruction, analyzes and obtains a public key and the use information of the online banking certificate in the certificate request information original text, and obtains the use information of the online banking certificate bound by the key pair according to the public key;
in step S500, obtaining the usage information of the online banking certificate bound by the key pair according to the public key includes:
and acquiring a corresponding private key according to the public key, and acquiring the use information of the online bank certificate bound by the private key.
S600, comparing the use information of the online banking certificate in the certificate request information source with the use information of the online banking certificate bound by the key pair by the USBKey according to the signature generation instruction, if the use information of the online banking certificate is consistent with the use information of the online banking certificate bound by the key pair, generating a corresponding signature, and returning a signature result to the certificate application module;
the step (6) further comprises:
and the USBKey compares the use information of the online banking certificate in the certificate request information source with the use information of the online banking certificate bound by the key pair according to the signature generation instruction, and refuses to sign if the use information of the online banking certificate is inconsistent with the use information of the online banking certificate bound by the key pair.
And S700, the certificate application module organizes the certificate request data according to the signature result and returns the certificate request data to the online bank application.
Before data signing is carried out by the USBKey, comparing the use information of the online bank certificate in the certificate request information original text with the use information of the online bank certificate bound by the key pair, judging whether the use information of the online bank certificate is tampered when the key pair is generated according to a comparison result, if the comparison result is consistent, indicating that the use information of the online bank certificate is not tampered, carrying out data signing at the moment, returning a signing result to the certificate application module, and if the comparison result is inconsistent, indicating that the use information of the online bank certificate is tampered, and rejecting signing at the moment. And the certificate application module receives the signature result and indicates that the certificate request data can be organized and returned to the online bank application.
According to the method, whether the information for the use of the online bank certificate is tampered during the generation of the key pair is detected before the data signature is carried out through the USBKey, the signature is refused if the detection result is tampered, and the data signature is carried out only if the detection result is not tampered, so that the problem that the use of the online bank certificate is tampered during the certification process is effectively solved, and the security of the certification process is improved.
Example one
As shown in fig. 2, a method for applying for tamper-proof protection to a bank usb key certificate includes:
s101: the online bank application calls a certificate application module and transmits request parameters, wherein the parameters comprise the use information of the online bank certificate;
s201: and the certificate application module analyzes the parameters to obtain the use information of the online bank certificate.
S202: the certificate application module sends a key pair generation instruction to the USBKey by using the use information of the online banking certificate;
s301: the USBKey generates a key pair with required use according to the instruction, and binds the use information of the online bank certificate;
specifically, the private key of the key pair is bound with the use information of the internet bank certificate, and the use information of the internet bank certificate of the private key is recorded inside the USBKey.
S203: the certificate application module acquires (S301) a public key of the generated key pair, and organizes and generates a certificate request message original text by the use information of the online bank certificate in (S201) and other information.
S303: the certificate application module sends a signature generation instruction to the USBKey using the certificate request information original text generated in (S203).
S304: and the USBKey receives the certificate request information original text, analyzes the certificate request information original text to obtain a public key and the network bank certificate use information A, and finds the network bank certificate use information B bound by the key pair according to the public key.
S305: and the USBKey compares the two acquired use information (A and B) of the online banking certificate in the step (S304), generates a signature if the two use information are consistent, and returns a signature result to the certificate application module, otherwise, refuses to sign.
If the two are consistent, the signature is indicated to be signed on the certificate request information original text by using the private key of the key pair, and a signature value is generated.
S103: if (S305) the signature is successful, the certificate application module organizes the certificate request data and returns the result to the online banking application.
And finally, the subsequent process is completed by the online bank application.
The invention also provides a system for applying for tamper-proof protection of the bank USBKey certificate, which comprises: the system comprises an internet bank application, a certificate application module and a USBKey;
the online bank application is used for calling the certificate application module and transmitting the certificate request parameters;
the certificate application module is used for analyzing the parameters, acquiring the use information of the online banking certificate in the certificate request parameters, and sending a key pair generation instruction to the USBKey according to the use information of the online banking certificate;
the USBKey is used for receiving the use information of the online bank certificate and the key pair generation instruction, generating a corresponding key pair according to the key pair generation instruction, and binding the key pair with the use information of the online bank certificate;
the certificate application module is used for organizing and generating the public key of the key pair generated by the acquired USBKey, the use information of the online bank certificate acquired by analysis parameters and other information, and sending a signature generation instruction to the USBKey according to the certificate request information original text;
the USBKey is used for receiving a certificate request information original text and a signature generation instruction, analyzing and acquiring a public key and the internet bank certificate use information in the certificate request information original text, and acquiring the internet bank certificate use information bound by a key pair according to the public key;
the USBKey is used for comparing the use information of the online banking certificate in the certificate request information source with the use information of the online banking certificate bound by the key pair according to the signature generation instruction, if the use information of the online banking certificate is consistent with the use information of the online banking certificate bound by the key pair, generating a corresponding signature, and returning a signature result to the certificate application module;
and the certificate application module is used for organizing the certificate request data according to the signature result and returning the certificate request data to the online bank application.
The silver-on-wire application is specifically for:
calling a certificate application module through a caller and transmitting parameters;
the caller includes: installer processes, uninstaller processes, and other program processes that need to deal with occupancy problems.
USBKey is specifically used for:
receiving the use information of the online bank certificate and a key pair generation instruction, generating a corresponding key pair according to the key pair generation instruction, and binding a private key in the key pair with the use information of the online bank certificate; it is also specifically used for:
receiving a certificate request information original text and a signature generation instruction, analyzing and acquiring a public key in the certificate request information original text and the use information of the online bank certificate, acquiring a corresponding private key according to the public key, and acquiring the use information of the online bank certificate bound by the private key.
The USBKey is also used for:
and comparing the use information of the online bank certificate in the certificate request information source with the use information of the online bank certificate bound by the key pair according to the signature generation instruction, and rejecting the signature if the use information of the online bank certificate is inconsistent with the use information of the online bank certificate bound by the key pair.
The online silver application comprises the following steps: the bank is related to the background service of the certificate and the internet bank client software, and the certificate application module is a control or a dynamic library for supporting certificate issuing for the client.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is intended to include such modifications and variations.

Claims (10)

1. A bank USBKey certificate application tamper-proof protection method is characterized by comprising the following steps:
(1) the internet bank application calls a certificate application module and transmits a certificate request parameter;
(2) the certificate application module analyzes the parameters, acquires the use information of the online banking certificate in the certificate request parameters, and sends a key pair generation instruction to the USBKey according to the use information of the online banking certificate;
(3) the USBKey receives the use information of the online bank certificate and the key pair generation instruction, generates a corresponding key pair according to the key pair generation instruction, and binds the key pair with the use information of the online bank certificate;
(4) the certificate application module analyzes the public key of the key pair generated by the USBKey, analyzes the use information of the online bank certificate acquired by the parameters and other information organizations and generates a certificate request information original text, and sends a signature generation instruction to the USBKey according to the certificate request information original text;
(5) the USBKey receives the certificate request information original text and the signature generation instruction, analyzes and obtains a public key and the online bank certificate use information in the certificate request information original text, and obtains the online bank certificate use information bound by the key pair according to the public key;
(6) the USBKey compares the use information of the online banking certificate in the certificate request information original text with the use information of the online banking certificate bound by the key pair according to the signature generation instruction, generates a corresponding signature if the use information of the online banking certificate is consistent with the use information of the online banking certificate bound by the key pair, and returns a signature result to the certificate application module;
(7) and the certificate application module organizes certificate request data according to the signature result and returns the certificate request data to the online bank application.
2. The method of claim 1, wherein step (1) comprises:
the online bank application calls a certificate application module through a caller and transmits parameters;
the caller includes: installer processes, uninstaller processes, and other program processes that need to deal with occupancy problems.
3. The method of claim 1, wherein in step (3), the binding the key pair to the cyber-banking-certificate-usage information comprises:
binding a private key in the key pair with the use information of the online bank certificate;
in step (5), the obtaining of the usage information of the online banking certificate bound to the key pair according to the public key includes:
and acquiring a corresponding private key according to the public key, and acquiring the use information of the online bank certificate bound by the private key.
4. The method of claim 1, wherein step (6) further comprises:
and the USBKey compares the use information of the online banking certificate in the certificate request information source with the use information of the online banking certificate bound by the key pair according to the signature generation instruction, and refuses to sign if the use information of the online banking certificate is inconsistent with the use information of the online banking certificate bound by the key pair.
5. The method of any one of claims 1-4, wherein the websilver application comprises: the system comprises a background service related to a certificate of a bank and online banking client software, wherein the certificate application module is a control or a dynamic library supporting certificate issuing for a client.
6. A bank USBKey certificate application tamper-proof protection system is characterized by comprising: the system comprises an internet bank application, a certificate application module and a USBKey;
the online bank application is used for calling the certificate application module and transmitting a certificate request parameter;
the certificate application module is used for analyzing the parameters, acquiring the use information of the online banking certificate in the certificate request parameters, and sending a key pair generation instruction to the USBKey according to the use information of the online banking certificate;
the USBKey is used for receiving the use information of the online banking certificate and the key pair generation instruction, generating a corresponding key pair according to the key pair generation instruction, and binding the key pair with the use information of the online banking certificate;
the certificate application module is used for organizing the public key of the key pair generated by the acquired USBKey, analyzing the use information of the online bank certificate acquired by the parameters and other information and generating a certificate request information original text, and sending a signature generation instruction to the USBKey according to the certificate request information original text;
the USBKey is used for receiving the certificate request information original text and the signature generation instruction, analyzing and acquiring a public key and the online bank certificate use information in the certificate request information original text, and acquiring the online bank certificate use information bound by the key pair according to the public key;
the USBKey is used for comparing the use information of the online banking certificate in the certificate request information original text with the use information of the online banking certificate bound by the key pair according to the signature generation instruction, if the use information of the online banking certificate is consistent with the use information of the online banking certificate bound by the key pair, generating a corresponding signature, and returning a signature result to the certificate application module;
the certificate application module is used for organizing certificate request data according to the signature result and returning the certificate request data to the online bank application.
7. The system of claim 6, wherein the cyber-silver application is specifically configured to:
calling a certificate application module through a caller and transmitting parameters;
the caller includes: installer processes, uninstaller processes, and other program processes that need to deal with occupancy problems.
8. The system of claim 6, wherein the USBKey is specifically configured to:
receiving the use information of the online bank certificate and the key pair generation instruction, generating a corresponding key pair according to the key pair generation instruction, and binding a private key in the key pair with the use information of the online bank certificate; it is also specifically used for:
and receiving the certificate request information original text and the signature generation instruction, analyzing and acquiring a public key and the online bank certificate use information in the certificate request information original text, acquiring a corresponding private key according to the public key, and acquiring the online bank certificate use information bound by the private key.
9. The system of claim 6, wherein the USBKey is further configured to:
and comparing the use information of the online bank certificate in the certificate request information source with the use information of the online bank certificate bound by the key pair according to the signature generation instruction, and if the use information of the online bank certificate is not consistent, rejecting the signature.
10. The system of any one of claims 6-9, wherein the cyber-silver application comprises: the system comprises a background service related to a certificate of a bank and online banking client software, wherein the certificate application module is a control or a dynamic library supporting certificate issuing for a client.
CN201911094193.0A 2019-11-11 2019-11-11 Tamper-proof protection method and system for bank USBKey certificate application Pending CN111049654A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911094193.0A CN111049654A (en) 2019-11-11 2019-11-11 Tamper-proof protection method and system for bank USBKey certificate application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911094193.0A CN111049654A (en) 2019-11-11 2019-11-11 Tamper-proof protection method and system for bank USBKey certificate application

Publications (1)

Publication Number Publication Date
CN111049654A true CN111049654A (en) 2020-04-21

Family

ID=70232653

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911094193.0A Pending CN111049654A (en) 2019-11-11 2019-11-11 Tamper-proof protection method and system for bank USBKey certificate application

Country Status (1)

Country Link
CN (1) CN111049654A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112529574A (en) * 2020-11-19 2021-03-19 北京握奇智能科技有限公司 Protection method for certificate of intelligent password equipment and intelligent password equipment
CN112632514A (en) * 2020-12-15 2021-04-09 北京握奇数据股份有限公司 Method and device for preventing driver component from being tampered based on USBKey
CN115296854A (en) * 2022-07-08 2022-11-04 中金金融认证中心有限公司 Method for binding intelligent cipher key and terminal and related product

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112529574A (en) * 2020-11-19 2021-03-19 北京握奇智能科技有限公司 Protection method for certificate of intelligent password equipment and intelligent password equipment
CN112632514A (en) * 2020-12-15 2021-04-09 北京握奇数据股份有限公司 Method and device for preventing driver component from being tampered based on USBKey
CN115296854A (en) * 2022-07-08 2022-11-04 中金金融认证中心有限公司 Method for binding intelligent cipher key and terminal and related product

Similar Documents

Publication Publication Date Title
US11514440B2 (en) Method for issuing authentication information and blockchain-based server using the same
US20170330180A1 (en) Method for using and revoking authentication information and blockchain-based server using the same
CN110569658B (en) User information processing method and device based on blockchain network, electronic equipment and storage medium
KR101952498B1 (en) Loan service providing method using black chain and system performing the same
KR102315794B1 (en) Methods and devices for connecting to accounts and providing service processes
CN111049654A (en) Tamper-proof protection method and system for bank USBKey certificate application
CN113468602A (en) Data inspection method, device and equipment
CN112069550B (en) Electronic contract evidence-storing system based on intelligent contract mode
CN111861457B (en) Payment token application method, device, system and server
CN109818957B (en) Intelligent contract calling method, device and system based on visual interface
CN109981588B (en) Data transaction service processing method and system based on block chain
CN105553942B (en) Using the method and system jumped
CN112036811A (en) Method for unified management of government affair service application based on block chain technology
CN109818965B (en) Personal identity verification device and method
CN114219480A (en) Multi-channel fee-control quick payment method and system
CN113538151A (en) Block chain-based insurance data processing method, node and system
CN111050326B (en) Block chain-based short message verification method, device, equipment and medium
CN110782265A (en) Information processing method, device, system and computer readable storage medium
CN116975901A (en) Identity verification method, device, equipment, medium and product based on block chain
CN110544087A (en) Mobile payment method, device, equipment and computer readable storage medium
CN114418380A (en) User scoring method based on federal learning, server and storage medium
CN116028982A (en) Processing method, device and system based on non-homogeneous general evidence
CN114329368A (en) Transaction account management method and device, computer readable medium and electronic equipment
CN112507370A (en) Electronic license verification method based on block chain network
CN111415148A (en) Method and device for non-inductive payment, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination