CN111614466B - Certificate safety issuing and managing system and method - Google Patents
Certificate safety issuing and managing system and method Download PDFInfo
- Publication number
- CN111614466B CN111614466B CN202010240982.7A CN202010240982A CN111614466B CN 111614466 B CN111614466 B CN 111614466B CN 202010240982 A CN202010240982 A CN 202010240982A CN 111614466 B CN111614466 B CN 111614466B
- Authority
- CN
- China
- Prior art keywords
- unit
- certificate
- credential
- issuing
- checking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Abstract
A kind of safe issuing and managing system and method of the evidence, the subsystem of issuing of the evidence is constructed in the apparatus of the controlled administrative place, unless the outside is authorized, can't access the internal data at will, and apply for the identity to confirm in the individual unit of the evidence, has increased the evidence to apply for and issue the security; in addition, the certificate issuing subsystem is equipment with operation capability, has high operation speed and can increase the efficiency of certificate issuing; because the unit applying for the certificate does not need to establish a system for issuing the certificate by itself, the unit can apply for and acquire the certificate only by connecting with the certificate issuing subsystem of the invention, and the operation cost of enterprises can be saved.
Description
Technical Field
The invention belongs to the technical field of credential application and issuing, and particularly relates to a credential security issuing and management system and method.
Background
The conventional certificate issuing system is stored in a flash disk (flash disk), and after the flash disk is connected to a manufacturing end device, the certificate issuing system in the flash disk issues a certificate. However, the way of issuing the certificates is stored in the flash disk, so that the certificates can be carried randomly, and facilities for protecting internal files are not provided, so that the certificates are extremely risky to steal by a third party. In addition, since such a credential issuing system is stored in a flash disk, the execution speed is poor. Moreover, the existing credential issuing system needs to be built by the units with credential requirements, which can increase the required cost.
Disclosure of Invention
The invention aims to provide a certificate safety issuing and managing system and method, which can solve the problems of safety, execution speed and construction cost in the prior art.
The technical scheme of the invention is as follows:
a certificate safety issuing and managing system comprises a certificate demand end, a public key and a private key are generated by using an asymmetric algorithm, the private key cannot be accessed from the outside, and the private key can be accessed by being authorized in advance;
a credential attachment subsystem, comprising: a certificate adding unit connected to the certificate demand end for adding a certificate into the certificate demand end;
a certificate checking unit connected to the certificate adding unit and having a certificate checking unit identification information;
the first checking unit is connected with the certificate checking unit, has the safety operation capability and can be accessed only by being authorized in advance;
and a credential issuing subsystem, which is built in the device of the controlled place, the outside cannot access the internal data unless authorized, and each unit applying for the credential needs to confirm the identity, the credential issuing subsystem is a device with computing capability, which has fast operation speed and can increase the efficiency of credential issuing, and comprises:
the registration and approval unit is connected with the certificate checking unit and provided with identification information of the registration and approval unit;
the certificate issuing unit is connected with the registration and approval unit and provided with identification information of the certificate issuing unit;
the second checking unit is connected with the registration and approval unit and the certificate issuing unit, has the safety operation capability and can be accessed only by being authorized in advance;
wherein the credential appending unit is trusted by the credential checking unit, the credential checking unit is trusted by the registration approval unit, and the registration approval unit is trusted by the credential issuing unit.
Further, the first checking unit generates a certificate checking unit public-private key pair, applies a certificate checking unit certificate to a common upper layer certificate issuing unit according to the certificate checking unit public-private key pair, and binds the certificate checking unit identification information by the certificate checking unit certificate.
Further, the first checking unit is connected to the credential adding unit, the credential adding unit has a credential adding unit identification information, the first checking unit generates a credential adding unit public-private key pair, and accordingly applies a credential adding unit credential to a shared upper layer credential issuing unit, the credential adding unit credential binds the credential adding unit identification information, and the credential adding unit is trusted by the credential checking unit.
Further, the credential adding unit is connected to a third checking unit, the credential adding unit has a credential adding unit identification information, the third checking unit generates a credential adding unit public-private key, applies a credential adding unit credential to a shared upper layer credential issuing unit according to the credential adding unit public-private key, binds the credential adding unit identification information with the credential adding unit credential, and the credential adding unit is trusted by the credential checking unit.
Further, the second checking unit is connected to the registration and approval unit, the registration and approval unit has a registration and approval unit identification information, the second checking unit generates a registration and approval unit public and private key pair, and accordingly applies a registration and approval unit certificate to a common upper layer certificate issuing unit, the registration and approval unit certificate is used for binding the registration and approval unit identification information, and the certificate checking unit is trusted to the registration and approval unit.
Further, the second checking unit is connected to the credential issuing unit, the credential issuing unit has a credential issuing unit identification information, the second checking unit generates a credential issuing unit public-private key pair, and accordingly applies a credential issuing unit credential to a shared upper layer credential issuing unit, the credential issuing unit credential binds the credential issuing unit identification information, and the registration approval unit is trusted by the credential issuing unit.
Further, the credential request terminal generates a pair of public key and private key, and generates a credential issue request according to the public key and private key, and the credential checking unit can safely obtain the credential issue request through the credential attaching unit.
Further, the credential request terminal generates a pair of public key and private key, and the credential checking unit can obtain the public key through the credential attaching unit and generate a credential issuing request of the credential request terminal according to the public key.
Further, the credential checking unit may securely transmit the credential issuance request to the credential issuance unit through the registration approval unit.
Further, the credential issuing unit issues a credential through the second checking unit, the credential is transmitted to the credential attaching unit through the registration approval unit and the credential checking unit, and the credential attaching unit adds the credential to the credential requiring end.
A method for issuing and managing security of certificates is characterized by comprising the following steps
A credential demand end generates a pair of public key and private key by using an asymmetric algorithm, and generates a credential issuing request according to the public key and the private key;
a credential attaching unit for securely obtaining the credential issuance request from the credential requesting terminal;
a certificate checking unit for safely obtaining the certificate issuing request from the certificate attaching unit;
the certificate checking unit safely transmits the certificate issuing request to a registration and approval unit;
the registration approval unit safely transmits the certificate issuing request to a certificate issuing unit;
the certificate issuing unit issues a certificate aiming at the certificate issuing request by using a certificate issuing unit private key stored in a second checking unit;
the certificate issuing unit safely transmits the certificate to the certificate attaching unit through the registration and approval unit and the certificate checking unit;
and the credential attaching unit adds the credential to the credential client.
A method for issuing and managing security of certificates includes
A credential requiring end generates a pair of public and private keys;
a certificate additional unit obtains the public key from the certificate request end safely;
a certificate checking unit for safely obtaining the public key from the certificate attaching unit;
the certificate checking unit uses the public key to generate a certificate issuing request of the certificate requiring end;
the certificate checking unit safely transmits the certificate issuing request to a registration and approval unit;
the registration approval unit safely transmits the certificate issuing request to a certificate issuing unit;
the certificate issuing unit issues a certificate aiming at the certificate issuing request by using a private key of the certificate issuing unit which is internally provided with a second checking unit;
the certificate issuing unit safely transmits the certificate to the certificate attaching unit through the registration and approval unit and the certificate checking unit;
and the credential attaching unit adds the credential to the credential client.
The invention adopting the technical scheme can bring the following beneficial effects:
a certificate safety issuing and managing system and method, the subsystem is built in the equipment of the controlled place, the outside can not access the internal data unless authorized, and each unit applying the certificate needs to confirm the identity, which increases the safety of the certificate application and issuing. In addition, the certificate issuing subsystem is equipment with operation capability, and has high operation speed, so that the efficiency of issuing the certificates can be increased. Because the unit applying for the certificate does not need to establish a system for issuing the certificate by itself, the unit can apply for and acquire the certificate only by connecting with the certificate issuing subsystem of the invention, and the operation cost of enterprises can be saved.
Drawings
FIG. 1 is a block diagram of one embodiment of a credential security issuance and management system of the present invention;
FIG. 2 is a block diagram of another embodiment of a credential security issuance and management system of the present invention;
FIG. 3 is a schematic diagram illustrating an embodiment of a method for securely issuing and managing credentials according to the present invention;
FIG. 4 is a flow chart of the credential security issuance and management method of FIG. 3;
FIG. 5 is a schematic diagram of another embodiment of a credential security issuance and management method according to the present invention;
FIG. 6 is a flow chart of the credential security issuance and management method of FIG. 5.
In the figure, the 10-credential request end, the 20-credential adding subsystem, the 21-credential adding unit, the 22-credential checking unit, the 23-first checking unit, the 24-third checking unit, the 30-credential issuing subsystem, the 31-registration approval unit, the 32-credential issuing unit, the 33-second checking unit, the S101-S112-steps and the S201-S213-steps are shown.
Detailed Description
Referring to fig. 1, an embodiment of a credential security issuance and management system according to the present invention is shown. The credential security issuing and management system 100 of the present invention includes a credential requesting terminal 10, a credential appending subsystem 20, and a credential issuing subsystem 30.
The credential client 10 uses an asymmetric algorithm to generate a pair of public and private keys, which cannot be accessed from outside and need to be authorized in advance. In this embodiment, the private key is stored in the secure unit of the credential client 10, and cannot be read by the outside. The credential client 10 generates a credential issuance request (CSR) using the public key.
The credential attaching subsystem 20 includes a credential attaching unit 21, a credential checking unit 22, and a first checking unit 23; the credential attaching unit 21 is connected to the credential client 10 and is configured to add a credential to the credential client 10. The certificate checking unit 22 is connected to the certificate attaching unit 21 and has a certificate checking unit identification information; the first checking unit 23 is connected to the certificate checking unit 22 and has security operation capability, and is required to be authorized in advance for access. The first checking unit 23 generates a set of public key and private key corresponding to the credential attaching unit 21 and the credential checking unit 22, respectively. The private keys of the credential attaching unit 21 and the credential checking unit 22 are stored in the first checking unit 23, and the private keys cannot be accessed from outside. The public key of the credential attaching unit 21 and the credential checking unit 22 is respectively transmitted to the credential issuing unit of the upper layer to issue the credential attaching unit credential and the credential checking unit credential. The credential adding unit 21 has credential adding unit identification information to which the credential adding unit credential is bound. Similarly, the credential verification unit 22 has credential verification unit identification information to which the credential verification unit credential is bound. The certificate adding unit 21 can identify the identity of the certificate added unit by binding the certificate added unit identification information of the certificate added unit and operating with the private key stored in the first checking unit 23 when transmitting the data. Similarly, the certificate checking unit 22 can be used to bind the certificate checking unit identification information of the certificate checking unit and identify the identity of the certificate by calculating with the private key stored in the first checking unit 23 when transmitting data. Therefore, on the information transmission path, each unit needs to confirm the identity before transmitting, so that the transmission safety can be ensured. And the private key for confirming the identity cannot be accessed from the outside of the first checking unit 23, so that the safety and accuracy of identity recognition are further improved.
The credential issuance subsystem 30 includes a registration approval unit 31, a credential issuance unit 32, and a second verification unit 33. The registration approval unit 31 is connected to the certificate check unit 32 and has a registration approval unit identification information; the credential issuing unit 32 is connected to the registration approval unit 31 and has a credential issuing unit identification information; the second checking unit 33 is connected to the registration approval unit 31 and the credential issuing unit 32, and has a secure operation capability, and is accessible only by being authorized in advance. The second checking unit 33 generates a set of public key and private key corresponding to the registration approval unit 31 and the credential issuing unit 32, respectively. The private keys of the registration approval unit 31 and the credential issuance unit 32 are stored in the second checking unit 33 and cannot be accessed from the outside. The public key of the registration approval unit 31 and the credential issuing unit 32 is transmitted to the upper-layer credential issuing unit to issue the registration approval unit credential and the credential issuing unit credential. The registration approval unit 31 has registration approval unit identification information to which the registration approval unit credential is bound. The credential issuing unit 32 has credential issuing unit identification information to which the credential issuing unit credential is bound. The registration approval unit 31 may identify its identity by binding the registration approval unit identification information of the registration approval unit certificate and operating with the private key stored in the second checking unit 33 when transmitting the material. Similarly, the credential issuing unit 32 can identify the identity of the document by binding the credential issuing unit identification information of the credential issuing unit and performing operation with the private key stored in the second checking unit 33 when transmitting the document. Therefore, on the information transmission path, each unit needs to confirm the identity before transmitting, so that the transmission safety can be ensured. And the private key for confirming the identity cannot be accessed from the outside of the second checking unit 33, so that the safety and accuracy of identity recognition are further improved.
The credential checking unit 22 of the credential attaching subsystem 20 is connected to the registration approval unit 31 of the credential issuing subsystem 30, and when the credential checking unit 22 transmits a credential issuing request to the registration approval unit 31, the registration approval unit 31 also needs to check the identity of the credential checking unit 22. In this embodiment, the certificate checking unit 22 transmits its public key to the registration and approval unit 31, the registration and approval unit 31 generates a random number by using a random program, encrypts the random number by using the public key transmitted by the certificate checking unit 22, and transmits the encrypted random number to the certificate checking unit 22, the certificate checking unit 22 transmits the encrypted random number to the first checking unit 23 for decryption, the certificate checking unit 22 transmits the decrypted random number back to the registration and approval unit 31, and the registration and approval unit 31 checks whether the decrypted random number matches the random number originally generated by the registration and approval unit 31, if so, the certificate checking unit 22 passes the identity verification.
By the above procedure, the credential attaching unit 21 is trusted by the credential checking unit 22, the credential checking unit 22 is trusted by the registration approval unit 31, and the registration approval unit 31 is trusted by the credential issuing unit 32. Thus forming a chain of trust. The credential checking unit 22 can securely transmit a credential issuing request to the credential issuing unit 32 through the registration approval unit 31, the credential issuing unit 32 issues a credential through the second checking unit 33, the credential is transmitted to the credential adding unit 21 through the registration approval unit 31 and the credential checking unit 22, and the credential adding unit 21 adds the credential to the credential requiring end 10.
Referring to fig. 3 and 4, an embodiment of a credential security issue and management method according to the present invention is shown. Referring to fig. 1, first, in step S101, a credential request end 10 generates a pair of public key and private key by using an asymmetric algorithm, and generates a credential issuance request accordingly.
Next, step S102 is proceeded to, in step S102, the credential attaching unit 21 securely obtains a credential issuance request from the credential requesting terminal 10.
Next, the process proceeds to step S103, and in step S103, the credential checking unit 22 securely obtains the credential issuance request from the credential adding unit 21 by the authentication method described above.
Next, step S104 is proceeded to, in step S104, the credential checking unit 22 securely transmits the credential issuance request to the registration approval unit 31 by the above-described authentication method.
Next, step S105 is proceeded with, in step S105, the registration approval unit 31 securely transmits a credential issuance request to the credential issuance unit 32.
Next, the process advances to step S106, and in step S106, the credential issuance unit 32 transmits the credential issuance request to the second checking unit 33.
Next, step S107 is proceeded to, in step S107, the credential issuance unit 32 issues a credential for the credential issuance request using a credential issuance unit private key stored in the second checking unit 33.
Next, step S108 is entered, and in step S108, the certificate is transferred from the second checking unit 33 to the certificate issuing unit 32.
Next, step S109 is proceeded to, and in step S109, the credential issuing unit 32 securely transfers the credential to the registration approval unit 31 in the above-described identification manner.
Next, step S110 is proceeded to, and in step S110, the registration approval unit 31 securely transfers the certificate to the certificate check unit 22 in the above-described identification manner.
Next, step S111 is entered, and in step S111, the credential checking unit 22 securely transfers the credential to the credential attaching unit 21.
Next, step S112 is proceeded to, and in step S112, the credential attaching unit 21 adds the credential to the credential client 10.
Referring to FIG. 2, another embodiment of the credential security issuance and management system of the present invention is shown. The present embodiment is substantially the same as the embodiment of fig. 1 in structure, and therefore the same elements are given the same reference numerals and the description thereof is omitted. The difference between the present embodiment and the embodiment of fig. 1 is that the credential attaching subsystem 20 of the present embodiment further includes a third checking unit 24. The credential adding unit 21 is connected to the third checking unit 24, the credential adding unit 21 has a credential adding unit identification information, the third checking unit 24 generates a public-private key of the credential adding unit, applies a credential adding unit credential to a common upper-layer credential issuing unit according to the public-private key, binds the credential adding unit identification information with the credential adding unit credential, and the credential adding unit 21 is trusted by the credential checking unit 22. The third checking unit 24 can be built using a lower cost device, which can reduce the cost of the overall device construction.
Referring to fig. 5 and 6, another embodiment of the credential security issuing and management method of the present invention is shown. Referring to fig. 2, in the present embodiment, the credential requesting terminal 10 generates a pair of public key and private key, but the credential requesting terminal 10 itself does not generate the credential issuance request, but transmits the public key to the credential checking unit 22, and the credential checking unit 22 generates the credential issuance request.
First, in step S201, the credential client 10 generates a pair of public key and private key.
Next, step S202 is proceeded to, and in step S202, the credential attaching unit 21 securely obtains the public key from the credential requesting terminal 10.
Next, the process proceeds to step S203, and in step S203, the credential checking unit 22 securely acquires the public key from the credential attaching unit 21.
Next, step S204 is proceeded to, and in step S204, the credential checking unit 22 generates a credential issuance request of the credential client 10 using the public key.
Next, the process proceeds to step S205, and in step S205, the credential checking unit 22 securely transmits a credential issuance request to the registration approval unit 31.
Next, the process advances to step S206, and in step S206, the registration approval unit 31 securely transmits a credential issuance request to the credential issuance unit 32.
Next, step S207 is entered, and in step S207, the credential issuance unit 32 transmits the credential issuance request to the second checking unit 33.
Next, step S208 is proceeded to, in step S2108, the credential issuing unit 32 issues a credential for the credential issuing request using a credential issuing unit private key stored in the second checking unit 33.
Next, step S209 is entered, and in step S209, the certificate is transferred from the second checking unit 33 to the certificate issuing unit 32.
Next, step S210 is proceeded to, in step S210, the credential issuing unit 32 securely transfers the credential to the registration approval unit 31 in the above-described identification manner.
Next, step S211 is proceeded to, and in step S211, the registration approval unit 31 securely transfers the certificate to the certificate check unit 22 in the above-described identification manner.
Next, step S212 is entered, and in step S212, the credential checking unit 22 securely transmits the credential to the credential attaching unit 21.
Next, step S213 is entered, and in step S213, the credential attaching unit 21 adds the credential to the credential client 10.
In the system and the method for issuing and managing the certificate security, the certificate issuing subsystem is built in the equipment of the controlled management place, the outside cannot access the internal data at will unless authorized, and each unit applying the certificate needs to confirm the identity, so that the security of the certificate application and issuing is increased. In addition, the certificate issuing subsystem is equipment with operation capability, and has high operation speed, so that the efficiency of issuing the certificates can be increased. Because the unit applying for the certificate does not need to establish a system for issuing the certificate by itself, the unit can apply for and acquire the certificate only by connecting with the certificate issuing subsystem of the invention, and the operation cost of enterprises can be saved.
Claims (10)
1. A certificate safety issuing and managing system is characterized in that: the method comprises the steps that a credential demand end is used for generating a pair of public keys and private keys by using an asymmetric algorithm, wherein the private keys cannot be accessed from outside and can be accessed only by being authorized in advance;
a credential attachment subsystem, comprising: a certificate adding unit connected to the certificate demand end for adding a certificate into the certificate demand end;
a certificate checking unit connected to the certificate adding unit and having a certificate checking unit identification information;
the first checking unit is connected with the certificate checking unit, has the safety operation capability and can be accessed only by being authorized in advance;
and a credential issuing subsystem, which is built in the device of the controlled place, the outside cannot access the internal data unless authorized, and each unit applying for the credential needs to confirm the identity, the credential issuing subsystem is a device with computing capability, which has fast operation speed and can increase the efficiency of credential issuing, and comprises:
the registration and approval unit is connected with the certificate checking unit and provided with identification information of the registration and approval unit;
the certificate issuing unit is connected with the registration and approval unit and provided with identification information of the certificate issuing unit;
the second checking unit is connected with the registration and approval unit and the certificate issuing unit, has the safety operation capability and can be accessed only by being authorized in advance;
wherein the credential appending unit is trusted by the credential checking unit, the credential checking unit is trusted by the registration approval unit, and the registration approval unit is trusted by the credential issuing unit.
2. The credential security issuance and management system according to claim 1, wherein: the first checking unit generates a certificate checking unit public-private key pair, applies a certificate checking unit certificate to a shared upper-layer certificate issuing unit according to the certificate checking unit public-private key pair, and binds the certificate checking unit identification information with the certificate checking unit certificate.
3. The credential security issuance and management system according to claim 1 or 2, wherein: the first checking unit is connected with the credential adding unit, the credential adding unit has credential adding unit identification information, the first checking unit generates a credential adding unit public-private key pair, applies a credential adding unit credential to a shared upper-layer credential issuing unit according to the credential adding unit public-private key pair, binds the credential adding unit identification information with the credential adding unit credential, and the credential adding unit is trusted by the credential checking unit.
4. The credential security issuance and management system according to claim 1 or 2, wherein: the certificate adding unit is connected with a third checking unit, the certificate adding unit has a certificate adding unit identification information, the third checking unit generates a public and private key of the certificate adding unit, applies a certificate adding unit certificate to a shared upper layer certificate issuing unit according to the public and private key, binds the certificate adding unit identification information by the certificate adding unit certificate, and the certificate adding unit is trusted by the certificate checking unit.
5. The credential security issuance and management system according to claim 1 or 2, wherein: the second checking unit is connected with the registration and approval unit, the registration and approval unit has registration and approval unit identification information, the second checking unit generates a registration and approval unit public and private key pair, and accordingly applies a registration and approval unit certificate to a shared upper-layer certificate issuing unit, the registration and approval unit certificate is used for binding the registration and approval unit identification information, and the certificate checking unit is trusted to the registration and approval unit.
6. The credential security issuance and management system according to claim 5, wherein: the second checking unit is connected with the certificate issuing unit, the certificate issuing unit has a certificate issuing unit identification information, the second checking unit generates a certificate issuing unit public-private key pair, and accordingly applies a certificate issuing unit certificate to a shared upper layer certificate issuing unit, the certificate issuing unit certificate is used for binding the certificate issuing unit identification information, and the registration approval unit is trusted by the certificate issuing unit.
7. The credential security issuance and management system according to claim 1, wherein: the certificate demand end generates a pair of public key and private key, and generates a certificate issue request according to the public key and the private key, and the certificate checking unit can safely acquire the certificate issue request through the certificate attaching unit.
8. The credential security issuance and management system according to claim 1, wherein: the certificate demand end generates a pair of public key and private key, the certificate checking unit can obtain the public key through the certificate attaching unit, and generates a certificate issuing request of the certificate demand end according to the public key.
9. The credential security issuance and management system according to claim 7 or 8, wherein: the certificate checking unit can safely transmit the certificate issuing request to the certificate issuing unit through the registration and approval unit.
10. The credential security issuance and management system according to claim 9, wherein: the certificate issuing unit issues a certificate through the second checking unit, the certificate is transmitted to the certificate attaching unit through the registration and approval unit and the certificate checking unit, and the certificate attaching unit adds the certificate into the certificate requiring end.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010240982.7A CN111614466B (en) | 2020-03-31 | 2020-03-31 | Certificate safety issuing and managing system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010240982.7A CN111614466B (en) | 2020-03-31 | 2020-03-31 | Certificate safety issuing and managing system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111614466A CN111614466A (en) | 2020-09-01 |
| CN111614466B true CN111614466B (en) | 2023-07-14 |
Family
ID=72198196
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010240982.7A Active CN111614466B (en) | 2020-03-31 | 2020-03-31 | Certificate safety issuing and managing system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111614466B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2115932A2 (en) * | 2007-02-16 | 2009-11-11 | Tibco Software Inc. | Systems and methods for automating certification authority practices |
| CN102271040A (en) * | 2011-07-26 | 2011-12-07 | 北京华大信安科技有限公司 | Identity verifying system and method |
| JP2012531822A (en) * | 2009-06-24 | 2012-12-10 | デバイススケープ・ソフトウェア・インコーポレーテッド | System and method for obtaining network credentials |
| EP2874094A1 (en) * | 2013-11-14 | 2015-05-20 | Software602 a.s. | Data authorization method |
| CN107277000A (en) * | 2017-06-09 | 2017-10-20 | 北京明朝万达科技股份有限公司 | A kind of electronic certificate method for managing security and system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9386008B2 (en) * | 2013-08-19 | 2016-07-05 | Smartguard, Llc | Secure installation of encryption enabling software onto electronic devices |
| US9646150B2 (en) * | 2013-10-01 | 2017-05-09 | Kalman Csaba Toth | Electronic identity and credentialing system |
-
2020
- 2020-03-31 CN CN202010240982.7A patent/CN111614466B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2115932A2 (en) * | 2007-02-16 | 2009-11-11 | Tibco Software Inc. | Systems and methods for automating certification authority practices |
| JP2012531822A (en) * | 2009-06-24 | 2012-12-10 | デバイススケープ・ソフトウェア・インコーポレーテッド | System and method for obtaining network credentials |
| CN102271040A (en) * | 2011-07-26 | 2011-12-07 | 北京华大信安科技有限公司 | Identity verifying system and method |
| EP2874094A1 (en) * | 2013-11-14 | 2015-05-20 | Software602 a.s. | Data authorization method |
| CN107277000A (en) * | 2017-06-09 | 2017-10-20 | 北京明朝万达科技股份有限公司 | A kind of electronic certificate method for managing security and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111614466A (en) | 2020-09-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108768664B (en) | Key management method, device, system, storage medium and computer equipment | |
| CN109617698B (en) | Method for issuing digital certificate, digital certificate issuing center and medium | |
| KR100962399B1 (en) | Method for providing anonymous public key infrastructure and method for providing service using the same | |
| US10848492B2 (en) | Certificate system for verifying authorized and unauthorized secure sessions | |
| KR101680260B1 (en) | Certificate issuance system and method based on block chain | |
| US7526649B2 (en) | Session key exchange | |
| CN111783075B (en) | Authority management method, device and medium based on secret key and electronic equipment | |
| US7689828B2 (en) | System and method for implementing digital signature using one time private keys | |
| EP1914951B1 (en) | Methods and system for storing and retrieving identity mapping information | |
| CA2357792C (en) | Method and device for performing secure transactions | |
| KR20170106515A (en) | Multi-factor certificate authority | |
| KR102078913B1 (en) | AUTHENTICATION METHOD AND SYSTEM OF IoT(Internet of Things) DEVICE BASED ON PUBLIC KEY INFRASTRUCTURE | |
| US20140013116A1 (en) | Apparatus and method for performing over-the-air identity provisioning | |
| CN110942382A (en) | Electronic contract generating method and device, computer equipment and storage medium | |
| CN114091009A (en) | Method for establishing secure link by using distributed identity | |
| CN113271207A (en) | Escrow key using method and system based on mobile electronic signature, computer equipment and storage medium | |
| CN116707983A (en) | Authorization authentication method and device, access authentication method and device, equipment and medium | |
| KR101616795B1 (en) | Method for manage private key file of public key infrastructure and system thereof | |
| CN111614466B (en) | Certificate safety issuing and managing system and method | |
| KR101868564B1 (en) | Apparatus for authenticating user in association with user-identification-registration and local-authentication and method for using the same | |
| CN113676330B (en) | Digital certificate application system and method based on secondary secret key | |
| TWI744844B (en) | Certificate securely signing and management system and certificate securely signing and management method | |
| CN114726558A (en) | Authentication method, authentication device, electronic equipment and storage medium | |
| KR20200057660A (en) | Method for operating account reinstating service based account key pairs, system and computer-readable medium recording the method | |
| CN111414629B (en) | Electronic contract signing device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |