CN112383577A - Authorization method, device, system, equipment and storage medium - Google Patents
Authorization method, device, system, equipment and storage medium Download PDFInfo
- Publication number
- CN112383577A CN112383577A CN202110065360.XA CN202110065360A CN112383577A CN 112383577 A CN112383577 A CN 112383577A CN 202110065360 A CN202110065360 A CN 202110065360A CN 112383577 A CN112383577 A CN 112383577A
- Authority
- CN
- China
- Prior art keywords
- authorization
- information
- authorized
- equipment
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 376
- 238000000034 method Methods 0.000 title claims abstract description 73
- 238000012545 processing Methods 0.000 claims abstract description 57
- 230000006870 function Effects 0.000 claims description 74
- 238000012795 verification Methods 0.000 claims description 29
- 230000008569 process Effects 0.000 abstract description 26
- 230000015572 biosynthetic process Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 9
- 238000003786 synthesis reaction Methods 0.000 description 9
- 102100040428 Chitobiosyldiphosphodolichol beta-mannosyltransferase Human genes 0.000 description 5
- 101000891547 Homo sapiens Alpha-1,3/1,6-mannosyltransferase ALG2 Proteins 0.000 description 5
- 101000891557 Homo sapiens Chitobiosyldiphosphodolichol beta-mannosyltransferase Proteins 0.000 description 5
- 102100034785 Programmed cell death protein 6 Human genes 0.000 description 5
- 230000004044 response Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000002194 synthesizing effect Effects 0.000 description 3
- 238000013461 design Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003139 buffering effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Abstract
The embodiment of the invention provides an authorization method, an authorization device, an authorization system, an authorization device and a storage medium, wherein the method comprises the following steps: acquiring equipment information of equipment to be authorized; based on a first secret key acquired in advance, encrypting the equipment information through an encryption algorithm agreed with authorized equipment to obtain an equipment information ciphertext; sending the first key and the equipment information ciphertext to authorization equipment, so that the authorization equipment decrypts the equipment information ciphertext through an encryption algorithm based on the first key to obtain equipment information; receiving authorization information returned by the authorization equipment based on the equipment information; and performing function authorization processing based on the authorization information. The invention can ensure the safety of the equipment information in the importing process so as to ensure the normal use of the specific function in the equipment to be authorized.
Description
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to an authorization method, an authorization apparatus, an authorization system, an authorization device, and a storage medium.
Background
The related art requires authorization of certain functions of the software in order for the device to run those functions of the software. In the process of authorization, the device information of the device to be authorized needs to be collected first, and then the device information of the device to be authorized needs to be imported into the authorization device. During the period of importing the device information, the device information is inevitably possibly tampered, so that the authorization operation is failed, and the normal use of the software function is influenced.
Disclosure of Invention
The embodiment of the invention provides an authorization method, an authorization device, equipment and a storage medium, which are used for ensuring the safety of equipment information in the importing process so as to ensure the normal use of a specific function in equipment to be authorized.
In a first aspect, an embodiment of the present invention provides an authorization method, where the method includes:
acquiring equipment information of equipment to be authorized;
based on a first secret key acquired in advance, encrypting the equipment information through an encryption algorithm agreed with authorized equipment to obtain an equipment information ciphertext;
sending the first key and the equipment information ciphertext to the authorization equipment, so that the authorization equipment decrypts the equipment information ciphertext through the encryption algorithm based on the first key to obtain the equipment information;
receiving authorization information returned by the authorization equipment based on the equipment information;
and performing function authorization processing based on the authorization information.
In a second aspect, an embodiment of the present invention provides an authorization method, including:
acquiring a first secret key sent by a device to be authorized and a device information ciphertext corresponding to the device to be authorized, wherein the device information ciphertext is obtained by encrypting the first secret key;
based on the first secret key, decrypting the equipment information ciphertext through an encryption algorithm agreed with the equipment to be authorized to obtain equipment information corresponding to the equipment to be authorized;
authorizing the device to be authorized based on the device information corresponding to the device to be authorized to obtain authorization information corresponding to the device to be authorized;
and sending the authorization information to the device to be authorized, so that the device to be authorized performs function authorization processing based on the authorization information.
In a third aspect, an embodiment of the present invention provides an authorization apparatus, including:
the acquisition module is used for acquiring the equipment information of the equipment to be authorized;
the encryption module is used for encrypting the equipment information through an encryption algorithm agreed with authorized equipment based on a first secret key acquired in advance to obtain an equipment information ciphertext;
the sending module is used for sending the first key and the equipment information ciphertext to the authorization equipment so that the authorization equipment decrypts the equipment information ciphertext through the encryption algorithm based on the first key to obtain the equipment information;
the receiving module is used for receiving the authorization information returned by the authorization equipment based on the equipment information;
and the authorization module is used for performing function authorization processing based on the authorization information.
In a fourth aspect, an embodiment of the present invention provides an authorization apparatus, including:
the device comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring a first secret key sent by a device to be authorized and a device information ciphertext corresponding to the device to be authorized, which is obtained by encrypting the first secret key;
the decryption module is used for decrypting the equipment information ciphertext through an encryption algorithm agreed with the equipment to be authorized based on the first secret key to obtain the equipment information corresponding to the equipment to be authorized;
the authorization module is used for carrying out authorization processing on the equipment to be authorized based on the equipment information corresponding to the equipment to be authorized to obtain authorization information corresponding to the equipment to be authorized;
and the sending module is used for sending the authorization information to the equipment to be authorized so that the equipment to be authorized performs function authorization processing based on the authorization information.
In a fifth aspect, an embodiment of the present invention provides an authorization system, including a device to be authorized and an authorization device, where:
the device to be authorized is used for acquiring the device information of the device to be authorized; based on a first secret key acquired in advance, encrypting the equipment information through an encryption algorithm agreed with the authorized equipment to obtain an equipment information ciphertext; sending the first key and the equipment information ciphertext to the authorization equipment; receiving authorization information returned by the authorization equipment based on the equipment information; performing function authorization processing based on the authorization information;
the authorization device is used for acquiring a first secret key sent by the device to be authorized and a device information ciphertext corresponding to the device to be authorized, which is obtained by encrypting the first secret key; based on the first secret key, decrypting the equipment information ciphertext through an encryption algorithm agreed with the equipment to be authorized to obtain equipment information corresponding to the equipment to be authorized; authorizing the device to be authorized based on the device information corresponding to the device to be authorized to obtain authorization information corresponding to the device to be authorized; and sending the authorization information to the device to be authorized, so that the device to be authorized performs function authorization processing based on the authorization information.
In a sixth aspect, an embodiment of the present invention provides an electronic device, which includes a processor and a memory, where the memory stores executable code thereon, and when the executable code is executed by the processor, the processor is enabled to implement at least the authorization method in the first aspect or the second aspect.
In a seventh aspect, an embodiment of the present invention provides a non-transitory machine-readable storage medium, on which executable code is stored, and when the executable code is executed by a processor of an electronic device, the processor is enabled to implement at least the authorization method in the first aspect or the second aspect.
In the embodiment of the invention, the equipment to be authorized and the authorized equipment both ensure the safety of the equipment information through an agreed encryption algorithm. The encryption algorithm is only known by the device to be authorized and the authorization device, even if the device information ciphertext and the first key are hijacked, if the correct encryption algorithm is not known, the device information ciphertext cannot be successfully cracked through the first key, and therefore correct device information cannot be obtained. By encrypting the device information, the device information can be protected from being maliciously tampered during the process of leading the device information into the authorization device, so that the safety of the device information is guaranteed, and the efficiency of the authorization process is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a schematic flow chart of an authorization method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of an authorization apparatus according to an embodiment of the present invention;
FIG. 3 is a flow chart diagram of another authorization method provided by the embodiment of the invention;
fig. 4 is a schematic structural diagram of an authorization apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an authorization apparatus according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, and "a plurality" typically includes at least two.
The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection", depending on the context. Similarly, the phrases "if determined" or "if detected (a stated condition or event)" may be interpreted as "when determined" or "in response to a determination" or "when detected (a stated condition or event)" or "in response to a detection (a stated condition or event)", depending on the context.
In addition, the sequence of steps in each method embodiment described below is only an example and is not strictly limited.
Fig. 1 is a flowchart of an authorization method according to an embodiment of the present invention, as shown in fig. 1, the method includes the following steps:
101. the device to be authorized acquires the device information of the device to be authorized.
102. And the device to be authorized encrypts the device information through an encryption algorithm agreed with the authorized device based on the pre-acquired first secret key to obtain a device information ciphertext.
103. And the device to be authorized sends the first key and the device information ciphertext to the authorization device.
104. The authorization device obtains a first secret key sent by the device to be authorized and a device information ciphertext corresponding to the device to be authorized, which is obtained by encrypting the first secret key.
105. And the authorization equipment decrypts the equipment information ciphertext through an encryption algorithm agreed with the equipment to be authorized on the basis of the first secret key to obtain the equipment information corresponding to the equipment to be authorized.
106. And the authorization device carries out authorization processing on the device to be authorized based on the device information corresponding to the device to be authorized to obtain the authorization information corresponding to the device to be authorized.
107. The authorization device sends authorization information to the device to be authorized.
108. And the device to be authorized receives the authorization information returned by the authorization device based on the device information.
109. And the device to be authorized performs function authorization processing based on the authorization information.
The device to be authorized may be a server, and specifically may be a signature verification server. The signature verification server may verify the received signed information to determine whether the counterpart is a legitimate device. The signature verification server may be used to implement specific functions that need to be authorized before they can function properly. And if the signature verification server is not authorized, the signature verification server can only realize the common service functions which can be provided by the common server. The authorization device can be provided with a product authorization management system, and the authorization operation of the device to be authorized can be realized through the product authorization management system. In the embodiment of the present invention, a method for performing authorization operation on a device to be authorized is specifically provided, so that the authorized device can implement a specific function.
In practical applications, in order to obtain authorization, the device to be authorized may collect device information first. The method for collecting the equipment information comprises two methods, one is offline synthesis, and the other is automatic collection. Of course, besides the two types of device information collection methods provided in the embodiment of the present invention, the device information may be collected in other possible methods. The two ways of off-line synthesis and automatic acquisition will be described separately below.
For the offline synthesis mode, offline synthesis refers to synthesizing a request by other devices that may not be the device to be authorized, and requires collecting corresponding request parameter information on the device to be authorized. The offline synthesis mode can be suitable for the scene of the server online without an authorized time window, and an authorized application needs to be made before the server is online. The unauthorized time window is the time required for the server to be put into use immediately after being online, and the time required for the automatic acquisition function of the equipment is not reserved.
For the automatic acquisition mode, the automatic acquisition is a function corresponding to product software installed by a device to be authorized. The online automatic acquisition function after the server is online automatically acquires the offline acquisition information integrating the offline synthesis mode and the offline synthesis complete function, is simple and easy to operate, and is suitable for the scene that the server is online and has an authorized time window.
The offline synthesis and automatic acquisition modes can be realized by the authorization information acquirer.
The device information may be a physical Address (MAC) and a Central Processing Unit Identity (CPUID). The device information is used to uniquely identify the device.
After the device information is collected, the device information may be encrypted by the first key in order to ensure security of the device information. Assuming that the device information APPTEXT is collected, the device to be authorized and the authorized device agree a symmetric ALG1 algorithm corresponding to the product in advance, and a symmetric key is randomly generated through an ALG 1. The randomly generated first KEY may then be converted to a 36 byte KEY by the ALG2 algorithm. And finally, performing ENC operation of ALG1 on the APPTEXT through KEY to obtain an equipment information ciphertext ENCTEXT. The corresponding operational expression may be:
ENCTEXT = ALG1 (appext, KEY, ENC); (expression 1)
After the device information ciphertext is obtained, optionally, the first key and the device information ciphertext may be combined to obtain a combined first key and device information ciphertext, and the combined first key and device information ciphertext may be sent to the authorization device.
In practical application, the combination of the first key and the device information ciphertext can be realized through JOIN operation, and it is assumed that the combined first key and device information ciphertext are recorded as license app. The corresponding operational expression may be:
licanceapp = JOIN (KEY, ENCTEXT); (expression 2)
After the combined first key and device information ciphertext is obtained, the device to be authorized may send the first key and the device information ciphertext to the authorization device.
After receiving the first key and the device information ciphertext, the authorization device may decrypt the device information ciphertext through an encryption algorithm agreed with the device to be authorized based on the first key to obtain the device information corresponding to the device to be authorized.
In practical application, after receiving the first key and the device information ciphertext, the authorization device may import the first key and the device information ciphertext into the authorization management system. Since the first KEY and the device information ciphertext are the result of the combination process, the first KEY and the device information ciphertext after combination may be first subjected to PARSE analysis to obtain the first KEY and the device information ciphertext enctectext. The corresponding operational expression may be:
KEY, ENCTEXT = part (licenceaapp); (expression 3)
In the embodiment of the invention, the equipment to be authorized and the authorized equipment both ensure the safety of the equipment information through an agreed encryption algorithm. The encryption algorithm is only known by the device to be authorized and the authorization device, even if the device information ciphertext and the first key are hijacked, if the correct encryption algorithm is not known, the device information ciphertext cannot be successfully cracked through the first key, and therefore correct device information cannot be obtained. By encrypting the device information, the device information can be protected from being maliciously tampered during the process of leading the device information into the authorization device, so that the safety of the device information is guaranteed, and the efficiency of the authorization process is improved.
After KEY and ENCTEXT are obtained, the ALG1 algorithm may be used to perform DEC decryption operation on ENCTEXT by KEY to obtain device information appext. The corresponding operational expression may be:
aptext = ALG1 (ENCTEXT, KEY, DEC); (expression 4)
After obtaining the device information of the device to be authorized, the manager may view the device information in the authorization device, and set authorization information for the device information, so as to complete the process of performing authorization processing on the device to be authorized. Or, the corresponding relationship between the device information and the authorization information may be stored in the authorization device, and after the device information of the device to be authorized is obtained, the authorization information corresponding to the device information of the device to be authorized may be determined based on the corresponding relationship.
In practical application, a manager can input software function limit information, product module information, strength policy information and the like. The software function restriction information includes, for example, a validity period, the number of users, and the number of concurrencies. The product information is, for example, a product name, a hardware model, a software version, and the like. The product module information is, for example, information indicating whether or not a service function corresponding to an existing server is included. The strength policy information is, for example, information indicating whether the verification is not passed or the service is forcibly stopped. In addition to such information, types of information such as company contacts, customer basic information, and the like may be input. Therefore, the authorization device can acquire the authorization information through the setting of the management personnel.
By the authorization information, it is possible to know which specific functions can be used in the device to be authorized, the use validity period of the functions, and the like.
The process of obtaining the authorization information can be realized by an authorization management module in the authorization device. After the authorization information is obtained by the authorization device, the authorization information can be sent to the device to be authorized, so that the device to be authorized can perform function authorization processing based on the authorization information. After the device to be authorized completes the function authorization process, the device to be authorized can run some specific authorized functions.
The method provided by the embodiment of the invention can realize the authorization operation of the device to be authorized. In the process of authorizing the device to be authorized, the authorization device is required to send authorization information to the device to be authorized, and in the process, if other devices exist to pretend to be the authorization device to send fake authorization information to the device to be authorized, at least two hazards may be generated:
(1) the authorization information that may be forged lacks certain service authorizations or the authorization information is incorrect. For example, if the authorization for a particular function is normally 2 years, assuming that the forged authorization information is only 2 months and no real service is authorized, it may result in the unavailability of the service of the device to be authorized. If the service of the device to be authorized is not available, the device buyer can be hindered in using the device, and the normal operation of the service is seriously influenced.
(2) The possibly forged authorization information extends the validity period and gives all business authorizations that are not within the scope of the contract, which may cause damage to the product manufacturer.
Due to various hazards caused by forged authorization information, in the embodiment of the present invention, in order to avoid such hazards, optionally, the validity of the identities of the two communicating parties may be ensured by signing and verifying a signature, so as to prevent devices other than the legitimate communicating party from forging the authorization information. The specific process for ensuring the validity of the identities of the two communication parties can be realized as follows: the authorization equipment acquires the signature information; the authorization device sends the signature information and the authorization information to the device to be authorized. Correspondingly, the device to be authorized receives the signature information and the authorization information returned by the authorization device based on the device information; the device to be authorized performs signature verification processing on the signature information; and if the verification is passed, the device to be authorized performs function authorization processing based on the authorization information.
Optionally, the process of acquiring the signature information may be implemented as: and signing the device information and the authorization information corresponding to the device to be authorized by using the second key to obtain the signature information. The second key may be a private key.
In practical application, the authorization device may obtain device information and authorization information of the device to be authorized. Assuming that the device information is APPTEXT and the authorization information is liencinfo, signature processing may be performed on the SIGN operation result of APPTEXT and liencinfo by using the ALG2 algorithm through the private key PRIK to obtain signature information SIGTEXT. The corresponding operational expression may be:
SIGTEXT = ALG2 (appext, liencinfo, PRIK, SIGN); (expression 5)
After obtaining SIGTEXT, SIGTEXT and liencinfo may be subjected to JOIN operation to synthesize an authorization document conference.
Conference = JOIN (SIGTEXT, liencicenefo); (expression 6)
Accordingly, in the device to be authorized, after the licence is received, PARSE parsing operation can be performed to obtain SIGTEXT and liencicenfefo. And (4) carrying out signature checking processing on SIGTEXT, and if the signature checking passes, carrying out function authorization processing on the equipment to be authorized based on LICENCEINFO. The operation expression corresponding to the PARSE parsing operation may be:
SIGTEXT, LICENCEINFO = part (science); (expression 7)
The signature verification process can be specifically realized as follows: acquiring a third key corresponding to a second key for signing the signature information; and verifying the signature information through the third key.
The authorization device stores a second secret key, the second secret key is a private key, the device to be authorized can store a third secret key corresponding to the second secret key, the third secret key is a public key, and the second secret key and the third secret key are symmetric keys. The device to be authorized can adopt the signature verification VER operation of the ALG2 algorithm to perform signature verification processing on the signature information SIGTEXT through the public key PUBK.
boolean isverify = ALG2( SIGTEXT, APPTEXT,
LICENCEINFO, VER); (expression 8)
In the process of signature verification, the signature verification process may be performed using the locally stored device information and the liencicenfo as original texts.
Because the signature information is obtained by performing signature processing on the device information and the authorization information corresponding to the device to be authorized, the process of performing signature verification processing on the signature information through the third key can be implemented as follows: decrypting the signature information through a third key to obtain decrypted information; acquiring device information and authorization information corresponding to a device to be authorized; and matching and comparing the decryption information with the device information and the authorization information corresponding to the device to be authorized. Based on this, if the verification passes, based on the authorization information, the process of performing the function authorization processing may be implemented as: and if the decryption information is consistent with the device information and the authorization information corresponding to the device to be authorized, performing function authorization processing based on the authorization information.
In the process of performing the function authorization processing, the device to be authorized may first determine whether the current date is within the validity period specified in the authorization information, and if the current date is within the validity period specified in the authorization information, the subsequent verification processing may be performed. When all the verifications are passed, the function authorization processing is finally realized, so that the validity and the legality of the authorization can be ensured.
In the embodiment of the invention, a strategy intensity data item can be introduced, so that different strategy corresponding measures can be triggered when the server is used for corresponding to different services and users, and the flexibility of an authorization mechanism is improved. Optionally, the authorization information corresponding to the device to be authorized includes a target authorization validity period and target authorization expiration handling information, and the target authorization expiration handling information is used to indicate whether the device to be authorized can continue to use the authorized preset function after the authorization of the device to be authorized expires. The process of performing authorization processing on the device to be authorized based on the device information corresponding to the device to be authorized to obtain the authorization information corresponding to the device to be authorized may be implemented as follows: the authorization device acquires a target authorization validity period corresponding to the device information of the device to be authorized; and the authorization device determines target authorization expiration handling information corresponding to the device information of the device to be authorized based on the preset corresponding relationship between the device information and the authorization expiration handling information. Correspondingly, after the device to be authorized performs function authorization processing based on the authorization information, the device to be authorized can detect that the authorization of the device to be authorized is expired based on the target authorization validity period; if the target authorization expiration handling information indicates that the device to be authorized can continue to use the authorized preset function after the authorization of the device to be authorized expires, the device to be authorized keeps the function authorization of the device to be authorized and sends prompt information according to a preset period, wherein the prompt information is used for prompting to request authorization from the authorization device again; and if the target authorization expiration handling information indicates that the device to be authorized forbids to continue using the authorized preset function after the authorization of the device to be authorized expires, the device to be authorized stops using the authorized preset function.
In practical application, the self-measures adopted by the device to be authorized when the authorization is expired can be distinguished by the mandatory identification and the non-mandatory identification. For example, if it is not mandatory, the specific function may continue to be run while the original service configuration is maintained, and an uninterrupted expiration reminder may be made during the running of the specific function after expiration to prompt the requesting of authorization from the authorization device again. If mandatory, all specific functions can be switched off immediately after expiry of the authorization, and the device to be authorized can no longer use these specific functions.
In a specific use scene, the device to be authorized does not adopt two states of simple availability and unavailability to strictly distinguish service or service states, and for some key services, specific functions are stopped immediately when authorization is overdue, and more friendly buffering and early warning strategies are adopted to ensure service continuity.
Fig. 2 is a schematic structural diagram of an authorization apparatus according to an embodiment of the present invention. In the present authorization apparatus, a device to be authorized and an authorization device are provided. And acquiring authorization information through an authorization information acquisition device. The authorization information is acquired offline and input into the authorization information collector, and the authorization information collector can output the authorization request in a offline synthesis mode or an automatic acquisition mode. The license APP can be obtained by encrypting the authorization information. The license APP is input into an authorization device (product authorization system), the authorization device can also receive set authorization information, and the authorization information can be input by a manager or locally stored by the authorization device. The authorization device can obtain the license through the authorization generator and send the license to the server authorization management module of the device to be authorized. In the server authorization management module, through the conference and license APP, signature verification processing is carried out, if the signature verification is passed, authorization information is verified, other verification is carried out, and finally a verification result is output.
Fig. 3 is a schematic flow chart of an authorization method according to an embodiment of the present invention. In the method, the authorization process is completed through the interaction of the device to be authorized and the authorization device. Firstly, the device to be authorized can collect the MAC and the CPUID, and the MAC and the CPUID are encrypted through the secret key to obtain a device information ciphertext. And synthesizing the key and the equipment information ciphertext to obtain the license APP, and sending the license APP to the authorization equipment. And the authorization equipment decrypts the license APP to obtain the MAC and the CPUID. Based on the MAC and the CPUID, authorization information is determined. And signing the MAC, the CPUID and the authorization information to obtain signature information, and synthesizing the signature information and the authorization information to obtain the conference. The authorization device sends the license to the device to be authorized, and the device to be authorized performs signature verification processing and other verification on the license.
The authorization apparatus of one or more embodiments of the present invention will be described in detail below. Those skilled in the art will appreciate that these authorization means may be constructed using commercially available hardware components configured by the steps taught in this scheme.
Fig. 4 is a schematic structural diagram of an authorization apparatus according to an embodiment of the present invention, and as shown in fig. 4, the apparatus includes:
an obtaining module 41, configured to obtain device information of a device to be authorized;
the encryption module 42 is configured to encrypt the device information based on a first key obtained in advance through an encryption algorithm agreed with the authorized device to obtain a device information ciphertext;
a sending module 43, configured to send the first key and the device information ciphertext to the authorization device, so that the authorization device decrypts the device information ciphertext through the encryption algorithm based on the first key to obtain the device information;
a receiving module 44, configured to receive authorization information returned by the authorization device based on the device information;
and the authorization module 45 is configured to perform function authorization processing based on the authorization information.
Optionally, the device information includes a physical address and a central processor identification.
Optionally, the sending module 43 is configured to:
combining the first key and the equipment information ciphertext to obtain the combined first key and the equipment information ciphertext;
and sending the combined first key and the equipment information ciphertext to the authorization equipment.
Optionally, the receiving module 44 is configured to receive signature information and authorization information returned by the authorization device based on the device information;
the authorization module 45 is configured to perform signature verification processing on the signature information; and if the signature passes the verification, performing function authorization processing based on the authorization information.
Optionally, the authorization module 45 is configured to:
acquiring a third key corresponding to a second key for signing the signature information;
and verifying the signature of the signature information through the third key.
Optionally, the signature information is obtained by performing signature processing on the device information and the authorization information corresponding to the device to be authorized, and the authorization module 45 is configured to:
decrypting the signature information through the third key to obtain decrypted information;
acquiring the device information and the authorization information corresponding to the device to be authorized;
matching and comparing the decryption information with the device information and the authorization information corresponding to the device to be authorized;
and if the decryption information is consistent with the device information and the authorization information corresponding to the device to be authorized, performing function authorization processing based on the authorization information.
Optionally, the authorization information includes a target authorization validity period and target authorization expiration treatment information, the target authorization expiration treatment information is used for indicating whether the device to be authorized can continue to use the authorized preset function after the device to be authorized expires;
the apparatus also includes an expiration handling module to:
detecting that the authorization of the device to be authorized has expired based on the target authorization validity period;
if the target authorization expiration handling information indicates that the device to be authorized can continue to use the authorized preset function after the device to be authorized expires, maintaining the function authorization of the device to be authorized, and sending prompt information according to a preset period, wherein the prompt information is used for prompting that authorization is requested to the authorization device again;
if the target authorization expiration handling information indicates that the device to be authorized is prohibited from continuing to use the authorized preset function after the device to be authorized expires, stopping using the authorized preset function.
Fig. 5 is a schematic structural diagram of an authorization apparatus according to an embodiment of the present invention, and as shown in fig. 5, the apparatus includes:
the obtaining module 51 is configured to obtain a first key sent by a device to be authorized and a device information ciphertext corresponding to the device to be authorized, where the device information ciphertext is obtained by encrypting the first key;
a decryption module 52, configured to decrypt the device information ciphertext through an encryption algorithm agreed with the device to be authorized based on the first key, so as to obtain device information corresponding to the device to be authorized;
the authorization module 53 is configured to perform authorization processing on the device to be authorized based on the device information corresponding to the device to be authorized, so as to obtain authorization information corresponding to the device to be authorized;
a sending module 54, configured to send the authorization information to the device to be authorized, so that the device to be authorized performs function authorization processing based on the authorization information.
Optionally, the device information includes a physical address and a central processor identification.
Optionally, the obtaining module 51 is further configured to obtain signature information;
the sending module 54 is further configured to send the signature information and the authorization information to the device to be authorized.
Optionally, the obtaining module 51 is configured to:
and signing the device information and the authorization information corresponding to the device to be authorized through a second secret key to obtain signature information.
Optionally, the authorization information corresponding to the device to be authorized includes a target authorization validity period and target authorization expiration handling information, where the target authorization expiration handling information is used to indicate whether the device to be authorized can continue to use the authorized preset function after the authorization for the device to be authorized expires;
the authorization module 53 is configured to:
acquiring a target authorization validity period corresponding to the equipment information of the equipment to be authorized;
and determining the target authorization expiration handling information corresponding to the device information of the device to be authorized based on the preset corresponding relationship between the device information and the authorization expiration handling information.
The apparatuses shown in fig. 4 and fig. 5 may perform the authorization method provided in the embodiments shown in fig. 1 to fig. 3, and the detailed implementation process and technical effect refer to the description in the embodiments, which is not described herein again.
In one possible design, the structure of the authorization apparatus shown in fig. 4 may be implemented as an electronic device, as shown in fig. 6, which may include: a first processor 91, a first memory 92. Wherein the first memory 92 has stored thereon executable code, which when executed by the first processor 91, causes the first processor 91 to at least implement the authorization method as provided in the embodiments of fig. 1 to 3 described above.
Optionally, the electronic device may further include a first communication interface 93 for communicating with other devices.
In one possible design, the structure of the authorization apparatus shown in fig. 5 may be implemented as an electronic device, as shown in fig. 7, which may include: a second processor 81, and a second memory 82. Wherein the second memory 82 has stored thereon executable code, which when executed by the second processor 81, causes the second processor 81 to at least implement the authorization method as provided in the embodiments of fig. 1 to 3 described above.
Optionally, the electronic device may further include a second communication interface 83 for communicating with other devices.
Additionally, an embodiment of the present invention provides a non-transitory machine-readable storage medium having stored thereon executable code, which when executed by a processor of an electronic device, causes the processor to implement at least the authorization method provided in the foregoing embodiments of fig. 1 to 3.
The embodiment of the invention also provides an authorization system, which comprises a device to be authorized and an authorization device, wherein:
the device to be authorized is used for acquiring the device information of the device to be authorized; based on a first secret key acquired in advance, encrypting the equipment information through an encryption algorithm agreed with the authorized equipment to obtain an equipment information ciphertext; sending the first key and the equipment information ciphertext to the authorization equipment; receiving authorization information returned by the authorization equipment based on the equipment information; performing function authorization processing based on the authorization information;
the authorization device is used for acquiring a first secret key sent by the device to be authorized and a device information ciphertext corresponding to the device to be authorized, which is obtained by encrypting the first secret key; based on the first secret key, decrypting the equipment information ciphertext through an encryption algorithm agreed with the equipment to be authorized to obtain equipment information corresponding to the equipment to be authorized; authorizing the device to be authorized based on the device information corresponding to the device to be authorized to obtain authorization information corresponding to the device to be authorized; and sending the authorization information to the device to be authorized, so that the device to be authorized performs function authorization processing based on the authorization information.
The authorization system may implement the authorization method provided in the embodiments shown in fig. 1 to fig. 3, and the detailed execution process and technical effect refer to the description in the embodiments, which are not described herein again.
The above-described apparatus embodiments are merely illustrative, wherein the units described as separate components may or may not be physically separate. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by adding a necessary general hardware platform, and of course, can also be implemented by a combination of hardware and software. With this understanding in mind, the above-described aspects and portions of the present technology which contribute substantially or in part to the prior art may be embodied in the form of a computer program product, which may be embodied on one or more computer-usable storage media having computer-usable program code embodied therein, including without limitation disk storage, CD-ROM, optical storage, and the like.
The authorization method provided by the embodiment of the present invention may be executed by a certain program/software, the program/software may be provided by a network side, the electronic device mentioned in the foregoing embodiment may download the program/software into a local nonvolatile storage medium, and when it needs to execute the foregoing authorization method, the program/software is read into a memory by a CPU, and then the CPU executes the program/software to implement the authorization method provided in the foregoing embodiment, and an execution process may refer to the schematic in fig. 1 to fig. 3.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (17)
1. An authorization method, comprising:
acquiring equipment information of equipment to be authorized;
based on a first secret key acquired in advance, encrypting the equipment information through an encryption algorithm agreed with authorized equipment to obtain an equipment information ciphertext;
sending the first key and the equipment information ciphertext to the authorization equipment, so that the authorization equipment decrypts the equipment information ciphertext through the encryption algorithm based on the first key to obtain the equipment information;
receiving authorization information returned by the authorization equipment based on the equipment information;
and performing function authorization processing based on the authorization information.
2. The method of claim 1, wherein the device information comprises a physical address and a central processor identification.
3. The method of claim 1, wherein sending the first key and the device information ciphertext to the authorized device comprises:
combining the first key and the equipment information ciphertext to obtain the combined first key and the equipment information ciphertext;
and sending the combined first key and the equipment information ciphertext to the authorization equipment.
4. The method of claim 1, wherein the receiving authorization information returned by the authorization device based on the device information comprises:
receiving signature information and authorization information returned by the authorization equipment based on the equipment information;
the performing function authorization processing based on the authorization information includes:
carrying out signature verification processing on the signature information;
and if the signature passes the verification, performing function authorization processing based on the authorization information.
5. The method of claim 4, wherein said verifying said signature information comprises:
acquiring a third key corresponding to a second key for signing the signature information;
and verifying the signature of the signature information through the third key.
6. The method according to claim 5, wherein the signature information is obtained by performing signature processing on the device information and the authorization information corresponding to the device to be authorized, and the performing signature verification processing on the signature information by using the third key includes:
decrypting the signature information through the third key to obtain decrypted information;
acquiring the device information and the authorization information corresponding to the device to be authorized;
matching and comparing the decryption information with the device information and the authorization information corresponding to the device to be authorized;
if the verification is passed, performing function authorization processing based on the authorization information, including:
and if the decryption information is consistent with the device information and the authorization information corresponding to the device to be authorized, performing function authorization processing based on the authorization information.
7. The method according to claim 1, wherein the authorization information includes a target authorization validity period and target authorization expiration handling information, the target authorization expiration handling information indicating whether the device to be authorized can continue to use the authorized preset function after the expiration of the authorization for the device to be authorized;
after performing function authorization processing based on the authorization information, the method further includes:
detecting that the authorization of the device to be authorized has expired based on the target authorization validity period;
if the target authorization expiration handling information indicates that the device to be authorized can continue to use the authorized preset function after the device to be authorized expires, maintaining the function authorization of the device to be authorized, and sending prompt information according to a preset period, wherein the prompt information is used for prompting that authorization is requested to the authorization device again;
if the target authorization expiration handling information indicates that the device to be authorized is prohibited from continuing to use the authorized preset function after the device to be authorized expires, stopping using the authorized preset function.
8. An authorization method, comprising:
acquiring a first secret key sent by a device to be authorized and a device information ciphertext corresponding to the device to be authorized, wherein the device information ciphertext is obtained by encrypting the first secret key;
based on the first secret key, decrypting the equipment information ciphertext through an encryption algorithm agreed with the equipment to be authorized to obtain equipment information corresponding to the equipment to be authorized;
authorizing the device to be authorized based on the device information corresponding to the device to be authorized to obtain authorization information corresponding to the device to be authorized;
and sending the authorization information to the device to be authorized, so that the device to be authorized performs function authorization processing based on the authorization information.
9. The method of claim 8, wherein the device information comprises a physical address and a central processor identification.
10. The method of claim 8, further comprising:
acquiring signature information;
the sending the authorization information to the device to be authorized includes:
and sending the signature information and the authorization information to the equipment to be authorized.
11. The method of claim 10, wherein the obtaining the signature information comprises:
and signing the device information and the authorization information corresponding to the device to be authorized through a second secret key to obtain signature information.
12. The method according to claim 8, wherein the authorization information corresponding to the device to be authorized comprises a target authorization validity period and target authorization expiration handling information, the target authorization expiration handling information is used for indicating whether the device to be authorized can continue to use the authorized preset function after the device to be authorized expires;
the authorizing the device to be authorized based on the device information corresponding to the device to be authorized to obtain the authorization information corresponding to the device to be authorized includes:
acquiring a target authorization validity period corresponding to the equipment information of the equipment to be authorized;
and determining the target authorization expiration handling information corresponding to the device information of the device to be authorized based on the preset corresponding relationship between the device information and the authorization expiration handling information.
13. An authorization device, comprising:
the acquisition module is used for acquiring the equipment information of the equipment to be authorized;
the encryption module is used for encrypting the equipment information through an encryption algorithm agreed with authorized equipment based on a first secret key acquired in advance to obtain an equipment information ciphertext;
the sending module is used for sending the first key and the equipment information ciphertext to the authorization equipment so that the authorization equipment decrypts the equipment information ciphertext through the encryption algorithm based on the first key to obtain the equipment information;
the receiving module is used for receiving the authorization information returned by the authorization equipment based on the equipment information;
and the authorization module is used for performing function authorization processing based on the authorization information.
14. An authorization device, comprising:
the device comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring a first secret key sent by a device to be authorized and a device information ciphertext corresponding to the device to be authorized, which is obtained by encrypting the first secret key;
the decryption module is used for decrypting the equipment information ciphertext through an encryption algorithm agreed with the equipment to be authorized based on the first secret key to obtain the equipment information corresponding to the equipment to be authorized;
the authorization module is used for carrying out authorization processing on the equipment to be authorized based on the equipment information corresponding to the equipment to be authorized to obtain authorization information corresponding to the equipment to be authorized;
and the sending module is used for sending the authorization information to the equipment to be authorized so that the equipment to be authorized performs function authorization processing based on the authorization information.
15. An authorization system, comprising a device to be authorized and an authorization device, wherein:
the device to be authorized is used for acquiring the device information of the device to be authorized; based on a first secret key acquired in advance, encrypting the equipment information through an encryption algorithm agreed with the authorized equipment to obtain an equipment information ciphertext; sending the first key and the equipment information ciphertext to the authorization equipment; receiving authorization information returned by the authorization equipment based on the equipment information; performing function authorization processing based on the authorization information;
the authorization device is used for acquiring a first secret key sent by the device to be authorized and a device information ciphertext corresponding to the device to be authorized, which is obtained by encrypting the first secret key; based on the first secret key, decrypting the equipment information ciphertext through an encryption algorithm agreed with the equipment to be authorized to obtain equipment information corresponding to the equipment to be authorized; authorizing the device to be authorized based on the device information corresponding to the device to be authorized to obtain authorization information corresponding to the device to be authorized; and sending the authorization information to the device to be authorized, so that the device to be authorized performs function authorization processing based on the authorization information.
16. An electronic device, comprising: a memory, a processor; wherein the memory has stored thereon executable code which, when executed by the processor, causes the processor to perform the authorization method of any of claims 1-12.
17. A non-transitory machine-readable storage medium having stored thereon executable code, which when executed by a processor of an electronic device, causes the processor to perform the authorization method of any of claims 1-12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110065360.XA CN112383577A (en) | 2021-01-19 | 2021-01-19 | Authorization method, device, system, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110065360.XA CN112383577A (en) | 2021-01-19 | 2021-01-19 | Authorization method, device, system, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112383577A true CN112383577A (en) | 2021-02-19 |
Family
ID=74581982
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110065360.XA Pending CN112383577A (en) | 2021-01-19 | 2021-01-19 | Authorization method, device, system, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112383577A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113242224A (en) * | 2021-04-30 | 2021-08-10 | 北京市商汤科技开发有限公司 | Authorization method and device, electronic equipment and storage medium |
| CN113543123A (en) * | 2021-07-23 | 2021-10-22 | 闻泰通讯股份有限公司 | Method and device for dynamically setting authority of wireless network |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101162991A (en) * | 2006-10-13 | 2008-04-16 | 中兴通讯股份有限公司 | System and method for performing authorization to broadcast service content |
| CN101420696A (en) * | 2008-12-12 | 2009-04-29 | 普天信息技术研究院有限公司 | Method and system for on-line distributing authentication information |
| CN101466079A (en) * | 2009-01-12 | 2009-06-24 | 中兴通讯股份有限公司 | Method, system and WAPI terminal for transmitting e-mail |
| CN108337540A (en) * | 2017-01-20 | 2018-07-27 | 中兴通讯股份有限公司 | A kind of authorization management method, device and authentication management system |
| US20200036525A1 (en) * | 2016-08-04 | 2020-01-30 | Aircuve Inc. | Method for determining approval for access to gate through network, and server and computer-readable recording media using the same |
| CN111194028A (en) * | 2019-11-05 | 2020-05-22 | 储长青 | Safety control method based on vehicle |
| CN111611552A (en) * | 2020-05-21 | 2020-09-01 | 浩云科技股份有限公司 | License authorization method and device based on combination of software and hardware |
| CN112202772A (en) * | 2020-09-29 | 2021-01-08 | 北京海泰方圆科技股份有限公司 | Authorization management method and device |
-
2021
- 2021-01-19 CN CN202110065360.XA patent/CN112383577A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101162991A (en) * | 2006-10-13 | 2008-04-16 | 中兴通讯股份有限公司 | System and method for performing authorization to broadcast service content |
| CN101420696A (en) * | 2008-12-12 | 2009-04-29 | 普天信息技术研究院有限公司 | Method and system for on-line distributing authentication information |
| CN101466079A (en) * | 2009-01-12 | 2009-06-24 | 中兴通讯股份有限公司 | Method, system and WAPI terminal for transmitting e-mail |
| US20200036525A1 (en) * | 2016-08-04 | 2020-01-30 | Aircuve Inc. | Method for determining approval for access to gate through network, and server and computer-readable recording media using the same |
| CN108337540A (en) * | 2017-01-20 | 2018-07-27 | 中兴通讯股份有限公司 | A kind of authorization management method, device and authentication management system |
| CN111194028A (en) * | 2019-11-05 | 2020-05-22 | 储长青 | Safety control method based on vehicle |
| CN111611552A (en) * | 2020-05-21 | 2020-09-01 | 浩云科技股份有限公司 | License authorization method and device based on combination of software and hardware |
| CN112202772A (en) * | 2020-09-29 | 2021-01-08 | 北京海泰方圆科技股份有限公司 | Authorization management method and device |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113242224A (en) * | 2021-04-30 | 2021-08-10 | 北京市商汤科技开发有限公司 | Authorization method and device, electronic equipment and storage medium |
| CN113242224B (en) * | 2021-04-30 | 2022-08-30 | 北京市商汤科技开发有限公司 | Authorization method and device, electronic equipment and storage medium |
| CN113543123A (en) * | 2021-07-23 | 2021-10-22 | 闻泰通讯股份有限公司 | Method and device for dynamically setting authority of wireless network |
| CN113543123B (en) * | 2021-07-23 | 2024-02-20 | 闻泰通讯股份有限公司 | Method and device for dynamically setting authority of wireless network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109067801B (en) | Identity authentication method, identity authentication device and computer readable medium | |
| CN108684041B (en) | System and method for login authentication | |
| US11258792B2 (en) | Method, device, system for authenticating an accessing terminal by server, server and computer readable storage medium | |
| CN111181928B (en) | Vehicle diagnosis method, server, and computer-readable storage medium | |
| TWI497336B (en) | Data security devices and computer program | |
| TWI454111B (en) | Techniques for ensuring authentication and integrity of communications | |
| CN106571951B (en) | Audit log obtaining method, system and device | |
| CN108809953B (en) | Anonymous identity authentication method and device based on block chain | |
| CN110519309B (en) | Data transmission method, device, terminal, server and storage medium | |
| US9940446B2 (en) | Anti-piracy protection for software | |
| CN109257328B (en) | Safe interaction method and device for field operation and maintenance data | |
| CN105447715A (en) | Method and apparatus for anti-theft electronic coupon sweeping by cooperating with third party | |
| CN104636680A (en) | Verification of authenticity of a maintenance means and provision and obtainment of a license key for use therein | |
| CN112887340B (en) | Password resetting method and device, service management terminal and storage medium | |
| CN106778084A (en) | Software activation method and device and software activation system | |
| CN112383577A (en) | Authorization method, device, system, equipment and storage medium | |
| CN109451504B (en) | Internet of things module authentication method and system | |
| CN112380501B (en) | Equipment operation method, device, equipment and storage medium | |
| CN110445774B (en) | Security protection method, device and equipment for IoT (Internet of things) equipment | |
| CN104883260B (en) | Certificate information processing and verification method, processing terminal and authentication server | |
| CN103281188A (en) | Method and system for backing up private key in electronic signature token | |
| CN111740938B (en) | Information processing method and device, client and server | |
| CN111669649A (en) | Tamper-proof method and system for on-site image data | |
| CN112910883B (en) | Data transmission method and device and electronic equipment | |
| JP2008004065A (en) | Semiconductor device, electronic equipment, equipment authentication program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210219 |