CN112818333A - Switching login authentication and communication method and system for intelligent password key - Google Patents

Switching login authentication and communication method and system for intelligent password key Download PDF

Info

Publication number
CN112818333A
CN112818333A CN202110131746.6A CN202110131746A CN112818333A CN 112818333 A CN112818333 A CN 112818333A CN 202110131746 A CN202110131746 A CN 202110131746A CN 112818333 A CN112818333 A CN 112818333A
Authority
CN
China
Prior art keywords
key
certificate
container
user role
management file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110131746.6A
Other languages
Chinese (zh)
Other versions
CN112818333B (en
Inventor
段丽娜
周吉祥
吴永飞
祁君君
陈磊
彭金辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Xinda Jiean Information Technology Co Ltd
Original Assignee
Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Xinda Jiean Information Technology Co Ltd filed Critical Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority to CN202110131746.6A priority Critical patent/CN112818333B/en
Publication of CN112818333A publication Critical patent/CN112818333A/en
Application granted granted Critical
Publication of CN112818333B publication Critical patent/CN112818333B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a switching login authentication and communication method and a system of an intelligent password key, the method comprises the steps of establishing corresponding certificate containers according to different security applications and different user role information, and then creates the certificate container management file according to the binding relationship among different certificate containers, security applications and user roles, traverses the corresponding handle information in the certificate container management file during login, and positioning to the corresponding certificate container according to the corresponding handle information, reading the digital certificate in the corresponding certificate container, the user role using the security application is authenticated, when the login is switched, the corresponding handle information is traversed in the certificate container management file again, and positioning the corresponding certificate container according to the corresponding handle information, reading the digital certificate in the corresponding certificate container, and performing re-authentication on the user role using the corresponding security application. The invention achieves the purposes of switching login authentication and communication by multiple applications and multiple roles through one intelligent password key.

Description

Switching login authentication and communication method and system for intelligent password key
Technical Field
The invention relates to the technical field of intelligent password keys, in particular to a method and a system for switching login authentication and communication of an intelligent password key.
Background
For a management system which needs to log in by taking a digital certificate as an identity certificate and encrypt and communicate by key information, a user usually inserts an intelligent password key carrying the digital certificate and a key during login and communication, for a management system with a plurality of applications and a plurality of user roles, one digital certificate only has login authority setting of one user role, key information is different according to the level of the user role and the difference of security applications, the roles of the users are generally divided into managers, users, developers and the like, the applications can also be multifunctional according to requirements, such as mobile office, secure mail, etc., however, when business operations are performed in an application scenario requiring frequent switching of applications and user roles, the plurality of intelligent password keys are required to be frequently plugged and unplugged, so that the hardware password keys are easily damaged, and the complexity of login and communication is increased.
Therefore, how to design a multifunctional switching login authentication and communication method for an intelligent password key is a problem which needs to be solved urgently at present, switching login and communication of applications and user roles can be realized through the intelligent password key, and the number of plugging and unplugging operations of the intelligent password key is reduced.
Disclosure of Invention
The invention provides a switching login authentication and communication method and system of an intelligent password key, aiming at solving the problem that a plurality of intelligent password keys are inconvenient to use in an application scene requiring frequent switching of applications and user roles.
The first aspect of the present invention provides a switching login authentication method for an intelligent password key, where the switching login authentication method includes:
step 1 certificate container creation phase: in the intelligent password key, a corresponding certificate container is created according to different safety applications and different user role information, the certificate container carries application and user role identifiers, and digital certificates related to the application and the user roles are stored in the certificate container;
step 2 certificate container management file creation phase: in the intelligent password key, a certificate container management file is created according to the binding relationship among different certificate containers, security applications and user roles, and handle information of the different certificate containers is set in the certificate container management file;
step 3, login authentication stage: selecting a security application and a user role from the intelligent password key to perform system login;
traversing corresponding handle information in the certificate container management file, and positioning to a corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and authenticating the user role using the security application;
step 4, switching login stages: traversing corresponding handle information in the certificate container management file again, and positioning to a corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and performing re-authentication on the user role using the corresponding security application;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
Further, the login authentication phase in step 3 further includes:
and inputting PIN codes related to the security application and the user role and fingerprint information for authentication.
Further, the certificate container management file creating phase of step 2 further comprises an updating phase:
and according to the increase or decrease of different certificate containers carrying application and user role identifiers, the certificate container management file updates the binding relationship, and adds or deletes corresponding handle information.
The second aspect of the present invention provides a communication switching method for a smart key, where the communication switching method includes:
step 1 key container creation phase: in the intelligent cipher key, a corresponding cipher key container is established according to different safety applications and different user role information, the cipher key container carries application and user role identifiers, and cipher key information related to the application and the user role is stored in the cipher key container;
step 2, key container management file creation phase: in the intelligent cipher key, creating a key container management file according to the binding relationship among different key containers, security applications and user roles, wherein handle information of the different key containers is set in the key container management file;
step 3, a safety communication stage: selecting a security application and a user role in the intelligent password key to carry out system login, and carrying out security communication after login authentication;
traversing corresponding handle information in the key container management file, and positioning to a corresponding key container according to the corresponding handle information;
reading corresponding key information in the key container, communicating the security application used by the user role, and performing security processing on communication data;
step 4, switching communication stages: traversing corresponding handle information in the key container management file again in a login state, and positioning to a corresponding key container according to the corresponding handle information;
reading the corresponding key information in the key container, performing communication again on the security application used by the user role, and performing security processing on communication data;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
Further, the key container management file creating phase of step 2 further includes an updating phase:
and according to the increase or decrease of different key containers carrying application and user role identifiers, the key container management file updates the binding relationship and adds or deletes corresponding handle information.
A third aspect of the present invention provides a system for switching login authentication of a smart key, including: the system comprises a certificate container creating unit, a certificate container management file creating unit, a login authentication unit and a switching login unit;
the certificate container creating unit is used for creating a corresponding certificate container in the intelligent password key according to different safety applications and different user role information, wherein the certificate container carries application and user role identifiers, and digital certificates related to the application and the user roles are stored in the certificate container;
the certificate container management file creating unit is used for creating a certificate container management file according to the binding relationship among different certificate containers, security applications and user roles in the intelligent password key, wherein handle information of the different certificate containers is set in the certificate container management file;
the login authentication unit is used for selecting one security application and user role from the intelligent password key to carry out system login;
traversing corresponding handle information in the certificate container management file, and positioning to a corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and authenticating the user role using the security application;
the switching login unit is used for traversing corresponding handle information in the certificate container management file again and positioning the corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and performing re-authentication on the user role using the corresponding security application;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
Further, the switching login authentication system further comprises a PIN code input unit and a fingerprint input unit;
the PIN code input unit is used for inputting PIN codes related to security applications and user roles for authentication;
and the fingerprint input unit is used for inputting fingerprint information related to the security application and the user role for re-authentication after PIN code authentication is carried out.
Further, the switching login authentication system further comprises an updating unit;
the updating unit is used for increasing or decreasing according to different certificate containers carrying application and user role identifiers, the certificate container management file updates the binding relationship, and corresponding handle information is increased or deleted.
A fourth aspect of the present invention provides a switching communication system of an intelligent cryptographic key, including: the handover communication system includes: a key container creating unit, a key container management file creating unit, a secure communication unit, and a switching communication unit;
the key container creating unit is used for creating a corresponding key container in the intelligent cipher key according to different safety applications and different user role information, the key container carries application and user role identifiers, and key information related to the application and the user role is stored in the key container;
the key container management file creating unit is used for creating a key container management file according to the binding relationship among different key containers, security applications and user roles in the intelligent password key, wherein handle information of the different key containers is set in the key container management file;
the safety communication unit is used for selecting one safety application and user role in the intelligent password key to carry out system login and carrying out safety communication after login authentication;
traversing corresponding handle information in the key container management file, and positioning to a corresponding key container according to the corresponding handle information;
reading corresponding key information in the key container, communicating the security application used by the user role, and performing security processing on communication data;
the switching communication unit is used for exiting the current communication, selecting switching communication, traversing corresponding handle information in the key container management file again in a login state, and positioning to a corresponding key container according to the corresponding handle information;
reading the corresponding key information in the key container, performing communication again on the security application used by the user role, and performing security processing on communication data;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
Further, the handover communication system further includes an updating unit;
the updating unit is used for increasing or decreasing according to different key containers carrying application and user role identifiers, the key containers manage files to update binding relations, and corresponding handle information is increased or deleted.
Through the technical scheme, the invention has the beneficial effects that:
1. when switching login authentication is carried out, firstly, a corresponding certificate container is created in an intelligent password key based on different security applications and different user role information, digital certificates related to the applications and the user roles are stored in the certificate container, a certificate container management file is created by utilizing the binding relationship among the different certificate containers, the security applications and the user roles, and handle information of the different certificate containers is set in the certificate container management file;
when logging in, according to the requirements of using application and user role, finding out the corresponding handle information in the certificate container management file, thereby finding out the corresponding digital certificate in the certificate container to complete authentication, and logging in;
when the login is switched, according to the switching of any one of the application and the user role, traversing and inquiring the handle information and the corresponding digital certificate again, and finishing the authentication;
therefore, the login authentication when the security application or the user role is switched is completed by adopting one intelligent password key.
2. When switching communication, firstly, in an intelligent password key, a corresponding key container is created according to different security applications and different user role information, the key container stores key information, a key container management file is created through the binding relation between the different security applications, the different user role information and the key container, after login is completed, corresponding handle information is traversed in the key container management file, the key container is positioned to the corresponding key container according to the corresponding handle information, the security communication is performed according to the key information in the key container, and when the communication is switched, the new security communication is established again according to the switching of any one of the applications or the user roles;
therefore, the safe communication when the safe application or the user role is switched is completed by adopting one intelligent password key.
The invention achieves the purposes of switching login authentication and communication by multiple applications and multiple roles through one intelligent password key; additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
FIG. 1 is a flow chart of a method for switching login authentication of a smart key according to the present invention;
FIG. 2 is a schematic diagram illustrating a switching login authentication principle of a smart key according to the present invention;
FIG. 3 is a flow chart of a method for switching communication of a smart key according to the present invention;
FIG. 4 is a schematic diagram illustrating a switching communication principle of the smart key of the present invention;
FIG. 5 is a diagram of a switched login authentication system according to the present invention;
fig. 6 is a block diagram of a switching communication system of the smart key of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
As shown in fig. 1 and fig. 2, a first aspect of the present invention provides a switching login authentication method for a smart key, where the switching login authentication method includes:
step 1 certificate container creation phase: in the intelligent password key, a corresponding certificate container is created according to different safety applications and different user role information, the certificate container carries application and user role identifiers, and digital certificates related to the application and the user roles are stored in the certificate container;
step 2 certificate container management file creation phase: in the intelligent password key, a certificate container management file is created according to the binding relationship among different certificate containers, security applications and user roles, and handle information of the different certificate containers is set in the certificate container management file;
step 3, login authentication stage: selecting a security application and a user role from the intelligent password key to perform system login;
traversing corresponding handle information in the certificate container management file, and positioning to a corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and authenticating the user role using the security application;
step 4, switching login stages: traversing corresponding handle information in the certificate container management file again, and positioning to a corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and performing re-authentication on the user role using the corresponding security application;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
In order to improve the security of login authentication, in this embodiment, before traversing the handle information of the corresponding certificate container, the login authentication phase further includes:
and inputting PIN codes related to the security application and the user role and fingerprint information for authentication.
In order to facilitate management of handle information, in this embodiment, the certificate container management file creation phase further includes an update phase:
and according to the increase or decrease of different certificate containers carrying application and user role identifiers, the certificate container management file updates the binding relationship, and adds or deletes corresponding handle information.
In the method, a security application and a user role can be selected for system login through an intelligent password key according to work requirements, in addition, different security applications and combinations among different user role information are managed through creating a certificate container and a certificate container management file, a digital certificate for authentication corresponding to the security application and the user role information is stored in the certificate container, corresponding handle information is set in the certificate container management file, and when login switching operation is carried out, the security application and the user role are switched according to the process of step 4. The switching process is reliable and convenient, and the problem that a plurality of intelligent password keys are inconvenient to use under the application scene of frequently switching applications and user roles is solved through one intelligent password key.
Example 2
The embodiment of the present invention is different from the above-mentioned embodiment in that a second aspect of the present invention provides a communication switching method for a smart key, as shown in fig. 3 and 4, the communication switching method includes:
step 1 key container creation phase: in the intelligent cipher key, a corresponding cipher key container is established according to different safety applications and different user role information, the cipher key container carries application and user role identifiers, and cipher key information related to the application and the user role is stored in the cipher key container;
step 2, key container management file creation phase: in the intelligent cipher key, creating a key container management file according to the binding relationship among different key containers, security applications and user roles, wherein handle information of the different key containers is set in the key container management file;
step 3, a safety communication stage: selecting a security application and a user role in the intelligent password key to carry out system login, and carrying out security communication after login authentication;
traversing corresponding handle information in the key container management file, and positioning to a corresponding key container according to the corresponding handle information;
reading corresponding key information in the key container, communicating the security application used by the user role, and performing security processing on communication data;
step 4, switching communication stages: traversing corresponding handle information in the key container management file again in a login state, and positioning to a corresponding key container according to the corresponding handle information;
reading the corresponding key information in the key container, performing communication again on the security application used by the user role, and performing security processing on communication data;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
In order to facilitate management of handle information, in this embodiment, the key container management file creation phase further includes an update phase:
and according to the increase or decrease of different key containers carrying application and user role identifiers, the key container management file updates the binding relationship and adds or deletes corresponding handle information.
In the method, after login authentication is completed, user roles communicate by using corresponding security applications and communication data is safely processed, a key container and a key container management file are created in an intelligent password key corresponding to different user roles and different security applications, communication combinations among different security applications and different user role information are managed, key information corresponding to the key container and used for establishing communication is stored in the key container, corresponding handle information is set in the key container management file, and when login switching operation is performed, communication switching is performed according to the process in the step 4.
Therefore, the communication switching between different security applications and different user role information is completed by adopting one intelligent password key.
Example 3
In view of the foregoing, a third aspect of the present invention provides a system for switching login authentication of a smart key, as shown in fig. 5, the system comprising: the system comprises a certificate container creating unit, a certificate container management file creating unit, a login authentication unit and a switching login unit;
the certificate container creating unit is used for creating a corresponding certificate container in the intelligent password key according to different safety applications and different user role information, wherein the certificate container carries application and user role identifiers, and digital certificates related to the application and the user roles are stored in the certificate container;
the certificate container management file creating unit is used for creating a certificate container management file according to the binding relationship among different certificate containers, security applications and user roles in the intelligent password key, wherein handle information of the different certificate containers is set in the certificate container management file;
the login authentication unit is used for selecting one security application and user role from the intelligent password key to carry out system login;
traversing corresponding handle information in the certificate container management file, and positioning to a corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and authenticating the user role using the security application;
the switching login unit is used for traversing corresponding handle information in the container management file again and positioning the corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and performing re-authentication on the user role using the corresponding security application;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
As an implementation manner, the switching login authentication system further comprises a PIN code input unit and a fingerprint input unit;
the PIN code input unit is used for inputting PIN codes related to security applications and user roles for authentication;
and the fingerprint input unit is used for inputting fingerprint information related to the security application and the user role for re-authentication after PIN code authentication is carried out.
As an implementation manner, the switching login authentication system further includes an updating unit;
the updating unit is used for increasing or decreasing according to different certificate containers carrying application and user role identifiers, the certificate container management file updates the binding relationship, and corresponding handle information is increased or deleted.
Example 4
In a communication switching method for a smart key, as shown in fig. 6, a fourth aspect of the present invention provides a communication switching system for a smart key, where the communication switching system includes: a key container creating unit, a key container management file creating unit, a secure communication unit, and a switching communication unit;
the key container creating unit is used for creating a corresponding key container in the intelligent cipher key according to different safety applications and different user role information, the key container carries application and user role identifiers, and key information related to the application and the user role is stored in the key container;
the key container management file creating unit is used for creating a key container management file according to the binding relationship among different key containers, security applications and user roles in the intelligent password key, wherein handle information of the different key containers is set in the key container management file;
the safety communication unit is used for selecting one safety application and user role in the intelligent password key to carry out system login and carrying out safety communication after login authentication;
traversing corresponding handle information in the key container management file, and positioning to a corresponding key container according to the corresponding handle information;
reading corresponding key information in the key container, communicating the security application used by the user role, and performing security processing on communication data;
the switching communication unit is used for exiting the current communication, selecting switching communication, traversing corresponding handle information in the key container management file again in a login state, and positioning to a corresponding key container according to the corresponding handle information;
reading the corresponding key information in the key container, performing communication again on the security application used by the user role, and performing security processing on communication data;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
As an implementable manner, the handover communication system further includes an updating unit;
the updating unit is used for increasing or decreasing according to different key containers carrying application and user role identifiers, the key containers manage files to update binding relations, and corresponding handle information is increased or deleted.
The method and the system for switching login authentication and communication of the intelligent password key provided by the invention have the advantages that the switching login authentication and communication of multiple applications and multiple roles are completed by using one intelligent password key, the requirements of related services under the application scene that the applications and the user roles need to be frequently switched are met, the number of the intelligent password keys used by the user is reduced, and the working efficiency and the use experience of the user are improved.
The above-described embodiments are merely preferred embodiments of the present invention, and not intended to limit the scope of the invention, so that equivalent changes or modifications in the structure, features and principles described in the present invention should be included in the claims of the present invention.

Claims (10)

1. A switching login authentication method of an intelligent password key is characterized by comprising the following steps:
step 1 certificate container creation phase: in the intelligent password key, a corresponding certificate container is created according to different safety applications and different user role information, the certificate container carries application and user role identifiers, and digital certificates related to the application and the user roles are stored in the certificate container;
step 2 certificate container management file creation phase: in the intelligent password key, a certificate container management file is created according to the binding relationship among different certificate containers, security applications and user roles, and handle information of the different certificate containers is set in the certificate container management file;
step 3, login authentication stage: selecting a security application and a user role from the intelligent password key to perform system login;
traversing corresponding handle information in the certificate container management file, and positioning to a corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and authenticating the user role using the security application;
step 4, switching login stages: traversing corresponding handle information in the certificate container management file again, and positioning to a corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and performing re-authentication on the user role using the corresponding security application;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
2. The method for switching login authentication of smart key according to claim 1, wherein the login authentication phase of step 3 further comprises:
and inputting PIN codes related to the security application and the user role and fingerprint information for authentication.
3. The method for switching login authentication of a smart key according to claim 1, wherein the certificate container management file creation phase of step 2 further comprises an update phase of:
and according to the increase or decrease of different certificate containers carrying application and user role identifiers, the certificate container management file updates the binding relationship, and adds or deletes corresponding handle information.
4. A switching communication method of an intelligent cipher key is characterized in that the switching communication method comprises the following steps:
step 1 key container creation phase: in the intelligent cipher key, a corresponding cipher key container is established according to different safety applications and different user role information, the cipher key container carries application and user role identifiers, and cipher key information related to the application and the user role is stored in the cipher key container;
step 2, key container management file creation phase: in the intelligent cipher key, creating a key container management file according to the binding relationship among different key containers, security applications and user roles, wherein handle information of the different key containers is set in the key container management file;
step 3, a safety communication stage: selecting a security application and a user role in the intelligent password key to carry out system login, and carrying out security communication after login authentication;
traversing corresponding handle information in the key container management file, and positioning to a corresponding key container according to the corresponding handle information;
reading corresponding key information in the key container, communicating the security application used by the user role, and performing security processing on communication data;
step 4, switching communication stages: traversing corresponding handle information in the key container management file again in a login state, and positioning to a corresponding key container according to the corresponding handle information;
reading the corresponding key information in the key container, performing communication again on the security application used by the user role, and performing security processing on communication data;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
5. The method of claim 4, wherein the key container management file creation phase of step 2 further comprises an update phase of:
and according to the increase or decrease of different key containers carrying application and user role identifiers, the key container management file updates the binding relationship and adds or deletes corresponding handle information.
6. A switching login authentication system of an intelligent password key, characterized by comprising: the system comprises a certificate container creating unit, a certificate container management file creating unit, a login authentication unit and a switching login unit;
the certificate container creating unit is used for creating a corresponding certificate container in the intelligent password key according to different safety applications and different user role information, wherein the certificate container carries application and user role identifiers, and digital certificates related to the application and the user roles are stored in the certificate container;
the certificate container management file creating unit is used for creating a certificate container management file according to the binding relationship among different certificate containers, security applications and user roles in the intelligent password key, wherein handle information of the different certificate containers is set in the certificate container management file;
the login authentication unit is used for selecting one security application and user role from the intelligent password key to carry out system login;
traversing corresponding handle information in the certificate container management file, and positioning to a corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and authenticating the user role using the security application;
the switching login unit is used for traversing corresponding handle information in the certificate container management file again and positioning the corresponding certificate container according to the corresponding handle information;
reading the corresponding digital certificate in the certificate container, and performing re-authentication on the user role using the corresponding security application;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
7. The system of claim 6, further comprising a PIN code input unit and a fingerprint input unit;
the PIN code input unit is used for inputting PIN codes related to security applications and user roles for authentication;
and the fingerprint input unit is used for inputting fingerprint information related to the security application and the user role for re-authentication after PIN code authentication is carried out.
8. The system of claim 6, further comprising an update unit;
the updating unit is used for increasing or decreasing according to different certificate containers carrying application and user role identifiers, the certificate container management file updates the binding relationship, and corresponding handle information is increased or deleted.
9. A switching communication system of a smart key, the switching communication system comprising: a key container creating unit, a key container management file creating unit, a secure communication unit, and a switching communication unit;
the key container creating unit is used for creating a corresponding key container in the intelligent cipher key according to different safety applications and different user role information, the key container carries application and user role identifiers, and key information related to the application and the user role is stored in the key container;
the key container management file creating unit is used for creating a key container management file according to the binding relationship among different key containers, security applications and user roles in the intelligent password key, wherein handle information of the different key containers is set in the key container management file;
the safety communication unit is used for selecting one safety application and user role in the intelligent password key to carry out system login and carrying out safety communication after login authentication;
traversing corresponding handle information in the key container management file, and positioning to a corresponding key container according to the corresponding handle information;
reading corresponding key information in the key container, communicating the security application used by the user role, and performing security processing on communication data;
the switching communication unit is used for exiting the current communication, selecting switching communication, traversing corresponding handle information in the key container management file again in a login state, and positioning to a corresponding key container according to the corresponding handle information;
reading the corresponding key information in the key container, performing communication again on the security application used by the user role, and performing security processing on communication data;
the handover login comprises:
the used safety application is not switched, and the role of the user is switched;
the used safety application is switched, and the user role is not switched;
the security application and the user role used are switched.
10. The system of claim 9, further comprising an update unit;
the updating unit is used for increasing or decreasing according to different key containers carrying application and user role identifiers, the key containers manage files to update binding relations, and corresponding handle information is increased or deleted.
CN202110131746.6A 2021-01-30 2021-01-30 Switching login authentication and communication method and system for intelligent password key Active CN112818333B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110131746.6A CN112818333B (en) 2021-01-30 2021-01-30 Switching login authentication and communication method and system for intelligent password key

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110131746.6A CN112818333B (en) 2021-01-30 2021-01-30 Switching login authentication and communication method and system for intelligent password key

Publications (2)

Publication Number Publication Date
CN112818333A true CN112818333A (en) 2021-05-18
CN112818333B CN112818333B (en) 2022-04-05

Family

ID=75860527

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110131746.6A Active CN112818333B (en) 2021-01-30 2021-01-30 Switching login authentication and communication method and system for intelligent password key

Country Status (1)

Country Link
CN (1) CN112818333B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116599682A (en) * 2023-07-13 2023-08-15 中电信量子科技有限公司 User information creation and verification method and system based on SKF interface

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107508837A (en) * 2017-09-28 2017-12-22 山东浪潮通软信息科技有限公司 A kind of cross-platform heterogeneous system login method based on intelligent code key certification
CN108880792A (en) * 2018-05-31 2018-11-23 北京智芯微电子科技有限公司 The close intelligent code key application interface implementation method of state and device
US20190028269A1 (en) * 2016-05-27 2019-01-24 Feitian Technologies Co., Ltd. Smart key device and working method thereof
CN111428213A (en) * 2020-03-27 2020-07-17 深圳融安网络科技有限公司 Two-factor authentication apparatus, method thereof, and computer-readable storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190028269A1 (en) * 2016-05-27 2019-01-24 Feitian Technologies Co., Ltd. Smart key device and working method thereof
CN107508837A (en) * 2017-09-28 2017-12-22 山东浪潮通软信息科技有限公司 A kind of cross-platform heterogeneous system login method based on intelligent code key certification
CN108880792A (en) * 2018-05-31 2018-11-23 北京智芯微电子科技有限公司 The close intelligent code key application interface implementation method of state and device
CN111428213A (en) * 2020-03-27 2020-07-17 深圳融安网络科技有限公司 Two-factor authentication apparatus, method thereof, and computer-readable storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
赵洪等: "基于USB接口的智能密码钥匙的研究", 《遥测遥控》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116599682A (en) * 2023-07-13 2023-08-15 中电信量子科技有限公司 User information creation and verification method and system based on SKF interface
CN116599682B (en) * 2023-07-13 2023-09-19 中电信量子科技有限公司 User information creation and verification method and system based on SKF interface

Also Published As

Publication number Publication date
CN112818333B (en) 2022-04-05

Similar Documents

Publication Publication Date Title
CN104618116B (en) A kind of cooperative digital signature system and its method
US8364952B2 (en) Methods and system for a key recovery plan
US10038998B2 (en) Profile deletion codes in subscription management systems
CN108900309B (en) Authentication method and authentication system
CN105608577A (en) Method for performing non-repudiation, and payment managing server and user device therefor
CN101815291A (en) Method and system for logging on client automatically
EP3684005A1 (en) Method and system for recovering cryptographic keys of a blockchain network
US20200117778A1 (en) Authentication System
US20080181401A1 (en) Method of Establishing a Secure Communication Link
CN104767617A (en) Message processing method, system and related device
CN105915338A (en) Key generation method and key generation system
US20200074062A1 (en) Method for managing fingerprint and system thereof
CN113591057B (en) Biological characteristic off-line identity recognition method and system
CN112818333B (en) Switching login authentication and communication method and system for intelligent password key
CN108768941B (en) Method and device for remotely unlocking safety equipment
CN104469736A (en) Data processing method, server and terminal
CN1786864A (en) Method for safety identification of computer
CN104270754B (en) A kind of Subscriber Identity Module method for authenticating and device
CN113779534A (en) Personal information providing method and service platform based on digital identity
CN110807854B (en) Unlocking strategy configuration method and equipment
CN105072136B (en) A kind of equipment room safety certifying method and system based on virtual drive
CN107947934B (en) Fingerprint identification and authentication system and method of mobile terminal based on bank system
CN112751803A (en) Method, apparatus, and computer-readable storage medium for managing objects
US20240054199A1 (en) Verification Method and Verification System Based on Biometric Feature ID Chain, and User Terminal
CN105101178A (en) Business process method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant