CN113055382B - Zero-trust-based host password control method - Google Patents
Zero-trust-based host password control method Download PDFInfo
- Publication number
- CN113055382B CN113055382B CN202110269405.5A CN202110269405A CN113055382B CN 113055382 B CN113055382 B CN 113055382B CN 202110269405 A CN202110269405 A CN 202110269405A CN 113055382 B CN113055382 B CN 113055382B
- Authority
- CN
- China
- Prior art keywords
- password
- host
- card
- management
- client program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000012545 processing Methods 0.000 claims abstract description 12
- 230000002159 abnormal effect Effects 0.000 claims abstract description 8
- 238000010276 construction Methods 0.000 claims abstract description 5
- 238000012795 verification Methods 0.000 claims description 13
- 238000013475 authorization Methods 0.000 claims description 7
- 230000005856 abnormality Effects 0.000 claims description 4
- 238000005422 blasting Methods 0.000 claims description 3
- 238000009434 installation Methods 0.000 claims description 3
- 238000012986 modification Methods 0.000 claims description 3
- 230000004048 modification Effects 0.000 claims description 3
- 150000003839 salts Chemical class 0.000 claims description 3
- 238000003860 storage Methods 0.000 claims description 3
- 238000010348 incorporation Methods 0.000 claims 1
- 238000007726 management method Methods 0.000 abstract description 34
- 238000012550 audit Methods 0.000 abstract description 4
- 238000005336 cracking Methods 0.000 abstract description 2
- 238000011156 evaluation Methods 0.000 description 2
- 238000011217 control strategy Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a zero trust-based host password control method, which comprises a method for controlling a host, a method for forcibly resetting the host password after the host password exceeds the valid period, and a method for processing the abnormal login password; the password generated by the password construction strategy can meet the requirement of the host password strength, the weak password risk of the host is obviously reduced, the management and the audit of the host password are realized through unified management and control, the execution of the regular forced replacement strategy of the host password is ensured, the host password is stored on the entity identity identification card, the difficulty of password cracking and identity counterfeiting is obviously improved, meanwhile, a user does not need to record a complex host password, the password-free login can be completed by using the identity identification card, and the full life cycle management of the host password is realized.
Description
Technical Field
The application relates to network security host security management, in particular to a zero trust-based host password control method.
Background
Weak passwords are a typical network and information security problem and are widely present in a variety of situations. Once the password of the host computer involved in the network is cracked by a network attacker, identity authentication, illegal access, permission stealing and the like can occur, so that important data is leaked or lost. Even if an attacker only acquires the password of the non-core system host, the attacker also has the conditions of performing transverse jump and further performing privilege escalation in the network, and then threats the security of the core system. According to the barrel principle of network security protection, the overall security level of the system depends on the short plate of the system security protection, and the host password security cannot be ignored.
In actual operation and maintenance management, the following problems generally exist in the host password:
1. network security related regulations require that the user must set a sufficiently strong password: the minimum digit number of the password is specified, such as 8 digits or more than 8 digits is required; the password at least needs to contain more than 3 characters, such as: upper and lower case letters, numbers, special characters, etc. In order to facilitate use and memorize, users often set passwords with low or insufficient strength.
2. Network security-related regulations require that a user must regularly change passwords, but users often turn off the forced replacement policy of host passwords for convenience of use.
3. The password of the host computer is usually set by a machine user, the workload of host computer security check and audit is large when the network security is reinforced, and automatic audit and unified management are difficult to realize.
The zero trust inherits the safety principle of 'never trusting and always verifying' and processes the data access and authentication verification between the access subject and the access object. And the trust evaluation engine continuously performs trust evaluation, judges whether the access control strategy needs to be changed or not, and if so, informs an access agent in time to quickly implement protection on the data resources. Compared with a boundary-based security model, the zero-trust network can better adapt to the requirement of future network security protection and protect important data.
Aiming at the outstanding problems of the host password, a new technical means is needed to standardize the management and control mode of the host password, and the security of the host password is enhanced.
Disclosure of Invention
Aiming at the problems existing in the use of the current host password, the invention designs a zero-trust-based host password control method, the host password generated by the system can meet the strength requirement of the network security relevant specification on the password, uniform and regular replacement can be realized, and password auditing and centralized management based on zero trust can be synchronously completed in the password distribution and verification process. By storing the host password on the identity card matched with the host, the user does not need to memorize the complex host password and only needs to read the identity card through the card reader to complete the password-free login. The password is stored on a physical medium of the identity identification card, so that the difficulty of copying and forging through network access is increased, the usability is ensured, and the security of the host password is effectively improved.
Meanwhile, the system has simple structure, and is easy to integrate with the existing Authentication systems of 4A (Authentication, Authorization, Account number, Audit, IAM (identity and Access management), LDAP (lightweight Directory Access protocol) and the like of enterprises.
In order to achieve the purpose, the invention adopts the following technical scheme:
a zero trust based host password control method, a host password control system for realizing the method comprises a password management server SpAnd a managed host MiI from 1 to N, password management server SpDeploying password server side SSmA card reading device is equipped; host MiDeploying password setting client program SCiIs matched with a hostIdentity card of cover CiAnd a card reading device.
Wherein, the password management server SpThe system is responsible for realizing password generation, password verification and password auditing and is a main body for executing the zero-trust management and control of the host password; host password PiIs saved to an identification card CmUpper, main machine MiOn the password setting client program SCiTaking over the host login authentication function, password setting client program SCiIdentification of the card C from the identity by means of a card readeriRead the host password PiAutomatically log in after verification, and an identification card C is used for a useriCompletes the host MiAnd (4) secret login is avoided.
The management and control method of the zero-trust-based host password management and control system comprises the following steps:
step one, a host M is connectediThe method comprises the following specific processing steps:
step 1, the host M brought into management and controliInstallation password setting client program SCiPassword setting client program SCiTo password server side SSmSending host identity Uid;
Step 2, password management server SpPassword server side SSmComplete host MiAfter the identity of (2) is confirmed, a host password P is generatediAnd writing into an identification card Ci(ii) a The process is not transmitted over a network;
to ensure the strength of generating the host password, the password server side SSmRandom two-password construction strategy for generating host password Pi;
1) Host password PiConstructing a strategy 1: the total length of the host password is 16 bits, and the host password comprises three of capital letters, lowercase letters, numbers and special characters;
2) host password PiAnd constructing a strategy 2: the total length of the host password is 16 bits, the host password at least comprises two Chinese phonetics, and alphabetic characters are separated by non-alphabetic characters; most of basic dictionary libraries of the conventional password blasting tool are based on English wordsAnd constructing, and replacing English words with Chinese pinyin in order to improve the strength of the constructed password.
Step 3, host MiOn the password setting client program SCiReading identification card CiAfter the carried password information, modifying the password of the host computer; after the modification is successful, the host M is connectediAnd (3) related information: host computer identification UidNetwork card MAC, IP address and the like to password management server Sp;
Step 4, password management server SpPassword server side SSmReceiving host MiAfter setting the password of (2), setting the host password PiCarrying out encryption storage;
the encryption process is as follows: generation of salt P using cryptographically secure random numberssaltPassword P of host computer by using SHA512 encryption algorithmiSalt number P ofsaltEncrypting to generate an encrypted password Phash;
Namely: phash=SHA512(SHA512(Pi)+Psalt)
Password server side SSmHost MiFingerprint information of { UidMAC, IP, password encryption information Phash、PsaltAnd password authorization completion time AtSaving the password in a password database;
step 5, the user needs to log in the host MiAt the same time, the identification card C is read by a card readeriPassword setting client program SCiFrom the identity card CiAnd obtaining the host password, and automatically completing login after verification.
Step two, the host password PiExceeding the validity period T of the passwordmaxAnd then, the host password needs to be updated, and the specific processing steps are as follows:
step 1, password setting client program SCiAutomatic judgment of host password P according to current password authorization timeiWhether it is due; if it is expired, the SS sends the password server endmSending an update password application and locking the host Mi;
Step 2, passwordServer side SSmAfter receiving the password resetting application of the password setting client program SCi, if the identity verification is passed, the host M is modifiediThe state of (1);
step 3, password server side SSmGenerating a new host password Pi' and write in identification card CiPerforming the following steps;
step 4, host MiCard reader reading identification card CiPassword setting client program SCiFrom the identity card CiReading a new host password to complete host password updating;
step three, the host MiThe method comprises the following specific processing steps of:
step 1, if login failure occurs, the host computer MiPassword setting client program SCiLogging in related information: host computer identification UidAnd a login time LtTo the password server side SSmRecording;
step 2, password server side SSmRecording abnormal information, sending abnormal login prompt information to a system administrator, and processing the abnormality by the system administrator;
step 3, if the continuous login fails, accumulating the times EiOver EmaxAnd then locking the host Mi.
Generally, compared with the existing host password management method, the method provided by the invention has the following advantages:
1) the password construction strategy employed ensures that the generated password P isiThe strength requirement of the relevant password can be met, and the risk of the weak password of the host computer is obviously reduced.
2) The unified management and audit of the host password are realized, and the implementation of the regular forced replacement strategy of the host password is ensured.
3) The host password is stored on the identity identification card of the entity, so that the difficulty of password cracking and identity counterfeiting is obviously improved, and meanwhile, the user can complete password-free login by using the identity identification card without recording a complex host password. .
4) The full life cycle of the host password is managed.
Drawings
Fig. 1 is a block diagram of a host password administration system according to the present invention.
Fig. 2 is a host inclusion control flow of the host password control system according to the present invention.
Fig. 3 is a flow of periodically updating the host password of the host password administration system according to the present invention.
Fig. 4 is an abnormal login processing flow of the host password management and control system provided by the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. The invention relates to a zero trust-based host password control method.A host password control system for realizing the method comprises a password management server SpAnd a managed host MiI from 1 to N, password management server SpDeploying password server side SSmA card reading device is equipped; host MiDeploying password setting client program SCiAnd identity identification card C matched with hostiAnd a card reading device.
Wherein, the password management server SpThe system is responsible for realizing password generation, password verification and password auditing and is a main body for executing the zero-trust management and control of the host password; host password PiIs saved to an identification card CmUpper, main machine MiOn the password setting client program SCiTaking over the host login authentication function, password setting client program SCiIdentification of the card C from the identity by means of a card readeriRead the host password PiAutomatically log in after verification, and an identification card C is used for a useriCompletes the host MiAnd (4) secret login is avoided.
As shown in FIG. 1, the host management and control system adopts a C/S structure. Password management server SpOn-deployment server-side software SSmAnd a card reader is attached. Managed host MiOn-install client software SCiCard reader and identification card CiWherein i ranges from 1 to N.
The invention discloses a management and control method of a zero-trust-based host password management and control system, which comprises the following steps:
step one, a host M is connectediInclusion control, as shown in fig. 2, the specific processing steps are as follows:
s21, host M incorporated in management and controliInstallation password setting client program SCiPassword setting client program SCiTo password server side SSmSending host identity Uid;
S22 password management server SpPassword server side SSmComplete host MiAfter the identity of (2) is confirmed, a host password P is generatediAnd writing into an identification card Ci(ii) a The process is not transmitted over a network;
to ensure the strength of generating the host password, the password server side SSmRandom two-password construction strategy for generating host password Pi;
1) Host password PiConstructing a strategy 1: the total length of the host password is 16 bits, and the host password comprises three of capital letters, lowercase letters, numbers and special characters;
2) host password PiAnd constructing a strategy 2: the total length of the host password is 16 bits, the host password at least comprises two Chinese phonetics, and alphabetic characters are separated by non-alphabetic characters; because the basic dictionary library of the conventional password blasting tool is mostly constructed based on English words, in order to improve the strength of the constructed password, Chinese pinyin is used to replace the English words.
S23, host MiOn the password setting client program SCiReading identification card CiAfter the carried password information, the password of the host computer is modifiedi(ii) a After the modification is successful, the host M is connectediAnd (3) related information: host computer identification UidNetwork card MAC, IP address and the like to password management server Sp;
S24 password management server SpPassword server side SSmReceiving host MiAfter setting the password of (2), setting the host password PiCarrying out encryption storage;
the encryption process is as follows: generation of salt P using cryptographically secure random numberssaltPassword P of host computer by using SHA512 encryption algorithmiSalt number P ofsaltEncrypting to generate an encrypted password Phash;
Namely: phash=SHA512(SHA512(Pi)+Psalt)
Password server side SSmHost MiFingerprint information of { UidMAC, IP, password encryption information Phash、PsaltAnd password authorization completion time AtSaving the password in a password database;
s25, the user needs to log in the host MiAt the same time, the identification card C is read by a card readeriPassword setting client program SCiFrom the identity card CiAnd obtaining the host password, and automatically completing login after verification.
Step two, the host password PiExceeding the validity period T of the passwordmaxThen, the host password needs to be updated, as shown in fig. 3, the flow is as follows:
s31 password setting client program SCiAutomatically judging whether the password Pi is expired or not according to the time of current password authorization; if it is expired, the SS sends the password server endmAnd sending an update password application and locking the host Mi.
S32 password server SSmAfter receiving the application for resetting the SCi password, if the authentication passes, modifying the state of the host Mi;
s33 password server SSmGenerating a new host password Pi' and write in identification card CiPerforming the following steps;
s34, host MiCard reader reading identification card CiPassword setting client program SCiFrom the identity card CiReading new host password to complete host passwordAnd (6) updating.
Step three, processing when the host computer Mi login system has password abnormality, as shown in FIG. 4, the flow is as follows:
s41, if the login fails, the host MiPassword setting client program SCiLogging in related information: host computer identification UidSending the login time Lt to the password server side SSmRecording;
s42 password server SSmRecording abnormal information, sending abnormal login prompt information to a system administrator, and processing the abnormality by the system administrator;
s43, if the continuous logging fails, accumulating times EiOver EmaxAnd then locking the host Mi.
Claims (1)
1. A host password control method based on zero trust is characterized in that: the host password management and control system for realizing the method comprises a password management server SpAnd a managed host MiI from 1 to N, password management server SpDeploying password server side SSmA card reading device is equipped; host MiDeploying password setting client program SCiAnd identity identification card C matched with hostiAnd a card reader;
wherein, the password management server SpThe system is responsible for realizing password generation, password verification and password auditing and is a main body for executing the zero-trust management and control of the host password; host password PiIs saved to an identification card CiUpper, main machine MiOn the password setting client program SCiTaking over the host login authentication function, password setting client program SCiIdentification of the card C from the identity by means of a card readeriRead the host password PiAutomatically log in after verification, and an identification card C is used for a useriCompletes the host MiSecret login is avoided;
the management and control method of the zero-trust-based host password management and control system comprises the following steps:
step one, a host M is connectediIncorporation into management and control, detailed processingThe method comprises the following steps:
step 1, the host M brought into management and controliInstallation password setting client program SCiPassword setting client program SCiTo password server side SSmSending host identity Uid;
Step 2, password management server SpPassword server side SSmComplete host MiAfter the identity of (2) is confirmed, a host password P is generatediAnd writing into an identification card Ci(ii) a The process is not transmitted over a network;
to ensure the strength of generating the host password, the password server side SSmRandom two-password construction strategy for generating host password Pi;
1) Host password PiConstructing a strategy 1: the total length of the host password is 16 bits, and the host password comprises three of capital letters, lowercase letters, numbers and special characters;
2) host password PiAnd constructing a strategy 2: the total length of the host password is 16 bits, the host password at least comprises two Chinese phonetics, and alphabetic characters are separated by non-alphabetic characters; because a basic dictionary library of a conventional password blasting tool is mostly constructed based on English words, in order to improve the strength of constructed passwords, Chinese pinyin is used to replace the English words;
step 3, host MiOn the password setting client program SCiReading identification card CiAfter the carried password information, modifying the password of the host computer; after the modification is successful, the host M is connectediAnd (3) related information: host computer identification UidNetwork card MAC, IP address to password management server Sp;
Step 4, password management server SpPassword server side SSmReceiving host MiAfter setting the password of (2), setting the host password PiCarrying out encryption storage;
the encryption process is as follows: generation of salt P using cryptographically secure random numberssaltPassword P of host computer by using SHA512 encryption algorithmiSalt number PsaltEncrypting to generate an encrypted password Phash;
Namely: phash=SHA512(SHA512(Pi)+Psalt)
Password server side SSmHost MiFingerprint information of { UidMAC, IP, password encryption information Phash、PsaltAnd password authorization completion time AtSaving the password in a password database;
step 5, the user needs to log in the host MiAt the same time, the identification card C is read by a card readeriPassword setting client program SCiFrom the identity card CiThe host password is obtained, and the login is automatically completed after the verification is passed;
step two, the host password PiExceeding the validity period T of the passwordmaxAnd then, the host password needs to be updated, and the specific processing steps are as follows:
step 1, password setting client program SCiAutomatic judgment of host password P according to current password authorization timeiWhether it is due; if it is expired, the SS sends the password server endmSending an update password application and locking the host Mi;
Step 2, password server side SSmAfter receiving the password resetting application of the password setting client program SCi, if the identity verification is passed, the host M is modifiediThe state of (1);
step 3, password server side SSmGenerating a new host password Pi' and write in identification card CiPerforming the following steps;
step 4, host MiCard reader reading identification card CiPassword setting client program SCiFrom the identity card CiReading a new host password to complete host password updating;
step three, the host MiThe method comprises the following specific processing steps of:
step 1, if login failure occurs, the host computer MiPassword setting client program SCiLogging in related information: host computer identification UidSending login time Lt to password serviceDevice terminal SSmRecording;
step 2, password server side SSmRecording abnormal information, sending abnormal login prompt information to a system administrator, and processing the abnormality by the system administrator;
step 3, if the continuous login fails, accumulating the times EiOver EmaxThen locking the host Mi。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110269405.5A CN113055382B (en) | 2021-03-12 | 2021-03-12 | Zero-trust-based host password control method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110269405.5A CN113055382B (en) | 2021-03-12 | 2021-03-12 | Zero-trust-based host password control method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113055382A CN113055382A (en) | 2021-06-29 |
CN113055382B true CN113055382B (en) | 2022-04-26 |
Family
ID=76511897
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110269405.5A Active CN113055382B (en) | 2021-03-12 | 2021-03-12 | Zero-trust-based host password control method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113055382B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107370765A (en) * | 2017-09-06 | 2017-11-21 | 郑州云海信息技术有限公司 | A kind of ftp server identity identifying method and system |
WO2020205609A1 (en) * | 2019-03-29 | 2020-10-08 | Idac Holdings, Inc. | Methods and apparatus for secure access control in wireless communications |
CN111917714A (en) * | 2020-06-18 | 2020-11-10 | 云南电网有限责任公司信息中心 | Zero trust architecture system and use method thereof |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11070368B2 (en) * | 2018-09-11 | 2021-07-20 | Dycrav Security Incorporated | System, method, and program for transmitting and receiving any type of secure digital data |
-
2021
- 2021-03-12 CN CN202110269405.5A patent/CN113055382B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107370765A (en) * | 2017-09-06 | 2017-11-21 | 郑州云海信息技术有限公司 | A kind of ftp server identity identifying method and system |
WO2020205609A1 (en) * | 2019-03-29 | 2020-10-08 | Idac Holdings, Inc. | Methods and apparatus for secure access control in wireless communications |
CN111917714A (en) * | 2020-06-18 | 2020-11-10 | 云南电网有限责任公司信息中心 | Zero trust architecture system and use method thereof |
Non-Patent Citations (3)
Title |
---|
Implementing Zero Trust Cloud Networks with Transport Access Control and First Packet Authentication;Casimer DeCusatis等;《2016 IEEE International Conference on Smart Cloud》;20161231;5-10 * |
Network Service Header (NSH) draft-ietf-sfc-nsh-27;P. Quinn等;《IETF 》;20171020;1-35 * |
零信任架构在关键信息基础设施安全保护中的应用研究;左英男;《保密科学技术》;20191120(第11期);35-40 * |
Also Published As
Publication number | Publication date |
---|---|
CN113055382A (en) | 2021-06-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106330850B (en) | Security verification method based on biological characteristics, client and server | |
WO2020182151A1 (en) | Methods for splitting and recovering key, program product, storage medium, and system | |
US20180352003A1 (en) | Network Access Control with Compliance Policy Check | |
US7178025B2 (en) | Access system utilizing multiple factor identification and authentication | |
US20100138347A1 (en) | Account Transaction Management Using Dynamic Account Numbers | |
US20080040613A1 (en) | Apparatus, system, and method for secure password reset | |
US8631486B1 (en) | Adaptive identity classification | |
US20070174906A1 (en) | System and Method for the Secure, Transparent and Continuous Synchronization of Access Credentials in an Arbitrary Third Party System | |
EP1844567A2 (en) | Passcodes | |
WO2003065169A2 (en) | Access system utilizing multiple factor identification and authentication | |
EP3756332B1 (en) | Automated account recovery using trusted devices | |
CN109285256A (en) | Computer room based on block chain authentication enter permission give method | |
CN109190389A (en) | A kind of solid state hard disk data guard method based on USB flash disk authentication | |
JP2010165323A (en) | Biometric authentication method and system | |
CN107864124A (en) | A kind of end message method for security protection, terminal and bluetooth lock | |
EP2192513B1 (en) | Authentication using stored biometric data | |
CN116167089A (en) | High security database | |
CN113055382B (en) | Zero-trust-based host password control method | |
Cavoukian et al. | Keynote paper: Biometric encryption: Technology for strong authentication, security and privacy | |
CN109190364A (en) | A kind of safe U disc for solid state hard disk authentication | |
US11502840B2 (en) | Password management system and method | |
CN113343257A (en) | Computer software protection method | |
CN108985079B (en) | Data verification method and verification system | |
CN101123506B (en) | Sensitive information monitoring and automatic recovery system and method | |
JP5574005B2 (en) | Biometric authentication method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |