CN114268467B - Key updating processing method, device, system, equipment and storage medium - Google Patents
Key updating processing method, device, system, equipment and storage medium Download PDFInfo
- Publication number
- CN114268467B CN114268467B CN202111468358.3A CN202111468358A CN114268467B CN 114268467 B CN114268467 B CN 114268467B CN 202111468358 A CN202111468358 A CN 202111468358A CN 114268467 B CN114268467 B CN 114268467B
- Authority
- CN
- China
- Prior art keywords
- key
- service
- calling end
- updating
- service calling
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Telephonic Communication Services (AREA)
- Stored Programmes (AREA)
Abstract
The application provides a key updating processing method, a device, a system, equipment and a storage medium. The method comprises the following steps: when the target key updating strategy is met, updating the first key stored in the capability open platform to obtain a second key; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service system called by a service calling end, and the first key and the second key are used for authenticating the service calling end; and updating the first key of the service calling end to the second key.
Description
Technical Field
The present application relates to communications technologies, and in particular, to a method, an apparatus, a system, a device, and a storage medium for key update processing.
Background
Currently, a communication carrier opens an application programming interface (Application Programming Interface, API) to a user, so that the user uses a service provided by a third party through a terminal device such as a personal computer or a mobile phone.
When a user needs to use some business services, a business call request initiated by a user terminal is sent to a capability opening platform, the business call request carries a secret key or a token for authentication, the capability opening platform authenticates the business call request according to the secret key or the token, and the business call request is routed to a business end providing the business services after the authentication is successful; after receiving the service request, the service request is processed to obtain a service processing result; sending the service processing result to a capability opening platform; and finally, the capability open platform returns the service request processing result to the user terminal.
However, a fixed key or token is used in the prior art, so that the key or token is easy to leak, and thus the capability calling service of the capability open platform is at risk of illegal use.
Disclosure of Invention
The application provides a key updating processing method, a device, a system, equipment and a storage medium, which are used for solving the problem that in the prior art, a fixed key or token is used, so that the key or token is easy to leak, and the risk of illegal use of a capacity calling service of a capacity open platform is caused.
In a first aspect, the present application provides a key update processing method, where the method is applied to a capability opening platform, and the method includes: when the target key updating strategy is met, updating the first key stored in the capability open platform to obtain a second key; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end; and updating the first key of the service calling end to the second key.
In a second aspect, the present application provides a key update processing method, where the method is applied to a key management center, and the method includes: receiving a key update policy for each service; each service is a service of calling the service system by a service calling terminal; when a key updating strategy corresponding to a target service is met, generating a key updating request aiming at the target service according to the key updating strategy of the target service; the key update request is used for indicating the capability opening platform to update the first key stored in the capability opening platform to obtain a second key, and updating the first key of the service calling terminal into the second key; and sending a key update request for the target service to the capability opening platform.
In a third aspect, the present application provides a key update processing method, where the method is applied to a service calling end, and the method includes: receiving a second key; the second key is obtained by updating the first key stored in the capability open platform when the capability open platform meets the target key updating strategy; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end; and updating the first key of the service calling end to the second key.
In a fourth aspect, the present application provides a key update processing apparatus, applied to a capability opening platform, the apparatus comprising: the updating module is used for updating the first secret key stored in the capability open platform to obtain a second secret key when the target secret key updating strategy is met; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end; the updating module is further configured to update the first key of the service calling end to the second key.
In a fifth aspect, the present application provides a key update processing apparatus, applied to a key management center, the apparatus comprising: the receiving module is used for receiving the key updating strategy of each service; each service is a service of calling the service system by a service calling terminal; the generation module is used for generating a key update request of each service according to the key update strategy of each service; the key update request is used for indicating the capability opening platform to update the first key stored in the capability opening platform to obtain a second key, and updating the first key of the service calling terminal into the second key; and the sending module is used for sending the key update request of each service to the capability opening platform.
In a sixth aspect, the present application provides a key update processing device, applied to a service calling end, where the device includes: the receiving module is used for receiving the second secret key; the second key is obtained by updating the first key stored in the capability open platform when the capability open platform meets the target key updating strategy; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end; and the updating module is used for updating the first key of the service calling end into the second key.
In a seventh aspect, the present application provides a key update processing system, including: a capability open platform for performing the method of the first aspect; at least one service calling end, which is in communication connection with the capability open platform and is used for executing the method according to the second aspect; a key management center communicatively coupled to the capability open platform for performing the method according to the third aspect.
In an eighth aspect, the present application provides an electronic apparatus, comprising: a processor, and a memory communicatively coupled to the processor; the memory stores computer-executable instructions; the processor executes computer-executable instructions stored by the memory to implement the method of the first, second or third aspects.
In a ninth aspect, the present application provides a computer-readable storage medium having stored therein computer-executable instructions for performing the method of the first, second or third aspects when executed by a processor.
According to the key updating processing method, device, system, equipment and storage medium, when the target key updating strategy is met, the first key stored in the capability open platform is updated to obtain the second key; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling capability open platform, and the first key and the second key are used for authenticating the service calling end; and updating the first key of the service calling end to the second key. Since the first key stored in the capability open platform and the service call terminal is updated under the condition that the target key updating policy is satisfied, the key update in the embodiment is dynamic update. In addition, the first secret key in the service calling end is updated through the capability opening platform, so that the first secret key in the service calling end is updated in one direction, namely the service calling end passively receives the second secret key sent by the capability opening platform and updates the first secret key of the service calling end, and the secret key cannot actively initiate a secret key update request to the capability opening platform.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
FIG. 1 is a prior art application scenario diagram;
FIG. 2 is a schematic diagram of a key update processing system according to an embodiment of the present application;
FIG. 3 is a schematic diagram of another key update processing system according to an embodiment of the present application;
FIG. 4 is a flowchart of a key update processing method according to an embodiment of the present application;
FIG. 5 is a schematic diagram illustrating an interaction of a key update processing method according to an embodiment of the present application;
FIG. 6 is a second schematic interaction diagram of a key update processing method according to an embodiment of the present application;
FIG. 7 is a third interaction diagram of a key update processing method according to an embodiment of the present application;
FIG. 8 is a schematic diagram showing a key update processing method according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of a key update processing device according to an embodiment of the present application;
FIG. 10 is a schematic diagram of another key update processing device according to an embodiment of the present application;
FIG. 11 is a schematic diagram illustrating a key update processing apparatus according to another embodiment of the present application;
Fig. 12 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Specific embodiments of the present application have been shown by way of the above drawings and will be described in more detail below. The drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but rather to illustrate the inventive concepts to those skilled in the art by reference to the specific embodiments.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.
Fig. 1 is a prior art application scenario diagram. As shown in fig. 1, the application scenario includes: a capability opening platform 11 and a plurality of service calling terminals 12; each service invocation end 12 is communicatively connected to a capability open platform.
The service invocation end 12 includes a smart phone, a tablet computer, a desktop computer, a notebook computer, and the like.
The service calling end 12 sends a service request to the capability opening platform 11, and the capability opening platform 11 authenticates the service request. In the authentication process, authentication is currently performed based on a key or Token (Token). Specifically, when the service calling end 12 sends a service request to the capability opening platform 11, the service request carries a key or Token, and the capability opening platform also stores a key or Token. When receiving a service request, the capability opening platform matches a key or Token carried in the service request with a key or Token stored in the capability opening platform, and if the matching is successful, a capability calling service is provided for a service calling terminal. Namely: and routing the service request to a service server, acquiring a service request result, and returning to a service calling end.
At present, the key or Token is kept by the service calling end, and the key or Token of each service calling end is fixed, which can lead to that the key is easy to leak, and the key is easy to forge and use the forged key to call the service of the capability open platform, thereby the capability open platform illegally calls the service provided by the outside and causes loss to the capability open platform.
Aiming at the technical problems, the application provides the following technical conception: the secret key or Token of the capability open platform and the service call end is dynamically updated, so that the probability of secret key or counterfeited secret key is reduced, the leakage probability of secret key or Token is reduced, and the safety of the capability open platform on the external service is improved.
The following describes the technical scheme of the present application and how the technical scheme of the present application solves the above technical problems in detail with specific embodiments. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Fig. 2 is a schematic diagram of a key update processing system according to an embodiment of the application. As shown in fig. 2, the application scenario includes: a key management center 21, a capability opening platform 22 and a plurality of service call terminals 23; each service calling terminal 23 is in communication connection with the capability opening platform 22, and the key management center 21 is in communication connection with the capability opening platform 22. The service calling end 23 includes a smart phone, a tablet computer, a desktop computer, a notebook computer, and the like.
The capability opening platform 22 and the plurality of service invoker 23 may set a key update policy for each type of service, and store the key update policy in the key management center. And then, the key management center updates the keys of the capability open platform and the service calling terminal according to the key update strategy.
Fig. 2 shows that a key management center 21 needs to be provided in addition to the capability opening platform 22. This can incur overhead in hardware. In order to reduce the hardware overhead, the capability opening platform 22 may be further modified to enable the capability opening platform 22 to have the function of the key management center 21, which may be described in the following embodiments:
Fig. 3 is a schematic diagram of another key update processing system according to an embodiment of the present application. As shown in fig. 3, the application scenario includes: a capability opening platform 31 and a plurality of service call terminals 32; each service invocation terminal 32 is communicatively connected to the capability opening platform 31. Each service invocation terminal 32 includes a smart phone, a tablet computer, a desktop computer, a notebook computer, or the like.
The capability opening platform 31 and the plurality of service invoker 32 may each set a key update policy for each type of service and store the key update policies in the capability opening platform 31. Then, the capability opening platform 31 updates the keys stored in the capability opening platform 31 and the service calling end 32 according to the key update policy.
Specifically, the capability opening platform 31 may include a key management unit 311 and a key update unit 312. The key management unit 311 has the same function as the key management center 21 in fig. 2, i.e. performs the method steps performed by the key management center 21; the key updating unit 312 performs the same function as the capability opening platform 22 in fig. 2, i.e. performs the method steps of the capability opening platform 22.
Based on the application scenarios shown in fig. 2 and fig. 3, the embodiment of the application further provides a key updating processing method. The key update processing method provided by the embodiment of the application will be described in detail with reference to the accompanying drawings:
Fig. 4 is a flowchart of a key update processing method according to an embodiment of the present application, as shown in fig. 4, including the following steps:
s401, when a target key updating strategy is met, updating a first key stored in a capability open platform to obtain a second key; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service system called by a service calling end, and the first key and the second key are used for authenticating the service calling end.
The implementation body of the method of the present embodiment is the capability open platform in fig. 2 or fig. 3.
When the service calling end needs to call the service of the third-party service system, a service calling request is sent to the capability opening platform, and the service calling request comprises the type of the service to be called. The capability open platform can determine a key update strategy corresponding to the service to be invoked, namely a target key update strategy, according to the type of the service to be invoked.
The target key updating strategy is used for triggering the capability opening platform to update the first keys stored by the capability opening platform and the service calling end. The specific triggering procedure of the target key update policy may be as described in the following two alternative embodiments:
In a first alternative embodiment, based on the application scenario shown in fig. 2, the target key update policy may be stored in the key management center, and the key management center determines whether the target key update policy is satisfied according to the target key update policy, and when it is determined that the target key update policy is satisfied, sends a key update request to the capability openness platform, so as to instruct the capability openness platform to update the first key stored in the capability openness platform and the service calling end.
In a second alternative embodiment, based on the application scenario shown in fig. 3, the target key update policy may be stored in the capability openness platform, and the capability openness platform determines whether the target key update policy is satisfied according to the target key update policy, and updates the first key stored in the capability openness platform and the service invocation terminal when it is determined that the target key update policy is satisfied.
In this embodiment, before step S401, this embodiment further includes: s400, setting a key updating strategy of each service aiming at the service of each service system butted by the capability open platform; and sending the key updating strategy of each service to the key management center.
Specifically, the following two alternative examples may be included:
example one: illustratively, on the basis of the first alternative embodiment, the capability opening platform needs to set a key update policy of each service for the service of each service system that the capability opening platform interfaces with; and sending the key updating strategy of each service to the key management center. Or the service calling end sets the key updating strategy of each service according to each service required and sends the key updating strategy to the capability opening platform, and the capability opening platform sends the key updating strategy of each service to the key management center.
Accordingly, the key management center may perform the steps of: receiving a key update policy for each service; each service is a service of calling a service system by a service calling terminal; when the key updating strategy corresponding to the target service is met, generating a key updating request aiming at the target service according to the key updating strategy of the target service; the key update request is used for indicating the capability opening platform to update the first key stored in the capability opening platform to obtain a second key, and updating the first key of the service calling terminal into the second key; and sending a key update request for the target service to the capability opening platform. Specifically, the key update policy may include at least one of: receiving prompt information of abnormal call sent by a capability open platform; the prompt information is used for triggering the key management center to send the key update request; and determining the time when the key update is reached according to the key update frequency of the target service.
Example two: illustratively, on the basis of the second alternative embodiment, the capability opening platform may set a key update policy of each service for each service system that the capability opening platform interfaces with, and store the key update policy of each service in the capability opening platform. Or the service calling end sets a target key updating strategy of each service according to each service required, and sends the target key updating strategy to the capability opening platform, and the capability opening platform stores the target key updating strategy of each service.
Optionally, when the capability open platform or the service calling end sets a key update policy of each service, the key update frequency of each service may be set according to the security requirement of each service. The security requirement of each service is positively related to the key update frequency of each service, that is, the higher the security requirement of each service is, the higher the key update frequency of the service is, otherwise, the lower the security requirement of each service is, the lower the key update frequency of the service is.
S402, updating the first key of the service calling end to the second key.
Specifically, updating the first key of the service calling end to the second key includes: and the capability opening platform sends the second key to the service calling end. Correspondingly, the service calling end receives the second key and updates the first key of the service calling end to the second key.
Based on the second secret key, when the service calling end sends the service request to the capability opening platform, the service request carries the second secret key, the capability opening platform receives the service request, authenticates the service request according to the second secret key in the service request, if the authentication is successful, forwards the service request to a service system corresponding to the service type of the service request, the service system obtains a service processing result according to the service request, returns the service processing result to the capability opening platform, and the capability opening platform further returns the service processing result to the service calling end.
Specifically, the capability opening platform authenticates the service request according to the second key in the service request, including: the capability opening platform compares the second secret key in the service request with the second secret key corresponding to the type of the service request stored in the capability opening platform, if the second secret key in the service request is the same as the second secret key corresponding to the type of the service request stored in the capability opening platform, authentication is successful, otherwise, authentication fails.
In this embodiment, a key update interface is provided between the capability open platform and the service call end, and the key update interface is a unidirectional transmission interface, that is, a unidirectional interface for transmitting data from the capability open platform to the service call end. This means that the update of the first key in the service calling end can only be updated by receiving the second key sent by the capability opening platform, and the service calling end cannot actively initiate a key update request to the capability opening platform.
In the embodiment, when the target key updating strategy is met, updating the first key stored in the capability open platform to obtain the second key; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling capability open platform, and the first key and the second key are used for authenticating the service calling end; and updating the first key of the service calling end to the second key. Since the first key stored in the capability open platform and the service call terminal is updated under the condition that the target key updating policy is satisfied, the key update in the embodiment is dynamic update. In addition, the first secret key in the service calling end is updated through the capability opening platform, so that the first secret key in the service calling end is updated in one direction, namely the service calling end passively receives the second secret key sent by the capability opening platform and updates the first secret key of the service calling end, and the secret key cannot actively initiate a secret key update request to the capability opening platform.
On the basis of the above embodiment, the target key update policy may include at least one of:
a. A key update request for a target service from a key management center is received.
b. And monitoring the target business abnormality of the calling capability open platform of the business calling terminal.
c. And determining the time when the key update is reached according to the key update frequency of the target service.
Based on the three target key update policies, there may be two different implementations as follows:
in an alternative embodiment, the key management center may determine whether the target update policy is satisfied according to the target key update policies of the foregoing items b and c, and send a key update request for the target service to the capability opening platform when it is determined that the target update policy is satisfied, and the capability opening platform performs steps S401 and S402 when receiving the key update request for the target service from the key management center.
In another alternative embodiment, the capability openness platform may determine whether the target update policy is satisfied according to the target key update policies of b and c, and perform step S401 and step S402 when it is determined that the target update policy is satisfied. The following describes two optional embodiments in detail based on the application scenarios shown in fig. 2 and fig. 3, and in combination with interactions among the key management center, the capability opening platform, and the service invocation end:
Based on the application scenario shown in fig. 2, the application provides a key updating processing method. Fig. 5 is a schematic diagram illustrating an interaction of a key update processing method according to an embodiment of the present application. As shown in fig. 5, the key update processing method includes:
s501, the key management center determines whether the key update time is reached according to the key update frequency of the target service.
Before step S501, the capability open platform needs to set the key update frequency of each service system that the capability open platform interfaces with, and send the key update frequency to the key management center, where the key management center stores the key update frequency of each service. Or the service calling end sets the key update frequency of each service required by the service calling end and sends the key update frequency to the capability opening platform, and the capability opening platform sends the key update frequency of each service to the key management center, and the key management center stores the key update frequency of each service.
S502, if the key management center determines that the key update time is reached according to the key update frequency of the target service, the key management center determines that the target key update strategy is satisfied.
Optionally, if it is determined that the key update time does not reach according to the key update frequency of the target service, it is determined that the target key update policy is not satisfied.
For example, assuming that the key update frequency of the target service is 5 minutes, the key update request of the target service is generated every 5 minutes and sent to the capability openness platform.
S503, when the key management center determines that the target key updating strategy is met, generating a key updating request of the target service; the key update request of the target service is used for indicating the capability opening platform to update the first key stored in the capability opening platform to obtain a second key, and updating the first key stored in the service calling terminal according to the second key.
S504, the key management center sends a key update request to the capability opening platform.
S505, the capability opening platform receives the key update request and updates the first key stored by the capability opening platform to obtain the second key.
Specifically, the capability open platform deletes the first key and stores the second key. Or the first key is set to invalid and the second key is set to valid.
S506, the capability opening platform sends the second key to the service calling end.
S507, the service calling end receives the second secret key and updates the first secret key stored by the service calling end into the second secret key according to the second secret key.
Specifically, the service invocation end may delete the first key and store the second key. Or the first key is set to invalid and the second key is set to valid.
Based on the application scenario shown in fig. 2, the application provides a key updating processing method. Fig. 6 is a second interaction diagram of a key update processing method according to an embodiment of the present application. As shown in fig. 6, the key update processing method includes:
s601, a capability open platform monitoring service calling end calls service of a service system.
S602, if the capability open platform monitors that the service calling end calls the service abnormality of the service system, the capability open platform sends prompt information of abnormal calling to the key management center; the prompt message is used for triggering the key management center to send the key update request.
S603, the key management center receives prompt information of abnormal call sent by the capability open platform, and determines that the target key update strategy is met.
In this embodiment, if the key management center receives the prompt message of the exception call sent by the capability open platform, it is determined that the target key update policy is satisfied.
S604, when the key management center determines that the target key updating strategy is satisfied, generating a key updating request of the target service; the key update request of the target service is used for indicating the capability opening platform to update the first key stored in the capability opening platform to obtain a second key, and updating the first key stored in the service calling terminal according to the second key.
S605, the key management center sends a key update request to the capability opening platform.
S606, the capability opening platform receives the key update request, and updates the first key stored by the capability opening platform to obtain a second key.
The specific embodiment of step S606 may be referred to the description of step S505.
S607, the capability opening platform sends the second key to the service calling end.
And S608, the service calling end receives the second secret key and updates the first secret key stored by the service calling end into the second secret key according to the second secret key.
The specific embodiment of step S608 may be referred to the description of step S507.
Based on the application scenario shown in fig. 3, the application provides a key updating processing method. Fig. 7 is an interaction diagram III of a key update processing method according to an embodiment of the present application. As shown in fig. 7, the key update processing method includes:
and S701, the capability opening platform determines whether the key updating time is reached according to the key updating frequency of the target service.
Before step S701, the capability open platform also needs to set the key update frequency of the service of each service system that the capability open platform interfaces with, and store the key update frequency of each service. Or the service calling end sets the key updating frequency of each service required by the service calling end and sends the key updating frequency to the capability opening platform, and the capability opening platform stores the key updating frequency of each service.
S702, if the capability open platform determines whether the key update time is reached according to the key update frequency of the target service, determining that the target key update strategy is satisfied; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service calling end for calling the service of the capability open platform, and the first key and the second key are both used for authenticating the service calling end.
The specific embodiment of step S702 may be referred to the description of step S502.
And S703, when the capability opening platform determines that the target key updating strategy is met, updating the first key stored by the capability opening platform to obtain a second key.
The specific embodiment of step S703 may be described in step S505.
S704, the capability opening platform sends a second key to the service calling end.
And S705, the service calling end receives the second secret key and updates the first secret key stored by the service calling end into the second secret key according to the second secret key.
The specific embodiment of step S705 may be described in step S507.
Based on the application scenario shown in fig. 3, the application provides a key updating processing method. Fig. 8 is an interaction diagram of a key update processing method according to an embodiment of the present application. As shown in fig. 8, the key update processing method includes:
S801, a capability open platform monitors a service calling end to call a service of a service system.
S802, if the capability open platform monitors that the service calling end calls the service abnormality of the service system, the capability open platform determines that the target secret key updating strategy is met.
And S803, when the capability opening platform determines that the target key updating strategy is met, updating the first key stored by the capability opening platform to obtain a second key.
The specific embodiment of step S803 may be referred to the description of step S505.
S804, the capability opening platform sends the second key to the service calling end.
S805, the service calling end receives the second key and updates the first key stored by the service calling end to the second key according to the second key.
The specific embodiment of step S805 may be referred to the description of step S507.
Based on the above embodiment, in order to improve the security of key update, the present application further proposes at least three optional embodiments for updating the first key of the service invocation end to the second key:
in a first alternative embodiment, updating the first key of the service invocation end to the second key includes steps a1 and a2:
and a step a1, encrypting the second key to obtain an encrypted second key.
The encryption algorithm for encrypting the second key may be any existing encryption algorithm, which is not limited in this embodiment.
Step a2, a first key updating instruction is sent to a service calling end, wherein the first key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key, and the first key updating instruction carries the encrypted second key.
On the basis of the first alternative embodiment, the service calling end may correspondingly execute the following steps: and receiving a first key updating instruction sent by the capability opening platform.
In a second alternative embodiment, updating the first key of the service invocation end to the second key includes: and sending a second key updating instruction to the service calling end, wherein the second key updating instruction is used for indicating the service calling end to update the first key of the service calling end to the second key when determining that the second key is legal, and the second key updating instruction carries the second key.
Based on the second alternative embodiment, the service calling end may correspondingly execute the following steps: and receiving a second key updating instruction sent by the capability opening platform.
In a third alternative embodiment, updating the first key of the service invocation end to the second key includes: and sending a third key updating instruction to the service calling end through a special network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update the first key of the service calling end into the second key, and the third key updating instruction carries the second key.
On the basis of the third optional embodiment, the service calling end may correspondingly execute the following steps: and receiving a third key updating instruction sent by the capability opening platform to the service calling end through a special network between the capability opening platform and the service calling end.
On the basis of the above embodiment, in order to ensure that the key update does not affect the service call, after updating the first key stored in the capability open platform to obtain the second key, the embodiment of the present application may further include the following steps a and B:
step A, setting the effective time of a second secret key; the validity time of the second key partially overlaps with the validity time of the first key.
And B, storing the effective time of the second key.
Optionally, based on the step a and the step B, updating the first key of the service calling end to the second key includes the following three optional embodiments:
in a second alternative embodiment, updating the first key of the service invocation end to the second key includes:
b1, encrypting the second key to obtain an encrypted second key.
b2, sending a first key updating instruction to the service calling end, wherein the first key updating instruction is used for indicating the service calling end to update the first key of the service calling end to the second key, and the first key updating instruction carries the encrypted second key and the effective time of the second key.
On the basis of step b1 and step b2, correspondingly, the service calling end may execute the following steps: and receiving a first key updating instruction sent by the capability opening platform.
In a second alternative embodiment, updating the first key of the service invocation end to the second key includes: and sending a second key updating instruction to the service calling end, wherein the second key updating instruction is used for indicating the service calling end to update the first key of the service calling end to the second key when determining that the second key is legal, and the second key updating instruction carries the second key and the effective time of the second key. Accordingly, the service calling end may execute the following steps: and receiving a second key updating instruction sent by the capability opening platform.
In a third alternative embodiment, updating the first key of the service invocation end to the second key includes: and sending a third key updating instruction to the service calling end through a special network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update the first key of the service calling end into the second key, and the third key updating instruction carries the second key and the effective time of the second key. Accordingly, the service calling end may execute the following steps: and receiving a third key updating instruction sent by the capability opening platform.
Illustratively, the first key may be set to a valid time of 2021, 11, 25, 18:50 to 2021, 11, 25, 19:50, and the second key may be set to a valid time of 2021, 11, 25, 19:30 to 2021, 12, 25, 20:00. Then during the period from 2021, 11, 25, 19:30 to 2021, 12, 25, 19:50, the user may use the first key to make a service call from the capability open platform, or use the second key to make a service call from the capability open platform.
It should be noted that, before the first keys of the capability opening platform and the service calling end are updated for the first time, the first keys need to be stored in both the capability opening platform and the service calling end. Before the first keys of the capability opening platform and the service calling end are updated for the first time, the first keys stored in the capability opening platform and the service calling end can be the first keys which are randomly generated by triggering the capability opening platform according to a random number generation algorithm when the generation target key updating strategy is stored to the capability opening platform for the first time, and the first keys are written in a storage unit of the capability opening platform. Thereafter, the first key may be updated according to the above-described embodiments.
Based on the embodiment of the key updating processing method, the embodiment of the application also provides a key updating processing device. Fig. 9 is a schematic structural diagram of a key update processing device according to an embodiment of the present application. As shown in fig. 9, the key update processing apparatus includes: an updating module 91;
the updating module 91 is configured to update the first key stored in the capability open platform to obtain a second key when the target key updating policy is satisfied; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end;
the updating module 91 is further configured to update the first key of the service invocation end to the second key.
In some embodiments, the target key update policy includes at least one of:
receiving a key update request from a key management center for the target service;
monitoring that the service calling end calls the target service abnormality of the capability open platform;
and determining the time when the key update is reached according to the key update frequency of the target service.
In some embodiments, the apparatus further comprises: a setting module 92 and a transmitting module 93;
a setting module 92, configured to set a key update policy of each service for a service of each service system that is docked by the capability open platform;
a sending module 93, configured to send a key update policy of each service to the key management center.
In some embodiments, the apparatus further comprises: a monitoring module 94;
the monitoring module 94 is configured to monitor a service invoked by the service invocation end to invoke the service of the service system;
the sending module 93 is further configured to send a prompt message for abnormal call to the key management center if it is monitored that the service calling end calls the service abnormality of the service system; the prompt message is used for triggering the key management center to send the key update request.
In some embodiments, the apparatus further comprises: a storage module 95;
a setting module 92, configured to set a valid time of the second key; the effective time of the second key is partially overlapped with the effective time of the first key;
a storage module 95, configured to store the validity time of the second key.
In some embodiments, the update module 91 is specifically configured to:
Encrypting the second secret key to obtain an encrypted second secret key;
a first key updating instruction is sent to the service calling end, the first key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key, and the first key updating instruction carries the encrypted second key and the effective time of the second key;
or alternatively, the process may be performed,
a second key updating instruction is sent to the service calling end, wherein the second key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key when the second key is legal, and the second key updating instruction carries the second key and the effective time of the second key;
or alternatively, the process may be performed,
and sending a third key updating instruction to the service calling end through a private network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update the first key of the service calling end into the second key, and the third key updating instruction carries the second key and the effective time of the second key.
Fig. 10 is a schematic structural diagram of another key update processing device according to an embodiment of the present application. As shown in fig. 10, the key update processing apparatus includes: a receiving module 101, a generating module 102, and a transmitting module 103;
a receiving module 101, configured to receive a key update policy of each service; each service is a service of calling the service system by a service calling terminal;
a generating module 102, configured to generate, when a key update policy corresponding to a target service is satisfied, a key update request for the target service according to the key update policy of the target service; the key update request is used for indicating the capability opening platform to update the first key stored in the capability opening platform to obtain a second key, and updating the first key of the service calling terminal into the second key;
and the sending module 103 is configured to send a key update request for the target service to the capability open platform.
In some embodiments, the key update policy includes at least one of:
receiving prompt information of abnormal call sent by the capability open platform; the prompt message is used for triggering the key management center to send the key update request;
And determining the time when the key update is reached according to the key update frequency of the target service.
Fig. 11 is a schematic structural diagram of another key update processing device according to an embodiment of the present application. As shown in fig. 11, the key update processing apparatus includes: a receiving module 111 and an updating module 112;
a receiving module 111, configured to receive the second key; the second key is obtained by updating the first key stored in the capability open platform when the capability open platform meets the target key updating strategy; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end;
and the updating module 112 is configured to update the first key of the service calling end to the second key.
In some embodiments, the receiving module 111 is specifically configured to:
receiving a first key updating instruction sent by the capability opening platform, wherein the first key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key, and the first key updating instruction carries the encrypted second key and the effective time of the second key;
Or alternatively, the process may be performed,
receiving a second key updating instruction sent by the capability opening platform, wherein the second key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key when the second key is legal, and the second key updating instruction carries the second key and the effective time of the second key;
or alternatively, the process may be performed,
receiving a third key updating instruction sent to the service calling end by the capability opening platform through a private network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update a first key of the service calling end into the second key, and the third key updating instruction carries the second key and the effective time of the second key.
The three key update processing devices provided in the embodiments of the present application may be used to execute the technical scheme of the key update processing method in the embodiments of the present application, and the implementation principle and the technical effect are similar, and are not repeated here.
It should be noted that, it should be understood that the division of the modules of the above apparatus is merely a division of a logic function, and may be fully or partially integrated into a physical entity or may be physically separated. And these modules may all be implemented in software in the form of calls by the processing element; or can be realized in hardware; the method can also be realized in a form of calling software by a processing element, and the method can be realized in a form of hardware by a part of modules. For example, the update module 91 may be a processing element that is set up separately, may be implemented in a chip of the above-described apparatus, or may be stored in a memory of the above-described apparatus in the form of program codes, and the functions of the update module 91 may be called and executed by a processing element of the above-described apparatus. The implementation of the other modules is similar. In addition, all or part of the modules can be integrated together or can be independently implemented. The processing element here may be an integrated circuit with signal processing capabilities. In implementation, each step of the above method or each module above may be implemented by an integrated logic circuit of hardware in a processor element or an instruction in a software form.
Fig. 12 is a schematic structural diagram of an electronic device according to an embodiment of the present application. As shown in fig. 12, the electronic device may include: a transceiver 121, a processor 122, a memory 123.
Processor 122 executes the computer-executable instructions stored in the memory, causing processor 122 to perform the aspects of the embodiments described above. The processor 122 may be a general-purpose processor including a central processing unit CPU, a network processor (network processor, NP), etc.; but may also be a digital signal processor DSP, an application specific integrated circuit ASIC, a field programmable gate array FPGA or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component.
Memory 123 is coupled to processor 122 via the system bus and communicates with each other, and memory 123 is configured to store computer program instructions.
Transceiver 121 may be configured to receive a key update request from a key management center for the target service.
The system bus may be a peripheral component interconnect standard (peripheral component interconnect, PCI) bus or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The system bus may be classified into an address bus, a data bus, a control bus, and the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus. The transceiver is used to enable communication between the database access device and other computers (e.g., clients, read-write libraries, and read-only libraries). The memory may include random access memory (random access memory, RAM) and may also include non-volatile memory (non-volatile memory).
The electronic device provided by the embodiment of the application can be the capability open platform, the service calling terminal or the key management center of the embodiment.
The embodiment of the application also provides a chip for running the instruction, and the chip is used for executing the technical scheme of the key updating processing method in the embodiment.
The embodiment of the application also provides a computer readable storage medium, wherein the computer readable storage medium stores computer instructions, and when the computer instructions run on a computer, the computer is caused to execute the technical scheme of the key updating processing method in the embodiment.
The embodiment of the application also provides a computer program product, which comprises a computer program stored in a computer readable storage medium, wherein at least one processor can read the computer program from the computer readable storage medium, and the technical scheme of the key updating processing method in the embodiment can be realized when the at least one processor executes the computer program.
Other embodiments of the application will be apparent to those skilled in the art from consideration of the specification and practice of the application disclosed herein. This application is intended to cover any variations, uses, or adaptations of the application following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the application pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It is to be understood that the application is not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the application is limited only by the appended claims.
Claims (13)
1. A key update processing method, wherein the method is applied to a capability open platform, the method comprising:
when the target key updating strategy is met, updating the first key stored in the capability open platform to obtain a second key; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end;
updating the first key of the service calling end to the second key;
the updating of the first key stored in the capability open platform to obtain the second key further includes:
setting the effective time of the second key; the effective time of the second key is partially overlapped with the effective time of the first key;
storing a validity time of the second key;
The updating the first key of the service calling end to the second key includes:
encrypting the second secret key to obtain an encrypted second secret key;
a first key updating instruction is sent to the service calling end, the first key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key, and the first key updating instruction carries the encrypted second key and the effective time of the second key;
or alternatively, the process may be performed,
a second key updating instruction is sent to the service calling end, wherein the second key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key when the second key is legal, and the second key updating instruction carries the second key and the effective time of the second key;
or alternatively, the process may be performed,
and sending a third key updating instruction to the service calling end through a private network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update the first key of the service calling end into the second key, and the third key updating instruction carries the second key and the effective time of the second key.
2. The method of claim 1, wherein the target key update policy comprises at least one of:
receiving a key update request from a key management center for the target service;
monitoring that the service calling end calls the target service abnormality of the capability open platform;
and determining the time when the key update is reached according to the key update frequency of the target service.
3. The method of claim 2, wherein if the key update policy includes receiving a key update request from a key management center for the target service, and the key management center triggers sending the key update request to a capability openness platform based on the target key update policy;
and before updating the first key stored in the capability opening platform when the key updating policy is satisfied, the method further comprises:
setting a key updating strategy of each service aiming at the service of each service system butted by the capability open platform;
and sending the key updating strategy of each service to the key management center.
4. The method according to claim 3, wherein when the target key update policy is satisfied, updating the first key stored in the capability open platform to obtain the second key, further comprises:
Monitoring the service of the service system called by the service calling end;
if the abnormal service of the service system is monitored to be called by the service calling end, sending prompt information of abnormal call to the key management center; the prompt message is used for triggering the key management center to send the key update request.
5. A key update processing method, wherein the method is applied to a key management center, the method comprising:
receiving a key update policy for each service; each service is a service of calling the service system by a service calling terminal;
when a key updating strategy corresponding to a target service is met, generating a key updating request aiming at the target service according to the key updating strategy of the target service; the key update request is used for indicating the capability opening platform to update the first key stored in the capability opening platform to obtain a second key, and setting the effective time of the second key; the effective time of the second key is partially overlapped with the effective time of the first key;
storing the effective time of the second key, and updating the first key of the service calling end into the second key;
Sending a key update request for the target service to the capability opening platform;
the updating the first key of the service calling end to the second key includes:
encrypting the second secret key to obtain an encrypted second secret key;
a first key updating instruction is sent to the service calling end, the first key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key, and the first key updating instruction carries the encrypted second key and the effective time of the second key;
or alternatively, the process may be performed,
a second key updating instruction is sent to the service calling end, wherein the second key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key when the second key is legal, and the second key updating instruction carries the second key and the effective time of the second key;
or alternatively, the process may be performed,
and sending a third key updating instruction to the service calling end through a private network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update the first key of the service calling end into the second key, and the third key updating instruction carries the second key and the effective time of the second key.
6. The method of claim 5, wherein the key update policy comprises at least one of:
receiving prompt information of abnormal call sent by the capability open platform; the prompt message is used for triggering the key management center to send the key update request;
and determining the time when the key update is reached according to the key update frequency of the target service.
7. The key updating processing method is characterized in that the method is applied to a service calling end and comprises the following steps:
receiving a second key; the second key is obtained by updating the first key stored in the capability open platform when the capability open platform meets the target key updating strategy; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end;
updating the first key of the service calling end to the second key;
the receiving the second key includes:
receiving a first key updating instruction sent by the capability opening platform, wherein the first key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key, and the first key updating instruction carries the encrypted second key and the effective time of the second key;
Or alternatively, the process may be performed,
receiving a second key updating instruction sent by the capability opening platform, wherein the second key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key when the second key is legal, and the second key updating instruction carries the second key and the effective time of the second key;
or alternatively, the process may be performed,
receiving a third key updating instruction sent to the service calling end by the capability opening platform through a private network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update a first key of the service calling end into the second key, and the third key updating instruction carries the second key and the effective time of the second key; the second key valid time is set and stored after the capability opening platform updates the stored first key to obtain the second key, and the second key valid time and the first key valid time are partially overlapped.
8. A key update processing apparatus, applied to a capability open platform, the apparatus comprising:
The updating module is used for updating the first secret key stored in the capability open platform to obtain a second secret key when the target secret key updating strategy is met; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end;
the updating module is further configured to update the first key of the service calling end to the second key;
the setting module is used for setting the effective time of the second key; the effective time of the second key is partially overlapped with the effective time of the first key;
the storage module is used for storing the valid time of the second key;
the updating module is specifically configured to encrypt the second key to obtain an encrypted second key;
a first key updating instruction is sent to the service calling end, the first key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key, and the first key updating instruction carries the encrypted second key and the effective time of the second key;
Or alternatively, the process may be performed,
a second key updating instruction is sent to the service calling end, wherein the second key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key when the second key is legal, and the second key updating instruction carries the second key and the effective time of the second key;
or alternatively, the process may be performed,
and sending a third key updating instruction to the service calling end through a private network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update the first key of the service calling end into the second key, and the third key updating instruction carries the second key and the effective time of the second key.
9. A key update processing apparatus, for use in a key management center, the apparatus comprising:
the receiving module is used for receiving the key updating strategy of each service; each service is a service of calling the service system by a service calling terminal;
the generation module is used for generating a key update request of each service according to the key update strategy of each service; the key update request is used for indicating the capability opening platform to update the first key stored in the capability opening platform to obtain a second key, and updating the first key of the service calling terminal into the second key;
The sending module is used for sending a secret key update request of each service to the capability opening platform;
the setting module is used for setting the effective time of the second key; the effective time of the second key is partially overlapped with the effective time of the first key;
the storage module is used for storing the valid time of the second key;
the updating module is used for encrypting the second key to obtain an encrypted second key;
a first key updating instruction is sent to the service calling end, the first key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key, and the first key updating instruction carries the encrypted second key and the effective time of the second key;
or alternatively, the process may be performed,
a second key updating instruction is sent to the service calling end, wherein the second key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key when the second key is legal, and the second key updating instruction carries the second key and the effective time of the second key;
Or alternatively, the process may be performed,
and sending a third key updating instruction to the service calling end through a private network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update the first key of the service calling end into the second key, and the third key updating instruction carries the second key and the effective time of the second key.
10. A key update processing device, applied to a service calling end, the device comprising:
the receiving module is used for receiving the second secret key; the second key is obtained by updating the first key stored in the capability open platform when the capability open platform meets the target key updating strategy; the target key updating strategy is a key updating strategy corresponding to a target service, the target service is a service of a service calling end calling service system, and the first key and the second key are both used for authenticating the service calling end;
the updating module is used for updating the first secret key of the service calling end into the second secret key;
the receiving module is specifically configured to receive a first key update instruction sent by the capability open platform, where the first key update instruction is configured to instruct the service calling end to update a first key of the service calling end to the second key, and the first key update instruction carries the encrypted second key and an effective time of the second key;
Or alternatively, the process may be performed,
receiving a second key updating instruction sent by the capability opening platform, wherein the second key updating instruction is used for indicating the service calling end to update a first key of the service calling end to the second key when the second key is legal, and the second key updating instruction carries the second key and the effective time of the second key;
or alternatively, the process may be performed,
receiving a third key updating instruction sent to the service calling end by the capability opening platform through a private network between the capability opening platform and the service calling end, wherein the third key updating instruction is used for indicating the service calling end to update a first key of the service calling end into the second key, and the third key updating instruction carries the second key and the effective time of the second key;
the second key valid time is set and stored after the capability opening platform updates the stored first key to obtain the second key, and the second key valid time and the first key valid time are partially overlapped.
11. A key update processing system, comprising:
A capability open platform for performing the method of any one of claims 1-4;
at least one service calling terminal, which is in communication connection with the capability open platform and is used for executing the method as claimed in claim 5 or 6;
a key management center communicatively coupled to the capability open platform for performing the method of claim 7.
12. An electronic device, comprising: a processor, and a memory communicatively coupled to the processor;
the memory stores computer-executable instructions;
the processor executes computer-executable instructions stored in the memory to implement the method of any one of claims 1-7.
13. A computer readable storage medium having stored therein computer executable instructions which when executed by a processor are adapted to carry out the method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111468358.3A CN114268467B (en) | 2021-12-03 | 2021-12-03 | Key updating processing method, device, system, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111468358.3A CN114268467B (en) | 2021-12-03 | 2021-12-03 | Key updating processing method, device, system, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114268467A CN114268467A (en) | 2022-04-01 |
| CN114268467B true CN114268467B (en) | 2023-09-05 |
Family
ID=80826365
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111468358.3A Active CN114268467B (en) | 2021-12-03 | 2021-12-03 | Key updating processing method, device, system, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114268467B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1889399A1 (en) * | 2005-06-10 | 2008-02-20 | Samsung Electronics Co., Ltd. | Method for managing group traffic encryption key in wireless portable internet system |
| CN106656923A (en) * | 2015-10-30 | 2017-05-10 | 阿里巴巴集团控股有限公司 | Device association method, key update method and apparatuses |
| CN112152978A (en) * | 2019-06-28 | 2020-12-29 | 北京金山云网络技术有限公司 | Key management method, device, equipment and storage medium |
| CN112399369A (en) * | 2019-07-31 | 2021-02-23 | 华为技术有限公司 | Secret key updating, obtaining and canceling method and communication device |
| CN112436939A (en) * | 2020-12-11 | 2021-03-02 | 杭州海康威视数字技术股份有限公司 | Key negotiation method, device and system and electronic equipment |
| CN112653911A (en) * | 2020-12-08 | 2021-04-13 | 中国联合网络通信集团有限公司 | Key updating method and device |
| CN113438242A (en) * | 2021-06-25 | 2021-09-24 | 未鲲(上海)科技服务有限公司 | Service authentication method, device and storage medium |
| WO2021196915A1 (en) * | 2020-04-02 | 2021-10-07 | 深圳壹账通智能科技有限公司 | Encryption and decryption operation-based data transmission methods and systems, and computer device |
-
2021
- 2021-12-03 CN CN202111468358.3A patent/CN114268467B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1889399A1 (en) * | 2005-06-10 | 2008-02-20 | Samsung Electronics Co., Ltd. | Method for managing group traffic encryption key in wireless portable internet system |
| CN106656923A (en) * | 2015-10-30 | 2017-05-10 | 阿里巴巴集团控股有限公司 | Device association method, key update method and apparatuses |
| CN112152978A (en) * | 2019-06-28 | 2020-12-29 | 北京金山云网络技术有限公司 | Key management method, device, equipment and storage medium |
| WO2020259606A1 (en) * | 2019-06-28 | 2020-12-30 | 北京金山云网络技术有限公司 | Key management method and apparatus, device, and storage medium |
| CN112399369A (en) * | 2019-07-31 | 2021-02-23 | 华为技术有限公司 | Secret key updating, obtaining and canceling method and communication device |
| WO2021196915A1 (en) * | 2020-04-02 | 2021-10-07 | 深圳壹账通智能科技有限公司 | Encryption and decryption operation-based data transmission methods and systems, and computer device |
| CN112653911A (en) * | 2020-12-08 | 2021-04-13 | 中国联合网络通信集团有限公司 | Key updating method and device |
| CN112436939A (en) * | 2020-12-11 | 2021-03-02 | 杭州海康威视数字技术股份有限公司 | Key negotiation method, device and system and electronic equipment |
| CN113438242A (en) * | 2021-06-25 | 2021-09-24 | 未鲲(上海)科技服务有限公司 | Service authentication method, device and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| V. Spoorthi.Key Update Mechanism in PKI: Study and a New Approach.《2013 2nd International Conference on Advanced Computing, Networking and Security》.2013,全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114268467A (en) | 2022-04-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11076295B2 (en) | Remote management method, and device | |
| CN113067859B (en) | Communication method and device based on cloud mobile phone | |
| CN112311543B (en) | GBA key generation method, terminal and NAF network element | |
| CN110621016B (en) | User identity protection method, user terminal and base station | |
| CN112968892B (en) | Information verification method, device, computing equipment and medium | |
| CN112632573A (en) | Intelligent contract execution method, device and system, storage medium and electronic equipment | |
| CN112527835A (en) | Authentication request processing method and device based on cache and related equipment | |
| CN112311769A (en) | Method, system, electronic device and medium for security authentication | |
| CN110730447A (en) | User identity protection method, user terminal and core network | |
| CN108898026B (en) | Data encryption method and device | |
| CN113282951B (en) | Application program security verification method, device and equipment | |
| CN114268467B (en) | Key updating processing method, device, system, equipment and storage medium | |
| CN112328415A (en) | Interface calling method and device, computer equipment and readable storage medium | |
| CN116886391A (en) | Internet of things equipment authentication method and device, storage medium and electronic equipment | |
| CN112053159A (en) | Transaction data verification method and device, risk control server and business server | |
| CN115065562B (en) | Block chain-based injection determination method, device, equipment and storage medium | |
| CN108848094B (en) | Data security verification method, device, system, computer equipment and storage medium | |
| CN114338091B (en) | Data transmission method, device, electronic equipment and storage medium | |
| CN113098685B (en) | Security verification method and device based on cloud computing and electronic equipment | |
| CN110166452B (en) | Access control method and system based on JavaCard shared interface | |
| CN110457959B (en) | Information transmission method and device based on Trust application | |
| CN111600717B (en) | SM 2-based decryption method, system, electronic equipment and storage medium | |
| CN111541642B (en) | Bluetooth encryption communication method and device based on dynamic secret key | |
| CN110995756B (en) | Method and device for calling service | |
| CN114301715A (en) | Alliance link data security auditing method and device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |