CN114499897A - Self-adaptive verification method and verification system for SM2 security certificate - Google Patents

Self-adaptive verification method and verification system for SM2 security certificate Download PDF

Info

Publication number
CN114499897A
CN114499897A CN202210390750.9A CN202210390750A CN114499897A CN 114499897 A CN114499897 A CN 114499897A CN 202210390750 A CN202210390750 A CN 202210390750A CN 114499897 A CN114499897 A CN 114499897A
Authority
CN
China
Prior art keywords
certificate
security
verification
service system
website
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210390750.9A
Other languages
Chinese (zh)
Other versions
CN114499897B (en
Inventor
沈益民
侯东
陈峥
王小龙
李晓东
于春雷
林冉孜
王涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Fufan Technology Co ltd
Chengdu Bitnum Technology Co ltd
Original Assignee
Sichuan Fufan Technology Co ltd
Chengdu Bitnum Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Fufan Technology Co ltd, Chengdu Bitnum Technology Co ltd filed Critical Sichuan Fufan Technology Co ltd
Priority to CN202210390750.9A priority Critical patent/CN114499897B/en
Publication of CN114499897A publication Critical patent/CN114499897A/en
Application granted granted Critical
Publication of CN114499897B publication Critical patent/CN114499897B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Abstract

The invention discloses a self-adaptive verification method and a self-adaptive verification system for SM2 security certificates, and relates to the technical field of information security. The method comprises an adaptive verification method, wherein the adaptive verification method comprises the following steps: s1: a pre-installed certificate service system; s2: the user accesses the web site of http on the internet, S3: acquiring the security certificate of the http website based on SM2 by accessing the http website, S4: invoking the certificate service system, verifying the security certificate of the http website, S5: after the website certificate passes verification, the user can safely use the functions of the website. The invention realizes the verification of the website certificate of the SM2 cryptographic algorithm by neglecting whether the operating system and the browser support the SM2 cryptographic algorithm or not through the set function of providing the certificate verification, solves the problem that the open-source operating system cannot support the national commercial password, and accelerates the security of the SM2 security certificate during verification.

Description

Self-adaptive verification method and verification system for SM2 security certificate
Technical Field
The invention relates to the technical field of information security, in particular to an adaptive verification method and a verification system for an SM2 security certificate.
Background
When a user accesses a website through a browser, the security certificate of the website needs to be verified, and with the development of password technology, more and more password systems are applied, wherein some password systems are not supported by some operating system versions.
Although developers continue to patch operating systems to support more cryptographic systems, the following disadvantages exist:
firstly, due to the fact that the open source operating system has a plurality of branches and a plurality of versions, the formed patch cannot cover all operating system versions, and therefore some operating systems cannot support national commercial passwords;
secondly, the development result does not necessarily accord with the relevant specification;
thirdly, after the browser obtains the security certificate of the website, whether a certificate authority recorded in the information abstract of the browser is in an authority trusted by the browser needs to be checked; if the website's security credentials are not certified by an organization trusted by the browser, the browser will not be able to confirm the validity of the credentials.
Therefore, the invention provides a certificate service system to solve the existing defects.
Disclosure of Invention
The present invention aims to provide an adaptive verification method and a verification system for SM2 security certificate, so as to solve the problems in the background art.
In order to achieve the purpose, the invention provides the following technical scheme: the adaptive verification method of the SM2 security certificate comprises the following steps:
s1: a certificate service system is installed on a computer in advance;
s2: the user accesses the http website with SM2 business password on the internet through a browser on a computer:
s3: the browser acquires the security certificate of the http website based on SM2 by accessing the http website;
s4: the browser calls a certificate verification function in the certificate service system to verify the security certificate of the http website;
s5: after the website certificate passes verification, the user can safely use the functions of the website.
Further, step S2 includes:
s2.1, the certificate service system obtains the safety certificate of the certificate service system from each CA mechanism in advance;
s2.2, the browser appoints a trusted CA mechanism to the certificate service system, and then the certificate service system provides a security certificate issued by the CA mechanism to the certificate service system for the browser;
s2.3, the browser verifies the certificate of the certificate service system to the trusted CA mechanism and confirms whether the certificate service system is a legal system.
Furthermore, in the SM2 certificate chain of the CA organization given by the security certificate of the http website, the signature data of each certificate in the certificate chain is sequentially decrypted by using the SM2 public key contained in the security certificate of the http website, the data fingerprint is calculated and compared with the data fingerprint of the security certificate of the http website, if the comparison with the fingerprint existing in the data fingerprint of the security certificate of the http website is successful, the verification is passed, otherwise, the verification is not passed.
Still further, the certificate service system may be further extended to other asymmetric cryptographic algorithms besides SM2, including elliptic curve cryptography algorithm ECC, public key cryptography algorithm RSA, digital signature algorithm DSA, and key exchange algorithm D-H, to support more secure certificate verifications.
In order to achieve the above purpose, the invention also provides the following technical scheme: an SM2 security certificate verification system, comprising a sender and a receiver, wherein the sender further comprises:
the request receiving module is used for receiving the certificate access and certificate verification requests and the related information thereof sent by the browser and respectively sending the requests and the related information thereof to the storage module or the rear end;
the result feedback module is used for sending the result of certificate access or certificate verification to the browser;
and the storage module is used for storing the security certificate of the certificate service system and outputting the security certificate of the certificate service system to the result feedback module according to the requirement of the request receiving module.
Still further, wherein the back end further comprises:
the acquisition module is used for acquiring the security certificate of the certificate service system from the CA mechanism and sending the security certificate to the storage module at the front end for storage;
the verification module is used for receiving a certificate verification request sent by the front end, acquiring an SM2 certificate chain from a CA (certificate authority), sequentially decrypting signature data of each certificate in the certificate chain by using an SM2 public key contained in the certificate verification request, calculating a data fingerprint, comparing the data fingerprint with the data fingerprint of the http website security certificate, if the comparison with the fingerprint existing in the data fingerprint of the http website security certificate is successful, passing the verification, and if the comparison is not successful, passing the verification.
Compared with the prior art, the invention has the beneficial effects that:
the self-adaptive verification method and the verification system of the SM2 security certificate realize that whether an operating system and a browser support the SM2 cryptographic algorithm or not by setting a certificate verification function, verify the website certificate of the SM2 cryptographic algorithm, solve the problem that the formed patch cannot cover all operating system versions due to the fact that an open source operating system has a plurality of branches and a plurality of versions, so that the national commercial passwords cannot be supported on some operating systems, and accelerate the security of the SM2 security certificate during verification.
According to the self-adaptive verification method and the verification system of the SM2 security certificate, whether a security certificate issuing mechanism of an http website is a trusted CA mechanism of a browser can be ignored through the set certificate downloading function, so that the browser verifies the security certificates of SM2 issued by various CA mechanisms, and the problem that the browser cannot verify the trusted CA mechanism after obtaining the security certificate of the http website is solved.
The self-adaptive verification method and the verification system of the SM2 security certificate can prevent other systems from counterfeiting the system through the set certificate acquisition function, thereby ensuring the authentication security of the system.
Drawings
FIG. 1 is a schematic flow diagram of the process of the present invention;
FIG. 2 is a block diagram of an exemplary verification system.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that in the description of the present invention, the terms "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", etc. indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, which are only for convenience of description and simplification of description, and do not indicate or imply that the referred device or element must have a specific orientation, be configured in a specific orientation, and be operated, and thus, should not be construed as limiting the present invention.
Further, it will be appreciated that the dimensions of the various elements shown in the figures are not drawn to scale, for ease of description, and that the thickness or width of some layers may be exaggerated relative to other layers, for example.
It should be noted that like reference numerals and letters refer to like items in the following figures, and thus, once an item is defined or illustrated in one figure, it will not need to be further discussed or illustrated in detail in the description of the following figure.
As shown in fig. 1, the present invention provides a technical solution: the adaptive verification method of the SM2 security certificate comprises the following steps:
s1: a certificate service system is installed on a computer in advance;
s2: a user accesses an http website which adopts an SM2 commercial password on the internet through a browser on a computer;
s3: the browser acquires the security certificate of the http website based on SM2 by accessing the http website;
s4: the browser verifies the security certificate of the http website through a certificate service system;
s5: after the website certificate passes verification, the user can safely use the functions of the website.
In the present application, step S2 includes:
s2.1, the certificate service system obtains the safety certificate of the certificate service system from each CA mechanism in advance;
s2.2, the browser appoints a trusted CA mechanism to the certificate service system, and then the certificate service system provides a security certificate issued by the CA mechanism to the certificate service system for the browser;
s2.3, the browser verifies the certificate of the certificate service system to the trusted CA mechanism and confirms whether the certificate service system is a legal system.
It is emphasized that in this application, the issuance of a certificate generally refers to the meaning that an authorization can use.
It is emphasized that in this application, the CA authority is an abbreviation for certificate authority.
In addition, in an SM2 certificate chain of a CA organization given by the http website security certificate, the SM2 public key included in the http website certificate is used to sequentially decrypt the signature data of each certificate in the certificate chain, calculate the data fingerprint, and compare the data fingerprint with the data fingerprint of the http website security certificate, if the comparison with the fingerprint existing in the data fingerprint of the http website security certificate is successful, the verification is passed, otherwise, the verification is not passed.
It is emphasized that in the present application, the certificate service system may be further extended to support other cryptographic algorithms than SM2, such as Elliptic Curve Cryptography (ECC), public key cryptography (RSA), digital signature cryptography (DSA), and key exchange algorithms (D-H), so as to support more secure certificate verifications.
It should be further emphasized that for browsers already supporting the SM2 algorithm, the certificate service system may still be used to verify SM2 certificates issued by CA authorities to which the browser is not trusted.
In the present application, the certificate service system can ignore whether the operating system and the browser support the SM2 cryptographic algorithm, and thereby implement the http website certificate verification for the SM2 cryptographic algorithm.
In addition, the problem that due to the fact that the number of branches and the number of versions of the open-source operating system are large, formed patches cannot cover all operating system versions frequently, and therefore some operating systems cannot support national commercial passwords is solved, the verification speed of security certificates in http websites is improved, and work efficiency is indirectly improved.
It should be noted that, in the present application, the certificate service system may disregard whether the CA organization is a CA organization trusted by the browser, so that the browser verifies the security certificates of the SM2 issued by various CA organizations.
It should be emphasized that this approach solves the problem that the browser cannot verify on its trusted CA authority after obtaining the security certificate of the http website.
It should be further emphasized that, in the present application, through the certificate service system, other systems can be prevented from counterfeiting the system, thereby ensuring the security of the authentication of the system, solving the problem that due to a plurality of branches and versions of the open source operating system, the formed patch often cannot cover all operating system versions, so that some operating systems still cannot support national commercial passwords, and accelerating the security of the SM2 during the verification of the security certificate.
It should be noted that, in some embodiments, the adaptive verification method for the SM2 security certificate may also be implemented by setting a permission chain on the access verification device, and setting permissions represented by types and numbers on the permission chain for the data and the client, respectively, so that when the client needs to perform data access, such as uploading or downloading, the access verification device can perform the data access.
The specific mode is as follows:
firstly, the access right of the client is inquired, corresponding data access information is generated based on the type and the number of the access right, and after the data access information is sent to the client, the client accesses data in the data storage system based on the data access information, so that the data access of the client is realized.
And secondly, the types and the number of the access authorities are analyzed by a computer to represent the authorities of the data and the client, so that the condition of low data access efficiency caused by the need of hierarchy authorization in a hierarchy authority management system is avoided, and the data access efficiency is further improved.
As shown in fig. 2, the present invention provides a technical solution: an adaptive verification system for SM2 security certificates, comprising a front end and a back end, wherein the front end further comprises:
the request receiving module is used for receiving the certificate access and certificate verification requests and the related information thereof sent by the browser and respectively sending the requests and the related information thereof to the storage module or the rear end;
the result feedback module is used for sending the result of certificate access or certificate verification to the browser;
and the storage module is used for storing the security certificate of the certificate service system and outputting the security certificate of the certificate service system to the result feedback module according to the requirement of the request receiving module.
Still further, wherein the back end further comprises:
the acquisition module is used for acquiring the security certificate of the certificate service system from the CA mechanism and sending the security certificate to the storage module at the front end for storage;
the verification module is used for receiving a certificate verification request sent by the front end, acquiring an SM2 certificate chain from a CA (certificate authority), sequentially decrypting signature data of each certificate in the certificate chain by using an SM2 public key contained in the certificate verification request, calculating a data fingerprint, comparing the data fingerprint with the data fingerprint of the http website security certificate, if the comparison with the fingerprint existing in the data fingerprint of the http website security certificate is successful, passing the verification, and if the comparison is not successful, passing the verification.
It should be noted that, when the device is actually used, firstly, a user installs a security certificate service system in a computer, after the computer installs the certificate service system, the certificate service system downloads certificates of various CA organizations into the computer, at this time, the user accesses the http website by using a browser, after receiving access information, the http website calls out website certificates of the background of the http website and downloads the website certificates, at this time, the security certificate service system in the computer compares and verifies the certificates called out by the http website with the certificates obtained from the CA organizations, when the verification is qualified, the browser safely accesses the http website, and when the verification is unqualified, the access is stopped.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (6)

  1. An adaptive verification method for SM2 security certificates, characterized by: the steps of the self-adaptive verification method are as follows:
    s1: a certificate service system is installed on a computer in advance;
    s2: the user accesses an http website which adopts an SM2 commercial password on the internet through a browser on a computer;
    s3: the browser acquires the security certificate of the http website based on SM2 by accessing the http website;
    s4: the browser calls a certificate service system to verify the security certificate of the http website;
    s5: after the website certificate passes verification, the user can safely use the functions of the website.
  2. 2. The adaptive verification method of SM2 security certificates according to claim 1, wherein: step S2 includes:
    s2.1, the certificate service system obtains the security certificate of the certificate service system from each CA mechanism in advance;
    s2.2, the browser appoints a trusted CA mechanism to the certificate service system, and then the certificate service system provides a security certificate issued by the CA mechanism to the certificate service system for the browser;
    s2.3, the browser verifies the certificate of the certificate service system to the trusted CA mechanism and confirms whether the certificate service system is a legal system.
  3. 3. The adaptive verification method of SM2 security certificates according to claim 1, wherein: in an SM2 certificate chain of a CA mechanism given by an http website security certificate, using an SM2 public key contained in the http website certificate to sequentially decrypt signature data of each certificate in the certificate chain, calculating a data fingerprint, and comparing the data fingerprint with the data fingerprint of the http website security certificate, wherein if the comparison with the fingerprint existing in the data fingerprint of the http website security certificate is successful, the verification is passed, otherwise, the verification is not passed.
  4. 4. The adaptive verification method of SM2 security certificates according to claim 1, wherein: the certificate service system can be further extended to other asymmetric cryptographic algorithms besides SM2, including elliptic curve cryptography algorithm ECC, public key cryptography algorithm RSA, digital signature algorithm DSA, and key exchange algorithm D-H, to support more secure certificate verifications.
  5. 5. A system for validating SM2 security certificates, comprising: including front end and rear end, wherein the front end further includes:
    the request receiving module is used for receiving the certificate access and certificate verification requests and the related information thereof sent by the browser and respectively sending the requests and the related information thereof to the storage module or the rear end;
    the result feedback module is used for sending the result of certificate access or certificate verification to the browser;
    and the storage module is used for storing the security certificate of the certificate service system and outputting the security certificate of the certificate service system to the result feedback module according to the requirement of the request receiving module.
  6. 6. A system for validating SM2 security certificates as claimed in claim 5, wherein: wherein the back end further comprises:
    the acquisition module is used for acquiring the security certificate of the certificate service system from a CA (certificate authority) and sending the security certificate to the storage module at the front end for storage;
    the verification module is used for receiving a certificate verification request sent by the front end, acquiring an SM2 certificate chain from a CA (certificate authority), sequentially decrypting signature data of each certificate in the certificate chain by using an SM2 public key contained in the certificate verification request, calculating a data fingerprint, comparing the data fingerprint with the data fingerprint of the http website security certificate, if the comparison with the fingerprint existing in the data fingerprint of the http website security certificate is successful, passing the verification, and if the comparison is not successful, passing the verification.
CN202210390750.9A 2022-04-14 2022-04-14 Self-adaptive verification method and verification system for SM2 security certificate Active CN114499897B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210390750.9A CN114499897B (en) 2022-04-14 2022-04-14 Self-adaptive verification method and verification system for SM2 security certificate

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210390750.9A CN114499897B (en) 2022-04-14 2022-04-14 Self-adaptive verification method and verification system for SM2 security certificate

Publications (2)

Publication Number Publication Date
CN114499897A true CN114499897A (en) 2022-05-13
CN114499897B CN114499897B (en) 2022-08-02

Family

ID=81487576

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210390750.9A Active CN114499897B (en) 2022-04-14 2022-04-14 Self-adaptive verification method and verification system for SM2 security certificate

Country Status (1)

Country Link
CN (1) CN114499897B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115567201A (en) * 2022-09-22 2023-01-03 矩阵时光数字科技有限公司 Adaptive terminal quantum encryption and decryption method and system thereof

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104639534A (en) * 2014-12-30 2015-05-20 北京奇虎科技有限公司 Website safety information uploading method and browser device
CN105282153A (en) * 2015-09-30 2016-01-27 北京奇虎科技有限公司 Method for achieving data transmission and terminal equipment
CN107046539A (en) * 2017-04-07 2017-08-15 山东中创软件商用中间件股份有限公司 The method to set up and device of a kind of application secure access
CN108763967A (en) * 2018-06-05 2018-11-06 苏州科达科技股份有限公司 Obtain system, method, apparatus and the storage medium of device certificate
CN109040055A (en) * 2018-07-30 2018-12-18 美通云动(北京)科技有限公司 The method for realizing Web secure access using domestic password
CN109040318A (en) * 2018-09-25 2018-12-18 网宿科技股份有限公司 The HTTPS connection method of CDN network and CDN node server
CN110311923A (en) * 2019-07-16 2019-10-08 丁晓东 Adaptive, the twin-channel national secret algorithm HTTPS access method of one kind and system
CN112087467A (en) * 2020-09-18 2020-12-15 杭州弗兰科信息安全科技有限公司 Information encryption transmission method and system based on web system
CN112653672A (en) * 2020-12-11 2021-04-13 苏州浪潮智能科技有限公司 Two-way authentication method, device, equipment and readable medium based on cryptographic algorithm
CN113572740A (en) * 2021-06-30 2021-10-29 长沙证通云计算有限公司 Cloud management platform authentication encryption method based on state password
CN113904767A (en) * 2021-09-29 2022-01-07 深圳市惠尔顿信息技术有限公司 System for establishing communication based on SSL

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104639534A (en) * 2014-12-30 2015-05-20 北京奇虎科技有限公司 Website safety information uploading method and browser device
US20170359185A1 (en) * 2014-12-30 2017-12-14 Beijing Qihoo Technology Company Limited Method for loading website security information and browser apparatus
CN105282153A (en) * 2015-09-30 2016-01-27 北京奇虎科技有限公司 Method for achieving data transmission and terminal equipment
CN107046539A (en) * 2017-04-07 2017-08-15 山东中创软件商用中间件股份有限公司 The method to set up and device of a kind of application secure access
CN108763967A (en) * 2018-06-05 2018-11-06 苏州科达科技股份有限公司 Obtain system, method, apparatus and the storage medium of device certificate
CN109040055A (en) * 2018-07-30 2018-12-18 美通云动(北京)科技有限公司 The method for realizing Web secure access using domestic password
CN109040318A (en) * 2018-09-25 2018-12-18 网宿科技股份有限公司 The HTTPS connection method of CDN network and CDN node server
CN110311923A (en) * 2019-07-16 2019-10-08 丁晓东 Adaptive, the twin-channel national secret algorithm HTTPS access method of one kind and system
CN112087467A (en) * 2020-09-18 2020-12-15 杭州弗兰科信息安全科技有限公司 Information encryption transmission method and system based on web system
CN112653672A (en) * 2020-12-11 2021-04-13 苏州浪潮智能科技有限公司 Two-way authentication method, device, equipment and readable medium based on cryptographic algorithm
CN113572740A (en) * 2021-06-30 2021-10-29 长沙证通云计算有限公司 Cloud management platform authentication encryption method based on state password
CN113904767A (en) * 2021-09-29 2022-01-07 深圳市惠尔顿信息技术有限公司 System for establishing communication based on SSL

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
ZHAOFENG MA: ""Digital rights management: Model, technology and application"", 《CHINA COMMUNICATIONS》 *
刘迪等: "基于国密算法安全中间件的安全功能研究与设计", 《网络安全技术与应用》 *
孟伟明等: "基于PKI的数字证书实现对网站访问的有连接控制", 《电脑知识与技术》 *
张俊贤等: "国产安全浏览器技术研究", 《信息安全研究》 *
王高华等: "国产密码证书全生态应用研究与实践", 《网络空间安全》 *
项川等: "支持商密算法TLS浏览器的设计与实现", 《信息网络安全》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115567201A (en) * 2022-09-22 2023-01-03 矩阵时光数字科技有限公司 Adaptive terminal quantum encryption and decryption method and system thereof
CN115567201B (en) * 2022-09-22 2024-04-19 矩阵时光数字科技有限公司 Self-adaptive terminal quantum encryption and decryption method and system thereof

Also Published As

Publication number Publication date
CN114499897B (en) 2022-08-02

Similar Documents

Publication Publication Date Title
US11223614B2 (en) Single sign on with multiple authentication factors
JP7297360B2 (en) Key management method, device, system, computer equipment and computer program
US9544297B2 (en) Method for secured data processing
US7689828B2 (en) System and method for implementing digital signature using one time private keys
US9172541B2 (en) System and method for pool-based identity generation and use for service access
US9350555B2 (en) Method and system for signing and authenticating electronic documents via a signature authority which may act in concert with software controlled by the signer
US8788836B1 (en) Method and apparatus for providing identity claim validation
WO2019094611A1 (en) Identity-linked authentication through a user certificate system
US20220394026A1 (en) Network identity protection method and device, and electronic equipment and storage medium
US8332647B2 (en) System and method for dynamic multi-attribute authentication
CN110677376B (en) Authentication method, related device and system and computer readable storage medium
CN110535807B (en) Service authentication method, device and medium
EP3292495B1 (en) Cryptographic data
JP2006340178A (en) Attribute certificate verifying method and device
WO2019178763A1 (en) Certificate importing method and terminal
CN114499897B (en) Self-adaptive verification method and verification system for SM2 security certificate
CN110868415B (en) Remote identity verification method and device
US11764979B2 (en) Customer-controlled authentication
AU2020204174B2 (en) Assuring external accessibility for devices on a network
CN115150831A (en) Processing method, device, server and medium for network access request
WO2022171263A1 (en) Key attestation methods, computing devices having key attestation abilities, and their provisioning
CN117675309A (en) Data access method and device, storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CB03 Change of inventor or designer information

Inventor after: Shen Yimin

Inventor after: Hou Dong

Inventor after: Chen Zheng

Inventor after: Wang Xiaolong

Inventor after: Li Xiaodong

Inventor after: Yu Chunlei

Inventor after: Lin Ranzi

Inventor after: Wang Tao

Inventor before: Shen Yimin

Inventor before: Hou Dong

Inventor before: Chen Zheng

Inventor before: Wang Xiaolong

Inventor before: Li Xiaodong

Inventor before: Yu Chunlei

Inventor before: Lin Ranzi

Inventor before: Wang Tao

CB03 Change of inventor or designer information