CN117857058A - Information source security verification method, system, equipment and medium - Google Patents

Information source security verification method, system, equipment and medium Download PDF

Info

Publication number
CN117857058A
CN117857058A CN202311864613.5A CN202311864613A CN117857058A CN 117857058 A CN117857058 A CN 117857058A CN 202311864613 A CN202311864613 A CN 202311864613A CN 117857058 A CN117857058 A CN 117857058A
Authority
CN
China
Prior art keywords
certificate
content
information
security
verified
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311864613.5A
Other languages
Chinese (zh)
Inventor
李勃
张渊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Watchdata Co ltd
Original Assignee
Beijing Watchdata Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Watchdata Co ltd filed Critical Beijing Watchdata Co ltd
Priority to CN202311864613.5A priority Critical patent/CN117857058A/en
Publication of CN117857058A publication Critical patent/CN117857058A/en
Pending legal-status Critical Current

Links

Abstract

The present disclosure relates to the field of information security technologies, and in particular, to a method, a system, an apparatus, and a medium for verifying security of an information source. The method comprises the following steps: receiving information to be verified; acquiring a certificate and a signature from the information to be verified, wherein the certificate is an identification of a content generating device, and the signature is generated by the content generating device, and the certificate is consistent with a device corresponding to the signature; and determining the security of the information to be verified. The method and the device can verify the safety of the information source, thereby ensuring the authenticity of the digital content and the authenticity of metadata such as the generation time, the place, the creator, the acquisition parameters and the like of the digital content.

Description

Information source security verification method, system, equipment and medium
Technical Field
The present disclosure relates to the field of information security technologies, and in particular, to a method, a system, an apparatus, and a medium for verifying security of an information source.
Background
With the rapid development of digital technology, digital contents have become an integral part of people's daily lives. Digital content encompasses various forms of information, such as images, audio, and video, which may be created, stored, transmitted, and processed by computers, networks, and other digital devices. In recent years, the authenticity of digital content has been a long-standing concern. The technologies in the prior art for verifying the authenticity of digital content include deep learning technology, digital watermarking technology and digital signature technology.
However, the prior art has a number of problems. For example, the accuracy and practicality of deep learning techniques for identifying the authenticity of digital content are both difficult to meet the needs of large-scale applications; the digital watermarking technology is easy to avoid, and an attacker can remove the watermark and can add a false watermark into the digital content; digital signature technology is easily tampered with, so that digital signatures also cannot prove the authenticity of digital content.
Disclosure of Invention
Based on the above technical problems, the present application aims to provide a method, a system, a device and a medium for verifying the security of an information source, so as to at least solve one of the above technical problems.
The first aspect of the application provides a security verification method for information sources, which comprises the following steps:
receiving information to be verified;
acquiring a certificate and a signature from the information to be verified, wherein the certificate is an identification of a content generating device, and the signature is generated by the content generating device, and the certificate is consistent with a device corresponding to the signature;
and determining the security of the information to be verified.
In some embodiments of the present application, before the receiving the information to be verified, the method further includes:
determining a trusted content generating device and issuing a device certificate for the trusted content generating device;
and when the trusted content generating equipment is called to generate content, generating a source certificate of the content by using the certificate, and taking the source certificate as information to be verified.
In some embodiments of the present application, the generating the source voucher of the content using the certificate includes:
generating target digital content by a content generating device having a device certificate;
signing the target digital content.
In some embodiments of the present application, the issuing a device certificate for the trusted content generating device includes:
responding to a device certificate request sent by the trusted content generating device;
if the device certificate request contains the signature of the trusted content generation device, issuing a device certificate of the trusted content generation device based on a preset root private key;
transmitting the device certificate to the trusted content generating device.
In some embodiments of the present application, the signing the target digital content includes:
generating a summary corresponding to the target data content, wherein the summary comprises the target digital content and metadata;
generating a device key pair of the trusted content generation device, wherein the device key pair comprises a device private key and a device public key;
signing the digest using the device private key.
In some embodiments of the present application, the determining the security of the information to be verified includes:
acquiring a preset root certificate;
and determining the security of the information to be verified by using the preset root certificate.
In some embodiments of the present application, the determining the security of the information to be verified using the preset root certificate includes:
acquiring an equipment public key of content generation equipment corresponding to information to be verified;
and determining the security of the information to be verified by using the public key of the equipment and the public key corresponding to the preset root certificate.
In some embodiments of the present application, the determining a trusted content generating device includes:
and if the content generating device is provided with a pre-configured security module, the content generating device is used as a trusted content generating device, the security module is used for generating and storing a device key pair of the trusted content generating device, wherein the device key pair comprises a device private key and a device public key, and the security module is further used for signing the target digital content by using the device private key.
A second aspect of the present application provides a content verification system, the system comprising:
the receiving module is used for receiving the information to be verified;
the acquisition module is used for acquiring a certificate and a signature from the information to be verified, wherein the certificate is an identification of content generating equipment, and the signature is generated by the content generating equipment, and the certificate is consistent with equipment corresponding to the signature;
and the determining module is used for determining the security of the information to be verified.
A third aspect of the present application provides a generation and verification fusion system, which includes a content generation device, a device management system, and a content verification system described in an embodiment of the present application; the content generation device is deployed with a security module.
In a fourth aspect, the present application provides an electronic device, including a memory and a processor, where the memory stores computer readable instructions that, when executed by the processor, cause the processor to perform a method for verifying security of information sources as described in embodiments of the present application.
A fifth aspect of the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method for verifying the security of an information source as described in the embodiments of the present application.
The technical scheme provided in the embodiment of the application has at least the following technical effects or advantages:
according to the information source security verification method in each embodiment of the application, the information to be verified is received, the certificate and the signature are obtained from the information to be verified, the certificate is the identification of the content generating device, the signature is generated by the content generating device, the certificate is consistent with the device corresponding to the signature, and the security of the information to be verified is determined, so that the information source security can be verified efficiently, and the authenticity of the digital content and the authenticity of metadata such as the generation time, place, creator, acquisition parameters and the like of the digital content are ensured. By verifying the device certificate and the encryption information, whether the digital content is modified or maliciously tampered after being generated by the device and whether the digital content is generated by the device claimed by the device can be known, so that the information security is effectively ensured.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the application. Also, like reference numerals are used to designate like parts throughout the figures. In the drawings:
FIG. 1 is a schematic diagram illustrating steps of a method for verifying security of information sources according to an exemplary embodiment of the present application;
FIG. 2 is a schematic diagram of a method of generating and verifying a fusion system according to an exemplary embodiment of the present application;
FIG. 3 is a schematic diagram of a certificate and key hierarchy in an exemplary embodiment of the present application;
FIG. 4 is a schematic diagram of a content verification system in an exemplary embodiment of the present application;
FIG. 5 is a flow diagram of a method for generating and verifying an issue security module in a converged system in an exemplary embodiment of the present application;
FIG. 6 is a flow diagram of a system for generating and verifying a source of content in accordance with an exemplary embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device according to an exemplary embodiment of the present application.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Detailed Description
The present application is described in further detail below with reference to the drawings and examples, it being understood that the examples depicted herein are for purposes of illustration only and are not intended to limit the scope of the present invention. It should be further noted that, for convenience of description, only the part related to the present invention is shown in the drawings.
In the age of information flooding, ensuring the security of information is becoming an important technology. Although AIGC (artificial intelligence generated content, AI Generated Content) greatly improves the production efficiency of digital content, there are serious risks such as authenticity problems, privacy problems, ethical and ethical problems, content legitimacy problems, and the like of generated content. Tampering and counterfeiting of digital content has long been common means of affecting the authenticity of digital content. In the digital age, anyone can easily modify and forge digital content, for example, information in images can be easily modified by image editing software such as Photoshop. In addition, the copyright problem of digital contents is also a factor affecting the authenticity thereof, because digital contents can be copied and spread infinitely many times, and if digital contents are illegally copied and used, the benefits of originators will be compromised.
The technologies in the prior art for verifying the authenticity of digital content include deep learning technology, digital watermarking technology and digital signature technology. And training and learning a large number of AIGC contents by using a deep learning algorithm based on the verification of the authenticity of the digital contents by deep learning, thereby grasping the characteristics of the AIGC contents, and resisting the AIGC by AI by comparing the similarity between the contents to be detected and the training samples so as to realize the identification of the AIGC contents. The digital watermark technology is based on that the digital watermark is directly embedded into the picture or video automatically generated by AI to prevent the digital watermark from being used for illegal use. Verifying the authenticity of digital content based on digital signature technology is that an creator or copyist signs the digital content with a digital certificate representing his own identity to prove the ownership and non-tampering of the digital content.
However, the prior art has a number of problems. Firstly, a detection model for identifying AIGC content is difficult to meet the requirements of large-scale application in terms of technical principles, algorithms, training samples and the like, and the detection accuracy and practicality of the AIGC content are difficult to meet; secondly, the current digital watermarking technology is easy to avoid by means of smearing, compressing, noise adding, filtering and the like on the image, so that an attacker can remove the watermark and can add a false watermark into the digital content; third, the signature of the digital content by the creator or the copyrighter cannot prove the authenticity of the digital content, for example, a picture authored by the AIGC or a news photo maliciously modified, and still can be publically propagated by the publisher after attaching the digital signature of the publisher.
Thus, in some embodiments of the present application, a method for verifying the security of an information source is provided, as shown in fig. 1, the method comprising steps S1 to S3.
S1, receiving information to be verified.
The information to be verified is information characterizing the source of the digital content, which for the content generating device generates some kind of device credentials, then when the device credentials are received, the security of the device credentials are verified.
Thus, in one possible implementation, a trusted content generating device is determined, a device certificate is issued for the trusted content generating device, and when the trusted content generating device is invoked to generate content, a source certificate of the content is generated by using the certificate, the source certificate is used as information to be verified, and then the information to be verified is received for verification.
Specifically, determining a trusted content generating device includes: if the content generating device is provided with a pre-configured security module, the content generating device is used as a trusted content generating device, the security module is used for generating and storing a device key pair of the trusted content generating device, wherein the device key pair comprises a device private key and a device public key, and the security module is further used for signing the target digital content by using the device private key. Fig. 2 is a schematic diagram of a structure and a working method of a generating and verifying fusion system, referring to fig. 2, if a security module is included in a content generating device, the content generating device is a trusted content generating device, and a source certificate when the device generates digital content is obtained through the security module, and then the source certificate needs to be verified during content verification to determine whether the source of the digital content has security.
S2, acquiring a certificate and a signature from the information to be verified, wherein the certificate is an identification of content generating equipment, and the signature is generated by the content generating equipment, and the certificate is consistent with equipment corresponding to the signature.
In a specific implementation, when a certificate is used to generate a source certificate of content, a content generating device with a device certificate is used to generate target digital content, where the target digital content includes a data form such as a picture, a photo, a video, an audio, and the like, and then signs the target digital content. Wherein issuing a device certificate for the trusted content generating device comprises: responding to a device certificate request sent by the trusted content generating device; if the device certificate request contains the signature of the trusted content generation device, the device certificate of the trusted content generation device is issued based on a preset root private key; the device certificate is transmitted to the trusted content generating device.
Fig. 3 is a schematic diagram of a certificate and key hierarchy, and with reference to fig. 3, there is a trusted content generating device in the system that requires a device certificate to prove its identity and legitimacy. This device certificate is generated by the steps of: firstly, a content generating device requests to a certain authority, namely a device management system in fig. 3, to generate a device certificate; then, the device management system issues the device Certificate through a CA (Certificate authority) root Certificate, or adopts a multi-level CA mode to issue (multi-level) middle layer certificates by using the CA root Certificate, and issues the device Certificate by using the middle layer certificates. And in the specific issuing process, issuing a device certificate containing content generation device identity information and other related information based on the CA root private key. Finally, the generated device certificate is transmitted to the trusted content generating device so that it can use this certificate in subsequent digital content generation and signing processes.
Once the trusted content generating device has the device certificate, it is stored in the security module of the device, and the trusted content generating device may perform the following operations: digital content is generated using device certificates, which may be files, data, or other types of information, and the generated target digital content is digitally signed by a security module, which may help other systems or content consumers confirm that the content was generated by a legitimate trusted content generating device and has not been tampered with during transmission.
In one possible implementation, as shown in fig. 3, signing the target digital content includes: generating a summary corresponding to the target data content, wherein the summary comprises the target digital content and metadata; generating a device key pair of the trusted content generating device, wherein the device key pair comprises a device private key and a device public key; the digest is signed using the device private key.
Specifically, the abstract includes the target digital content itself and metadata related to the target digital content, and refers to descriptive information related to data forms such as pictures, photos, videos, audios and the like, such as generation time, places, creators and acquisition parameters. The trusted content generating device generates a device key pair comprising a device private key and a device public key, this key pair being the tool for digital signing. The device private key is kept secret, only known to the device itself, and the device public key is public and can be used to verify the validity of the signature. The generated device private key is used for carrying out digital signature on the previously generated abstract, so that the digital content can be ensured to be generated by the device with the corresponding private key through verifying the device public key, thereby ensuring the integrity and the source credibility of the data, ensuring the authenticity of the data, preventing the data from being tampered and verifying the source of the data.
S3, determining the security of the information to be verified.
Referring back to fig. 3, the device management system generates a CA root key pair including a CA root private key and a CA root public key, and then self-issues a CA root certificate using the root CA root private key, and the device management system synchronizes the CA root certificate to the content verification system, so that the content verification system obtains the CA root certificate, and the content verification system can subsequently verify the information to be verified sent by the content generation device using the CA root certificate. And acquiring a device public key of the content generation device corresponding to the information to be verified, and determining the security of the information to be verified by using the device public key and the public key corresponding to the preset root certificate.
It can be understood that the CA root certificate contains a CA root public key and related information, and the content verification system verifies whether the device certificate in the information to be verified sent by the content generating device is legal or not through the CA root public key. Moreover, the security module generates a device key pair representing the identity of the device, further generates a certificate request signed by the device private key, returns the certificate request to the device management system, and the device management system issues a device certificate by using the CA root private key, wherein the device certificate is bound with device information, so that when the device management system synchronizes the CA root certificate into the content verification system, the content verification system can acquire the device public key of the content generation device from the CA root certificate or the device certificate chain, and further can use the device public key to determine the validity, the security and the authenticity of the signature.
By verifying the device certificate and the encryption information, whether the digital content is modified or maliciously tampered after being generated by the device and whether the digital content is generated by the device claimed by the device can be known, so that the information security is effectively ensured.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
In some embodiments of the present application, a content verification system is also provided to perform the security verification method of information sources described in the embodiments of the present application. As shown in fig. 4, the system includes: a receiving module 401, configured to receive information to be verified; an obtaining module 402, configured to obtain a certificate and a signature from the information to be verified, where the certificate is an identifier of a content generating device, and the signature is generated by the content generating device, and the certificate is consistent with a device corresponding to the signature; a determining module 403, configured to determine security of the information to be verified.
In other embodiments of the present application, there is further provided a generation and verification fusion system, the structure of which may also refer to fig. 2, the system including a content generation device, a device management system, and the content verification system in the above embodiments; the content generation device is deployed with a security module.
In one possible implementation, referring to fig. 5, the issuing of the security module is applied for by the device manufacturer, i.e. the device manufacturer provides for sending information of the device integrating the security module to the device management system. The device management system generates a CA root key pair including a CA root private key and a CA root public key, self-issues a CA root certificate through the CA root private key, and then synchronizes the CA root certificate to the content verification system. Specifically, as shown in fig. 5, the device management system requests the security module to generate a certificate request, the security module generates a device key pair representing the identity of the device, further generates a certificate request signed by the device private key, returns the certificate request to the device management system, the device management system issues a device certificate by using the CA root private key, the device information is bound in the certificate, and then writes the certificate into the security module. In this way, once the security module release is complete, it is integrated into the device by the device manufacturer.
In a specific implementation, the security module is configured to generate and store a device key pair of the trusted content generating device, where the device key pair includes a device private key and a device public key, and to sign the target digital content using the device private key. Once the trusted content generating device has the device certificate, it is stored in the security module of the device, and the trusted content generating device may utilize the security module to generate and sign digital content, which may be files, data, or other types of information. When the generated target digital content is digitally signed through the security module, firstly, generating a digest corresponding to the target digital content, wherein the digest comprises the target digital content and metadata, then generating a device key pair of trusted content generating equipment, wherein the device key pair comprises a device private key and a device public key, and finally signing the digest by using the device private key.
In another possible implementation manner, referring to fig. 6, when the content verification system in the generating and verifying fusion system verifies the security of the digital content, as shown in fig. 6, the following steps are performed: the user submits digital content to be verified and source credentials of the digital content to a content verification system, and the content verification system calculates a summary of the digital content submitted by the user, wherein the summary comprises the digital content and metadata thereof sent by the user; the content verification system compares the content abstract data in the source certificate, if the content abstract data in the source certificate is inconsistent, the verification fails, whether the root certificate of the equipment certificate chain in the source certificate is consistent with the system CA root certificate is compared, and if the root certificate is inconsistent, the verification fails; verifying whether each level of signature of a certificate chain in the source certificate is correct or not, and if the signature is incorrect, the verification fails; verifying whether each level of certificate in a certificate chain in the source certificate is revoked or expired, and if the state of the certificate is incorrect, failing to verify; and verifying the device private key signature in the certificate by using the device certificate public key in the certificate, and if the device private key signature is incorrect, the verification fails. Once authenticated, the content authentication system presents the credential authentication results to the user, along with trusted content source information such as device information, time of generation, place of generation, acquisition parameters, and the like metadata.
The generation and verification fusion system generates the content source certificate and issues the security module based on the PKI system by embedding the security module in the device, and further verifies the source certificate of the target digital content by the content verification system, thereby solving the problem of judging whether the information is safe or not, namely whether the digital content is real or not. The system is simple and efficient based on the PKI system, and can learn whether the digital content is modified or maliciously tampered after being generated by the equipment and whether the digital content is generated by the equipment claimed by the system through verifying the equipment certificate and the encryption information, thereby effectively ensuring the safety of the information. The system can efficiently verify the security of information sources, thereby ensuring the authenticity of digital content and the authenticity of metadata such as generation time, place, creator, acquisition parameters and the like of the digital content.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Reference is now made to fig. 7, which is a schematic illustration of an electronic device according to some embodiments of the present application. As shown in fig. 7, the electronic device 2 includes: a processor 200, a memory 201, a bus 202 and a communication interface 203, the processor 200, the communication interface 203 and the memory 201 being connected by the bus 202; the memory 201 stores a computer program executable on the processor 200, and the processor 200 executes a security verification method of any information source according to embodiments of the present application when the computer program is executed. The method comprises the following steps: receiving information to be verified; acquiring a certificate and a signature from the information to be verified, wherein the certificate is an identification of a content generating device, and the signature is generated by the content generating device, and the certificate is consistent with a device corresponding to the signature; and determining the security of the information to be verified.
The memory 201 may include a high-speed random access memory (RAM: random Access Memory), and may further include a non-volatile memory (non-volatile memory), such as at least one disk memory. The communication connection between the system network element and at least one other network element is implemented via at least one communication interface 203 (which may be wired or wireless), the internet, a wide area network, a local network, a metropolitan area network, etc. may be used.
Bus 202 may be an ISA bus, a PCI bus, an EISA bus, or the like. The buses may be classified as address buses, data buses, control buses, etc. The memory 201 is configured to store a program, and the processor 200 executes the program after receiving an execution instruction, and the method for verifying the security of the information source disclosed in any of the foregoing embodiments of the present application may be applied to the processor 200 or implemented by the processor 200.
The processor 200 may be an integrated circuit chip with signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in the processor 200 or by instructions in the form of software. The processor 200 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but may also be a Digital Signal Processor (DSP), application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present application may be embodied directly in hardware, in a decoded processor, or in a combination of hardware and software modules in a decoded processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in the memory 201, the processor 200 reads the information in the memory 201, and the steps of the security verification method of the information source are completed by combining the hardware of the processor. The steps include: receiving information to be verified; acquiring a certificate and a signature from the information to be verified, wherein the certificate is an identification of a content generating device, and the signature is generated by the content generating device, and the certificate is consistent with a device corresponding to the signature; and determining the security of the information to be verified.
The present application also provides a computer readable storage medium corresponding to the method for verifying the security of an information source provided in the foregoing embodiment, on which a computer program is stored, which when executed by a processor, performs the method for verifying the security of an information source provided in any of the foregoing embodiments. Moreover, examples of the computer readable storage medium may include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory, or other optical and magnetic storage medium, which will not be described in detail herein.
In addition, the embodiment of the application also provides a computer program product, which comprises a computer program, and the computer program realizes the security verification method of any information source in the previous embodiments when being executed by a processor.
Those skilled in the art will appreciate that the various component embodiments of the present application may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that some or all of the functions of some or all of the components in the creation means of a virtual machine according to embodiments of the present application may be implemented in practice using a microprocessor or Digital Signal Processor (DSP).
The foregoing is merely a preferred embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions easily contemplated by those skilled in the art within the technical scope of the present application should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (12)

1. A method for verifying the security of an information source, the method comprising:
receiving information to be verified;
acquiring a certificate and a signature from the information to be verified, wherein the certificate is an identification of a content generating device, and the signature is generated by the content generating device, and the certificate is consistent with a device corresponding to the signature;
and determining the security of the information to be verified.
2. The method for verifying the security of an information source of claim 1, further comprising, prior to said receiving the information to be verified:
determining a trusted content generating device and issuing a device certificate for the trusted content generating device;
and when the trusted content generating equipment is called to generate content, generating a source certificate of the content by using the certificate, and taking the source certificate as information to be verified.
3. The method of claim 2, wherein generating the source certificate of the content using the certificate comprises:
generating target digital content by a content generating device having a device certificate;
signing the target digital content.
4. The method of claim 2, wherein said issuing a device certificate for said trusted content generating device comprises:
responding to a device certificate request generated by the trusted content generating device;
if the device certificate request contains the signature of the trusted content generation device, issuing a device certificate of the trusted content generation device based on a preset root private key;
transmitting the device certificate to the trusted content generating device.
5. A method of verifying the security of an information source as defined in claim 3, wherein signing the target digital content comprises:
generating a summary corresponding to the target data content, wherein the summary comprises the target digital content and metadata;
generating a device key pair of the trusted content generation device, wherein the device key pair comprises a device private key and a device public key;
signing the digest using the device private key.
6. The method for verifying the security of an information source according to claim 1, wherein the determining the security of the information to be verified comprises:
acquiring a preset root certificate;
and determining the security of the information to be verified by using the preset root certificate.
7. The method of claim 5, wherein determining the security of the information to be verified using the preset root certificate comprises:
acquiring an equipment public key of content generation equipment corresponding to information to be verified;
and determining the security of the information to be verified by using the public key of the equipment and the public key corresponding to the preset root certificate.
8. A method of verifying the security of an information source as defined in claim 3, wherein the determining a trusted content generating device comprises:
and if the content generating device is provided with a pre-configured security module, the content generating device is used as a trusted content generating device, the security module is used for generating and storing a device key pair of the trusted content generating device, wherein the device key pair comprises a device private key and a device public key, and the security module is further used for signing the target digital content by using the device private key.
9. A content verification system, the system comprising:
the receiving module is used for receiving the information to be verified;
the acquisition module is used for acquiring a certificate and a signature from the information to be verified, wherein the certificate is an identification of content generating equipment, and the signature is generated by the content generating equipment, and the certificate is consistent with equipment corresponding to the signature;
and the determining module is used for determining the security of the information to be verified.
10. A generation and verification fusion system, characterized in that the system comprises a content generation device, a device management system and a content verification system according to claim 9; the content generation device is deployed with a security module.
11. An electronic device comprising a memory and a processor, wherein computer readable instructions are stored in the memory, which when executed by the processor cause the processor to perform the method of verifying the security of an information source according to any one of claims 1-8.
12. A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements a method for verifying the security of an information source according to any one of claims 1-8.
CN202311864613.5A 2023-12-29 2023-12-29 Information source security verification method, system, equipment and medium Pending CN117857058A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311864613.5A CN117857058A (en) 2023-12-29 2023-12-29 Information source security verification method, system, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311864613.5A CN117857058A (en) 2023-12-29 2023-12-29 Information source security verification method, system, equipment and medium

Publications (1)

Publication Number Publication Date
CN117857058A true CN117857058A (en) 2024-04-09

Family

ID=90530595

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311864613.5A Pending CN117857058A (en) 2023-12-29 2023-12-29 Information source security verification method, system, equipment and medium

Country Status (1)

Country Link
CN (1) CN117857058A (en)

Similar Documents

Publication Publication Date Title
CN107566116B (en) Method and apparatus for digital asset weight registration
US20210081551A1 (en) Method, apparatus, and electronic device for blockchain-based recordkeeping
US11258612B2 (en) Method, apparatus, and electronic device for blockchain-based recordkeeping
CN111538784B (en) Digital asset transaction method, device and storage medium based on blockchain
CN112801663B (en) Blockchain certification method, device, system, equipment and medium
CN110826091B (en) File signature method and device, electronic equipment and readable storage medium
CN113536284A (en) Method, device, equipment and storage medium for verifying digital certificate
US7739500B2 (en) Method and system for consistent recognition of ongoing digital relationships
EP3393123A1 (en) Digital forensic image verification system
CN116506134B (en) Digital certificate management method, device, equipment, system and readable storage medium
CN117134893A (en) Digital collection processing method, device and system
CN110826034B (en) File signature method and device, electronic equipment and readable storage medium
WO2023041212A1 (en) Method of verification for machine learning models
CN117857058A (en) Information source security verification method, system, equipment and medium
JP2013157777A (en) Information processing system and information processing method
US20060212699A1 (en) Method and apparatus for certifying a design of a software computer program
WO2024027783A1 (en) Method and system for processing digital content, method and system for confirming copyrights of digital content, and method and system for tracing digital content
CN116522289B (en) Multi-view image copyright protection method, device and medium based on blockchain
WO2024040444A1 (en) Data processing method and apparatus, and device, movable platform, unmanned aerial vehicle, storage medium and program product
CN116992494B (en) Security protection method, equipment and medium for scenic spot data circulation
CN115186286B (en) Model processing method, device, equipment, readable storage medium and program product
US20230385811A1 (en) Secure and decentralized payment for digital media content via certificates with wallet information
WO2021082404A1 (en) Information monitoring method, system, device, and storage medium
TW201721579A (en) Secure image pipeline
JP2005175652A (en) Content distribution system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination