CN1477552A - Physical certificate cross-application intercommunication method in digital certificate identification system - Google Patents
Physical certificate cross-application intercommunication method in digital certificate identification system Download PDFInfo
- Publication number
- CN1477552A CN1477552A CNA031292828A CN03129282A CN1477552A CN 1477552 A CN1477552 A CN 1477552A CN A031292828 A CNA031292828 A CN A031292828A CN 03129282 A CN03129282 A CN 03129282A CN 1477552 A CN1477552 A CN 1477552A
- Authority
- CN
- China
- Prior art keywords
- entity
- application
- certificate
- attribute information
- digital certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The present invention adopts the separation method of certificate information from attribute information, the portion tightly combined with application in the original certificate information is extracted, and can be used as attribute information. Said attribute information can ensure authority by means of signature of CA mechanism, and has several storage modes, at the same time the digital certificate is the identification and certification of unique identity of entity. After separation of digital certificate from attribute information their service management can adopt more flexible mode so as to utilize different properties of digital certificate and attribute information, and utilizes the attribute information issue, entity certificate issue, certificate cancel and attribute information application so as to implement combination, cross-application and intercommunication of entity certificate and attribute information.
Description
Technical field
What the present invention relates to is a kind of digital certificate authentication method, and the entity certificate is striden the application interoperability methods in the particularly a kind of digital certificate authentication system, belongs to computing machine and field of information security technology.
Background technology
The digital authenticating trust techniques mainly is the benchmark that a trust is provided for network information space, promptly set up a kind of mapping relations between the entity role in entity and virtual cyberspace, so that the trusting relationship in the physical world of reality can be transplanted in the virtual cyberspace.Digital certificate is not only used in the activity of typical electronic businesses at present, and along with the development of E-Government obtains general application in each application.So a new requirement that the entity certificate can use has been proposed digital Verification System in striding application.The digital certificate authentication system provides the certificate trust service towards a plurality of application.Usually when the certificate trust service is provided, require certificate must be able to include the various apply property information of entity, to satisfy the different requirements of different application to entity information.
Find that by literature search the digital certificate authentication systematic research mainly concentrates on digital certificate on the using method of single application, Chinese patent application number: 00123530.3, title: universal electronic information network authentication system and method.This patent provides the electronic information of creating for the user that network signatures and corresponding signature verification are provided, but does not consider and at present use and how to realize that a certificate strides actual environments such as using intercommunication that have the following disadvantages: (1) certificate is heavily signed too frequent.In case entity attribute information changes when maybe needing to increase, and will roll up the operating load at digital authenticating center, and the renewal frequency of certificate blacklist and capacity are significantly promoted.(2) pressure of information issuing system increases.Too frequent certificate is heavily signed operation, also will directly have influence on its service performance, causes the fearless waste of system resource.(3) management of certificate related service is very difficult.The regular annual test of every profession and trade, expired because of user certificate, authorize again to the user and increased many troubles, easily cause every profession and trade certificate management confusion.(4) be unfavorable for the on-line loaded application.The possibility of potential safety hazard the increase system appears in frequent online grant a certificate again.Therefore, this pattern just is unfavorable for the realization that on-line loaded is used.
Summary of the invention
The objective of the invention is to overcome deficiency of the prior art, provide in a kind of digital certificate authentication system entity certificate to stride the application interoperability methods, make its solve above-mentioned use especially to stride to certificate use intercommunication and bring disadvantageous problem, quicken the popularization of digital certificate authentication system.
The present invention is achieved by the following technical solutions, the method that the present invention takes certificate information and attribute information to be separated, part extracts as attribute information with combining more closely with application in original certificate information, attribute information can guarantee authority by the signature of CA mechanism, and attribute information can have multiple mode to store; Digital certificate is the sign and the proof of the unique identity of entity, and digital certificate is with after attribute information separates, and flexible way is more taked in their service management, with the corresponding digital certificate characteristic different with attribute information; Use by the certificate behind attribute information granting, entity certificate issued, certificate calcellation, the employing attribute information, realization entity certificate combines with attribute information and strides the application intercommunication.The entity certificate combines with attribute information to use and can guarantee the security of using.Different application can have different attribute informations, but only uses an entity certificate, can realize the use of " card is logical ", has strengthened the extendability of system simultaneously again.
Below the present invention is further illustrated, particular content is as follows:
1, attribute information
The attribute specification that attribute information is an entity in concrete application the, these attributes can comprise the application identity, visit qualification, operating right of entity etc.Attribute information is corresponding with application, and may there be a plurality of attribute informations in an entity; Entity may all have an attribute information in a plurality of application; But entity only has a digital certificate.Attribute information does not comprise PKI, and its trusted identifier is the signature of CA center to it.The term of validity that comprises this apply property in the attribute information, the term of validity of the term of validity of apply property and entity certificate can be different, in case all apply properties also lost efficacy but the entity certificate loses efficacy.Unique ID by representing entity identities is as attribute information and entity digital certificate corresponding identification.
Attribute information is stored in the attribute carrier, and the attribute carrier can have following several mode: (1) Attribute certificate: adopt certificate mode (X.509) coding, be stored in the LDAP system, and issue outwards is provided.(2) database: be stored in the database in the record mode, offer the application safety system queries.(3) file: with file mode storage file server or in entity certificate medium, as IC-card, USB token card etc.
2, the application of digital certificate and attribute information is accepted
The digital certificate authentication system generally mainly uses with main region and sets up RA branch offices respectively at each, is responsible for the accepting of entity certificate in the scope separately.
● can sign and issue the attribute information of this application for the application of having the RA system; For the application of not building RA, signing and issuing of its attribute information can be undertaken by the trust of CA center, also can be undertaken by the RA agency of other application; The entity digital certificate all can be signed and issued in all sites.
● each is used, each regional attribute information delivery system issue entity attribute information and attribute information blacklist ACRL separately; And each use, whole all digital certificate and the digital certificate blacklist CRL of each regional LDAP system issue.
● using that RA mechanism is responsible for accepting should be with the certificate request of interior entity, comprises the application of accepting the entity digital certificate and the application of entity attribute information.For having applied for the entity of digital certificate,, then only need to applying for that promptly entity attribute information gets final product with load application if also be the entity that to use in other application or region R A mechanism; Must carry the entity digital certificate during application, but not need the entity digital certificate is done change.
● region R A mechanism also can be entity and signs and issues attribute information, for using the service that provides in the one's respective area; And for having applied for the entity of digital certificate in other application or zone, then only need can realize the loading of one's respective area application to one's respective area RA mechanism application entity attribute information.
● the certificate service handling between each RA mechanism is conflict not.Using that RA mechanism accepts should be with interior entity application, region R A mechanism accepts the entity application of one's respective area, for both common entity groups, then can arrive first the entity attribute information of using RA mechanism application entity digital certificate and this application, only need then to apply for that to region R A mechanism this regional entity attribute information gets final product; Vice versa.Equally, for the common physical group between using and using, the common physical group between zone and the zone also is to apply for certificate in this way.
3, the entity certificate combines with attribute information and strides the application intercommunication
The entity certificate combines with attribute information to stride and uses intercommunication and mainly comprise following content:
(1) attribute information granting
At first, using the first time of realizing user certificate by one provides on a large scale; When this time issued licence, promptly provided user's entity certificate, also provided this user at the Attribute certificate that should use;
Secondly, when these users need to load the application of (open-minded) other application, then apply for: to the site application of relevant industries by dual mode; Apply for the website at online access CA center.
In addition, when certificate was applied in the site arbitrarily, this user's digital certificate promptly will be provided in this site, provides the attribute information of this user in this application simultaneously for new user (referring to never apply for the user of certificate).
(2) entity certificate issued
Owing to adopted the user property certificate to preserve user's apply property information, the unique identify label that therefore only needs to preserve the user in the entity certificate gets final product.So, then simplified the business of accepting of entity certificate.Specific as follows:
Analyze technically, the user can arrive the site application digital certificate of any one RA mechanism; And analyze from business, then the user at first should be according to separately application demand to corresponding RA mechanism application digital certificate.After user's first application certificate is finished, promptly obtain own unique entity certificate, also possessed the attribute information of this RA mechanism (application) simultaneously; When the user need load other when using, only need to use loading and get final product to the RA mechanism site of accepting related application, the loading of using can be realized by the attribute information of signing and issuing this mechanism for the user in the site, user's entity certificate is constant.
(3) certificate cancels
The abolishment of entity certificate comprises two aspects, the calcellation of the calcellation of entity digital certificate and entity attribute information.
● the calcellation of entity digital certificate can provide service handling by the site of each RA mechanism, but must unify supervision and management by the digital authenticating center, set up unified digital certificate management system, if necessary, the digital authenticating center also can participate in the audit to certificate calcellation application.
● the calcellation of entity attribute information can only provide service handling by the site of this RA mechanism.Entity attribute information is only effective to the application of this RA mechanism in-scope, so entity attribute information can be managed independently by each RA mechanism.So, then made things convenient for each application, each zone to the management of entity in application, when application need was forbidden the application permission of certain entity, the attribute information of this entity in should using need only be cancelled get final product.
(4) certificate behind the employing attribute information is used
Certificate application flow behind the employing attribute information is as follows:
● entity adopts digital certificate login application system (employing of attribute information is transparent fully to entity, and the operation of entity end does not change);
● application system is carried out authentication by the entity certificate to entity, use by after the checking to the entity digital certificate, obtain this attributes of entities information on the unique identification dependency information publishing point (LDAP, database, file) according to this entity digital certificate;
● after the getattr information, security gateway passes to application system with correlation attribute information, can finish relevant application and handle.
The present invention has substantive distinguishing features and marked improvement, and compared with prior art, the present invention has the following advantages: (1) digital certificate is the sign and the proof of the unique identity of entity; And the attribute specification that attribute information is an entity in concrete the application, these attributes can comprise the application identity, visit qualification, operating right of entity etc.(2) solve the entity certificate and sign and issue too frequent problem again.The entity certificate need only be signed and issued once, and when needs loaded the application of different application, the site application attribute information that need only arrive this application got final product.(3) unified digital certificate and the CRL information of each LDAP system issue that distributes, behind the employing attribute information, the information changing of entity digital certificate can reduce in a large number; Respectively attribute information of using and ACRL information only should issued with the LDAP system, and irrelevant between other application LDAP system, have simplified the synchronization policy of Distributed LDAP system.(4) the entity digital certificate is crossed after date, need only arrive any one site and examine, and can realize the extension of certificate or heavily signs.(5) each uses the management of application entity separately very convenient.Attributes of entities information can be defined or change by applying flexible fully, and does not need carrying out standard or gathering in advance; The audit of entity attribute information, application, abolishment, renewal etc. all oneself are responsible for finishing by using, and have ensured the unitarity and the simplicity of management; The digital certificate of the whole entities of digital authenticating centre management, each application management is attributes of entities information separately, and it is clear to manage.(6) in concrete certificate application process, to the not influence of original application system.For example, after security gateway checking entity digital certificate passes through, can inquire about this attributes of entities information to the attribute information publishing point according to the unique ID of entity, obtain this attributes of entities information, thereby pass to application system again and realize the requirement (to application system, the realization mechanism of with original employing digital certificate preserving entity attribute information as broad as long) of application entity attribute information.(7) strengthened the extendability of system.Current, only deposited the needed entity attribute information of using in the entity attribute information, as the tax registration of tax application need entity number etc.; According to demand, the application permission information of entity also can be write in the entity attribute information, thereby be realized building based on the granted access hierarchy of control of attribute information.(8) be convenient to the realization of certificate user on-line loaded application function.The online service system can confirm user identity according to user certificate, after the audit by related application mechanism, need not operate and can sign and issue the user property certificate the user certificate medium, and promptly safety is convenient again.
Embodiment
Provide following examples in conjunction with content of the present invention:
With a provincial digital certificate authentication system is example, and its demand side provides the certificate trust service to a plurality of industries.When the certificate trust service is provided, require certificate must be able to include user's various apply property information, to satisfy the different requirements of different industries application to user profile.Carrying out stage by stage of its application carries out simultaneously, and the phase one is carried out industry and commerce, tax industry and the application of developed regions inside the province, and subordinate phase is carried out the application of bank, customs's industry, and the phase III is carried out the application of other industry.It is as follows to adopt the inventive method to use:
(1) in industrial and commercial, the tax and set up the RA system in developed regions and the digital certificate authentication system inside the province, externally can issue unified entity certificate, the user only needs just can receive corresponding entity certificate to a RA system;
(2) industry RA mechanism is responsible for accepting the certificate request of the user in the industry, comprises the application of accepting the entity certificate and the application of attribute information.For having applied for the user of entity certificate,, then only need to apply for promptly that to the industry load application customer attribute information gets final product if also be the user of the industry in other industry or districts and cities RA mechanism; Must carry the entity certificate during application, but not need the entity certificate is done change.The main To enterprises of industry RA provide service.
(3) districts and cities RA mechanism build the Information Office of prefectures and cities in, accepts this city user's entity certificate request by municipal government office hall.Equally, districts and cities RA mechanism also can be the user and signs and issues attribute information, for this city is provided by the service that provides; And for the user who has applied for the entity certificate in other industry or districts and cities, then only need can realize the loading of these districts and cities application to these districts and cities RA mechanism application customer attribute information.Districts and cities RA mainly provide service towards the individual.
(4) not conflict of the certificate service handling between each RA mechanism of the whole province.For the common customer group of industry RA mechanism, then can arrive first the user property certificate of an industry RA mechanism application customer digital certificate and the sector, only need the user property certificate of other industry RA mechanism application the sector to get final product then.Equally, for the co-user group between districts and cities and the districts and cities, also be to apply for certificate in this way.
Adopt this mode to make up the digital certificate authentication system, after industries such as subordinate phase bank, customs add, do not need system is changed.The attribute information that only needs to set up the sector application in industries such as bank, customs is signed and issued system.For original entity certificate user, do not need to change original entity certificate, add bank or customs's sector application as need, only need bank or customs's industry to sign and issue apply property information and get final product.
As seen, the application of attribute information on the one hand not for entity brings extra operation, does not bring extra change (change is mainly realized by Security Certificate gateway and CA system) for application system on the other hand yet; And meanwhile, but can stride application for the CA center solves, trans-regional issue licence and use the variety of issue that is brought.
Claims (8)
1, the entity certificate is striden the application interoperability methods in a kind of digital certificate authentication system, it is characterized in that, the method of taking certificate information and attribute information to be separated, part extracts as attribute information with combining more closely with application in original certificate information, attribute information guarantees authority by the signature of CA mechanism, and attribute information has multiple mode to store, digital certificate is the sign and the proof of the unique identity of entity simultaneously, digital certificate is with after attribute information separates, their service management can be taked flexible way more, and by the attribute information granting, the entity certificate issued, certificate cancels, the application of attribute information, realization entity certificate combines with attribute information and strides the application intercommunication.
2, the entity certificate is striden the application interoperability methods in the digital certificate authentication according to claim 1 system, it is characterized in that, described attribute information is the attribute specification of entity in concrete the application, these attributes comprise the application identity of entity, the visit qualification, operating right etc., attribute information is corresponding with application, there are a plurality of attribute informations in an entity, perhaps entity all has an attribute information in a plurality of application, but entity only has a digital certificate, the unique identification that comprises the entity certificate in the attribute information, its trusted identifier is the signature of CA center to it, the term of validity that comprises this apply property in the attribute information, this term of validity can define voluntarily according to the requirement of using, in case all apply properties also lost efficacy but the entity certificate loses efficacy, the unique ID by representing entity identities is as attribute information and entity digital certificate corresponding identification.
3, the entity certificate is striden the application interoperability methods in the digital certificate authentication according to claim 1 and 2 system, it is characterized in that, attribute information is stored in the attribute carrier, the attribute carrier has following several mode: (1) Attribute certificate: adopt the certificate mode to encode, be stored in the LDAP system, and outwards provide issue, (2) database: be stored in the database in the record mode, offer the application safety system queries, (3) file: with file mode storage file server or in entity certificate medium.
4, the entity certificate is striden the application interoperability methods in the digital certificate authentication according to claim 1 system, it is characterized in that the application of described digital certificate and attribute information is accepted, and is specific as follows:
● sign and issue the attribute information of this application for the application of having the RA system, for the application of not building RA, signing and issuing by the trust of CA center of its attribute information undertaken, and perhaps the RA agency by other application carries out, and the entity digital certificate all can be signed and issued in all sites;
● each is used, each regional attribute information delivery system issue entity attribute information and attribute information blacklist ACRL separately, and each is used, whole digital certificate and the digital certificate blacklist CRL of each regional LDAP system issue;
● using that RA mechanism is responsible for accepting should be with the certificate request of interior entity, comprise the application of accepting the entity digital certificate and the application of entity attribute information, for the entity of having applied for digital certificate in other application or region R A mechanism, if also be the entity that to use, then to applying for that promptly entity attribute information gets final product, and must carry the entity digital certificate during application with load application;
● region R A mechanism also can be entity and signs and issues attribute information, for using the service that provides in the one's respective area,, then only need to realize the loading that use the one's respective area at other application or the regional entity of having applied for digital certificate for to one's respective area RA mechanism application entity attribute information;
● the certificate service handling between each RA mechanism can and be deposited, using that RA mechanism accepts should be with interior entity application, region R A mechanism accepts the entity application of one's respective area, for both common entity groups, then arrive first the entity attribute information of using RA mechanism application entity digital certificate and this application, apply for that to region R A mechanism this regional entity attribute information gets final product then, vice versa; Equally, for the common physical group between using and using, the common physical group between zone and the zone also is to apply for certificate in this way.
5, the entity certificate is striden the application interoperability methods in the digital certificate authentication according to claim 1 system, it is characterized in that, and described attribute information granting, specific as follows:
At first, use the first time of realizing user certificate by one and provide on a large scale, when this time issued licence, promptly provide user's entity certificate, also provide this user at the Attribute certificate that should use;
Secondly, when these users need load the application of other application, then apply for: apply for to the site application of relevant industries and the website at online access CA center by dual mode;
In addition, when certificate was applied in the site arbitrarily, this user's digital certificate was promptly provided in this site, provides the attribute information of this user in this application simultaneously for the user who never applied for certificate.
6, the entity certificate is striden the application interoperability methods in the digital certificate authentication according to claim 1 system, it is characterized in that, and described entity certificate issued, specific as follows:
The user can arrive the site application digital certificate of any one RA mechanism, but on business, the user at first should be according to separately application demand to corresponding RA mechanism application digital certificate, after user's first application certificate is finished, promptly obtained own unique entity certificate, the attribute information that has also possessed simultaneously this RA mechanism, when the user need load other application, only need to use loading to the RA mechanism site of accepting related application and get final product, the loading of using can be realized in the site by the attribute information of signing and issuing this mechanism for the user.
7, the entity certificate is striden the application interoperability methods in the digital certificate authentication according to claim 1 system, it is characterized in that, described certificate cancels, and is specific as follows:
The abolishment of entity certificate comprises two aspects, the calcellation of the calcellation of entity digital certificate and entity attribute information:
● the calcellation of entity digital certificate provides service handling by the site of each RA mechanism, but must unify supervision and management by the digital authenticating center, sets up unified digital certificate management system, and perhaps the digital authenticating center also participates in the audit to certificate calcellation application;
● the calcellation of entity attribute information can only provide service handling by the site of this RA mechanism, entity attribute information is only effective to the application of this RA mechanism in-scope, therefore entity attribute information is managed independently by each RA mechanism, when application need was forbidden the application permission of certain entity, the attribute information of this entity in should using need only be cancelled got final product.
8, the entity certificate is striden the application interoperability methods in the digital certificate authentication according to claim 1 system, it is characterized in that, the certificate behind the described employing attribute information is used, and application flow is as follows:
● entity adopts digital certificate login application system, and the employing of attribute information is transparent fully to entity;
● application system is carried out authentication by the entity certificate to entity, using by after the checking to the entity digital certificate, is to obtain this attributes of entities information on LDAP, database, the file according to the unique identification dependency information publishing point of this entity digital certificate;
● after the getattr information, security gateway passes to application system with correlation attribute information, can finish relevant application and handle.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA031292828A CN1477552A (en) | 2003-06-12 | 2003-06-12 | Physical certificate cross-application intercommunication method in digital certificate identification system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA031292828A CN1477552A (en) | 2003-06-12 | 2003-06-12 | Physical certificate cross-application intercommunication method in digital certificate identification system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1477552A true CN1477552A (en) | 2004-02-25 |
Family
ID=34153474
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA031292828A Pending CN1477552A (en) | 2003-06-12 | 2003-06-12 | Physical certificate cross-application intercommunication method in digital certificate identification system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1477552A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1838593B (en) * | 2005-03-07 | 2010-12-01 | 富士施乐株式会社 | Certificate acquisition system, certificate acquisition method, management communication apparatus and certification authority |
| CN101163012B (en) * | 2007-11-20 | 2010-12-08 | 江苏先安科技有限公司 | System and method of checking fine grit of digital certificate |
| CN101218779B (en) * | 2005-07-14 | 2011-09-07 | 微软公司 | User mapping information extension for protocols |
| CN102255925A (en) * | 2011-08-30 | 2011-11-23 | 公安部第三研究所 | Rapid digital certificate application auditing method |
| CN102402653A (en) * | 2010-09-16 | 2012-04-04 | 金蝶软件(中国)有限公司 | Method, system and terminal for controlling authority of data among different kinds of application |
| CN103684770A (en) * | 2012-09-10 | 2014-03-26 | 国网信息通信有限公司 | Digital certificate authentication based service system agent access method and device |
| CN104052597A (en) * | 2013-03-11 | 2014-09-17 | 江苏国盾科技实业有限责任公司 | Certificate issuing system based on SM2 algorithm |
| CN105099680A (en) * | 2014-05-05 | 2015-11-25 | 中国电子信息产业发展研究院 | Method of authenticating user identity according to digital certificate and device |
| CN105099679A (en) * | 2014-05-05 | 2015-11-25 | 中国电子信息产业发展研究院 | Method of applying digital certificate to user identity authentication and device |
| CN105099681A (en) * | 2014-05-05 | 2015-11-25 | 中国电子信息产业发展研究院 | Method of applying digital certificate to user identity authentication and device |
| CN103873237B (en) * | 2012-12-17 | 2017-02-08 | 上海格尔软件股份有限公司 | Method for querying public key certificates of users between PKI (public key infrastructure)-system-based application systems |
| CN109005029A (en) * | 2018-06-25 | 2018-12-14 | 北京迪曼森科技有限公司 | Trusted application mark generation method and system, application method and apply end equipment |
-
2003
- 2003-06-12 CN CNA031292828A patent/CN1477552A/en active Pending
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1838593B (en) * | 2005-03-07 | 2010-12-01 | 富士施乐株式会社 | Certificate acquisition system, certificate acquisition method, management communication apparatus and certification authority |
| CN101218779B (en) * | 2005-07-14 | 2011-09-07 | 微软公司 | User mapping information extension for protocols |
| CN101163012B (en) * | 2007-11-20 | 2010-12-08 | 江苏先安科技有限公司 | System and method of checking fine grit of digital certificate |
| CN102402653A (en) * | 2010-09-16 | 2012-04-04 | 金蝶软件(中国)有限公司 | Method, system and terminal for controlling authority of data among different kinds of application |
| CN102255925B (en) * | 2011-08-30 | 2016-01-20 | 公安部第三研究所 | A kind of rapid digital certificate application auditing method |
| CN102255925A (en) * | 2011-08-30 | 2011-11-23 | 公安部第三研究所 | Rapid digital certificate application auditing method |
| CN103684770A (en) * | 2012-09-10 | 2014-03-26 | 国网信息通信有限公司 | Digital certificate authentication based service system agent access method and device |
| CN103873237B (en) * | 2012-12-17 | 2017-02-08 | 上海格尔软件股份有限公司 | Method for querying public key certificates of users between PKI (public key infrastructure)-system-based application systems |
| CN104052597A (en) * | 2013-03-11 | 2014-09-17 | 江苏国盾科技实业有限责任公司 | Certificate issuing system based on SM2 algorithm |
| CN105099681A (en) * | 2014-05-05 | 2015-11-25 | 中国电子信息产业发展研究院 | Method of applying digital certificate to user identity authentication and device |
| CN105099679A (en) * | 2014-05-05 | 2015-11-25 | 中国电子信息产业发展研究院 | Method of applying digital certificate to user identity authentication and device |
| CN105099680A (en) * | 2014-05-05 | 2015-11-25 | 中国电子信息产业发展研究院 | Method of authenticating user identity according to digital certificate and device |
| CN105099681B (en) * | 2014-05-05 | 2019-02-12 | 中国电子信息产业发展研究院 | A kind of method and device using digital certificate authentication user identity |
| CN105099680B (en) * | 2014-05-05 | 2019-02-12 | 中国电子信息产业发展研究院 | A kind of method and device according to digital certificate authentication user identity |
| CN109005029A (en) * | 2018-06-25 | 2018-12-14 | 北京迪曼森科技有限公司 | Trusted application mark generation method and system, application method and apply end equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2018348320B2 (en) | A domain name scheme for cross-chain interactions in blockchain systems | |
| AU2018347193B2 (en) | Cross-chain interactions using a domain name scheme in blockchain systems | |
| Bano et al. | The road to scalable blockchain designs | |
| WO2020154865A1 (en) | Progressive ip removal method and system supporting multi-mode identifier network addressing and storage medium | |
| US20030229812A1 (en) | Authorization mechanism | |
| US7185359B2 (en) | Authentication and authorization across autonomous network systems | |
| CN1477552A (en) | Physical certificate cross-application intercommunication method in digital certificate identification system | |
| CN102420690B (en) | Fusion and authentication method and system of identity and authority in industrial control system | |
| Mukne et al. | Land record management using hyperledger fabric and ipfs | |
| GB2377057A (en) | Globally restricting client access to a secured web site | |
| CN108170857B (en) | A kind of method for building up and call method of the cross-domain interconnection services of electronics license | |
| Al-Khouri | PKI in government digital identity management systems | |
| CN102487377A (en) | Authentication and authority management system | |
| CN111506590A (en) | Digital work copyright authority confirming and transaction credible record management method | |
| Zhou et al. | Implement role based access control with attribute certificates | |
| Kwame et al. | V-chain: A blockchain-based car lease platform | |
| US11683186B1 (en) | Cryptographically generated data tethered to biological dataset through synchronization over peer-to-peer nodes for certification | |
| Song et al. | Smart contract-based trusted content retrieval mechanism for NDN | |
| WO2007022107A2 (en) | Managing and using shared digital information on a network | |
| Xiong et al. | BDIM: A Blockchain-Based Decentralized Identity Management Scheme for Large Scale Internet of Things | |
| Gao et al. | Data right confirmation mechanism based on blockchain and locality sensitive hashing | |
| CN109905388B (en) | Domain name credit processing method and system based on block chain | |
| CN1349327A (en) | Hierarchical network information content managing method based on public key basic facilities | |
| US11652639B1 (en) | Cryptographically generated data tethered to biological dataset through synchronization over peer-to-peer nodes | |
| Skinner et al. | A framework of privacy shield in organizational information systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |