CN201057649Y - Information interactive affirmation device in internetwork communication - Google Patents
Information interactive affirmation device in internetwork communication Download PDFInfo
- Publication number
- CN201057649Y CN201057649Y CNU2007201488728U CN200720148872U CN201057649Y CN 201057649 Y CN201057649 Y CN 201057649Y CN U2007201488728 U CNU2007201488728 U CN U2007201488728U CN 200720148872 U CN200720148872 U CN 200720148872U CN 201057649 Y CN201057649 Y CN 201057649Y
- Authority
- CN
- China
- Prior art keywords
- information
- interface unit
- processing apparatus
- receives
- information processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Images
Abstract
The utility model discloses an information exchange acknowledging device in network communication. Through solidifying the device of safety operation system, the utility model receives the content of current information exchange and provides the content to users from client, which ensures the provided information not to be controlled by external part to guarantee the reality of information and make user be able to receive real information of current information exchange, input confirmation command by a confirmation input component which is not controlled by computer virus and confirm the current information exchange process by conducting digital signature and other security certificate processing according to the confirmation command. As for that, even if the client receives security attack, the utility model can ensure that user receives the real information of current information exchange, which improves the reliability of security certificate.
Description
Technical field
The utility model relates to secure authentication technology, particularly the information interactive affirmation device in the network service.
Background technology
Along with the continuous development of the network communications technology, ecommerce has obtained application more and more widely.Ecommerce has changed the operating mode of traditional commercial affairs, greatly improved commercial efficiency and reduced transaction cost, yet ecommerce is also simultaneously facing to huge security threat.
But ecommerce also exists bigger potential safety hazard.For example, the user utilizes password to land the account of oneself by client, thereby carries out e-commerce transaction, if but invalid user stealing user cipher, operation such as then can land this user's account simply and transfer accounts, thus cause enormous economic loss for this user.
Therefore, in the information interaction of communications Network Based such as ecommerce, all take various safety certification means to improve the fail safe of information interaction usually, thereby guarantee user's interests.
USB Key is a kind of safety certification device based on digital signature.Storage digital certificate and key among the USB Key, and the corresponding unique sequence number of each USB Key.The user links to each other USB Key with client, USB Key can be by carrying out the digital signature operation to realize the safety certification to information interactions such as for example e-commerce transactions between client and the network side server.
Though USB Key can realize safety certification, make the disabled user who has usurped user cipher can't land this user's account, can't guarantee that the employed client of this user can not be subjected to the security attack in the network.
For example, the employed client of user has been suffered the invasion of trojan horse, carry out the operation of information interaction such as e-commerce transaction if the user logins its account, then the disabled user will utilize trojan horse operating electronic business customer end software, to the illegal operation such as transfer accounts of this user's account.
Because USB Key is a kind of equipment that is connected on the computer USB interface, this safety certification device based on digital signature procedure all be to finish by the software that is installed in client, if software is controlled by trojan horse, then can utilize trojan horse under the unwitting situation of user, to finish the safety certification process of digital signature by USB Key.And, even if the user is before the USB Key that uses oneself carries out digital signature, to confirm the own current information interaction content that need confirm by digital signature by the information that client shows earlier, but trojan horse can also be made amendment to the information that client shows, makes that the shown information of client is inconsistent with the actual mutual information content.At this moment, though the shown content of user approval client, the information content in its information interactive process of confirming by digital signature is also inconsistent with shown content.
Except USB Key, the dynamic token technology also is the higher safety certification means of a kind of existing level of security.But the dynamic token technology also can't guarantee the employed client of user and can not be subjected to the security attack in the network.
As seen, existing secure authentication technology can't guarantee the fail safe of information interaction in the network service, thereby reliability is not high.
The utility model content
In view of this, a main purpose of the present utility model is: the information interactive affirmation device in a kind of network service is provided, can improves the reliability of safety certification.
According to an above-mentioned main purpose, the utility model provides the information interactive affirmation device in a kind of network service, comprising: information indicating parts, affirmation input block, information processing apparatus and interface unit, wherein,
Described interface unit links to each other with external client, and reception will be from the information of external client; To export to external client from the safe authentication code of described information processing apparatus;
Described information indicating parts receive and export the information that described interface unit receives;
Described affirmation input block, externally control is confirmed instruction to described information processing apparatus output down;
Described information processing apparatus, the affirmation instruction of confirmation of receipt input block input, according to the affirmation instruction that receives, and based on the embedded system or the firmware program of its inside, the information that described interface unit receives is carried out the cryptography arithmetic processing, generate safe authentication code; The safe authentication code of described generation is exported to described interface unit.
Described information processing apparatus links to each other with described information indicating parts;
Described information indicating parts receive the information that described interface unit receives by described information processing apparatus.
Described information processing apparatus is further resolved the information that described interface unit receives;
The information that the described interface unit that described information indicating parts receive receives is the information after resolving.
Described information indicating parts link to each other with described interface unit, directly receive the information that described interface unit receives;
Described information indicating parts further link to each other with described information processing apparatus, and the information that the described receiving-member that receives receives is exported to described information indicating parts.
Described information indicating parts link to each other with described interface unit, directly receive the information that described interface unit receives;
Described information processing apparatus links to each other with described interface unit, directly receives the information that described interface unit receives.
Described affirmation instruction is to import behind the validation of information of user according to described information indicating parts output.
Described information indicating parts are display device or voice messaging playback equipment.
Described affirmation input block is button and/or fingerprint identification device and/or infrared inductor and/or speech recognition equipment and/or eye mask identification control device.
Described interface unit is serial line interface or parallel interface or 1394 interfaces, general-purpose serial bus USB interface or blue tooth interface or infrared interface or Wireless Fidelity Wi-Fi interface or radio frequency discrimination RFID interface or wireless lan interfaces.
The network terminal of described external client for linking to each other with network side server by computer network or mobile communications network;
The described network terminal is: computer or personal digital assistant PDA or mobile phone.
As seen from the above technical solution, the utility model is by having solidified the device of SOS, receive the mutual content of current information and offer the user from client, guaranteed that the information that provides is not subjected to external control, thereby guaranteed the authenticity of this information, and then make the user can know the real information that current information is mutual, and can instruct into the parts input validation by not given up really by computer virus control, and can instruct safety certifications such as carrying out digital signature to handle according to confirming, to confirm current information interactive process.Like this,, can guarantee that also the user knows the real information of current information reciprocal process, improve the reliability of safety certification even if client is subjected to security attack.
Description of drawings
Fig. 1 is the structural representation of information interactive affirmation device among the utility model embodiment one.
Fig. 2 is the structural representation of information interactive affirmation device among the utility model embodiment two.
Fig. 3 is the structural representation of information interactive affirmation device among the utility model embodiment three.
Embodiment
For making the purpose of this utility model, technical scheme and advantage clearer, below with reference to the accompanying drawing embodiment that develops simultaneously, the utility model is further described.
Among the utility model embodiment, an affirmation device that comprises the information indicating parts is set, be not subjected to the control of various viruses in the network and true content in the information interactive process is provided, this affirmation device comprises that is also confirmed an input block, make that the user can be after confirmation points out content that parts provide correct, confirm the instruction of input block input validation by this, realize the mutual affirmation of current information.
Information interactive affirmation device in the utility model comprises: information indicating parts, affirmation input block, information processing apparatus and interface unit.
Interface unit, can for physical interfaces such as serial line interface, parallel interface, 1394 interfaces, radio-frequency (RF) identification (RFID) interface, wireless lan interfaces (IEEE802.11 interface etc.), USB (USB) interface, blue tooth interface, infrared interface, Wireless Fidelity (Wi-Fi) interface or have controller interface equipment or, link to each other with external client, reception will be from the information of external client; The safe authentication code of self information processing unit is exported to external client in the future.
The information indicating parts can be any display device or voice messaging playback equipment, the information that reception and output interface unit receive.
Confirm input block, can be any input equipment or multiple combinations such as button, fingerprint identification device, infrared induction equipment, speech recognition equipment, eye mask identification control equipment, externally control is confirmed instruction to information processing apparatus output down.
Information processing apparatus, can be any microprocessor, the affirmation instruction of confirmation of receipt input block input, according to the affirmation instruction that receives, and based on the embedded system or the firmware program of its inside, the information that above-mentioned interface unit is received is carried out cryptography arithmetic and is handled, and for example processing such as digital signature generates for example digital signature result, Hash information authentication code safe authentication codes such as (HMAC); The safe authentication code that generates is exported to interface unit.
In the practical application, the message transmission between client and the information interactive affirmation device of the present utility model may be based on default a kind of agreement.In this case, information processing apparatus also needs according to default protocol rule the information from client to be resolved, the information after being resolved by the output of information indicating parts again.
Wherein, the embedded OS of information processing apparatus or firmware program can be to be solidificated in its inside in advance, also can be that users from networks side server is downloaded the back storage.Embedded OS is a kind of special purpose operating system of non-open type, and promptly this operating system is special-purpose SOS such as smart card operating system for example, does not allow Any user that operating system is changed; Firmware program also has the characteristic that does not allow the user arbitrarily to change.
Based on above-mentioned embedded system or firmware program, can make that the virus of wide-scale distribution can't be invaded information processing apparatus in the networks such as any for example trojan horse, and, cryptography arithmetic is handled, the processing procedures such as parsing of information realize in information processing apparatus inside, the any external program that comprises client software all can't disturb this information process, has guaranteed that promptly the information indicating parts are shown or the authenticity of the information play.
Based on said apparatus, the user can be no longer according to the shown content of client but confirm current information reciprocal process according to the real information that the information indicating parts of said apparatus are provided, thereby information interactive process and the client content displayed of having avoided the user to confirm are inconsistent; And the user is confirmed to be by confirming that input block is realized, this process also can't be subjected to the control of the virus propagated in any network.
As seen, said apparatus can not be subjected to the security attack in the network, can be subjected under the situation of security attack in client, guarantees that the user knows the real information of current information reciprocal process, thereby has improved the reliability of safety certification.
Specifically, each parts in the said apparatus can adopt various connected modes, to realize the affirmation to information interactive process.
Embodiment one
Fig. 1 is the structural representation of the information interactive affirmation device among the utility model embodiment one.As shown in Figure 1, the information interactive affirmation device in the present embodiment comprises: information indicating parts, affirmation input block, information processing apparatus and interface unit.
Interface unit links to each other with external client, and reception will and be exported to information processing apparatus from the information of external client; The safe authentication code of self information processing unit is exported to external client in the future.
The information indicating parts receive and export the information from information processing apparatus.
Confirm input block, externally control is confirmed instruction to information processing apparatus output down.
Information processing apparatus receives the information from interface unit; The affirmation instruction of confirmation of receipt input block input, according to the affirmation instruction that receives, and based on the embedded system or the firmware program of its inside, the information that above-mentioned interface unit is received is carried out digital signature and is handled, and the digital signature result that generates is exported to interface unit.
If between information interactive affirmation device in the present embodiment and the client, carry out message transmission based on default agreement, then information processing apparatus is after the information that receives from interface unit, also need this information is resolved, at this moment, the information of information indicating parts output is the information after the parsing.
Embodiment two
Fig. 2 is the structural representation of the information interactive affirmation device among the utility model embodiment two.As shown in Figure 2, the information interactive affirmation device in the present embodiment comprises: information indicating parts, affirmation input block, information processing apparatus and interface unit.
Interface unit links to each other with external client, and reception will and be exported to the information indicating parts from the information of external client; The safe authentication code of self information processing unit is exported to external client in the future.
The information indicating parts receive and export the information from interface unit, and will export to information processing apparatus from the information of interface unit.
Confirm input block, externally control is confirmed instruction to information processing apparatus output down.
Information processing apparatus receives the information from the information indicating parts; The affirmation instruction of confirmation of receipt input block input, according to the affirmation instruction that receives, and based on the embedded system or the firmware program of its inside, the information that above-mentioned interface unit is received is carried out digital signature and is handled, and the digital signature result that generates is exported to interface unit.
If between information interactive affirmation device in the present embodiment and the client, carry out message transmission based on default agreement, then the information indicating parts receive from also exporting after the information of interface unit, need the information after the outstanding message processing unit also will be resolved this information analysis to return to after the information indicating parts, can export.
Embodiment three
Fig. 3 is the structural representation of the information interactive affirmation device among the utility model embodiment three.As shown in Figure 3, the information interactive affirmation device in the present embodiment comprises: information indicating parts, affirmation input block, information processing apparatus and interface unit.
Interface unit has a controller, links to each other with external client, and reception will also be exported to information indicating parts and information processing apparatus simultaneously from the information of external client; The safe authentication code of self information processing unit is exported to external client in the future.
The information indicating parts receive and export the information from interface unit.
Confirm input block, externally control is confirmed instruction to information processing apparatus output down.
Information processing apparatus receives the information from interface unit; The affirmation instruction of confirmation of receipt input block input, according to the affirmation instruction that receives, and based on the embedded system or the firmware program of its inside, the information that above-mentioned interface unit is received is carried out digital signature and is handled, and the digital signature result that generates is exported to interface unit.
More than be illustrating to the technical solutions of the utility model implementation.In actual applications, when the user by electric commerce client software to network side server send be used for the information of e-commerce transaction before, electric commerce client software sends to information interactive affirmation device in the present embodiment with this information, after this information interactive affirmation device receives this information, offer the user by the information indicating parts, the information that provide this moment can not be modified under the control externally.The real information that the user is provided according to the information indicating parts, judge whether current information to be sent is the content of oneself approving, if, then by confirming the instruction of input block input validation, the information processing apparatus of information interactive affirmation device inside is confirmed instruction according to this, and utilize the cryptographic algorithm of storage inside and the information that corresponding key receives to carry out digital signature, the result that will sign then returns to electric commerce client software, otherwise, the user is not by confirming the instruction of input block input validation, electric commerce client software is not received digital signature result, do not continue current e-commerce transaction, thereby guaranteed that current e-commerce transaction of running counter to user intention promptly can't carry out with network side server.
Below, in conjunction with instantiation the information interactive affirmation device in the present embodiment is further specified.
Example one: the information interactive affirmation device of present embodiment is applied to the Internet bank, guarantees the fail safe of user's fund.The user signs in to the account of oneself; After the login account, can carry out operational processing, for example carry out transferring accounts of fund.To transfer accounts is example, and the user is before operation is transferred accounts in affirmation, and client will be the relevant information of transferring accounts, and for example reciprocal account information, the amount of money etc. of transferring accounts are delivered in the information interactive affirmation device of present embodiment, and by this device the information that receives is shown or broadcast; At this moment, the user can be when checking the information of transferring accounts that client provided, check the information that information interactive affirmation device provided in the present embodiment, if confirmation, then carry out processing such as digital signature by the input validation instruction of affirmation input block and by information processing apparatus, finish the operation of transferring accounts, if shown variant of the information content that information interactive affirmation device provided in the being checked discovery present embodiment and client, illustrate that client suffered security attack, the operation of transferring accounts is no longer carried out and is cancelled.
Example two: the information interactive affirmation device of present embodiment is applied to online game, guarantees the fail safe of interior virtual assets of online game account and account and equipment.This example is identical with the process of example one.
As seen from the above technical solution, information interactive affirmation device among two embodiment of the utility model can not be subjected to the security attack in the network, can be subjected under the situation of security attack in client, guarantee that the user knows the real information of current information reciprocal process, than existing safety certification mode, improved the reliability of safety certification.
The technical solution of the utility model can be applied to computer network, also is applicable to the information interactive affirmation in other networks such as various mobile communication; The client that links to each other with interface unit can be the various network terminals that can link to each other with network side server, for example cash dispenser of personal computer, PDA(Personal Digital Assistant), mobile phone, bank outlets or other the network terminal.
The above is preferred embodiment of the present utility model only, is not to be used to limit protection range of the present utility model.All within spirit of the present utility model and principle, any modification of being done, be equal to and replace and improvement etc., all should be included within the protection range of the present utility model.
Claims (9)
1. the information interactive affirmation device in the network service is characterized in that, comprising: the information indicating parts, confirm input block, information processing apparatus and interface unit, wherein,
Described interface unit links to each other with external client, and reception will be from the information of external client; To export to external client from the safe authentication code of described information processing apparatus;
Described information indicating parts receive and export the information that described interface unit receives;
Described affirmation input block, externally control is confirmed instruction to described information processing apparatus output down;
Described information processing apparatus, the affirmation instruction of confirmation of receipt input block input, according to the affirmation instruction that receives, and based on the embedded system or the firmware program of its inside, the information that described interface unit receives is carried out the cryptography arithmetic processing, generate safe authentication code; The safe authentication code of described generation is exported to described interface unit.
2. device as claimed in claim 1 is characterized in that, described information processing apparatus links to each other with described information indicating parts;
Described information indicating parts receive the information that described interface unit receives by described information processing apparatus.
3. device as claimed in claim 2 is characterized in that described information processing apparatus is further resolved the information that described interface unit receives.
4. device as claimed in claim 1 is characterized in that, described information indicating parts link to each other with described interface unit, directly receive the information that described interface unit receives;
Described information indicating parts further link to each other with described information processing apparatus, and the information that the described receiving-member that receives receives is exported to described information indicating parts.
5. device as claimed in claim 1 is characterized in that, described information indicating parts link to each other with described interface unit, directly receive the information that described interface unit receives;
Described information processing apparatus links to each other with described interface unit, directly receives the information that described interface unit receives.
6. as any described device in the claim 1 to 5, it is characterized in that described information indicating parts are display device or voice messaging playback equipment.
7. as any described device in the claim 1 to 5, it is characterized in that described affirmation input block is button and/or fingerprint identification device and/or infrared inductor and/or speech recognition equipment and/or eye mask identification control device.
8. as any described device in the claim 1 to 5, it is characterized in that described interface unit is serial line interface or parallel interface or 1394 interfaces or general-purpose serial bus USB interface or blue tooth interface or infrared interface or Wireless Fidelity Wi-Fi interface or radio frequency discrimination RFID interface or wireless lan interfaces.
9. as any described device in the claim 1 to 5, it is characterized in that the network terminal of described external client for linking to each other with network side server by computer network or mobile communications network;
The described network terminal is: computer or personal digital assistant PDA or mobile phone.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNU2007201488728U CN201057649Y (en) | 2007-04-23 | 2007-04-23 | Information interactive affirmation device in internetwork communication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNU2007201488728U CN201057649Y (en) | 2007-04-23 | 2007-04-23 | Information interactive affirmation device in internetwork communication |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN201057649Y true CN201057649Y (en) | 2008-05-07 |
Family
ID=39426486
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNU2007201488728U Expired - Lifetime CN201057649Y (en) | 2007-04-23 | 2007-04-23 | Information interactive affirmation device in internetwork communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN201057649Y (en) |
-
2007
- 2007-04-23 CN CNU2007201488728U patent/CN201057649Y/en not_active Expired - Lifetime
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101621254B1 (en) | Payment method, computer readable recording medium and system using virtual number based on otp | |
| CN108012268B (en) | SIM card for ensuring safe use of application software on mobile phone terminal | |
| JP5959410B2 (en) | Payment method, payment server for executing the method, program for executing the method, and system for executing the same | |
| US11108558B2 (en) | Authentication and fraud prevention architecture | |
| CN102768744B (en) | A kind of remote safe payment method and system | |
| CN101221641B (en) | On-line trading method and its safety affirmation equipment | |
| CN107798531B (en) | Electronic payment method and system | |
| CN106096947B (en) | The half off-line anonymous method of payment based on NFC | |
| CN107784499B (en) | Secure payment system and method of near field communication mobile terminal | |
| CN103037323B (en) | Based on random code verification system and the verification method thereof of mobile terminal | |
| CN103971239A (en) | Verification method and device | |
| CA2355928C (en) | Method and system for implementing a digital signature | |
| CN102238193A (en) | Data authentication method and system using same | |
| CN101916476A (en) | Mobile data transmission method based on combination of SD (Secure Digital) encrypted card and short-distance wireless communication technology | |
| CN101296078A (en) | Information interactive affirmation device in internetwork communication | |
| CN106656993B (en) | Dynamic verification code verification method and device | |
| CN101790166A (en) | Digital signing method based on mobile phone intelligent card | |
| CN104301288B (en) | Online identity certification, online transaction checking, the method and system of online verification protection | |
| KR20140131201A (en) | Smart card having OTP generation function and OTP authentication server | |
| CN104881781A (en) | Method, system, and client based on secure transaction | |
| CN105682092B (en) | Bidirectional authentication method based on short-distance wireless communication technology | |
| US9413749B2 (en) | System and method of authentication of a first party respective of a second party aided by a third party | |
| CN105160531B (en) | Transaction data processing method and processing device | |
| CN104639566A (en) | Transaction authorizing method based on out-of-band identity authentication | |
| CN201057649Y (en) | Information interactive affirmation device in internetwork communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee | ||
| CP03 | Change of name, title or address |
Address after: Beijing City, Haidian District Zhongguancun South Street No. 6 Zhucheng building B, room 1201, zip code: 100086 Patentee after: Beijing Senselock Software Technology Co.,Ltd. Address before: Beijing City, Haidian District Zhongguancun South Street No. 6 Zhucheng building B, room 1201, zip code: 100086 Patentee before: Beijing ponder Rock Software Technology Co.,Ltd. Address after: Beijing City, Haidian District Zhongguancun South Street No. 6 Zhucheng building B, room 1201, zip code: 100086 Patentee after: Beijing ponder Rock Software Technology Co.,Ltd. Address before: Beijing City, Haidian District Zhongguancun South Street No. 6 Zhucheng building B, room 1201, zip code: 100086 Patentee before: Beijing Senselock Software Technology Co.,Ltd. |
|
| C56 | Change in the name or address of the patentee |
Owner name: BEIJING SHENSILUOKE SOFTWARE TECHNOLOGY CO., LTD. Free format text: FORMER NAME: BEIJING SHENSILUOKE DATA PROTECTION CENTER |
|
| ASS | Succession or assignment of patent right |
Owner name: BEIJING SHENSI SHUDUN SCIENCE + TECHNOLOGY CO., LT Free format text: FORMER OWNER: BEIJING SENSELOCK SOFTWARE TECHNOLOGY CO., LTD. Effective date: 20150109 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100086 HAIDIAN, BEIJING TO: 100872 HAIDIAN, BEIJING |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20150109 Address after: 100872 room 1706, building 59, Zhongguancun street, Haidian District, Beijing Patentee after: BEIJING SHENSI SHUDUN TECHNOLOGY Co.,Ltd. Address before: 100086 Beijing City, Haidian District Zhongguancun South Street No. 6 Zhucheng building block B room 1201 Patentee before: Beijing Senselock Software Technology Co.,Ltd. |
|
| C56 | Change in the name or address of the patentee | ||
| CP03 | Change of name, title or address |
Address after: 100193 Beijing, Haidian District, East West Road, No. 10, East Hospital, building No. 5, floor 5, layer 510 Patentee after: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd. Address before: 100872 room 1706, building 59, Zhongguancun street, Haidian District, Beijing Patentee before: BEIJING SHENSI SHUDUN TECHNOLOGY Co.,Ltd. |
|
| CX01 | Expiry of patent term |
Granted publication date: 20080507 |
|
| CX01 | Expiry of patent term |