CN201364576Y - Network software account password and computer system safety device - Google Patents
Network software account password and computer system safety device Download PDFInfo
- Publication number
- CN201364576Y CN201364576Y CN 200920063680 CN200920063680U CN201364576Y CN 201364576 Y CN201364576 Y CN 201364576Y CN 200920063680 CN200920063680 CN 200920063680 CN 200920063680 U CN200920063680 U CN 200920063680U CN 201364576 Y CN201364576 Y CN 201364576Y
- Authority
- CN
- China
- Prior art keywords
- computer system
- write
- account password
- network
- software account
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Abstract
The utility model discloses a network software account password and computer system safety device. The network software account password and computer system safety device is characterized in that the device comprises a controller, a USB interface and a memorizer, wherein both the USB interface and the memorizer are connected with the controller; the memorizer comprises a core code memory area, a write only memory area, a read-write controllable memory area and a free memory area, wherein, the core code memory area is used for storing an antivirus core code and a control code; the write only memory area is used for storing ID information; and the read-write controllable memory area and the free memory area are used for storing encrypted messages and certificates and the like of the software account password. The software account password safety device also comprises a read-write protection switch and a computer system protection recovery switch; and the read-write protection switch is connected with the controller. By using the network software account password and computer system safety device, the safety and the reliability of the software account password can be ensured, the software account password can be prevented from being snatched effectively, and the computer system can be protected so that the computer system is restored to a safe state.
Description
Technical field
The utility model belongs to electronic technology field, relates to a kind of network software account number cipher and computer system safety protective device.
Background technology
Network is in vogue day by day, and along with diverse network software is constantly released, more user enters into the network illusory world.The various softwares of account number that need are also in vogue day by day, wherein need the electronic game of software package includes network, QQ, ICQ, Email of account number cipher operation etc.Wherein in the online game one to have practised austerities account number for a long time be not only the accumulation of player's time energy, also be the input of extensive fund simultaneously.Especially there is currency in the many humans reality society to remove to buy equipment and article in the network world, obtain a high-grade account number, article or high-grade account number in perhaps playing with oneself remove to change the currency of reality society, and this has more increased the attention of people to the security of recreation account number.What present many game players were concerned about most is the problem of the security of its account number.For example: the password figure place is come out by conjecture or by specific software is exhaustive at short notice very little easily; And figure place how easily memory easily pass into silence, perhaps a plurality of account numbers for the ease of memory with password or the like
Show according to relevant report, China have 61% player to live through equipment and virtual objects stolen, by steal-number account for 33%, accounted for 6% by assault.Various wooden horses are all-pervasive especially, as passing through QQ, ICQ, Email, site home page, part plug-in unit etc., the computer that all might invade the player at any time, the attack that 93% stolen player has been trojan horse program.
The security needs that this shows protection software account number are protected account number cipher and virus and wooden horse are taken precautions against 2 aspects set about.Account number cipher is stolen, where is root? except individual's the vigilant heart is strong, still main because the not enough science of password setting of recreation account number and authentication means cause safely inadequately.Security expert in the industry is also in effective solution of positive exploration.
Simple analysis is several main authentication modes at present
The static password authentication:
Cipher authentication mode now commonly used is exactly the static password authentication, and as a kind of low cost, be convenient to use form, this kind mode is very general in network application.But because " password " and " user name (perhaps account number) " is as soft sign, plaintext transmission in network, there are many drawbacks and security breaches, as username and password forget easily or had a mind to by other people or be not intended to obtain, authentication information can bring " specialty " the code breaking instrument of potential safety hazard, a multitude of names by eavesdropping, the shared account number of many people and act as fraudulent substitute for a person or the like, therefore just it is not high to be fit to some security requirements, is used by other people or usurps in the application that yet can not produce massive losses even lose.
Dynamic cipher verification:
This is a kind of modified of novel cipher authentication, is in order to remedy in the static password authentication, and static password is provided with complicated not memory and easily by defective that others obtains easily.User password is dynamically to change in the authentication, generally can issue token of user, and the numeral that shows above is time dependent.The numeral that this string changes is exactly the password that the user enters system.This system is made up of the password card of user side and the certificate server of application system end.When the user logined application system, according to security algorithm, Verification System can generate dynamic password simultaneously on the special chip of password card and certificate server, through relatively, if both sides' password is identical, then is validated user, otherwise is the disabled user.Dynamic password card has solved the authentication of server-side certificate user side, is user side certificate server end identity but can not oppositely authenticate.The problem that a time synchronized is arranged simultaneously, if between user side and the server end time difference very big or network speed is slower, the client will can't sign in to server because of network delay.
The utility model content
The purpose of this utility model is to have proposed a kind of network software account number cipher and computer system safety protective device, to solve the low and easy invaded problem of computer system of original network software safety of account number cipher.
Technical solution of the present utility model is as follows:
A kind of software account number cipher and computer system safety protective device is characterized in that, comprise controller, USB interface and storer; Described USB interface all is connected with described controller with storer, described storer comprise record antivirus software core code and control routine the code storage district, be used to deposit id information the one-time write memory block, be used to deposit the enciphered message of network software account number cipher and the controlled memory block of read-write and the free core pool of certificate.
Network software account number cipher and computer system safety protective device also comprise read-write protection switch and computer system protection reduction switch, and described read-write protection switch is connected with controller with computer system protection reduction switch.
Specifically, the one-time write memory block, function is the subscriber information message of preserving unique ID and needing binding, can not change after the write-once; The code storage district needs specific software to write (comprising control routine and virus killing protection core code), and effect is the storage core code, comprises autocommand etc.; Read and write controlled memory block,, be used to protect the enciphered message of account number cipher and renewable certificate and PKI, private key, during switch opens: can write data, when switch cuts out, can not write data by the memory block that writes of switch control; The memory block of using can freely be stored by the user in the free core pool, is used to store general purpose tool and software, simultaneously as mobile memory (USB flash disk).
Advantage of the present utility model and effect:
What network account password and computer system safety protective device adopted is international advanced USB technology and algorithm for encryption authentication techniques; its hardware constitutes and is one and is made up of CPU (being controller), safe storage and operation intelligent micro-system thereon; as long as the account of network software and encrypted message are deposited in the theftproof lock (the safety of account number cipher protective device of promptly playing) with the key form; in use key information never goes out lock, realizes protection truly.This be because, the account information and the key that are used for authentication are to be set at not directly to read, applications can only be sent into and calculate used enter factor, and whole computation process is finished at the CPU of network account password and computer system safety protective device fully, only result calculated is passed to applications.Key is listened to by outside Hacker Program with regard to absolutely not like this, and cipher key calculation is non-reversible algorithm, also can't be by the result of calculation value of key of retrodicting out, and the result of calculation that passes to network account password and computer system safety protective device outside also can change along with the difference of each input data, also can't reach the purpose of falsely using identity even write down the value of each authentication calculations.Its concrete functional characteristics has:
1, double factor authentication
Each network account password and computer system safety protective device all have hardware PIN code protection, and PIN code and hardware have constituted two necessary factors that the user uses theftproof lock, i.e. so-called " double factor authentication ".The user has only and has obtained lock and user's PIN code simultaneously, just can land network software platform system.Even user's PIN code is leaked, as long as the theftproof lock that the user holds is not stolen, the identity of validated user just can not be by counterfeit; If user's lock is lost, the person of picking up is not owing to know user's PIN code, and identity that also can't counterfeit validated user surpasses predetermined restricted if illegal user inputs the PIN code number of times by mistake, then theftproof lock just can be in locking, even if after this input correct PIN code also can't normally be used.
2, built in hardware virus killing anti-Trojan software and hardware restoring system
The internal code of each network account password and computer system safety protective device all has the record code of computer system mount message and built-in virus killing anti-Trojan software, and sets the state that needs reduction by the user.Need restoring system in case the user thinks, press the reduction switch and can restarting systems also arrive safe condition for the user installation system automatically.Hardware record installment state can not awarded the interference of virus, has embodied " hardware is anti-to kill " theory of antivirus software kernal hardwareization, but has fundamentally reduced system by the chance of poisoning intrusion.
3, have secure memory space
The secure data storage space that network account password and computer system safety protective device have, can the storage networking software account information and secret data such as key, the data access that applications is deposited storer all will have only authority to conform to and just promise visit by the judgement of intelligent micro-system.So just can realize protection truly, stop to duplicate the possibility of client identity information.And antivirus software adopts the hardware core record, has avoided the possibility of the analyzed debugging of antivirus software, and can also strengthen the reliability and the security of antivirus software from network by special software upgrading virus base greatly.
4, hardware is realized cryptographic algorithm
Network account password and built-in CPU of computer system safety protective device or intelligent card chip, can realize the various algorithms of the data summarization, data encrypting and deciphering and the signature that use in PKI (Public Key Infrastructure) system, the encryption and decryption computing is carried out in the inside of network account password and computer system safety protective device, guaranteed that user key can not appear in the calculator memory, thereby stopped the possibility that user key is intercepted by the hacker.
4, be easy to carry, safe and reliable
As network account password big as the thumb and the computer system safety protective device is very convenient carries, can cater to and follow the fashion the player at heart directly through on the key chain.The hardware of this device is not reproducible, the data and the corresponding hardware that are stored on network account password and the computer system safety protective device storer have been carried out the binding encryption, can not operate as normal even if change the storer of two same model network account passwords and computer system safety protective device, use tear open method that sheet cracks also can't the duplicate network account number cipher and the computer system safety protective device in information, therefore more apparent safe and reliable.
Description of drawings
Fig. 1 is the utility model structural principle block diagram.
Embodiment
Below in conjunction with the drawings and specific embodiments the utility model is further described.
Embodiment 1
As shown in Figure 1, a kind of software account number cipher and computer system safety protective device is characterized in that, comprise controller, USB interface and storer; Described USB interface all is connected with described controller with storer, described storer comprise record antivirus software core code and control routine the code storage district, be used to deposit id information the one-time write memory block, be used to deposit the enciphered message of network software account number cipher and the controlled memory block of read-write and the free core pool of certificate.Also comprise read-write protection switch and computer system protection reduction switch, described read-write protection switch is connected with controller with computer system protection reduction switch.
Network account password and computer system safety protective device account number cipher verification process
The overall process that application network account number cipher and computer system safety protective device authenticate can simply be represented by following relational expression: and ePass (X, K)=Server (X, K);
Wherein X is provided by the random number that is provided by server, and K then represents key, and ePass (X, K) representative is to be inserted in the network account password of client and the computing that the computer system safety protective device is carried out, (X, K) representative is the computing of server program to Server.And the K at equation two ends does not occur in client computer, also directly sends certificate scheme safety that Here it is basic on the net.
Idiographic flow is as follows:
The network software client patches network account password and computer system safety protective device hardware, and service end is used network account password and computer system safety protective device system software.
1. client computer is at first sent logging request to certificate server.Certificate server then just can take out the key of relative users by user name (perhaps user ID) from customer data base.
2. after certificate server is received client's logging request, just send a random string to client computer, this string is finally sent in the network account password of client computer and the computer system safety protective device and is used for calculating.Meanwhile, certificate server then takes out corresponding key and utilizes the random train X that sends to client computer according to user name, carries out computing with crypto engine on server, obtains operation result Rh.
3. client computer is imported this random train X into network account password and computer system safety protective device, network account password and computer system safety protective device then utilize this string and the key file that is built in wherein to carry out computing by hardware cryptographic engine, also obtain an operation result, this operation result can directly be sent to certificate server in network.
4. relatively whether two operation result Rh (server) are identical with Rc (client computer) for certificate server, just can determine a network user's legitimacy.
Network account password and computer system safety protective device protection process
The protection process of network account password and computer system safety protective device is to comprise register system, and restoration point is set, and steps such as reduction have embodied the theory of " hardware is anti-to kill " of antivirus software kernal hardwareization.
1. insert network account password and computer system safety protective device ejection initialization interface automatically for mounted system for the first time, the user finishes the record of the first time to system according to guiding.
2. the user can repeatedly carry out record to system state by write-protect switch afterwards; recorded information is saved in the write-protect zone; when repeatedly information is recorded; hardware is default thinks that what need reduction is last recorded information, and the user also can manually be provided with intervention to the record behavior of needs reduction.The work that is provided with is undertaken by special interface.
3. when user's discovery system has problem to carry out system reducing; insert network software account number cipher and computer system safety protective device and press stop push-button (being computer system protection reduction switch), network software account number cipher and computer system safety protective device can restart computer and begin the operation that the executive system reduction is installed.
4. the special purpose interface download and upgrade can be used in the code and the virus characteristic storehouse of the built-in antivirus software of network software account number cipher and computer system safety protective device on special website, need open write-protect switch during upgrading.
By above function and technical description to network software account number cipher and computer system safety protective device; shown that this protective device is feasible and necessary in the network software sector application; the instrument that it not only allows the user have to protect own wealth and the sharp weapon of authentication; and for the software operation merchant; reduced client's complaint; increased profit growth point, also embodied the careful care of operator, improved service quality high-end customer.Network software account number cipher and computer system safety protective device are supported 2-10 software number of the account protection.Support usb2.0 to support several operation systems---win98, Me, 2000, Xp, server 2003, vista, linux, mac OS.
Claims (2)
1. software account number cipher and computer system safety protective device is characterized in that, comprise controller, USB interface and storer; Described USB interface all is connected with described controller with storer, described storer comprise storage antivirus software core code and control routine the code storage district, be used to deposit id information the one-time write memory block, be used to deposit the enciphered message of network software account number cipher and the controlled memory block of read-write and the free core pool of certificate.
2. software account number cipher according to claim 1 and computer system safety protective device; it is characterized in that; also comprise read-write protection switch and computer system protection reduction switch, described read-write protection switch is connected with controller with computer system protection reduction switch.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200920063680 CN201364576Y (en) | 2009-03-18 | 2009-03-18 | Network software account password and computer system safety device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200920063680 CN201364576Y (en) | 2009-03-18 | 2009-03-18 | Network software account password and computer system safety device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN201364576Y true CN201364576Y (en) | 2009-12-16 |
Family
ID=41475246
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200920063680 Expired - Fee Related CN201364576Y (en) | 2009-03-18 | 2009-03-18 | Network software account password and computer system safety device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN201364576Y (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103648599A (en) * | 2011-06-13 | 2014-03-19 | 索尼电脑娱乐美国公司 | Account management of computer system |
| CN108280375A (en) * | 2017-12-29 | 2018-07-13 | 申子涵 | A kind of mobile terminal that can prevent illegal brush machine |
-
2009
- 2009-03-18 CN CN 200920063680 patent/CN201364576Y/en not_active Expired - Fee Related
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103648599A (en) * | 2011-06-13 | 2014-03-19 | 索尼电脑娱乐美国公司 | Account management of computer system |
| CN108280375A (en) * | 2017-12-29 | 2018-07-13 | 申子涵 | A kind of mobile terminal that can prevent illegal brush machine |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20190028273A1 (en) | Method for saving data with multi-layer protection, in particular log-on data and passwords | |
| US20130268444A1 (en) | Three-factor user authentication method for generating otp using iris information and secure mutual authentication system using otp authentication module of wireless communication terminal | |
| CN101159556B (en) | Group key server based key management method in sharing encryption file system | |
| CN102006306B (en) | Security authentication method for WEB service | |
| CN107171785A (en) | A kind of digital copyright management method based on block chain technology | |
| CN109257209A (en) | A kind of data center server centralized management system and method | |
| CN110324143A (en) | Data transmission method, electronic equipment and storage medium | |
| RU2351978C2 (en) | Method for provision of data records set integrity | |
| CN202795383U (en) | Device and system for protecting data | |
| CN101527024A (en) | Safe web bank system and realization method thereof | |
| CN105430014B (en) | A kind of single-point logging method and its system | |
| CN101022337A (en) | Network identification card realizing method | |
| CN103888429B (en) | Virtual machine starts method, relevant device and system | |
| CN106452764A (en) | Method for automatically updating identification private key and password system | |
| CN109347643B (en) | Ethernet-based user center system security supervision method and device | |
| CN103973715B (en) | Cloud computing security system and method | |
| US20200136816A1 (en) | Authentication using asymmetric cryptography key pairs | |
| CN110177134A (en) | A kind of security password manager and its application method based on cloudy storage | |
| CN109829333A (en) | A kind of key message guard method and system based on OpenID | |
| CN108900296A (en) | A kind of code key storage device and method based on living things feature recognition | |
| CN111460482A (en) | Block chain-based number shaking method and device | |
| CN114301624A (en) | Block chain-based tamper-proof system applied to financial business | |
| CN106295384B (en) | Big data platform access control method and device and authentication server | |
| CN110837634A (en) | Electronic signature method based on hardware encryption machine | |
| CN106971092A (en) | USB encryption card management systems based on cloud platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20091216 Termination date: 20130318 |