CN201378346Y - Credible payment computer device - Google Patents
Credible payment computer device Download PDFInfo
- Publication number
- CN201378346Y CN201378346Y CN200820123372U CN200820123372U CN201378346Y CN 201378346 Y CN201378346 Y CN 201378346Y CN 200820123372 U CN200820123372 U CN 200820123372U CN 200820123372 U CN200820123372 U CN 200820123372U CN 201378346 Y CN201378346 Y CN 201378346Y
- Authority
- CN
- China
- Prior art keywords
- credible
- trusted
- card reading
- usb
- payment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
A credible payment computer device relates to the technical field of information security. A first scheme of the credible payment computer device comprises input devices, a credible host computer, an output device and a credible card-brushing device which is connected with the credible host computer through a USB-HID interface. The input devices are a keyboard and a mouse and the output device is a display. The structural characteristic of the credible payment computer device is as follows: a TCM chip is embedded in the credible host computer as a credible measurement root, a credible report root and a credible storage root. A credible measurement system in the credible host computer measures the integrity of TCM-credible BIOS-MBR-OSKernel and credible monitoring program-PE file stepwise. A software system installed on the credible host computer comprises a TCM management program, a credible card-brushing equipment management program and a payment transaction management program. The credible payment computer device is convenient and easy to use, and can ensure the security of the entire credible payment transaction reliably.
Description
Technical field
The utility model relates to field of information security technology, particularly trusted payment computer system.
Background technology
Along with paying the flourish of industry by mails, in order to ensure the security of paying by mails, a lot of safety practices has been applied in each payment link.It is the simplest that account adds the password mode, also is the minimum mode of security.Modes such as phishing, fake site, swindle note are easy to make user's account and password to be defrauded of.The keyboard sniffer can be stolen user's the user name and password by recording user keystroke incident.In order to prevent above-mentioned attack, be born secure browser control and soft keyboard technology, but constantly the rootkit attack technology of development still can break up this defensive measure.Digital certificate technique is the highest a kind of identity identifying technology of present security, but the secret storage problem of asymmetric public and private key also is not well solved in the digital certificate system.
The reliable computing technology of prior art adopts " white list " mode, has only the software of being trusted to move in client computer, can guarantee the credibility of computing environment in this way.In electronic payment process, need input user's number of the account and password usually.Because the number of the account of input and password are expressly to occur, to be very easy to suffer security attack in the payment terminal computing machine.And, because the user regularly will import very long numeric string, to make mistakes easily, this makes the ease for use of the service of E-Payment by mails reduce, inconvenient user uses.
Summary of the invention
In order to solve above-mentioned problems of the prior art, the purpose of this utility model provides a kind of trusted payment computer installation.It is convenient easy-to-use, can reliably guarantee the security of whole trusted payment transaction.
In order to reach the foregoing invention purpose, the technical solution of the utility model realizes as follows:
A kind of trusted payment computer installation, it comprises input equipment, Trusted Computing machine host, the output device that links to each other successively and passes through USB-HID interface and the interconnective trusted card reading equipment of Trusted Computing machine host.Described input equipment is keyboard and mouse, and output device is a display.Its design feature is that described Trusted Computing machine host is embedded in the TCM chip as credible tolerance root, credible report root and trusted storage root.---credible BIOS---MBR---OS Kernel and the credible watchdog routine---integrality of PE file that the credible gauging system of Trusted Computing machine host inside is measured TCM step by step.Comprise TCM supervisory routine, trusted card reading device manager and payment transaction supervisory routine on the Trusted Computing machine host in the installed software system.
In above-mentioned trusted payment computer installation, described trusted card reading equipment link to each other with the Trusted Computing machine host with the USB-HID protocol mode with independent USB device or with link to each other with the Trusted Computing machine host with the USB-HID protocol mode after the PC keyboard is integrated the parallel USB-HUB of access.
In above-mentioned trusted payment computer installation, described TCM supervisory routine realizes the function of TCM initialization, the modification of Owner password, backup and recovery, the identify label of trusted computer host platform and key management.
In above-mentioned trusted payment computer installation, whole electric payment transaction process is in charge of and is coordinated to described payment transaction supervisory routine.
In above-mentioned trusted payment computer installation, described trusted card reading equipment comprises assembly:
Processor is responsible for the arithmetic sum logical operation, for the operation of software in the trusted card reading equipment provides the computing support;
Storage unit is responsible for stored programme Firmware and data, and program Firmware is responsible for realizing software function;
The storage administration protected location is realized allocation of space and access control to storage unit;
Randomizer generates the true random number meet national Password Management office standard;
The ECC engine meets the ECC standard of national Password Management office, realizes that systematic parameter, key are to generation, Digital Signature Algorithm, Internet Key Exchange Protocol and cryptographic algorithm;
The bank card card reader reads bank card magnetic track information;
Keypad is for the user provides input interface to trusted card reading equipment input digit;
Liquid crystal display provides information with the character way of output to the user;
Voice cue module provides information in the voice output mode to the user;
The USB controller, the organization internal data offer external unit in the usb signal mode, and the usb signal of outside input is converted into the manageable signal of trusted card reading device interior;
Intercom mutually by bus between each assembly of trusted card reading equipment.
In above-mentioned trusted payment computer installation, the instruction set of described processor adopting standard 8051 nuclears or compatibility 8051.
In above-mentioned trusted payment computer installation, the data of storing in the described storage unit are the data of ephemeral data or permanent storage, and program in the storage unit and data are all stored with cipher mode.
The utility model is owing to adopted said structure, and by using trusted card reading equipment, the user can replace manual input number of the account with the operation of swiping the card, and ease for use strengthens.Bank card account number of inputing from trusted card reading equipment and password enter the Trusted Computing machine host in the mode of ciphertext and are forwarded to remote server end in the electronic fare payment system, make that the Malware in the main frame can't obtain user's the bank card account number and the cleartext information of password.Simultaneously, by authentication mutually, can prevent Malware and user forgery or distort trusted card reading equipment between trusted card reading equipment and the Trusted Computing machine host, further guarantee the security of whole trusted payment computer system.The utility model can prevent that simple energy from analyzing SPA (Simple Power Analysis) and differential power is analyzed DPA (Differential Power Analysis) attack.
The utility model is described in further detail below in conjunction with the drawings and specific embodiments.
Description of drawings
Fig. 1 is the trusted payment computer system structural representation that the utility model trusted card reading equipment directly links to each other with the reliable PC main frame;
Fig. 2 is the trusted payment computer system structural representation that the PC keyboard of the integrated trusted card reading equipment of the utility model links to each other with the reliable PC main frame;
Fig. 3 is the fundamental diagram of the credible gauging system of the utility model;
Fig. 4 is the structural representation of the utility model trusted card reading equipment;
Fig. 5 is an application mode process flow diagram of the present utility model.
Embodiment
Referring to Fig. 1 to Fig. 4, the utility model comprises input equipment, Trusted Computing machine host, the output device that links to each other successively and passes through USB-HID interface and the interconnective trusted card reading equipment of Trusted Computing machine host.Input equipment is keyboard and mouse, and output device is a display.Trusted card reading equipment link to each other with the Trusted Computing machine host with the USB-HID protocol mode with independent USB device or with link to each other with the Trusted Computing machine host with the USB-HID protocol mode after the PC keyboard is integrated the parallel USB-HUB of access.---credible BIOS---MBR---OS Kernel and the credible watchdog routine---integrality of PE file that the Trusted Computing machine host is embedded in the TCM chip as credible tolerance root, credible report root and trusted storage root, and the credible gauging system of Trusted Computing machine host inside is measured TCM step by step.Comprise TCM supervisory routine, trusted card reading device manager and payment transaction supervisory routine on the Trusted Computing machine host in the installed software system.
The TCM supervisory routine mainly realizes TCM initialization, the modification of Owner password, backup and functions such as recovery, the identify label of trusted computer host platform and key management.For trusted computer host platform identify label function, mainly finish by following operation.
(1) inner a pair of ECC (the Flliptic curve cryptography that generates of TCM; elliptic curve cryptography) (the ECC algorithm is the SM2 algorithm that reaches described in " creditable calculation password support platform function and interface specification " to public private key pair; as follows); wherein the ECC private key places the TCM chip internal to carry out encipherment protection; the ECC PKI is transferred to trusted third party's signature platform identity digital certificate, and this platform identity digital certificate externally characterizes the uniqueness of this trusted computer host platform.
(2) platform identity digital certificate importing TCM chip internal carries out encipherment protection, has only TCM Owner that access rights are just arranged.
(3) in electronic transaction process, carry out digital signature by the data that main frame outwards transmits by TCM, other transaction entity can be by verifying that this signature letter office receives packet and whether sent by this main frame.
Because ECC private key, platform identity digital certificate, digital signature procedure etc. are all finished at the TCM chip internal; and the TCM standard provides perfect memory protection and access control mechanisms, makes Malware can't pseudo-produce a new host computer system identical with this machine with the user.Thereby solved the identity uniqueness problem of trusted computer host computer system in electronic transaction process, established solid foundation smoothly for electronic transaction.
In actual application, a trusted computer host platform can characterize the identity of self by a plurality of platform letters of identity via trusted third party's signature, and these platform identity digital certificates all can externally characterize the uniqueness of trusted computer host platform.
Whole electric payment transaction process is in charge of and is coordinated to the payment transaction supervisory routine, finishes following major function:
(1) coordinate and management TCM supervisory routine to the digital certificate request service of national CA (CertificateAuthority) mechanism, the signature algorithm in the digital certificate adopts the ECC algorithm that meets national Password Management office standard.
(2) coordinate and management trusted card reading device manager to the digital certificate request service of national CA (CertificateAuthority) mechanism, the signature algorithm in the digital certificate adopts the ECC algorithm that meets national Password Management office standard.
(3) scheduling TCM supervisory routine and trusted card reading device manager in the digital certificate mode, are realized the two-way authentication of TCM and trusted card reading equipment, and to the user feedback authentication result.
(4) be responsible for setting up SSL (Secure Sockets Layer) secure communication channel at trusted payment computer system and online electronic fare payment system remote server end, in SSL, asymmetric arithmetic adopts the ECC algorithm meet national Password Management office standard, and symmetry algorithm adopts the SMS4 algorithm that meets national Password Management office standard.
(5) link of certain in electronic payment process, notice trusted card reading device manager is finished user card punching, the user inputs operations such as password, reception is from the data message that card number and password are encrypted and signed of trusted card reading device manager input, and is transmitted to the TCM supervisory routine through this data message and other Transaction Information.
(6) TCM carries out digital signature to above-mentioned message and other Transaction Information, and the data delivery after will signing is given the payment transaction supervisory routine.
(7) the payment transaction supervisory routine is given online electronic fare payment system remote server end with above-mentioned data by the SSL channel transfer of having set up.
The operation of whole credible gauging system comprises following content:
(1) computer starting or when resetting, the self check of TCM chip.If self check is not passed through, the system closure operation.Self check is passed through, and changes step (2) over to.
(2) TCM measures the complete line of credible BIOS, and be kept at PCR (Platform Configuration Register when metric and last system normally moved, platform configuration register) metric in is compared, if comparison result is inconsistent, then point out the user, whether continue operation by user's decision.If comparison result is both unanimities, then change step (3) over to.If system carries out initialization for the first time, then metric is write PCR.
(3) credible BIOS is to MBR (Master Boot Record, Main Boot Record) integrality is measured, and the metric that is kept among the PCR when metric and last system normally moved compares, if comparison result is inconsistent, then point out the user, whether continue operation by user's decision.If comparison result is both unanimities, system continues guiding, and control is committed to Trusted GRUB.If system carries out initialization for the first time, then metric is write PCR.
(4) Trusted GRUB is to OS Kernel (Operating System Kernel, operating system nucleus) integrality is measured, and the metric that is kept among the PCR when metric and last system normally moved is compared, if comparison result is inconsistent, then point out the user, whether continue operation by user's decision.Simultaneously, Trusted GRUB also carries out integrity measurement to credible watchdog routine and attached file digest values database thereof, and the metric that is kept among the PCR when metric and last system normally moved is compared, if comparison result is inconsistent, then point out the user, whether continue operation by user's decision.If above-mentioned two tolerance are all passed through, system's control is committed to OS Kernel.If system carries out initialization for the first time, then two metrics are write PCR.
(5) after OS Kernel startup was finished, system was ready, and this moment, various application programs can bring into operation.Before every program run, credible watchdog routine is carried out integrity measurement to the PE file of this program, and the corresponding list item in metric and the file digest values database is compared.If comparison result is consistent, then this application program launching operation.If comparison result is inconsistent, then point out the user, whether continue to move this program by user's decision.If program is moved for the first time, feasible watchdog routine carries out writing the file digest values database behind the integrity measurement to the PE file of this program.
(6) TCM supervisory routine, trusted card reading device manager and payment transaction supervisory routine etc. are monitored in real time by credible watchdog routine.In case these several programs are suffered illegally to distort, credible watchdog routine can be reported to the police immediately, and the prompting user carries out corresponding operating, to guarantee the safety of whole payment transaction process.
Trusted card reading equipment of the present utility model comprises assembly:
Processor, employing standard 8051 nuclear or compatible 8051 instruction set are responsible for the arithmetic sum logical operation, for the operation of software in the trusted card reading equipment provides the computing support;
Storage unit is responsible for stored programme Firmware and data, and program Firmware is responsible for realizing software function; The data of storing in the storage unit are the data of ephemeral data or permanent storage, and program in the storage unit and data are all stored with cipher mode;
The storage administration protected location is realized allocation of space and access control to storage unit;
Randomizer generates the true random number meet national Password Management office standard;
The ECC engine meets the ECC standard of national Password Management office, realizes that systematic parameter, key are to generation, Digital Signature Algorithm, Internet Key Exchange Protocol and cryptographic algorithm;
The bank card card reader reads bank card magnetic track information;
Keypad is for the user provides input interface to trusted card reading equipment input digit;
Liquid crystal display provides information with the character way of output to the user;
Voice cue module provides information in the voice output mode to the user;
The USB controller, the organization internal data offer external unit in the usb signal mode, and the usb signal of outside input is converted into the manageable signal of trusted card reading device interior;
Intercom mutually by bus between each assembly of trusted card reading equipment.
Referring to Fig. 5, trusted card reading equipment matches with the trusted card reading device manager, and its application process step is:
(1) during the trusted card reading device initialize, inner to generate the ECC key right, and the private key of this cipher key pair is stored in storage unit and is subjected to safeguard protection, and PKI exports trusted third party to by the payment transaction supervisory routine.
(2) trusted third party makes digital certificate according to other relevant information of the PKI that generates in (1) and this trusted card reading equipment (as the unique hardware sequence number of trusted card reading equipment etc.), and the digital certificate of making is fed back to trusted card reading equipment by the payment transaction supervisory routine.
(3) trusted card reading equipment imports the digital certificate that trusted third party issues, and is stored in storage unit.This digital certificate is used for the identity to outside sign oneself.
(4) trusted card reading equipment in use, can import the digital certificate that external entity (as Trusted Computing machine host, online electronic fare payment system server end) is used for characterizing self identity, the validity of this digital certificate can be verified, and the PKI of main body can be from this digital certificate, extracted.
When (5) user swipes the card operation, the magnetic track information of bank card is acquired, this magnetic track information uses the PKI in the digital certificate that characterizes third party transaction entity (inserting front server etc. as online electronic fare payment system server end, China Unionpay's payment) identity to carry out ECC and encrypts, and carry out the ECC signature with the private key of trusted card reading equipment, the information after signature is finished is transported to the Trusted Computing machine host.
When (6) user is by keypad input bank card password, liquid crystal display shows " * " number, credible easypro card apparatus reads password, this password uses the PKI in the digital certificate that characterizes third party transaction entity (inserting front server etc. as online electronic fare payment system server end, China Unionpay's payment) identity to carry out ECC and encrypts, and carry out the ECC signature with the private key of trusted card reading equipment, the signature result with the USB-HID signal conveys to the reliable PC main frame.
(7) the reliable PC main frame will be submitted to Unionpay's server by the secure network passage through the bank card account number and the encrypted message of trusted card reading devices encrypt and signature, Unionpay's server use self ECC private key is decrypted above information, obtains user's bank card account number and password;
(8) Unionpay's server then to user account carry out inquiry into balance, operation such as withhold, and operating result fed back to the reliable PC main frame;
(9) if withholing to wait operates successfully, reliable PC to trusted card reading equipment, and shows end operation with information feedback such as deducted amounts on liquid crystal display.
Claims (3)
1, a kind of trusted payment computer installation, it comprises input equipment, Trusted Computing machine host, the output device that links to each other successively and passes through USB-HID interface and the interconnective trusted card reading equipment of Trusted Computing machine host, described input equipment is keyboard and mouse, output device is a display, it is characterized in that, described trusted card reading equipment link to each other with the Trusted Computing machine host with the USB-HID protocol mode with independent USB device or with link to each other with the Trusted Computing machine host with the USB-HID protocol mode after the PC keyboard is integrated the parallel USB-HUB of access.
2, trusted payment computer installation according to claim 1 is characterized in that, described trusted card reading equipment comprises assembly:
Processor is responsible for the arithmetic sum logical operation, for the operation of software in the trusted card reading equipment provides the computing support;
Storage unit is responsible for stored programme Firmware and data;
The storage administration protected location is realized allocation of space and access control to storage unit;
Randomizer generates the true random number meet national Password Management office standard;
The ECC engine meets the ECC standard of national Password Management office, realizes that systematic parameter, key are to generation, Digital Signature Algorithm, Internet Key Exchange Protocol and cryptographic algorithm;
The bank card card reader reads bank card magnetic track information;
Keypad is for the user provides input interface to trusted card reading equipment input digit;
Liquid crystal display provides information with the character way of output to the user;
Voice cue module provides information in the voice output mode to the user;
The USB controller, the organization internal data offer external unit in the usb signal mode, and the usb signal of outside input is converted into the manageable signal of trusted card reading device interior;
Intercom mutually by bus between each assembly of trusted card reading equipment.
3, trusted payment computer installation according to claim 1 and 2 is characterized in that, the instruction set of described processor adopting standard 8051 nuclears or compatibility 8051.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200820123372U CN201378346Y (en) | 2008-11-06 | 2008-11-06 | Credible payment computer device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200820123372U CN201378346Y (en) | 2008-11-06 | 2008-11-06 | Credible payment computer device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN201378346Y true CN201378346Y (en) | 2010-01-06 |
Family
ID=41518463
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200820123372U Expired - Fee Related CN201378346Y (en) | 2008-11-06 | 2008-11-06 | Credible payment computer device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN201378346Y (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108108623A (en) * | 2017-12-15 | 2018-06-01 | 浪潮(北京)电子信息产业有限公司 | Hard disk master boot record is loaded into method, apparatus, equipment and the storage medium of memory |
-
2008
- 2008-11-06 CN CN200820123372U patent/CN201378346Y/en not_active Expired - Fee Related
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108108623A (en) * | 2017-12-15 | 2018-06-01 | 浪潮(北京)电子信息产业有限公司 | Hard disk master boot record is loaded into method, apparatus, equipment and the storage medium of memory |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10491379B2 (en) | System, device, and method of secure entry and handling of passwords | |
| US11088855B2 (en) | System and method for verifying an identity of a user using a cryptographic challenge based on a cryptographic operation | |
| CN101739622A (en) | Trusted payment computer system | |
| WO2020073513A1 (en) | Blockchain-based user authentication method and terminal device | |
| CN100566254C (en) | Improve the method and system of safety of intelligent key equipment | |
| US8966269B2 (en) | Integrity protected smart card transaction | |
| CN101739624A (en) | Trusted payment network system | |
| JP2015154491A (en) | System and method for remote access and remote digital signature | |
| CA2914956C (en) | System and method for encryption | |
| CN109889495B (en) | Quantum computation resistant electronic seal method and system based on multiple asymmetric key pools | |
| CN101527024A (en) | Safe web bank system and realization method thereof | |
| CN102024115B (en) | Computer with user security subsystem | |
| CN107133512A (en) | POS terminal control method and device | |
| CN114760070A (en) | Digital certificate issuing method, digital certificate issuing center and readable storage medium | |
| EP4018403A1 (en) | Authenticator app for consent architecture | |
| CN112862484A (en) | Secure payment method and device based on multi-terminal interaction | |
| CN107733936A (en) | A kind of encryption method of mobile data | |
| CN101739623A (en) | Trusted payment computer system | |
| CN201327659Y (en) | Credible card reading device | |
| CN101547098B (en) | Method and system for security certification of public network data transmission | |
| CN201378346Y (en) | Credible payment computer device | |
| CN102708491A (en) | Trusted computing based novel USB (universal serial bus) Key device and safety transaction method thereof | |
| JP2012044430A (en) | Portable information apparatus and encrypted communication program | |
| TWM579789U (en) | Electronic contract signing device | |
| CN101739763A (en) | Trusted card reading device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100106 Termination date: 20171106 |