CN202713371U - Electronic signature device and electronic signature system - Google Patents

Electronic signature device and electronic signature system Download PDF

Info

Publication number
CN202713371U
CN202713371U CN 201220384055 CN201220384055U CN202713371U CN 202713371 U CN202713371 U CN 202713371U CN 201220384055 CN201220384055 CN 201220384055 CN 201220384055 U CN201220384055 U CN 201220384055U CN 202713371 U CN202713371 U CN 202713371U
Authority
CN
China
Prior art keywords
service
electronic signature
signature
business
certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CN 201220384055
Other languages
Chinese (zh)
Inventor
赵茂林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eidlink Information Technology Co ltd
Original Assignee
BEIJING ZHONGCHUANG ZHIXIN TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING ZHONGCHUANG ZHIXIN TECHNOLOGY CO LTD filed Critical BEIJING ZHONGCHUANG ZHIXIN TECHNOLOGY CO LTD
Priority to CN 201220384055 priority Critical patent/CN202713371U/en
Application granted granted Critical
Publication of CN202713371U publication Critical patent/CN202713371U/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Abstract

The utility model discloses an electronic signature device and an electronic signature system. The device comprises: a communication unit; a service private key storage unit; a service certificate storage unit for storing service certificates and identifications of the service certificates; an equipment private key storage unit; an equipment certificate storage unit for storing equipment certificates and identifications of the equipment certificates; a password verification unit for verifying a password which is input by a user; a service operation unit for operating service data to be signed from a service operation device by using a service private key so as to generate a service electronic signature and binding the service electronic signature with a service certificate or an identification of the service certificate, thereby achieving the service signature of the service data to be signed; an environment operation unit for operating service environment data to be signed from a service operation device by using an equipment private key so as to generate an equipment electronic signature and binding the equipment electronic signature with an equipment certificate or an identification of the equipment certificate, thereby achieving the equipment signature of the service environment data to be signed; and an input/output unit.

Description

Electronic signature device and system
Technical field
The utility model relates to a kind of electronic signature device and system, relates in particular to a kind of electronic signature device and system that uses electronic signature certificate and key.
Background technology
In existing electronic signature business realizing technology, often professional private key and service certificate (or service certificate sign) are stored in the signature apparatus, realize electronic signature by the mode of calling from the business operation device such as user terminal.
Fig. 1 illustrates a kind of structural representation of existing electric signing system.As shown in Figure 1, this existing electric signing system is made of user terminal 102, electronic signature device (below be also referred to as " signature apparatus ") 103 and service server 104.Adopt USB interface to be connected between user terminal 102 and the signature apparatus 103.User terminal 102 conducts interviews to service server 104 by the Internet.User terminal 102 communicates with service server 104 and signature apparatus 103 respectively according to user 101 demand.Signature apparatus 103 comprises that professional private key memory cell 1031 and service certificate memory cell 1032 and authentication unit, the information of needs being signed with professional private key such as the password of user's input is verified known in the art carry out computing and generate arithmetic element, the input-output unit of electronic signature and other unit (not shown) such as communication unit that communicate with user terminal, for simplicity, for other unit known in the art and corresponding concrete syndeton, do not repeat them here.
Fig. 2 is the basic operation flow chart of the execution electronic signature of electric signing system shown in Figure 1.As shown in Figure 2, the basic operation flow process of this signature system comprises:
At step S106, user terminal 102 is submitting to service server 104 from user 101 service request;
At step S107, service server 104 sends to user terminal 102 to business datum;
At step S108, user terminal 102 sends to signature apparatus 103 to the business datum of needs signature;
At step S109, signature apparatus 103 utilization is stored in professional private key in the professional private key memory cell 1031 and the service certificate in the service certificate memory cell 1032, the business datum of needs signature is carried out business sign;
At step S110, the data after signature apparatus 103 is signed business are submitted to user terminal 102;
At step S111, the data after user terminal 102 is signed business send to service server 104;
At step S112, the data behind the business signature that 104 pairs of service servers receive are verified, and are carried out corresponding Business Processing according to the result; And
At step S113, service server 104 sends to user terminal 102 with service processing result.
At last, user terminal 102 display business results.
In above-mentioned steps S108, the business datum that the crypto-operation interface routine that passes through to install and signature apparatus driver will need to sign sends to signature apparatus 103.Crypto-operation interface routine and signature apparatus driver can be that service server 104 sends user terminal 102 to and is installed in user terminal 102; Perhaps can be pre-stored in signature apparatus 103, with after user terminal 102 is connected, Auto-mounting is at user terminal 102 etc. at signature apparatus 103.
In above-mentioned steps S109, the business datum of needs signature is carried out professional signature realize in the following manner: after receiving the business datum that needs signature, signature apparatus 103 prompting users 101 input signature passwords; Then, user 101 enters password at user terminal 102 according to prompting; Afterwards, the authentication unit of signature apparatus 103 is verified the password of user's input, if checking is not passed through, then this business operation finishes, if checking is passed through, then the arithmetic element of signature apparatus 103 is enabled professional private key and the business datum of needs signatures is carried out computing and generate professional electronic signature, and with business electronic signature and service certificate binding, finishing service is signed.
In above-mentioned steps S112, the result and corresponding Business Processing for example specific implementation are: the result of the data behind the business signature that 104 pairs of service servers receive is that checking is passed through, think that then the current business request obtains user's legal authorization, service server 104 provides the business information that satisfies service request to user terminal 102; Otherwise the result is to verify not pass through, and thinks that then the current business request does not obtain user's legal authorization, and service server 104 stops providing business information to user terminal 102.
Yet, may be because of the operation of certain mode, for example the user accesses the webpage of not clear website, cause resident in user terminal the Hacker Program such as wooden horse being arranged, the possible Long-distance Control user terminal of hacker, steal user's signature password, signature apparatus and user terminal keep being connected during, do not submit in any service request or the unwitting situation the user, submit service request to and induce signature apparatus to produce electronic signature, thereby analog subscriber is finished the signature operation flow process, so that service server 104 thinks that hacker's service request obtains user's legal authorization, and then provide the business information that satisfies service request to the hacker, thereby so that the user incur loss.In addition, also have certain situation, for example, the user who has loses signature apparatus accidentally, is found by the lawless person, is perhaps stolen by the lawless person.The lawless person utilizes unlawful means to obtain user name, logs in password and signature password, then in own or other places finished the operation that is similar to above-mentioned illegal business operation, this also can make validated user sustain a loss.
This loss happens occasionally in practice.Suspicious service request has occured and when processing, user or professional provider report a case to the security authorities to public security department when thinking, public security department usually send someone field investigation and evidence obtaining.Yet, because in the prior art, the service server end only records the electronic signature relevant with a certain business datum, any relevant information of the business operation device context such as user terminal of signing messages do not submitted in record, so anyone all can't accurately judge afterwards submit signing messages to the business operation device where, also just can't carry out the scene evidence taking for this user terminal, and then just can't analyze further that signature is to finish under user's controlling, or induce generation by the hacker, or control generation by the third party of theft signature apparatus.Owing to can't accurately locate the business operation device such as user terminal of submitting signing messages to, thereby can't effectively collect evidence, also just can't effectively differentiate suspicious service request and processing, this has increased the difficulty that suspicious service request and processing are judged by public security department greatly, greatly increase the possibility that to solve a case, caused user and professional provider possibly can't in time retrieve the loss of oneself.
In addition, also having increased user, business provides the manpower of department and public security department to waste and the extra work time cost.
Summary of the invention
The utility model can solve above-mentioned one or more shortcoming that prior art exists.
According to an aspect of the present utility model, a kind of electronic signature device is provided, this electronic signature device can comprise: communication unit is used for communicating with the business operation device of outside execution business operation; Professional private key memory cell is used for the storage service private key; The service certificate memory cell is used for storage service certificate or service certificate sign; The device private memory cell is used for the memory device private key; The device certificate memory cell is used for memory device certificate or device certificate sign; The password authentication unit is used for the password of user's input is verified; Professional arithmetic element, be used for described professional private key the business datum of signing from the needs of described business operation device being carried out computing and being generated professional electronic signature, and with described service certificate or the binding of described service certificate sign of storing in described professional electronic signature and the described service certificate memory cell, finish the described business of the business datum of signature that needs is signed; The environment arithmetic element, be used for described device private the service environment data of signing from the needs of described business operation device being carried out computing and the electronic signature of generation equipment, and with described device certificate or the binding of described device certificate sign of storing in described equipment electronic signature and the described device certificate memory cell, finish the device subscription that needs the service environment data of signature to described; And input-output unit, communicate with described communication unit, described password authentication unit, described professional arithmetic element and described environment arithmetic element.
Further, in above-mentioned electronic signature device, described business operation device comprises user terminal, and described environment arithmetic element to need the service environment data of signature for computing described can be the data relevant with described user terminal.
In addition, in above-mentioned electronic signature device, described environment arithmetic element can comprise following any one or their combination for the described service environment data of signature that need of computing: the IP address of described user terminal, MAC Address of Network Card, CPU sequence number, hard disk sequence number and machine number.
In addition, in above-mentioned electronic signature device, the service environment data behind the described environment arithmetic element finishing equipment signature can comprise: the service environment data of described needs signature; Described equipment electronic signature; With following any one or their combination: the traffic sequence number (traffic ID) of the device certificate identification name of described electronic signature device (Distinguished Name, DN), equipment Serial Number, described business operation and the time of described business operation.
Have, in above-mentioned electronic signature device, described device private memory cell can the two be encapsulated in the same chip with described device certificate memory cell, and described device private memory cell can pre-storedly have changeless described device private again.
According to another aspect of the present utility model, a kind of electric signing system is provided, this electric signing system can comprise: aforementioned any electronic signature device; Described business operation device; Service server, be used for receiving the service request of submitting to through described business operation device from described user, send the described business datum of signature that needs to described business operation device, and to verifying through the described professional electronic signature that described business operation device sends from described electronic signature device, carry out Business Processing according to the result; Business operation device context data acquisition unit is used for the service request through described business operation device submission according to described user, the service environment data behind the collecting device signature; And data center, be used for storage from the service environment data after the described device subscription of described business operation device context data acquisition unit.
Further, in above-mentioned electric signing system, described business operation device context data acquisition unit can be arranged between described service server and the described data center.
In addition, in above-mentioned electric signing system, described business operation device context data acquisition unit can be arranged between described service server and the described business operation device.
In addition, in above-mentioned electric signing system, described business operation device context data acquisition unit can be arranged in the described service server.
Have, in above-mentioned electric signing system, described data center can also comprise the service environment data verification units again, and described service environment data verification units is used for the service environment data after the device subscription are verified.
Also have, in above-mentioned electric signing system, described data center can also be used for the combination of following each or they of storage: the business datum after described professional electronic signature, the electronic signature of described equipment and the professional electronic signature.
By adopting electronic signature device of the present utility model and system, the environment of user, user's e commerce transactions signing messages and the business operation device such as user terminal can be associated by authentication signature, thereby can realize exactly the real time environment data acquisition to the site environment of e commerce transactions signature operation, can accurately be located so that the business operation device such as user terminal of e commerce transactions signature operation occurs, the environmental information of accurately signature generation is provided for scene evidence taking behind people's fortification.
In addition, by adopting electronic signature device of the present utility model and system, can be so that in electronic signature business operation process, carry out simultaneously data generation, transmission and the storage of site environment, so that occuring, the business operation device such as user terminal of electronic signature business operation can be located rapidly and be analyzed where necessary, need not to increase user, business provides department and public security department to carry out specially the environmental data collecting operation and manpower and the operating time cost of ancillary cost to on-the-spot, improve operating efficiency, reduced the business operation risk.
Have again, by adopting electronic signature device of the present utility model and system, so that the data of the business operation device context such as user terminal that gathers can access timely analysis, thereby find early suspicious business operation, thereby play the early warning effect.
It should be apparent that to one skilled in the art, on the basis of foregoing, can make various modifications, conversion or combination to them.
According to following accompanying drawing and detailed description, the utility model and corresponding other system, device, feature and advantage will become apparent to those skilled in the art.The application is intended to make all these and other system, device, feature and advantage to be included in this description.Be to be understood that; this paper foregoing general description and following detailed description all are exemplary with indicative; be intended to provide the further understanding as to technical scheme required for protection, but should be considered to be restriction to technical scheme required for protection without any thing.
Description of drawings
Below, for understanding better the utility model, describe each exemplary embodiment of the present utility model in detail in connection with accompanying drawing.
Fig. 1 illustrates the structural representation of existing electric signing system;
Fig. 2 is the basic operation flow chart of the execution electronic signature of electric signing system shown in Figure 1;
Fig. 3 illustrates the overall structure schematic diagram according to a kind of electric signing system example of an exemplary embodiment of the utility model;
Fig. 4 is a basic operation example flow diagram of carrying out electronic signature and data acquisition of electric signing system shown in Figure 3;
Fig. 5 illustrates the overall structure schematic diagram according to a kind of electric signing system example of another exemplary embodiment of the utility model;
Fig. 6 is a basic operation example flow diagram of carrying out electronic signature and data acquisition of electric signing system shown in Figure 5; And
Fig. 7 illustrates the example of one group of electronic signature service environment information.
Embodiment
Each execution mode now with reference to this paper is described in detail, and illustrates the example in the accompanying drawing.For its thought is conveyed to those of ordinary skills, provide these execution modes of after this introducing as an example.Therefore, these execution modes can be implemented with different forms, thereby are not limited to these execution modes described here.And, in any possible place, in whole specification and accompanying drawing, will use identical Reference numeral to represent same or analogous parts.
Fig. 3 shows the overall structure schematic diagram according to a kind of electric signing system example of an exemplary embodiment of the utility model, wherein, with the example of user terminal as the business operation device, and with the example of user terminal environmental data collector as business operation device context data acquisition unit, those skilled in the art should be understood that, business operation device and business operation device context data acquisition unit are not limited to these, after reading this description, those skilled in the art can make various modifications and conversion to it.As shown in Figure 3, this electric signing system comprises: user terminal 302; Signature apparatus 303; Service server 304; Data center 305; With user terminal environmental data collector 306.
Adopt computer external interface between user terminal 302 and the signature apparatus 303, be connected such as USB interface, infrared interface and/or blue tooth interface etc.Other modes that certainly, can also adopt those skilled in the art to expect between user terminal 302 and the signature apparatus 303 connect.
User terminal 302 conducts interviews to service server 304 by the Internet.Certainly, user terminal 302 can also conduct interviews to service server 304 by other means, for example conducts interviews by dedicated communication line, and those skilled in the art can make various modifications and conversion to it after reading and understanding the utility model.
User terminal 302 communicates with service server 304 and signature apparatus 303 respectively according to user 301 demand, user terminal environmental data collector 306 is arranged between service server 304 and the data center 305, communicates with service server 304 and data center 305 respectively.
Signature apparatus 303 comprises: professional private key memory cell 3031 is used for the storage service private key; Service certificate memory cell 3032 is used for the storage service certificate; Device private memory cell 3033 is used for the memory device private key; Device certificate memory cell 3034 is used for the memory device certificate; Password authentication unit 3035 is used for the password of user's input is verified; Professional arithmetic element 3036 is used for professional private key the business datum of needs signature being carried out computing and being generated professional electronic signature, and with business electronic signature and service certificate binding, finishes the business signature to the business datum of needs signature; Environment arithmetic element 3037 is used for device private the service environment data of needs signature being carried out computing and the electronic signature of generation equipment, and with equipment electronic signature and device certificate binding, finishes the device subscription to the service environment data of needs signature; Input-output unit 3038; And be used for the communication unit 3039 that communicates with user terminal 302.Here, service certificate can according to circumstances be changed to the service certificate sign, and device certificate also can according to circumstances be changed to the device certificate sign.
Fig. 4 is a basic operation example flow diagram of carrying out electronic signature and data acquisition of electric signing system shown in Figure 3.As shown in Figure 4:
At step S401, user terminal 302 sends to service server 304 to the service request from user 301;
At step S402, service server 304 sends the environmental data collecting request to user terminal environmental data collector 306;
At step S403, user terminal environmental data collector 306 sends to service server 304 to Information Monitoring;
At step S404, service server 304 sends to user terminal 302 with business datum and Information Monitoring;
At step S405, user terminal 302 generates the machine environmental data according to Information Monitoring, utilizes the machine environmental data of business datum and generation to generate the service environment data;
At step S406, user terminal 302 sends to signature apparatus 303 to service environment data and business datum;
At step S407,3035 pairs of password authentication unit are verified at the signature password of user terminal 302 inputs through the user 301 that communication unit 3039 and input-output unit 3038 send, if checking is not passed through, then this business operation finishes, if checking is passed through, then professional arithmetic element 3036 is enabled the professional private key that is stored in the professional private key memory cell 3031 and business datum is carried out computing and generate professional electronic signature, and with business electronic signature and the service certificate or the binding of service certificate sign that are stored in the service certificate memory cell 3032, finish the business signature to business datum, simultaneously environment arithmetic element 3037 enables that the device private that is stored in the device private memory cell 3033 is carried out computing to the service environment data and the electronic signature of generation equipment, and with equipment electronic signature and the device certificate or the binding of device certificate sign that are stored in the device certificate memory cell 3034, finish the device subscription to the service environment data;
At step S408, signature apparatus 303 business sign electronically, service environment data after equipment electronic signature and the device subscription submit to user terminal 302 through input-output unit 3038 and communication unit 3039;
At step S409, user terminal 302 sends to service server 304 with all signatures and the data of submitting to;
At step S410, the business electronic signature that 304 pairs of service servers receive is verified, carries out corresponding Business Processing according to the result;
At step S411, service server 304 sends to user terminal 302 with service processing result, user terminal 302 display business results;
At step S412, the equipment electronic signature that 304 of service servers receive and the service environment data after the device subscription send to user terminal environmental data collector 306;
At step S413, the service environment data of user terminal environmental data collector 306 after equipment electronic signature and device subscription are submitted to data center 305; And
At step S414, the equipment electronic signature that 305 pairs of data centers receive and the service environment data after the device subscription are stored.
In above-mentioned steps S406, the crypto-operation interface routine that can pass through to install and signature apparatus driver send to signature apparatus 303 with service environment data and business datum.Crypto-operation interface routine and signature apparatus driver can be that service server 304 sends user terminal 302 to and is installed in user terminal 302; Perhaps can be pre-stored in signature apparatus 303, with after user terminal 302 is connected, Auto-mounting is at user terminal 302 etc. at signature apparatus 303.
In above-mentioned steps S410, to the business that receives electronic signature verify and corresponding Business Processing for example specific implementation be: the result of the business electronic signature that 304 pairs of service servers receive is that checking is passed through, think that then the current business request obtains user's legal authorization, then service server 304 provides the business information that satisfies service request to user terminal 302 at above-mentioned steps S411; Otherwise the result is to verify not pass through, and thinks that then the current business request does not obtain user's legal authorization, and service server 304 stops providing business information to user terminal 302, then in above-mentioned steps S411 this termination message is sent to user terminal 302.
By adopting electronic signature device of the present utility model and system, can be with the user, user's e commerce transactions signing messages associates by authentication signature with the environment of the business operation device such as user terminal, owing to stored the service environment information after equipment electronic signature and the device subscription, so can realize exactly the real time environment data acquisition to the site environment of e commerce transactions signature operation, can accurately be located so that the business operation device such as user terminal of e commerce transactions signature operation occurs, the environmental information of accurately signature generation is provided for scene evidence taking behind people's fortification.
The service environment data can be the professional relevant data of business operation device such as user terminal of participation electronic signature that are connected with signature apparatus, such as the IP address of user terminal, MAC Address of Network Card, CPU sequence number, hard disk sequence number, terminal machine number etc.Certainly, the service environment data are not limited to these, also can comprise other related data that those skilled in the art can expect, perhaps selection each or its combination from these data and other related datas.Fig. 7 shows the example of one group of electronic signature service environment information, and it has comprised device certificate DN 701, equipment Serial Number 702, traffic ID 703, business operation time 704, terminal machine number 705 and equipment electronic signature 706.Because electronic signature service environment information has adopted the professional relevant data of business operation device such as user terminal of participation electronic signature that are connected with signature apparatus, the accurate positioning that has further improved the business operation device such as user terminal.
In addition, data center 305 also can further comprise service environment data verification units (not shown), is used for the service environment data after the device subscription are verified, data center 305 does corresponding service environment data according to the result and processes.So, in above-mentioned steps S414, the step that service environment data after the electronic signature of equipment that 305 pairs of data centers receive and the device subscription are stored is verified by the service environment data of service environment data verification units after to device subscription and the step of corresponding service environment data processing is substituted, this alternative steps for example specific implementation is: the service environment data of service environment data verification units after to the device subscription that receives are verified, pass through if the result is checking, then the service environment data after the device subscription are stored in the data center 305; Otherwise the result is to verify not pass through, and thinks that then there is suspicious environmental factor in the current business operation, sends suspicious warning information, simultaneously the service environment data after the device subscription is stored in the data center 305.Owing to further comprised the service environment data verification units, so that this system can further realize the early warning to suspicious service environment.
Further, data center 305 can also store the combination of following each or they: the business datum after professional electronic signature, equipment electronic signature and the professional electronic signature, these data can be from service server 304, by more service related data is provided, further having improved the business operation device such as user terminal that the electronic signature business operation occurs can be by the possibility of accurate analysis and location thus.
In addition, above-mentioned steps S412 can carry out before the step S410 or after step S411, also can when carrying out, step S410 carry out, like this, under latter event, can be so that in electronic signature business operation process, carry out simultaneously the data generation of site environment, transmission and storage, so that occuring, the business operation device such as user terminal of electronic signature business operation can be located rapidly and be analyzed where necessary, need not to increase the user, business provides department and public security department to carry out specially the environmental data collecting operation and manpower and the operating time cost of ancillary cost to on-the-spot, improve operating efficiency, reduced the business operation risk.
Have, optionally, the two can be encapsulated in device private memory cell 3033 and device certificate memory cell 3034 in the same chip again, and device private memory cell 3033 is pre-stored that device private arranged.Like this, device private and professional private key for example can carry out establishment and management separately by chip production mechanism and electronic signature device production mechanism, for example the latter can only call the former pre-stored for example changeless device private, and can not make amendment or delete it, further improved thus electronic signature device and Security of the system and to the location of the business operation device such as user terminal and the accuracy of analysis.
Fig. 5 illustrates the overall structure schematic diagram according to a kind of electric signing system example of another exemplary embodiment of the utility model, wherein, with the example of user terminal as the business operation device, and with the example of user terminal environmental data collector as business operation device context data acquisition unit, those skilled in the art should be understood that, business operation device and business operation device context data acquisition unit are not limited to these, after reading this description, those skilled in the art can make various modifications and conversion to it.As shown in Figure 5, this electric signing system comprises: user terminal 502; Signature apparatus 503; Service server 504; Data center 505; With user terminal environment collector 506.This system and electric signing system shown in Figure 3 are visibly different to be that user terminal environmental data collector 506 is arranged between user terminal 502 and the service server 504, communicates with the two.
Adopt computer external interface between user terminal 502 and the signature apparatus 503, be connected such as USB interface, infrared interface and/or blue tooth interface etc.Other modes that certainly, can also adopt those skilled in the art to expect between user terminal 502 and the signature apparatus 503 connect.
User terminal 502 communicates by the Internet and user terminal environmental data collector 506.Certainly, user terminal 502 can also communicate with user terminal environmental data collector 506 by other means, for example communicate by dedicated communication line, those skilled in the art can make various modifications and conversion to it after reading and understanding the utility model.
User terminal 502 communicates with user terminal environmental data collector 506 and signature apparatus 503 respectively according to user 501 demand.
Signature apparatus 503 comprises: professional private key memory cell 5031 is used for the storage service private key; Service certificate memory cell 5032 is used for the storage service certificate; Device private memory cell 5033 is used for the memory device private key; Device certificate memory cell 5034 is used for the memory device certificate; Password authentication unit 5035 is used for the password of user's input is verified; Professional arithmetic element 5036 is used for professional private key the business datum of needs signature being carried out computing and being generated professional electronic signature, and with business electronic signature and service certificate binding, finishes the business signature to the business datum of needs signature; Environment arithmetic element 5037 is used for device private the service environment data of needs signature being carried out computing and the electronic signature of generation equipment, and with equipment electronic signature and device certificate binding, finishes the device subscription to the service environment data of needs signature; Input-output unit 5038; And be used for the communication unit 5039 that communicates with user terminal 502.Here, service certificate can according to circumstances be changed to the service certificate sign, and device certificate also can according to circumstances be changed to the device certificate sign.
Fig. 6 is a basic operation example flow diagram of carrying out electronic signature and data acquisition of electric signing system shown in Figure 5.As shown in Figure 6:
At step S601, user terminal 502 sends to user terminal environmental data collector 506 to the service request from user 501;
At step S602, user terminal environmental data collector 506 sends this service request to service server 504;
At step S603, service server 504 sends to user terminal environmental data collector 506 to business datum;
At step S604, user terminal environmental data collector 506 sends to user terminal 502 to business datum and Information Monitoring;
At step S605, user terminal 502 generates the machine environmental data according to Information Monitoring, utilizes the machine environmental data of business datum and generation to generate the service environment data;
At step S606, user terminal 502 sends to signature apparatus 503 to service environment data and business datum;
At step S607,5035 pairs of password authentication unit are verified at the signature password of user terminal 502 inputs through the user 501 that communication unit 5039 and input-output unit 5038 send, if checking is not passed through, then this business operation finishes, if checking is passed through, then professional arithmetic element 5036 is enabled the professional private key that is stored in the professional private key memory cell 5031 and business datum is carried out computing and generate professional electronic signature, and with business electronic signature be stored in service certificate or the binding of service certificate sign in the service certificate memory cell 5032, finish the business signature to business datum, simultaneously environment arithmetic element 5037 enables that the device private that is stored in the device private memory cell 5033 is carried out computing to the service environment data and the electronic signature of generation equipment, and with equipment electronic signature be stored in device certificate or the binding of device certificate sign in the device certificate memory cell 5034, finish the device subscription to the service environment data.
At step S608, signature apparatus 503 business sign electronically, service environment data after equipment electronic signature and the device subscription submit to user terminal 502 through input-output unit 5038 and communication unit 5039;
At step S609, user terminal 502 sends to user terminal environmental data collector 506 with all signatures and the data of submitting to;
At step S610, user terminal environmental data collector 506 sends to service server 504 with all signatures and the data of submitting to;
At step S611, the business electronic signature that 504 pairs of service servers receive is verified, carries out corresponding Business Processing according to the result;
At step S612, service server 504 sends to user terminal environmental data collector 506 with service processing result;
At step S613, user terminal environmental data collector 506 sends to user terminal 502 with service processing result, user terminal 502 display business results;
At step S614, the equipment electronic signature that 504 of service servers receive and the service environment data after the device subscription are submitted to data center 505; And
At step S615, the equipment electronic signature that 505 pairs of data centers receive and the service environment data after the device subscription are stored.
In above-mentioned steps S606, the crypto-operation interface routine that can pass through to install and signature apparatus driver send to signature apparatus 503 with service environment data and business datum.Crypto-operation interface routine and signature apparatus driver can be that service server 504 sends user terminal 502 to and is installed in user terminal 502 through user terminal environmental data collector 506; Perhaps can be pre-stored in signature apparatus 503, with after user terminal 502 is connected, Auto-mounting is at user terminal 502 etc. at signature apparatus 503.
In above-mentioned steps S611, to the business that receives electronic signature verify and corresponding Business Processing for example specific implementation be: the result of the business electronic signature that 504 pairs of service servers receive is that checking is passed through, think that then the current business request obtains user's legal authorization, then service server 504 provides the business information that satisfies service request to user terminal environmental data collector 506 at above-mentioned steps S612; Otherwise, the result is to verify not pass through, think that then the current business request does not obtain user's legal authorization, service server 504 stops providing business information to user terminal environmental data collector 506, then in above-mentioned steps S612 this termination message is sent to user terminal environmental data collector 506.
By adopting electronic signature device of the present utility model and system, can be with the user, user's e commerce transactions signing messages associates by authentication signature with the environment of the business operation device such as user terminal, owing to stored the service environment information after equipment electronic signature and the device subscription, so can realize exactly the real time environment data acquisition to the site environment of e commerce transactions signature operation, can accurately be located so that the business operation device such as user terminal of e commerce transactions signature operation occurs, the environmental information of accurately signature generation is provided for scene evidence taking behind people's fortification.
The service environment data can be the professional relevant data of business operation device such as user terminal of participation electronic signature that are connected with signature apparatus, such as the IP address of user terminal, MAC Address of Network Card, CPU sequence number, hard disk sequence number, terminal machine number etc.Certainly, the service environment data are not limited to these, also can comprise other related data that those skilled in the art can expect, perhaps selection each or its combination from these data and other related datas.Fig. 7 shows the example of one group of electronic signature service environment information, and it has comprised device certificate DN 701, equipment Serial Number 702, traffic ID 703, business operation time 704, terminal machine number 705 and equipment electronic signature 706.Because electronic signature service environment information has adopted the professional relevant data of business operation device such as user terminal of participation electronic signature that are connected with signature apparatus, has further improved the accurate positioning to the business operation device such as user terminal.
In addition, data center 505 also can further comprise service environment data verification units (not shown), is used for the service environment data after the device subscription are verified, data center 505 does corresponding service environment data according to the result and processes.So, in above-mentioned steps S615, the step that service environment data after the electronic signature of equipment that 505 pairs of data centers receive and the device subscription are stored is verified by the service environment data of service environment data verification units after to device subscription and the step of corresponding service environment data processing is substituted, this alternative steps for example specific implementation is: the service environment data of service environment data verification units after to the device subscription that receives are verified, pass through if the result is checking, then the service environment data after the device subscription are stored in the data center 505; Otherwise the result is to verify not pass through, and thinks that then there is suspicious environmental factor in the current business operation, sends suspicious warning information, simultaneously the service environment data after the device subscription is stored in the data center 505.Owing to further comprised the service environment data verification units, so that this system can further realize the early warning to suspicious service environment.
Further, data center 505 can also store the combination of following each or they: the business datum after professional electronic signature, equipment electronic signature and the professional electronic signature, these data can be from service server 504, by more service related data is provided, further having improved the business operation device such as user terminal that the electronic signature business operation occurs can be by the possibility of accurate analysis and location thus.
In addition, above-mentioned steps S614 can carry out before the step S611 or after step S613, also can when carrying out, step S611 carry out, like this, under latter event, can be so that in electronic signature business operation process, carry out simultaneously the data generation of site environment, transmission and storage, further the business operation device such as user terminal of business operation can be located rapidly and be analyzed where necessary so that generation signs electronically, need not to increase the user, business provides department and public security department to carry out specially the environmental data collecting operation and manpower and the operating time cost of ancillary cost to on-the-spot, further improve operating efficiency, reduced the business operation risk.
Have again, in system shown in Figure 5, at step S602, user terminal environmental data collector 506 can be when sending service request to service server 504, the Information Monitoring of mentioning among the above-mentioned steps S604 is sent to user terminal 502 at step S602, then user terminal 502 is carried out operating according to Information Monitoring generation the machine environmental data among the above-mentioned steps S605, thereby has saved the time that data send and process among step S604 and the S605, has further improved operating efficiency.
Also have, optionally, the two can be encapsulated in device private memory cell 5033 and device certificate memory cell 5034 in the same chip, and device private memory cell 5033 is pre-stored that device private arranged.Like this, device private and professional private key for example can carry out establishment and management separately by chip production mechanism and electronic signature device production mechanism, for example the latter can only call the former pre-stored for example changeless device private, and can not make amendment or delete it, further improved thus electronic signature device and Security of the system and to the location of the business operation device such as user terminal and the accuracy of analysis.
The user terminal environmental data collector has below been described respectively respectively at the electric signing system example of service server prime and rear class.Optionally, the user terminal environmental data collector also can be used as user terminal environmental data collecting unit and is integrated in the service server.Thus, so that the whole system structure is simpler, can reduce the cost of whole system simultaneously.The concrete structure of this conversion example and operating process are respectively with similar shown in Fig. 3 and 4, and those skilled in the art can understand the example of this conversion after reading this specification and accompanying drawing, therefore in the detailed description of this omission to this conversion example.
Below, the process by the electronic signature device shown in Fig. 3 and 4 and system realize under the PE of Internet bar illustrates electronic signature device of the present utility model and system.
For example, user terminal 302 is public computers 302 of an Internet bar, this computer resident have the assault success steal user name, log in password and the signature password program.The user 301 who holds signature apparatus 303 is connected signature apparatus 303 and sets up proper communication with this computer 302, carry out legal operational line operation after, do not have in time to disconnect communicating by letter of this signature apparatus 303 and computer 302.
In this section communication process after this legal operational line operation, the hacker is by above-mentioned resident program, after user 301 carries out this legal operational line operation, successfully steal user 301 user name, log in password and the signature password, and finish illegal business operation according to following flow process, but the environmental data of this illegal business operation is also gathered and stores in this illegal operation process by electronic signature device of the present utility model and system:
At first, the hacker starts browser or the client in this computer 302, and the display properties of browser or client is made as invisible, and user 301 does not just know that this program moves like this;
Secondly, the service request of hacker's analog subscriber 301 is at this browser or client input user's 301 user name and entry password etc., the business operation platform of login user, analog subscriber 301, the incoming traffic password is also uploaded user file, and this service request is confirmed;
Afterwards, this browser or client send to service server 304 to the service request from hacker's analog subscriber 301;
Then, service server 304 sends the environmental data collecting request to user terminal environmental data collector 306;
Subsequently, user terminal environmental data collector 306 is Information Monitoring, and for example capture program sends to service server 304;
Afterwards, service server 304 sends to this browser or client with business datum and Information Monitoring;
Then, this browser or client are according to Information Monitoring, for example move capture program, collect computer 302 field datas, such as (this locality and server) IP address, MAC Address of Network Card, CPU number, hard reel number etc., generate the machine environmental data, for example form on-the-spot snapshot, and utilize the machine environmental data of business datum and generation to generate the service environment data, for example, with on-the-spot snapshot and business operation time, traffic ID associates and generates the service environment data, service environment data and business datum are together sent to signature apparatus 303, wherein, the crypto-operation interface routine that passes through to install and signature apparatus driver send to signature apparatus 303 with service environment data and business datum, and crypto-operation interface routine and signature apparatus driver can be that service server 304 sends computer 302 to and is installed in the computer 302 in the legitimate traffic operating process; Perhaps can be pre-stored in signature apparatus 303, with after computer 302 is connected, Auto-mounting is in computer 302 at signature apparatus 303;
Subsequently, signature apparatus 303 prompting input signature passwords, hacker's analog subscriber 301 input signature passwords;
Afterwards, the signature password of the 3035 pairs of hacker's analog subscribers in the password authentication unit of signature apparatus 303,301 inputs is verified, after checking is passed through, the professional arithmetic element 3036 of signature apparatus 303 is enabled the professional private key that is stored in the professional private key memory cell 3031 and business datum is carried out computing and generate professional electronic signature, and with business electronic signature be stored in service certificate or the binding of service certificate sign in the service certificate memory cell 3032, finish the business signature to business datum, simultaneously the environment arithmetic element 3037 of signature apparatus 303 enables that the device private that is stored in the device private memory cell 3033 is carried out computing to the service environment data and the electronic signature of generation equipment, and with equipment electronic signature be stored in device certificate or the binding of device certificate sign in the device certificate memory cell 3034, finish the device subscription to the service environment data; Then business sign electronically, service environment data after equipment electronic signature and the device subscription submit to this browser or client;
Then, this browser or client will receive all the signature and data send to service server 304;
Subsequently, the equipment electronic signature that 304 of service servers receive and the service environment data after the device subscription send to user terminal environmental data collector 306, and to the business that receives electronic signature is verified, checking is passed through, think that the service request of current hacker's analog subscriber obtains user's legal authorization, the business information that the service request of hacker's analog subscriber is required sends to this browser or client, and this browser or client are to the result of hacker's display business success;
Afterwards, perhaps when the electronic signature of business that 304 pairs of service servers receive is verified, the service environment data of user terminal environmental data collector 306 after equipment electronic signature and device subscription are submitted to data center 305;
At last, the service environment data behind data center's 305 memory devices signature.
It is the regular traffic operation that above-mentioned flow process is finished in the service server side, but the hacker induces generation, is illegal business operation.After the user finds that irrational variation occurs the customer service operating data of oneself, just can in time report a case to the security authorities to public security organ.Public security department is after receiving the report, can be rapidly according to the service environment data after the device subscription of data center's 305 storages, inquiring this this business operation at which platform computer (for example is, according to IP address, MAC Address of Network Card, CPU number, hard reel number etc.) upper, the information such as signature of when carrying out, whether be illegal business operation, in time solve a case if judging rapidly this business operation according to analysis subsequently.
Electronic signature device of the present utility model and system can also be used for the situation that signature apparatus is illegally usurped.For example, the user who has loses signature apparatus accidentally, is found by the lawless person.The lawless person utilizes unlawful means to obtain user name, logs in password and signature password, then in own or other places finished the operation that is similar to above-mentioned illegal business operation so that validated user sustains a loss.When similar incidents occur when, public security organ is after receiving the report for police service, can be rapidly according to the service environment data after the related device subscription of the illegal business operation of this time of data center's storage, inquiring this this business operation at which platform computer (for example is, according to IP address, MAC Address of Network Card, CPU number, hard reel number etc.) upper, the information such as signature of when carrying out, whether be illegal business operation, in time solve a case if judging rapidly this business operation according to analysis subsequently.
Certainly, electronic signature device of the present utility model and system are not limited to for above situation, and those skilled in the art obviously can infer it according to above description and also be applicable to other suitable situation.
The front exemplifies electronic signature device of the present utility model and the system of having illustrated in detail in conjunction with each execution mode of the present utility model.By adopting electronic signature device of the present utility model and system, the environment of user, user's e commerce transactions signing messages and the business operation device such as user terminal can be associated by authentication signature, thereby can realize exactly the real time environment data acquisition to the site environment of e commerce transactions signature operation, can accurately be located so that the business operation device such as user terminal of e commerce transactions signature operation occurs, the environmental information of accurately signature generation is provided for scene evidence taking behind people's fortification.
In addition, by adopting electronic signature device of the present utility model and system, can be so that in electronic signature business operation process, carry out simultaneously data generation, transmission and the storage of site environment, so that occuring, the business operation device such as user terminal of electronic signature business operation can be located rapidly and be analyzed where necessary, need not to increase user, business provides department and public security department to carry out specially the environmental data collecting operation and manpower and the operating time cost of ancillary cost to on-the-spot, improve operating efficiency, reduced the business operation risk.
Have again, by adopting electronic signature device of the present utility model and system, so that the data of the business operation device context such as user terminal that gathers can access timely analysis, thereby find early suspicious business operation, thereby play the early warning effect.For example, for careful, the user who has only uses electronic signature device at the computer (as at household PC or the notebook computer of oneself) of trusting usually, if judge discovery by IP address, MAC value etc., its electronic signature device uses at public computer or strange land computer, then there is possibility stolen or that be replicated in this electronic signature device, can take immediately Forewarning Measures.Again for example, by adopting electronic signature device of the present utility model and system, find certain customers at dead of night the period carry out centralized operation, and this period may be to carry out the activity such as similar illegal soccer gambling, then can find whereby to find the user who participates in unlawful activities.
The front is described the utility model in detail in conjunction with exemplary embodiment of the present utility model; but it will be appreciated by those skilled in the art that; these exemplary embodiment and example should be as the restrictions to protection range of the present utility model, those to one skilled in the art clearly modification, conversion and replacement all should drop in the protection range of the present utility model.

Claims (10)

1. electronic signature device comprises:
Communication unit is used for communicating with the business operation device of outside execution business operation;
Professional private key memory cell is used for the storage service private key;
The service certificate memory cell is used for storage service certificate or service certificate sign;
The device private memory cell is used for the memory device private key;
The device certificate memory cell is used for memory device certificate or device certificate sign;
The password authentication unit is used for the password of user's input is verified;
Professional arithmetic element, be used for described professional private key the business datum of signing from the needs of described business operation device being carried out computing and being generated professional electronic signature, and with described service certificate or the binding of described service certificate sign of storing in described professional electronic signature and the described service certificate memory cell, finish the described business of the business datum of signature that needs is signed;
The environment arithmetic element, be used for described device private the service environment data of signing from the needs of described business operation device being carried out computing and the electronic signature of generation equipment, and with described device certificate or the binding of described device certificate sign of storing in described equipment electronic signature and the described device certificate memory cell, finish the device subscription that needs the service environment data of signature to described; And
Input-output unit communicates with described communication unit, described password authentication unit, described professional arithmetic element and described environment arithmetic element.
2. electronic signature device as claimed in claim 1, wherein said business operation device comprises user terminal, and described environment arithmetic element to need the service environment data of signature for computing described be the data relevant with described user terminal.
3. electronic signature device as claimed in claim 2, wherein said environment arithmetic element comprise following any one or their combination for the described service environment data of signature that need of computing: the IP address of described user terminal, MAC Address of Network Card, CPU sequence number, hard disk sequence number and machine number.
4. such as the arbitrary described electronic signature device of claims 1 to 3, the service environment data behind the wherein said environment arithmetic element finishing equipment signature comprise:
The described service environment data that need signature;
Described equipment electronic signature; With
Following any one or their combination: the time of the traffic sequence of the device certificate identification name of described electronic signature device, equipment Serial Number, described business operation number and described business operation.
5. electronic signature device as claimed in claim 1, the two is encapsulated in wherein said device private memory cell and described device certificate memory cell in the same chip, and described device private memory cell is pre-stored that changeless described device private arranged.
6. electric signing system comprises:
Such as the arbitrary described electronic signature device of claim 1 to 5;
Described business operation device;
Service server, be used for receiving the service request of submitting to through described business operation device from described user, send the described business datum of signature that needs to described business operation device, and to verifying through the described professional electronic signature that described business operation device sends from described electronic signature device, carry out Business Processing according to the result;
Business operation device context data acquisition unit is used for the service request through described business operation device submission according to described user, the service environment data behind the collecting device signature; With
Data center is used for storage from the service environment data after the described device subscription of described business operation device context data acquisition unit.
7. electric signing system as claimed in claim 6, wherein said business operation device context data acquisition unit is arranged between described service server and the described business operation device.
8. electric signing system as claimed in claim 6, wherein said business operation device context data acquisition unit is arranged in the described service server.
9. electric signing system as claimed in claim 6, wherein said data center also comprises the service environment data verification units, described service environment data verification units is used for the service environment data after the described device subscription are verified.
10. electric signing system as claimed in claim 6, wherein said data center also is used for the combination of following each or they of storage: the business datum after described professional electronic signature, the electronic signature of described equipment and the professional electronic signature.
CN 201220384055 2012-08-03 2012-08-03 Electronic signature device and electronic signature system Expired - Lifetime CN202713371U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201220384055 CN202713371U (en) 2012-08-03 2012-08-03 Electronic signature device and electronic signature system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201220384055 CN202713371U (en) 2012-08-03 2012-08-03 Electronic signature device and electronic signature system

Publications (1)

Publication Number Publication Date
CN202713371U true CN202713371U (en) 2013-01-30

Family

ID=47593626

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201220384055 Expired - Lifetime CN202713371U (en) 2012-08-03 2012-08-03 Electronic signature device and electronic signature system

Country Status (1)

Country Link
CN (1) CN202713371U (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018218465A1 (en) * 2017-05-27 2018-12-06 深圳市大疆创新科技有限公司 Electronic signature system, electronic signature server and electronic signature method
CN109245898A (en) * 2018-08-29 2019-01-18 广东美的制冷设备有限公司 Household appliance and its anti-fake generating device, anti-fake preparation method and its cut-in method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018218465A1 (en) * 2017-05-27 2018-12-06 深圳市大疆创新科技有限公司 Electronic signature system, electronic signature server and electronic signature method
CN109891822A (en) * 2017-05-27 2019-06-14 深圳市大疆创新科技有限公司 Electric signing system, electronic signature server and electric endorsement method
CN109245898A (en) * 2018-08-29 2019-01-18 广东美的制冷设备有限公司 Household appliance and its anti-fake generating device, anti-fake preparation method and its cut-in method
WO2020042276A1 (en) * 2018-08-29 2020-03-05 广东美的制冷设备有限公司 Household appliance, and anti-counterfeiting generation device, anti-counterfeiting preparation method and access method therefor

Similar Documents

Publication Publication Date Title
CN109413087B (en) Data sharing method and device, digital gateway and computer readable storage medium
CN104158824B (en) Genuine cyber identification authentication method and system
CN105591744B (en) A kind of genuine cyber identification authentication method and system
CN102790674B (en) Auth method, equipment and system
CN101873331B (en) Safety authentication method and system
CN102546601B (en) The servicing unit of cloud computing terminal for accessing virtual machine
CN108881167A (en) A kind of intelligent contract of finite field block catenary system
CN109992949B (en) Equipment authentication method, over-the-air card writing method and equipment authentication device
CN105164689A (en) User authentication
CN108234442B (en) Method, system and readable storage medium for acquiring contract
CN101374050A (en) Apparatus, system and method for implementing identification authentication
CN103888255A (en) Identity authentication method, device and system
CN107113613B (en) Server, mobile terminal, network real-name authentication system and method
CN101951321A (en) Device, system and method for realizing identity authentication
CN103229479A (en) Website identification method and device and network system
WO2019033840A1 (en) Password authentication method for shared device, shared device, cloud server, and system
CN104125230B (en) A kind of short message certification service system and authentication method
CN107563712A (en) A kind of mobile terminal punch card method, device, equipment and system
CN105023225A (en) Urban administrative law enforcement information system
CN103905399A (en) Account registration management method and apparatus
CN110247758A (en) The method, apparatus and code management device of Password Management
CN105978994A (en) Web system oriented logging-in method
CN113506119A (en) APP-based charging pile transaction management method and system
CN115600230A (en) Personnel management system
CN202713371U (en) Electronic signature device and electronic signature system

Legal Events

Date Code Title Description
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: ZHONGCHUANG ZHIXIN (SHENYANG) TECHNOLOGY CO., LTD.

Free format text: FORMER OWNER: BEIJING ZHONGCHUANG ZHIXIN TECHNOLOGY CO., LTD.

Effective date: 20140127

C41 Transfer of patent application or patent right or utility model
COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 100070 FENGTAI, BEIJING TO: 110168 SHENYANG, LIAONING PROVINCE

TR01 Transfer of patent right

Effective date of registration: 20140127

Address after: Road 110168 Liaoning city of Shenyang Province Hunnan New District No. 16 B526

Patentee after: Sino Tech (Shenyang) Technology Co.,Ltd.

Address before: 100070 Beijing city Fengtai District Changning Spark Road No. 1 building room 216

Patentee before: Beijing Zhongchuang Zhixin Technology Co.,Ltd.

ASS Succession or assignment of patent right

Owner name: SHENYANG XUN'AN TECHNOLOGY CO., LTD.

Free format text: FORMER OWNER: ZHONGCHUANG ZHIXIN (SHENYANG) TECHNOLOGY CO., LTD.

Effective date: 20140616

C41 Transfer of patent application or patent right or utility model
COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 110168 SHENYANG, LIAONING PROVINCE TO: 110179 SHENYANG, LIAONING PROVINCE

TR01 Transfer of patent right

Effective date of registration: 20140616

Address after: Hunnan New Century Road 110179 Shenyang city of Liaoning Province, No. 22 B block 5 layer

Patentee after: Shenyang Xun an Technology Co.,Ltd.

Address before: Road 110168 Liaoning city of Shenyang Province Hunnan New District No. 16 B526

Patentee before: Sino Tech (Shenyang) Technology Co.,Ltd.

C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20160316

Address after: 100010, B, block 15, Minmetals Plaza, No. 5 North Street, Dongcheng District, Beijing, Chaoyangmen

Patentee after: EIDLINK INFORMATION TECHNOLOGY Co.,Ltd.

Address before: Hunnan New Century Road 110179 Shenyang city of Liaoning Province, No. 22 B block 5 layer

Patentee before: Shenyang Xun an Technology Co.,Ltd.

CX01 Expiry of patent term

Granted publication date: 20130130

CX01 Expiry of patent term