SG11202104530YA - Key management method, security chip, service server and information system - Google Patents

Key management method, security chip, service server and information system

Info

Publication number
SG11202104530YA
SG11202104530YA SG11202104530YA SG11202104530YA SG11202104530YA SG 11202104530Y A SG11202104530Y A SG 11202104530YA SG 11202104530Y A SG11202104530Y A SG 11202104530YA SG 11202104530Y A SG11202104530Y A SG 11202104530YA SG 11202104530Y A SG11202104530Y A SG 11202104530YA
Authority
SG
Singapore
Prior art keywords
management method
service server
information system
key management
security chip
Prior art date
Application number
SG11202104530YA
Other languages
English (en)
Inventor
Wuqiong Pan
Original Assignee
Advanced New Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Advanced New Technologies Co Ltd filed Critical Advanced New Technologies Co Ltd
Publication of SG11202104530YA publication Critical patent/SG11202104530YA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/062Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
SG11202104530YA 2019-03-22 2020-02-12 Key management method, security chip, service server and information system SG11202104530YA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910224105.8A CN109921902B (zh) 2019-03-22 2019-03-22 一种密钥管理方法、安全芯片、业务服务器及信息系统
PCT/CN2020/074893 WO2020192285A1 (zh) 2019-03-22 2020-02-12 一种密钥管理方法、安全芯片、业务服务器及信息系统

Publications (1)

Publication Number Publication Date
SG11202104530YA true SG11202104530YA (en) 2021-05-28

Family

ID=66966444

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11202104530YA SG11202104530YA (en) 2019-03-22 2020-02-12 Key management method, security chip, service server and information system

Country Status (6)

Country Link
US (1) US11240008B2 (de)
EP (1) EP3860036B1 (de)
CN (1) CN109921902B (de)
SG (1) SG11202104530YA (de)
TW (1) TWI724555B (de)
WO (1) WO2020192285A1 (de)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105515768B (zh) * 2016-01-08 2017-07-21 腾讯科技(深圳)有限公司 一种更新密钥的方法、装置和系统
CN109921902B (zh) 2019-03-22 2020-10-23 创新先进技术有限公司 一种密钥管理方法、安全芯片、业务服务器及信息系统
CN110430051B (zh) * 2019-08-01 2022-08-05 北京永新视博数字电视技术有限公司 一种密钥存储方法、装置及服务器
CN112822021B (zh) * 2020-12-30 2022-10-21 中国农业银行股份有限公司 一种密钥管理方法和相关装置
CN116418486A (zh) * 2021-12-29 2023-07-11 华为云计算技术有限公司 一种数据加密系统及相关产品
CN114553510B (zh) * 2022-02-14 2022-11-04 重庆长安汽车股份有限公司 一种业务密钥分发系统、方法及可读存储介质
CN115001716B (zh) * 2022-08-02 2022-12-06 长沙朗源电子科技有限公司 教育一体机的网络数据处理方法、系统和教育一体机

Family Cites Families (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020064282A1 (en) 2000-11-29 2002-05-30 Dmitrii Loukianov Decryption key management in remote nodes
US7676430B2 (en) 2001-05-09 2010-03-09 Lenovo (Singapore) Ptd. Ltd. System and method for installing a remote credit card authorization on a system with a TCPA complaint chipset
US7890771B2 (en) 2002-04-17 2011-02-15 Microsoft Corporation Saving and retrieving data based on public key encryption
US9356940B2 (en) 2003-11-13 2016-05-31 Digital Authentication Technologies, Inc. Security and access system based on multi-dimensional location characteristics
US8074262B2 (en) * 2005-05-13 2011-12-06 Intel Corporation Method and apparatus for migrating virtual trusted platform modules
CN101243469A (zh) 2005-08-22 2008-08-13 微软公司 从第一平台到第二平台的数字许可证迁移
CN101401341B (zh) 2005-11-18 2016-06-01 安全第一公司 安全数据解析方法和系统
CN101102180B (zh) * 2006-07-03 2010-08-25 联想(北京)有限公司 基于硬件安全单元的系统间绑定及平台完整性验证方法
GB2440170B8 (en) 2006-07-14 2014-07-16 Vodafone Plc Digital rights management
US8522018B2 (en) 2006-08-18 2013-08-27 Fujitsu Limited Method and system for implementing a mobile trusted platform module
US9158957B2 (en) 2007-09-07 2015-10-13 Apple Inc. Finger sensing apparatus using hybrid matching and associated methods
US8064605B2 (en) * 2007-09-27 2011-11-22 Intel Corporation Methods and apparatus for providing upgradeable key bindings for trusted platform modules
US8208637B2 (en) * 2007-12-17 2012-06-26 Microsoft Corporation Migration of computer secrets
US20090199279A1 (en) * 2008-01-31 2009-08-06 Microsoft Corporation Method for content license migration without content or license reacquisition
CN101515319B (zh) 2008-02-19 2011-01-26 联想(北京)有限公司 密钥处理方法、密钥密码学服务系统和密钥协商方法
US8799451B2 (en) 2009-01-28 2014-08-05 Headwater Partners I Llc Verifiable service policy implementation for intermediate networking devices
CN101355422B (zh) 2008-07-16 2014-01-08 冯振周 一种新型矢量加密认证机制
US8103883B2 (en) 2008-12-31 2012-01-24 Intel Corporation Method and apparatus for enforcing use of danbury key management services for software applied full volume encryption
US8707043B2 (en) * 2009-03-03 2014-04-22 Riverbed Technology, Inc. Split termination of secure communication sessions with mutual certificate-based authentication
US8838977B2 (en) 2010-09-16 2014-09-16 Verance Corporation Watermark extraction and content screening in a networked environment
US8875240B2 (en) 2011-04-18 2014-10-28 Bank Of America Corporation Tenant data center for establishing a virtual machine in a cloud environment
US8503674B2 (en) * 2011-04-28 2013-08-06 Microsoft Corporation Cryptographic key attack mitigation
CN102355657B (zh) * 2011-06-28 2014-10-08 华为数字技术(成都)有限公司 业务访问控制方法、装置和系统
US9064109B2 (en) 2012-12-20 2015-06-23 Intel Corporation Privacy enhanced key management for a web service provider using a converged security engine
US9729517B2 (en) 2013-01-22 2017-08-08 Amazon Technologies, Inc. Secure virtual machine migration
CA2918066A1 (en) * 2013-07-15 2015-01-22 Visa International Service Association Secure remote payment transaction processing
US9226145B1 (en) 2014-03-28 2015-12-29 Sprint Communications Company L.P. Verification of mobile device integrity during activation
US9652631B2 (en) 2014-05-05 2017-05-16 Microsoft Technology Licensing, Llc Secure transport of encrypted virtual machines with continuous owner access
US9413730B1 (en) * 2014-06-04 2016-08-09 Skyhigh Networks, Inc. Encryption in the cloud using enterprise managed keys
US10211985B1 (en) * 2015-03-30 2019-02-19 Amazon Technologies, Inc. Validating using an offload device security component
US10243739B1 (en) * 2015-03-30 2019-03-26 Amazon Technologies, Inc. Validating using an offload device security component
CN105743873A (zh) * 2015-04-17 2016-07-06 中国信息安全研究院有限公司 一种安全系统
US9923881B2 (en) * 2015-10-14 2018-03-20 Mcafee, Llc System, apparatus and method for migrating a device having a platform group
US10277407B2 (en) 2016-04-19 2019-04-30 Microsoft Technology Licensing, Llc Key-attestation-contingent certificate issuance
US10810321B2 (en) 2016-08-11 2020-10-20 Intel Corporation Secure public cloud
US10303899B2 (en) 2016-08-11 2019-05-28 Intel Corporation Secure public cloud with protected guest-verified host control
US10187203B2 (en) * 2016-08-30 2019-01-22 Workday, Inc. Secure storage encryption system
CN107864109B (zh) * 2016-09-22 2020-04-17 上海复旦微电子集团股份有限公司 一种nfc智能卡应用数据迁移方法
CN106789000A (zh) * 2016-12-13 2017-05-31 北京握奇智能科技有限公司 一种基于tee技术和可穿戴设备的私密通话系统和方法
CN108667608B (zh) 2017-03-28 2021-07-27 阿里巴巴集团控股有限公司 数据密钥的保护方法、装置和系统
US10938560B2 (en) * 2017-06-21 2021-03-02 Microsoft Technology Licensing, Llc Authorization key escrow
CN107766724A (zh) 2017-10-17 2018-03-06 华北电力大学 一种可信计算机平台软件栈功能架构的构建方法
CN108012268B (zh) * 2017-12-08 2021-07-09 北京虎符信息技术有限公司 一种保证应用软件在手机终端上安全使用的sim卡
US11412052B2 (en) 2018-12-28 2022-08-09 Intel Corporation Quality of service (QoS) management in edge computing environments
CN109450951B (zh) * 2018-12-28 2021-06-04 北京思源理想控股集团有限公司 一种服务器端安全文件管理方法、装置及系统
CN109921902B (zh) * 2019-03-22 2020-10-23 创新先进技术有限公司 一种密钥管理方法、安全芯片、业务服务器及信息系统

Also Published As

Publication number Publication date
WO2020192285A1 (zh) 2020-10-01
US11240008B2 (en) 2022-02-01
EP3860036A4 (de) 2021-12-22
CN109921902A (zh) 2019-06-21
US20210258148A1 (en) 2021-08-19
EP3860036B1 (de) 2023-04-05
TW202036343A (zh) 2020-10-01
CN109921902B (zh) 2020-10-23
EP3860036A1 (de) 2021-08-04
TWI724555B (zh) 2021-04-11

Similar Documents

Publication Publication Date Title
SG11202104530YA (en) Key management method, security chip, service server and information system
SG11202106514TA (en) Key security management system and method, medium, and computer program
EP3197123A4 (de) Verfahren, endgerät und netzwerkserver zur informationsverschlüsselung und -entschlüsselung und schlüsselverwaltung
WO2015142410A3 (en) Systems and methods for creating fingerprints of encryption devices
SG11202008621QA (en) Method and system for data security, validation, verification and provenance within independent computer systems and digital networks
EP3602954A4 (de) Verfahren und system zur hierarchischen kryptografischen schlüsselverwaltung
SG11202008633TA (en) Method and system for data security within independent computer systems and digital networks
EP3333793A4 (de) Geschäftsviertelinformationsbereitstellungssystem, geschäftsviertelinformationsbereitstellungsserver, geschäftsviertelinformationsbereitstellungsverfahren, dienstanwendungsserver und dienstanwendungsserverbetriebsverfahren
EP3610607A4 (de) Verwaltung kryptografischer schlüssel auf basis von identitätsinformationen
EP3893196A4 (de) Authentifizierungssystem, verwaltungsvorrichtung und authentifizierungsverfahren
SG11202100274PA (en) Key transfer method and system based on shared security application, storage medium, and device thereof
EP3817184A4 (de) Verwaltungsserver, verwaltungssystem und verwaltungsverfahren
SG11202009924RA (en) Methods and devices for cryptographic key management based on blockchain system
GB202110160D0 (en) Method, system, and computer readable medium for transferring cryptographic tokens
IL293092A (en) Methods and systems for cryptographic key management
EP3786980A4 (de) System zur bereitstellung von pathogenverteilungsinformationen, server zur bereitstellung von pathogenverteilungsinformationen und verfahren zur bereitstellung von pathogenverteilungsinformationen
SG11202002840WA (en) Vulnerable plaque identification method, application server thereof, and computer readable medium
EP3998564A4 (de) Bestandsüberprüfungsvorrichtung, backend-vorrichtung, bestandsüberprüfungverwaltungssystem und bestandsüberprüfungsverfahren
EP3789952A4 (de) Akademisches verwaltungssystem und verfahren zur anerkennung von talent- und arbeitserfahrungszentrierten studienleistungen und system zur bereitstellung eines talentbeitragsbankdienstes damit
EP4071697A4 (de) Datenverwaltungssystem, verwaltungsverfahren und verwaltungsprogramm
EP3754934A4 (de) Verfahren zur übertragung von authentifizierungsinformationen, schlüsselverwaltungs-client und computervorrichtung
EP3940611A4 (de) System zur verwaltung von persönlichen informationen, vorrichtung zur verwaltung von persönlichen informationen und verfahren zur verwaltung von persönlichen informationen
EP3422194A4 (de) Ereignisverwaltungsserver, informationsverarbeitungsvorrichtung, informationsverarbeitungssystem und verfahren zur durchführung eines ereignisses
EP4109319A4 (de) Datenverwaltungssystem, verwaltungsverfahren und verwaltungsprogramm
EP4102445A4 (de) Datenverwaltungssystem, verwaltungsverfahren und verwaltungsprogramm