SG11202104530YA - Key management method, security chip, service server and information system - Google Patents

Key management method, security chip, service server and information system

Info

Publication number
SG11202104530YA
SG11202104530YA SG11202104530YA SG11202104530YA SG11202104530YA SG 11202104530Y A SG11202104530Y A SG 11202104530YA SG 11202104530Y A SG11202104530Y A SG 11202104530YA SG 11202104530Y A SG11202104530Y A SG 11202104530YA SG 11202104530Y A SG11202104530Y A SG 11202104530YA
Authority
SG
Singapore
Prior art keywords
management method
service server
information system
key management
security chip
Prior art date
Application number
SG11202104530YA
Inventor
Wuqiong Pan
Original Assignee
Advanced New Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Advanced New Technologies Co Ltd filed Critical Advanced New Technologies Co Ltd
Publication of SG11202104530YA publication Critical patent/SG11202104530YA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/062Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
SG11202104530YA 2019-03-22 2020-02-12 Key management method, security chip, service server and information system SG11202104530YA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910224105.8A CN109921902B (en) 2019-03-22 2019-03-22 Key management method, security chip, service server and information system
PCT/CN2020/074893 WO2020192285A1 (en) 2019-03-22 2020-02-12 Key management method, security chip, service server and information system

Publications (1)

Publication Number Publication Date
SG11202104530YA true SG11202104530YA (en) 2021-05-28

Family

ID=66966444

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11202104530YA SG11202104530YA (en) 2019-03-22 2020-02-12 Key management method, security chip, service server and information system

Country Status (6)

Country Link
US (1) US11240008B2 (en)
EP (1) EP3860036B1 (en)
CN (1) CN109921902B (en)
SG (1) SG11202104530YA (en)
TW (1) TWI724555B (en)
WO (1) WO2020192285A1 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105515768B (en) * 2016-01-08 2017-07-21 腾讯科技(深圳)有限公司 A kind of methods, devices and systems of more new key
CN109921902B (en) 2019-03-22 2020-10-23 创新先进技术有限公司 Key management method, security chip, service server and information system
CN110430051B (en) * 2019-08-01 2022-08-05 北京永新视博数字电视技术有限公司 Key storage method, device and server
CN112822021B (en) * 2020-12-30 2022-10-21 中国农业银行股份有限公司 Key management method and related device
CN116418486A (en) * 2021-12-29 2023-07-11 华为云计算技术有限公司 Data encryption system and related products
CN114553510B (en) * 2022-02-14 2022-11-04 重庆长安汽车股份有限公司 Service key distribution system, method and readable storage medium
CN115001716B (en) * 2022-08-02 2022-12-06 长沙朗源电子科技有限公司 Network data processing method and system of education all-in-one machine and education all-in-one machine

Family Cites Families (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020064282A1 (en) 2000-11-29 2002-05-30 Dmitrii Loukianov Decryption key management in remote nodes
US7676430B2 (en) 2001-05-09 2010-03-09 Lenovo (Singapore) Ptd. Ltd. System and method for installing a remote credit card authorization on a system with a TCPA complaint chipset
US7890771B2 (en) 2002-04-17 2011-02-15 Microsoft Corporation Saving and retrieving data based on public key encryption
US9356940B2 (en) 2003-11-13 2016-05-31 Digital Authentication Technologies, Inc. Security and access system based on multi-dimensional location characteristics
US8074262B2 (en) * 2005-05-13 2011-12-06 Intel Corporation Method and apparatus for migrating virtual trusted platform modules
CN101243469A (en) 2005-08-22 2008-08-13 微软公司 Digital license migration from first platform to second platform
WO2008054406A2 (en) 2005-11-18 2008-05-08 Orsini Rick L Secure data parser method and system
CN101102180B (en) * 2006-07-03 2010-08-25 联想(北京)有限公司 Inter-system binding and platform integrity verification method based on hardware security unit
GB2440170B8 (en) 2006-07-14 2014-07-16 Vodafone Plc Digital rights management
US8522018B2 (en) 2006-08-18 2013-08-27 Fujitsu Limited Method and system for implementing a mobile trusted platform module
US9158957B2 (en) 2007-09-07 2015-10-13 Apple Inc. Finger sensing apparatus using hybrid matching and associated methods
US8064605B2 (en) * 2007-09-27 2011-11-22 Intel Corporation Methods and apparatus for providing upgradeable key bindings for trusted platform modules
US8208637B2 (en) * 2007-12-17 2012-06-26 Microsoft Corporation Migration of computer secrets
US20090199279A1 (en) * 2008-01-31 2009-08-06 Microsoft Corporation Method for content license migration without content or license reacquisition
CN101515319B (en) 2008-02-19 2011-01-26 联想(北京)有限公司 Cipher key processing method, cipher key cryptography service system and cipher key consultation method
US9137739B2 (en) 2009-01-28 2015-09-15 Headwater Partners I Llc Network based service policy implementation with network neutrality and user privacy
CN101355422B (en) 2008-07-16 2014-01-08 冯振周 Novel authentication mechanism for encrypting vector
US8103883B2 (en) 2008-12-31 2012-01-24 Intel Corporation Method and apparatus for enforcing use of danbury key management services for software applied full volume encryption
US8707043B2 (en) * 2009-03-03 2014-04-22 Riverbed Technology, Inc. Split termination of secure communication sessions with mutual certificate-based authentication
US8838978B2 (en) 2010-09-16 2014-09-16 Verance Corporation Content access management using extracted watermark information
US9100188B2 (en) 2011-04-18 2015-08-04 Bank Of America Corporation Hardware-based root of trust for cloud environments
US8503674B2 (en) * 2011-04-28 2013-08-06 Microsoft Corporation Cryptographic key attack mitigation
CN102355657B (en) * 2011-06-28 2014-10-08 华为数字技术(成都)有限公司 service access control method, device and system
US9064109B2 (en) 2012-12-20 2015-06-23 Intel Corporation Privacy enhanced key management for a web service provider using a converged security engine
US9729517B2 (en) 2013-01-22 2017-08-08 Amazon Technologies, Inc. Secure virtual machine migration
WO2015009765A1 (en) 2013-07-15 2015-01-22 Visa International Service Association Secure remote payment transaction processing
US9226145B1 (en) 2014-03-28 2015-12-29 Sprint Communications Company L.P. Verification of mobile device integrity during activation
US9652631B2 (en) 2014-05-05 2017-05-16 Microsoft Technology Licensing, Llc Secure transport of encrypted virtual machines with continuous owner access
US9413730B1 (en) * 2014-06-04 2016-08-09 Skyhigh Networks, Inc. Encryption in the cloud using enterprise managed keys
US10211985B1 (en) * 2015-03-30 2019-02-19 Amazon Technologies, Inc. Validating using an offload device security component
US10243739B1 (en) * 2015-03-30 2019-03-26 Amazon Technologies, Inc. Validating using an offload device security component
CN105743873A (en) * 2015-04-17 2016-07-06 中国信息安全研究院有限公司 Security system
US9923881B2 (en) * 2015-10-14 2018-03-20 Mcafee, Llc System, apparatus and method for migrating a device having a platform group
US10277407B2 (en) 2016-04-19 2019-04-30 Microsoft Technology Licensing, Llc Key-attestation-contingent certificate issuance
US10810321B2 (en) 2016-08-11 2020-10-20 Intel Corporation Secure public cloud
US10303899B2 (en) 2016-08-11 2019-05-28 Intel Corporation Secure public cloud with protected guest-verified host control
US10187203B2 (en) * 2016-08-30 2019-01-22 Workday, Inc. Secure storage encryption system
CN107864109B (en) * 2016-09-22 2020-04-17 上海复旦微电子集团股份有限公司 Application data migration method for NFC (near field communication) smart card
CN106789000A (en) * 2016-12-13 2017-05-31 北京握奇智能科技有限公司 A kind of secret phone system and method based on TEE technologies and wearable device
CN108667608B (en) 2017-03-28 2021-07-27 阿里巴巴集团控股有限公司 Method, device and system for protecting data key
US10938560B2 (en) * 2017-06-21 2021-03-02 Microsoft Technology Licensing, Llc Authorization key escrow
CN107766724A (en) 2017-10-17 2018-03-06 华北电力大学 A kind of construction method of trusted computer platform software stack function structure
CN108012268B (en) * 2017-12-08 2021-07-09 北京虎符信息技术有限公司 SIM card for ensuring safe use of application software on mobile phone terminal
CN109450951B (en) * 2018-12-28 2021-06-04 北京思源理想控股集团有限公司 Server-side security file management method, device and system
US11412052B2 (en) 2018-12-28 2022-08-09 Intel Corporation Quality of service (QoS) management in edge computing environments
CN109921902B (en) * 2019-03-22 2020-10-23 创新先进技术有限公司 Key management method, security chip, service server and information system

Also Published As

Publication number Publication date
TWI724555B (en) 2021-04-11
CN109921902B (en) 2020-10-23
US20210258148A1 (en) 2021-08-19
EP3860036A4 (en) 2021-12-22
WO2020192285A1 (en) 2020-10-01
CN109921902A (en) 2019-06-21
EP3860036B1 (en) 2023-04-05
US11240008B2 (en) 2022-02-01
EP3860036A1 (en) 2021-08-04
TW202036343A (en) 2020-10-01

Similar Documents

Publication Publication Date Title
SG11202104530YA (en) Key management method, security chip, service server and information system
SG11202106514TA (en) Key security management system and method, medium, and computer program
SG10201914133SA (en) Methods and systems for personal information detection, extraction, linking, protection and management
EP3197123A4 (en) Method, terminal, and network server for information encryption and decryption and key management
WO2015142410A3 (en) Systems and methods for creating fingerprints of encryption devices
SG11202008621QA (en) Method and system for data security, validation, verification and provenance within independent computer systems and digital networks
EP3602954A4 (en) Method and system for hierarchical cryptographic key management
EP3333793A4 (en) Business district information provision system, business district information provision server, business district information provision method, service application server, and service application server operation method
EP3610607A4 (en) Cryptographic key management based on identity information
SG11202008633TA (en) Method and system for data security within independent computer systems and digital networks
EP3893196A4 (en) Authentication system, management device, and authentication method
EP3786980A4 (en) Pathogen distribution information provision system, pathogen distribution information provision server and pathogen distribution information provision method
EP3637674A4 (en) Computer system, secret information verification method, and computer
SG11202100274PA (en) Key transfer method and system based on shared security application, storage medium, and device thereof
RS20120254A1 (en) System and method for high security biometric access control
SG11202009924RA (en) Methods and devices for cryptographic key management based on blockchain system
GB202110160D0 (en) Method, system, and computer readable medium for transferring cryptographic tokens
EP3750289A4 (en) Method, apparatus, and computer readable medium for providing security service for data center
IL293092A (en) Cryptographic key management methods and systems
SG11202002840WA (en) Vulnerable plaque identification method, application server thereof, and computer readable medium
EP3940611A4 (en) Personal information management system, personal information management device, and personal information management method
EP3998564A4 (en) Inventory checking apparatus, backend apparatus, inventory checking management system, and inventory checking method
EP3789952A4 (en) Talent and work experience-centered credit recognition academic management system and method, and system for providing talent contribution bank service using same
EP4054123A4 (en) Network service management method, device, and system
EP3579560A4 (en) Transcoding task processing method and system, and task management server