SG11202106514TA - Key security management system and method, medium, and computer program - Google Patents

Key security management system and method, medium, and computer program

Info

Publication number
SG11202106514TA
SG11202106514TA SG11202106514TA SG11202106514TA SG11202106514TA SG 11202106514T A SG11202106514T A SG 11202106514TA SG 11202106514T A SG11202106514T A SG 11202106514TA SG 11202106514T A SG11202106514T A SG 11202106514TA SG 11202106514T A SG11202106514T A SG 11202106514TA
Authority
SG
Singapore
Prior art keywords
medium
computer program
management system
security management
key security
Prior art date
Application number
SG11202106514TA
Inventor
Jianliang Gu
Bangya Ma
Original Assignee
Shanghai Weilian Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Weilian Information Technology Co Ltd filed Critical Shanghai Weilian Information Technology Co Ltd
Publication of SG11202106514TA publication Critical patent/SG11202106514TA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0847Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
SG11202106514TA 2018-12-29 2019-12-30 Key security management system and method, medium, and computer program SG11202106514TA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811633995.XA CN109687959B (en) 2018-12-29 2018-12-29 Key security management system, key security management method, key security management medium, and computer program
PCT/CN2019/129769 WO2020135853A1 (en) 2018-12-29 2019-12-30 Key security management system and method, medium, and computer program

Publications (1)

Publication Number Publication Date
SG11202106514TA true SG11202106514TA (en) 2021-07-29

Family

ID=66191138

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11202106514TA SG11202106514TA (en) 2018-12-29 2019-12-30 Key security management system and method, medium, and computer program

Country Status (6)

Country Link
US (1) US20220078009A1 (en)
EP (1) EP3879747A4 (en)
JP (1) JP7426031B2 (en)
CN (1) CN109687959B (en)
SG (1) SG11202106514TA (en)
WO (1) WO2020135853A1 (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109687975B (en) * 2018-12-29 2020-11-03 飞天诚信科技股份有限公司 Method and device for realizing off-line initialization of hardware wallet
CN109687959B (en) * 2018-12-29 2021-11-12 上海唯链信息科技有限公司 Key security management system, key security management method, key security management medium, and computer program
US11100497B2 (en) * 2019-08-20 2021-08-24 Anchor Labs, Inc. Risk mitigation for a cryptoasset custodial system using a hardware security key
CN110519256B (en) * 2019-08-21 2021-09-24 上海唯链信息科技有限公司 Method and device for DApp to access USB private key management equipment
CN110401544A (en) * 2019-08-29 2019-11-01 北京艾摩瑞策科技有限公司 The allograph method and device thereof of the block chain private key of knowledge payment platform user
CN111934858B (en) * 2020-07-09 2022-03-18 中国电子科技集团公司第三十研究所 Supervised random public key derivation method
CN112187466B (en) * 2020-09-01 2023-05-12 深信服科技股份有限公司 Identity management method, device, equipment and storage medium
US11575508B2 (en) * 2021-06-02 2023-02-07 International Business Machines Corporation Unified HSM and key management service
CN113364589B (en) * 2021-08-10 2021-11-02 深圳致星科技有限公司 Key management system, method and storage medium for federal learning security audit
CN113641494A (en) * 2021-08-11 2021-11-12 京东科技控股股份有限公司 Server and control method and device thereof
CN114978774B (en) * 2022-07-28 2022-10-04 四川九洲空管科技有限责任公司 Multi-level key management method based on nested protection structure
CN116384999A (en) * 2023-04-19 2023-07-04 北方工业大学 Lightweight hierarchical deterministic wallet model supporting invisible addresses and method

Family Cites Families (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7000105B2 (en) * 2000-09-08 2006-02-14 Identrus, Llc System and method for transparently providing certificate validation and other services within an electronic transaction
EP1425874B1 (en) * 2001-08-13 2010-04-21 Board Of Trustees Of The Leland Stanford Junior University Systems and methods for identity-based encryption and related cryptographic techniques
CN100346249C (en) * 2004-12-31 2007-10-31 联想(北京)有限公司 Method for generating digital certificate and applying the generated digital certificate
DE102005030590B4 (en) 2005-06-30 2011-03-24 Advanced Micro Devices, Inc., Sunnyvale Safe patch system
CN1925401B (en) * 2006-10-12 2011-06-15 中国联合网络通信有限公司北京市分公司 Internet access system and method
CN101426190A (en) * 2007-11-01 2009-05-06 华为技术有限公司 Service access authentication method and system
CN101459505B (en) * 2007-12-14 2011-09-14 华为技术有限公司 Method, system for generating private key for user, user equipment and cipher key generating center
CN101359991A (en) * 2008-09-12 2009-02-04 湖北电力信息通信中心 Public key cipher system private key escrowing system based on identification
US8452963B2 (en) 2009-01-27 2013-05-28 Cisco Technology, Inc. Generating protected access credentials
CN101557289A (en) * 2009-05-13 2009-10-14 大连理工大学 Storage safe key management method based on ID authentication
CN102215488B (en) * 2011-05-27 2013-11-06 中国联合网络通信集团有限公司 Smart phone digital certificate application method and system
US9350536B2 (en) 2012-08-16 2016-05-24 Digicert, Inc. Cloud key management system
JP5948185B2 (en) 2012-08-29 2016-07-06 株式会社日立製作所 Recording medium, program, and information distribution apparatus
US9094431B2 (en) * 2012-11-01 2015-07-28 Miiicasa Taiwan Inc. Verification of network device position
CN103580872B (en) * 2013-11-11 2016-12-07 北京华大智宝电子系统有限公司 A kind of system and method generating for key and managing
US10560441B2 (en) 2014-12-17 2020-02-11 Amazon Technologies, Inc. Data security operations with expectations
US10541811B2 (en) 2015-03-02 2020-01-21 Salesforce.Com, Inc. Systems and methods for securing data
CN106161017A (en) * 2015-03-20 2016-11-23 北京虎符科技有限公司 ID authentication safety management system
US9882726B2 (en) * 2015-05-22 2018-01-30 Motorola Solutions, Inc. Method and apparatus for initial certificate enrollment in a wireless communication system
CN105373955B (en) * 2015-12-08 2020-07-10 布比(北京)网络技术有限公司 Digital asset processing method and device based on multiple signatures
CN106921496A (en) * 2015-12-25 2017-07-04 卓望数码技术(深圳)有限公司 A kind of digital signature method and system
CN105915338B (en) * 2016-05-27 2018-12-28 北京中油瑞飞信息技术有限责任公司 Generate the method and system of key
CA2944646C (en) * 2016-10-05 2022-10-25 The Toronto-Dominion Bank Certificate authority master key tracking on distributed ledger
CN107395349A (en) * 2017-08-16 2017-11-24 深圳国微技术有限公司 A kind of block chain network cryptographic key distribution method based on self-certified public key system
US11012237B1 (en) * 2018-01-09 2021-05-18 Jpmorgan Chase Bank, N.A. Systems and methods for inter-service authentication
CN108830711A (en) * 2018-05-07 2018-11-16 国网浙江省电力有限公司嘉兴供电公司 A kind of energy internet business account book management method and system based on block chain
CN108847937B (en) * 2018-09-04 2021-06-15 捷德(中国)科技有限公司 Key processing method, device, equipment and medium
CN109067801B (en) * 2018-09-29 2021-09-03 平安科技(深圳)有限公司 Identity authentication method, identity authentication device and computer readable medium
CN109064151A (en) * 2018-10-23 2018-12-21 北京金山安全软件有限公司 Transfer method, device, electronic equipment and storage medium
CN109687959B (en) * 2018-12-29 2021-11-12 上海唯链信息科技有限公司 Key security management system, key security management method, key security management medium, and computer program

Also Published As

Publication number Publication date
CN109687959A (en) 2019-04-26
CN109687959B (en) 2021-11-12
JP2022515467A (en) 2022-02-18
US20220078009A1 (en) 2022-03-10
EP3879747A4 (en) 2022-08-10
WO2020135853A1 (en) 2020-07-02
EP3879747A1 (en) 2021-09-15
JP7426031B2 (en) 2024-02-01

Similar Documents

Publication Publication Date Title
SG11202106514TA (en) Key security management system and method, medium, and computer program
EP3541006A4 (en) Reuse system, key creating device, data security device, on-vehicle computer, reuse method, and computer program
EP3602954A4 (en) Method and system for hierarchical cryptographic key management
EP3654577A4 (en) Certificate management method, system, network device and computer readable storage medium
EP3308524A4 (en) System, apparatus and method for auto-optimization of access control policy and key management in a network authoring tool
EP3118771A4 (en) Confidential data management method and device, and security authentication method and system
EP3346633A4 (en) Permission information management system, user terminal, proprietor terminal, permission information management method, and permission information management program
SG11202008621QA (en) Method and system for data security, validation, verification and provenance within independent computer systems and digital networks
SG11202009034RA (en) Biometric authentication method, system, and computer program
SG11202008633TA (en) Method and system for data security within independent computer systems and digital networks
EP3334085A4 (en) Management device, management system, key generation device, key generation system, key management system, vehicle, management method, key generation method, and computer program
SG11202102740VA (en) Method, user device, management device, storage medium and computer program product for key management
EP3565174C0 (en) Access management system, access management method, and program
EP3637674A4 (en) Computer system, secret information verification method, and computer
EP3903442C0 (en) Api and encryption key secrets management system and method
SG11202100274PA (en) Key transfer method and system based on shared security application, storage medium, and device thereof
SG11201803036UA (en) Access management system, file access system, encrypting apparatus and program
SG11202104530YA (en) Key management method, security chip, service server and information system
IL293092B1 (en) Cryptographic key management methods and systems
EP3499793A4 (en) Data provision system, data security device, data provision method, and computer program
EP3709566A4 (en) Key exchange device, key exchange system, key exchange method, and key exchange program
EP3698265A4 (en) Biometric data security system and method
SG11202009924RA (en) Methods and devices for cryptographic key management based on blockchain system
EP3376381A4 (en) Resource management method and system, and computer storage medium
EP3420673A4 (en) System and method for hierarchy manipulation in an encryption key management system