TWI822417B - A authentication method - Google Patents
A authentication method Download PDFInfo
- Publication number
- TWI822417B TWI822417B TW111140418A TW111140418A TWI822417B TW I822417 B TWI822417 B TW I822417B TW 111140418 A TW111140418 A TW 111140418A TW 111140418 A TW111140418 A TW 111140418A TW I822417 B TWI822417 B TW I822417B
- Authority
- TW
- Taiwan
- Prior art keywords
- authentication
- hash
- information
- code
- communication
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000004891 communication Methods 0.000 claims abstract description 87
- 238000012795 verification Methods 0.000 claims abstract description 41
- 230000008569 process Effects 0.000 description 21
- 230000000875 corresponding effect Effects 0.000 description 11
- 230000005540 biological transmission Effects 0.000 description 5
- 238000004519 manufacturing process Methods 0.000 description 4
- 230000001276 controlling effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Landscapes
- Credit Cards Or The Like (AREA)
- Lock And Its Accessories (AREA)
Abstract
Description
本發明是有關於一種電子數位資料處理方法,特別是指一種基於工業物聯網的身分認證方法。 The present invention relates to an electronic digital data processing method, and in particular to an identity authentication method based on the Industrial Internet of Things.
在製造工廠的環境下若要生產大量的商品,其製造工廠的設備通常需要長期保持運作狀態,且工廠的設備眾多,若要進行設備的韌體更新或是設備的狀態回報,常見的是利用廠區的內部網路將資料進行無線傳輸。 In order to produce a large number of goods in a manufacturing factory environment, the equipment of the manufacturing factory usually needs to be kept in operation for a long time, and there are many devices in the factory. If you want to update the firmware of the equipment or report the status of the equipment, it is common to use The factory's internal network transmits data wirelessly.
然而,在製造工廠的環境下若需要進行資料的傳輸,設備在需要接收資料之情況下,通常缺少一個可以認證身分的方式,無法確認欲接收資料的設備是否為製造工廠之廠域中合法的設備,以至於資料可能有外洩的風險,或是資料遭到不明的惡意竄改等攻擊行動,因此,若是能夠提出一種方法,在資料傳送之前可以確保資料接收端是否合法,便能減少資料外洩的風險,有效阻擋可能的惡意攻擊行為,以提高資料傳遞的安全性。 However, in the environment of a manufacturing factory, if data needs to be transmitted and the device needs to receive data, there is usually a lack of a way to authenticate the identity, and it is impossible to confirm whether the device that wants to receive the data is legal in the manufacturing factory. equipment, so that the data may be at risk of being leaked, or the data may be subject to unknown malicious tampering and other attacks. Therefore, if a method can be proposed to ensure whether the data receiving end is legitimate before the data is transmitted, it can reduce the risk of data leakage. Reduce the risk of leakage and effectively block possible malicious attacks to improve the security of data transmission.
因此,本發明之目的,即在提供一種可經由身分認證確保設備是否合法來加強資料安全性之身分認證方法。 Therefore, the purpose of the present invention is to provide an identity authentication method that can ensure whether the device is legal through identity authentication to enhance data security.
於是,本發明一種身分認證方法,藉由一認證系統來實施,該認證系統包括一中心控制裝置、一第一裝置,及一第二裝置,該第二裝置經由一通訊網路與該中心控制裝置及該第一裝置連接,該中心控制裝置儲存有多筆分別對應多個代號的驗證資訊,該方法包含一步驟(A)、一步驟(B)、一步驟(C)、一步驟(D),及一步驟(E)。 Therefore, an identity authentication method of the present invention is implemented by an authentication system. The authentication system includes a central control device, a first device, and a second device. The second device communicates with the central control device through a communication network. Connected to the first device, the central control device stores multiple pieces of verification information respectively corresponding to multiple codes. The method includes one step (A), one step (B), one step (C), and one step (D). , and step (E).
在該步驟(A)中,當該中心控制裝置經由該通訊網路接收到一來自該第二裝置且包含相關於該第一裝置之一第一認證資訊及一第一代號的認證請求時,該中心控制裝置根據該第一代號獲得一對應該第一代號的第一驗證資訊。 In step (A), when the central control device receives an authentication request from the second device via the communication network and includes first authentication information and a first code related to the first device, the central control device The central control device obtains a pair of first verification information corresponding to the first code based on the first code.
在該步驟(B)中,該中心控制裝置將該第一認證資訊及該第一驗證資訊進行一第一雜湊運算,以獲得一對應該第一認證資訊的第一認證雜湊值,及一對應該第一驗證資訊的第一驗證雜湊值。 In step (B), the central control device performs a first hash operation on the first authentication information and the first verification information to obtain a pair of first authentication hash values corresponding to the first authentication information, and a pair of first authentication hash values corresponding to the first authentication information. The first verification hash value that should be first verified.
在該步驟(C)中,該中心控制裝置判定該第一認證雜湊值及該第一驗證雜湊值是否一致。 In this step (C), the central control device determines whether the first authentication hash value and the first verification hash value are consistent.
在該步驟(D)中,當判定出該第一認證雜湊值及該第一驗證雜湊值一致時,該中心控制裝置產生並經由該通訊網路傳送一指示出該第一認證資訊合法的合法判定結果至該第二裝置。 In step (D), when it is determined that the first authentication hash value and the first verification hash value are consistent, the central control device generates and transmits through the communication network a legal determination indicating that the first authentication information is legal. The result is passed to the second device.
在該步驟(E)中,當判定出該第一認證雜湊值及該第一驗證雜湊值不一致時,該中心控制裝置傳送一指示出該第一認證資訊不合法的不合法判定結果至該第二裝置。 In step (E), when it is determined that the first authentication hash value and the first verification hash value are inconsistent, the central control device sends an illegal determination result indicating that the first authentication information is illegal to the third Two devices.
本發明的功效在於:藉由該中心控制裝置獲得該第一驗證資訊,並將該第一認證資訊及該第一驗證資訊進行該第一雜湊運算以獲得該第一認證雜湊值及該第一驗證雜湊值,並判定該第一認證雜湊值及該第一驗證雜湊值是否一致,以判定該第一認證資訊合法是否合法,藉此以確保該第一裝置的身分。 The effect of the present invention is to: obtain the first verification information through the central control device, and perform the first hash operation on the first authentication information and the first verification information to obtain the first authentication hash value and the first Verify the hash value, and determine whether the first authentication hash value and the first verification hash value are consistent to determine whether the first authentication information is legal, thereby ensuring the identity of the first device.
1:認證系統 1: Authentication system
10:通訊網路 10:Communication network
11:中心控制裝置 11: Central control device
12:第一裝置 12:First device
13:第二裝置 13: Second device
14:管理裝置 14:Management device
601~608:步驟 601~608: Steps
701~712:步驟 701~712: Steps
801~811:步驟 801~811: Steps
本發明的其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中:圖1是一方塊圖,說明一用於執行本發明身分認證方法之認證系統;圖2是一流程圖,說明本發明身分認證方法的該實施例的一第一認證程序;圖3是一流程圖,說明該實施例的一第二認證程序;及圖4是一流程圖,說明該實施例的一資料認證程序。 Other features and functions of the present invention will be clearly presented in the embodiments with reference to the drawings, in which: Figure 1 is a block diagram illustrating an authentication system for executing the identity authentication method of the present invention; Figure 2 is a process Figures illustrate a first authentication procedure of the embodiment of the identity authentication method of the present invention; Figure 3 is a flow chart illustrating a second authentication procedure of the embodiment; and Figure 4 is a flow chart illustrating a second authentication procedure of the embodiment. 1. Document authentication procedure.
在本發明被詳細描述的前,應當注意在以下的說明內容 中,類似的元件是以一致的編號來表示。 Before the present invention is described in detail, attention should be paid to the following description , similar components are represented by consistent numbers.
參閱圖1,本發明身分認證方法的一實施例,藉由一認證系統1來實施,該認證系統1包含一中心控制裝置11、一經由一通訊網路10與該中心控制裝置11連接的第一裝置12、一經由該通訊網路10與該中心控制裝置11連接的第二裝置13及一經由該通訊網路10與該中心控制裝置11連接的管理裝置14。 Referring to Figure 1, an embodiment of the identity authentication method of the present invention is implemented by an authentication system 1. The authentication system 1 includes a central control device 11 and a first device connected to the central control device 11 through a communication network 10. The device 12 , a second device 13 connected to the central control device 11 via the communication network 10 and a management device 14 connected to the central control device 11 via the communication network 10 .
該中心控制裝置11儲存多筆分別對應多個代號的驗證資訊,其中每一驗證資訊包含一裝置帳號及一裝置密碼,但不以此為限。 The central control device 11 stores multiple pieces of verification information corresponding to multiple codes, where each verification information includes a device account and a device password, but is not limited to this.
該第一裝置12儲存有一第一認證資訊及一第一代號,其中,該第一認證資訊包含一第一裝置帳號及一第一裝置密碼,但不以此為限。 The first device 12 stores a first authentication information and a first code, wherein the first authentication information includes a first device account and a first device password, but is not limited to this.
該第二裝置13儲存有一第二認證資訊及一第二代號,其中,該第二認證資訊包含一第二裝置帳號及一第二裝置密碼,但不以此為限。 The second device 13 stores a second authentication information and a second code, wherein the second authentication information includes a second device account and a second device password, but is not limited to this.
在本實施例中,該認證系統1可以是一工業物聯網系統,或是架設於特定場所之多台公共設備所組成之一公用設備認證系統,或是多個樹梅派(Raspberry Pi)組成之一微電腦認證系統,但不以此為限。該中心控制裝置11之實施態樣例如為一個人電腦、一伺服器或一雲端主機,但不以此為限。該第一裝置12及該第二裝置 13之實施態樣例如為一個人電腦、一平板電腦、一筆記型電腦或一工業電腦(Industrial Personal Computer,IPC),但不以此為限。 In this embodiment, the authentication system 1 can be an industrial Internet of Things system, or a public equipment authentication system composed of multiple public devices installed in a specific place, or multiple Raspberry Pis. One microcomputer authentication system, but not limited to this. The implementation form of the central control device 11 is, for example, a personal computer, a server or a cloud host, but is not limited thereto. The first device 12 and the second device The implementation form of 13 is, for example, a personal computer, a tablet computer, a notebook computer or an industrial personal computer (IPC), but is not limited to this.
要再特別說明的是,在本實施例中,該第一裝置12為具有邊緣計算功能的邊緣計算裝置,例如OPC統一架構客戶端(OPC UA Client)、訊息佇列遙測傳輸代理(MQTT Broker),或高級消息隊列協議代理(AMQP Broker),該第二裝置13為具有控制終端設備功能的終端裝置,例如OPC統一架構伺服端(OPC UA Sever)、訊息佇列遙測傳輸發布者(MQTT Publisher)、訊息佇列遙測傳輸訂閱者(MQTT Subscriber)、高級消息隊列協議發布者(AMQP Publisher),或高級消息隊列協議消費者(AMQP Consumer),其他實施方式中,該第一裝置12亦可為終端裝置且該第二裝置13為邊緣計算裝置,或是該第一裝置12及該第二裝置13同為終端裝置或邊緣計算裝置,不以此為限。 It should be noted that in this embodiment, the first device 12 is an edge computing device with edge computing functions, such as an OPC Unified Architecture Client (OPC UA Client) or a Message Queuing Telemetry Transmission Agent (MQTT Broker). , or Advanced Message Queuing Protocol Broker (AMQP Broker), the second device 13 is a terminal device with the function of controlling terminal equipment, such as OPC Unified Architecture Server (OPC UA Sever), Message Queue Telemetry Transmission Publisher (MQTT Publisher) , Message Queue Telemetry Transmission Subscriber (MQTT Subscriber), Advanced Message Queuing Protocol Publisher (AMQP Publisher), or Advanced Message Queuing Protocol Consumer (AMQP Consumer). In other implementations, the first device 12 can also be a terminal. The device and the second device 13 are edge computing devices, or the first device 12 and the second device 13 are both terminal devices or edge computing devices, and are not limited to this.
以下說明本發明身分認證方法之該實施例,該實施例包含一第一認證程序、一第二認證程序,及一資料認證程序。 The following describes the embodiment of the identity authentication method of the present invention. The embodiment includes a first authentication process, a second authentication process, and a data authentication process.
參閱圖1與圖2,該第一認證程序說明了當該第一裝置12向該第二裝置13要求連線時,該第二裝置13如何判定該第一裝置12是否合法,並包括以下步驟。 Referring to Figures 1 and 2, the first authentication procedure illustrates how the second device 13 determines whether the first device 12 is legal when the first device 12 requests a connection from the second device 13, and includes the following steps .
在步驟601中,該第一裝置12產生並經由該通訊網路10傳送一連線請求至該第二裝置13,其中該連線請求包含該第一認證
資訊及該第一代號。
In
在步驟602中,該第二裝置13儲存該第一認證資訊並將一包含該第一認證資訊及該第一代號的認證請求經由該通訊網路10傳送至該中心控制裝置11。
In
在步驟603中,該中心控制裝置11根據該第一代號從該等驗證資訊中獲得一對應該第一代號的第一驗證資訊。
In
在步驟604中,該中心控制裝置11將該第一認證資訊及該第一驗證資訊進行一第一雜湊運算,以獲得一對應該第一認證資訊的第一認證雜湊值,及一對應該第一驗證資訊的第一驗證雜湊值。
In
值得注意的是,在本實施例中,該第一雜湊運算是採用安全雜湊算法256位元(Secured Hash Algorithm 256-bit,SHA-256),但不以此為限。 It is worth noting that in this embodiment, the first hash operation uses Secure Hash Algorithm 256-bit (SHA-256), but it is not limited to this.
在步驟605中,該中心控制裝置11判定該第一認證雜湊值及該第一驗證雜湊值是否一致,以判定該第一認證資訊是否合法。當該中心控制裝置11判定出該第一認證雜湊值及該第一驗證雜湊值一致時,判定該第一認證資訊合法,且流程進行步驟606;當該中心控制裝置11判定出該第一認證雜湊值及該第一驗證雜湊值不一致時,判定該第一裝置12不合法,且流程進行步驟607。
In
在步驟606中,該中心控制裝置11產生一指示出該第一
認證資訊合法的合法判定結果及一密鑰,並將該合法判定結果及該密鑰經由該通訊網路10傳送至該第二裝置13。
In
在步驟607中,該中心控制裝置11產生並經由該通訊網路10傳送一指示出該第一認證資訊不合法的不合法判定結果至該第二裝置13,且產生並經由該通訊網路10傳送一警示訊息至該管理裝置14。
In
在步驟608中,該第二裝置13根據該不合法判定結果將該第一認證資訊移除。
In
藉此,以判定該第一裝置12之身分是否符合該中心控制裝置11所存之對應的第一驗證資訊,以判定是否為合法的該第一裝置12,以落實身分認證。 In this way, it is determined whether the identity of the first device 12 matches the corresponding first verification information stored in the central control device 11, and whether it is a legitimate first device 12, so as to implement identity authentication.
值得注意的是,在該第一認證程序認證成功後,即在步驟606之後,將會執行該第二認證程序,以進行雙重認證,增強安全性,在其他實施方式中,亦可僅進行該第一認證程序,不以此為限。
It is worth noting that after the first authentication process is successfully authenticated, that is, after
參閱圖1與圖3,該第二認證程序說明了該第一裝置12與該第二裝置13如何相互認證,並包括以下步驟。 Referring to FIGS. 1 and 3 , the second authentication procedure illustrates how the first device 12 and the second device 13 authenticate each other, and includes the following steps.
在步驟701中,該第二裝置13將該第二認證資訊及該密鑰經由該通訊網路10傳送至該第一裝置12。
In
在步驟702中,該第一裝置12將該密鑰、該第二認證資
訊,及該第一認證資訊進行一第二雜湊運算,以獲得一第一雜湊訊息鑑別碼(Hash-based Message Authentication Code,HMAC)。
In
值得注意的是,該第二雜湊運算亦是採用安全雜湊算法256位元,但不同於該第一雜湊運算,該第二雜湊運算在運算前先將該密鑰、該第二認證資訊,及該第一認證資訊進行或(OR)、互斥或(exclusive-OR,XOR)等邏輯運算,但不以此為限。 It is worth noting that the second hash operation also uses a secure hash algorithm of 256 bits, but unlike the first hash operation, the second hash operation first combines the key, the second authentication information, and The first authentication information performs logical operations such as OR, exclusive-OR, XOR, etc., but is not limited to this.
在步驟703中,該第一裝置12將該第一雜湊訊息鑑別碼經由該通訊網路10傳送至該第二裝置13。
In
在步驟704中,該第二裝置13將該密鑰、該第一認證資訊,及該第二認證資訊進行該第二雜湊運算,以獲得一第二雜湊訊息鑑別碼。
In
在步驟705中,該第二裝置13判定該第一雜湊訊息鑑別碼及該第二雜湊訊息鑑別碼是否一致。當該第二裝置13判定出該第一雜湊訊息鑑別碼及該第二雜湊訊息鑑別碼一致時,該第二裝置13判定該第一裝置12合法,流程進行步驟707;當該第二裝置13判定出該第一雜湊訊息鑑別碼及該第二雜湊訊息鑑別碼不一致時,該第二裝置13判定該第一裝置12不合法,流程進行步驟706。
In
在步驟706中,該第二裝置13產生並經由該通訊網路10傳送一驗證失敗訊息至該中心控制裝置11,且流程進行步驟712。
In
在步驟707中,該第二裝置13將所儲存之該密鑰、該第一認證資訊,及該第二認證資訊進行一第三雜湊運算,以獲得一第三雜湊訊息鑑別碼。
In
值得注意的是,該第三雜湊運算類似於該第二雜湊運算,其不同之處在於所進行的邏輯運算不同,但不以此為限。 It is worth noting that the third hash operation is similar to the second hash operation, except that the logical operation performed is different, but is not limited thereto.
在步驟708中,該第二裝置13將該第三雜湊訊息鑑別碼經由該通訊網路10傳送至該第一裝置12。
In
在步驟709中,該第一裝置12將該密鑰、該第一認證資訊,及該第二認證資訊進行該第三雜湊運算,以獲得一第四雜湊訊息鑑別碼。
In
在步驟710中,該第一裝置12判定該第三雜湊訊息鑑別碼及該第四雜湊訊息鑑別碼是否一致。當該第一裝置12判定出該第三雜湊訊息鑑別碼及該第四雜湊訊息鑑別碼一致時,該第一裝置12判定該第二裝置13合法,流程進行該資料認證程序;當該第一裝置12判定出該第三雜湊訊息鑑別碼及該第四雜湊訊息鑑別碼不一致時,該第一裝置12判定該第二裝置13不合法,流程進行步驟711。
In
在步驟711中,該第一裝置12產生並經由該通訊網路10傳送該驗證失敗訊息至該中心控制裝置11。
In
在步驟712中,該中心控制裝置11根據該驗證失敗訊息產生並經由該通訊網路10傳送該警示訊息至該管理裝置14。
In
藉此,該第一裝置12與該第二裝置13便可相互進行身分認證,更加確保彼此是否為需要溝通的對象。 In this way, the first device 12 and the second device 13 can authenticate each other's identities to further ensure whether they are the objects that need to communicate with each other.
參閱圖1與圖4,該資料認證程序說明了該第二裝置13如何驗證由該第一裝置12傳送的訊息,並包括以下步驟。 Referring to Figures 1 and 4, the data authentication procedure illustrates how the second device 13 verifies the message sent by the first device 12, and includes the following steps.
在步驟801中,該第一裝置12將一溝通資訊進行該第一雜湊運算,以獲得一溝通雜湊值。其中,該溝通資訊例如包含相關於該第一裝置12之溫度、濕度,及運作狀態,但不以此為限。
In
在步驟802中,該第一裝置12將該溝通資訊以該密鑰進行加密,以獲得一加密溝通資訊。
In
在步驟803中,該第一裝置12將該溝通雜湊值及該加密溝通資訊編碼。其中,該第一裝置12是將該溝通雜湊值及該加密溝通資訊編碼為UTF-8(8-bit Unicode Transformation Format)格式,但不以此為限。
In
在步驟804中,該第一裝置12將編碼過後的該溝通雜湊值及該加密溝通資訊經由該通訊網路10傳送至該第二裝置13。
In
在步驟805中,該第二裝置13將編碼過後的該溝通雜湊值及該加密溝通資訊解碼。
In
在步驟806中,該第二裝置13將該加密溝通資訊以該密鑰進行解密,以獲得一解密溝通資訊。
In
在步驟807中,該第二裝置13將該解密溝通資訊進行該
第一雜湊運算,以獲得一解密溝通雜湊值。
In
在步驟808中,該第二裝置13判定該溝通雜湊值及該解密溝通雜湊值是否一致,以判定該解密溝通資訊是否合法。當該第二裝置13判定出該溝通雜湊值及該解密溝通雜湊值一致時,判定該解密溝通資訊合法,流程進行步驟809;當該第二裝置13判定出該溝通雜湊值及該解密溝通雜湊值不一致時,判定該解密溝通資訊不合法,流程進行步驟810。
In
在步驟809中,該第二裝置13根據該解密溝通資訊進行對應之動作。其中所對應的動作可以是分析該第一裝置12之運作狀態、溫度,或濕度是否正常,但不以此為限。
In
在步驟810中,該第二裝置13產生並經由該通訊網路10傳送該驗證失敗訊息至該中心控制裝置11。
In
在步驟811中,該中心控制裝置11產生並經由該通訊網路10傳送該警示訊息至該管理裝置14。
In
值得特別說明的是,若該認證系統1為該微電腦認證系統,且該認證系統1所包含的該中心控制裝置11、該第一裝置12及該第二裝置13皆為樹梅派,相較於電腦硬體,更能輕量化硬體架構來實現本發明之身分認證方法。 It is worth mentioning that if the authentication system 1 is a microcomputer authentication system, and the central control device 11, the first device 12 and the second device 13 included in the authentication system 1 are all of the Shumei system, compared to In terms of computer hardware, the hardware architecture can be more lightweight to implement the identity authentication method of the present invention.
綜上所述,本發明身分認證方法,藉由該中心控制裝置11在該第一認證程序的時候,該中心控制裝置11判定該第一認證 雜湊值及該第一驗證雜湊值是否一致,以判定該第一認證資訊是否合法,確保該第一裝置12之合法身分,在判定出該第一裝置12合法之後的該第二認證程序中,該第二裝置13判定該第一雜湊訊息鑑別碼及該第二雜湊訊息鑑別碼是否一致,且該第一裝置12判定該第三雜湊訊息鑑別碼及該第四雜湊訊息鑑別碼是否一致,以互相驗證對方的身分,確保相互溝通的對象之合法身分,在互相驗證該第一裝置12與該第二裝置13皆合法之後的該資料認證程序中,該第一裝置12將該溝通資訊以該密鑰進行加密,且該第二裝置13判定該溝通雜湊值及該解密溝通雜湊值是否一致,可更進一步的保障資料在該第一裝置12與該第二裝置13之間傳送的正確性,來保障資料安全,故確實能達成本發明的目的。 To sum up, the identity authentication method of the present invention uses the central control device 11 to determine the first authentication process when the central control device 11 performs the first authentication procedure. Whether the hash value is consistent with the first verification hash value is used to determine whether the first authentication information is legal and to ensure the legal identity of the first device 12. In the second authentication process after determining that the first device 12 is legal, The second device 13 determines whether the first hash message authentication code and the second hash message authentication code are consistent, and the first device 12 determines whether the third hash message authentication code and the fourth hash message authentication code are consistent, so as to Mutually verify each other's identities to ensure the legal identity of the parties communicating with each other. In the data authentication process after mutually verifying that both the first device 12 and the second device 13 are legal, the first device 12 uses the communication information to The key is encrypted, and the second device 13 determines whether the communication hash value and the decrypted communication hash value are consistent, which can further ensure the accuracy of data transmission between the first device 12 and the second device 13. To ensure data security, the purpose of the present invention can indeed be achieved.
惟以上所述者,僅為本發明的實施例而已,當不能以此限定本發明實施的範圍,凡是依本發明申請專利範圍及專利說明書內容所作的簡單的等效變化與修飾,皆仍屬本發明專利涵蓋的範圍內。 However, the above are only examples of the present invention. They cannot be used to limit the scope of the present invention. All simple equivalent changes and modifications made based on the patent scope of the present invention and the contents of the patent specification are still within the scope of the present invention. within the scope covered by the patent of this invention.
601~608:步驟 601~608: Steps
Claims (6)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW111140418A TWI822417B (en) | 2022-10-25 | 2022-10-25 | A authentication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW111140418A TWI822417B (en) | 2022-10-25 | 2022-10-25 | A authentication method |
Publications (2)
Publication Number | Publication Date |
---|---|
TWI822417B true TWI822417B (en) | 2023-11-11 |
TW202418122A TW202418122A (en) | 2024-05-01 |
Family
ID=89722616
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW111140418A TWI822417B (en) | 2022-10-25 | 2022-10-25 | A authentication method |
Country Status (1)
Country | Link |
---|---|
TW (1) | TWI822417B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190087581A1 (en) * | 2017-09-21 | 2019-03-21 | Samsung Electronics Co., Ltd. | Internet-of-things module |
CN112953727A (en) * | 2021-03-02 | 2021-06-11 | 西安电子科技大学 | Internet of things-oriented equipment anonymous identity authentication method and system |
CN114095276A (en) * | 2022-01-18 | 2022-02-25 | 杭州雅观科技有限公司 | Intelligent home security authentication method based on Internet of things |
-
2022
- 2022-10-25 TW TW111140418A patent/TWI822417B/en active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190087581A1 (en) * | 2017-09-21 | 2019-03-21 | Samsung Electronics Co., Ltd. | Internet-of-things module |
CN112953727A (en) * | 2021-03-02 | 2021-06-11 | 西安电子科技大学 | Internet of things-oriented equipment anonymous identity authentication method and system |
CN114095276A (en) * | 2022-01-18 | 2022-02-25 | 杭州雅观科技有限公司 | Intelligent home security authentication method based on Internet of things |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10484185B2 (en) | Method and system for distributing attestation key and certificate in trusted computing | |
CN109618326B (en) | User dynamic identifier generation method, service registration method and login verification method | |
US10862892B2 (en) | Certificate system for verifying authorized and unauthorized secure sessions | |
US8196186B2 (en) | Security architecture for peer-to-peer storage system | |
US9197420B2 (en) | Using information in a digital certificate to authenticate a network of a wireless access point | |
US7797544B2 (en) | Attesting to establish trust between computer entities | |
US9106617B2 (en) | Methods, systems and computer program products for authenticating computer processing devices and transferring both encrypted and unencrypted data therebetween | |
US7379551B2 (en) | Method and system for recovering password protected private data via a communication network without exposing the private data | |
AU2008344384B2 (en) | Information distribution system and program for the same | |
US11233647B1 (en) | Digital identity authentication system | |
US20140337921A1 (en) | Security and access system based on multi-dimensional location characteristics | |
KR20010004791A (en) | Apparatus for securing user's informaton and method thereof in mobile communication system connecting with internet | |
JP5602165B2 (en) | Method and apparatus for protecting network communications | |
WO2016054990A1 (en) | Security check method, device, terminal and server | |
US11722303B2 (en) | Secure enclave implementation of proxied cryptographic keys | |
WO2018112482A1 (en) | Method and system for distributing attestation key and certificate in trusted computing | |
US11804957B2 (en) | Exporting remote cryptographic keys | |
CN113411187A (en) | Identity authentication method and system, storage medium and processor | |
EP4096160A1 (en) | Shared secret implementation of proxied cryptographic keys | |
WO2021082222A1 (en) | Communication method and apparatus, storage method and apparatus, and operation method and apparatus | |
JP5186648B2 (en) | System and method for facilitating secure online transactions | |
US11399015B2 (en) | Data security tool | |
CN106576050B (en) | Three-tier security and computing architecture | |
TWI822417B (en) | A authentication method | |
TW202418122A (en) | A authentication method |