WO2016107583A1 - 呼叫方法及系统、固定电话机 - Google Patents

呼叫方法及系统、固定电话机 Download PDF

Info

Publication number
WO2016107583A1
WO2016107583A1 PCT/CN2015/099912 CN2015099912W WO2016107583A1 WO 2016107583 A1 WO2016107583 A1 WO 2016107583A1 CN 2015099912 W CN2015099912 W CN 2015099912W WO 2016107583 A1 WO2016107583 A1 WO 2016107583A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
data
call
server
electronic signature
Prior art date
Application number
PCT/CN2015/099912
Other languages
English (en)
French (fr)
Inventor
李东声
Original Assignee
天地融科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN201510112531.4A external-priority patent/CN104935758B/zh
Priority claimed from CN201510112694.2A external-priority patent/CN104935687B/zh
Application filed by 天地融科技股份有限公司 filed Critical 天地融科技股份有限公司
Publication of WO2016107583A1 publication Critical patent/WO2016107583A1/zh

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/42Systems providing special services or facilities to subscribers

Definitions

  • the present invention relates to the field of electronic technologies, and in particular, to a calling method and system, and a fixed telephone.
  • the user can apply for registration at the operator, and the operator will assign a network port and a corresponding telephone number to the user and register after passing the audit.
  • the user can then make or receive calls using a landline telephone connected to the network port. Others contact him by dialing the phone number assigned to the user.
  • the phone port corresponding to the phone number can only be used by the user. That is to say, others can only use this phone number to dial out the phone, but the port can only answer the called phone of the user. To a certain extent, the port and corresponding phone number must be assigned to each user. Waste of resources.
  • the present invention is directed to solving the problem that a telephone number can only be fixedly associated with a fixed telephone.
  • the main object of the present invention is to provide a calling method and system, a fixed telephone, a terminal, a communication device, a call system, a call processing device, a calling device, a sign-in method, a sign-in device, a check-in processing device, and a check-in system.
  • a call method comprising: a fixed telephone acquires an ID of a user from an electronic signature device; the fixed telephone sends a check-in request to the server, wherein the check-in request carries the ID of the user; the server receives The check-in request stores the ID of the user in association with the communication identifier of the fixed telephone; the server receives the call to the ID of the user, and connects the call to the communication identifier according to the association relationship between the ID of the user and the communication identifier of the fixed telephone.
  • Fixed telephone Fixed telephone.
  • the method further includes: the server authenticating the electronic signature device, and after the authentication is passed, performing the association between the ID of the user and the communication identifier of the fixed telephone.
  • the server authenticating the electronic signature device before the server associates the ID of the user with the communication identifier of the fixed telephone, the method further includes: the server authenticating the electronic signature device, and after the authentication is passed, performing the association between the ID of the user and the communication identifier of the fixed telephone. The steps of storage.
  • the server authenticating the electronic signature device includes: the server sends a first verification request to the fixed telephone; the fixed telephone receives the first verification request, and sends the first verification request to the electronic signature device; Receiving, by the signature device, the first verification request, signing the first to-be-signed data, and sending a first verification response to the fixed telephone, where the first verification request carries the first to-be-signed data,
  • the information carried in the first check response includes: the first signature data obtained by the signature, and the first signature data not included in the first verification request, the information carried in the first verification response includes: a first signature data obtained by the signature data and the signature;
  • the fixed telephone sends the received first verification response to the server; the server receives the first verification response, and the first signature carried in the first verification response The data is checked.
  • the method further includes: the electronic signature device signing the second to-be-signed data, and transmitting the second to-be-signed data and the second signature data obtained by the signature to the fixed telephone;
  • the information carried in the check-in request includes: the user ID, the second to-be-signed data, and the second signature data; or the information carried in the check-in request includes: second to-be-signed data and second signature data, wherein the second to be signed
  • the data includes the ID of the user;
  • the server authenticating the electronic signature device includes: the server performing the verification of the second signature data according to at least the second to-be-signed data.
  • the method further includes: the fixed telephone device authenticating the electronic signature device.
  • the method further includes: deleting, by the server, an association relationship between the ID of the user and the communication identifier of the fixed telephone.
  • the server deletes the user's ID and the fixed telephone.
  • the method further includes: the fixed telephone sends a first release check-in request to the server, wherein the first release check-in request carries the ID of the user; and the server receives the first release check-in request.
  • the method further includes: the fixed telephone receives the second release sign-in request sent by the electronic signature device, where the second release sign-in request carries the third to-be-signed data and The third signature data obtained by signing the third to-be-signed data; the first release sign-in request further carries the third to-be-signed data and the third signature data; the server deletes the association between the user ID and the communication identifier of the fixed telephone.
  • the method includes: the server performs verification on the third signature data according to at least the third to-be-signed data, and after the verification is passed, deleting the association between the ID of the user and the communication identifier of the fixed telephone.
  • the method further includes: the server sending a second verification request to the fixed telephone, wherein the second verification request carries the fourth signature to be signed Data; the fixed telephone receives the second verification request, and sends the second verification request to the electronic signature device; the electronic signature device receives the second verification request, and signs the fourth signature data; the electronic signature device signs The obtained fourth signature data is sent to the fixed telephone; the fixed telephone sends the received fourth signature data to the server; the server receives the fourth signature data, and performs verification on the fourth signature data, after the verification is passed, The step of deleting the association between the ID of the user and the communication identifier of the fixed telephone is performed.
  • the method further includes: the server notifying the fixed telephone, the server has released the check-in of the ID of the user.
  • the method further includes: sending a third verification request to the fixed telephone, wherein the third verification request carries the fifth signature data; the fixed telephone receives the first The third verification request is sent to the electronic signature device; the electronic signature device receives the third verification request, and signs the fifth signature data; the electronic signature device sends the fifth signature data obtained by the signature to a fixed telephone; the fixed telephone sends the received fifth signature data to the server; the server receives the fifth signature data, performs verification on the fifth signature data, and after the verification is passed, performs the connection to the fixed telephone A step of.
  • the method further includes: determining that the type of the call is a preset call type, and performing the step of connecting the call to the fixed telephone.
  • a call system comprising: an electronic signature device for storing an ID of a user; a fixed telephone for acquiring an ID of the user from the electronic signature device, and transmitting a check-in request to the server,
  • the check-in request carries the ID of the user;
  • the server is configured to receive the check-in request, store the ID of the user in association with the communication identifier of the fixed telephone, and receive the call to the ID of the user, according to the ID of the user and the fixed telephone.
  • the association of the communication identifiers connects the call to the fixed telephone corresponding to the communication identifier.
  • the server is further configured to perform identity authentication on the electronic signature device before storing the ID of the user in association with the communication identifier of the fixed telephone. After the authentication is passed, triggering to associate the ID of the user with the communication identifier of the fixed telephone. Operation.
  • the server authenticating the electronic signature device by: sending a first verification request to the fixed telephone, and receiving the first verification response returned by the fixed telephone, and carrying the response in the first verification response
  • the first signature data is checked, wherein, in the case that the first verification request carries the first to-be-signed data, the information carried in the first verification response includes: the first signature data obtained by the signature; In the case that the first signature data is not carried in the request, the information carried in the first verification response includes: first signature data and signature first signature data;
  • the fixed telephone is also used to receive the first Checking the request, and sending the first check request to the electronic signature device, and receiving the first check response returned by the electronic signature device, and sending the first check response to the server;
  • the electronic signature device is further configured to receive the first The verification request, the first signature data is signed, and the first verification response is sent to the fixed telephone.
  • the electronic signature device is further configured to: sign the second to-be-signed data, and send the second to-be-signed data and the second signature data obtained by the signature to the fixed telephone; the fixed telephone is further configured to send the check-in to the server.
  • the second signature data sent by the electronic signature device and the second signature data obtained by the signature are received;
  • the information carried in the check-in request includes: a user ID, a second signature data, and a second signature data; or, a check-in request
  • the information carried in the information includes: second to-be-signed data and second signature data, wherein the second to-be-signed data includes an ID of the user; the server authenticates the electronic signature device by: at least according to the second to-be-signed data pair Two signature data is checked.
  • the fixed telephone is further configured to authenticate the electronic signature device before sending the check-in request to the server.
  • the server is further configured to delete the association relationship between the ID of the user and the communication identifier of the fixed telephone after the ID of the user is stored in association with the communication identifier of the fixed telephone.
  • the fixed telephone is further configured to send a first release check-in request to the server after sending the check-in request to the server, where the first release check-in request carries the ID of the user; the server is further configured to receive the first release check-in The request triggers an operation of deleting the association relationship between the user's ID and the communication identifier of the fixed telephone.
  • the fixed telephone is further configured to receive a second release sign-in request sent by the electronic signature device before sending the release sign-on request to the server, where the second release sign-in request carries the third to-be-signed data and the third to-be-requested
  • the third signature data obtained by signing the signature data
  • the first release sign-in request further carries the third signature data and the third signature data
  • the server deletes the association relationship between the user ID and the communication identifier of the fixed telephone according to the following manner:
  • the third signature data is checked according to at least the third to-be-signed data. After the verification is passed, the association between the ID of the user and the communication identifier of the fixed telephone is deleted.
  • the server is further configured to send a second verification request carrying the fourth to-be-signed data to the fixed telephone, and receive the fourth signature data returned by the fixed telephone, and perform verification on the fourth signature data.
  • the fixed telephone is further configured to receive the second verification request, and send the second verification request to the electronic signature device, and receive the return of the electronic signature device
  • the fourth signature data is returned to the server
  • the electronic signature device is further configured to receive the second verification request, sign the fourth to-be-signed data, and send the fourth signature data obtained by the signature to the fixed telephone. machine.
  • the server is further configured to notify the fixed telephone after deleting the association between the ID of the user and the communication identifier of the fixed telephone, and the server has released the check-in of the ID of the user.
  • the server is further configured to: after receiving the call to the ID of the user, send a third verification request carrying the fifth to-be-signed data to the fixed telephone, and receive the fifth signature data returned by the fixed telephone, The fifth signature data is checked, and after the verification is passed, the operation of connecting the call to the fixed telephone is triggered; the fixed telephone is further configured to receive the third verification request, and send the third verification request to the electronic signature device. And receiving the fifth signature data returned by the electronic signature device, and sending the fifth signature data to the server; the electronic signature device is further configured to receive the third verification request, sign the fifth to-be-signed data, and obtain the signature The fifth signature data is sent to the fixed telephone.
  • the server is further configured to: after receiving the call to the user's ID, determine that the type of the call is a preset call type, and trigger an operation of connecting the call to the fixed telephone.
  • a fixed telephone set includes: a second transceiver module for acquiring an ID of a user from an electronic signature device; and a first transceiver module for transmitting a check-in request to the server, wherein the check-in request The request carries the ID of the user; the call module is configured to receive a call sent by the server and establish a call with the calling end.
  • the first transceiver module is further configured to receive a first verification request sent by the server; the second transceiver module is further configured to send the first verification request to the electronic signature device, and receive the first verification returned by the electronic signature device.
  • the information carried in the first verification response includes: the first signature data obtained by the signature, which is not carried in the first verification request.
  • the information carried in the first verification response includes: the first signature data and the first signature data obtained by the signature; the first transceiver module is further configured to receive the first verification The signing response is sent to the server.
  • the second transceiver module is further configured to receive the second to-be-signed data sent by the electronic signature device and the second signature data obtained by the electronic signature device to sign the second to-be-signed data; the first transceiver module sends the check-in request
  • the information to be carried includes: the user ID, the second to-be-signed data, and the second signature data; or the information carried in the sign-in request includes: second to-be-signed data and second signature data, wherein the second to-be-signed data includes the user ID.
  • the method further includes: an authentication module, configured to perform identity authentication on the electronic signature device.
  • the first transceiver module is further configured to send a first release sign-in request to the server, where the first release sign-in request carries the ID of the user.
  • the second transceiver module is further configured to receive a second release sign-in request sent by the electronic signature device, where the second release sign-in request carries the third to-be-signed data and the third signature-to-signature data is obtained.
  • the first release sign-in request sent by the first transceiver module further carries the third to-be-signed data and the third signature data.
  • the first transceiver module is further configured to receive a second verification request that is sent by the server and carry the fourth to-be-signed data.
  • the second transceiver module is further configured to send the second verification request to the electronic signature device, and receive the electronic
  • the signing device returns the fourth signature data obtained by signing the fourth to-be-signed data; the first transceiver module is further configured to return the fourth signature data to the server.
  • the first transceiver module is further configured to receive a notification sent by the server, where the notification indicates that the server has released the check-in of the ID of the user.
  • the first transceiver module is further configured to: before the call module receives the call sent by the server, receive a third check request sent by the server that carries the fifth to-be-signed data; the second transceiver module is further configured to perform the third check.
  • the signing request is sent to the electronic signature device, and the receiving electronic signature device returns the fifth signature data obtained by signing the fifth to-be-signed data.
  • the first transceiver module is further configured to send the fifth signature data to the server.
  • the calling method and system provided by the present invention and the fixed telephone can associate the ID of the user with different fixed telephones, so that the user only needs to carry the electronic signature device with the storage ID, and the same ID can be passed.
  • the telephone number can be flexibly associated with any fixed telephone, that is, the telephone is realized. Flexible movement of numbers.
  • different users can also receive calls through the same fixed telephone, which improves the utilization of the equipment.
  • the present invention provides a terminal, comprising: a communication interface, further comprising: a control module and an electronic signature device interface; the electronic signature device interface, configured to receive the check-in data from the electronic signature device, and Sending the check-in data to the control module, the check-in data includes at least an ID of a user of the terminal; the control module is configured to send the check-in data to the communication interface; the communication interface, Used to send the check-in data out.
  • the method further includes: an earpiece and a microphone; the communication interface is further configured to receive first call data from the outside, and send the first call data to the control module; the control module is further configured to The second call data corresponding to the first call data is sent to the handset; the third call data sent by the microphone is received, and the fourth call data corresponding to the third call data is sent to the communication interface; The communication interface is further configured to send the fourth call data out.
  • the second call data is obtained by decrypting the first call data by using the electronic signature device; and the fourth call data is obtained by encrypting the third call data via the electronic signature device. of.
  • the method further includes: an input device, receiving the input first input data, and transmitting the first input data to the control module; the control module, corresponding to the first input data Second input number It is sent to the communication interface.
  • the second input data is obtained by encrypting the first input data via the electronic signature device.
  • control module is a security chip.
  • the second call data is obtained by decrypting the first call data via the security chip
  • the fourth call data is obtained by encrypting the third call data via the security chip.
  • the method further includes: an input device, receiving the input first input data, and transmitting the first input data to the security chip; the security chip, corresponding to the first input data
  • the second input data is sent to the communication interface; the second input data is obtained by encrypting the first input data via the electronic signature device.
  • the security chip is further configured to receive a transport key from the electronic signature device interface and save the transport key.
  • the security chip is further configured to receive release check-in data from the electronic signature device interface or the communication interface or the input device, and delete the saved transmission key.
  • the security chip is also used to authenticate an electronic signature device.
  • the security chip is further configured to change the current transport key strip into a new transport key.
  • the electronic signature device interface is further configured to receive, from the electronic signature device, identity authentication data obtained by signing the signature data by the electronic signature device, and send the identity authentication data to the control module;
  • the control module is further configured to send the identity authentication data to the communication interface;
  • the communication interface is further configured to send the identity authentication data.
  • a call system comprising an electronic signature device and the above terminal; the electronic signature device being interfaced with an electronic signature device of the terminal.
  • the terminal provides a terminal and a call system, and the terminal receives the check-in data from the electronic signature device through the electronic signature device interface, and sends the check-in data to the server through the communication interface, so that The user only needs to carry the electronic signature device and connect the electronic signature device to any terminal, so that the same user's ID (electronic signature device) can use different terminals to make or receive calls, thereby realizing flexible movement of the user's ID.
  • a call method comprising:
  • the called terminal sends a check-in request to the server, where the check-in request carries an ID of the called user, and is used to instruct the server to associate the ID of the called user with the communication identifier of the called terminal;
  • the ID of the called user is a unique identifier registered by the called user on the server for the first electronic signature device used by the called user;
  • the method further includes: acquiring, by the first electronic signature device connected to the called terminal, an ID of the called user.
  • the method before acquiring the ID of the called user from the first electronic signature device connected to the called terminal, the method further includes: the called terminal performing identity authentication on the first electronic signature device.
  • the method further includes: the called terminal carries identity authentication data in the check-in request.
  • the method further includes: receiving a check-in request sent by the server; from the first electronic signature The device acquires signature data, where the signature data is data obtained by signing the signature data by the first electronic signature device; and sending the signature data to the server.
  • the method further includes: the called terminal sends a release check-in request to the server, where the release-check-in request carries the called user And an ID, configured to instruct the server to delete an association between an ID of the called user and a communication identifier of the called terminal.
  • the method further includes: the called terminal carries identity authentication data in the release sign-in request.
  • the method further includes: the called terminal and the calling terminal negotiate transmission density by using respective electronic signature devices. Key, the called terminal sends the information received during the transmission key negotiation process to the first electronic signature device, and instructs the first electronic signature device to obtain a transmission key according to the received information;
  • the method further includes: the called terminal transmitting the encrypted data received from the calling terminal to the first electronic signature device, and receiving the first electronic And the plaintext data returned by the signature device after decrypting the received encrypted data by using the transmission key; and transmitting the transmission data that needs to be sent to the calling terminal to the first electronic signature device, and receiving the The first electronic signature device performs the encrypted ciphertext data encrypted by the transmission data to be transmitted by the transmission key, and sends the ciphertext data to the calling terminal.
  • the method before performing a call with the calling terminal, the method further includes: negotiating a transmission key with the first electronic signature device, saving the transmission key, and transmitting the transmission key to the server ;
  • the method further includes: encrypting or decrypting the transmission data by using the transmission key.
  • the method further includes: deleting the saved transport key.
  • the method further includes: jumping a current transmission key into a new transmission key according to a preset hopping rule, and using the new transmission key.
  • the key encrypts or decrypts the transmitted data.
  • the hopping the current transmission key into a new transmission key including at least one of: changing the current transmission key to a new one according to the hopping trigger factor The transmission key; the key hop instruction is obtained, and the current transmission key is hopped into a new transmission key.
  • the hopping trigger factor includes at least one of the following: a hopping period, a hopping time point, and a call data amount.
  • the key hopping instruction includes at least one of: a key hopping instruction sent by the calling terminal, an input key hopping instruction, and a key hopping instruction generated according to a preset rule. .
  • the method further includes: generating a line hopping instruction; sending the line hopping instruction to the server, instructing the server to hop the current transmission line It is a new transmission line, and uses the new transmission line to make a call with the calling terminal.
  • a call method comprising:
  • the method further includes: authenticating the received identity authentication data sent by the called terminal, and performing, after the authentication is passed, executing the called user The step of associating and storing the ID with the communication identifier of the called terminal.
  • the method further includes: deleting, by the server, the ID of the called user and the communication of the called terminal The association of the identity.
  • the method further includes: receiving the identity authentication data returned by the called terminal, and performing identity authentication, after the identity authentication is passed, executing, by the server, deleting the ID of the called user and the called party The step of associating the communication identity of the terminal.
  • the method further includes: sending a verification request to the called terminal; after receiving the signature data returned by the called terminal Performing a check and performing the step of establishing a call link between the calling terminal and the called terminal after the check is passed.
  • the method further includes: determining that the type of the call request is a preset call request type, and performing establishing the calling terminal and the location The step of the call link of the called terminal.
  • the method further includes: receiving a first transmission key sent by the called terminal and saving the first transmission Transmitting a key, and receiving a second transmission key sent by the calling terminal and saving the second transmission key; encrypting transmission data between the called terminal and the called terminal by using the first transmission key Or decrypting, and encrypting or decrypting data transmitted between the calling terminal and the calling terminal by using the second transmission key.
  • the method further includes deleting the first transport key and/or the second transport key.
  • the method further includes: sending a key deletion request to the called terminal and/or the calling terminal, to indicate that the called terminal and/or the calling terminal delete the saved transmission. Key.
  • the method further includes:
  • the hopping the current first transmission key into a new first transmission key according to a preset hopping rule, and/or hopping the current second transmission key For the new second transport key include at least one of the following:
  • the hopping trigger factor includes at least one of the following: a hopping period, a hopping time point, and a call data amount.
  • the key hopping instruction includes at least one of: the called terminal and/or a key hopping instruction sent by the calling terminal, and a key hopping instruction generated according to a preset rule. .
  • the method further includes: jumping a current transmission line into a new transmission line according to a preset line hopping rule, and using the The new transmission line transmits the transmitted data.
  • the called user includes multiple, and the call request carries an ID of each called user;
  • the called terminal corresponding to the communication identifier associated with the ID sends a multi-party call request; after receiving the acknowledgment response returned by one or more of the plurality of called terminals, establishing the calling terminal and one or more called a call link between the terminal and the one or more called terminals.
  • the method further includes: receiving, by the calling terminal, Shared transport key; pass the share The input key is sent to the one or more called terminals.
  • the method further includes: the server receives a check-in request sent by the calling terminal, where the check-in request carries an ID of the calling user; and the ID of the calling user is related to the main The communication identifier of the terminal is associated and stored.
  • the method further includes: authenticating the received identity authentication data sent by the calling terminal, and performing the calling user after the authentication is passed.
  • the method further includes: deleting, by the server, the ID of the calling user and the communication of the calling terminal The association of the identity.
  • the method further includes: sending a verification request to the calling terminal;
  • the verification After receiving the signature data returned by the calling terminal, the verification is performed, and after the verification is passed, the step of establishing the call link between the calling terminal and the called terminal is performed.
  • a call method comprising:
  • the calling terminal obtains the ID of the called user;
  • the ID of the called user is a unique identifier registered by the called user on the server for the first electronic signature device used by the called user;
  • the calling terminal initiates a call request to the server to call the called user, where the call request carries an ID of the called user;
  • the method further includes: the calling terminal sends a check-in request to the server, where the check-in request carries an ID of the calling user, and is used to instruct the server to use the ID of the calling user.
  • the ID of the calling user is a unique identifier registered by the calling user on the server for the second electronic signature device used by the calling user.
  • the method further includes: acquiring, by the second electronic signature device connected to the calling terminal, the ID of the calling user.
  • the method before the obtaining, by the second electronic signature device connected to the calling terminal, the ID of the calling user, the method further includes: the calling terminal performing identity authentication on the second electronic signature device .
  • the method further includes: the calling terminal carries identity authentication data in the check-in request.
  • the method further includes: receiving a verification request sent by the server;
  • the second electronic signature device acquires signature data, and the signature data is obtained by signing the signature data by the second electronic signature device. Data; the signature data is sent to the server.
  • the method further includes: the calling terminal sends a release sign-in request to the server, where the release sign-in request carries the calling user An ID, configured to instruct the server to delete an association between an ID of the calling user and a communication identifier of the calling terminal.
  • the method further includes: the calling terminal carries the identity authentication data in the release sign-in request.
  • the method further includes: the calling terminal and the called terminal use respective electronic
  • the signing device negotiates a transport key, and the calling terminal sends the information received during the transport key negotiation process to the second electronic signature device, instructing the second electronic signature device to obtain the transport key according to the received information. ;
  • the method further includes: the calling terminal transmitting the encrypted data received from the called terminal to the second electronic signature device, and receiving the second electronic And the plaintext data returned by the signature device after decrypting the received encrypted data by using the transmission key; and transmitting the transmission data that needs to be sent to the called terminal to the second electronic signature device, and receiving the The second electronic signature device performs the encrypted ciphertext data encrypted by the transmission data to be transmitted by the transmission key, and sends the ciphertext data to the called terminal.
  • the method before the talking with the called terminal, the method further includes: negotiating a transmission key with the second electronic signature device, saving the transmission key, and sending the transmission key to the server;
  • the method further includes: encrypting or decrypting the transmission data by using the transmission key.
  • the method further includes: deleting the saved transport key.
  • the method further includes: jumping a current transmission key into a new transmission key according to a preset hopping rule, and using the new The transport key encrypts or decrypts the transmitted data.
  • the hopping the current transmission key into a new transmission key including at least one of: changing the current transmission key to a new one according to the hopping trigger factor The transmission key; the key hop instruction is obtained, and the current transmission key is hopped into a new transmission key.
  • the hopping trigger factor includes at least one of the following: a hopping period, a hopping time point, and a call data amount.
  • the key hopping instruction includes at least one of the following: a key hopping instruction sent by the called terminal, an input key hopping instruction, and a key hopping instruction generated according to a preset rule. .
  • the method further includes: generating a line hopping instruction; sending the line hopping instruction to the server, instructing the server to transmit the current transmission Line jumps into a new pass Transmitting a line and using the new transmission line to talk to the called terminal.
  • the called user includes multiple.
  • the method before the calling with the called terminal, the method further includes: the calling terminal transmitting, by the calling terminal, the shared transmission key generated by the second electronic signature device to the communication identifier associated with the IDs of the plurality of the called users And the plurality of called terminals; in the talking with the called terminal, the method further includes: encrypting or decrypting the transmission data of the plurality of called terminals by using the shared transmission key.
  • a call device comprising:
  • a sending module configured to send a check-in request to the server, where the check-in request carries an ID of the called user, and is used to instruct the server to associate the ID of the called user with the communication identifier of the called terminal;
  • the ID of the called user is a unique identifier registered by the called user on the server for the first electronic signature device used by the called user;
  • a receiving module configured to receive a call request sent by the server, where the call request is a call request initiated by the calling terminal to the ID of the called user;
  • a call module configured to establish a call link with the calling terminal, and make a call with the calling terminal.
  • the calling device further includes: a first acquiring module, configured to acquire an ID of the called user from a first electronic signature device connected to the called terminal.
  • a first acquiring module configured to acquire an ID of the called user from a first electronic signature device connected to the called terminal.
  • the calling device further includes: an authentication module, configured to perform identity authentication on the first electronic signature device.
  • the sending module is further configured to carry the identity authentication data in the check-in request.
  • the receiving module is further configured to: after the sending module sends the sign-in request to the server, receive the check-in request sent by the server, before receiving the call request sent by the server;
  • the device further includes: a second obtaining module, configured to acquire signature data from the first electronic signature device, wherein the signature data is data obtained by signing the signature data by the first electronic signature device;
  • the sending module is further configured to send the signature data to the server.
  • the sending module is further configured to send a release check-in request to the server, where the release check-in request carries an ID of the called user, and is used to instruct the server to delete the ID of the called user.
  • the sending module is further configured to carry the identity authentication data in the release sign-in request.
  • the device further includes: a first negotiation module, configured to negotiate, by using the first electronic signature device, a transmission key with the calling terminal;
  • the sending module is further configured to send the information received in the transmission key negotiation process to the first electronic signature device, to instruct the first electronic signature device to acquire a transmission key according to the received information; And transmitting, by the calling terminal, the encrypted data received from the calling terminal to the first electronic signature device;
  • the receiving module is further configured to receive the plaintext data returned by the first electronic signature device after decrypting the received encrypted data by using the transmission key;
  • the sending module is further configured to send transmission data that needs to be sent to the calling terminal to the first electronic signature device;
  • the receiving module is further configured to receive the returned ciphertext data that is encrypted by the first electronic signature device by using the transmission key to encrypt the transmission data that needs to be sent;
  • the sending module is further configured to send the ciphertext data to the calling terminal.
  • the device further includes: a second negotiation module, configured to negotiate a transmission key with the first electronic signature device; and a storage module, configured to save the transmission key;
  • the sending module is further configured to send the transport key to the server
  • the apparatus further includes an encryption and decryption module for encrypting or decrypting the transmission data using the transmission key.
  • the device further includes: a deleting module, configured to delete the transport key saved by the storage module.
  • a deleting module configured to delete the transport key saved by the storage module.
  • the device further includes: an executing module, configured to jump the currently used transmission key into a new transmission key according to a preset hopping rule.
  • the executing module hops the currently used transmission key into a new transmission key according to at least one of the following: hopping the current transmission key into a new transmission key according to the hopping trigger factor; Obtain a key hopping instruction to hop the current transport key into a new transport key.
  • the device further includes: a generating module, configured to generate a line hopping instruction;
  • the sending module is further configured to send the line hopping instruction to the server, instructing the server to hop the current transmission line into a new transmission line, and using the new transmission line with the calling party
  • the terminal makes a call.
  • a call processing apparatus comprising:
  • a receiving module configured to receive a check-in request sent by the called terminal, where the check-in request includes an ID of the called user; and the ID of the called user is that the called user is the called user on a server The unique identifier of the first electronic signature device used for registration;
  • a storage module configured to associate and store an ID of the called user with a communication identifier of the called terminal
  • a establishing module configured to establish the calling party according to an association relationship between an ID of the called user and a communication identifier of the called terminal after receiving a call request of the calling terminal to the ID of the called user a call link between the terminal and the called terminal.
  • the device further includes: a first authentication module, configured to perform authentication on the received first identity authentication data sent by the called terminal, and after the authentication is passed, trigger the storage module to The ID of the called user is associated with and stored by the communication identifier of the called terminal.
  • a first authentication module configured to perform authentication on the received first identity authentication data sent by the called terminal, and after the authentication is passed, trigger the storage module to The ID of the called user is associated with and stored by the communication identifier of the called terminal.
  • the device further includes: a first deleting module, configured to delete the ID of the called user and the called terminal The association of the communication identifier of the end.
  • a first deleting module configured to delete the ID of the called user and the called terminal The association of the communication identifier of the end.
  • the receiving module is further configured to receive the second identity authentication data that is returned by the called terminal, where the device further includes: a second authentication module, configured to perform identity authentication according to the second identity, After the identity authentication is passed, the first deleting module is triggered to delete the association between the ID of the called user and the communication identifier of the called terminal.
  • the device further includes: a first sending module, configured to send a check request to the called terminal after receiving a call request of the calling terminal to the called user's ID;
  • the receiving module is further configured to receive signature data returned by the called terminal;
  • the device further includes: an verification check module, configured to perform verification on the signature data, and after the verification pass, trigger the establishment module to establish a call link between the calling terminal and the called terminal.
  • an verification check module configured to perform verification on the signature data, and after the verification pass, trigger the establishment module to establish a call link between the calling terminal and the called terminal.
  • the device further includes: a determining module, configured to determine, after receiving a call request of the calling terminal to the ID of the called user, whether the type of the call request is a preset call request type, If yes, the establishing module is triggered to perform a call link establishing the calling terminal and the called terminal.
  • a determining module configured to determine, after receiving a call request of the calling terminal to the ID of the called user, whether the type of the call request is a preset call request type, If yes, the establishing module is triggered to perform a call link establishing the calling terminal and the called terminal.
  • the receiving module is further configured to receive a first transmission key sent by the called terminal and receive a second transmission key sent by the calling terminal;
  • the storage module is further configured to save the first transport key and the second transport key
  • the apparatus further includes: an encryption and decryption module for encrypting or decrypting transmission data between the called terminal and the called terminal by using the first transmission key, and using the second transmission key pair and the Data is transmitted between the calling terminals for encryption or decryption.
  • the device further includes: a second deleting module, configured to delete the first transport key and/or the second transport key.
  • a second deleting module configured to delete the first transport key and/or the second transport key.
  • the device further includes: a second sending module, configured to send a key deletion request to the called terminal and/or the calling terminal, to indicate the called terminal and/or the The calling terminal deletes the saved transport key.
  • a second sending module configured to send a key deletion request to the called terminal and/or the calling terminal, to indicate the called terminal and/or the The calling terminal deletes the saved transport key.
  • the encryption and decryption module is further configured to: in the process of the call between the calling terminal and the called terminal, hopping the current first transmission key according to a preset hopping rule. a new first transport key and encrypting or decrypting the transmitted data using the new first transport key; and/or
  • the encryption and decryption module is further configured to: when the calling terminal and the called terminal make a call, jump the current second transmission key to a new second according to a preset hopping rule. The key is transmitted and the transmission data is encrypted or decrypted using the new second transmission key.
  • the encryption and decryption module hops the current first transmission key into a new first transmission key according to at least one of the following, and/or hops the current second transmission key Become the new second transport key:
  • the device further includes: a hopping module, configured to hop the transmission line of the current data transmission into a new transmission line according to a preset line hopping rule.
  • a hopping module configured to hop the transmission line of the current data transmission into a new transmission line according to a preset line hopping rule.
  • the called user includes multiple, and the call request carries an ID of each called user;
  • the establishing module is further configured to send a multi-party call request to the called terminal corresponding to the communication identifier associated with the ID of each of the called users, and confirm the return of one or more of the plurality of the called terminals. After the response, a call link between the calling terminal and one or more called terminals, and the one or more called terminals is established.
  • the receiving module is further configured to: before the call link between the calling terminal and the one or more called terminals, and the one or more called terminals, receive the calling terminal The shared transport key sent;
  • the apparatus further includes: a third sending module, configured to send the shared transport key to the one or more called terminals.
  • the receiving module is further configured to receive a sign-in request sent by the calling terminal, where the sign-in request carries an ID of the calling user;
  • the storage module is further configured to associate and store the ID of the calling user with the communication identifier of the calling terminal.
  • the receiving module is further configured to: after the server receives the sign-in request of the calling terminal, receive the third identity authentication data sent by the calling terminal;
  • the device further includes: a third authentication module, configured to authenticate the third identity authentication data, and after the authentication is passed, trigger the storage module to use the ID of the calling user and the calling terminal
  • the communication identifier is associated and stored.
  • the device further includes: a third deleting module, configured to delete an association between an ID of the calling user and a communication identifier of the calling terminal.
  • a third deleting module configured to delete an association between an ID of the calling user and a communication identifier of the calling terminal.
  • the device further includes: a fourth sending module, configured to send a check request to the calling terminal after receiving a call request of the calling terminal to the ID of the called user;
  • a fourth authentication module configured to perform a verification after receiving the signature data returned by the calling terminal, and after the verification is passed, triggering the establishing module to establish a call between the calling terminal and the called terminal link.
  • a call device comprising:
  • An obtaining module configured to obtain an ID of the called user;
  • the ID of the called user is a unique identifier registered by the called user on the server for the first electronic signature device used by the called user;
  • a call module configured to initiate a call request to the server by the called user, where the call request carries an ID of the called user;
  • a receiving module configured to receive a call response returned by the server
  • the call module is configured to establish a call link with the called terminal, and make a call with the called terminal, where the communication identifier of the called terminal is associated with the ID of the called user.
  • the device further includes: a first sending module, configured to send a check-in request to the server, where the check-in request carries an ID of the calling user, where the server is instructed to use the calling user
  • the ID of the caller is associated with the communication identifier of the calling terminal; the ID of the calling user is a unique identifier registered by the calling user on the server for the second electronic signature device used by the calling user.
  • the acquiring module is further configured to acquire an ID of the calling user from the second electronic signature device connected to the calling terminal.
  • the first authentication module is configured to perform identity authentication on the second electronic signature device before acquiring the ID of the calling user from the second electronic signature device connected to the calling terminal.
  • the first sending module is further configured to carry the identity authentication data in the check-in request.
  • the receiving module is further configured to: after receiving a call request of the called user to the server, receiving a verification request sent by the server before receiving a call response returned by the server;
  • the acquiring module is further configured to acquire signature data from the second electronic signature device, where the signature data is data obtained by signing the signature data by the second electronic signature device;
  • the apparatus further includes: a second sending module, configured to send the signature data to the server.
  • the device further includes: a third sending module, configured to send a release sign-in request to the server after the calling terminal sends a sign-in request to the server, where the release sign-in request carries The ID of the calling user is used to instruct the server to delete the association between the ID of the calling user and the communication identifier of the calling terminal.
  • a third sending module configured to send a release sign-in request to the server after the calling terminal sends a sign-in request to the server, where the release sign-in request carries The ID of the calling user is used to instruct the server to delete the association between the ID of the calling user and the communication identifier of the calling terminal.
  • the third sending module is further configured to carry the identity authentication data in the release sign-in request.
  • the first negotiation module is configured to use the respective electronic signatures with the called terminal before making a call with the called terminal after establishing a call link with the called terminal used by the called user.
  • the device negotiates a transport key
  • the device further includes: a fourth sending module, configured to send information from the called terminal to the second electronic signature device during a transmission key negotiation process, to indicate that the second electronic signature device receives The obtained information acquires a transmission key; in the process of making a call with the called terminal, the encrypted data received from the called terminal is sent to the second electronic signature device, and the need to be sent to the Transmitting data of the called terminal to the second electronic signature device;
  • a fourth sending module configured to send information from the called terminal to the second electronic signature device during a transmission key negotiation process, to indicate that the second electronic signature device receives The obtained information acquires a transmission key; in the process of making a call with the called terminal, the encrypted data received from the called terminal is sent to the second electronic signature device, and the need to be sent to the Transmitting data of the called terminal to the second electronic signature device;
  • the receiving module is further configured to receive, during a call with the called terminal, the plaintext data returned by the second electronic signature device after decrypting the received encrypted data by using the transport key. Receiving, by the second electronic signature device, the returned ciphertext after encrypting the transmission data that needs to be transmitted by using the transmission key data;
  • the fourth sending module is further configured to send the ciphertext data to the called terminal.
  • a second negotiation module is configured to negotiate a transmission key with the second electronic signature device; a storage module, configured to save the transmission key; and a fifth sending module, configured to send the transmission key
  • the first encryption and decryption module is configured to encrypt or decrypt the transmission data by using the transmission key during a call with the called terminal.
  • the deleting module is configured to delete the transport key saved by the storage module after the end of the call with the called terminal.
  • the first encryption and decryption module is further configured to: during a call with the called terminal, hop the current transmission key into a new transmission key according to a preset hopping rule, and The transmission data is encrypted or decrypted using the new transmission key.
  • the first encryption and decryption module hops the current transmission key into a new transmission key according to at least one of the following: hopping the current transmission key into a new transmission key according to the hopping trigger factor Key; obtains a key hopping instruction, and hops the current transmission key into a new transmission key.
  • the device further includes: a generating module, configured to generate a line hopping instruction during a call with the called terminal; and a sixth sending module, configured to send the line hopping instruction to The server instructs the server to hop the current transmission line into a new transmission line, and uses the new transmission line to make a call with the called terminal.
  • a generating module configured to generate a line hopping instruction during a call with the called terminal
  • a sixth sending module configured to send the line hopping instruction to The server instructs the server to hop the current transmission line into a new transmission line, and uses the new transmission line to make a call with the called terminal.
  • the called user includes multiple; the device further includes: the acquiring module is further configured to acquire a shared transport key generated by the second electronic signature device before performing a call with the called terminal;
  • a seventh sending module configured to send the shared transport key to a plurality of called terminals corresponding to the communication identifiers associated with the IDs of the called users;
  • a second encryption and decryption module configured to encrypt or decrypt the transmission data of the plurality of called terminals by using the shared transmission key during a call with the called terminal.
  • a call system comprising:
  • the called terminal includes a call device as above
  • the server includes the above call processing device
  • the calling terminal includes the above call device .
  • the system further includes: a second electronic signature device connected to the calling terminal.
  • a check-in method comprising:
  • the server receives the communication identifier and the check-in request sent by the terminal, and the check-in request includes the user ID;
  • the user ID is a unique identifier registered by the user on the server for the electronic signature device used by the user;
  • the user ID is associated with the terminal's communication identifier and stored.
  • the method further includes: the server authenticating the received user identity authentication data sent by the terminal, and after performing the authentication, executing the The step of associating and storing the user ID with the communication identifier of the terminal, where the user identity authentication data is obtained by signing the signature data by the electronic signature device.
  • the method further includes: deleting, by the server, an association relationship between the user ID and a communication identifier of the terminal.
  • the method further includes: the server receiving the user identity authentication data sent by the terminal, and performing identity authentication, and after the identity authentication is passed, executing the server to delete the communication between the user ID and the terminal The steps to identify the association.
  • a check-in method comprising:
  • the terminal determines whether the rule for triggering the sign-in is satisfied
  • the terminal After the triggering of the check-in rule, the terminal sends a communication identifier and a check-in request to the server.
  • the check-in request carries a user ID, and the user ID is used to instruct the server to associate the user ID with the communication identifier of the terminal, and the user ID is the user on the server.
  • the unique identifier of the electronic signature device registration used by the user.
  • the method further includes: acquiring the user ID from an electronic signature device connected to the terminal.
  • the method before acquiring the user ID from the electronic signature device connected to the terminal, the method further includes: the terminal performing identity authentication on the electronic signature device.
  • the method further includes: the terminal carrying user identity authentication data in the check-in request, where the user identity authentication data is obtained by the electronic signature device to sign the signature data.
  • the method further includes: the terminal sending a release check-in request to the server, where the release check-in request carries the user ID, and is used to indicate the The server deletes the association relationship between the user ID and the communication identifier of the terminal.
  • the method further includes: the terminal carrying user identity authentication data in the release check-in request.
  • the step of satisfying the triggering check-in includes at least one of: the terminal receives the check-in instruction input by the user; the terminal receives the check-in instruction sent by the server; the terminal receives the A check-in instruction of the connected electronic signature device.
  • a check-in processing apparatus comprising:
  • a receiving module configured to receive a check-in request sent by the terminal, where the check-in request includes a user ID; the user ID is a unique identifier registered by the user on the server for the electronic signature device used by the user;
  • the storage module is configured to associate and store the user ID with the communication identifier of the terminal.
  • the device further includes: a first authentication module, configured to: after receiving the check-in request of the terminal, perform authentication on the received first user identity authentication data sent by the terminal, and after the authentication is passed, The storage module is triggered to associate and store the user ID with a communication identifier of the terminal, where the first user identity authentication data is obtained by signing the signature data by the electronic signature device.
  • a first authentication module configured to: after receiving the check-in request of the terminal, perform authentication on the received first user identity authentication data sent by the terminal, and after the authentication is passed, The storage module is triggered to associate and store the user ID with a communication identifier of the terminal, where the first user identity authentication data is obtained by signing the signature data by the electronic signature device.
  • the device further includes: a deleting module, configured to delete an association relationship between the user ID and a communication identifier of the terminal.
  • a deleting module configured to delete an association relationship between the user ID and a communication identifier of the terminal.
  • the device further includes: a second identity authentication module, configured to receive second user identity authentication data sent by the terminal, and perform identity authentication, and after the identity authentication is passed, triggering the deleting module to delete the used ID and The association relationship of the communication identifier of the terminal, where the second user identity authentication data is obtained by signing the signature data by the electronic signature device.
  • a second identity authentication module configured to receive second user identity authentication data sent by the terminal, and perform identity authentication, and after the identity authentication is passed, triggering the deleting module to delete the used ID and The association relationship of the communication identifier of the terminal, where the second user identity authentication data is obtained by signing the signature data by the electronic signature device.
  • a check-in device comprising:
  • the check-in triggering module is configured to determine whether the rule for triggering the check-in is satisfied, and if yes, triggering the sending module to send the sign-in request to the server;
  • the sending module is configured to send a check-in request to the server after the check-in trigger module is triggered, where the check-in request carries a user ID, where the user ID is used to instruct the server to associate the user ID with the communication identifier of the sign-in device, and the user ID is the user on the server.
  • the device further includes: an obtaining module, configured to acquire the user ID from an electronic signature device connected to the check-in device.
  • the device further includes: an authentication module, configured to perform identity authentication on the electronic signature device.
  • the sending module is further configured to carry user identity authentication data in the check-in request, where the user identity authentication data is obtained by signing the signature data by the electronic signature device, and the acquiring module is used by the acquiring module.
  • the electronic signature device connected to the check-in device is acquired.
  • the sending module is further configured to send a release check-in request to the server, where the release check-in request carries the user ID, and is used to instruct the server to delete the user ID and the check-in device.
  • the association of the communication identity is further configured to send a release check-in request to the server, where the release check-in request carries the user ID, and is used to instruct the server to delete the user ID and the check-in device.
  • the sending module is further configured to carry user identity authentication data in the release sign-in request.
  • the check-in triggering module is configured to determine whether the rule for triggering the check-in is met, and includes at least one of: receiving a check-in instruction input by the user; receiving a check-in instruction sent by the server; receiving the connection with the server The check-in instruction of the electronic signature device.
  • a check-in system comprising: a terminal, a server, and an electronic signature device connected to the terminal, wherein the server includes the check-in processing device as above, and the terminal includes the check-in device as above.
  • the method and device can associate the user ID with different terminals (including fixed telephones), so that the user only needs to carry the electronic signature device with the storage ID, and then can use different terminals to make or receive calls through the same ID, as opposed to the current
  • the telephone number of the user can only be fixed on one terminal, and the telephone number can be flexibly associated with any one terminal, that is, the flexible movement of the telephone number is realized.
  • different users can also receive calls through the same terminal, which improves the utilization of the device.
  • the terminal can use its electronic signature device to perform identity authentication and negotiate transmission key. By authenticating the calling user or the called user, the malicious party can be maliciously imitated to scam, and the security of the call system is improved.
  • the transmission key is used to encrypt and decrypt the transmission data to ensure the security of the call data.
  • FIG. 1 is a schematic structural diagram of a call system according to Embodiment 1 of the present invention.
  • FIG. 2 is a schematic structural diagram of an optional call system according to Embodiment 1 of the present invention.
  • FIG. 3 is a flowchart of a calling method according to Embodiment 2 of the present invention.
  • Embodiment 4 is a schematic structural diagram of a fixed telephone provided by Embodiment 3 of the present invention.
  • FIG. 5 is a schematic structural diagram of a call system according to Embodiment 4 of the present invention.
  • FIG. 6 is a schematic structural diagram of a terminal according to Embodiment 4 of the present invention.
  • FIG. 7 is a schematic structural diagram of a call system according to Embodiment 4 of the present invention.
  • FIG. 8 is a schematic structural diagram of a terminal according to Embodiment 5 of the present invention.
  • FIG. 9 is a schematic structural diagram of a call system according to Embodiment 6 of the present invention.
  • FIG. 10 is a schematic structural diagram of a communication device according to Embodiment 7 of the present invention.
  • FIG. 11 is a schematic structural diagram of a call apparatus according to Embodiment 8 of the present invention.
  • FIG. 12 is a schematic structural diagram of a call processing apparatus according to Embodiment 9 of the present invention.
  • FIG. 13 is a flowchart of a method for calling a calling terminal side according to Embodiment 10 of the present invention.
  • FIG. 14 is a flowchart of a calling terminal actively carrying identity authentication data in a check-in request according to Embodiment 10 of the present invention.
  • FIG. 15 is a flowchart of generating identity authentication data by a calling terminal according to data to be signed sent by a server according to Embodiment 10 of the present invention, and carrying the identity authentication data in a check-in request;
  • FIG. 16 is a flowchart of a method for applying a call to a called terminal according to Embodiment 11 of the present invention.
  • FIG. 17 is a flowchart of a call method applied to a server side according to Embodiment 12 of the present invention.
  • FIG. 19 is a flowchart of a terminal initiating a check-in to a server according to Embodiment 14 of the present invention.
  • FIG. 21 is a flowchart of performing key hopping when data is exchanged between a terminal and a terminal according to Embodiment 15 of the present invention.
  • FIG. 22 is a flowchart of performing another key hopping when performing data interaction between a terminal and a terminal according to Embodiment 15 of the present invention.
  • FIG. 23 is a flowchart of performing key hopping when data is exchanged between a terminal and a server according to Embodiment 15 of the present invention.
  • FIG. 25 is a flowchart of a method for calling a multiparty call according to Embodiment 16 of the present invention.
  • 26 is a flowchart of a check-in method applied to a server side according to Embodiment 17 of the present invention.
  • FIG. 27 is a flowchart of a check-in method applied to a terminal side according to Embodiment 18 of the present invention.
  • FIG. 28 is a schematic structural diagram of a check-in processing device according to Embodiment 19 of the present invention.
  • FIG. 29 is a schematic structural diagram of another check-in processing apparatus according to Embodiment 19 of the present invention.
  • FIG. 30 is a schematic structural diagram of a sign-in device according to Embodiment 20 of the present invention.
  • connection In the description of the present invention, it should be noted that the terms “installation”, “connected”, and “connected” are to be understood broadly, and may be fixed or detachable, for example, unless otherwise explicitly defined and defined. Connected, or connected in one Connected; can be mechanical or electrical connection; can be directly connected, or indirectly connected through an intermediate medium, can be the internal communication of the two components.
  • Connected, or connected in one Connected can be mechanical or electrical connection; can be directly connected, or indirectly connected through an intermediate medium, can be the internal communication of the two components.
  • the specific meaning of the above terms in the present invention can be understood in a specific case by those skilled in the art.
  • a call system is provided.
  • a call system according to an embodiment of the present invention includes an electronic signature device 10, a fixed telephone 20, and a server 30.
  • the electronic signature device 10 is used to store the ID of the user.
  • the user registers with the server 30 using the electronic signature device 10 that it uses, and the server 30 assigns the user a unique identifier (referred to as the user's ID in the embodiment of the present invention), the unique identifier being stored in the electronic In the signature device 10.
  • the fixed telephone 20 is configured to acquire the ID of the user from the electronic signature device 10 and send a check-in request to the server 30, wherein the check-in request carries the ID of the user.
  • the electronic signature device 10 is used to connect with the fixed telephone 20 (which may be a wired connection or a wireless connection), and the fixed telephone 20 is from the electronic signature device. 10: Obtain the ID of the user, and then send a check-in request carrying the ID of the user to the server 30, instructing the server 30 that the user corresponding to the ID of the user is currently using the fixed telephone.
  • the ID of the user can be triggered by the electronic signature device 10 after the connection with the fixed telephone 20 is established.
  • the electronic signature device 10 actively sends the ID to the fixed telephone 20, so that the fixed telephone can be triggered.
  • the check-in request is sent to the server 30, or the fixed-telephone 20 may request the electronic signature device 10 after the electronic signature device 10 establishes a connection with the fixed telephone 20.
  • the fixed telephone 20 acquires from the electronic signature device 10 upon receiving an instruction to externally output.
  • the command may be used to instruct the fixed telephone 20 to send a sign-in request, or may be used to instruct the fixed-telephone 20 to request the ID of the user from the electronic signature device 10.
  • the specific embodiment is not limited.
  • the server 30 is configured to receive the sign-in request, store the ID of the user in association with the communication identifier of the fixed telephone 20 that sends the sign-in request, and receive a call to the ID of the user, according to the ID of the user and the fixed telephone.
  • the association of the communication identifiers of 20 connects the call to the fixed telephone 20 corresponding to the communication identifier.
  • the unique identifier (ie, the ID of the user) allocated by the server 30 for the user is stored in the electronic signature device 10, and the entire network can uniquely identify a user by using the unique identifier.
  • the server 30 After signing in using the ID of the user stored in the electronic signature device on any fixed telephone, the server 30 can connect the call calling the ID to the fixed telephone currently used by the user according to the ID of the user (ie, fixed.
  • the telephone 20) can be used to make the user only need to carry the electronic signature device with the storage ID, so that the same ID can be used to make or receive the call by using different fixed telephones, and the telephone number of the user can only be fixed in the prior art.
  • the defect on a fixed telephone realizes that the telephone number can be flexibly linked to any fixed telephone, that is, the flexible movement of the telephone number is realized.
  • different users can also receive calls through the same fixed telephone, which improves the utilization of the equipment.
  • the fixed telephone 20 is a fixed telephone supporting the electronic signature device.
  • the check-in means that the user uses the fixed telephone 20 to send the ID of the user stored in the electronic signature device 20 to the server 30.
  • the server 30 fixes the ID of the user.
  • the communication identification of the telephone 20 is associated such that the server 30 knows the fixed telephone currently being used by the user.
  • the server 30 receives the call to the ID of the user, finds the communication identifier associated with the ID of the user, and connects the call to the corresponding to the communication identifier.
  • Fixed telephone ie fixed telephone 20).
  • the user ID is not fixedly bound to a fixed telephone, and the electronic signature device 10 can conveniently associate the user ID with different fixed telephones, thereby Even if a fixed telephone is used, the user can use the same ID to answer the call using a different fixed telephone, thereby realizing the mobility of the fixed telephone.
  • the user can conveniently use any fixed telephone to answer the call through the same ID, and different users can also answer the call through the same fixed telephone, thereby improving the utilization rate of the device.
  • the communication identifier of the fixed telephone may be a network port allocated by the network to the fixed telephone.
  • the communication identifier may also be a fixed telephone.
  • the other identifiers of the present invention are not limited as long as the network side can establish a connection with the fixed telephone through the identifier.
  • each user (1, 2, 3, ..., n-1, n) can use a single electronic signature device to sign in to the server 30 on a fixed telephone, as shown in FIG. 2
  • the server 30 associates the ID of each user with the communication identifier of the fixed telephone currently in use, and when receiving the call for the ID of a certain user, the server 30 associates the ID of the saved user with the communication identifier. And obtaining a communication identifier associated with the ID of the called user, and connecting the call to the fixed telephone corresponding to the communication identifier, thereby implementing the call.
  • the electronic signature device 10 may employ a device having a security chip, wherein the security chip is a chip with cryptographic calculation.
  • the electronic signature device 10 can use a smart card with a security chip, and is connected to the fixed telephone through a wireless method (for example, NFC, Bluetooth, etc.), or an electronic signature key (ie, a KEY) having a security chip.
  • a wireless method for example, NFC, Bluetooth, etc.
  • an electronic signature key ie, a KEY
  • the U shield used by the ICBC, the K-bao used by the Agricultural Bank, and the like are connected to the fixed telephone 30 through a USB interface or an audio port.
  • the specific form is not limited in the embodiment of the present invention.
  • the user may also release the check-in from the server 30, that is, release the association relationship between the ID of the user stored in the server 30 and the communication identifier of the fixed telephone. Therefore, in the optional implementation, the server 30 is further configured to delete the ID of the user and the communication identifier of the fixed telephone after storing the ID of the user in association with the communication identifier of the fixed telephone. Relationship.
  • the release of the check-in may be initiated by the server 30 or by a fixed telephone.
  • the server 30 may release the user's check-in after receiving a call of the user as the called or calling party within a predetermined period of time; or, if the server 30 can instantly obtain the location of the user, the server 30 may Upon detecting that the user (eg, the electronic signature device carried by the user) has moved away from its associated fixed telephone, releasing the association relationship between the ID of the user and the communication identifier of the fixed telephone, releasing the ID of the user and After the association of the communication identifier of the fixed telephone, the server 30 can notify the fixed telephone 20 so that the fixed telephone 20 can know the information, and if the user still needs to use the fixed telephone, the registration needs to be initiated again.
  • the server 30 may notify the fixed telephone 20 so that the fixed telephone 20 can know the information, and if the user still needs to use the fixed telephone, the registration needs to be initiated again.
  • the server 30 is further configured to notify the fixed telephone 20 after the association relationship between the ID of the user and the communication identifier of the fixed telephone 20 is deleted, and the server 30 has released the ID of the user. Sign in.
  • the user may also send a release request to the server 30 through the fixed telephone, requesting the server 30 to release the association relationship between the ID of the user and the communication identifier of the fixed telephone.
  • the user may dial a predetermined additional code through the fixed telephone.
  • the release request is sent to the server 30, or the user can also send a release request to the server 30 through a special key of the fixed telephone (for example, a delete key), or the user can also trigger the fixed telephone 20 to the server through the electronic signature device 10.
  • 30 Sending a release request (for example, a long press of a function key on the electronic signature device to send a release command), and the release request may carry the ID of the user requesting release.
  • the fixed telephone 20 is further configured to send a first release sign-in request to the server 30 after sending the sign-in request to the server 30, where the first release sign-in request carries The ID of the user; the server is further configured to receive the first release sign-in request, and trigger an operation of deleting the association relationship between the ID of the user and the communication identifier of the fixed telephone 20.
  • the calling user does not use the calling fixed telephone for a short time, and the calling user can actively send a release request to the server 30 through the calling fixed telephone.
  • the request server 30 releases the association relationship between the ID of the calling user and the communication identifier of the calling fixed telephone.
  • the called user can also send a request to the server 30 via the called fixed telephone to release the ID of the called user and the called party.
  • the association of the communication identifier of the fixed telephone can release the association with the fixed telephone when a fixed telephone is not used, so that other users can use the fixed telephone, thereby improving the utilization of the fixed telephone.
  • the server 30 may send a logout request, where the logout request may carry the ID of the request for logout, and the server 10 receives the ID.
  • the ID can be logged off, or the server 30 can also revoke an ID at the request of the administrator, that is, the ID is invalidated, and the ID can be reassigned to other users. For example, for a local area network, if one of the users leaves the local area network, the ID of the user can be logged out. With this alternative embodiment, the ID assigned to the user can be effectively managed.
  • the private key of the user may be saved in each electronic signature device, and the ID of the user may be saved in the server 30 corresponding to the public key.
  • the identity of the user can be authenticated during the interaction process, and the corresponding operation is performed after the authentication is passed. That is, during the interaction, the electronic signature device 10 signs the signature data using its private key, and then the fixed telephone 20 transmits the signature data to the server 30, through which the identity of the user can be authenticated.
  • the private key of the user may be stored in the electronic signature device 10, and the public key of the user and the ID of the corresponding user may be stored in the server 30. When the server 30 signs in, the user can perform the signing.
  • the server 30 is further configured to store the ID of the user in association with the communication identifier of the fixed telephone 20.
  • the electronic signature device performs identity authentication, and after the authentication is passed, triggers an operation of associating the ID of the user with the communication identifier of the fixed telephone.
  • the check-in data for example, the ID of the user
  • the other data to be signed for example, the random number generated by the electronic signature device 10, or the data to be signed sent by the server 30, for example, the server 30 generates
  • the signature of the random number or the ID of the called user is not limited.
  • the server 30 uses the public key of the user to verify the signature data after receiving the signature data.
  • the server 30 performs identity authentication on the electronic signature device 10 by: transmitting a first verification request to the fixed telephone 20, and receiving the first returned by the fixed telephone 20.
  • the first signature data carried in the first verification response is checked by the verification response, wherein the information carried in the first verification response is carried in the case where the first verification request carries the first signature data
  • the first signature data obtained by the signature is included; in the case that the first signature data is not carried in the first verification request, the information carried in the first verification response includes: the first to be signed data and the signature obtained.
  • the fixed telephone 20 is further configured to receive the first verification request, and send the first verification request to the electronic signature device 10, and receive the first verification response returned by the electronic signature device 10, and An authentication response is sent to the server 30;
  • the electronic signature device 10 is further configured to receive the first verification request, sign the first signature data, and send the first verification response to the fixed Phone 20.
  • the electronic signature device 10 is further configured to: sign the second to-be-signed data, and send the second to-be-signed data and the second signature data obtained by the signature to the fixed telephone.
  • the fixed telephone 20 is further configured to receive the second signature data sent by the electronic signature device 10 and the second signature data obtained by the signature before sending the check-in request to the server 30; the check-in request sent by the fixed telephone 20 to the server 30;
  • the information carried in the check-in request includes: the user ID, the second to-be-signed data, and the second signature data; or the information carried in the check-in request includes: a second to-be-signed data and a second signature data, wherein the second to-be-signed data includes an ID of the user; the server 30 performs identity authentication on the electronic signature device 10 by performing at least the second signature data according to the second to-be-signed data. Checking.
  • the fixed telephone 20 can also perform identity authentication on the electronic signature device 10, and if the authentication is passed, the check-in request is sent to the server 30. That is, in this alternative embodiment, the fixed telephone 20 is also used to authenticate the electronic signature device 10 prior to transmitting the check-in request to the server 30.
  • the specific authentication method corresponds to the authentication of the electronic signature device 10 by the server 30, that is, the electronic signature device 10 may actively sign the signature data, and send the signature data obtained by the signature data and the signature to the fixed telephone 20, the fixed telephone.
  • the machine 20 performs an inspection based on the received data.
  • the fixed telephone 20 may send a verification request to the accessed electronic signature device 10 when the electronic signature device 10 is detected to be accessed. After receiving the verification request, the electronic signature device 10 performs the signature data. The signature is then returned to the fixed telephone 20 for the verification response, and the fixed telephone 20 checks the signature data carried in the verification response.
  • the server 30 may also perform identity verification on the called user after receiving the call request of the user ID, that is, an optional implementation in the embodiment of the present invention.
  • the server 30 is further configured to: after receiving the call to the ID of the user, send a third verification request carrying the fifth data to be signed to the fixed telephone 20, and receive the fifth signature data returned by the fixed telephone 20.
  • the fifth signature data is checked, after the verification is passed, the operation of connecting the call to the fixed telephone 20 is triggered; the fixed telephone 20 is further configured to receive the third verification request, and send the third verification request.
  • the electronic signature device 10 is further configured to receive the third verification request, and the fifth signature data to be signed The signature is performed, and the fifth signature data obtained by the signature is transmitted to the fixed telephone 20.
  • the fixed telephone 20 may also acquire identity authentication data from the electronic signature device 10, and carry the identity authentication data in the release request (or may also be fixed by the server 30 after initiating the release request).
  • the telephone 20 transmits an authentication request, and the fixed telephone 20 responds to the request of the server 30, and the signature data is signed by the electronic signature device 10 to obtain identity authentication data, and then transmitted to the server 30).
  • the fixed telephone 20 is further configured to receive a second release sign-in request sent by the electronic signature device 10 before sending the release sign-on request to the server 30, where the second release sign-in is received.
  • the request carries the third to-be-signed data and the third signature data obtained by signing the third to-be-signed data;
  • the first release sign-in request further carries the third to-be-signed data and the third signature data;
  • the server 30 follows the following manner The association relationship between the ID of the user and the communication identifier of the fixed telephone is deleted: the third signature data is checked according to the third data to be signed, and after the verification is passed, the association relationship between the ID of the user and the communication identifier of the fixed telephone is deleted.
  • the server 30 is further configured to send and carry to the fixed telephone 20 a second verification request with the fourth data to be signed, and receiving the fourth signature data returned by the fixed telephone, and performing verification on the fourth signature data, after the verification is passed, triggering deletion of the user ID and the fixed telephone
  • the communication identifies the operation of the association relationship;
  • the fixed telephone 20 is further configured to receive the second verification request, and send the second verification request to the electronic signature device 10, and receive the fourth signature data returned by the electronic signature device 10, and
  • the fourth signature data is returned to the server 30.
  • the electronic signature device 10 is further configured to receive the second verification request, sign the fourth to-be-signed data, and send the fourth signature data obtained by the signature to the fixed telephone 20.
  • the server 30 may also perform identity authentication on the user first, and then pass the authentication. Perform the follow-up process.
  • the malicious side of the call is prevented from being spoofed, and the security of the call system is improved.
  • the server 30 in order to be compatible with the current telephone call system, after the server 30 is configured to receive a call to the user's ID, determine that the type of the call is a preset call type, triggering the call to be connected.
  • the server 30 After the server 30 receives a call, it first determines the type of the call. When the type of the call is the type of the ID of the calling user, the association relationship between the stored user ID and the communication identifier of the fixed telephone is used. Make a call connection, otherwise, follow the existing call mode.
  • the fixed telephone 20 can be connected to the electronic signature device 10 through a wireless connection, or can be connected by a wired manner.
  • the wireless manner can include, but is not limited to, Bluetooth, WIFI, NFC, and infrared. Or RFID, etc.; wired methods can include but are not limited to: USB, audio (headphone plug) RJ11, RJ45 or serial port.
  • this embodiment provides a calling method.
  • the user registers the ID of the user for the electronic signature device used by the user on the server, and the electronic signature device saves the ID of the user;
  • the fixed telephone obtains the ID of the user from the electronic signature device,
  • the server sends a sign-in request, and the sign-in request carries the ID of the user, and the server associates and stores the ID of the user with the communication identifier of the fixed telephone currently used by the user, and after receiving the call request of the other user to the ID of the user,
  • the association relationship between the ID of the user and the communication identifier establishing a call link of the fixed telephone used by the other user and the fixed telephone corresponding to the communication identifier, so that the user forgets to bring the mobile phone or inconveniences with the mobile phone, or In the case that the user can only make or receive a call in a fixed manner, as long as the electronic signature device is carried with him, To make a call or answer a call by the user on any fixed telephone using an electronic signature device.
  • the calling method provided in this embodiment may mainly include the following steps (S302 to S308).
  • Step S302 the fixed telephone acquires the ID of the user from the electronic signature device.
  • the ID of the user is a unique identifier registered by the user on the server for the electronic signature device used by the user; when registering, the electronic signature device saves the ID of the user, and the ID of the user may be but not limited to the following: numbers, letters, characters , one of the Chinese characters or a combination thereof. This ID is equivalent to the telephone number of the user in the existing communication system, which is convenient for the calling fixed telephone to call the called user.
  • the electronic signature device includes, but is not limited to, an electronic signature key (KEY device such as U shield of ICBC or K Bao of ABC), a smart card with a security chip, etc., wherein the security chip can perform signature calculation and addition.
  • KY device such as U shield of ICBC or K Bao of ABC
  • the security chip can perform signature calculation and addition.
  • the function of decrypting the operation and negotiating the transmission key is not limited to, an electronic signature key (KEY device such as U shield of ICBC or K Bao of ABC), a smart card with a security chip, etc.
  • the fixed telephone may obtain the ID of the user from the electronic signature device when the electronic signature device is connected to the fixed telephone, or may indicate the fixed telephone after the user accesses the fixed telephone using the electronic signature device.
  • the check-in request is sent (the instruction command may be input from the fixed telephone, or may be input from the electronic signature device and then sent to the fixed telephone by the electronic signature device), the fixed telephone obtains the ID of the user from the electronic signature device.
  • the specific embodiment is not limited.
  • the fixed telephone may further perform identity authentication on the electronic signature device. That is, the electronic signature device sends an identity authentication data to the fixed telephone. After receiving the identity authentication data, the fixed telephone device authenticates the electronic signature device, and after the authentication is passed, performs the subsequent steps.
  • the identity verification of the electronic signature device by the fixed telephone includes but is not limited to the following two methods:
  • a fixed telephone (fixed telephone can be called fixed telephone or calling fixed telephone) generates a random number R1;
  • the fixed telephone sends the random number R1, the signature value S1 and the digital certificate of the fixed telephone to the electronic signature device (which may be the first electronic signature device or the second electronic signature device);
  • the electronic signature device uses the pre-stored root certificate to verify the validity of the digital certificate of the received fixed telephone. If the digital certificate of the fixed telephone is verified to be legal, A5 is executed, and if the digital certificate of the fixed telephone is verified If it is illegal, the identity authentication process is stopped. If necessary, the fixed telephone can be fed back a message that the verification certificate fails.
  • the electronic signature device obtains the public key of the fixed telephone from the digital certificate of the fixed telephone, and performs the verification of the received signature value S1 by using the public key of the fixed telephone. If the verification is passed, A6 is executed, if the verification is performed If not, then Stop the identity authentication process, and also feed back to the fixed telephone the message that the verification is not passed;
  • the electronic signature device generates a random number R2.
  • the electronic signature device signs the random number R2 and the received random number R1 to generate a signature value S2;
  • the electronic signature device sends the random number R2, the signature value S2, and the digital certificate of the electronic signature device to the fixed telephone;
  • the fixed telephone uses the pre-stored root certificate to verify the validity of the digital certificate of the received electronic signature device. If the digital certificate of the electronic signature device is verified to be legal, execute A10, if the digital certificate of the electronic signature device is verified. If it is illegal, the identity authentication process is stopped. If necessary, the electronic signature device can feed back a message that the verification certificate fails.
  • the fixed telephone obtains the public key of the electronic signature device from the digital certificate of the electronic signature device, and uses the public key of the electronic signature device to perform the verification of the received signature value S2. If the verification is passed, the subsequent operation is performed. If the signing fails, the identity authentication process is stopped, and the message that the verification is not passed can also be fed back to the electronic signature device.
  • the fixed telephone (the fixed telephone can be the fixed telephone or the fixed telephone) can generate a random number R1, and send the random number R1 to the electronic signature device;
  • the electronic signature device (which may be the first electronic signature device or the second electronic signature device) generates a random number R2, and sends the random number R2 and the digital certificate of the electronic signature device to the fixed telephone;
  • the fixed telephone uses the pre-stored root certificate to verify the legality of the digital certificate of the received electronic signature device. If the digital certificate of the fixed telephone is verified to be legal, B4 is executed, and if the digital certificate of the fixed telephone is verified If it is illegal, the identity authentication process is stopped. If necessary, the electronic signature device can feed back a message that the verification certificate fails.
  • the fixed telephone sends the signature value S1 and the digital certificate of the fixed telephone to the electronic signature device;
  • the electronic signature device uses the pre-stored root certificate to verify the legality of the digital certificate of the received fixed telephone. If the digital certificate of the fixed telephone is verified to be legal, B7 is executed, and if the digital certificate of the fixed telephone is verified If it is illegal, the identity authentication process is stopped. If necessary, the fixed telephone can be fed back a message that the verification certificate fails.
  • the electronic signature device obtains the public key of the fixed telephone from the digital certificate of the fixed telephone, and performs the verification of the received signature value S1 by using the public key of the fixed telephone. If the verification is passed, the subsequent operation is performed. If the signing fails, the identity authentication process is stopped, and the message that the verification is not passed can also be fed back to the fixed telephone.
  • Step S304 the fixed telephone sends a check-in request to the server, where the check-in request carries the ID of the user.
  • the fixed telephone may be executed after the electronic signature device is connected to the fixed telephone. Step S302, and then executing step S304, or after receiving the instruction to send the sign-in request after the electronic signature device accesses the fixed telephone, step S304 is performed.
  • Step S306 the server receives the sign-in request, and stores the ID of the user in association with the communication identifier of the fixed telephone.
  • the user uses the electronic signature device to submit a registration application to the server, and the server may apply the certificate to the electronic signature device or use the certificate of other authentication unit methods existing in the electronic signature device.
  • the user assigns a unique identifier as the ID of the user, and binds the ID of the user to the certificate issued to the electronic signature device, whereby the server can verify the identity of the electronic signature device by the certificate issued for the electronic signature device.
  • registration can be done by one of the following methods:
  • Method 1 The user sends an account application to the server by using the electronic signature device. After the server verifies the user identity, the server sends a key generation instruction to the electronic signature device, the electronic signature device generates a key pair, and sends the public key to the server, and the server generates the electronic
  • the public key certificate of the signature device is assigned the unique identifier as the ID of the user, the user ID is bound to the public key certificate, and the certificate is issued for the electronic signature device, and the issued certificate is sent to the electronic signature device, and the electronic signature device saves The certificate issued by the server. In this way, the key pair is generated by the electronic signature device to ensure the security of the key.
  • Method 2 The user sends an account application to the server by using the electronic signature device. After the server verifies the user identity, the server sends a read certificate instruction to the electronic signature device, and the electronic signature device sends the certificate to the server, and the server verifies the validity of the certificate and is in the certificate. After being legal, the unique ID is assigned as the ID of the user, and the ID of the user is bound to the certificate and stored. In this way, the existing certificate of the electronic signature device is used for binding, which improves the registration efficiency.
  • the fixed-telephone when the fixed-telephone sends the check-in request, the fixed-telephone can carry the identity in the check-in request in addition to the ID of the user.
  • the authentication data is sent to the server so that the server authenticates the user's identity and ensures that the identity is legal. That is, before step S304, the electronic signature device signs the signature data, obtains the identity authentication data, and sends the identity authentication data to the fixed telephone, and the fixed telephone carries the identity authentication data in the sign-in request and sends the identifier to the server; the identity authentication data It can be obtained in one of the following ways:
  • Method 1 The signature data obtained by the electronic signature device signing the ID of the user.
  • signature data obtained by signature of the electronic signature device to be signed data may include single authentication data, and the single authentication data may be generated by the electronic signature device (in this case, the check-in request is also The single authentication data is carried, and can also be sent by the fixed telephone to the server and sent to the electronic signature device.
  • the single authentication data may be one of a random number and an event factor or a combination thereof, wherein the event factor may be generated every time a cumulative +1 or an arbitrary value is generated.
  • the signature data obtained by the electronic signature device signing the signature data and the ID of the user, wherein the data to be signed may include single authentication data, and the single authentication data may be generated by the electronic signature device (in this case)
  • the check-in request also carries the single-time authentication data, it may also be received by the fixed-line telephone and sent to the electronic signature device.
  • the single authentication data may be one of a random number and an event factor or a combination thereof, wherein the event factor may be generated every time a cumulative +1 or an arbitrary value is generated.
  • Method 4 The password set by the electronic signature device at the time of registration or the dynamic password generated by the dynamic port token associated with the electronic signature device.
  • the server may also perform the identity authentication data sent by the received fixed telephone.
  • the authentication and after the authentication is passed, performs the step of associating and storing the user's ID with the communication identifier of the called fixed telephone.
  • the server may perform identity authentication by verifying the signature data by the public key of the electronic signature device stored by the user when registering the electronic signature device on the server, or verify the static password or the dynamic password for identity authentication. Therefore, it is ensured that the step of associating and storing the ID of the user with the communication identifier of the fixed telephone is performed only after the identity of the authenticated user is legal, thereby ensuring the legitimacy of the user's sign-in.
  • the server sends a first verification request to the fixed telephone after receiving the check-in request; the fixed telephone receives the first verification. And signing the request, and sending the first verification request to the electronic signature device; the electronic signature device receives the first verification request, signs the first signature data, and sends a first verification response to the fixed telephone, wherein
  • the information carried in the first verification response includes: the first signature data obtained by the signature; and the first signature data not carried in the first verification request.
  • the information carried in the first verification response includes: the first signature data and the first signature data obtained by the signature; the fixed telephone sends the received first verification response to the server; the server receives the first A check response is performed, and the first signature data carried in the first check response is checked.
  • Step S308 the server receives the call to the ID of the user, and connects the call to the fixed telephone corresponding to the communication identifier according to the association relationship between the ID of the user and the communication identifier of the fixed telephone.
  • the server may also authenticate the ID of the user who called, so that it can be verified whether the called user is online. That is, the server sends a third verification request to the fixed telephone corresponding to the communication identifier associated with the ID of the called user, wherein the third verification request carries the fifth signature data; the fixed telephone receives the third verification request.
  • the electronic signature device receives the third verification request, and signs the fifth to-be-signed data; the electronic signature device sends the signed fifth signature data to the fixed telephone;
  • the fixed telephone sends the received fifth signature data to the server; the server receives the fifth signature data, performs the verification of the fifth signature data, and after the verification is passed, performs the step of connecting the call to the fixed telephone.
  • the server receives the server in order to be compatible with the current telephone call system. After the call to the user's ID, it is determined that the type of the call is a preset call type, and the step of connecting the call to the fixed telephone is performed. That is, in this alternative embodiment, the server can implement two types of calling modes, one is the existing calling mode, that is, the way of calling the telephone number used by each fixed telephone, and the other is the ID of the calling user. After the server receives a call, it first determines the type of the call. When the type of the call is the type of the ID of the calling user, the server performs the call according to the association relationship between the stored user ID and the communication identifier of the fixed telephone. Continue, otherwise, follow the existing call method. Determining that the type of the call is a preset call type, performing the step of connecting the call to the fixed telephone.
  • the server may also delete the association relationship between the ID of the user and the communication identifier of the fixed telephone. Based on this, the server can release the check-in to the user without affecting the normal use of the fixed telephone set by the user.
  • the server may trigger the release of the check-in process for the called user by at least one of the following methods: after receiving the release check-in instruction sent by the called fixed-line telephone, the server determines that the check-in needs to be released.
  • the fixed telephone after the fixed telephone transmits the sign-in request to the server, and the server deletes the association between the ID of the user and the communication identifier of the fixed telephone, the fixed telephone sends the first to the server. Release the sign-in request, wherein the first release sign-in request carries the ID of the user; the server receives the first release sign-in request.
  • the server may also verify the identity of the user to ensure that the identity of the user who is released is legal. Therefore, in the optional implementation, before the fixed telephone sends the release sign-in request to the server, the fixed telephone receives the second release sign-in request sent by the electronic signature device (which may be sent by the electronic signature device to the fixed telephone, The second release sign-in request carries the third signature data and the third signature data obtained by signing the third signature data; the fixed telephone is sent to the server.
  • the first release sign-in request sent also carries the third to-be-signed data and the third signature data;
  • the association between the server deleting the ID of the user and the communication identifier of the fixed telephone may include: the server according to at least the third to-be-signed data
  • the third signature data is checked, and after the verification is passed, the association between the ID of the user and the communication identifier of the fixed telephone is deleted.
  • the server may send a second verification request to the fixed telephone, wherein the second verification
  • the signing request carries the fourth to-be-signed data
  • the fixed telephone receives the second verification request, and sends the second verification request to the electronic signature device
  • the electronic signature device receives the second verification request, and the fourth signature is signed
  • the data is signed
  • the electronic signature device sends the signed fourth signature data to the fixed telephone
  • the fixed telephone sends the received fourth signature data to the server
  • the server receives the fourth signature data, and performs the fourth signature data.
  • the step of deleting the association between the ID of the user and the communication identifier of the fixed telephone is performed.
  • the server may also notify the fixed telephone after the association between the ID of the user and the communication identifier of the fixed telephone is deleted, and the server has released the user. Sign in for the ID. Thereby, the fixed telephone can acquire the check-in of the ID of the user that the current server has released.
  • a fixed transmission key can be negotiated between the fixed telephone and the electronic signature device, and the transmission key is sent to the server, the server.
  • the transport key is saved for subsequent encryption/decryption of data transmission between the fixed telephone, the server, and the electronic signature device.
  • the server can thereby associate the fixed telephone with the user. Therefore, when receiving the call from the calling fixed telephone to the user, the call of the calling fixed telephone is connected to the fixed telephone set by the user, thereby ensuring that the called user uses the fixed telephone regardless of which fixed telephone. As long as the check-in is made at the fixed telephone, the called user can be found and conveniently used.
  • This embodiment provides a fixed telephone.
  • FIG. 4 is a schematic structural diagram of a fixed telephone provided by the embodiment.
  • the fixed telephone apparatus mainly includes: a second transceiver module 402, configured to acquire an ID of a user from an electronic signature device; and the first transceiver module 404 And sending a check-in request to the server, where the check-in request carries the ID of the user; the call module 406 is configured to receive the call sent by the server, and establish a call with the calling end.
  • the user ID is not fixedly bound to a fixed telephone by using the technical solution provided by the embodiment of the present invention, and the user can be conveniently used by the electronic signature device 10.
  • the ID is associated with different fixed telephones, so that even if a fixed telephone is used, the user can answer the call using different fixed telephones through the same ID, thereby realizing the mobility of the fixed telephone.
  • the user can conveniently use any fixed telephone to answer the call through the same ID, and different users can also answer the call through the same fixed telephone, thereby improving the utilization rate of the device.
  • the first transceiver module 404 is further configured to receive a first verification request sent by the server; the second transceiver module 402 is further configured to send the first verification request to the electronic signature device, and receive the returned by the electronic signature device.
  • the first check response wherein, in the case that the first check request carries the first to-be-signed data, the information carried in the first check response includes: the first signature data obtained by the signature, and the first check request In the case that the first to-be-signed data is not carried, the information carried in the first verification response includes: first to-be-signed data and signature-derived first signature data; and the first transceiver module 404 is further configured to receive The first check response is sent to the server.
  • the second transceiver module 402 is further configured to receive the second to-be-signed data and the electronic signature sent by the electronic signature device.
  • the second signature data obtained by the name device signing the second to-be-signed data;
  • the information carried in the sign-in request sent by the first transceiver module 404 includes: the user ID, the second to-be-signed data, and the second signature data; or, the sign-in
  • the information carried in the request includes: second to-be-signed data and second signature data, wherein the second to-be-signed data includes an ID of the user.
  • the method further includes: an authentication module, configured to perform identity authentication on the electronic signature device.
  • an authentication module configured to perform identity authentication on the electronic signature device.
  • the first transceiver module sends a check-in request to the server.
  • the first transceiver module 404 is further configured to send a first release check-in request to the server, where the first release check-in request carries the ID of the user. That is, the fixed telephone can actively send a release check-in request, so that the server can be notified when a fixed telephone is used when the user is no longer used, so that other users can use the fixed telephone, thereby increasing the usage rate of the fixed telephone.
  • the second transceiver module 402 is further configured to receive a second release sign-in request sent by the electronic signature device, where the second release sign-in request carries the third to-be-signed data and signs the third to-be-signed data.
  • the third signature data may be carried in the first release sign-in request sent by the first transceiver module 404.
  • the third signature data and the third signature data may also be carried.
  • the fixed telephone transmits the identity authentication data to the server at the same time when the release is initiated, so that the server can perform authentication at the same time, which improves security and saves the process.
  • the first transceiver module 404 is further configured to receive a second verification request that is sent by the server and carry the fourth to-be-signed data.
  • the second transceiver module 402 is further configured to send the second verification request to the electronic signature device.
  • receiving the electronic signature device to return the fourth signature data obtained by signing the fourth to-be-signed data; the first transceiver module 402 is further configured to return the fourth signature data to the server.
  • the fixed telephone informs the electronic signature device to sign in the event that the server initiates the verification request.
  • the first transceiver module 404 is further configured to receive a notification sent by the server, where the notification indicates that the server has released the check-in of the ID of the user.
  • the server actively releases the check-in, the fixed telephone can be informed in time to avoid the situation where the important telephone is missed because the user does not know the server to release the check-in.
  • the first transceiver module 404 is further configured to: before the call module receives the call sent by the server, receive a third check request that is sent by the server and carries the fifth to-be-signed data; the second transceiver module 402 is further configured to: The third verification request is sent to the electronic signature device, and the received electronic signature device returns the fifth signature data obtained by signing the fifth to-be-signed data.
  • the first transceiver module 404 can also be configured to send the fifth signature data to the server. . This allows the server to determine if the user is online before connecting the call to the fixed telephone.
  • the call method and system provided in the foregoing embodiments can associate the ID of the user with different fixed telephones, so that the user only needs to carry the electronic signature device storing the ID. It is possible to make or receive calls using different fixed telephones through the same ID, compared to the telephones of users in the prior art.
  • the number can only be fixed on a fixed telephone.
  • the telephone number can be flexibly linked to any fixed telephone, which realizes the flexible movement of the telephone number.
  • different users can also receive calls through the same fixed telephone, which improves the utilization of the equipment.
  • the fixed telephone can use its electronic signature device for identity authentication and negotiate the transmission key. By authenticating the calling or called user, the malicious party can avoid malicious spoofing and improve the security of the call system. .
  • the transmission key is used to encrypt and decrypt the transmission data to ensure the security of the call data.
  • the embodiment provides a call system.
  • the electronic signature device 200 and the terminal 100 are connected.
  • the electronic signature device 200 and the terminal 100 are connected by wire or wirelessly.
  • the electronic signature device 200 is configured to store the ID of the user.
  • the terminal 100 reads the ID of the user stored therein through the electronic signature device 200, and sends the ID of the user to the network side.
  • the network side is notified that the user is currently using the terminal, so that the network side can connect the call request calling the ID of the user to the terminal 100. Thereby the mobility of the "called number" (ie the ID of the called user) is achieved.
  • the terminal 100 may adopt a structure as shown in FIG. 6.
  • the embodiment of the present invention provides a terminal 100 (also referred to as a cloud phone device).
  • the terminal includes a communication interface 101, a control module 102, and an electronic signature device interface 103. among them,
  • the electronic signature device interface 103 is configured to receive the check-in data from the electronic signature device 200 and send the check-in data to the control module 102.
  • the check-in data includes at least the ID of the user of the terminal 100.
  • the electronic signature device interface 103 may be wired.
  • the interface, such as a USB interface, an audio interface, etc., the electronic signature device interface 103 can also be a wireless interface, such as Bluetooth, wifi, NFC, radio frequency, and the like.
  • the check-in data ie, the ID of the user
  • the terminal 100 may also obtain the check-in data by other means.
  • the user may input the ID of the user at the terminal (handwriting input or Voice input), or the user inputs the ID (handwriting input or voice input) of the user at the electronic signature device 200, and the terminal receives the ID of the user transmitted by the electronic signature device 200.
  • the check-in data is used to indicate that the server is currently using the terminal.
  • the control module 102 is configured to send the check-in data to the communication interface 101;
  • the communication interface 101 is configured to send out the check-in data.
  • the communication interface is an interface for connecting to the telephone network for communication of the terminal 100 with the outside world.
  • the terminal 100 of the embodiment of the present invention may be a device such as a fixed telephone, a mobile phone, or a tablet computer.
  • the electronic signature device 200 is a device for identity authentication, and may be an existing smart password key such as USBKEY, Bluetooth KEY, and audio code KEY.
  • the composite KEY or the like may also be an identity authentication device exclusively for the purpose of embodiments of the present invention.
  • the electronic signature device 200 smart cryptographic key
  • the terminal 100 of the embodiment of the present invention cloud phone installation
  • the user can use any terminal.
  • the service manager can connect the call to any terminal.
  • a “called number” ie, the ID of the called user
  • the mobility of the “called number” is realized.
  • the terminal 100 may further include: an earpiece 104 and a microphone 105; the handset and the microphone ensure that the user can make a call through the terminal 100.
  • the communication interface 101 is further configured to receive the first call data from the outside, and send the first call data to the control module 102.
  • the control module 102 is further configured to correspond to the first call data.
  • the second call data is sent to the handset 104; the third call data sent by the microphone 105 is received, and the fourth call data corresponding to the third call data is sent to the communication interface 101; the communication interface 101 is further used to send the fourth call data.
  • the communication interface 101 can connect to the service manager through a network to send data to the network side.
  • the server may connect the call of the ID of the calling user to the terminal currently signed by the user, and the “called number” (ie, the ID of the called user) may not be fixed on one terminal, and the called number is implemented.
  • the mobility of the ID of the called user may not be fixed on one terminal, and the called number is implemented.
  • the electronic signature device interface 103 is further configured to receive, from the electronic signature device 200, identity authentication data obtained by signing the signature data by the electronic signature device 200, and send the identity authentication data to the control module.
  • the control module 102 is further configured to send the identity authentication data to the communication interface 101; the communication interface 101 is further configured to send the identity authentication data.
  • the data to be signed may be sent by the communication interface 101 from the network side to the electronic signature device 200 through the electronic signature device interface 103, or may be determined by the electronic signature device 200.
  • the electronic signature device 200 can send the plaintext of the data to be signed together with the identity authentication data to the network side.
  • the electronic signature device 200 generates the identity authentication data, which may be triggered by the network side, or may be triggered by the control module 102 according to a preset rule.
  • the smart cryptographic device can be used to authenticate the identity of one or both parties or multiple parties, ensuring that the identity of one or both parties or parties is legal and the security of the call is guaranteed.
  • the call data sent by the terminal 100 may be encrypted by the electronic signature device 200, and the call data received by the terminal 100 is decrypted. Therefore, in the optional implementation, the second call data may be obtained by decrypting the first call data via the electronic signature device 200; and the fourth call data may be obtained by encrypting the third call data via the electronic signature device 200. of.
  • the encrypted data sent by other terminals on the network is received by the communication interface 101, and the received encrypted data is decrypted by the electronic signature device 200 and transmitted to the earpiece 104, and the user hears the correct decryption at the earpiece 104.
  • the microphone 105 receives the user's voice data, sends the voice data to the electronic signature device 200, is encrypted by the electronic signature device 200, and then sent to the communication.
  • the interface 101 is sent out to ensure the security of sending and receiving data and prevent leakage of user information.
  • the call data is encrypted and decrypted used in the electronic signature device 200.
  • the encryption and decryption key (which may be referred to as a transmission key) may also be replaced in time to improve the security level.
  • the electronic signature device 200 of both parties of the call may replace the transmission key in the following manner: (1) according to the hopping trigger factor , the current transmission key is hopped into a new transmission key; (2) the key hopping instruction is obtained, and the current transmission key is hopped into a new transmission key.
  • the hopping triggering factor includes, but is not limited to, at least one of the following: a hopping period, a hopping time point, and a call data amount.
  • the key hopping instruction includes but is not limited to at least one of the following: a key hopping instruction sent by the opposite end of the call, an input key hopping instruction, and a key hopping instruction generated according to a preset rule.
  • a key hopping instruction sent by the opposite end of the call includes but is not limited to at least one of the following: a key hopping instruction sent by the opposite end of the call, an input key hopping instruction, and a key hopping instruction generated according to a preset rule.
  • the user can be provided with multiple implementations of transport key replacement.
  • the terminal 100 may further include: an input device 106; the input device 106 is configured to provide a user with input information to the terminal 100, and the input device 106 may be a keyboard or the like.
  • the ID of the called user can be input through the input device 106.
  • the input device 106 receives the input first input data, and sends the first input data to the control module 102.
  • the control module 102 sends the second input data corresponding to the first input data to Communication interface 101.
  • the second input data is obtained by encrypting the first input data via the electronic signature device 200. Therefore, the called phone can be guaranteed not to be intercepted by others, preventing information leakage and improving call security.
  • the electronic signature device is used to store the ID of the user, and the user only needs to carry a small electronic signature device to connect the electronic signature device to any terminal.
  • the service manager can The user's ID is the called call connected to the arbitrary terminal.
  • a “called number” ie, the ID of the called user
  • the embodiment of the invention further provides a call system, which is implemented based on the foregoing terminal, and includes a plurality of the foregoing terminals and a plurality of electronic signature devices.
  • a call system which is implemented based on the foregoing terminal, and includes a plurality of the foregoing terminals and a plurality of electronic signature devices.
  • the terminal and the electronic signature device cooperate with a service manager (which may be referred to as a server) on the network side to form a call network, and all terminals in FIG. 7 are remotely connected to the service manager through the network.
  • the terminal can implement time-division multiplexing and time-division connection of electronic signature devices of different users, thereby improving the utilization rate of the device.
  • the present embodiment provides another type of terminal.
  • the difference between the terminal in this embodiment and the terminal in the embodiment 4 is that the control module in this embodiment is a security chip, and the security chip has a password calculation function, and can perform an encryption/decryption operation. Only the differences from the embodiment 4 in this embodiment will be briefly described below.
  • the terminal 300 includes: a communication interface 301, a control module 302, and an electronic signature device interface 303.
  • the electronic signature device interface 303 is configured to receive the check-in data from the electronic signature device and send the check-in data to the control module.
  • the check-in data includes at least an ID of the user of the terminal, and the control module 302 is configured to send the check-in data.
  • the communication interface 301 is used to send the check-in data.
  • the terminal 300 may further include: an earpiece 304 and a microphone 305; the communication interface 301 may further be configured to receive first call data from the outside, and send the first call data to the control module 302; the control module 302, The second call data corresponding to the first call data is sent to the handset 304; the third call data sent by the microphone 305 is received, and the fourth call data corresponding to the third call data is sent to the communication interface 301; the communication interface 301 It can also be used to send out the fourth call data.
  • control module 302 is a security chip 307.
  • the security chip can independently encrypt and decrypt data, so that data is not transmitted to the electronic signature device for encryption and decryption, which saves transmission time and improves call efficiency.
  • the second call data is obtained by decrypting the first call data via the security chip 307; and the fourth call data is obtained by encrypting the third call data via the security chip 307.
  • the encrypted data sent by other telephones on the network is received by the communication interface 301, and the received encrypted data is decrypted by the security chip 307 and transmitted to the handset.
  • the user hears the correctly decrypted data in the handset (that is, the user can normally hear the other party's data.
  • the microphone receives the voice data of the user, sends the voice data to the security chip 307, and is encrypted by the security chip and then sent to the communication interface for outgoing, thereby ensuring the security of the data to be sent and received. Prevent the leakage of user information.
  • the terminal 300 may further include: an input device 306, configured to provide a user with input information to the terminal, and the input device may be a keyboard or the like.
  • the input device may be a keyboard or the like.
  • the security chip 307 can also encrypt the data input by the input device 306.
  • the input device 306 is configured to receive the input first input data. And sending the first input data to the security chip 307; the security chip 307, configured to send the second input data corresponding to the first input data to the communication interface 301; the second input data is the first input data via the electronic signature device 40 Obtained by encryption. Thereby, the transmission of the user input information can be ensured.
  • the security chip 307 is further configured to receive the transport key from the electronic signature device interface 303 and save the transport key.
  • the transport key used by the security chip 307 is generated by the electronic signature device 200 to further ensure the security of data transmission.
  • the security chip 307 can also be used to receive the release check-in data from the electronic signature device interface 303 or the communication interface 301 or the input device, and delete the saved transmission key.
  • the release check-in process can be triggered when the call is over, or when the user is not at the terminal, or by pressing a special button.
  • the security chip 307 on the terminal when receiving the release check-in data, deletes the saved transport key when releasing the check-in in order to ensure the security of the key.
  • the transmission key stored in the terminal can be released in time to avoid the problem that other users cannot use the terminal because the transmission key cannot be deleted in time.
  • the security chip 307 can also be used to enter the electronic signature device 40. Line certification.
  • the security chip 307 may pre-save the public key of the called user.
  • the electronic signature device 40 may be instructed to send the identity authentication data, and the electronic signature device 40 receives After the indication, the signature data is signed by the private key to obtain the identity authentication data, and the identity authentication data is sent to the security chip 307.
  • the security chip 307 authenticates the identity authentication data by using the public key, and after the authentication is passed, continues. Perform the follow-up process.
  • the data to be signed may be sent by the security chip 307 to the electronic signature device 40, or may be determined by the electronic signature device 40. In this case, the electronic signature device 40 may be to be signed.
  • the plaintext of the data is sent to the security chip 307 along with the authentication data.
  • the identity verification of the electronic signature device 40 by the security chip 307 may also be other forms of authentication, such as authentication by means of a password.
  • the terminal can also verify the real identity of the electronic signature device, prevent the fraud of the fake electronic signature device, and ensure the security of the user.
  • the security chip 307 can also be used to change the current transport key strip into a new transport key. Regularly replace the new transmission key to ensure transmission security.
  • a call system is provided.
  • FIG. 9 is a schematic structural diagram of a call system according to an embodiment of the present invention.
  • a call system according to an embodiment of the present invention includes: a called terminal 110, a calling terminal 120, a server 130, and a called terminal 110.
  • the connected first electronic signature device 140 is not limited to a call system according to an embodiment of the present invention.
  • the called terminal 110 is a terminal supporting the electronic signature device, and the called user registers with the server 130 by using the first electronic signature device 140 used by the called user, and the server 130 assigns a called user to the called user.
  • the unique identifier (referred to as the ID of the called user in the embodiment of the present invention), the unique identifier is stored in the first electronic signature device 140, by which the entire network can uniquely identify the called user and the called user.
  • the server can connect the call calling the ID to the terminal currently used by the user (ie, the called terminal 110) according to the ID of the called user.
  • the check-in means that the user uses the called terminal 110 to send the ID of the called user stored in the first electronic signature device 140 to the server 130.
  • the server 130 After receiving the ID of the called user, the server 130 The ID of the called user is associated with the communication identifier of the called terminal 130, so that the server 130 knows the terminal currently used by the called user.
  • the server 130 After the called user completes the sign-in at the server 130 at the called terminal 110, the server 130 receives the call request of the calling terminal 120 to call the ID of the called user, and finds the communication identifier associated with the ID of the called user. The call is connected to the terminal corresponding to the communication identifier (ie, the called terminal 110).
  • the ID of the called user is not fixedly bound to one terminal, and the ID of the called user can be conveniently associated with different terminals by using the first electronic signature device 140.
  • the user can use different terminals to answer the call through the same ID, thereby realizing the mobility of the fixed telephone.
  • the user does not need to carry the mobile terminal with the SIM card installed anywhere, as in the prior art, and only needs to carry the first electronic signature device 140 storing the ID.
  • the user can conveniently use any terminal (including the fixed terminal and the mobile terminal, that is, the called terminal 110 can be a fixed terminal or a mobile terminal) to receive the call through the same ID, different. Users can also answer calls through the same terminal, which improves the utilization of the device.
  • the called terminal 110 can be a fixed terminal or a mobile terminal
  • the communication identifier of the terminal may be a network port allocated by the network for the terminal, and for the mobile terminal, the communication identifier of the terminal may be the authentication of the SIM card of the mobile terminal.
  • a key, etc., for a client that can make a call on the terminal the communication identifier may be an IP address currently used by the client, etc.
  • the communication identifier may also be another identifier of the terminal, as long as the network side passes The identifier may be connected to the terminal, which is not limited by the embodiment of the present invention.
  • the system may further include: a second electronic signature device 150 connected to the calling terminal 120.
  • the calling user can also initiate a check-in to the server 130 through the calling terminal 120, read the ID of the calling user from the second electronic signature device 150, and send the ID of the calling user to the server 130.
  • the server 130 associates the ID of the calling user with the communication identifier of the calling terminal 120.
  • the server 130 when receiving the call request from the calling terminal 120, the server 130 can provide the called party's ID to the called party according to the ID of the calling user associated with the calling terminal 120, thereby making the called party
  • the user can determine the identity of the calling user. That is, in the embodiment of the present invention, a system as shown in FIG.
  • each user (1, 2, 3, ..., n-1, n) respectively performs an operation to the server 130 on one terminal by using one electronic signature device.
  • the server 130 associates the ID of each user with the communication identifier of the terminal currently used by the calling user.
  • the calling user uses the ID of the called user as the called identifier to initiate a call to the server 130 through the calling terminal 120, and the server 130 receives the call request. Thereafter, the ID of the called user is obtained from the call request, the communication identifier associated with the ID of the called user is searched, and then the call is connected to the called terminal 110 corresponding to the communication identifier.
  • the calling party when the user is not at the location of the telephone used by the user, for example, when the telephone is called by another user's telephone, the called user cannot know that the telephone is dialed by the user, possibly Will not pick up or miss, miss important calls, or misunderstand the two sides, will cause inconvenience to the user's work or life.
  • the called party displays the ID of the calling user, thereby solving the problem that the called user cannot know the call. The problem of the identity of the calling party of the call, thereby improving the user experience.
  • the user may also release the check-in from the server 130, that is, release the association relationship between the ID of the user stored in the server 130 and the communication identifier of the terminal.
  • the release of the check-in may be initiated by the server 130 or initiated by the terminal.
  • service The device 130 may release the user's check-in after receiving a call of the user as the called or calling party within a predetermined period of time; or, if the server 130 can immediately obtain the location of the user, the server 130 may detect When the user (for example, the electronic signature device carried by the user) has moved away from its associated terminal, the association relationship between the ID of the user and the communication identifier of the terminal is released.
  • the user may send a release request to the server 130 through the terminal, requesting the server 130 to release the association relationship between the ID of the user and the communication identifier of the terminal.
  • the user may dial a predetermined additional code through the terminal to send a release to the server 130.
  • the request, or the user may also send a release request to the server 130 through a special key of the terminal (for example, a delete key), or the user may also trigger the terminal to send a release request to the server 130 through the electronic signature device (for example, a long press can be set A function key on the signature device sends a release command.
  • the release request can carry the ID of the user requesting release. For example, after the calling user ends the call with the called user, the calling user does not use the calling terminal 120 for a short time, and the calling user can actively send a release request to the server 130 through the calling terminal 120, requesting the server. 130 releases the association relationship between the ID of the calling user and the communication identifier of the calling terminal 120.
  • the called user may also send a request to the server 130 via the called terminal 110 to release the communication between the ID of the called user and the called terminal 130.
  • the association of the identity With this optional embodiment, the user can release the association relationship with the terminal when a certain terminal is not used, so that other users can use the terminal, thereby improving the utilization rate of the terminal.
  • the server 130 may send a logout request, and the logout request may carry the ID for requesting the logout, and the server 130 receives the ID.
  • the ID can be logged off, or the server 130 can also revoke an ID at the request of the administrator, that is, the ID is invalidated, and the ID can be reassigned to other users. For example, for a local area network, if one of the users leaves the local area network, the ID of the user can be logged out. With this alternative embodiment, the ID assigned to the user can be effectively managed.
  • the first electronic signature device 140 may employ a device having a security chip, wherein the security chip is a chip with cryptographic calculation.
  • the first electronic signature device 140 may use a smart card with a security chip, connect to the terminal through a wireless manner (for example, NFC, Bluetooth, etc.), or use an electronic signature key (ie, KEY) with a security chip.
  • a wireless manner for example, NFC, Bluetooth, etc.
  • an electronic signature key ie, KEY
  • the U shield used by the ICBC, the K-bao used by the Agricultural Bank, and the like are connected to the terminal through a USB interface or an audio port.
  • the second electronic signature device 150 may adopt a similar manner to the first electronic signature device 140, and details are not described herein.
  • the private key of the user may be saved in each electronic signature device, and the ID of the user may be saved in the server 130 corresponding to the public key.
  • the identity of the user can be authenticated during the interaction process, and the corresponding operation is performed after the authentication is passed. That is, in the interaction process, the electronic signature device uses its private key to sign the signature data, and then the terminal sends the signature data to the server, through The signature data can authenticate the identity of the user.
  • the private key of the called user may be stored in the first electronic signature device 140, and the public key of the called user and the ID of the corresponding called user may be stored in the server 130.
  • the called user can perform signature, and can specifically sign the check-in data (for example, the ID of the called user), or can also collect other data to be signed (for example, the random generated by the first electronic signature device 140).
  • the number, or the data to be signed sent by the server 130 for example, the random number generated by the server 130 or the ID of the called user, is not limited.
  • the server 130 uses the called party after receiving the signature data.
  • the user's public key authenticates the signature data. After the verification is passed, the ID of the called user is associated with the communication identifier of the called terminal 110.
  • the server 130 may also perform identity verification on the called user after receiving the call request of the ID of the called user, that is, associated with the ID of the called user.
  • the called terminal 110 corresponding to the communication identifier sends an authentication request, requests the called terminal 110 to send the identity authentication data, and then authenticates the identity authentication data sent by the called terminal 130, and then connects the call to the called terminal 130 after the authentication is passed.
  • the called terminal 110 may also acquire identity authentication data from the first electronic signature device 140, and carry the identity authentication data in the release request (or may also be used by the server 130 after initiating the release request).
  • the authentication request is sent to the called terminal 110, and the called terminal 110 responds to the request of the server 130, and the first electronic signature device 140 signs the signature data to obtain identity authentication data, and then sends the authentication data to the server 130).
  • the server 130 may also perform identity authentication on the called user first, and the authentication is passed. Then follow the process.
  • the corresponding process may also be performed to authenticate the calling user.
  • the signature data may be sent, and the server 130 The calling user is authenticated according to the signature data, and the call is connected to the called terminal 110 after the authentication is passed. The details will not be described again.
  • the malicious side of the call is prevented from being spoofed, and the security of the calling system is improved.
  • the transmission data during the call may also be encrypted.
  • the calling terminal 120 and the called terminal 110 can negotiate a transmission key with the opposite end through the electronic signature device connected to each other. During the call, the calling terminal 120 and the called terminal 110 are connected through the connection.
  • the electronic signature device encrypts and decrypts the transmitted data.
  • an encryption and decryption module may be separately set in the calling terminal 120 and the called terminal 110, and the transmission key is negotiated with the corresponding electronic signature device through the encryption and decryption module, and the data is transmitted through the encryption and decryption module during the call. Perform encryption and decryption. With this alternative embodiment, the security of the call data can be ensured.
  • the called terminal 110 may include Embodiment 2 and each of the The structural device of the optional embodiment, the calling terminal 120 may include the structural device of Embodiment 8 and various alternative embodiments thereof, and the server 130 may include the structural device of Embodiment 9 and various optional embodiments thereof, specifically For a description, refer to the description of each embodiment below, and details are not described herein again.
  • the embodiment provides a communication device, which can be disposed in the called terminal 110 of the system described in the embodiment.
  • FIG. 10 is a schematic structural diagram of a call device according to the embodiment.
  • the call device provided in this embodiment mainly includes: a sending module 112, configured to send a sign-in request to the server 130, where the sign-in request carries There is an ID of the called user, which is used to instruct the server 130 to associate the ID of the called user with the communication identifier of the called terminal 130; the ID of the called user is the first electronic used by the called user on the server 130 for the called user.
  • the receiving module 114 is configured to receive a call request sent by the server 130, where the call requests a call request initiated by the calling terminal 120 to the ID of the called user; the calling module 116 is configured to: A call link is established with the calling terminal 120 to make a call with the calling terminal 120.
  • the called terminal sends a sign-in request to the server 130 through the sending module 112, requesting that the ID of the called user be associated with the communication identifier of the called terminal 110 currently used by the called user, in the server.
  • the call 130 receives the ID of the called user, the call is connected to the called terminal 110. Therefore, the ID of the called user is not fixedly bound to one terminal, and the ID of the called user can be conveniently associated with different terminals through the first electronic signature device 140, so that even if the fixed telephone is used, the user It is also possible to use a different terminal to answer a call through the same ID, thereby realizing the mobility of the fixed telephone.
  • the user does not need to carry the mobile terminal with the SIM card installed anywhere, as in the prior art, and only needs to carry the first electronic signature device 140 storing the ID.
  • the user can conveniently use any terminal (including the fixed terminal and the mobile terminal, that is, the called terminal 110 can be a fixed terminal or a mobile terminal) to receive the call through the same ID, different. Users can also answer calls through the same terminal, which improves the utilization of the device.
  • the calling device may further include: a first acquiring module, configured to acquire an ID of the called user from the first electronic signature device connected to the called terminal 110.
  • a first acquiring module configured to acquire an ID of the called user from the first electronic signature device connected to the called terminal 110.
  • the calling device may further include: an authentication module, configured to perform identity authentication on the first electronic signature device 140.
  • the authentication module can save the called party in advance.
  • the user's public key when acquiring the ID of the called user from the first electronic signature device 140, may instruct the first electronic signature device 140 to send the identity authentication data.
  • the first electronic signature device 140 uses the saved private key.
  • the signature data is signed, the identity authentication data is obtained, and the identity authentication data is sent to the authentication module, and the authentication module authenticates the identity authentication data by using the public key, and after the authentication is passed, the stored in the first electronic signature device 140 can be used.
  • the ID of the user is acquiring the ID of the called user from the first electronic signature device 140, may instruct the first electronic signature device 140 to send the identity authentication data.
  • the first electronic signature device 140 uses the saved private key.
  • the identity authentication data is obtained, and the identity authentication data is sent to the authentication module, and the authentication module authenticates the identity authentication data by using the public key, and after the authentication is passed, the stored in
  • the data to be signed may be sent by the authentication module to the first electronic signature device 140, or may be determined by the first electronic signature device 140. In this case, the first electronic signature device.
  • the plaintext of the data to be signed may be sent to the authentication module along with the identity authentication data.
  • the identity authentication of the first electronic signature device 140 by the authentication module may also be other forms of authentication, such as authentication by using a password.
  • the sending module 112 is further configured to carry the identity authentication data in the check-in request.
  • the identity authentication data carried in the check-in request is obtained by the first electronic signature device 140 signing the data to be signed by using the private key.
  • the data to be signed may be determined by the first electronic signature device 140. It may also be sent by the server 130. If it is determined by the first electronic signature device 140, the plaintext of the data to be signed is also carried in the check-in request.
  • the identity of the user who initiated the check-in request can be ensured, avoiding malicious sign-in.
  • the data to be signed may include only one-time authentication data, for example, a random number, so that the replay attack can be avoided. It can also include the ID of the called user.
  • the server 130 may further perform verification on the called user to ensure that the called user is present (ie, the first electronic signature device 140). In the case of the current connection with the called terminal, the call is connected to the called terminal.
  • the receiving module 114 is further configured to: after the sending module sends the sign-in request to the server 130, receive the check-in request sent by the server 130 before receiving the call request sent by the server 130;
  • the calling device may further include: a second obtaining module, configured to acquire signature data from the first electronic signature device 140, wherein the signature data is data obtained by the first electronic signature device 140 to sign the signature data; the sending module 112 may also Used to send the signature data to the server 130.
  • the data to be signed may be determined by the first electronic signature device 140, or may be sent by the server 130 through the verification request. If the first electronic signature device 140 determines, the check-in request is made. It also carries the plain text of the data to be signed. With this optional implementation, the identity of the currently called user can be ensured, and the call is prevented from being answered by the non-called user, ensuring the security of the call.
  • the called user in order to improve the utilization of the terminal, may initiate a release request when the called terminal 110 is not used. Therefore, in the optional implementation, the sending module 112 is further configured to send a release check-in request to the server 130, where the release check-in request may carry the ID of the called user, and is used to instruct the server 130 to delete the ID of the called user.
  • the association relationship with the communication identifier of the called terminal 110 Through this optional In this manner, the called user can release the association relationship between the ID of the called user and the called terminal 110 in time, so that other users can use the called terminal 110, thereby improving the utilization rate of the called terminal 110.
  • the sending module 112 may also be used to carry in the release check-in request.
  • Identity authentication data In the optional implementation, the identity authentication data carried in the check-in request is obtained by the first electronic signature device 140 by using the private key to sign the signature data, and the data to be signed may be determined by the first electronic signature device 140.
  • the server 130 may also be sent by the verification request. If the first electronic signature device 140 determines, the check-in request also carries the plaintext of the data to be signed. With this optional implementation, it is ensured that the identity of the called user is released, and illegal release is avoided, ensuring security.
  • the transmission data can be encrypted to ensure the security of the call data.
  • the encryption method includes, but is not limited to, using the first electronic signature device 140 for encryption and decryption, or setting an encryption and decryption module in the communication device, and performing encryption and decryption using the module.
  • the communication device may further include: a first negotiation module, configured to negotiate a transmission key with the calling terminal 120 by using the first electronic signature device 140; and the sending module 112 further It may be used to send the information received during the transmission key negotiation process to the first electronic signature device 140, instructing the first electronic signature device 140 to acquire the transmission key according to the received information; during the process of making a call with the calling terminal 120
  • the encrypted data received from the calling terminal 120 is sent to the first electronic signature device 140.
  • the receiving module 114 is further configured to receive the first electronic signature device 140 to decrypt the received encrypted data by using the transmission key.
  • the plaintext data; the sending module 112 is further configured to send the transmission data that needs to be sent to the calling terminal 120 to the first electronic signature device 140; the receiving module 114 is further configured to receive the first electronic signature device 140 by transmitting the key pair.
  • the transmitted data to be transmitted is encrypted and the returned ciphertext data; the sending module 112 can also be used to send the ciphertext data to the calling party. End 120.
  • the communication device may further include: a second negotiation module, configured to be used with the first electronic
  • the signing device negotiates a transport key; a storage module is configured to save the transport key.
  • the sending module 112 can also be used to send a transport key to the server.
  • the calling device may further include: an encryption and decryption module, configured to encrypt or decrypt the transmission data by using the transmission key.
  • the difference between the optional embodiment and the previous embodiment is that, in the previous embodiment, the calling terminal 120 and the called terminal 110 use the same transmission key for encryption and decryption, encryption and decryption are performed at the terminal, and the server 130 transparently transmits the master.
  • the data is transmitted between the terminal 120 and the called terminal 110.
  • the calling terminal 120 and the server 130 use the first transmission key
  • the second transmission key is used between the called terminal 110 and the server 130.
  • the server 130 decrypts the data sent by the calling terminal 120 by using the first transmission key, encrypts the decrypted data by using the second transmission key, and sends the decrypted data to the called terminal 110.
  • the reverse data is similar and will not be described again. .
  • the calling device may further include: a deleting module, configured to delete the transport key saved by the storage module.
  • the deleting module may actively delete the stored transport key, or may delete the stored transport key after receiving the indication sent by the first electronic signature device 140, or may be initiated by the server 130.
  • the deletion command sent by the server 130 is received, the stored transmission key is deleted, or the transmission key is deleted when the check-in is released, which is not limited in the embodiment of the present invention.
  • the transport key stored in the called terminal 110 can be deleted in time to avoid the problem that other users cannot use the terminal because the transport key cannot be deleted in time.
  • the calling device may further include: an executing module, configured to jump the currently used transmission key into a new transmission key according to a preset hopping rule. This further ensures the security of the call data.
  • the execution module may hop the currently used transmission key into a new transmission key according to at least one of the following: the current transmission key is hopped according to the hopping trigger factor. Becomes a new transport key; acquires a key hopping command and hops the current transport key into a new transport key.
  • the hopping triggering factor includes, but is not limited to, at least one of the following: a hopping period, a hopping time point, and a call data amount.
  • the key hopping instruction includes but is not limited to at least one of the following: a key hopping instruction sent by the calling terminal, an input key hopping instruction, and a key hopping instruction generated according to a preset rule.
  • the calling device may further include: a generating module, configured to generate a line hopping instruction; the sending module 112 may further be configured to send a line hopping instruction to the server, indicating that the server The current transmission line jumps to a new transmission line and makes a call with the calling terminal using the new transmission line.
  • a generating module configured to generate a line hopping instruction
  • the sending module 112 may further be configured to send a line hopping instruction to the server, indicating that the server The current transmission line jumps to a new transmission line and makes a call with the calling terminal using the new transmission line.
  • the embodiment provides a calling device which can be disposed in the calling terminal 120 of the above embodiment.
  • FIG. 11 is a schematic structural diagram of a call apparatus according to an embodiment of the present invention.
  • the apparatus mainly includes: an obtaining module 122, configured to acquire an ID of a called user; and an ID of the called user is a called user in the server. 130 is a unique identifier registered by the first electronic signature device used by the called user; the calling module 124 is configured to initiate a call request to the called user to the server, where the call request carries the ID of the called user; the receiving module 126, for receiving the call response returned by the server 130; the call module 128 is configured to establish a call link with the called terminal 110, and make a call with the called terminal 110, wherein the communication identifier of the called terminal and the called user ID association.
  • the calling device may further include: a first sending module, configured to send a check-in request to the server 130, where the check-in request carries an ID of the calling user, for indicating
  • the server 130 associates the ID of the calling user with the communication identifier of the calling terminal 120; the ID of the calling user is the service of the calling user.
  • the server 130 when receiving the call request of the calling terminal 120, can provide the called party's ID to the called party according to the ID of the calling user associated with the calling terminal 120, thereby making the called party The user can determine the identity of the calling user, thereby solving the problem that the called user cannot know the identity of the calling user who dialed the call, thereby improving the user experience.
  • the obtaining module 122 is further configured to acquire the ID of the calling user from the second electronic signature device 150 connected to the calling terminal 120.
  • the ID of the calling user is not fixedly bound to one terminal, and the ID of the calling user can be conveniently associated with different terminals through the second electronic signature device 150.
  • the user can make a call using a different terminal through the same ID, thereby realizing the mobility of the fixed telephone.
  • the calling device may further include: a first authentication module, configured to: before acquiring the ID of the calling user from the second electronic signature device 150 connected to the calling terminal 120, The second electronic signature device 150 is authenticated.
  • the first authentication module may pre-save the public key of the calling user, and when acquiring the ID of the calling user from the second electronic signature device 150, may instruct the second electronic signature device 150 to send the identity authentication data.
  • the second electronic signature device 150 obtains the identity authentication data by using the signature stored in the private key to sign the signature data, and sends the identity authentication data to the first authentication module, where the first authentication module uses the public key to authenticate the identity data.
  • the authentication is performed, and after the authentication is passed, the ID of the calling user stored in the second electronic signature device 150 can be used.
  • the data to be signed may be sent by the first authentication module to the second electronic signature device 150, or may be determined by the second electronic signature device 150.
  • the second electronic The signature device 150 can send the plaintext of the data to be signed together with the identity authentication data to the first authentication module.
  • the identity authentication of the second electronic signature device 150 by the authentication module may also be other forms of authentication, such as authentication by means of a password.
  • the first sending module is further configured to carry the identity authentication data in the check-in request.
  • the identity authentication data carried in the check-in request is obtained by the second electronic signature device 150 signing the data to be signed by using the private key.
  • the data to be signed may be determined by the second electronic signature device 150. It may also be sent by the server 130. If it is determined by the second electronic signature device 150, the plaintext of the data to be signed is also carried in the check-in request.
  • the identity of the user who initiated the check-in request can be ensured, avoiding malicious sign-in.
  • the receiving module 126 may be further configured to: after initiating a call request to the called user by the server 130, receiving the verification request sent by the server 130; the obtaining module 122 may also use Obtaining signature data from the second electronic signature device 150, the signature data is data obtained by the second electronic signature device 150 signing the signature data; the calling device may further include: a second sending module, configured to send the signature data to Server 130.
  • a second sending module configured to send the signature data to Server 130.
  • the calling device may further include: a third sending module, configured to send a release sign-in request to the server 130 after the calling terminal 120 sends the sign-in request to the server 130, releasing the sign-in request
  • the request carries the ID of the calling user, and is used to instruct the server 130 to delete the association between the ID of the calling user and the communication identifier of the calling terminal 120.
  • the third sending module is further configured to carry the identity authentication data in the release sign-in request.
  • the identity authentication data carried in the check-in request is released, and the second electronic signature device 150 uses the private key to sign the signature data, and the data to be signed may be determined by the second electronic signature device 150.
  • the server 130 may also be sent by the verification request. If the second electronic signature device 150 determines, the check-in request also carries the plaintext of the data to be signed. With this optional implementation, it is ensured that the identity of the called user is released, and illegal release is avoided, ensuring security.
  • the transmission data can be encrypted to ensure the security of the call data.
  • the encryption method includes, but is not limited to, using the second electronic signature device 150 for encryption and decryption, or setting an encryption and decryption module in the calling device, and performing encryption and decryption using the encryption and decryption module.
  • the calling apparatus may further include: a first negotiation module, configured to perform, after establishing a call link with the called terminal used by the called user, with the called terminal 110. Before the call, the called terminal 110 negotiates the transmission key with the respective electronic signature device; the calling device may further include: a fourth sending module, configured to send the information sent from the called terminal 110 during the transmission key negotiation process. Giving the second electronic signature device 150, instructing the second electronic signature device 150 to acquire the transmission key according to the received information; in the process of making a call with the called terminal 110, transmitting the encrypted data received from the called terminal 110 to The second electronic signature device 150, and the transmission data that needs to be sent to the called terminal 110 is sent to the second electronic signature device 150.
  • a first negotiation module configured to perform, after establishing a call link with the called terminal used by the called user, with the called terminal 110.
  • the called terminal 110 negotiates the transmission key with the respective electronic signature device
  • the calling device may further include: a fourth sending module, configured to send the information sent from the called terminal 110 during the
  • the receiving module 126 is further configured to receive the second during the call with the called terminal 110.
  • the electronic signature device 150 decrypts the received encrypted data by the transmission key to return the plaintext data; to receive the second electronic signature device 150 Key transmission over transmission data to be transmitted ciphertext returned encrypted data; and a fourth transmitting module is further configured to send the ciphertext data 110 to the called terminal.
  • the communication device may further include: a second negotiation module, configured to be used with the second electronic signature device.
  • the negotiation module transmits a key; the storage module is configured to save the transmission key; the fifth sending module is configured to send the transmission key to the server 130; and the first encryption and decryption module is configured to perform a process of talking with the called terminal 110.
  • the transmission data is encrypted or decrypted using a transmission key.
  • the difference between the optional embodiment and the previous embodiment is that, in the previous embodiment, the calling terminal 120 and the called terminal 110 use the same transmission key for encryption and decryption, encryption and decryption are performed at the terminal, and the server 130 transparently transmits the master.
  • the data is transmitted between the terminal 120 and the called terminal 110.
  • the calling terminal 120 and the service The server 130 uses the first transmission key, and the second transmission key is used between the called terminal 110 and the server 130.
  • the server 130 decrypts the data sent by the calling terminal 120 using the first transmission key, and uses the second transmission.
  • the key encrypts the decrypted data and sends it to the called terminal 110.
  • the reversed data is similar and will not be described again.
  • the calling device may further include: a deleting module, configured to delete the transport key saved by the storage module after the call with the called terminal 110 ends.
  • the deleting module may actively delete the stored transport key, or may delete the stored transport key after receiving the indication sent by the second electronic signature device 150, or may be initiated by the server 130.
  • the stored transport key is deleted, and the transport key is deleted when the check-in is released, which is not limited in the embodiment of the present invention.
  • the transport key stored in the calling terminal 120 can be deleted in time to avoid the problem that other users cannot use the terminal because the transport key cannot be deleted in time.
  • the first encryption and decryption module may be further configured to: during a call with the called terminal 110, hop the current transmission key according to a preset hopping rule. A new transport key and encrypt or decrypt the transmitted data with the new transport key. This further ensures the security of the call data.
  • the first encryption and decryption module may hop the current transmission key into a new transmission key according to at least one of the following: according to the hopping trigger factor, the current transmission key is The key hop becomes a new transport key; the key hop instruction is obtained, and the current transport key is hopped into a new transport key.
  • the hopping trigger factor includes, but is not limited to, at least one of the following: a hopping period, a hopping time point, and a call data amount.
  • the key hopping instruction includes at least one of the following: a key hopping instruction sent by the calling terminal 110, an input key hopping instruction, and a key hopping instruction generated according to a preset rule.
  • the calling device may further include: a generating module, configured to generate a line hopping instruction during a call with the called terminal 110; and a sixth sending module, configured to: The line hopping command is sent to the server 130, instructing the server 130 to hop the current transmission line into a new transmission line and to make a call with the called terminal 110 using the new transmission line. .
  • a generating module configured to generate a line hopping instruction during a call with the called terminal 110
  • a sixth sending module configured to: The line hopping command is sent to the server 130, instructing the server 130 to hop the current transmission line into a new transmission line and to make a call with the called terminal 110 using the new transmission line.
  • the calling device may also implement a multi-party channel, that is, the called user includes multiple.
  • the calling device may further include: the obtaining module 122 is further configured to acquire the shared transport key generated by the second electronic signature device 150 before the call with the called terminal 110; a module, configured to send the shared transport key to a plurality of called terminals corresponding to the communication identifier associated with the IDs of the plurality of called users; and the second encryption and decryption module is configured to use the shared transmission during the call with the called terminal 110 The key pair encrypts or decrypts the transmission data of the plurality of called terminals.
  • the embodiment of the present invention provides a call processing apparatus, which can be disposed in the server 130 of each of the above embodiments.
  • FIG. 12 is a schematic structural diagram of a call processing apparatus according to an embodiment of the present invention.
  • the apparatus may include: a receiving module 132, configured to receive a sign-in request sent by a called terminal, where the sign-in request includes the called user.
  • the ID of the called user is a unique identifier registered by the called user on the server for the first electronic signature device used by the called user;
  • the storage module 134 is configured to communicate the ID of the called user with the called terminal 110.
  • the identifier is associated and stored;
  • the establishing module 136 is configured to establish a caller according to the association relationship between the ID of the called user and the communication identifier of the called terminal 110 after receiving the call request of the calling terminal to the ID of the called user.
  • the storage module 134 After receiving the sign-in request sent by the called terminal 110, the storage module 134 stores the ID of the called user in association with the communication identifier of the called terminal 110, and receives the call.
  • the setup module 136 connects the call to the called terminal 110. Therefore, the ID of the called user is not fixedly bound to one terminal, and the ID of the called user can be conveniently associated with different terminals through the first electronic signature device 140, so that even if the fixed telephone is used, the user It is also possible to use a different terminal to answer a call through the same ID, thereby realizing the mobility of the fixed telephone.
  • the user does not need to carry the mobile terminal with the SIM card installed anywhere, as in the prior art, and only needs to carry the first electronic signature device 140 storing the ID.
  • the user can conveniently use any terminal (including the fixed terminal and the mobile terminal, that is, the called terminal 110 can be a fixed terminal or a mobile terminal) to receive the call through the same ID, different. Users can also answer calls through the same terminal, which improves the utilization of the device.
  • the call processing apparatus may further include: a first authentication module, configured to authenticate the first identity authentication data sent by the received called terminal 110, and after the authentication is passed
  • the trigger storage module associates and stores the ID of the called user with the communication identifier of the called terminal 110.
  • the first identity authentication data may be carried in the check-in request and sent to the server 130.
  • the identity authentication data is obtained by the first electronic signature device 140 by using the private key to sign the signature data, and the data to be signed may be the first electronic signature device.
  • the determination by 140 may also be sent by the server 130. If the first electronic signature device 140 determines, the check-in request also carries the plaintext of the data to be signed. With this alternative implementation, the identity of the user who initiated the check-in request can be ensured, avoiding malicious sign-in.
  • the call processing apparatus may further include: a first deleting module, configured to delete an association between an ID of the called user and a communication identifier of the called terminal 110.
  • the first deletion module may delete the association relationship actively, or may delete the association relationship triggered by the called terminal 110.
  • the association between the ID of the called user and the called terminal 110 can be released in time, so that other users can use the called terminal 110, and the utilization rate of the called terminal 110 is improved.
  • the receiving module 132 is further configured to receive the second identity authentication data returned by the called terminal 110.
  • the device further includes: a second authentication module 3005, configured to After the identity authentication is passed, the first deletion module is triggered to delete the association between the ID of the called user and the communication identifier of the called terminal 110.
  • the call processing apparatus may further include: a first sending module and a checking module, where the first sending module is configured to receive a call of the calling terminal to the ID of the called user. After the request, the request is sent to the called terminal 110; the receiving module 132 is further configured to receive the signature data returned by the called terminal 110; the verification module is configured to perform verification on the signature data, and after the verification is passed, trigger The setup module 136 establishes a call link between the calling terminal 120 and the called terminal 110.
  • the receiving module 132 receives the data obtained by signing the signature data by the first electronic signature device 140, and the data to be signed may be determined by the first electronic signature device 140, or may be the first transmission.
  • the check-in request also carries the plaintext of the data to be signed.
  • the identity of the currently called user can be ensured, and the call is prevented from being answered by the non-called user, ensuring the security of the call.
  • the call processing apparatus may further include: a determining module, configured to determine, after receiving the call request of the calling terminal to the ID of the called user, Whether the type of the call request is a preset call request type, and if so, the trigger setup module performs a call link establishing the calling terminal 120 and the called terminal 110.
  • a determining module configured to determine, after receiving the call request of the calling terminal to the ID of the called user, Whether the type of the call request is a preset call request type, and if so, the trigger setup module performs a call link establishing the calling terminal 120 and the called terminal 110.
  • the transmission data can be encrypted to ensure the security of the call data.
  • the receiving module 132 is further configured to receive the first transmission key sent by the called terminal 110 and receive the second transmission key sent by the calling terminal 120.
  • the storage module 134 further uses The first transmission key and the second transmission key are saved;
  • the call processing apparatus may further include: an encryption and decryption module, configured to encrypt or decrypt the transmission data between the terminal and the called terminal 110 by using the first transmission key, and The data transmitted between the pair and the calling terminal 120 is encrypted or decrypted using the second transport key pair.
  • the call processing apparatus may further include: a second deletion module, configured to delete the first transport key and/or the second transport key.
  • the second deletion module may actively delete the stored transport key, or may delete the stored transport key after receiving the indication sent by the called terminal 110, or may also receive the main
  • the deletion command sent by the terminal 120 is called, the stored transmission key is deleted, and the transmission key is deleted when the check-in is released, which is not limited in the embodiment of the present invention.
  • the transmission key associated with the called terminal 110 and the calling terminal 120 can be deleted in time to avoid timely failure. The problem of deleting the transport key and causing other users to be unable to use the calling terminal and the called terminal.
  • the call processing apparatus may further include: a second sending module, configured to send a key deletion request to the called terminal 110 and/or the calling terminal 120, to indicate the called Terminal 110 and/or calling terminal 120 deletes the saved transport key.
  • a second sending module configured to send a key deletion request to the called terminal 110 and/or the calling terminal 120, to indicate the called Terminal 110 and/or calling terminal 120 deletes the saved transport key.
  • the encryption and decryption module may be further configured to: when the calling terminal 120 and the called terminal 110 are in a call, the current first transmission secret according to a preset hopping rule.
  • the key hop becomes a new first transmission key and encrypts or decrypts the transmission data with the new first transmission key; and/or the encryption and decryption module is further used to make a call at the calling terminal 120 with the called terminal 110.
  • the current second transmission key is hopped into a new second transmission key according to a preset hopping rule and the transmission data is encrypted or decrypted by using the new second transmission key.
  • the security of the call can be further guaranteed.
  • the encryption and decryption module may jump the current first transmission key into a new first transmission key according to at least one of the following, and/or the current second
  • the transport key hops into a new second transport key: according to the hopping trigger factor, the current first transport key is hopped into a new first transport key, and/or the current second transport key is The key hop becomes a new second transmission key; the key hopping instruction is obtained, the current first transmission key is hopped into a new first transmission key, and/or the current second transmission key is selected The key hop becomes the new second transport key.
  • the hopping trigger factor includes, but is not limited to, at least one of the following: a hopping period, a hopping time point, and a call data amount.
  • the key hopping instruction includes, but is not limited to, at least one of the following: a key hopping instruction sent by the called terminal 110 and/or the calling terminal 120, and a key hopping instruction generated according to a preset rule.
  • the call processing apparatus may further include: a hopping module, configured to hop the transmission line of the current data transmission into a new transmission line according to a preset line hopping rule.
  • a hopping module configured to hop the transmission line of the current data transmission into a new transmission line according to a preset line hopping rule.
  • the call processing apparatus may further implement a multi-party call, that is, the called user may include multiple, and the call request received by the receiving module 132 carries the ID of each called user;
  • the establishing module 136 may be further configured to send a multiparty call request to the called terminal corresponding to the communication identifier associated with the ID of each called user, and after receiving the acknowledgement response returned by one or more of the plurality of called terminals 110, A call link between the calling terminal 120 and one or more called terminals, and one or more called terminals is established.
  • the receiving module 132 may be further configured to establish a call link between the calling terminal 120 and one or more called terminals, and one or more called terminals.
  • Receiving the shared transport key sent by the calling terminal 120; the call processing apparatus may further include: a third sending module, configured to send the shared transport key to one or more called terminals.
  • the transmission data can be performed during multi-party calls. Encryption ensures the security of multi-party calls.
  • the receiving module 132 is further configured to receive the sign-in request sent by the calling terminal 120, where the sign-in request carries the ID of the calling user; the storage module 134 may also be used to The ID of the calling user is associated with and stored by the communication identifier of the calling terminal 120.
  • the receiving module 132 can provide the called party's ID to the called party according to the ID of the calling user associated with the calling terminal 120, thereby The calling user can judge the identity of the calling user, thereby solving the problem that the called user cannot know the identity of the calling user who dialed the call, thereby improving the user experience.
  • the receiving module 132 may be further configured to: after receiving the sign-in request of the calling terminal, the received third identity authentication data sent by the calling terminal 120; the call processing apparatus The method may further include: a third authentication module, configured to authenticate the third identity authentication data, and after the authentication is passed, trigger the storage module to associate and store the ID of the calling user with the communication identifier of the calling terminal 120.
  • the identity authentication data carried in the check-in request is that the second electronic signature device 150 signs the data to be signed with the private key and sends it to the server 130 through the calling terminal 120.
  • the data to be signed may be determined by the second electronic signature device 150, or may be sent by the server 130 to the calling terminal 120. If the second electronic signature device 150 determines, the data to be signed is also carried in the check-in request. Clear text.
  • the identity of the user who initiated the check-in request can be ensured, avoiding malicious sign-in.
  • the call processing apparatus may further include: a third deleting module, configured to delete an association relationship between the ID of the calling user and the communication identifier of the calling terminal 120.
  • the third deletion module may delete the association relationship actively, or may delete the association relationship triggered by the calling terminal 120.
  • the association between the ID of the calling user and the calling terminal 110 can be released in time, so that other users can use the calling terminal 120, which improves the utilization of the calling terminal 120.
  • the third deletion module deletes the association relationship triggered by the calling terminal 120, the identity of the calling user may be authenticated before deleting the relationship.
  • the call processing apparatus may further include: a fourth sending module, configured to send, after receiving the call request of the calling terminal to the ID of the called user, to the calling terminal 120
  • the fourth verification module is configured to perform the verification after receiving the signature data returned by the calling terminal 120, and after the verification is passed, trigger the establishment module to establish a call chain between the calling terminal 120 and the called terminal 110. road.
  • the terminal including the fixed telephones in Embodiments 1 and 3, the terminal 300 in Embodiments 4 and 5, and Embodiment 6)
  • the calling terminal 120 and the called terminal 110 in the -9 may be connected to the electronic signature device through a wireless connection, or may be connected through a wired manner.
  • the wireless manner may include: Bluetooth, WIFI, NFC, infrared or RFID, etc.; Ways can include: USB, Audio (headphone plug) RJ11, RJ45 or serial port.
  • the call can be implemented as follows:
  • the terminal can perform encryption and decryption operations through an electronic signature device connected to the terminal.
  • the terminal receives the encrypted call data through its network interface (such as a phone port, an authentication key of the SIM card, an IP address, etc.), and transmits the encrypted call data to the electronic signature device, which is decrypted by the electronic signature device and sent.
  • the terminal sends it to the handset for the user to listen to; the terminal receives the voice data input by the user through the microphone, and then sends it to the electronic signature device, which is encrypted by the electronic signature device and sent to the terminal, and then sent out by the terminal via the network interface.
  • Method 2 The data can be sent to the network by the electronic signature device, and then the terminal listens to the voice data and/or collects the voice data.
  • the electronic signature device receives the encrypted call data through its network interface, decrypts the encrypted call data, and sends the encrypted call data to the terminal via the connection between the electronic signature device and the terminal, and then sends the terminal to the handset for the user to listen to; the terminal receives the The voice data input by the user through the microphone is sent to the electronic signature device via the connection with the electronic signature device, encrypted by the electronic signature device, and then sent out through the network interface of the electronic signature device.
  • the encrypted data is received and sent out through the terminal, and the encrypted data can be decrypted by the electronic signature device.
  • the data to be encrypted can be encrypted by the electronic signature device, and the electronic signature device can also listen to the voice data and/or collect voice. data.
  • the terminal receives the encrypted call data through its network interface, and sends the encrypted call data to the electronic signature device, which is decrypted by the electronic signature device and sent to the handset of the electronic signature device for the user to listen to; the electronic signature device receives the user through The voice data input by the microphone of the electronic signature device is encrypted by the electronic signature device, sent to the terminal, and then sent out by the terminal via the network interface.
  • a switching device may be separately provided and connected to the terminal interface for data interaction with the electronic signature device.
  • the switching device is provided with an RJ11 plug and a jack, the jack is connected to the telephone line, and the plug is connected to the terminal, and the interface connected to the electronic signature device is set on the switching device (wired or wireless).
  • the data outputted by the switching device to the terminal is plaintext, and the data received from the terminal is also plaintext, whereby all operations are performed on the switching device and can be used compatible with the existing terminal.
  • the electronic signature device should be configured to cooperate with the terminal to implement the above functions.
  • the terminal is a fixed telephone
  • the electronic signature device should include two RJ11 interfaces, one end connected.
  • the telephone line has a crystal head, and the other end is provided with a crystal head inserted into the interface on the fixed telephone.
  • the present embodiment provides a calling method, which is applied to the calling terminal side.
  • the calling method may be implemented by the calling terminal 120 in the foregoing embodiment, and may mainly include the following steps (S601 to S603).
  • S601 The calling terminal acquires the ID of the called user.
  • the calling terminal can obtain the ID of the called user in one of the following ways: the calling user passes the calling terminal.
  • the input device of the terminal inputs the ID of the called user to the calling terminal, and the calling user inputs the ID of the called user to the calling terminal by voice.
  • the ID of the called user is a unique identifier registered by the called user on the server for the first electronic signature device used by the called user.
  • the first electronic signature device saves the ID of the called user, and the ID may be It is not limited to the following methods: one of numbers, letters, characters, Chinese characters, or a combination thereof.
  • the ID is equivalent to the telephone number of the user in the existing communication system, which is convenient for the calling terminal to call the called user.
  • the first electronic signature device includes, but is not limited to, an electronic signature key (KEY device such as U shield of ICBC or K Bao of ABC), a smart card with a security chip, etc., wherein the security chip can perform a signature operation. , encryption and decryption operations, negotiation transmission key function.
  • ETY device such as U shield of ICBC or K Bao of ABC
  • the security chip can perform a signature operation.
  • encryption and decryption operations negotiation transmission key function.
  • S602 The calling terminal initiates a call request of the called user to the server, where the call request carries the ID of the called user.
  • the calling terminal receives the call response returned by the server, establishes a call link with the called terminal, and makes a call with the called terminal, where the communication identifier of the called terminal is associated with the ID of the called user.
  • the calling terminal or the called terminal includes: a fixed telephone, a mobile terminal or a PC, and the PC supports the network telephone.
  • the communication identifier of the fixed telephone may be a network port of the fixed telephone, and the communication identifier of the mobile terminal may refer to the SIM card.
  • the authentication key, the communication identifier of the PC may be an IP address.
  • the mobile terminal can be a smart phone, a tablet, a smart watch, or the like.
  • the calling method in this embodiment may further include the step of the calling terminal initiating the sign-in to the server, specifically:
  • the calling terminal sends a check-in request to the server, where the sign-in request carries the ID of the calling user, and is used to instruct the server to associate the ID of the calling user with the communication identifier of the calling terminal; wherein the ID of the calling user is the calling user.
  • the calling party when the user is not at the location of the telephone used by the user, for example, when the telephone is called by another user's telephone, the called user cannot know that the telephone is dialed by the user, possibly Will not pick up or miss, miss important calls, or misunderstand the two sides, will cause inconvenience to the user's work or life.
  • the called party displays the ID of the calling user, thereby solving the problem that the called user cannot know the call. The problem of the identity of the calling party of the call, thereby improving the user experience.
  • the calling method of the embodiment before the calling terminal sends the sign-in request to the server, the calling method of the embodiment further includes: acquiring, by the second electronic signature device connected to the calling terminal, the calling user. ID.
  • the ID of the calling user is obtained from the calling terminal, and the calling user does not need to memorize the ID, which is convenient for the user to use and improve the user experience.
  • the second electronic signature device includes, but is not limited to, an electronic signature key (a KEY device) having a security chip.
  • a KEY device having a security chip.
  • the security chip can perform the functions of signature calculation, encryption and decryption operation, and negotiation of transmission key.
  • the second electronic signature device saves the unique identifier assigned to the server side, that is, the ID, when the server registers.
  • the calling method of the embodiment further includes: the calling terminal carries the identity authentication data in the check-in request, so as to implement identity authentication of the calling user on the server side, and ensure the calling user.
  • the identity is legal, which in turn ensures the security of the call.
  • the calling terminal carrying the identity authentication data in the check-in request may be implemented by one of the following methods:
  • Manner 1 As an optional method, as shown in FIG. 14, when the calling terminal sends a sign-in request to the server, the calling terminal can actively carry the identity authentication data in the sign-in request, which specifically includes:
  • S701 The calling terminal acquires identity authentication data from the second electronic signature device.
  • the authentication data is the authentication data obtained by signing the signature data by the second electronic signature device; wherein the data to be signed includes the ID of the calling user and/or the single authentication data generated by the second electronic signature device itself, the single authentication
  • the data may be one or a combination of a random number and an event factor, wherein the event factor may be generated for each time a cumulative +1 or an arbitrary value is generated.
  • the calling terminal carries the identity authentication data in the check-in request and sends the data to the server.
  • Manner 2 As another alternative manner, as shown in FIG. 15, when the calling terminal sends a sign-in request to the server, the calling terminal may further generate identity authentication data according to the to-be-signed data sent by the server, and carry the sign-in request. Specifically, including:
  • S801 The calling terminal sends a check-in instruction to the server before sending the check-in request to the server.
  • S802 The calling terminal receives the data to be signed sent by the server.
  • the to-be-signed data may include a single-time authentication data generated by the server, where the single-time authentication data may be one of a random number and an event factor or a combination thereof, where the event factor may be a cumulative +1 or an arbitrary value for each generation. Generated.
  • the calling terminal receives the identity authentication data obtained by the second electronic signature device to sign the signature data, and carries the identity authentication data in the sign-in request and sends the identity authentication data to the server.
  • the ID of the calling user may be signed.
  • the calling method of the embodiment further includes the step of the verification, specifically: the calling terminal receives the verification request sent by the server; The second electronic signature device acquires signature data, and the signature data is data obtained by signing the signature data by the second electronic signature device; and the signature data is sent to the server.
  • the data to be signed includes at least one of the following: a random number generated by the second electronic signature device, and a verification request.
  • the data to be signed (such as the random number generated by the server) and the ID of the calling user.
  • the server verifies whether the calling user is online, that is, whether the second electronic signature device of the calling user is connected to the terminal of the current communication port, and if the server can obtain the signature by the second electronic signature device.
  • the signature data of the signature of the data indicates that the calling user is online, and further, the signature data can verify whether the identity of the calling user is legal, thereby ensuring the security of the call.
  • the calling method of the embodiment further includes: the calling terminal sends a release sign-in request to the server, and the release sign-in request carries the owner.
  • the ID of the user is used to instruct the server to delete the association between the ID of the calling user and the communication identifier of the calling terminal.
  • the calling terminal can release the check-in without affecting the normal use of the terminal checked in by the calling user.
  • the calling terminal may also receive the release sign-in command before the calling terminal sends the release sign-in request to the server, which specifically includes one or more of the following manners:
  • Manner 1 The calling terminal receives the release sign-in command input by the calling user. For example, the calling user inputs “9#”, indicating that the calling user requests to release the sign-in;
  • Manner 3 The calling terminal receives the release sign-in command of the second electronic signature device connected thereto, for example, the calling user disconnects the connection between the second electronic signature device and the calling terminal according to the C key on the second electronic signature device. At this time, the second electronic signature device also issues a release sign-in command to the calling terminal when disconnected from the calling terminal.
  • the user can release the association relationship with the terminal when a certain terminal is not used, so that other users can use the terminal, thereby improving the utilization rate of the terminal.
  • the call method of the embodiment may further include: the calling terminal is in the release of the check-in request.
  • the identity authentication data carried in the release sign-in request may be generated by the same mechanism as the identity authentication data carried in the check-in request, for example:
  • the calling terminal actively carries the identity authentication data in the release check-in request, and the specific implementation is similar to the manner shown in FIG. 14 , except that the check-in request is replaced with the release check-in request, and details are not described herein again.
  • the calling terminal may further generate identity authentication data according to the to-be-signed data sent by the server, and carry it in the release check-in request, and the implementation is similar to the manner shown in FIG. 15 except that the check-in request is replaced by Release the check-in request, which will not be described here.
  • the calling method of the embodiment further includes: the calling terminal negotiates a transmission key with the called terminal, and transmits the data by using the transmission key pair.
  • the steps of encryption and decryption include:
  • the calling terminal and the called terminal negotiate a transmission key by using their respective electronic signature devices, and the calling terminal negotiates the transmission key.
  • the information received in the process is sent to the second electronic signature device, instructing the second electronic signature device to obtain the transmission key according to the received information;
  • the calling terminal sends the encrypted data received from the called terminal to the second electronic signature device, and receives the encrypted data received by the second electronic signature device by using the transmission key. Clearing the plaintext data after decryption; and transmitting the transmission data that needs to be sent to the called terminal to the second electronic signature device, and receiving the returned ciphertext after the second electronic signature device encrypts the transmission data to be transmitted by using the transmission key Data and send ciphertext data to the called terminal.
  • the calling terminal in this embodiment may further include a security chip, where the security chip may be used for identity authentication of the second electronic signature device, and the second electronic signature device is The transmission key negotiateed by the peer end is saved, so that the transmission data can be encrypted and decrypted without the need of the second electronic signature device, thereby improving the processing efficiency.
  • the calling method of the embodiment before the obtaining the ID of the calling user from the second electronic signature device connected to the calling terminal, the calling method of the embodiment further includes: the calling terminal is connected to the second electronic The signature device authenticates. This ensures the legitimacy of the second electronic signature device used by the calling user.
  • the calling method in this embodiment further includes: the calling terminal negotiates a transmission key with the second electronic signature device, saves the transmission key, and sends the transmission key to the server; in the process of making a call with the called terminal
  • the call of this embodiment further includes: encrypting or decrypting the transmission data by using the transmission key.
  • the calling terminal negotiates the transmission key with the second electronic signature device, thereby avoiding the possibility of transmission key leakage and ensuring the security of the transmission key. Meanwhile, the calling terminal uses the saved transmission key to perform the addition. Decryption, so that the transmission data can be encrypted and decrypted without the need for a second electronic signature device, thereby improving processing efficiency.
  • the calling method of the embodiment of the present invention further includes: deleting the saved transport key. Therefore, after the calling terminal deletes the transmission key, it does not affect the normal use of the calling terminal; at the same time, the calling terminal cannot use the saved transmission key to impersonate the calling user to perform an encrypted call.
  • a call hopping may be performed during a call to prevent the phone from being monitored and the important call information from being leaked.
  • Call transitions include key hopping and/or line hopping.
  • the calling method in this embodiment further includes: the calling terminal according to the preset hopping Rule will transfer the current transport key Jump into a new transport key and encrypt or decrypt the transmitted data with the new transport key.
  • the current transmission key is hopped into a new transmission key according to a preset hopping rule, including at least one of the following: hopping the current transmission key into a new transmission key according to the hopping trigger factor Key; obtains a key hopping instruction, and hops the current transmission key into a new transmission key.
  • a preset hopping rule including at least one of the following: hopping the current transmission key into a new transmission key according to the hopping trigger factor Key; obtains a key hopping instruction, and hops the current transmission key into a new transmission key.
  • the hopping triggering factor includes at least one of the following: a hopping period, a hopping time point, and a call data amount.
  • the key hopping instruction includes at least one of the following: a key hopping instruction sent by the called terminal, an input key hopping instruction, and a key hopping instruction generated according to a preset rule.
  • the key hopping in this embodiment may be hopped according to a fixed mechanism at the same time, for example, pre-negotiating the hopping triggering factor, setting the hopping period to be a jump every 5 minutes, or setting the hopping time point to 3 minutes, ie
  • the call arrives for 3 minutes, or the call data volume is set to 10M, that is, the call data amount reaches 10M hopping;
  • the key hopping in this embodiment can also be initiated by the calling party or the server, that is, according to the key hopping instruction.
  • the change may be a hopping command initiated by the called terminal, a key hopping command sent by the server (when the calling terminal has a security chip), or a hopping instruction initiated by the calling terminal itself, such as a secret input by the user.
  • the key hopping instruction or the key hopping instruction generated by the calling terminal according to the preset rule.
  • different key hopping mechanisms are used to encrypt the transmission data by using different transmission keys during the call, and the security of the encryption is further ensured when the telephone is prevented from being monitored.
  • the transport key may include multiple, and the calling terminal negotiates the transport key with the called terminal, or the calling terminal negotiates the transport key with its electronic signature device.
  • Multiple transport keys for example, the calling terminal and the called terminal, or the calling terminal and the server both store a transport key list for storing the calling terminal and the called terminal, or the calling terminal and Multiple transmission keys negotiated by the electronic signature device, or during the call, the new transmission key may be regenerated when the key hops, and the current transmission key is hopped into a new transmission key, adopting a new The transmission key performs data encryption and decryption.
  • the calling method in this embodiment further includes: the calling terminal generates a line hopping command;
  • the variable command is sent to the server, instructing the server to jump the current transmission line into a new transmission line, and using the new transmission line to make a call with the called terminal.
  • the transmission line of the call may also include multiple, and the server side stores a transmission line list, where the transmission line list is used to store multiple transmission lines that can be established between the calling terminal and the called terminal. .
  • the embodiment may further include a method for multi-party calling.
  • the called user may include multiple.
  • the calling method of the embodiment further includes: the calling terminal sends the shared transmission key generated by the second electronic signature device to the plurality of called terminals; in the call with the called terminal, The calling method of the embodiment further includes: transmitting data with the plurality of called terminals by using the shared transport key pair Encrypt or decrypt.
  • the calling terminal can talk with a plurality of called terminals to expand the call application; at the same time, the calls between the terminals in the multi-party call can be encrypted and transmitted, thereby ensuring the security of the multi-party call.
  • this embodiment provides a calling method, which is applied to the called terminal side.
  • the calling method may be implemented by the called terminal 110 in the foregoing embodiment, and may mainly include the following steps (S901 to S903).
  • the called terminal sends a check-in request to the server, where the sign-in request carries the ID of the called user, and is used to instruct the server to associate the ID of the called user with the communication identifier of the called terminal.
  • the ID of the called user is a unique identifier registered by the called user on the server for the first electronic signature device used by the called user.
  • the first electronic signature device saves the ID of the called user, and the ID may be It is not limited to the following methods: one of numbers, letters, characters, Chinese characters, or a combination thereof.
  • the ID is equivalent to the telephone number of the user in the existing communication system, which is convenient for the calling terminal to call the called user.
  • the first electronic signature device includes, but is not limited to, an electronic signature key (KEY device such as U shield of ICBC or K Bao of ABC), a smart card with a security chip, etc., wherein the security chip can perform a signature operation. , encryption and decryption operations, negotiation transmission key function.
  • ETY device such as U shield of ICBC or K Bao of ABC
  • the security chip can perform a signature operation.
  • encryption and decryption operations negotiation transmission key function.
  • S902 Receive a call request sent by the server, where the call request is a call request initiated by the calling terminal to the ID of the called user.
  • the calling terminal or the called terminal includes: a fixed telephone, a mobile terminal or a PC, and the PC supports the network telephone.
  • the communication identifier of the fixed telephone may be a network port of the fixed telephone, and the communication identifier of the mobile terminal may refer to the SIM card.
  • the authentication key, the communication identifier of the PC may be an IP address.
  • the mobile terminal can be a smart phone, a tablet, a smart watch, or the like.
  • S903 Establish a call link with the calling terminal, and make a call with the calling terminal.
  • the calling method of the embodiment further includes: acquiring an ID of the called user from the first electronic signature device connected to the called terminal.
  • the ID of the called user is obtained from the called terminal, and the called user does not need to memorize the ID, which is convenient for the user to use and improves the user experience.
  • the calling method in this embodiment further includes: the called terminal carries the identity authentication data in the check-in request, so as to implement identity authentication of the called user on the server side, and ensure the identity of the called user. Legal, and thus ensure the safety of the call.
  • the called terminal carries the identity authentication data in the check-in request, but is not limited to one of the following ways:
  • Manner 1 As a preferred method, the called terminal actively carries the identity authentication data in the check-in request, and the specific implementation is similar to the manner shown in FIG. 14 except that the calling terminal is replaced with the called terminal, and the second electronic signature is performed. The device is replaced with the first electronic signature device, and details are not described herein again.
  • the called terminal may further generate identity authentication data according to the to-be-signed data sent by the server, and carry it in the check-in request.
  • the specific implementation is similar to the manner shown in FIG. 15 except that the calling terminal is used.
  • the second electronic signature device is replaced with the first electronic signature device, and is not described here.
  • the calling method of the embodiment further includes the step of the verification, specifically: the called terminal receives the verification request sent by the server. Obtaining signature data from the first electronic signature device, the signature data being data obtained by signing the signature data by the first electronic signature device; and transmitting the signature data to the server.
  • the data to be signed includes at least one of the following: a random number generated by the first electronic signature device, data to be signed carried in the verification request (such as a random number generated by the server), and an ID of the calling user.
  • the server verifies whether the called user is online, that is, whether the first electronic signature device of the called user is connected to the terminal of the current communication port, and if the server can obtain the signature by the first electronic signature device.
  • the signature data of the signature of the data indicates that the calling user is online, and further, the signature data can verify whether the identity of the calling user is legal, thereby ensuring the security of the call.
  • the calling method in this embodiment further includes:
  • the called terminal sends a release check-in request to the server, and the release check-in request carries the ID of the called user, and is used to instruct the server to delete the association relationship between the ID of the called user and the communication identifier of the called terminal.
  • the called terminal can release the check-in without affecting the normal use of the terminal that is called by the called user.
  • the called terminal may also receive the release check-in command before the called terminal sends the release check-in request to the server, which specifically includes one or more of the following manners:
  • Manner 1 The called terminal receives the release sign-in command input by the called user. For example, the called user inputs “9#”, indicating that the called user requests to release the sign-in;
  • Manner 2 The called terminal receives the release sign-in command sent by the server;
  • Manner 3 The called terminal receives the release sign-in command of the first electronic signature device connected thereto, for example, the called user disconnects the connection between the first electronic signature device and the called terminal according to the C key on the first electronic signature device. At this time, the first electronic signature device also issues a release sign-in command to the called terminal when disconnected from the called terminal.
  • the user can release the association relationship with the terminal when a certain terminal is not used, so that other users can use the terminal, thereby improving the utilization rate of the terminal.
  • the guaranteed release sign is initiated by the real called user.
  • the calling method in this embodiment further includes: the called terminal carries the identity in releasing the sign-in request.
  • the authentication data is used to authenticate the identity of the called user on the server side to ensure the security of the call.
  • the identity authentication data carried in the release sign-in request may be generated by the same mechanism as the identity authentication data carried in the check-in request, for example:
  • the called terminal actively carries the identity authentication data in the release check-in request
  • the specific implementation is similar to the manner shown in FIG. 13 except that the check-in request is replaced with the release check-in request, and the calling terminal is replaced by the called terminal.
  • the terminal is called, and the second electronic signature device is replaced with the first electronic signature device, and details are not described herein again.
  • the called terminal may further generate identity authentication data according to the to-be-signed data sent by the server, and carry it in the release check-in request, and the implementation is similar to the manner shown in FIG. 14 except that the check-in request is replaced by The check-in request is released, and the calling terminal is replaced with the called terminal, and the second electronic signature device is replaced with the first electronic signature device, and details are not described herein again.
  • the calling method in this embodiment further includes: the called terminal negotiates a transmission key with the calling terminal, and uses the transmission key to add the transmission data.
  • the steps of decryption include:
  • the called terminal and the calling terminal negotiate a transmission key by using the respective electronic signature device, and the called terminal receives the transmission key during the negotiation process.
  • the called terminal sends the encrypted data received from the calling terminal to the first electronic signature device, and receives the encrypted data received by the first electronic signature device by using the transmission key. Clearing the plaintext data after decryption; and transmitting the transmission data that needs to be sent to the calling terminal to the first electronic signature device, and receiving the returned ciphertext after the first electronic signature device encrypts the transmission data to be transmitted by using the transmission key Data and send the ciphertext data to the calling terminal.
  • the called terminal in this embodiment may further include a security chip, where the security chip may be used for identity authentication of the first electronic signature device, and the first electronic signature device and the pair
  • the transport key negotiateed by the terminal is saved and encrypted and decrypted by using the saved transport key, so that the encrypted data can be encrypted and decrypted without the first electronic signature device, and the processing efficiency is improved.
  • the calling method in this embodiment further includes: the called terminal is configured to use the first electronic signature.
  • the device is authenticated. This ensures the legitimacy of the first electronic signature device used by the called user.
  • the called terminal may save the transmission key and use the saved transmission key to add the transmission data when the called terminal has the security chip.
  • Decrypt Specifically, before the call with the calling terminal, the calling method of this embodiment further includes: negotiating a transmission key with the first electronic signature device, saving the transmission key, and transmitting the transmission key to the server; The process of the terminal performing the call further includes: encrypting or decrypting the transmission data by using the transmission key.
  • the called terminal negotiates a transmission key with the first electronic signature device, thereby avoiding the possibility of transmission key leakage and ensuring the security of the transmission key. Meanwhile, the called terminal uses the saved transmission key to perform the addition. Decrypt, so that the first electronic signature device is not needed Transmitting data for encryption and decryption improves processing efficiency.
  • the calling method of the embodiment of the present invention further includes: deleting the saved transport key. Therefore, after the called terminal deletes the transmission key, it does not affect the normal use of the called terminal; at the same time, the called terminal cannot use the saved transmission key to impersonate the called user to perform an encrypted call.
  • a call hopping may be performed during a call to prevent the phone from being monitored and the important call information from being leaked.
  • Call transitions include key hopping and line hopping.
  • the calling method in this embodiment further includes: the called terminal according to the preset hopping The rule hops the current transport key into a new transport key and encrypts or decrypts the transmitted data with the new transport key.
  • the current transmission key is hopped into a new transmission key according to a preset hopping rule, including at least one of the following: hopping the current transmission key into a new transmission key according to the hopping trigger factor Key; obtains a key hopping instruction, and hops the current transmission key into a new transmission key.
  • a preset hopping rule including at least one of the following: hopping the current transmission key into a new transmission key according to the hopping trigger factor Key; obtains a key hopping instruction, and hops the current transmission key into a new transmission key.
  • the hopping trigger factor includes at least one of the following: a hopping period, a hopping time point, and a call data amount.
  • the key hopping instruction includes at least one of the following: a key hopping instruction sent by the called terminal, an input key hopping instruction, and a key hopping instruction generated according to a preset rule.
  • the key hopping in this embodiment may be hopped according to a fixed mechanism at the same time, for example, pre-negotiating the hopping triggering factor, setting the hopping period to be a jump every 5 minutes, or setting the hopping time point to 3 minutes, ie
  • the call arrives for 3 minutes, or the call data volume is set to 10M, that is, the call data amount reaches 10M hopping;
  • the key hopping in this embodiment can also be initiated by the calling party or the server, that is, according to the key hopping instruction.
  • the change may be a hopping command initiated by the calling terminal, a key hopping command sent by the server (when the terminal has a security chip), or a hopping instruction initiated by the called terminal itself, such as a key hop input by the user.
  • a command or a key hopping command generated by the called terminal according to a preset rule.
  • different key hopping mechanisms are used to encrypt the transmission data by using different transmission keys during the call, and the security of the encryption is further ensured when the telephone is prevented from being monitored.
  • the transmission key includes multiple, and when the called terminal negotiates a transmission key with the calling terminal, or when the called terminal negotiates a transmission key with its electronic signature device, it will negotiate A plurality of transport keys, for example, the called terminal and the calling terminal, or the called terminal and the server both store a transport key list for storing the called terminal and the calling terminal, or the called terminal and its electronic Multiple transport keys negotiated by the signing device, or during the call, a new transport key may be regenerated when the key hops, and the current transport key is hopped into a new transport key, using a new The transmission key is used for data encryption and decryption.
  • a plurality of transport keys for example, the called terminal and the calling terminal, or the called terminal and the server both store a transport key list for storing the called terminal and the calling terminal, or the called terminal and its electronic Multiple transport keys negotiated by the signing device, or during the call, a new transport key may be regenerated when the key hops, and the current transport key is hopped into a new transport key, using
  • the calling method of the embodiment further includes: the called terminal generates a line hopping instruction; and the line hopping The command is sent to the server, The server is instructed to hop the current transmission line into a new transmission line and make a call with the calling terminal using the new transmission line.
  • the transmission line of the call may also include multiple, and the server side stores a transmission line list, where the transmission line list is used to store multiple transmission lines that can be established between the calling terminal and the called terminal. .
  • the terminal when the calling terminal or the called terminal has a security chip, the terminal can perform identity authentication on the electronic signature device connected thereto, that is, the calling terminal can perform identity authentication on the second electronic signature device.
  • the called terminal can also perform identity authentication on the first electronic signature device.
  • the identity authentication mode can be performed in at least the following two manners:
  • the terminal (the terminal may be the called terminal or the calling terminal) generates a random number R1;
  • the terminal sends the random number R1, the signature value S1, and the digital certificate of the terminal to the electronic signature device (which may be the first electronic signature device or the second electronic signature device);
  • the electronic signature device uses the pre-stored root certificate to verify the validity of the digital certificate of the received terminal. If the digital certificate of the terminal is verified to be legal, C5 is executed. If the digital certificate of the terminal is verified to be invalid, the identity is stopped. The authentication process may, if necessary, feed back to the terminal a message that the verification certificate fails to pass;
  • the electronic signature device obtains the public key of the terminal from the digital certificate of the terminal, and performs verification on the received signature value S1 by using the public key of the terminal. If the verification is passed, C6 is executed, and if the verification fails, the identity is stopped. The authentication process may also feed back to the terminal a message that the verification is not passed;
  • the electronic signature device generates a random number R2;
  • the electronic signature device signs the random number R2 and the received random number R1 to generate a signature value S2;
  • the electronic signature device sends the random number R2, the signature value S2, and the digital certificate of the electronic signature device to the terminal;
  • the terminal uses the pre-stored root certificate to verify the validity of the digital certificate of the received electronic signature device. If the digital certificate of the electronic signature device is verified to be legal, C10 is executed, and if the digital certificate of the electronic signature device is verified to be invalid. , the identity authentication process is stopped, and if necessary, the electronic signature device may feed back a message that the verification certificate does not pass;
  • the terminal acquires the public key of the electronic signature device from the digital certificate of the electronic signature device, and uses the public key of the electronic signature device to perform the verification of the received signature value S2. If the verification is passed, the subsequent operation is performed, if the verification is not performed If the process is passed, the identity authentication process is stopped, and the message that the verification is not passed can also be fed back to the electronic signature device.
  • the terminal (the terminal may be the called terminal or the calling terminal) generates a random number R1, and sends the random number R1 to the electronic signature device;
  • the electronic signature device (which may be the first electronic signature device or the second electronic signature device) generates a random number R2, and sends the random number R2 and the digital certificate of the electronic signature device to the terminal;
  • the terminal uses the pre-stored root certificate to verify the validity of the digital certificate of the received electronic signature device. If the digital certificate of the terminal is verified to be legal, D4 is executed, and if the digital certificate of the terminal is verified to be invalid, the identity is stopped. The authentication process may, if necessary, feed back to the electronic signature device a message that the verification certificate does not pass;
  • the terminal signs the random number R2 and the random number R1 to generate a signature value S1;
  • the terminal sends the signature value S1 and the digital certificate of the terminal to the electronic signature device.
  • the electronic signature device uses the pre-stored root certificate to verify the validity of the digital certificate of the received terminal. If the digital certificate of the terminal is verified to be legal, D7 is executed. If the digital certificate of the terminal is verified to be invalid, the identity is stopped. The authentication process may, if necessary, feed back to the terminal a message that the verification certificate fails to pass;
  • the electronic signature device obtains the public key of the terminal from the digital certificate of the terminal, and performs verification on the received signature value S1 by using the public key of the terminal. If the verification is passed, the subsequent operation is performed, and if the verification fails, the process stops. The identity authentication process can also feed back to the terminal a message that the verification is not passed.
  • a transmission key can be negotiated between the terminal and the electronic signature device. And transmitting the transport key to the server, and the server saves the transport key for adding/decrypting data transmission between the subsequent terminal, the server, and the electronic signature device.
  • the transmission key negotiated between the calling terminal and the called terminal may be the same key or different keys.
  • the server communicates with the calling terminal, the information is encrypted/decrypted by using the transmission key of the calling terminal; when the communication is performed between the server and the called terminal, the information is transmitted by using the transmission key of the called terminal. Add/decrypt.
  • the negotiation key can be sent to the server while sending the check-in request to the server; in other occasions, sending the transmission key to the terminal can also be completed separately.
  • the terminal (the terminal may be the called terminal or the calling terminal) generates a random number R3, encrypts the random number R3 with the public key of the electronic signature device to generate the ciphertext of the R3, and sends the ciphertext of the R3 to the electronic signature device;
  • the electronic signature device uses the private key to decrypt and obtain R3, and generates a random number R4, generates a transmission key by using R3 and R4 (for example, connecting R3 and R4 as a transmission key), and encrypts the random number R4 by using the public key of the terminal.
  • R4 ciphertext sending the ciphertext of R4 to the terminal;
  • the terminal uses the private key to decrypt and obtain R4, and uses R3 and R4 to generate a transmission key (the process of generating the key and The process of generating a key by the electronic signature is the same, for example, connecting R3 and R4 as a transmission key);
  • the terminal sends a check-in request to the server.
  • the terminal may also separately send a request for saving the transport key without sending a check-in request.
  • the terminal does not need to send a check-in request.
  • only the request to save the transport key needs to be sent separately;
  • the server generates information to be signed, where the information to be signed may be a random number or other factors, and sends a signature instruction (instructing the electronic signature device to sign the information to be signed) and the information to be signed is sent to the electronic signature device;
  • the electronic signature device encrypts the transmission key by using the public key of the server, and signs the signature information and the encrypted transmission key to generate a signature value S3, and sends the signature value S3 and the encrypted transmission key to the server;
  • the server performs verification on the signature value S3. If the verification is passed, the server decrypts the private key to obtain the transmission key and saves the transmission key.
  • the transmission key has a one-to-one correspondence with the ID of the electronic signature device.
  • the transmission key is generated by the electronic signature device and sent to the terminal.
  • the specific process is as follows:
  • the electronic signature device generates a transmission key, which is used for subsequent encryption/decryption of communication with the terminal, and the electronic signature device encrypts the transmission key by using the public key of the terminal, and encrypts the transmission key. Send to the terminal;
  • the terminal decrypts the private key to obtain the transmission key
  • the terminal sends a check-in request to the server.
  • the terminal may also separately send a request for saving the transport key without sending a check-in request.
  • the terminal does not need to send a check-in request.
  • only the request to save the transport key needs to be sent separately;
  • the server generates information to be signed, where the information to be signed may be a random number or other factors, and sends a signature instruction (instructing the electronic signature device to sign the information to be signed) and the information to be signed is sent to the electronic signature device;
  • the electronic signature device encrypts the transmission key by using the public key of the server, and signs the signature information and the encrypted transmission key to generate a signature value S3, and sends the signature value S3 and the encrypted transmission key to the server;
  • the server checks the signature value S3. If the verification is passed, the server decrypts the private key to obtain the transmission key, and saves the transmission key.
  • the transmission key has a one-to-one correspondence with the ID of the electronic signature device.
  • the terminal (the terminal may be the called terminal or the calling terminal) generates a random number R3, and uses the public key of the electronic signature device to encrypt the random number R3 to generate the ciphertext of R3, and sends the ciphertext of R3 to the electronic signature device;
  • the electronic signature device uses the private key to decrypt and obtain R3, and generates a random number R4, generates a transmission key by using R3 and R4 (for example, connecting R3 and R4 as a transmission key), and encrypts the random number R4 by using the public key of the terminal.
  • R4 ciphertext sending the ciphertext of R4 to the terminal;
  • the terminal decrypts using the private key to obtain R4, and uses R3 and R4 to generate a transmission key (the process of generating the key and The process of generating a key by the electronic signature is the same, for example, connecting R3 and R4 as a transmission key);
  • the terminal sends a check-in request to the server.
  • the terminal may also separately send a request for saving the transport key without sending a check-in request.
  • the terminal does not need to send a check-in request.
  • only the request to save the transport key needs to be sent separately;
  • the server generates the information to be signed, the information to be signed may be a random number or other factors, and sends a signature instruction (instructing the electronic signature device to sign the information to be signed) and the information to be signed is sent to the electronic signature device;
  • the electronic signature device and signature s the signature information and the transmission key to generate a signature value S3, and sends the signature value S3 to the terminal;
  • the terminal encrypts the transmission key by using the public key of the server to obtain the ciphertext of the transmission key, and sends the ciphertext and the signature value S3 of the transmission key to the server;
  • the server checks the signature value S3. If the verification is passed, the server decrypts the private key to obtain the transmission key and saves the transmission key.
  • the transmission key has a one-to-one correspondence with the ID of the electronic signature device.
  • the terminal (the terminal may be the called terminal or the calling terminal) generates a random number R3, encrypts the random number R3 with the public key of the electronic signature device to generate the ciphertext of the R3, and sends the ciphertext of the R3 to the electronic signature device;
  • the electronic signature device uses the private key to decrypt and obtain R3, and generates a random number R4, generates a transmission key by using R3 and R4 (for example, connecting R3 and R4 as a transmission key), and encrypts the random number R4 by using the public key of the terminal.
  • R4 ciphertext sending the ciphertext of R4 to the terminal;
  • the terminal decrypts the private key to obtain R4, and uses R3 and R4 to generate a transmission key.
  • the process of generating the key is the same as the process of generating a key by electronic signature setting, for example, connecting R3 and R4 as a transmission key, and using the server.
  • the public key encrypts the transport key to generate a ciphertext of the transport key;
  • the terminal sends the ciphertext of the check-in request and the transport key to the server.
  • the terminal may also separately send the ciphertext of the transport key without sending the check-in request, for example, when the electronic signature device does not need to check in to the server, You do not need to send a check-in request. In this case, you only need to transmit the ciphertext of the key separately.
  • the server generates information to be signed, where the information to be signed may be a random number or other factors, and sends a signature instruction (instructing the electronic signature device to sign the information to be signed) and the information to be signed is sent to the electronic signature device;
  • the server checks the signature value S3. If the verification is passed, the server decrypts the private key to obtain the transmission key and saves the transmission key.
  • the transport key corresponds to the IH of the electronic signature device.
  • the electronic signature device generates a transmission key, which is used for subsequent encryption/decryption of communication with the terminal.
  • the sub-signature device encrypts the transmission key by using the public key of the terminal, and sends the encrypted transmission key to the terminal;
  • the terminal decrypts the private key to obtain the transmission key
  • the terminal sends a check-in request to the server.
  • the terminal may also separately send a request for saving the transport key without sending a check-in request.
  • the terminal does not need to send a check-in request.
  • only the request to save the transport key needs to be sent separately;
  • the server generates information to be signed, and the information to be signed may be a random number or other factors, and sends a signature instruction (instructing the electronic signature device to sign the information to be signed) and the information to be signed is sent to the electronic signature device;
  • the electronic signature device signs the signature information and the transmission key to generate a signature value S3, and sends the signature value S3 to the terminal;
  • the terminal encrypts the transmission key by using the public key of the server to obtain the ciphertext of the transmission key, and sends the ciphertext and the signature value S3 of the transmission key to the server;
  • the server checks the signature value S3. If the verification is passed, the server decrypts the private key to obtain the transmission key and saves the transmission key.
  • the transmission key has a one-to-one correspondence with the ID of the electronic signature device.
  • the electronic signature device generates a transmission key, which is used for subsequent encryption/decryption of communication with the terminal, and transmits the transmission key to the terminal.
  • the electronic signature device can also use the public key of the terminal to transmit the transmission key.
  • the key is encrypted and sent to the terminal;
  • the terminal uses the obtained transmission key, of course, when the transmission key is ciphertext, the terminal also decrypts the private key to obtain the transmission key;
  • the terminal sends a check-in request and a transport key to the server (the ciphertext of the transport key may also be sent).
  • the terminal may also separately send the transport key without sending a check-in request, for example, when the electronic signature device does not need When you check in to the server, you do not need to send a check-in request. In this case, you only need to transmit the key separately.
  • the server generates the to-be-signed information, where the to-be-signed information may be a random number or other factor, and sends a signature instruction (instructing the electronic signature device to sign the to-be-signed information) and the to-be-signed information is sent to the electronic signature device;
  • the electronic signature device and the signature information and the transmission key are signed to generate a signature value S3, and the signature value S3 is sent to the server;
  • the server checks the signature value S3, and if the verification pass, saves the transmission key (if the transmission key is ciphertext, the server also decrypts the private key to obtain the transmission key).
  • the transmission key has a one-to-one correspondence with the ID of the electronic signature device.
  • FIG. 17 shows a call method according to an embodiment of the present invention.
  • the call method can be implemented by using the server 130.
  • the calling method in the embodiment of the present invention includes the following steps S1001 to S1003:
  • the server receives the sign-in request sent by the called terminal, where the sign-in request includes the ID of the called user; the ID of the called user is a unique identifier registered by the called user on the server for the first electronic signature device used by the called user. .
  • the user registers the electronic signature device used by the user on the server, so that the electronic signature device has a unique identifier, and the unique identifier is used as the ID of the user.
  • the ID may be, but is not limited to, the following: a number, a letter, a character, one of the Chinese characters, or a combination thereof.
  • the ID is equivalent to the telephone number of the user in the existing communication system, which is convenient for the calling terminal to call the called user.
  • the server can know which of the calling user and the called user.
  • the user uses the electronic signature device box server to apply for registration, and the server may apply the certificate to the electronic signature device or use the certificate of other authentication unit methods existing in the electronic signature device.
  • the user assigns a unique identifier as the ID of the user, and binds the ID of the user to the certificate issued to the electronic signature device, whereby the server can verify the identity of the electronic signature device by the certificate issued for the electronic signature device.
  • registration can be done by one of the following methods:
  • Method 1 The user sends an account application to the server by using the electronic signature device. After the server verifies the user identity, the server sends a key generation instruction to the electronic signature device, the electronic signature device generates a key pair, and sends the public key to the server, and the server generates the electronic
  • the public key certificate of the signature device is assigned the unique identifier as the ID of the user, the user ID is bound to the public key certificate, and the certificate is issued for the electronic signature device, and the issued certificate is sent to the electronic signature device, and the electronic signature device saves The certificate issued by the server. In this way, the key pair is generated by the electronic signature device to ensure the security of the key.
  • Method 2 The user sends an account application to the server by using the electronic signature device. After the server verifies the user identity, the server sends a read certificate instruction to the electronic signature device, and the electronic signature device sends the certificate to the server, and the server verifies the validity of the certificate and is in the certificate. After being legal, the unique ID is assigned as the ID of the user, and the ID of the user is bound to the certificate and stored. In this way, the existing certificate of the electronic signature device is used for binding, which improves the registration efficiency.
  • the called user needs to send a check-in request to the server on the terminal used, and the check-in request includes at least the ID of the called user to inform the server which terminal the called user is using, so that the server determines that the server is determined to be Call the terminal.
  • the called terminal when the called terminal sends the check-in request, in addition to carrying the ID of the called user, the called terminal may also check in at the check-in.
  • the request carries the identity authentication data and sends it to the server, so that the server authenticates the identity of the called user to ensure that the called identity is legal.
  • the identity authentication data can be obtained in one of the following ways:
  • Manner 1 The signature data obtained by the first electronic signature device signing the ID of the called user.
  • signature data obtained by signing the data to be signed by the first electronic signature device, the data to be signed may include single authentication data, and the single authentication data may be generated by the first electronic signature device, or may be the called terminal. Received by the server and sent to the first electronic signature device.
  • the single authentication data may be one of a random number and an event factor or a combination thereof, wherein the event factor may be generated every time a cumulative +1 or an arbitrary value is generated.
  • Manner 3 The signature data obtained by the first electronic signature device by signing the signature data and the ID of the called user.
  • Manner 4 The password set by the first electronic signature device at the time of registration or the dynamic password generated by the dynamic port token associated with the first electronic signature device.
  • S1002 associate and store the ID of the called user with the communication identifier of the called terminal.
  • the server after receiving the ID of the called user sent by the called terminal, the server associates and stores the ID of the called user with the communication identifier of the called terminal, so that the server can know the terminal used by the called user. In order to find the called user.
  • the communication identifier of the called terminal may be a port number of the fixed telephone, an IP address of the network telephone, an authentication key of the SIM, and the like.
  • step S1001 if the called terminal carries the identity authentication data in the sent check-in request, after the server receives the sign-in request of the called terminal, this step
  • the server may also authenticate the received identity authentication data sent by the called terminal, and after the authentication is passed, perform the step of associating and storing the ID of the called user with the communication identifier of the called terminal.
  • the server may perform identity authentication by verifying the signature data by the called user's public key of the first electronic signature device stored on the server when registering the first electronic signature device, and may also verify the static password or the dynamic password. The way to authenticate. Therefore, the step of associating and storing the ID of the called user with the communication identifier of the called terminal is performed only after the identity of the authenticated called user is legal, and the legality of the called user is checked.
  • the server may further delete the ID of the called user.
  • the association relationship with the communication identifier of the called terminal Based on this, the server can release the check-in of the called user without affecting the normal use of the terminal that is called by the called user.
  • the server may trigger the release of the check-in process for the called user by at least one of the following methods: after receiving the release check-in instruction sent by the called terminal, and after the server determines that the check-in needs to be released.
  • the server may also verify the identity of the called user to ensure that the called user identity is released. At this time, the server may receive the identity authentication data returned by the called terminal, and perform identity authentication. After the identity authentication is passed, the execution server deletes the association relationship between the ID of the called user and the communication identifier of the called terminal. Specifically, the identity authentication data returned by the called terminal may be generated in the same manner as the called terminal sends the check-in request, and the server may perform the authentication by using the corresponding authentication method, and details are not described herein.
  • S1003 After receiving the call request of the calling terminal to the ID of the called user, establishing a call link between the calling terminal and the called terminal according to the association relationship between the ID of the called user and the communication identifier of the called terminal.
  • the server may find the communication identifier of the called terminal according to the stored association relationship between the ID of the called user and the communication identifier of the called terminal. Thereby determining the location of the called terminal and establishing a call link between the calling terminal and the called terminal. Therefore, the location of the called user can be found as long as the ID of the called user is associated with the communication identifier of the called terminal.
  • the server may further send a verification request to the called terminal, where After receiving the signature data returned by the called terminal, the verification is performed, and after the verification is passed, the step of establishing a call link between the calling terminal and the called terminal is performed.
  • the verification request may be single-signature data, such as a random number and/or an event factor.
  • the server establishes the call link between the calling terminal and the called terminal only after the called terminal returns the signature data and passes the verification check, thereby verifying whether the called user is online, and ensuring that the user who answers the call is indeed the called user. Prevent the non-called user from answering the call, which improves the security of the call.
  • the server may further determine that the type of the call request is a preset call.
  • the request type performs the step of establishing a call link between the calling terminal and the called terminal. Therefore, the server can be compatible with the existing call system without affecting normal use, even if the called terminal has already checked in, it does not affect the call normally accessing the called terminal.
  • the server may determine the type of the call request of the received calling terminal, determine whether it is the ID of the called user, or an ordinary telephone number, and if it is a normal telephone number, connect the call of the calling terminal to the ordinary telephone.
  • the called terminal corresponding to the number establishes a call link of the called terminal corresponding to the ordinary telephone number of the calling terminal; if it is the ID of the called user, the incoming call of the calling terminal is accessed to the ID of the called user.
  • the call link of the terminal corresponding to the terminal communication identifier of the ID of the called user is established.
  • the calling method of the embodiment of the present invention since the called terminal sends a check-in request to the server, it informs the server which terminal the called user uses, and the server can thereby associate the terminal with the called user. Therefore, when receiving the call of the calling terminal to the called user, the calling terminal is connected to the terminal that the called user signs in, thereby ensuring that the called user does not use which terminal, but only at the terminal. When you sign in, you can find the called user and use it conveniently.
  • the caller ID of the calling party can also be displayed at the called terminal.
  • the server can also receive the caller ID.
  • the sign-in request sent by the calling terminal the sign-in request carries the ID of the calling user; the ID of the calling user is associated with the communication identifier of the calling terminal and stored.
  • the server can know the identity of the calling user when the calling party initiates a call request for the ID of the called user.
  • the server may also perform identity authentication on the received calling terminal.
  • the data is authenticated, and after the authentication is passed, the step of associating and storing the ID of the calling user with the communication identifier of the calling terminal is performed.
  • the identity authentication data sent by the calling terminal can be generated in the same manner as the called terminal sends the check-in request.
  • the server can use the corresponding authentication method for authentication, and details are not described herein.
  • the server may also delete the communication between the ID of the calling user and the calling terminal. The association of the identity. Based on this, the server can release the check-in to the calling user without affecting the normal use of the terminal checked in by the calling user.
  • the server can release the check-in to the calling user in the same manner as the called terminal releases the sign-in, and details are not described herein.
  • the server may also verify the identity of the calling user to ensure that the identity of the calling party is released. At this time, the server may receive the identity authentication data returned by the calling terminal, and perform identity authentication. After the identity authentication is passed, the server deletes the association relationship between the ID of the calling user and the communication identifier of the calling terminal.
  • the identity authentication data returned by the calling terminal may be the same as the manner in which the called terminal returns the identity authentication data, and the server may perform the authentication by using the corresponding authentication method, and details are not described herein again.
  • the server may further send a verification request to the calling terminal, and receive the calling terminal.
  • the verification request may be single-signature data, such as a random number and/or an event factor.
  • the server establishes the call link between the calling terminal and the called terminal only after the calling terminal returns the signature data and passes the verification, thereby verifying the authenticity of the identity of the calling user, and ensuring that the user making the call is indeed the calling user. I, to prevent non-calling users from making calls, improve the security of the call.
  • the call data or other data between the calling terminal and the called terminal may be encrypted and transmitted on the line via the transmission key.
  • the server may ensure the security of the call between the calling terminal and the called terminal in one of the following ways:
  • the server may receive the first transmission key sent by the called terminal and save the first transmission key, and receive the second transmission key sent by the calling terminal and save the second transmission key; using the first transmission key
  • the transmission data between the called terminal is encrypted or decrypted, and the data transmitted between the calling terminal and the calling terminal is encrypted or decrypted by using the second transmission key.
  • the server can also receive the encrypted data sent by the calling terminal, decrypt the encrypted data and send it to the called terminal, and can also receive the encrypted data sent by the called terminal, and then decrypt and then send the encrypted data to the calling terminal.
  • the calling terminal and the called terminal respectively use different transmission keys to prevent cracking, the security of the call between the calling terminal and the called terminal is ensured, and if one of the two parties releases the sign-in, it is not yet Affects the other party to use its own transport key normally.
  • the server may also send the transmission key sent by the calling terminal to the called terminal.
  • the encrypted data sent by the calling terminal may be directly sent by the server to the called terminal without going through the server. Decrypt and re-encrypt and send, improve data transmission efficiency and reduce the workload of the server.
  • the server also needs to delete the first transport key and/or the second transport key.
  • the triggering occasion for triggering the server to delete the first transport key and/or the second transport key may include, but is not limited to, at least one of the following manners:
  • the server receives the release sign-in command sent by the calling terminal, receives the release sign-in command sent by the called terminal, completes the call (such as hanging up), and determines that the server needs to delete according to a preset rule (for example, server judgment) The preset time is up to delete, etc.).
  • a preset rule for example, server judgment
  • the called party may also The terminal and/or the calling terminal send a key deletion request for instructing the called terminal and/or the calling terminal to delete the saved transport key.
  • the called terminal and/or the calling terminal may delete the transmission key stored in the terminal, or may instruct the electronic signature device connected thereto to delete the transmission key stored in the electronic signature device, for example, the called terminal indicates The first electronic signature device deletes the transport key stored in the first electronic signature device.
  • the server may also be used by the server.
  • the identity of the user is verified to ensure that the identity of the user who is checked out is legal.
  • the server can receive the identity authentication data returned by the called terminal, and perform identity authentication, and delete the first transmission key after the identity authentication is passed.
  • the server may also be triggered to delete the second transmission key in the same manner.
  • the identity authentication data returned by the terminal may be generated in the same manner as the terminal sends the check-in request, and the server may perform the authentication by using the corresponding authentication method, and details are not described herein again.
  • the server The current first transmission key may be hopped into a new first transmission key according to a preset hopping rule and the transmission data may be encrypted or decrypted by using the new first transmission key; and/or according to a preset
  • the hopping rule hops the current second transmission key into a new second transmission key and encrypts or decrypts the transmission data with the new second transmission key. This ensures that the single transmission key is no longer used during the call, and the changed transmission key is used to improve the security of the transmission key and prevent it from being cracked, thereby improving the security of the call.
  • the server hops the current first transmission key into a new first transmission key according to a preset hopping rule, and/or hops the current second transmission key into a new second transmission.
  • the key includes, but is not limited to, at least one of the following:
  • the hopping trigger factor includes at least one of the following: a hopping period, a hopping time point, and a call data amount. That is, the server may negotiate a hopping period with the calling terminal and/or the called terminal in advance, and then perform a key hopping according to the hopping period, and the server may also negotiate a hopping with the calling terminal and/or the called terminal in advance.
  • the key hopping can be performed according to the hopping time point, and the server can also pre-negotiate the call data amount with the calling terminal and/or the called terminal, and then the key hopping can be performed according to the amount of the call data.
  • Manner 2 Obtain a key hopping instruction, hop the current first transmission key into a new first transmission key, and/or hop the current second transmission key into a new second transmission.
  • the key hopping instruction includes at least one of the following: a key hopping instruction sent by the called terminal and/or the calling terminal, and a key hopping instruction generated according to a preset rule.
  • the server may receive the key hopping instruction sent by the called terminal and/or the calling terminal, and perform a key hopping after receiving the key hopping instruction; the server may also independently generate a key hopping instruction, for example: The server determines that a key hop can be performed (for example, period arrival, time point arrival, data volume arrival, monitoring, etc.), and sends a key hopping instruction to the called terminal and/or the calling terminal to instruct the terminal to perform the server and the server. Key jump.
  • a key hop for example, period arrival, time point arrival, data volume arrival, monitoring, etc.
  • the server in order to further ensure the security of the call between the calling terminal and the called terminal, in an optional implementation of the embodiment of the present invention, in the process of the calling terminal and the called terminal, the server It is also possible to hop the current transmission line into a new transmission line according to a preset line hopping rule, and transmit the transmission data by using the new transmission line. This ensures the security of the transmission line and prevents the call from being monitored.
  • the server may pre-store a call line pool, and the server may select a line different from the current call line for data transmission in the call line pool according to a preset hop rule.
  • the preset hopping rule may include, but is not limited to, at least one of the following:
  • the hopping trigger factor includes at least one of the following: a hopping period, a hopping time point, and a call data amount. That is, the server can set the hopping period in advance, and then the key hopping can be performed according to the hopping period. The server can also set the hopping time point in advance, and then the key hopping can be performed according to the hopping time point, and the server can also set the call in advance. The amount of data, after which the key jump can be performed according to the amount of call data.
  • the line hopping instruction includes at least one of the following: a hopping instruction sent by the called terminal and/or the calling terminal, and a line hopping instruction generated according to a preset rule. That is, the server can receive the line jump instruction sent by the called terminal and/or the calling terminal, and perform line jump after receiving the line jump instruction; the server can also independently generate the line jump instruction, for example, the server can judge that the line jump can be performed. Line jump (such as cycle arrival, time point arrival, data volume arrival, monitoring, etc.) The road jumps.
  • the embodiment of the present invention further provides a method for calling a multi-party call, thereby enabling a called party of a multi-party call to answer the call at any position.
  • the called user includes multiple, and the call request carries the ID of each called user; the server establishes a call link between the calling terminal and the called terminal according to the association relationship between the ID of the called user and the communication identifier of the called terminal. It is achieved by, but not limited to, the following:
  • the server sends a multi-party call request to the called terminal corresponding to the communication identifier associated with the ID of each called user; and after receiving the acknowledgment response returned by one or more of the plurality of called terminals, establishing the calling terminal and one or more The called terminal, and the call link between one or more called terminals.
  • the server implements a multiparty call based on the called user being able to answer the call at any location.
  • the call data between the calling terminal and one or more called terminals, or multiple called terminals is encrypted.
  • the calling terminal and one or more are established.
  • the server may also receive the shared transport key sent by the calling terminal; and send the shared transport key to one or more called terminals. Based on this, the calling terminal and the called terminal can use the shared transmission key to perform encrypted transmission of the call data, thereby ensuring the security of the call data.
  • the terminal ie, the calling terminal 120 and the called terminal 110
  • the terminal may be connected to the electronic signature device through a wireless connection, or may pass Wired connection
  • wireless mode can include: Bluetooth, WIFI, NFC, infrared or RFID
  • wired mode can include: USB, audio (headphone plug) RJ11, RJ45 or serial port.
  • the call can be implemented as follows:
  • the terminal can perform encryption and decryption operations through an electronic signature device connected to the terminal.
  • the terminal receives the encrypted call data through its network interface (such as a phone port, an authentication key of the SIM card, an IP address, etc.), and transmits the encrypted call data to the electronic signature device, which is decrypted by the electronic signature device and sent.
  • the terminal sends it to the handset for the user to listen to; the terminal receives the voice data input by the user through the microphone, and then sends it to the electronic signature device, which is encrypted by the electronic signature device and sent to the terminal, and then sent out by the terminal via the network interface.
  • Method 2 The data can be sent to the network by the electronic signature device, and then the terminal listens to the voice data and/or collects the voice data.
  • the electronic signature device receives the encrypted call data through its network interface, decrypts the encrypted call data, and sends the encrypted call data to the terminal via the connection between the electronic signature device and the terminal, and then sends the terminal to the handset for the user to listen to; the terminal receives the The voice data input by the user through the microphone is sent to the electronic signature device via the connection with the electronic signature device, encrypted by the electronic signature device, and then sent out through the network interface of the electronic signature device.
  • Manner 3 The encrypted data is received and sent out through the terminal, and the encrypted data can be decrypted by the electronic signature device, and the data to be encrypted can be encrypted by the electronic signature device, and the electronic signature device can also listen to the voice data. And/or collecting voice data.
  • the terminal receives the encrypted call data through its network interface, and sends the encrypted call data to the electronic signature device, which is decrypted by the electronic signature device and sent to the handset of the electronic signature device for the user to listen to; the electronic signature device receives the user through The voice data input by the microphone of the electronic signature device is encrypted by the electronic signature device, sent to the terminal, and then sent out by the terminal via the network interface.
  • the present embodiment provides a call method, which can be implemented by the called terminal 110, the calling terminal 120, and the server 130 in the foregoing embodiment, and may mainly include the following steps (S1101 to S1112). .
  • the calling terminal sends a check-in request to the server, where the check-in request carries an ID of the calling user, and is used to instruct the server to associate the ID of the calling user with the communication identifier of the calling terminal.
  • the ID of the calling user is a unique identifier registered by the calling user on the server for the second electronic signature device used by the calling user.
  • This step S1101 is an optional step.
  • the called terminal sends a check-in request to the server, where the check-in request carries an ID of the called user, and is used to instruct the server to associate the ID of the called user with the communication identifier of the called terminal.
  • the ID of the called user is a unique identifier registered by the called user on the server for the first electronic signature device used by the called user.
  • step S1103 After receiving the sign-in request sent by the calling terminal and/or the called terminal, the server authenticates the identity authentication data sent by the received calling terminal and/or the called terminal; after the authentication is passed, step S1104 is performed;
  • This step S1103 is an optional step.
  • S1104 The server associates and stores the ID of the calling user with the communication identifier of the calling terminal, and/or associates and stores the ID of the called user with the communication identifier of the called terminal.
  • S1105 The calling terminal acquires an ID of the called user.
  • the calling terminal can obtain the ID of the called user by using one of the following methods: the calling user inputs the ID of the called user to the calling terminal through the input device of the calling terminal, and the calling user calls the calling party by voice.
  • the terminal inputs the ID of the called user, and the like.
  • S1106 The calling terminal initiates a call request of the called user to the server, where the call request carries the ID of the called user;
  • S1107 The server sends a verification request to the calling terminal and/or the called terminal.
  • the calling terminal After receiving the verification request, acquires signature data from the second electronic signature device, where the signature data is data obtained by signing the signature data by the second electronic signature device; sending the signature data to the server;
  • the called terminal After receiving the verification request, the called terminal acquires signature data from the first electronic signature device, and the signature data is An electronic signature device that obtains data obtained by signing signature data; transmitting the signature data to the server;
  • step S1110 The server performs the verification after receiving the signature data returned by the calling terminal and/or the called terminal; and after the verification is passed, step S1111 is performed.
  • the steps S1107 to S1110 are optional steps.
  • S1111 After receiving the call request of the calling terminal to the called user, the server establishes a call link between the calling terminal and the called terminal according to the association relationship between the ID of the called user and the communication identifier of the called terminal, and The called terminal displays the ID of the calling user;
  • S1112 The calling terminal and the called terminal negotiate a transmission key by using respective electronic signature devices, and encrypt and decrypt the transmission data by using the transmission key.
  • step S1112 may be that the calling terminal and the called terminal respectively negotiate and transmit the transmission key with the respective electronic signature device, and send the negotiated transmission key to the server, the calling terminal, The called terminal encrypts and decrypts the transmission data by using the respective transmission keys respectively; the server encrypts and decrypts the transmission data by using various received transmission keys of the calling terminal and the called terminal.
  • the terminal is connected, and the associated communication identifier and the user's ID are signed on the server, so that the user can make a call or answer the call on any terminal by using the electronic signature device, thereby realizing the mobility of the fixed call mode.
  • the server can verify whether the identity of the primary and the called user is legal through the identity authentication data sent by the calling and called terminals, thereby ensuring the identity legality of the ID associated with the communication identifier of the terminal, and further, before the call is connected, the server further Verify that the calling and called users are online, and verify that the identity of the calling and called users is legal through the signature data, thus ensuring the security of the call.
  • this embodiment provides a process for a terminal to initiate a check-in to a server.
  • the terminal includes a calling terminal and/or a called terminal.
  • the user includes a calling user and/or a called user, and the electronic signature is performed.
  • the device takes KEY as an example and includes the following steps:
  • S1201 The terminal sends a check-in instruction to the server.
  • S1202 The server returns data to be signed to the terminal.
  • the data to be signed includes a random number generated by the server.
  • S1203 The terminal sends the data to be signed to the KEY connected thereto;
  • S1204 The KEY signs the random number sent by the server, the ID of the user, or one of the random numbers generated by the KEY itself to obtain identity authentication data.
  • the ID of the user is a unique identifier of the KEY registered by the user for the user on the server. At the time of registration, KEY saves the user's ID;
  • S1205 KEY sends the identity authentication data and the ID of the user to the terminal;
  • the KEY also needs to send its digital certificate to the terminal. If the random number generated by the terminal itself is signed in step S1204, the KEY also needs to send the random number generated by the terminal itself to the terminal.
  • the terminal sends a check-in request to the server, where the check-in request carries at least the ID of the user, and may further carry the identity authentication data.
  • the terminal also needs to send the digital certificate of the KEY to the server. If the random number generated by the terminal itself is signed in step S1204, the random number generated by the terminal itself needs to be carried in the sign-in request, so that the server performs identity authentication.
  • S1207 The server authenticates the identity authentication data sent by the received terminal.
  • the server authenticates the identity authentication data, which includes: verifying the certificate sent by the terminal and verifying the signed identity authentication data. This is a prior art and will not be described here.
  • the user only needs to carry his KEY with him and connect his KEY to any terminal.
  • the terminal After the server signs in, that is, after the server associates the user ID with the communication identifier of the terminal, the terminal The call of the other terminal to the ID of the user can be received.
  • the caller ID at the opposite end is also the ID of the user, thereby implementing the mobile answering or making a call by using the KEY.
  • the server can verify whether the identity of the calling party and the called party are legal through the identity authentication data sent by the calling terminal, so as to ensure the identity of the ID associated with the communication identifier of the terminal, thereby ensuring the security of the call.
  • this embodiment provides a process for initiating a release check-in.
  • the terminal includes a calling terminal and/or a called terminal.
  • the user includes a calling user and/or a called user, and the electronic signature device
  • the KEY is an example, which includes the following steps:
  • the initiator that releases the sign-in can be the party of the call or the server.
  • the terminal receives the release check-in instruction, which specifically includes one or more of the following ways:
  • Manner 1 The calling terminal receives the release sign-in command input by the calling user. For example, the calling user inputs “9#”, indicating that the calling user requests to release the sign-in;
  • Manner 3 The calling terminal receives the release sign-in command of the second electronic signature device connected thereto, for example, the calling user disconnects the connection between the second electronic signature device and the calling terminal according to the C key on the second electronic signature device. At this time, the second electronic signature device also issues a release sign-in command to the calling terminal when disconnected from the calling terminal.
  • S1302 The terminal sends a release check-in instruction to the server.
  • S1303 The server returns data to be signed to the terminal.
  • the data to be signed includes a random number generated by the server.
  • S1304 The terminal sends the data to be signed to the KEY connected thereto;
  • S1305 The KEY signs the random number sent by the server, the ID of the user, or one of the random numbers generated by the KEY itself to obtain the identity authentication data.
  • the ID of the user is a unique identifier of the KEY registered by the user for the user on the server.
  • KEY saves the user's ID
  • S1306 The KEY sends the identity authentication data and the ID of the user to the terminal.
  • the KEY also needs to send its digital certificate to the terminal. If the random number generated by the terminal itself is signed in step S1304, the KEY also needs to send the random number generated by the terminal itself to the terminal.
  • S1307 The terminal sends a release check-in request to the server, and releases the check-in request to carry the identity authentication data.
  • the terminal also needs to send the digital certificate of the KEY to the server. If the random number generated by the terminal itself is signed in step S1304, the random number generated by the terminal itself needs to be carried in the release sign-in request, so that the server performs identity authentication.
  • S1308 The server authenticates the identity authentication data sent by the received terminal.
  • the server authenticates the identity authentication data, which includes: verifying the certificate sent by the terminal and verifying the signed identity authentication data. This is a prior art and will not be described here.
  • the server returns the data to be verified to the terminal in step S1303, and the steps S1304 to S1306 are combined into one step, which are all executed by the terminal without sending a signature to the KEY, and the security chip of the terminal can send the server to the server.
  • the data to be verified is encrypted to obtain identity authentication data.
  • the server authenticates the identity authentication data, that is, decrypts the identity authentication data by using a symmetric key.
  • the user can release the association relationship with the terminal when a certain terminal is not used, so that other users can use the terminal, thereby improving the utilization rate of the terminal.
  • the server can verify whether the identity of the calling party and the called party are legal through the identity authentication data sent by the calling terminal, so as to ensure that the identity of the initiator of the sign-in is released to prevent the malicious signing of the sign-in. .
  • This embodiment provides a process of key hopping and line hopping, as follows:
  • FIG. 21 is a flowchart of performing a key hopping when data is exchanged between a terminal and a terminal. Referring to FIG. 21, the first terminal and the second terminal perform the following processes:
  • S1402 Determine whether the jump point is reached. If the jump point is not reached, execute S1401. If the jump point is reached, Line S1403;
  • S1405 Determine whether to end the call, if the call ends, execute S1406, if the call is not ended, execute S1402;
  • the hopping threshold of the hopping point may be set to a preset time interval or a preset amount of data, and each time the hopping threshold is reached, a hopping is performed.
  • the operation performed by the first terminal refers to an operation performed by the first terminal through the electronic signature device connected thereto
  • the operation performed by the second terminal refers to the second terminal through which the second terminal is connected.
  • the operation performed by the electronic signature device The first terminal is a called terminal, the second terminal is a called terminal, or the first terminal is a called terminal, and the second terminal is a called terminal.
  • the first terminal and the second terminal may calculate a new transport key by, but not limited to, one of the following methods:
  • Manner 1 The first terminal and the second terminal pre-negotiate the transmission key list, and after determining that the hop point is reached, sequentially use the transmission key in the pre-negotiated transmission key list; for example, the transmission key list includes K0, K1... Kn, use K0, K1, K2... in sequence until the end of the call.
  • Manner 2 The first terminal and the second terminal pre-negotiate the transmission key list and the hopping factor list, determine that the hopping point is reached, calculate a hopping factor by using a preset algorithm, and determine that the new transmission key is in the transmission key list. Position, select a new transmission key determined; for example, the transmission key list includes K0, K1, ..., Kn, and the hopping factor list includes: R0, R1, ..., Rn, and R0 is calculated by a preset algorithm to obtain a fourth point. The location of the transmission key K3, etc., select a new transmission key.
  • Manner 3 The first terminal and the second terminal pre-negotiate the hopping factor list, and after determining that the hopping point is reached, the hopping factor R is sequentially calculated by the preset algorithm to obtain a new transmission key; for example, the hopping factor list includes: R0, R1...Rn, calculate the new transmission key by calculating the R0 by the preset algorithm, and then calculate the new transmission key by calculating the R1 through the preset algorithm... until the end of the call.
  • Manner 4 The first terminal and the second terminal pre-negotiate the hopping factor list, and after determining that the hopping point is reached, the hopping factor R and the current transmission key are calculated by a preset algorithm to obtain a new transmission key.
  • the hopping factor list includes: R0, R1, ..., Rn, and calculates a new transmission key by calculating a R0 and a current transmission key by a preset algorithm, and then using a preset algorithm for R1 and the previously calculated new transmission. The key is calculated to get a new transport key... until the end of the call.
  • the above hopping factor can be a random number to ensure the randomness of the hopping factor.
  • FIG. 22 is a flowchart showing a process of performing a key hopping when data is exchanged between a terminal and a terminal. Referring to FIG. 22, the following process is performed between the first terminal and the second terminal:
  • S1501 The first terminal and the second terminal encrypt or decrypt the transmission data by using the current transmission key.
  • the first terminal sends a key hopping request to the second terminal.
  • S1503 The first terminal and the second terminal respectively calculate a new transmission key according to a preset algorithm.
  • S1505 Determine whether to end the call, if the call ends, execute S1506, if the call is not ended, execute S1502;
  • the key hopping request may be only one instruction, and may also include a hopping factor, wherein the hopping factor may be a random number to ensure the randomness of the hopping factor.
  • the operation performed by the first terminal refers to an operation performed by the first terminal through the electronic signature device connected thereto
  • the operation performed by the second terminal refers to the second terminal through which the second terminal is connected.
  • the first terminal may be the calling terminal, the second terminal is the called terminal, or the second terminal is the calling terminal, and the first terminal is the called terminal.
  • the present invention is not limited to the first terminal sending a hopping request, and may also be initiated by the second terminal, and the flow may be reversed from the flow shown in FIG.
  • the first terminal and the second terminal may calculate a new transport key by, but not limited to, one of the following methods:
  • Manner 1 The first terminal and the second terminal pre-negotiate the transmission key list, and after transmitting the key hopping request and receiving the key hopping request, sequentially use the transmission key in the pre-negotiated transmission key list; for example, transmitting
  • the key list includes K0, K1...Kn, which in turn uses K0, K1, K2... until the end of the call.
  • Manner 2 The first terminal and the second terminal pre-negotiate the transmission key list and the hopping factor list, and after transmitting the key hopping request and receiving the key hopping request, calculate a hopping factor by using a preset algorithm to determine a new one.
  • the transmission key selects the determined new transmission key at the location of the transmission key list; for example, the transmission key list includes K0, K1, ..., Kn, and the hopping factor list includes: R0, R1, ..., Rn, through a preset algorithm Calculate R0, get the transmission key K3 pointing to the 4th position, etc., and select a new transmission key.
  • Manner 3 The first terminal and the second terminal pre-negotiate the hopping factor list, and after transmitting the key hopping request and receiving the key hopping request, the hopping factor R is sequentially calculated by the preset algorithm to obtain a new transmission key.
  • the key for example, the hopping factor list includes: R0, R1, ... Rn, the new transmission key is calculated by calculating the R0 by a preset algorithm, and then the R1 is calculated by a preset algorithm to obtain a new transmission key... call ended.
  • Manner 4 The first terminal and the second terminal pre-negotiate the hopping factor list, send the key hopping request, and receive the key hopping request, and then calculate the hopping factor R and the current transmission key by using a preset algorithm.
  • the new transport key includes: R0, R1, ..., Rn, and calculates a new transmission key by calculating a R0 and a current transmission key by a preset algorithm, and then using a preset algorithm for R1 and the previously calculated new transmission.
  • the key is calculated to get a new transport key... until the end of the call.
  • FIG. 23 shows a process of performing key hopping when data is exchanged between a terminal and a server.
  • both the terminal and the server perform the following processes:
  • S1601 The terminal and the server encrypt or decrypt the transmission data by using the current transmission key
  • S1602 Determine whether the jump point is reached, if the jump point is not reached, execute S1601, and if the jump point is reached, execute S1603;
  • S1605 Determine whether to end the call, if the call ends, execute S1606, if the call is not ended, execute S1602;
  • the hopping threshold of the hopping point may be set to a preset time interval or a preset amount of data, and each time the hopping threshold is reached, a hopping is performed.
  • the operation performed by the terminal refers to an operation performed by the calling terminal through the electronic signature device connected thereto, or an operation performed by the terminal itself.
  • the terminal may be the calling terminal or the called terminal.
  • the terminal and the server may calculate a new transport key by, but not limited to, one of the following methods:
  • Manner 1 The terminal and the server pre-negotiate the transmission key list, and after determining that the hop point is reached, sequentially use the transmission key in the pre-negotiated transmission key list; for example, the transmission key list includes K0, K1, ..., Kn, and sequentially K0, K1, K2... until the end of the call.
  • Manner 2 The terminal and the server pre-negotiate the transmission key list and the hopping factor list, determine that the hopping point is reached, calculate the hopping factor by using a preset algorithm, determine the location of the new transmission key in the transmission key list, and select OK.
  • the new transmission key for example, the transmission key list includes K0, K1, ..., Kn, and the hopping factor list includes: R0, R1, ..., Rn, and R0 is calculated by a preset algorithm to obtain a transmission directed to the fourth position. In the manner of key K3, etc., a new transmission key is selected.
  • Manner 3 The terminal and the server pre-negotiate the hopping factor list, and after determining that the hopping point is reached, the hopping factor R is sequentially calculated by the preset algorithm to obtain a new transmission key; for example, the hopping factor list includes: R0, R1... ...Rn, calculate the new transmission key by calculating the R0 by the preset algorithm, and then calculate the new transmission key by calculating the R1 through the preset algorithm... until the end of the call.
  • the terminal and the server pre-negotiate the hopping factor list, and after determining that the hopping point is reached, the hopping factor R and the current transmission key are calculated by a preset algorithm to obtain a new transmission key.
  • the hopping factor list includes: R0, R1, ..., Rn, and calculates a new transmission key by calculating a R0 and a current transmission key by a preset algorithm, and then using a preset algorithm for R1 and the previously calculated new transmission. The key is calculated to get a new transport key... until the end of the call.
  • the above hopping factor can be a random number to ensure the randomness of the hopping factor.
  • FIG. 24 shows a flow of performing a key hopping when another terminal performs a data interaction with a server. Referring to FIG. 24, the following process is performed between the terminal and the server:
  • S1701 The terminal and the server encrypt or decrypt the transmission data by using the current transmission key
  • S1702 The terminal sends a key hopping request to the server.
  • S1703 The terminal and the server respectively calculate a new transmission key according to a preset algorithm.
  • the key hopping request may be only one instruction, and may also include a hopping factor, wherein the hopping factor may be a random number to ensure the randomness of the hopping factor.
  • the operation performed by the terminal refers to an operation performed by the terminal through the electronic signature device connected thereto, or an operation performed by the terminal itself.
  • the terminal may be a calling terminal or a called terminal.
  • the present invention is not limited to the terminal transmitting the hopping request, and may also be initiated by the server, and the flow may be reversed from the flow shown in FIG.
  • the terminal and the server may calculate a new transport key by, but not limited to, one of the following methods:
  • Manner 1 The terminal and the server pre-negotiate the transmission key list, and after transmitting the key hopping request and receiving the key hopping request, sequentially use the transmission key in the pre-negotiated transmission key list; for example, the transmission key list includes K0, K1...Kn, use K0, K1, K2... in sequence until the end of the call.
  • Manner 2 The terminal and the server pre-negotiate the transmission key list and the hopping factor list, send the key hopping request, and receive the key hopping request, calculate the hopping factor by using a preset algorithm, and determine that the new transmission key is The location of the transmission key list is selected, and the determined new transmission key is selected; for example, the transmission key list includes K0, K1, ..., Kn, and the hopping factor list includes: R0, R1, ..., Rn, and R0 is calculated by a preset algorithm. , get the transmission key K3 pointing to the 4th position, etc., and select a new transmission key.
  • Manner 3 The terminal and the server pre-negotiate the hopping factor list, send the key hopping request, and receive the key hopping request, and then calculate the hopping factor R in turn by the preset algorithm to obtain a new transmission key; for example, hopping
  • the variable factor list includes: R0, R1, ..., Rn, a new transmission key is calculated by calculating a R0 by a preset algorithm, and then a new transmission key is calculated by a predetermined algorithm for R1... until the end of the call.
  • Manner 4 The terminal and the server pre-negotiate the hopping factor list, send the key hopping request, and receive the key hopping request, calculate the hopping factor R and the current transmission key by using a preset algorithm to obtain a new transmission key.
  • the hopping factor list includes: R0, R1, ..., Rn, and calculates a new transmission key by calculating a R0 and a current transmission key by a preset algorithm, and then using a preset algorithm for R1 and the previously calculated new transmission. The key is calculated to get a new transport key... until the end of the call.
  • this embodiment provides a method for calling a multi-party call.
  • the calling method can be implemented by the called terminal 110, the calling terminal 120, and the server 130 in the foregoing embodiment, and the electronic signature device is KEY.
  • the calling terminal 120 is a multi-party calling party, and the called terminal includes multiple, and assuming that a plurality of called terminals have been checked in at the server, the server associates the ID of the called user with the communication identifier of the called terminal and stores .
  • the present embodiment takes the three called terminals as an example.
  • the calling method in this embodiment may mainly include the following steps (S1801 to S1814).
  • S1801 The calling terminal acquires IDs of multiple called users.
  • the calling terminal may obtain the IDs of the plurality of called users by using one of the following methods: the calling user inputs the IDs of the plurality of called users to the calling terminal through the input device of the calling terminal, and the calling user passes the voice.
  • the method inputs the IDs of a plurality of called users, and the like to the calling terminal.
  • three called terminals are taken as an example, and the ID of the called user is also three.
  • the calling terminal initiates a call request to a plurality of called users to the server, where the call request carries the IDs of the plurality of called users.
  • the server After receiving the call request initiated by the calling terminal, the server further includes the step of initiating the verification check to the calling terminal and the called terminal.
  • the steps of the check are optional.
  • S1803 After receiving the call request of the calling terminal to each called user, the server initiates a multi-party call request to each called terminal according to the association relationship between the ID of the called user and the communication identifier of the called terminal.
  • the called terminal 1 After receiving the multi-party call request, the called terminal 1 confirms joining the multi-party call, and returns an acknowledgement response to the server, where the confirmation response carries at least the ID of the called user 1.
  • the ID of the called user 1 is obtained by the called terminal 1 from its KEY1.
  • the acknowledgment response may also carry the single authentication data acquired by the called terminal 1 from its KEY1.
  • S1805 The server sends an acknowledgment response to the calling terminal, and the acknowledgment response carries at least the ID of the called user 1.
  • the calling terminal After receiving the acknowledgment response, the calling terminal generates a shared key by using the KEY, and encrypts the shared key by using the KEY of the called terminal 1 to obtain the shared key ciphertext and sends the ciphertext to the server.
  • the calling terminal may perform identity authentication on the called terminal according to the single authentication data carried in the confirmation response before generating the shared key, and generate a shared key after the authentication is passed.
  • the authentication process includes multiple implementations. Way, no more details here.
  • the calling terminal may also send a single authentication data to the called terminal 1 at the same time as the shared terminal ciphertext, so that the called terminal 1 authenticates the identity of the calling terminal, and the authentication process includes multiple achievable modes. , will not repeat them here.
  • the server also sends the single authentication data sent by the calling terminal to the called terminal 1 to the called terminal 1.
  • the called terminal 1 Before the called terminal 1 decrypts the shared key ciphertext, the called terminal may perform identity authentication according to the single authentication data sent by the calling terminal forwarded by the server, and decrypt the shared key ciphertext after the authentication is passed.
  • the authentication process includes multiple implementations, which are not described here.
  • the called terminal 1 completes joining the multiparty call.
  • the called terminal 2 also agrees to join the multiparty call, and the join multiparty call flow is the same as the above steps S1804 to S1808.
  • the called terminal 3 After receiving the multi-party call request, the called terminal 3 refuses to join the multi-party call, and returns a reject response to the server, where the reject response carries at least the ID of the called user 3.
  • S1811 The server establishes a call link between the calling terminal and each called terminal that joins the multiparty call, and each called terminal that joins the multiparty call.
  • each terminal in the multi-party call (the calling terminal and each called terminal that joins the multi-party call) encrypts the transmission data by using the shared key by the respective KEY to generate a call ciphertext, and sends the ciphertext to the server.
  • S1813 The server broadcasts the received ciphertext sent by each terminal to each terminal in the multiparty call.
  • Each terminal in the multiparty call decrypts the call ciphertext by using the shared key through the respective KEY.
  • the terminal initiates the call (the user's ID is associated with the terminal communication identifier), and the originating terminal of the multi-party call (the calling terminal in this embodiment) can pass the ID of the calling user.
  • Multiple terminals connected to the KEY are added to the multi-party call to realize mobile answering, and each terminal in the multi-party call can encrypt the transmission data to ensure the security of the multi-party call.
  • FIG. 26 shows a sign-in method according to an embodiment of the present invention, which is applied to the server side.
  • the sign-in method according to the embodiment of the present invention includes the following steps S1901 to S1902:
  • the server receives the communication identifier and the check-in request sent by the terminal, where the check-in request includes the user ID; the user ID is a unique identifier registered by the user on the server for the first electronic signature device used by the user.
  • the user registers the electronic signature device used by the user on the server, so that the electronic signature device has a unique identifier, and the unique identifier is used as the user ID.
  • the user ID may be, but is not limited to, a number, a letter, a character, one of the Chinese characters, or a combination thereof. This user ID is equivalent to the user's identification number.
  • the user needs to send a check-in request to the server on the terminal used, and the check-in request includes at least the user ID, so that the server can know the identity of the user who is using the terminal.
  • the terminal also sends a communication identifier, where the communication identifier is a communication identifier of the terminal on the server, and the server can find the terminal through the communication identifier, and the communication identifier can be the port number of the terminal (such as the port number of the fixed telephone), and the IP address/MAC.
  • the address IP address/MAC address of the PC or the like
  • the authentication key of the SIM card such as the SIM card of the mobile terminal
  • the server determines the terminal.
  • the electronic signature device includes, but is not limited to, an electronic signature key (KEY device such as U-Shield of ICBC or K-Bao of Agricultural Bank of China), a smart card with a security chip, etc., wherein the security chip can perform signature The function of computing, encrypting and decrypting, and negotiating the transmission key.
  • ETY device such as U-Shield of ICBC or K-Bao of Agricultural Bank of China
  • the security chip can perform signature The function of computing, encrypting and decrypting, and negotiating the transmission key.
  • the terminal when the terminal sends the check-in request, the terminal may carry the user identity authentication data in the check-in request in addition to the user ID. And sending to the server, so that the server authenticates the identity of the user to ensure the identity is legal.
  • the server After the server authenticates the user identity authentication data, the server performs the step of associating and storing the user ID with the communication identifier of the terminal.
  • the user identity authentication data is obtained by the electronic signature device signing the signature data, and the data to be signed can be obtained by one of the following methods:
  • Method 1 The data to be signed can be the user ID.
  • the data to be signed may include a single authentication data, which may be generated by the electronic signature device, or may be sent by the terminal to the server and sent to the electronic signature device.
  • the single authentication data may be one of a random number and an event factor or a combination thereof, wherein the event factor may be generated every time a cumulative +1 or an arbitrary value is generated.
  • Mode 3 The combination of single authentication data and user ID in mode two.
  • Method 4 The password set by the electronic signature device at the time of registration or the dynamic password generated by the dynamic port token associated with the electronic signature device.
  • S1902 associate and store the user ID with the communication identifier of the terminal
  • the server after receiving the user ID sent by the terminal, the server associates and stores the user ID with the communication identifier of the terminal, so that the server can know the terminal used by the user, so as to notify the terminal to open the service requested by the user.
  • the server can connect the service of the user ID to the current user. On the terminal that is checked in, so that the user can implement the requested service on any terminal using the same ID. It provides convenience for users to use electronic devices.
  • step S1901 if the terminal carries the user identity authentication data in the sent check-in request, after the server receives the sign-in request of the terminal, in this step, the server It is also possible to authenticate the user identity authentication data sent by the received terminal, and after the authentication is passed, execute The step of associating and storing the user ID with the communication identifier of the terminal.
  • the server may perform identity authentication by verifying the signature data by the public key of the electronic signature device stored by the user when registering the electronic signature device on the server, or verify the static password or the dynamic password for identity authentication. Therefore, it is ensured that the step of associating and storing the user ID with the communication identifier of the terminal is performed only after the identity of the authenticated user is legal, so as to ensure the legality of the user's check-in.
  • the server is configured to simultaneously store association relationships between more than one user ID and communication identifiers of different terminals, and the user can check in at more than one different terminal, all The terminal starts the service requested by the user.
  • the to-be-response information may be broadcast to more than one different terminal, and the terminal that the user is using sends a response message to the server according to the information to be responded, the server The terminal that the user is using is determined based on the response information, and the response information may be user identity authentication data in the foregoing alternative embodiment. Ensure that only the user can receive the information sent by the server or establish further communication with the server.
  • the server is configured to store only one user ID and the communication identifier of the terminal, that is, in step S1902, the user ID is associated with the communication identifier of the terminal. Before the storage, the server may further detect that the user ID has an association relationship. If the user ID has an association relationship, the server needs to be disassociated first, so that the user can only use one terminal device at the same time to avoid illegal sign-in. Optionally, after the association relationship is removed, the server sends the deletion association information to the terminal that disassociates the relationship, and the terminal closes the function requested by the user according to the deletion association information.
  • the server may further include: the server sends the association success information to the terminal. It is used to prompt the terminal to open the function that the user applies for, so that the user can use the terminal normally.
  • the server may further include: deleting the association between the user ID and the communication identifier of the terminal. . Based on this, the server can release the check-in to the user without affecting the normal use of the terminal checked in by the user.
  • the server can trigger the process of releasing the check-in to the user by receiving the release check-in command sent by the terminal, and the server determines that the check-in needs to be released: in an optional implementation of the embodiment of the present invention, if the server receives the terminal, The release of the sign-in command, the server can also verify the identity of the user to ensure that the identity of the user who is released is legal. At this time, the server may receive the user identity authentication data returned by the terminal, and perform identity authentication. After the identity authentication is passed, the execution server deletes the association relationship between the user ID and the communication identifier of the terminal. Specifically, the user identity authentication data returned by the terminal may be generated in the same manner as the terminal sends the sign-in request, and the server may perform the authentication by using the corresponding authentication method, and details are not described herein.
  • the portable device when the user does not carry the electronic device, the portable device is only required to be carried.
  • the electronic signature device is connected to any terminal, and the server identifies the communication identifier of the associated terminal and the ID of the user on the server, and the server can connect the service of the user ID to the terminal currently signed by the user, so that the user can use the same ID in any
  • the terminal implements the service requested by the terminal.
  • the terminal authenticates the electronic signature device, and the server authenticates the terminal and the user identity. After the authentication is passed, the electronic signature device can be used to make any terminal in the server. Get permission to personalize any terminal at any time.
  • the user can obtain the association between the terminal and the user ID on the server through the electronic signature device on any terminal, obtain the right, and then use the charging software that the user has purchased, and use the electronic when the user ends the use.
  • the signature device ends the association between the terminal and the user ID (ie, releases the check-in), and does not affect the user's use on other terminals.
  • the public terminal can pre-install any charging software, and the user who has purchased the rights can use the user ID to associate with the terminal. The way to use the charging software.
  • the user can use any fixed telephone, PC or mobile terminal to make or receive a call, and the electronic signature device performs association between the communication identifier of the terminal and the user ID on the server, and then uses the terminal to make or receive a personal call without carrying a mobile phone.
  • this embodiment provides a check-in method, which is applied to the terminal side.
  • the sign-in method can be implemented by the terminal in Embodiment 1, and can mainly include the following steps: (S2001-S2002)
  • the terminal determines whether the check-in rule is met, where the check-in rule includes at least one of the following: the terminal receives the sign-in command input by the user; the terminal receives the sign-in command sent by the server; Received a check-in instruction for the electronic signature device connected to it. After the terminal satisfies the check-in rule, it sends a communication identifier and a check-in request to the server to avoid malicious sign-in.
  • the terminal after the triggering the check-in rule, the terminal sends a communication identifier and a check-in request to the server, where the check-in request carries a user ID, and is used to instruct the server to associate the user ID with the communication identifier of the terminal;
  • the user ID is a unique identifier registered by the user on the server for the electronic signature device used by the user; when registering, the electronic signature device saves the user ID, and the user ID may be but not limited to the following methods: numbers, letters, characters, Chinese characters One or a combination thereof.
  • the user ID is equivalent to the identification number, which is convenient for the server to identify the user.
  • Electronic signature devices include, but are not limited to, electronic signature keys (KEY devices such as U-Shield of ICBC or K-Board of ABC), smart cards with security chips, etc., wherein the security chip can perform signature operations, encryption and decryption operations. The function of negotiating the transmission key.
  • the communication identifier is the communication identifier of the terminal on the server, and the server can find the terminal through the communication identifier, and the communication identifier can be the port number of the terminal (such as the port number of the fixed telephone), the IP address/MAC address (the IP address of the PC, etc.) The MAC address), the authentication key of the SIM card (such as the SIM card of the mobile terminal), etc., in order to inform the server which terminal is used by the user, so that the server determines the terminal.
  • the sign-in method of the embodiment further includes: the terminal acquiring the user ID.
  • the user ID is obtained from the electronic signature device connected to the terminal, and the user ID is obtained from the terminal, and the user does not need to memorize the ID, which is convenient for the user to use, thereby improving the user experience (where the user ID may be stored by the electronic signature device, It may also be that the electronic signature device receives the user input through the keyboard, or the terminal acquires the user ID input by the user through the terminal keyboard.
  • the sign-in method of the embodiment further includes: the terminal carries the user identity authentication data in the check-in request, so as to implement the identity authentication of the user on the server side, and ensure the legality of the user identity, thereby ensuring The security of the terminal.
  • the identity authentication data is obtained by the electronic signature device signing the signature data.
  • the method for obtaining the data to be signed is the same as the method for obtaining the data to be signed in Embodiment 1, and details are not described herein again.
  • the sign-in method of the embodiment further includes: the terminal receiving the association success information sent by the server, and the terminal starts the service requested by the user according to the notification.
  • the sign-in method of the embodiment further includes: the terminal sends a release sign-in request to the server, and the release sign-in request carries the user ID for indicating The server deletes the association between the user ID and the communication identifier of the terminal.
  • the terminal can release the check-in without affecting the normal use of the terminal that is checked in by the user.
  • the terminal may further receive the release sign-in command before the triggering terminal sends the release sign-in request to the server, which specifically includes one or more of the following manners:
  • Manner 1 The terminal receives the release sign-in command input by the user, for example, the user inputs “9#”, indicating that the user requests to release the sign-in;
  • Manner 3 The terminal receives the release sign-in command of the electronic signature device connected thereto, for example, the user disconnects the electronic signature device from the terminal according to the C key on the electronic signature device, and the electronic signature device is disconnected from the terminal. A check-in command is also issued to the terminal when connecting.
  • the user can release the association relationship with the terminal when a certain terminal is not used, so that other users can use the terminal, thereby improving the utilization rate of the terminal.
  • the guaranteed release check-in is initiated by the real user, and the sign-off method in this embodiment further includes: the terminal carries the identity authentication data in the release check-in request to implement The server side authenticates the user and ensures security.
  • the identity authentication data carried in the release sign-in request may be generated by the same mechanism as the identity authentication data carried in the check-in request, and details are not described herein.
  • the sign-in method of the embodiment further includes: after the terminal receives the disassociation information sent by the server, the terminal closes the function requested by the user according to the disassociation information, and ensures normal use of the terminal.
  • the terminal may be connected to the electronic signature device by using a wireless connection, or may be connected by a wired manner.
  • the wireless manner may include: Bluetooth, WIFI, NFC, infrared, or RFID; It can include: USB, audio (headphone plug) RJ11, RJ45 or serial port.
  • the server needs to carry the electronic signature device and connect with any terminal, and sign the communication identifier of the associated terminal and the user ID on the server, and the server can The service of the user ID is connected to the terminal currently checked in by the user, so that the user can implement the service requested by the user on the same ID.
  • the terminal authenticates the electronic signature device by using the terminal. The terminal and the user identity are authenticated. After the authentication is passed, the electronic signature device can be used to enable any terminal to obtain the authority on the server, so that any terminal can be personalized at any time.
  • the user can obtain the association between the terminal and the user ID on the server through the electronic signature device on any terminal, obtain the right, and then use the charging software that the user has purchased, and use the electronic when the user ends the use.
  • the signature device ends the association between the terminal and the user ID (ie, releases the check-in), and does not affect the user's use on other terminals.
  • the public terminal can pre-install any charging software, and the user who has purchased the rights can use the user ID to associate with the terminal. The way to use the charging software.
  • the user can use any fixed telephone, PC or mobile terminal to make or receive a call, and the electronic signature device performs association between the communication identifier of the terminal and the user ID on the server, and then uses the terminal to make or receive a personal call without carrying a mobile phone.
  • the embodiment of the present invention provides a check-in processing device, which is in one-to-one correspondence with the check-in method provided in Embodiment 17, and is only briefly described herein.
  • the check-in processing device of this embodiment may be disposed in Embodiments 17-18. In the server.
  • FIG. 28 is a schematic structural diagram of a check-in processing apparatus according to an embodiment of the present invention.
  • the apparatus may include: a receiving module 3001, configured to receive a check-in request sent by a terminal, where the check-in request includes a user ID; A unique identifier registered by the user for the electronic signature device used by the user on the check-in processing device; the receiving module 3002 is configured to associate and store the user ID with the communication identifier of the terminal.
  • the check-in processing device may further include: a first authentication module 3003, configured to authenticate the first user identity authentication data sent by the received terminal, After the authentication is passed, the trigger receiving module 3002 associates and stores the user ID with the communication identifier of the terminal.
  • the first user identity authentication data may be carried in the check-in request and sent to the check-in processing device.
  • the user identity authentication data is obtained by the electronic signature device using the private key to sign the signature data, and the data to be signed may be determined by the electronic signature device. It may also be sent by the check-in processing device. If it is determined by the electronic signature device, the check-in request also carries the plaintext of the data to be signed. With this alternative implementation, the identity of the user who initiated the check-in request can be ensured, avoiding malicious sign-in.
  • the check-in processing device may further include:
  • the deleting module 3004 is configured to delete an association relationship between the user ID and the communication identifier of the terminal.
  • the deleting module 3004 may delete the association relationship actively, or may delete the association relationship triggered by the terminal.
  • the association between the user ID and the terminal can be released in time, so that other users can use the terminal, which improves the utilization of the terminal.
  • the deletion module deletes the association relationship triggered by the terminal, the identity of the user may be authenticated before deleting the relationship.
  • the receiving module 3001 is further configured to receive user identity authentication data returned by the terminal; as shown in FIG. 29, the device further includes: a second identity authentication module 305, The identity authentication is performed according to the identity authentication data. After the identity authentication is passed, the trigger deletion module 3004 deletes the association relationship between the user ID and the communication identifier of the terminal.
  • the check-in processing device may further include: a notification module, configured to send the deletion association information to the terminal after the deletion module deletes the association relationship between the user ID and the communication identifier of the terminal, where the terminal The function requested by the user is closed according to the notification, thereby making it easy for the user to check in at the other terminal.
  • the notification module is further configured to: after the storage module associates the user ID with the communication identifier of the terminal, send the association success information to the terminal, and the terminal may start the function requested by the user according to the notification.
  • the check-in processing device may be configured to simultaneously store the association relationship between the user ID and the communication identifiers of the multiple terminals, and also set that only the user ID and one terminal can be simultaneously stored.
  • the association of communication identifiers may further include: a detecting module, configured to: before the storage module associates the user ID with the communication identifier of the terminal, Check whether the association between the user ID and other terminals exists. If yes, delete the association relationship in the storage module. Make sure that the user ID can only be associated with one terminal to avoid illegal operations.
  • the communication identifier of the associated terminal and the user ID are checked in the check-in processing device, and the check-in processing is performed.
  • the device can connect the service of the user ID to the terminal currently checked in by the user, so that the user can implement the service requested by the user on the same ID.
  • the identity of the electronic signature device is performed by the terminal.
  • the authentication, the check-in processing device authenticates the terminal and the user identity, and after the authentication is passed, the electronic signature device can be used to enable any terminal to obtain the authority on the check-in processing device, so that any terminal can be personalized at any time.
  • the user can obtain the association between the terminal and the user ID on the check-in processing device through the electronic signature device on any terminal, obtain the right, and then use the charging software that the user has purchased, and when the user ends the use,
  • the use of an electronic signature device to end the association between the terminal and the user ID does not affect the user's use on other terminals.
  • the public terminal can pre-install any charging software, and the user who has purchased the permission can use the user ID and The way the terminal is associated uses the charging software.
  • the user can make or receive a call using any fixed telephone, PC or mobile terminal, and associate the communication identifier of the terminal with the user ID on the check-in processing device through the electronic signature device, and then use the terminal. Make or receive a personal call without having to carry a mobile phone.
  • the embodiment of the present invention provides a check-in device, which is in one-to-one correspondence with the check-in method provided in Embodiment 18, and is only briefly described herein.
  • the check-in device of this embodiment is disposed in the terminals of Embodiments 17-18. .
  • FIG. 30 is a schematic structural diagram of a check-in device according to an embodiment of the present invention.
  • the device may include: a check-in triggering module 4001, configured to determine whether a rule for triggering a check-in is met, and if yes, triggering a sending module to send a sign-in request.
  • the sending module 4002 is configured to send a check-in request to the server after the check-in trigger module is triggered, where the check-in request carries a user ID, where the user ID is used to instruct the server to associate the user ID with the communication identifier of the sign-in device, and the user ID is the user.
  • the check-in triggering module 4001 determines whether the rule for triggering the check-in is satisfied, and includes at least one of the following: receiving a check-in instruction input by the user; receiving a check-in instruction sent by the server; receiving the A check-in instruction for the connected electronic signature device.
  • the check-in device may further include: an obtaining module, configured to acquire the user ID from the electronic signature device connected to the check-in device.
  • the sign-in device may further include: an authentication module, configured to perform identity authentication on the electronic signature device.
  • the authentication module may pre-save the public key of the user.
  • the electronic signature device may be instructed to send the identity authentication data.
  • the electronic signature device After receiving the indication, the electronic signature device saves the After the private key treats the signature data, the identity authentication data is obtained, and the identity authentication data is sent to the authentication module, and the authentication module authenticates the identity authentication data by using the public key, and after the authentication is passed, the user stored in the electronic signature device can be used. ID.
  • the data to be signed may be sent by the authentication module to the electronic signature device, or may be determined by the electronic signature device.
  • the electronic signature device may use the plaintext of the data to be signed.
  • the identity authentication data is sent to the authentication module together.
  • the authentication module can perform identity authentication on the electronic signature device, such as authentication by using a password.
  • the sending module 4002 of the check-in device is further configured to carry the user identity authentication data in the check-in request, where the user identity authentication data is obtained by the electronic signature device signing the signature data, Module 403 is obtained from an electronic signature device connected to the sign-in device.
  • the method for obtaining the data to be signed is the same as the method for obtaining the data in the second embodiment, and details are not described herein again.
  • the data to be signed may be determined by the electronic signature device, or may be sent by the server. If the electronic signature device determines, the check-in request also carries the plaintext of the data to be signed. With this alternative implementation, the identity of the user who initiated the check-in request can be ensured, avoiding malicious sign-in.
  • the sending module 4002 of the check-in device is also used to the server.
  • a release check-in request is sent, and the release check-in request carries a user ID, which is used to instruct the server to delete the association relationship between the user ID and the communication identifier of the sign-in device.
  • the user can release the association relationship between the user ID and the sign-in device in time, so that other users can use the sign-in device, thereby improving the utilization rate of the terminal.
  • the sending module 4002 is further configured to carry the user identity authentication data in the release check-in request, in order to ensure that the user who initiates the release of the sign-in request is indeed the user and avoids the illegal release.
  • the identity authentication data carried in the sign-in request is released as data obtained by the electronic signature device by using the private key to sign the signature data, and the data to be signed may be determined by the electronic signature device, or may be determined by the server. If the verification request is sent, if the electronic signature device determines, the check-in request also carries the plaintext of the data to be signed. With this optional implementation, it is ensured that the identity of the checked-in user is released, illegal release is avoided, and the user's terminal is securely used.
  • the check-in device further includes an opening module, where the opening module is configured to enable a function requested by the user when receiving the association notification sent by the server.
  • the check-in device further includes a release module, and the release module is configured to close the function applied by the user when receiving the disassociation notification sent by the server.
  • the sign-in device may be connected to the electronic signature device by way of a wireless connection, or may be connected by a wire.
  • the wireless mode may include: Bluetooth, WIFI, NFC, infrared, or RFID;
  • the method can include: USB, audio (headphone plug) RJ11, RJ45 or serial port.
  • the device is connected to any sign-in device, and the communication identifier of the associated sign-in device and the user ID are signed on the check-in processing device.
  • the check-in processing device can connect the service of the user ID to the check-in device currently checked in by the user, so that the user can implement the service requested by the user on the same device by using the same ID.
  • the device is checked in by the check-in device.
  • the electronic signature device performs identity authentication, and the check-in processing device authenticates the check-in device and the user identity.
  • the electronic signature device can be used to enable the arbitrary check-in device to obtain the right on the check-in processing device, so that the check-in device can be arbitrarily set.
  • the terminal is personalized at any time. If the user does not carry the personal computer, the user can obtain the association between the check-in device and the user ID on the check-in processing device through the electronic signature device on the terminal where the check-in device is arbitrarily set, obtain the right, and then use the charged software that the user has purchased.
  • the electronic signature device is used to end the association between the terminal and the user ID (ie, release the check-in), and the user is not used on other terminals.
  • the public terminal can pre-install any charging software, and the purchased rights are The user can use the charging software in a manner that the user ID is associated with the terminal.
  • the user can use any fixed telephone, PC or mobile terminal to make or receive a call, and the electronic signature device performs the association between the communication identifier of the terminal and the user ID on the check-in processing device, and then uses the terminal to make or receive a personal call without carrying Mobile phone.
  • portions of the invention may be implemented in hardware, software, firmware or a combination thereof.
  • multiple steps or methods may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution system.
  • a suitable instruction execution system For example, if implemented in hardware, as in another embodiment, it can be implemented by any one or combination of the following techniques well known in the art: having logic gates for implementing logic functions on data signals. Discrete logic circuits, application specific integrated circuits with suitable combinational logic gates, programmable gate arrays (PGAs), field programmable gate arrays (FPGAs), etc.
  • each functional unit in each embodiment of the present invention may be integrated into one processing module, or each unit may exist physically separately, or two or more units may be integrated into one module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • the integrated modules, if implemented in the form of software functional modules and sold or used as stand-alone products, may also be stored in a computer readable storage medium.
  • the above mentioned storage medium may be a read only memory, a magnetic disk or an optical disk or the like.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

本发明提供了一种呼叫方法及系统、固定电话机,该方法包括:固定电话机从电子签名设备获取用户的ID;固定电话机向服务器发送签到请求,其中,签到请求中携带有用户的ID;服务器接收签到请求,将用户的ID与固定电话机的通信标识关联存储;服务器接收对用户的ID的呼叫,根据用户的ID与固定电话机的通信标识的关联关系,将呼叫接续到与通信标识对应的固定电话机。

Description

呼叫方法及系统、固定电话机
相关申请的交叉引用
1、本申请要求天地融科技股份有限公司于2014年12月31日提交的、发明名称为“一种终端和通话系统”的、中国专利申请号“201410854449.4”的优先权。
2、本申请要求天地融科技股份有限公司于2014年12月31日提交的、发明名称为“呼叫方法、装置及系统”的、中国专利申请号“201410855585.5”的优先权。
3、本申请要求天地融科技股份有限公司于2015年3月13日提交的、发明名称为“一种终端和通话系统”的、中国专利申请号“201510112694.2”的优先权。
4、本申请要求天地融科技股份有限公司于2015年3月13日提交的、发明名称为“呼叫方法、装置及系统”的、中国专利申请号“201510112531.4”的优先权。
5、本申请要求天地融科技股份有限公司于2015年7月10日提交的、发明名称为“呼叫方法及系统、固定电话机”的、中国专利申请号“201510406003.X”的优先权。
技术领域
本发明涉及一种电子技术领域,尤其涉及一种呼叫方法及系统、固定电话机。
背景技术
在现有的固定电话通话系统下,用户可以在运营商处提出注册申请,运营商审核通过以后会分配一个网络端口和一个对应的电话号码给该用户并进行登记。之后,该用户就可以使用连接在这个网络端口的固定电话机拨打或接听电话。其他人就通过拨打给该用户分配的电话号码来联系他。
作为被叫,由于固定电话机的物理端口是固定的,如果用户不在这个电话机位置上(例如换了办公位置,或者下班回家等情况),而其他人拨打这个电话号码将不能再找到他。或者,如果该用户变更地址后又需要重新申请号码,又要将新号码通知其他人,其他人欲通过固话找到该用户,也往往需要记录下多个固定电话号码(新的办公电话,家庭座机等号码),非常不方便。
此外,当某一个物理端口和电话号码被分配给某个用户后,这个电话号码对应的电话端口只能被此用户所用。也就是说,别人只能用这个电话号码拨出电话,但是该端口接听的只能是该用户的被叫电话,从一定程度上,必须为每个用户均分配端口和对应的电话号码也是一种资源浪费。
发明内容
本发明旨在解决一个电话号码仅能固定地对应一个固定电话机的问题。
本发明的主要目的在于提供一种呼叫方法及系统、固定电话机、终端、通话装置、通话系统、呼叫处理装置、呼叫装置,签到方法、签到装置、签到处理装置以及签到系统。
为达到上述目的,本发明的技术方案具体是这样实现的:
根据本发明的一个方面,提供了一种呼叫方法,包括:固定电话机从电子签名设备获取用户的ID;固定电话机向服务器发送签到请求,其中,签到请求中携带有用户的ID;服务器接收签到请求,将用户的ID与固定电话机的通信标识关联存储;服务器接收对用户的ID的呼叫,根据用户的ID与固定电话机的通信标识的关联关系,将呼叫接续到与通信标识对应的固定电话机。
可选地,在服务器将用户的ID与固定电话机的通信标识关联存储之前,还包括:服务器对电子签名设备进行身份认证,认证通过后,执行将用户的ID与固定电话机的通信标识关联存储的步骤。
可选地,服务器对电子签名设备进行身份认证包括:服务器向固定电话机发送第一验签请求;固定电话机接收第一验签请求,并将第一验签请求发送给电子签名设备;电子签名设备接收到第一验签请求,对第一待签名数据进行签名,向固定电话机发送第一验签响应,其中,在第一验签请求中携带第一待签名数据的情况下,第一验签响应中携带的信息包括:签名得到的第一签名数据,在第一验签请求中没有携带的第一待签名数据的情况下,第一验签响应中的携带的信息包括:第一待签名数据和签名得到的第一签名数据;固定电话机将接收到的第一验签响应发送给服务器;服务器接收到第一验签响应,对第一验签响应中携带的第一签名数据进行验签。
可选地,在固定电话机向服务器发送签到请求之前,还包括:电子签名设备对第二待签名数据进行签名,将第二待签名数据及签名得到的第二签名数据发送给固定电话机;签到请求中携带的信息包括:用户的ID、第二待签名数据和第二签名数据;或者,签到请求中携带的信息包括:第二待签名数据和第二签名数据,其中,第二待签名数据包括用户的ID;服务器对电子签名设备进行身份认证包括:服务器至少根据第二待签名数据对第二签名数据进行验签。
可选地,在固定电话机向服务器发送签到请求之前,还包括:固定电话机对电子签名设备进行身份认证。
可选地,在将用户的ID与固定电话机的通信标识关联存储之后,还包括:服务器删除用户的ID与固定电话机的通信标识的关联关系。
可选地,在固定电话机向服务器发送签到请求之后,服务器删除用户的ID与固定电话 机的通信标识的关联关系之前,还包括:固定电话机向服务器发送第一释放签到请求,其中,第一释放签到请求中携带有用户的ID;服务器接收第一释放签到请求。
可选地,固定电话机向服务器发送释放签到请求之前,方法还包括:固定电话机接收电子签名设备发送的第二释放签到请求,其中,第二释放签到请求中携带有第三待签名数据以及对第三待签名数据进行签名得到的第三签名数据;第一释放签到请求中还携带有第三待签名数据以及第三签名数据;服务器删除用户的ID与固定电话机的通信标识的关联关系包括:服务器至少根据第三待签名数据对第三签名数据进行验签,验签通过之后,删除用户的ID与固定电话机的通信标识的关联关系。
可选地,服务器删除用户的ID与固定电话机的通信标识的关联关系之前,还包括:服务器向固定电话机发送第二验签请求,其中,第二验签请求中携带有第四待签名数据;固定电话机接收第二验签请求,并将第二验签请求发送给电子签名设备;电子签名设备接收到第二验签请求,对第四待签名数据进行签名;电子签名设备将签名得到的第四签名数据发送给固定电话机;固定电话机将接收到的第四签名数据发送给服务器;服务器接收到第四签名数据,对第四签名数据进行验签,在验签通过之后,执行删除用户的ID与固定电话机的通信标识关联关系的步骤。
可选地,服务器删除用户的ID与固定电话机的通信标识的关联关系之后,方法还包括:服务器通知固定电话机,服务器已释放用户的ID的签到。
可选地,在服务器接收对用户的ID的呼叫后,还包括:向固定电话机发送第三验签请求,其中,第三验签请求中携带有第五待签名数据;固定电话机接收第三验签请求,并将第三验签请求发送给电子签名设备;电子签名设备接收第三验签请求,对第五待签名数据进行签名;电子签名设备将签名得到的第五签名数据发送给固定电话机;固定电话机将接收到的第五签名数据发送给服务器;服务器接收到第五签名数据,对第五签名数据进行验签,在验签通过之后,执行将呼叫接续到固定电话机的步骤。
可选地,在服务器接收对用户的ID的呼叫之后,还包括:判断呼叫的类型为预设的呼叫类型,执行将呼叫接续到固定电话机的步骤。
根据本发明的另一个方面,提供了一种呼叫系统,包括:电子签名设备,用于存储用户的ID;固定电话机,用于从电子签名设备获取用户的ID,以及向服务器发送签到请求,其中,签到请求中携带有用户的ID;服务器,用于接收签到请求,将用户的ID与固定电话机的通信标识关联存储,以及接收对用户的ID的呼叫,根据用户的ID与固定电话机的通信标识的关联关系,将呼叫接续到与通信标识对应的固定电话机。
可选地,服务器还用于在将用户的ID与固定电话机的通信标识关联存储之前,对电子签名设备进行身份认证,认证通过后,触发将用户的ID与固定电话机的通信标识关联存储 的操作。
可选地,服务器通过以下方式对电子签名设备进行身份认证包括:向固定电话机发送第一验签请求,以及接收固定电话机返回的第一验签响应,对第一验签响应中携带的第一签名数据进行验签,其中,在第一验签请求中携带第一待签名数据的情况下,第一验签响应中携带的信息包括:签名得到的第一签名数据;在第一验签请求中没有携带的第一待签名数据的情况下,第一验签响应中的携带的信息包括:第一待签名数据和签名得到的第一签名数据;固定电话机还用于接收第一验签请求,并将第一验签请求发送给电子签名设备,以及接收电子签名设备返回的第一验签响应,并将第一验签响应发送给服务器;电子签名设备还用于接收第一验签请求,对第一待签名数据进行签名,以及第一验签响应发送给固定电话机。
可选地,电子签名设备还用于对第二待签名数据进行签名,将第二待签名数据及签名得到的第二签名数据发送给固定电话机;固定电话机还用于在向服务器发送签到请求之前,接收电子签名设备发送的第二待签名数据及签名得到的第二签名数据;签到请求中携带的信息包括:用户的ID、第二待签名数据和第二签名数据;或者,签到请求中携带的信息包括:第二待签名数据和第二签名数据,其中,第二待签名数据包括用户的ID;服务器通过以下方式对电子签名设备进行身份认证:至少根据第二待签名数据对第二签名数据进行验签。
可选地,固定电话机还用于在向服务器发送签到请求之前,对电子签名设备进行身份认证。
可选地,服务器还用于在将用户的ID与固定电话机的通信标识关联存储之后,删除用户的ID与固定电话机的通信标识的关联关系。
可选地,固定电话机还用于在向服务器发送签到请求之后,向服务器发送第一释放签到请求,其中,第一释放签到请求中携带有用户的ID;服务器还用于接收第一释放签到请求,触发删除用户的ID与固定电话机的通信标识的关联关系的操作。
可选地,固定电话机还用于向服务器发送释放签到请求之前,接收电子签名设备发送的第二释放签到请求,其中,第二释放签到请求中携带有第三待签名数据以及对第三待签名数据进行签名得到的第三签名数据;第一释放签到请求中还携带有第三待签名数据以及第三签名数据;服务器按照以下方式删除用户的ID与固定电话机的通信标识的关联关系:至少根据第三待签名数据对第三签名数据进行验签,验签通过之后,删除用户的ID与固定电话机的通信标识的关联关系。
可选地,服务器还用于向固定电话机发送携带第四待签名数据的第二验签请求,以及接收固定电话机返回的第四签名数据,并对第四签名数据进行验签,在验签通过之后,触 发删除用户的ID与固定电话机的通信标识关联关系的操作;固定电话机还用于接收第二验签请求,并将第二验签请求发送给电子签名设备,以及接收电子签名设备返回的第四签名数据,并将第四签名数据返回给服务器;电子签名设备还用于接收第二验签请求,对第四待签名数据进行签名,以及将签名得到的第四签名数据发送给固定电话机。
可选地,服务器还用于在删除用户的ID与固定电话机的通信标识的关联关系之后,通知固定电话机,服务器已释放用户的ID的签到。
可选地,服务器还用于在接收对用户的ID的呼叫后,向固定电话机发送携带有第五待签名数据的第三验签请求,以及接收固定电话机返回的第五签名数据,对第五签名数据进行验签,在验签通过之后,触发将呼叫接续到固定电话机的操作;固定电话机还用于接收第三验签请求,并将第三验签请求发送给电子签名设备,以及接收电子签名设备返回的第五签名数据,并将第五签名数据发送给服务器;电子签名设备还用于接收第三验签请求,对第五待签名数据进行签名,以及将签名得到的第五签名数据发送给固定电话机。
可选地,服务器还用于接收对用户的ID的呼叫之后,判断呼叫的类型为预设的呼叫类型,触发将呼叫接续到固定电话机的操作。
根据本发明的又一个方面,提供了一种固定电话机,包括:第二收发模块,用于从电子签名设备获取用户的ID;第一收发模块,用于向服务器发送签到请求,其中,签到请求中携带有用户的ID;通话模块,用于接收服务器发送的呼叫,与主叫端建立通话。
可选地,第一收发模块还用于接收服务器发送的第一验签请求;第二收发模块还用于将第一验签请求发送给电子签名设备,以及接收电子签名设备返回的第一验签响应,其中,在第一验签请求中携带第一待签名数据的情况下,第一验签响应中携带的信息包括:签名得到的第一签名数据,在第一验签请求中没有携带的第一待签名数据的情况下,第一验签响应中的携带的信息包括:第一待签名数据和签名得到的第一签名数据;第一收发模块还用于将接收到的第一验签响应发送给服务器。
可选地,第二收发模块还用于接收电子签名设备发送的第二待签名数据及电子签名设备对第二待签名数据进行签名得到的第二签名数据;第一收发模块发送的签到请求中携带的信息包括:用户的ID、第二待签名数据和第二签名数据;或者,签到请求中携带的信息包括:第二待签名数据和第二签名数据,其中,第二待签名数据包括用户的ID。
可选地,还包括:认证模块,用于对电子签名设备进行身份认证。
可选地,第一收发模块还用于向服务器发送第一释放签到请求,其中,第一释放签到请求中携带有用户的ID。
可选地,第二收发模块还用于接收电子签名设备发送的第二释放签到请求,其中,第二释放签到请求中携带有第三待签名数据以及对第三待签名数据进行签名得到的第三签名 数据;第一收发模块发送的第一释放签到请求中还携带有第三待签名数据以及第三签名数据。
可选地,第一收发模块还用于接收服务器发送的携带第四待签名数据的第二验签请求;第二收发模块还用于将第二验签请求发送给电子签名设备,以及接收电子签名设备返回对第四待签名数据进行签名得到的第四签名数据;第一收发模块还用于将第四签名数据返回给服务器。
可选地,第一收发模块还用于接收服务器发送的通知,其中,通知指示服务器已释放用户的ID的签到。
可选地,第一收发模块还用于在通话模块接收服务器发送的呼叫之前,接收服务器发送的携带有第五待签名数据的第三验签请求;第二收发模块还用于将第三验签请求发送给电子签名设备,以及接收电子签名设备返回对第五待签名数据进行签名得到的第五签名数据;第一收发模块还用于将第五签名数据发送给服务器。
与现有技术相比,本发明提供的呼叫方法及系统、固定电话机,可以将用户的ID与不同固定电话机关联,从而使得用户只需要携带存储ID的电子签名设备,便可以通过同一ID使用不同的固定电话机拨打或接听电话,相对于现有技术中用户的电话号码只能固定在一个固定电话机上的缺陷,实现了电话号码可以灵活关联到任意一个固定电话机,即实现了电话号码的灵活移动。而且,不同的用户也可以通过同一固定电话机接听电话,提高了设备的利用率。
根据本发明的另一个方面,本发明提供了一种终端,包括:通信接口,还包括:控制模块以及电子签名设备接口;所述电子签名设备接口,用于从电子签名设备接收签到数据,并将所述签到数据发送至所述控制模块,所述签到数据至少包括所述终端的用户的ID;所述控制模块,用于将所述签到数据发送至所述通信接口;所述通信接口,用于将所述签到数据外发。
此外,还包括:听筒以及麦克;所述通信接口,还用于接收来自外部的第一通话数据,并将所述第一通话数据发送至所述控制模块;所述控制模块,还用于将所述第一通话数据对应的第二通话数据发送至所述听筒;接收所述麦克发送的第三通话数据,将所述第三通话数据对应的第四通话数据发送至所述通信接口;所述通信接口,还用于将所述第四通话数据外发。
此外,所述第二通话数据为经由所述电子签名设备对所述第一通话数据进行解密得到的;所述第四通话数据为经由所述电子签名设备对所述第三通话数据进行加密得到的。
此外,还包括:输入装置;所述输入装置,接收到输入的第一输入数据,并将所述第一输入数据发送至所述控制模块;所述控制模块,将所述第一输入数据对应的第二输入数 据发送至所述通信接口。
此外,所述第二输入数据为经由所述电子签名设备对所述第一输入数据进行加密得到的。
此外,所述控制模块为安全芯片。
此外,所述第二通话数据为经由所述安全芯片对所述第一通话数据进行解密得到的;所述第四通话数据为经由所述安全芯片对所述第三通话数据进行加密得到的。
此外,还包括:输入装置;所述输入装置,接收到输入的第一输入数据,并将所述第一输入数据发送至所述安全芯片;所述安全芯片,将所述第一输入数据对应的第二输入数据发送至所述通信接口;所述第二输入数据为经由所述电子签名设备对所述第一输入数据进行加密得到的。
此外,所述安全芯片,还用于从所述电子签名设备接口接收到传输密钥,并保存所述传输密钥。
此外,所述安全芯片,还用于从所述电子签名设备接口或者所述通信接口或者所述输入装置接收释放签到数据,将保存的所述传输密钥删除。
此外,所述安全芯片,还用于对电子签名设备进行认证。
此外,所述安全芯片,还用于将当前传输密钥条变为新的传输密钥。
此外,所述电子签名设备接口还用于从所述电子签名设备接收所述电子签名设备对待签名数据进行签名获得的身份认证数据,并将所述身份认证数据发送到所述控制模块;所述控制模块还用于将所述身份认证数据发送至所述通信接口;所述通信接口还用于将所述身份认证数据外发。
根据本发明的另一个方面,本发明提供一种通话系统,包括电子签名设备以及上述终端;所述电子签名设备与所述终端的电子签名设备接口连接。
由上述本发明提供的技术方案可以看出,本发明提供了一种终端和通话系统,该终端通过电子签名设备接口从电子签名设备接收签到数据,将签到数据通过通信接口外发到服务器,使得用户只需要携带电子签名设备,将电子签名设备连接到任意终端上,便可以通过同一用户的ID(电子签名设备)使用不同的终端拨打或接听电话,实现了用户的ID的灵活移动。
根据本发明的另一个方面,提供了一种呼叫方法,包括:
被叫终端向服务器发送签到请求,所述签到请求中携带有被叫用户的ID,用于指示所述服务器将所述被叫用户的ID与所述被叫终端的通信标识关联;所述被叫用户的ID为所述被叫用户在服务器上为所述被叫用户使用的第一电子签名设备注册的唯一标识;
接收到所述服务器发送的呼叫请求,所述呼叫请求为主叫终端对所述被叫用户的ID发 起的呼叫请求;
与所述主叫终端建立通话链路,与所述主叫终端进行通话。
可选地,在所述被叫终端向所述服务器发送签到请求之前,还包括:从与所述被叫终端连接的第一电子签名设备获取所述被叫用户的ID。
可选地,在从与所述被叫终端连接的第一电子签名设备获取所述被叫用户的ID之前,还包括:所述被叫终端对所述第一电子签名设备进行身份认证。
可选地,所述方法还包括:所述被叫终端在所述签到请求中携带身份认证数据。
可选地,所述被叫终端向所述服务器发送签到请求之后,接收到所述服务器发送的呼叫请求之前,还包括:接收到所述服务器发送的验签请求;从所述第一电子签名设备获取签名数据,所述签名数据为所述第一电子签名设备对待签名数据进行签名获得的数据;将所述签名数据发送至所述服务器。
可选地,在所述被叫终端向所述服务器发送签到请求之后,还包括:所述被叫终端向所述服务器发送释放签到请求,所述释放签到请求中携带有所述被叫用户的ID,用于指示所述服务器删除所述被叫用户的ID与所述被叫终端的通信标识的关联关系。
可选地,所述方法还包括:所述被叫终端在所述释放签到请求中携带身份认证数据。
可选地,在与所述主叫终端建立通话链路之后,与所述主叫终端进行通话之前,还包括:所述被叫终端与所述主叫终端利用各自的电子签名设备协商传输密钥,所述被叫终端将传输密钥协商过程中接收到的信息发送给所述第一电子签名设备,指示所述第一电子签名设备根据接收到的信息获取传输密钥;
在与所述主叫终端进行通话的过程中,还包括:所述被叫终端将从所述主叫终端接收到的加密数据发送给所述第一电子签名设备,并接收所述第一电子签名设备通过所述传输密钥对接收到的所述加密数据进行解密后返回的明文数据;以及将需要发送给所述主叫终端的传输数据发送给所述第一电子签名设备,接收所述第一电子签名设备通过所述传输密钥对需要发送的所述传输数据进行加密后的返回的密文数据,并将所述密文数据发送给所述主叫终端。
可选地,在与所述主叫终端进行通话之前,还包括:与所述第一电子签名设备协商传输密钥,保存所述传输密钥,并将所述传输密钥发送至所述服务器;
在与所述主叫终端进行通话的过程中,还包括:利用所述传输密钥对传输数据进行加密或解密。
可选地,在与所述主叫终端进行通话结束之后,还包括:将保存的所述传输密钥删除。
可选地,在与所述主叫终端进行通话的过程中,还包括:根据预设的跳变规则将当前的传输密钥跳变为新的传输密钥,并利用所述新的传输密钥对传输数据进行加密或解密。
可选地,所述根据预设的跳变规则将当前的传输密钥跳变为新的传输密钥,包括以下至少之一:根据跳变触发因子,将当前的传输密钥跳变为新的传输密钥;获取到密钥跳变指令,将当前的传输密钥跳变为新的传输密钥。
可选地,所述跳变触发因子,包括以下至少之一:跳变周期、跳变时间点、和通话数据量。
可选地,所述密钥跳变指令包括以下至少之一:所述主叫终端发送的密钥跳变指令、输入的密钥跳变指令、和根据预设规则生成的密钥跳变指令。
可选地,在与所述主叫终端进行通话的过程中,还包括:生成线路跳变指令;将所述线路跳变指令发送至所述服务器,指示所述服务器将当前的传输线路跳变为新的传输线路,并利用所述新的传输线路与所述主叫终端进行通话。
根据本发明的另一个方面,提供了一种呼叫方法,包括:
服务器接收到被叫终端发送的签到请求,所述签到请求中包括被叫用户的ID;所述被叫用户的ID为所述被叫用户在服务器上为所述被叫用户使用的第一电子签名设备注册的唯一标识;
将所述被叫用户的ID与所述被叫终端的通信标识进行关联并存储;
在接收到主叫终端对所述被叫用户的ID的呼叫请求后,根据所述被叫用户的ID与所述被叫终端的通信标识的关联关系,建立所述主叫终端与所述被叫终端的通话链路。
可选地,在服务器收到被叫终端的签到请求之后,还包括:对接收到的所述被叫终端发送的身份认证数据进行认证,并在认证通过后,执行将所述被叫用户的ID与所述被叫终端的通信标识进行关联并存储的步骤。
可选地,在将所述被叫用户的ID与所述被叫终端的通信标识进行关联并存储之后,还包括:所述服务器删除所述被叫用户的ID与所述被叫终端的通信标识的关联关系。
可选地,所述方法还包括:接收所述被叫终端返回的身份认证数据,并进行身份认证,在身份认证通过后,执行所述服务器删除所述被叫用户的ID与所述被叫终端的通信标识的关联关系的步骤。
可选地,在接收到主叫终端对所述被叫用户的ID的呼叫请求后,还包括:向所述被叫终端发送验签请求;在接收到所述被叫终端返回的签名数据后进行验签,并在验签通过后,执行所述建立所述主叫终端与所述被叫终端的通话链路的步骤。
可选地,在接收到主叫终端对所述被叫用户的ID的呼叫请求之后,还包括:判断所述呼叫请求的类型为预设的呼叫请求类型,执行建立所述主叫终端与所述被叫终端的通话链路的步骤。
可选地,所述方法还包括:接收所述被叫终端发送的第一传输密钥并保存所述第一传 输密钥,以及接收所述主叫终端发送的第二传输密钥并保存所述第二传输密钥;利用所述第一传输密钥对与所述被叫终端之间的传输数据进行加密或解密,以及利用所述第二传输密钥对与所述主叫终端之间传输数据进行加密或解密。
可选地,所述方法还包括:删除所述第一传输密钥和/或第二传输密钥。
可选地,所述方法还包括:向所述被叫终端和/或所述主叫终端发送密钥删除请求,用于指示所述被叫终端和/或所述主叫终端删除保存的传输密钥。
可选地,在所述主叫终端与所述被叫终端进行通话的过程中,还包括:
根据预设的跳变规则将当前的所述第一传输密钥跳变为新的第一传输密钥并利用所述新的第一传输密钥对传输数据进行加密或解密;和/或
根据预设的跳变规则将当前的所述第二传输密钥跳变为新的第二传输密钥并利用所述新的第二传输密钥对传输数据进行加密或解密。
可选地,所述根据预设的跳变规则将当前的所述第一传输密钥跳变为新的第一传输密钥,和/或,将当前的所述第二传输密钥跳变为新的第二传输密钥,包括以下至少之一:
根据跳变触发因子,将当前的所述第一传输密钥跳变为新的第一传输密钥,和/或,将当前的所述第二传输密钥跳变为新的第二传输密钥;
获取到密钥跳变指令,将当前的所述第一传输密钥跳变为新的第一传输密钥,和/或,将当前的所述第二传输密钥跳变为新的第二传输密钥。
可选地,所述跳变触发因子,包括以下至少之一:跳变周期、跳变时间点、和通话数据量。
可选地,所述密钥跳变指令包括以下至少之一:所述被叫终端和/或所述主叫终端发送的密钥跳变指令、和根据预设规则生成的密钥跳变指令。
可选地,在所述主叫终端与所述被叫终端进行通话的过程中,还包括:根据预设的线路跳变规则将当前的传输线路跳变为新的传输线路,并利用所述新的传输线路对传输数据进行传输。
可选地,所述被叫用户包括多个,所述呼叫请求中携带有各个被叫用户的ID;
根据所述被叫用户的ID与所述被叫终端的通信标识的关联关系,建立所述主叫终端与所述被叫终端的通话链路,包括:所述服务器向各个所述被叫用户的ID关联的通信标识对应的被叫终端发送多方通话请求;接收到多个所述被叫终端中的一个或多个返回的确认响应后,建立所述主叫终端与一个或多个被叫终端、以及所述一个或多个被叫终端之间的通话链路。
可选地,所述建立所述主叫终端与一个或多个被叫终端、以及所述一个或多个被叫终端之间的通话链路之前,还包括:接收所述主叫终端发送的共享传输密钥;将所述共享传 输密钥发送至所述一个或多个被叫终端。
可选地,所述方法还包括:所述服务器接收到所述主叫终端发送的签到请求,所述签到请求中携带有主叫用户的ID;将所述主叫用户的ID与所述主叫终端的通信标识进行关联并存储。
可选地,在服务器收到主叫终端的签到请求之后,还包括:对接收到的所述主叫终端发送的身份认证数据进行认证,并在认证通过后,执行将所述主叫用户的ID与所述主叫终端的通信标识进行关联并存储的步骤。
可选地,在将所述主叫用户的ID与所述主叫终端的通信标识进行关联并存储之后,还包括:所述服务器删除所述主叫用户的ID与所述主叫终端的通信标识的关联关系。
可选地,在接收到主叫终端对所述被叫用户的ID的呼叫请求后,还包括:向所述主叫终端发送验签请求;
在接收到所述主叫终端返回的签名数据后进行验签,并在验签通过后,执行所述建立所述主叫终端与所述被叫终端的通话链路的步骤。
根据本发明的另一个方面,提供了一种呼叫方法,包括:
主叫终端获取到被叫用户的ID;所述被叫用户的ID为所述被叫用户在服务器上为所述被叫用户使用的第一电子签名设备注册的唯一标识;
所述主叫终端向所述服务器发起呼叫所述被叫用户的呼叫请求,所述呼叫请求中携带有所述被叫用户的ID;
所述主叫终端接收所述服务器返回的呼叫响应,与被叫终端建立通话链路,并与所述被叫终端进行通话,其中,所述被叫终端的通信标识与所述被叫用户的ID关联。
可选地,所述方法还包括:所述主叫终端向所述服务器发送签到请求,所述签到请求中携带有主叫用户的ID,用于指示所述服务器将所述主叫用户的ID与所述主叫终端的通信标识关联;所述主叫用户的ID为所述主叫用户在服务器上为所述主叫用户使用的第二电子签名设备注册的唯一标识。
可选地,在所述主叫终端向所述服务器发送签到请求之前,还包括:从与所述主叫终端连接的第二电子签名设备获取所述主叫用户的ID。
可选地,在所述从与所述主叫终端连接的第二电子签名设备获取所述主叫用户的ID之前,还包括:所述主叫终端对所述第二电子签名设备进行身份认证。
可选地,所述方法还包括:所述主叫终端在所述签到请求中携带身份认证数据。
可选地,在向所述服务器发起呼叫所述被叫用户的呼叫请求之后,在接收所述服务器返回的呼叫响应之前,还包括:接收到所述服务器发送的验签请求;从所述第二电子签名设备获取签名数据,所述签名数据为所述第二电子签名设备对待签名数据进行签名获得的 数据;将所述签名数据发送至所述服务器。
可选地,在所述主叫终端向所述服务器发送签到请求之后,还包括:所述主叫终端向所述服务器发送释放签到请求,所述释放签到请求中携带有所述主叫用户的ID,用于指示所述服务器删除所述主叫用户的ID与所述主叫终端的通信标识的关联关系。
可选地,所述方法还包括:所述主叫终端在所述释放签到请求中携带身份认证数据。
可选地,在与所述被叫用户使用的被叫终端建立通话链路之后,与所述被叫终端进行通话之前,还包括:所述主叫终端与所述被叫终端利用各自的电子签名设备协商传输密钥,所述主叫终端将传输密钥协商过程中接收到的信息发送给所述第二电子签名设备,指示所述第二电子签名设备根据接收到的信息获取传输密钥;
在与所述被叫终端进行通话的过程中,还包括:所述主叫终端将从所述被叫终端接收到的加密数据发送给所述第二电子签名设备,并接收所述第二电子签名设备通过所述传输密钥对接收到的所述加密数据进行解密后返回的明文数据;以及将需要发送给所述被叫终端的传输数据发送给所述第二电子签名设备,接收所述第二电子签名设备通过所述传输密钥对需要发送的所述传输数据进行加密后的返回的密文数据,并将所述密文数据发送给所述被叫终端。
可选地,所述与所述被叫终端进行通话之前,还包括:与所述第二电子签名设备协商传输密钥,保存所述传输密钥,并将所述传输密钥发送至所述服务器;
在与所述被叫终端进行通话的过程中,还包括:利用所述传输密钥对传输数据进行加密或解密。
可选地,在与所述被叫终端进行通话结束之后,还包括:将保存的所述传输密钥删除。
可选地,在与所述被叫终端进行通话的过程中,所述方法还包括:根据预设的跳变规则将当前的传输密钥跳变为新的传输密钥,并利用所述新的传输密钥对传输数据进行加密或解密。
可选地,所述根据预设的跳变规则将当前的传输密钥跳变为新的传输密钥,包括以下至少之一:根据跳变触发因子,将当前的传输密钥跳变为新的传输密钥;获取到密钥跳变指令,将当前的传输密钥跳变为新的传输密钥。
可选地,所述跳变触发因子,包括以下至少之一:跳变周期、跳变时间点、和通话数据量。
可选地,所述密钥跳变指令包括以下至少之一:所述被叫终端发送的密钥跳变指令、输入的密钥跳变指令、和根据预设规则生成的密钥跳变指令。
可选地,在与所述被叫终端进行通话的过程中,所述方法还包括:生成线路跳变指令;将所述线路跳变指令发送至所述服务器,指示所述服务器将当前的传输线路跳变为新的传 输线路,并利用所述新的传输线路与所述被叫终端进行通话。
可选地,所述被叫用户包括多个。
可选地,在与所述被叫终端进行通话之前,还包括:所述主叫终端将第二电子签名设备生成的共享传输密钥发送至多个所述被叫用户的ID关联的通信标识对应的多个被叫终端;在与所述被叫终端进行通话中,还包括:利用所述共享传输密钥对与所述多个被叫终端的传输数据进行加密或解密。
根据本发明的另一个方面,提供了一种通话装置,包括:
发送模块,用于向服务器发送签到请求,所述签到请求中携带有被叫用户的ID,用于指示所述服务器将所述被叫用户的ID与被叫终端的通信标识关联;所述被叫用户的ID为所述被叫用户在服务器上为所述被叫用户使用的第一电子签名设备注册的唯一标识;
接收模块,用于接收到所述服务器发送的呼叫请求,所述呼叫请求为主叫终端对所述被叫用户的ID发起的呼叫请求;
通话模块,用于与所述主叫终端建立通话链路,与所述主叫终端进行通话。
可选地,所述通话装置还包括:第一获取模块,用于从与所述被叫终端连接的第一电子签名设备获取所述被叫用户的ID。
可选地,所述通话装置还包括:认证模块,用于对所述第一电子签名设备进行身份认证。
可选地,所述发送模块还用于在所述签到请求中携带身份认证数据。
可选地,所述接收模块还用于在所述发送模块向所述服务器发送签到请求之后,在接收到所述服务器发送的呼叫请求之前,接收到所述服务器发送的验签请求;
所述装置还包括:第二获取模块,用于从所述第一电子签名设备获取签名数据,其中,所述签名数据为所述第一电子签名设备对待签名数据进行签名获得的数据;
所述发送模块还用于将所述签名数据发送至所述服务器。
可选地,所述发送模块还用于向所述服务器发送释放签到请求,所述释放签到请求中携带有所述被叫用户的ID,用于指示所述服务器删除所述被叫用户的ID与所述被叫终端的通信标识的关联关系。
可选地,所述发送模块还用于在所述释放签到请求中携带身份认证数据。
可选地,所述装置还包括:第一协商模块,用于利用所述第一电子签名设备与与所述主叫终端协商传输密钥;
所述发送模块还用于将传输密钥协商过程中接收到的信息发送给所述第一电子签名设备,指示所述第一电子签名设备根据接收到的信息获取传输密钥;在与所述主叫终端进行通话的过程中,将从所述主叫终端接收到的加密数据发送给所述第一电子签名设备;
所述接收模块还用于接收所述第一电子签名设备通过所述传输密钥对接收到的所述加密数据进行解密后返回的明文数据;
所述发送模块还用于将需要发送给所述主叫终端的传输数据发送给所述第一电子签名设备;
所述接收模块还用于接收所述第一电子签名设备通过所述传输密钥对需要发送的所述传输数据进行加密后的返回的密文数据;
所述发送模块还用于将所述密文数据发送给所述主叫终端。
可选地,所述装置还包括:第二协商模块,用于与所述第一电子签名设备协商传输密钥;存储模块,用于保存所述传输密钥;
所述发送模块还用于将所述传输密钥发送至所述服务器;
所述装置还包括:加解密模块,用于利用所述传输密钥对传输数据进行加密或解密。
可选地,所述装置还包括:删除模块,用于将所述存储模块保存的所述传输密钥删除。
可选地,所述装置还包括:执行模块,用于根据预设的跳变规则将当前使用的所述传输密钥跳变为新的传输密钥。
可选地,所述执行模块按照以下至少之一将当前使用的传输密钥跳变为新的传输密钥:根据跳变触发因子,将当前的传输密钥跳变为新的传输密钥;获取到密钥跳变指令,将当前的传输密钥跳变为新的传输密钥。
可选地,所述装置还包括:生成模块,用于生成线路跳变指令;
所述发送模块还用于将所述线路跳变指令发送至所述服务器,指示所述服务器将当前的传输线路跳变为新的传输线路,并利用所述新的传输线路与所述主叫终端进行通话。
根据本发明的另一个方面,提供了一种呼叫处理装置,包括:
接收模块,用于接收被叫终端发送的签到请求,其中,所述签到请求中包括被叫用户的ID;所述被叫用户的ID为所述被叫用户在服务器上为所述被叫用户使用的第一电子签名设备注册的唯一标识;
存储模块,用于将所述被叫用户的ID与所述被叫终端的通信标识进行关联并存储;
建立模块,用于在接收到主叫终端对所述被叫用户的ID的呼叫请求后,根据所述被叫用户的ID与所述被叫终端的通信标识的关联关系,建立所述主叫终端与所述被叫终端的通话链路。
可选地,所述装置还包括:第一认证模块,用于对接收到的所述被叫终端发送的第一身份认证数据进行认证,并在认证通过后,触发所述存储模块将所述被叫用户的ID与所述被叫终端的通信标识进行关联并存储。
可选地,所述装置还包括:第一删除模块,用于删除所述被叫用户的ID与所述被叫终 端的通信标识的关联关系。
可选地,所述接收模块还用于接收所述被叫终端返回的第二身份认证数据;所述装置还包括:第二认证模块,用于根据所述第二身份认证并进行身份认证,在身份认证通过后,触发所述第一删除模块删除所述被叫用户的ID与所述被叫终端的通信标识的关联关系。
可选地,所述装置还包括:第一发送模块,用于在接收到主叫终端对所述被叫用户的ID的呼叫请求后,向所述被叫终端发送验签请求;
所述接收模块还用于接收所述被叫终端返回的签名数据;
所述装置还包括:验签模块,用于对所述签名数据进行验签,并在验签通过后,触发所述建立模块建立所述主叫终端与所述被叫终端的通话链路。
可选地,所述装置还包括:判断模块,用于在接收到主叫终端对所述被叫用户的ID的呼叫请求之后,判断所述呼叫请求的类型是否为预设的呼叫请求类型,如果是,则触发所述建立模块执行建立所述主叫终端与所述被叫终端的通话链路。
可选地,所述接收模块还用于接收所述被叫终端发送的第一传输密钥以及接收所述主叫终端发送的第二传输密钥;
所述存储模块还用于保存所述第一传输密钥以及所述第二传输密钥;
所述装置还包括:加解密模块,用于利用所述第一传输密钥对与所述被叫终端之间的传输数据进行加密或解密,以及利用所述第二传输密钥对与所述主叫终端之间传输数据进行加密或解密。
可选地,所述装置还包括:第二删除模块,用于删除所述第一传输密钥和/或第二传输密钥。
可选地,所述装置还包括:第二发送模块,用于向所述被叫终端和/或所述主叫终端发送密钥删除请求,用于指示所述被叫终端和/或所述主叫终端删除保存的传输密钥。
可选地,所述加解密模块还用于在所述主叫终端与所述被叫终端进行通话的过程中,根据预设的跳变规则将当前的所述第一传输密钥跳变为新的第一传输密钥并利用所述新的第一传输密钥对传输数据进行加密或解密;和/或
所述加解密模块还用于在所述主叫终端与所述被叫终端进行通话的过程中,根据预设的跳变规则将当前的所述第二传输密钥跳变为新的第二传输密钥并利用所述新的第二传输密钥对传输数据进行加密或解密。
可选地,所述加解密模块按照以下至少之一将当前的所述第一传输密钥跳变为新的第一传输密钥,和/或,将当前的所述第二传输密钥跳变为新的第二传输密钥:
根据跳变触发因子,将当前的所述第一传输密钥跳变为新的第一传输密钥,和/或,将当前的所述第二传输密钥跳变为新的第二传输密钥;
获取到密钥跳变指令,将当前的所述第一传输密钥跳变为新的第一传输密钥,和/或,将当前的所述第二传输密钥跳变为新的第二传输密钥。
可选地,所述装置还包括:跳变模块,用于根据预设的线路跳变规则将当前数据传输的传输线路跳变为新的传输线路。
可选地,所述被叫用户包括多个,所述呼叫请求中携带有各个被叫用户的ID;
所述建立模块还用于向各个所述被叫用户的ID关联的通信标识对应的被叫终端发送多方通话请求,以及在接收到多个所述被叫终端中的一个或多个返回的确认响应后,建立所述主叫终端与一个或多个被叫终端、以及所述一个或多个被叫终端之间的通话链路。
可选地,所述接收模块还用于建立所述主叫终端与一个或多个被叫终端、以及所述一个或多个被叫终端之间的通话链路之前,接收所述主叫终端发送的共享传输密钥;
所述装置还包括:第三发送模块,用于将所述共享传输密钥发送至所述一个或多个被叫终端。
可选地,所述接收模块还用于接收到所述主叫终端发送的签到请求,所述签到请求中携带有主叫用户的ID;
所述存储模块还用于将所述主叫用户的ID与所述主叫终端的通信标识进行关联并存储。
可选地,所述接收模块还用于在服务器收到主叫终端的签到请求之后,接收到的所述主叫终端发送的第三身份认证数据;
所述装置还包括:第三认证模块,用于对所述第三身份认证数据进行认证,并在认证通过后,触发所述存储模块将所述主叫用户的ID与所述主叫终端的通信标识进行关联并存储。
可选地,所述装置还包括:第三删除模块,用于删除所述主叫用户的ID与所述主叫终端的通信标识的关联关系。
可选地,所述装置还包括:第四发送模块,用于在接收到主叫终端对所述被叫用户的ID的呼叫请求后,向所述主叫终端发送验签请求;
第四认证模块,用于在接收到所述主叫终端返回的签名数据后进行验签,并在验签通过后,触发所述建立模块建立所述主叫终端与所述被叫终端的通话链路。
根据本发明的另一个方面,提供了一种呼叫装置,包括:
获取模块,用于获取到被叫用户的ID;所述被叫用户的ID为所述被叫用户在服务器上为所述被叫用户使用的第一电子签名设备注册的唯一标识;
呼叫模块,用于向所述服务器发起呼叫所述被叫用户的呼叫请求,所述呼叫请求中携带有所述被叫用户的ID;
接收模块,用于接收所述服务器返回的呼叫响应;
通话模块,用于与被叫终端建立通话链路,并与所述被叫终端进行通话,其中,所述被叫终端的通信标识与所述被叫用户的ID关联。
可选地,所述装置还包括:第一发送模块,用于向所述服务器发送签到请求,所述签到请求中携带有主叫用户的ID,用于指示所述服务器将所述主叫用户的ID与所述主叫终端的通信标识关联;所述主叫用户的ID为所述主叫用户在服务器上为所述主叫用户使用的第二电子签名设备注册的唯一标识。
可选地,所述获取模块还用于从与所述主叫终端连接的所述第二电子签名设备获取所述主叫用户的ID。
可选地,第一认证模块,用于在从与所述主叫终端连接的第二电子签名设备获取所述主叫用户的ID之前,对所述第二电子签名设备进行身份认证。
可选地,所述第一发送模块,还用于在所述签到请求中携带身份认证数据。
可选地,所述接收模块还用于在向所述服务器发起呼叫所述被叫用户的呼叫请求之后,在接收所述服务器返回的呼叫响应之前,接收到所述服务器发送的验签请求;
所述获取模块,还用于从所述第二电子签名设备获取签名数据,所述签名数据为所述第二电子签名设备对待签名数据进行签名获得的数据;
所述装置还包括:第二发送模块,用于将所述签名数据发送至所述服务器。
可选地,所述装置还包括:第三发送模块,用于在所述主叫终端向所述服务器发送签到请求之后,向所述服务器发送释放签到请求,所述释放签到请求中携带有所述主叫用户的ID,用于指示所述服务器删除所述主叫用户的ID与所述主叫终端的通信标识的关联关系。
可选地,所述第三发送模块,还用于在所述释放签到请求中携带身份认证数据。
可选地,第一协商模块,用于在与所述被叫用户使用的被叫终端建立通话链路之后,与所述被叫终端进行通话之前,与所述被叫终端利用各自的电子签名设备协商传输密钥;
所述装置还包括:第四发送模块,用于将传输密钥协商过程中接收到来自所述被叫终端的信息发送给所述第二电子签名设备,指示所述第二电子签名设备根据接收到的信息获取传输密钥;在与所述被叫终端进行通话的过程中,将从所述被叫终端接收到的加密数据发送给所述第二电子签名设备,以及将需要发送给所述被叫终端的传输数据发送给所述第二电子签名设备;
所述接收模块,还用于在与所述被叫终端进行通话的过程中,接收所述第二电子签名设备通过所述传输密钥对接收到的所述加密数据进行解密后返回的明文数据;以接收所述第二电子签名设备通过所述传输密钥对需要发送的所述传输数据进行加密后的返回的密文 数据;
所述第四发送模块,还用于将所述密文数据发送给所述被叫终端。
可选地,第二协商模块,用于与所述第二电子签名设备协商传输密钥;存储模块,用于保存所述传输密钥;第五发送模块,用于将所述传输密钥发送至所述服务器;第一加解密模块,用于在与所述被叫终端进行通话的过程中,利用所述传输密钥对传输数据进行加密或解密。
可选地,删除模块,用于在与所述被叫终端进行通话结束之后,将所述存储模块保存的所述传输密钥删除。
可选地,所述第一加解密模块还用于在与所述被叫终端进行通话的过程中,根据预设的跳变规则将当前的传输密钥跳变为新的传输密钥,并利用所述新的传输密钥对传输数据进行加密或解密。
可选地,所述第一加解密模块按照以下至少之一将当前的传输密钥跳变为新的传输密钥:根据跳变触发因子,将当前的传输密钥跳变为新的传输密钥;获取到密钥跳变指令,将当前的传输密钥跳变为新的传输密钥。
可选地,所述装置还包括:生成模块,用于在与所述被叫终端进行通话的过程中,生成线路跳变指令;第六发送模块,用于将所述线路跳变指令发送至所述服务器,指示所述服务器将当前的传输线路跳变为新的传输线路,并利用所述新的传输线路与所述被叫终端进行通话。
可选地,所述被叫用户包括多个;所述装置还包括:所述获取模块还用于在与所述被叫终端进行通话之前,获取第二电子签名设备生成的共享传输密钥;
第七发送模块,用于将所述共享传输密钥发送至多个所述被叫用户的ID关联的通信标识对应的多个被叫终端;
第二加解密模块,用于在与所述被叫终端进行通话中,利用所述共享传输密钥对与所述多个被叫终端的传输数据进行加密或解密。
根据本发明的另一个方面,提供了一种通话系统,包括:
被叫终端、主叫终端、服务器、以及与被叫终端连接的第一电子签名设备,其中,被叫终端包括如上的通话装置,服务器包括如上的呼叫处理装置,主叫终端包括如上的呼叫装置。
可选地,所述系统还包括:与所述主叫终端连接的第二电子签名设备。
根据本发明的另一个方面,提供了一种签到方法,包括:
服务器接收到终端发送的通信标识和签到请求,签到请求中包括用户ID;用户ID为用户在服务器上为用户使用的电子签名设备注册的唯一标识;
将用户ID与终端的通信标识进行关联并存储。
可选地,在所述服务器收到终端的签到请求之后,所述方法还包括:所述服务器对接收到的所述终端发送的用户身份认证数据进行认证,并在认证通过后,执行将所述用户ID与所述终端的通信标识进行关联并存储的步骤,所述用户身份认证数据是所述电子签名设备对待签名数据签名得到的。
可选地,在将所述用户ID与所述终端的通信标识进行关联并存储之后,所述方法还包括:所述服务器删除所述用户ID与所述终端的通信标识的关联关系。
可选地,所述方法还包括:所述服务器接收所述终端发送的用户身份认证数据,并进行身份认证,在身份认证通过后,执行所述服务器删除所述用户ID与所述终端的通信标识的关联关系的步骤。
根据本发明的另一个方面,提供了一种签到方法,包括:
终端判断是否满足触发签到的规则;
在满足触发签到的规则后,终端向服务器发送通信标识和签到请求,签到请求中携带有用户ID,用户ID用于指示服务器将用户ID与终端的通信标识关联,用户ID为用户在服务器上为用户使用的电子签名设备注册的唯一标识。
可选地,在所述终端向所述服务器发送签到请求之前,所述方法还包括:从与所述终端连接的电子签名设备获取所述用户ID。
可选地,在从与所述终端连接的电子签名设备获取用户ID之前,所述方法还包括:所述终端对所述电子签名设备进行身份认证。
可选地,所述方法还包括:所述终端在所述签到请求中携带用户身份认证数据,所述用户身份认证数据是所述电子签名设备对待签名数据签名得到的。
可选地,在所述终端向所述服务器发送签到请求之后,还包括:所述终端向所述服务器发送释放签到请求,所述释放签到请求中携带有所述用户ID,用于指示所述服务器删除所述用户ID与所述终端的通信标识的关联关系。
可选地,所述方法还包括:所述终端在所述释放签到请求中携带用户身份认证数据。
可选地,所述满足触发签到的规则,包括以下至少一项:所述终端接收到所述用户输入的签到指令;所述终端接收到所述服务器发送的签到指令;所述终端接收到与其连接的所述电子签名设备的签到指令。
根据本发明的另一个方面,提供了一种签到处理装置,包括:
接收模块,用于接收终端发送的签到请求,其中,签到请求中包括用户ID;用户ID为用户在服务器上为用户使用的电子签名设备注册的唯一标识;
存储模块,用于将用户ID与终端的通信标识进行关联并存储。
可选地,所述装置还包括:第一认证模块,用于在收到终端的签到请求之后,对接收到的所述终端发送的第一用户身份认证数据进行认证,并在认证通过后,触发所述存储模块将所述用户ID与所述终端的通信标识进行关联并存储,所述第一用户身份认证数据是所述电子签名设备对待签名数据签名得到的。
可选地,所述装置还包括:删除模块,用于删除所述用户ID与所述终端的通信标识的关联关系。
可选地,所述装置还包括:第二身份认证模块,用于接收终端发送的第二用户身份认证数据,并进行身份认证,在身份认证通过后,触发删除模块删除所述用于ID与所述终端的通信标识的关联关系,所述第二用户身份认证数据是所述电子签名设备对待签名数据签名得到的。
根据本发明的另一个方面,提供了一种签到装置,包括:
签到触发模块,用于判断是否满足触发签到的规则,如果满足,则触发发送模块发送签到请求至服务器;
发送模块,用于在签到触发模块触发后,向服务器发送签到请求,签到请求中携带有用户ID,用户ID用于指示服务器将用户ID与签到装置的通信标识关联,用户ID为用户在服务器上为用户使用的电子签名设备注册的唯一标识。
可选地,所述装置还包括:获取模块,用于从与所述签到装置连接的电子签名设备获取所述用户ID。
可选地,所述装置还包括:认证模块,用于对所述电子签名设备进行身份认证。
可选地,所述发送模块,还用于在所述签到请求中携带用户身份认证数据,所述用户身份认证数据是所述电子签名设备对待签名数据签名得到的,由所述获取模块从与所述签到装置连接的电子签名设备获取。
可选地,所述发送模块,还用于向所述服务器发送释放签到请求,所述释放签到请求中携带有所述用户ID,用于指示所述服务器删除所述用户ID与所述签到装置的通信标识的关联关系。
可选地,所述发送模块,还用于在所述释放签到请求中携带用户身份认证数据。
可选地,所述签到触发模块,用于判断是否满足触发签到的规则,包括以下至少一项:接收到所述用户输入的签到指令;接收到所述服务器发送的签到指令;接收到与其连接的所述电子签名设备的签到指令。
根据本发明的另一个方面,提供了一种签到系统,包括:终端、服务器以及与终端连接的电子签名设备,其中,服务器包括如上的签到处理装置,终端包括如上的签到装置。
与现有技术相比,本发明提供的呼叫方法、装置及系统、固定电话机及终端、签到方 法及装置,可以将用户的ID与不同终端(包括固定电话机)关联,从而使得用户只需要携带存储ID的电子签名设备,便可以通过同一ID使用不同的终端拨打或接听电话,相对于现有技术中用户的电话号码只能固定在一个终端上的缺陷,实现了电话号码可以灵活关联到任意一个终端,即实现了电话号码的灵活移动。而且,不同的用户也可以通过同一终端接听电话,提高了设备的利用率。终端可以利用其电子签名设备进行身份认证以及协商传输密钥,通过对主叫用户或被叫用户进行身份认证,避免了通话某一方恶意模仿进行诈骗的情况,提高了通话系统的安全性。在通话过程中,使用传输密钥对传输数据进行加解密,保证通话数据的安全。
附图说明
为了更清楚地说明本发明实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他附图。
图1为本发明实施例1提供的呼叫系统的结构示意图;
图2为本发明实施例1提供的可选呼叫系统的结构示意图;
图3为本发明实施例2提供的呼叫方法的流程图;
图4为本发明实施例3提供的固定电话机的结构示意图;
图5为本发明实施例4提供的通话系统结构示意图;
图6为本发明实施例4提供的终端结构示意图;
图7为本发明实施例4提供的通话系统结构示意图;
图8为本发明实施例5提供的终端结构示意图;
图9为本发明实施例6提供的通话系统的结构示意图;
图10为本发明实施例7提供的通话装置的结构示意图;
图11为本发明实施例8提供的呼叫装置的结构示意图;
图12为本发明实施例9提供的呼叫处理装置的结构示意图;
图13为本发明实施例10提供的应用于主叫终端侧的呼叫方法的流程图;
图14为本发明实施例10提供的主叫终端主动在签到请求中携带身份认证数据的流程图;
图15为本发明实施例10提供的主叫终端根据服务器发送的待签名数据生成身份认证数据,并携带在签到请求中的流程图;
图16为本发明实施例11提供的应用于被叫终端侧的呼叫方法的流程图;
图17为本发明实施例12提供的应用于服务器侧的呼叫方法的流程图;
图18为本发明实施例13提供的呼叫方法的流程图;
图19为本发明实施例14提供的终端向服务器发起签到的流程图;
图20为本发明实施例14提供的发起释放签到的流程的流程图;
图21为本发明实施例15提供的一种终端与终端之间进行数据交互时进行密钥跳变的流程图;
图22为本发明实施例15提供的另一种终端与终端之间进行数据交互时进行密钥跳变的流程图;
图23为本发明实施例15提供的一种终端与服务器之间进行数据交互时进行密钥跳变的流程图;
图24为本发明实施例15提供的另一种终端与服务器之间进行数据交互时进行密钥跳变的流程图;
图25为本发明实施例16提供的用于多方通话的呼叫方法流程图;
图26为本发明实施例17提供的应用于服务器侧的签到方法的流程图;
图27为本发明实施例18提供的应用于终端侧的签到方法的流程图;
图28为本发明实施例19提供的一种签到处理装置的结构示意图;
图29为本发明实施例19提供的另一种签到处理装置的结构示意图;
图30为本发明实施例20提供的签到装置的结构示意图。
具体实施方式
下面结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明的保护范围。
在本发明的描述中,需要理解的是,术语“中心”、“纵向”、“横向”、“上”、“下”、“前”、“后”、“左”、“右”、“竖直”、“水平”、“顶”、“底”、“内”、“外”等指示的方位或位置关系为基于附图所示的方位或位置关系,仅是为了便于描述本发明和简化描述,而不是指示或暗示所指的装置或元件必须具有特定的方位、以特定的方位构造和操作,因此不能理解为对本发明的限制。此外,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性或数量或位置。
在本发明的描述中,需要说明的是,除非另有明确的规定和限定,术语“安装”、“相连”、“连接”应做广义理解,例如,可以是固定连接,也可以是可拆卸连接,或一体地连 接;可以是机械连接,也可以是电连接;可以是直接相连,也可以通过中间媒介间接相连,可以是两个元件内部的连通。对于本领域的普通技术人员而言,可以具体情况理解上述术语在本发明中的具体含义。
下面将结合附图对本发明实施例作进一步地详细描述。
实施例1
根据本发明实施例,提供了一种呼叫系统。
图1为根据本发明实施例的呼叫系统的结构示意图,如图1所示,根据本发明实施例的呼叫系统包括:电子签名设备10、固定电话机20和服务器30。
电子签名设备10用于存储用户的ID。在具体应用中,用户利用其使用的电子签名设备10在服务器30进行注册,服务器30为该用户分配一个唯一标识(在本发明实施例中称之为用户的ID),该唯一标识存储在电子签名设备10中。
固定电话机20,用于从电子签名设备10获取用户的ID,以及向服务器30发送签到请求,其中,该签到请求中携带有用户的ID。在具体应用中,当用户需要使用某个固定电话机时,使用其电子签名设备10与固定电话机20进行连接(可以是有线连接,也可以是无线连接),固定电话机20从电子签名设备10获取用户的ID,然后向服务器30发送携带有该用户的ID的签到请求,指示服务器30该用户的ID对应的用户当前正在使用该固定电话机。其中,固定电话机20从电子签名设备100中获取用户的ID可以是电子签名设备10在与固定电话机20建立连接之后,电子签名设备10主动发送给固定电话机20,从而可以触发固定电话机向服务器30发送签到请求,或者,也可以是电子签名设备10与固定电话机20建立连接之后,固定电话机20向电子签名设备10请求的。例如,可以是固定电话机20在接收到外部输出的指令时,从电子签名设备10获取。其中,该指令可以是指示固定电话机20发送签到请求的,也可以是指示固定电话机20向电子签名设备10请求用户的ID的,具体本实施例不作限定。
服务器30,用于接收上述签到请求,将该用户的ID与发送该签到请求的固定电话机20的通信标识关联存储,以及接收对该用户的ID的呼叫,根据该用户的ID与固定电话机20的通信标识的关联关系,将呼叫接续到与该通信标识对应的固定电话机20。
在本发明实施例提供的技术方案中,将服务器30为用户分配的唯一标识(即用户的ID)存储在电子签名设备10中,通过该唯一标识,全网可以唯一的标识一个用户,该用户在任何一个固定电话机上使用该电子签名设备中存储的该用户的ID进行签到之后,服务器30都可以根据用户的ID,将呼叫该ID的通话接续到该用户当前使用的固定电话机(即固定电话机20)上,从而可以使得用户只需要携带存储ID的电子签名设备,便可以通过同一ID使用不同的固定电话机拨打或接听电话,相对于现有技术中用户的电话号码只能固定在 一个固定电话机上的缺陷,实现了电话号码可以灵活关联到任意一个固定电话机,即实现了电话号码的灵活移动。而且,不同的用户也可以通过同一固定电话机接听电话,提高了设备的利用率。
在本发明实施例提供的技术方案中,固定电话机20为支持电子签名设备的固定电话机。
在本发明实施例中,签到是指用户使用固定电话机20,将电子签名设备20中存储的用户的ID发送给服务器30,服务器30接收到该用户的ID后,将该用户的ID与固定电话机20的通信标识进行关联,从而使服务器30获知该用户当前使用的固定电话机。在该用户在固定电话机20完成在服务器30的签到之后,服务器30接收到对该用户的ID的呼叫,查找到与该用户的ID关联的通信标识,将呼叫接续到与该通信标识对应的固定电话机(即固定电话机20)。
采用本发明实施例提供的技术方案,用户的ID并不会固定的与一个固定电话机进行绑定,通过电子签名设备10,可以方便的将用户的ID与不同固定电话机进行关联,从而使得即使使用固定电话,用户也可以通过同一ID使用不同的固定电话机接听电话,实现了固定电话的移动性。另外,采用本发明实施例提供的技术方案,用户可以通过同一ID方便的使用任意固定电话机接听电话,不同的用户也可以通过同一固定电话机接听电话,提高了设备的利用率。
在本发明实施例的一个可选实施方案中,对于固定电话,固定电话机的通信标识可以是网络为该固定电话机分配的网络端口,在具体实施过程中,通信标识也可以为固定电话机的其它的标识,只要网络侧通过该标识可以与该固定电话机建立连接即可,具体本发明实施例不作限定。
在本发明实施例提供的呼叫系统中,各个用户(1,2,3,……,n-1,n)可以分别使用一个电子签名设备在一个固定电话机上向服务器30进行签到,如图2所示,服务器30将各个用户的ID与其当前使用的固定电话机的通信标识进行关联,在接收到针对某个用户的ID的呼叫时,服务器30根据保存的用户的ID与通信标识的关联关系,获取与呼叫的用户的ID关联的通信标识,将呼叫接续到与该通信标识对应的固定电话机,从而实现呼叫。
在本发明实施例的可选实施方案中,为了提高安全,电子签名设备10可以采用具有安全芯片的装置,其中,安全芯片为具有密码计算的芯片。在具体实施过程中,电子签名设备10可以采用具有安全芯片的智能卡,通过无线的方式(例如NFC、蓝牙等方式)与固定电话机连接,也可以采用具有安全芯片的电子签名钥匙(即KEY,例如:工行使用的U盾、农行使用的K宝等)通过USB接口或音频口与固定电话机30连接,具体形式本发明实施例不作限定。
在本发明实施例的一个可选实施方案中,用户在服务器30进行签到之后,还可以从服务器30释放签到,即解除服务器30中存储的用户的ID与固定电话机的通信标识的关联关系。因此,在该可选实施方式中,服务器30还用于在将所述用户的ID与所述固定电话机的通信标识关联存储之后,删除所述用户的ID与所述固定电话机的通信标识的关联关系。
在具体实施过程中,签到的释放可以是服务器30发起,也可以是固定电话机发起。例如,服务器30可以在预定一段时间内没有接收到某个用户作为被叫或主叫的通话之后,释放该用户的签到;或者,如果服务器30可以即时的获取到用户的位置,则服务器30可以在检测到用户(例如,可以是用户携带的电子签名设备)已远离其关联的固定电话机时,释放该用户的ID与该固定电话机的通信标识的关联关系,在释放该用户的ID与该固定电话机的通信标识的关联关系之后,服务器30可以通知固定电话机20,使得固定电话机20可以获知该信息,在后续如果该用户还需要使用该固定电话机,则需要再次发起签到,即在本发明实施例的一个可选实施方案中,服务器30还用于在删除用户的ID与固定电话机20的通信标识的关联关系之后,通知固定电话机20,服务器30已释放用户的ID的签到。
或者,用户也可以通过固定电话机向服务器30发送释放请求,请求服务器30释放该用户的ID与该固定电话机的通信标识的关联关系,例如,用户可以通过固定电话机拨打一个预定的附加码,向服务器30发送释放请求,或者,用户也可以通过固定电话机的特殊键(例如,删除键)向服务器30发送释放请求,或者,用户也可以通过电子签名设备10触发固定电话机20向服务器30发送释放请求(例如,可以设置长按电子签名设备上的某个功能键即发送释放指令),释放请求中可以携带请求释放的用户的ID。即在本发明实施例的一个可选实施方案中,固定电话机20还用于在向服务器30发送签到请求之后,向服务器30发送第一释放签到请求,其中,第一释放签到请求中携带有用户的ID;服务器还用于接收第一释放签到请求,触发删除用户的ID与固定电话机20的通信标识的关联关系的操作。
例如,主叫用户在与被叫用户结束通话之后,主叫用户短时间内不会再使用该主叫固定电话机,则主叫用户可以主动通过主叫固定电话机向服务器30发送释放请求,请求服务器30释放主叫用户的ID与主叫固定电话机的通信标识的关联关系,同样,被叫用户也可以在通过被叫固定电话机向服务器30发送请求释放被叫用户的ID与被叫固定电话机的通信标识的关联关系。通过该可选实施例,用户可以在不使用某个固定电话机时,释放与该固定电话机的关联关系,从而使得其它用户可以使用该固定电话机,提高了固定电话机的利用率。
在本发明实施例的一个可选实施方式中,如果某个用户不再使用其注册的ID,则可以向服务器30发送注销请求,注销请求中可以携带请求注销的ID,服务器10在接收到该注 销请求后,可以注销该ID,或者,服务器30也可以在管理员的请求下注销某个ID,即将该ID作废,还可以将该ID重新分配给其它用户。例如,对于某局域网络,如果其中的一用户离开该局域网络,则可以注销该用户的ID。通过该可选实施方式,可以有效的管理为用户分配的ID。
在本发明实施例的一个可选实施方案中,各个电子签名设备中可以保存用户的私钥,而服务器30中可以将用户的ID与其公钥对应保存。为了确保用户身份,在交互过程中,可以对用户的身份进行认证,在认证通过之后,再执行对应的操作。即在交互过程中,电子签名设备10使用其私钥对待签名数据进行签名,然后固定电话机20将签名数据发送至服务器30,通过该签名数据可以对用户的身份进行认证。例如,电子签名设备10中可以存储用户的私钥,而服务器30中可以存储该用户的公钥以及对应的用户的ID。用户在服务器30进行签到时,可以进行签名,即在本发明实施例的一个可选实施方式中,服务器30还用于在将用户的ID与固定电话机20的通信标识关联存储之前,对所述电子签名设备进行身份认证,认证通过后,触发将所述用户的ID与所述固定电话机的通信标识关联存储的操作。具体的可以对签到数据(例如,用户的ID)进行签名,也可以对其它待签名数据(例如,电子签名设备10生成的随机数,或者,服务器30发送的待签名数据,譬如,服务器30生成的随机数或被叫用户的ID)进行签名,具体本发明实施例不作限定,服务器30在接收到签名数据后,利用用户的公钥,对签名数据进行验证,验证通过后,再将用户的ID与固定电话机20的通信标识进行关联。即在本发明实施例的一个可选实施方案中,服务器30通过以下方式对电子签名设备10进行身份认证包括:向固定电话机20发送第一验签请求,以及接收固定电话机20返回的第一验签响应,对第一验签响应中携带的第一签名数据进行验签,其中,在第一验签请求中携带第一待签名数据的情况下,第一验签响应中携带的信息包括:签名得到的第一签名数据;在第一验签请求中没有携带的第一待签名数据的情况下,第一验签响应中的携带的信息包括:第一待签名数据和签名得到的第一签名数据;固定电话机20还用于接收第一验签请求,并将第一验签请求发送给电子签名设备10,以及接收电子签名设备10返回的第一验签响应,并将第一验签响应发送给服务器30;电子签名设备10还用于接收第一验签请求,对第一待签名数据进行签名,以及第一验签响应发送给固定电话机20。
在本发明实施例的一个可选实施方案中,电子签名设备10还用于对第二待签名数据进行签名,将所述第二待签名数据及签名得到的第二签名数据发送给固定电话机20;固定电话机20还用于在向服务器30发送签到请求之前,接收电子签名设备10发送的第二待签名数据及签名得到的第二签名数据;固定电话机20发送给服务器30的签到请求中携带的信息包括:用户的ID、第二待签名数据和第二签名数据;或者,签到请求中携带的信息包括: 第二待签名数据和第二签名数据,其中,第二待签名数据包括用户的ID;服务器30通过以下方式对电子签名设备10进行身份认证:至少根据第二待签名数据对第二签名数据进行验签。
在本发明实施例的一个可选实施方案中,固定电话机20也可以对电子签名设备10进行身份认证,在认证通过的情况下,才向服务器30发送签到请求。即在该可选实施方式中,固定电话机20还用于在向服务器30发送签到请求之前,对电子签名设备10进行身份认证。具体的认证方式与上述服务器30对电子签名设备10的认证相应,即可以是电子签名设备10主动对待签名数据进行签名,将待签名数据及签名得到的签名数据发送给固定电话机20,固定电话机20根据接收到的数据进行验签。或者,也可以是固定电话机20在检测到有电子签名设备10接入时,向接入的电子签名设备10发送验签请求,电子签名设备10接收到该验签请求后,对待签名数据进行签名,然后向固定电话机20返回验签响应,固定电话机20对验签响应中携带的签名数据进行验签。
另外,在本发明实施例的一个可选实施方案中,服务器30还可以在接收到用户的ID的呼叫请求后,也对被叫用户进行身份验证,即在本发明实施例的一个可选实施方案中,服务器30还用于在接收对用户的ID的呼叫后,向固定电话机20发送携带有第五待签名数据的第三验签请求,以及接收固定电话机20返回的第五签名数据,对第五签名数据进行验签,在验签通过之后,触发将呼叫接续到固定电话机20的操作;固定电话机20还用于接收第三验签请求,并将第三验签请求发送给电子签名设备10,以及接收电子签名设备10返回的第五签名数据,并将第五签名数据发送给服务器30;电子签名设备10还用于接收第三验签请求,对第五待签名数据进行签名,以及将签名得到的第五签名数据发送给固定电话机20。
在固定电话机20发起释放请求时,固定电话机20也可以从电子签名设备10获取身份认证数据,在释放请求中携带身份认证数据(或者,也可以在发起释放请求之后,由服务器30向固定电话机20发送认证请求,固定电话机20响应服务器30的请求,由电子签名设备10对待签名数据进行签名得到身份认证数据,然后发送给服务器30)。
即,在本发明实施例的一个可选实施方案中,固定电话机20还用于向服务器30发送释放签到请求之前,接收电子签名设备10发送的第二释放签到请求,其中,第二释放签到请求中携带有第三待签名数据以及对第三待签名数据进行签名得到的第三签名数据;第一释放签到请求中还携带有第三待签名数据以及第三签名数据;服务器30按照以下方式删除用户的ID与固定电话机的通信标识的关联关系:根据第三待签名数据对第三签名数据进行验签,验签通过之后,删除用户的ID与固定电话机的通信标识的关联关系。
在本发明实施例的另一个可选实施方案中,服务器30还用于向固定电话机20发送携 带第四待签名数据的第二验签请求,以及接收固定电话机返回的第四签名数据,并对第四签名数据进行验签,在验签通过之后,触发删除用户的ID与固定电话机的通信标识关联关系的操作;固定电话机20还用于接收第二验签请求,并将第二验签请求发送给电子签名设备10,以及接收电子签名设备10返回的第四签名数据,并将第四签名数据返回给服务器30;电子签名设备10还用于接收第二验签请求,对第四待签名数据进行签名,以及将签名得到的第四签名数据发送给固定电话机20。
虽然上面只列举了上述三种情况需要进行身份认证为例进行说明,但并不限于此,在实际应用中,对于其它可能的流程,服务器30也可以先对用户进行身份认证,认证通过后再执行后续的流程。
通过对电子签名设备10进行身份认证,避免了通话某一方恶意模仿进行诈骗的情况,提高了呼叫系统的安全性。
在本发明实施例的一个可选实施方案中,为了兼容现在的电话呼叫系统,服务器30用于接收对用户的ID的呼叫之后,判断该呼叫的类型为预设的呼叫类型,触发将呼叫接续到固定电话机20的操作。即在该可选实施方式中,服务器30可以实现两种呼叫方式,一种是现有的呼叫方式,即呼叫每个固定电话机使用的电话号码的方式,另一种则是呼叫用户的ID的方式,服务器30在接收到一个呼叫之后,先判断该呼叫的类型,在该呼叫的类型为呼叫用户的ID的类型时,则按照存储的用户的ID与固定电话机的通信标识的关联关系进行呼叫接续,否则,按照现有的呼叫方式进行。
作为本发明实施例的一个可选实施方案,固定电话机20可以与电子签名设备10间通过无线方式连接,也可以通过有线方式连接,无线方式可以包括但不限于:蓝牙、WIFI、NFC、红外或RFID等方式;有线方式可以包括但不限于:USB、音频(耳机插头)RJ11、RJ45或串口等方式。
实施例2
如图3所示,本实施例提供了一种呼叫方法。
在本实施例提供的呼叫方法中,用户在服务器上为其使用的电子签名设备注册唯一标识用户的ID,电子签名设备保存用户的ID;固定电话机从电子签名设备中获取用户的ID,向服务器发送签到请求,签到请求中携带有该用户的ID,服务器将该用户的ID与用户当前使用的固定电话机的通信标识关联并存储,在接收到其他用户对该用户的ID的呼叫请求后,根据该用户的ID与通信标识的关联关系,建立其他用户使用的固定电话机与该通信标识对应的固定电话机的通话链路,从而在用户忘记带手机或不便带手机的情况下,或者,在用户只能以固定的方式拨打或接听电话的情况下,只要随身携带该电子签名设备,就可 以利用电子签名设备在任意固定电话机上实现该用户的拨打或接听电话。
下面将结合附图对本发明实施例的呼叫方法作进一步地描述。
如图3所示,本实施例提供的呼叫方法主要可以包括以下步骤(S302至S308)。
步骤S302,固定电话机从电子签名设备获取用户的ID。
其中,用户的ID为用户在服务器上为用户使用的电子签名设备注册的唯一标识;在注册时,电子签名设备保存用户的ID,用户的ID可以是但不限于以下方式:数字、字母、字符、汉字之一或其组合。该ID相当于现有通信系统中用户的电话号码,方便主叫固定电话机呼叫被叫用户。
其中,电子签名设备包括但不限于具有安全芯片的电子签名钥匙(KEY设备,例如工行的U盾或农行的K宝等)、具有安全芯片的智能卡等,其中,安全芯片能够进行签名运算、加解密运算、协商传输密钥的功能。
在具体应用中,固定电话机可以是在电子签名设备接入到固定电话机时从电子签名设备获取用户的ID,也可以是用户使用电子签名设备接入到固定电话机后,指示固定电话机发送签到请求时(指示指令可以是从固定电话机上输入的,也可以是从电子签名设备输入,然后由电子签名设备发送给固定电话机的),固定电话机从电子签名设备获取用户的ID,具体本实施例不作限定。
在本发明实施例的一个可选实施方式中,为了确保用户的安全,避免增加服务器的负荷,在步骤S302中,固定电话机还可以对电子签名设备进行身份认证。即电子签名设备向固定电话机发送一个身份认证数据,固定电话机接收到该身份认证数据之后,对电子签名设备进行认证,认证通过后,再执行后续步骤。
在具体应用中,固定电话机对电子签名设备进行身份认证包括但不限于以下两种方式:
(1)方式一:
A1、固定电话机(固定电话机可以为被叫固定电话机或者主叫固定电话机)生成随机数R1;
A2、固定电话机对随机数R1进行签名,生成签名值S1;
A3、固定电话机将随机数R1、签名值S1以及固定电话机的数字证书发送至电子签名设备(可以为第一电子签名设备或者第二电子签名设备);
A4、电子签名设备利用预存的根证书校验接收的固定电话机的数字证书的合法性,如果校验该固定电话机的数字证书合法,则执行A5,如果校验该固定电话机的数字证书不合法,则停止身份认证流程,必要时,可以向固定电话机反馈校验证书不通过的消息;
A5、电子签名设备从固定电话机的数字证书中获取固定电话机的公钥,利用固定电话机的公钥对接收的签名值S1进行验签,如果验签通过,则执行A6,如果验签不通过,则 停止身份认证流程,也可以向固定电话机反馈验签不通过的消息;
A6、电子签名设备生成随机数R2;
A7、电子签名设备对随机数R2和接收的随机数R1进行签名,生成签名值S2;
A8、电子签名设备将随机数R2、签名值S2以及电子签名设备的数字证书发送至固定电话机;
A9、固定电话机利用预存的根证书校验接收的电子签名设备的数字证书的合法性,如果校验该电子签名设备的数字证书合法,则执行A10,如果校验该电子签名设备的数字证书不合法,则停止身份认证流程,必要时,可以向电子签名设备反馈校验证书不通过的消息;
A10、固定电话机从电子签名设备的数字证书中获取电子签名设备的公钥,利用电子签名设备的公钥对接收的签名值S2进行验签,如果验签通过,则执行后续操作,如果验签不通过,则停止身份认证流程,也可以向电子签名设备反馈验签不通过的消息。
(2)方式二:
B1、固定电话机(固定电话机可以为被叫固定电话机或者主叫固定电话机)生成随机数R1,并将随机数R1发送至电子签名设备;
B2、电子签名设备(可以为第一电子签名设备或者第二电子签名设备)接收到随机数R1后,生成随机数R2,将随机数R2和电子签名设备的数字证书发送至固定电话机;
B3、固定电话机利用预存的根证书校验接收的电子签名设备的数字证书的合法性,如果校验该固定电话机的数字证书合法,则执行B4,如果校验该固定电话机的数字证书不合法,则停止身份认证流程,必要时,可以向电子签名设备反馈校验证书不通过的消息;
B4、固定电话机对随机数R2和随机数R1进行签名,生成签名值S1;
B5、固定电话机将签名值S1以及固定电话机的数字证书发送至电子签名设备;
B6、电子签名设备利用预存的根证书校验接收的固定电话机的数字证书的合法性,如果校验该固定电话机的数字证书合法,则执行B7,如果校验该固定电话机的数字证书不合法,则停止身份认证流程,必要时,可以向固定电话机反馈校验证书不通过的消息;
B7、电子签名设备从固定电话机的数字证书中获取固定电话机的公钥,利用固定电话机的公钥对接收的签名值S1进行验签,如果验签通过,则执行后续操作,如果验签不通过,则停止身份认证流程,也可以向固定电话机反馈验签不通过的消息。
当然,除了上述两种方式外,固定电话机对电子签名设备进行身份认证还有其他方式,本领域技术人员在本发明基础上扩展的其他身份认证方式都应该是本发明的保护范围。
步骤S304,固定电话机向服务器发送签到请求,其中,签到请求中携带有用户的ID。
在具体应用中,固定电话机可以是在电子签名设备一接入到固定电话机后,即执行步 骤S302,然后执行步骤S304,也可以是在电子签名设备接入到固定电话机后,接收到发送签到请求的指示指令时,执行步骤S304。
步骤S306,服务器接收签到请求,将用户的ID与固定电话机的通信标识关联存储。
在本发明实施例的一个可选实施方案中,用户使用电子签名设备向服务器提出注册申请,服务器可以向电子签名设备办法证书或者使用电子签名设备内已有的其他认证单位办法的证书,服务器为用户分配一个唯一标识作为用户的ID,并将用户的ID与颁发给电子签名设备的证书绑定存储,由此,服务器可以通过为电子签名设备颁发的证书来验证电子签名设备的身份。具体的,可以通过但不限于如下方式之一进行注册:
方式一:用户持电子签名设备向服务器发送账号申请,服务器审核用户身份通过后,向电子签名设备发送密钥生成指令,电子签名设备生成密钥对,并将公钥发送至服务器,服务器生成电子签名设备的公钥证书,分配唯一标识作为用户的ID,将用户的ID与公钥证书绑定存储,并为电子签名设备签发证书,并将签发的证书发送至电子签名设备,电子签名设备保存服务器签发的证书。通过此种方式,由电子签名设备生成密钥对,保证密钥的安全性。
方式二:用户持电子签名设备向服务器发送账号申请,服务器审核用户身份通过后,向电子签名设备发送读取证书指令,电子签名设备将证书发送至服务器,服务器验证证书的合法性,并在证书合法后,分配唯一标识作为用户的ID,将用户的ID与证书绑定存储。通过此种方式,利用电子签名设备已有的证书进行绑定,提高了注册效率。
当然,为了保证用户身份合法,在本发明实施例的一个可选实施方案中,在本步骤中,固定电话机在发送签到请求时,除了携带用户的ID外,还可以在签到请求中携带身份认证数据并发送至服务器,以便服务器对用户的身份进行认证,保证身份合法。即在步骤S304之前,电子签名设备对待签名数据进行签名,得到身份认证数据,将身份认证数据发送给固定电话机,固定电话机将身份认证数据携带在签到请求中发送给服务器;该身份认证数据可以通过如下方式之一得到:
方式一:电子签名设备对用户的ID进行签名获得的签名数据。
方式二:电子签名设备待签名数据进行签名获得的签名数据,该待签名数据可以包括单次认证数据,该单次认证数据可以为电子签名设备生成的(在这种情况下,签到请求中还携带有该单次认证数据),也可以为固定电话机接收到服务器发送的并发送至电子签名设备的。该单次认证数据可以为随机数和事件因子之一或其组合,其中事件因子可以为每生成一次累计+1或任意值等方式生成的。
方式三:电子签名设备对待签名数据和用户的ID进行签名获得的签名数据,其中,该待签名数据可以包括单次认证数据,该单次认证数据可以为电子签名设备生成的(在这种 情况下,签到请求中还携带有该单次认证数据),也可以为固定电话机接收到服务器发送的并发送至电子签名设备的。该单次认证数据可以为随机数和事件因子之一或其组合,其中事件因子可以为每生成一次累计+1或任意值等方式生成的。
方式四:电子签名设备在注册时设置的密码或者与电子签名设备关联的动态口令牌生成的动态密码。
如果固定电话机在发送的签到请求中携带了身份认证数据,在服务器收到固定电话机的签到请求之后,本步骤中,服务器还可以对接收到的被叫固定电话机发送的身份认证数据进行认证,并在认证通过后,执行将用户的ID与被叫固定电话机的通信标识进行关联并存储的步骤。具体的,服务器可以通过用户在服务器上为电子签名设备注册时存储的电子签名设备的公钥对签名数据进行验签的方式进行身份认证,也可以验证静态密码或者动态密码的方式进行身份认证。由此保证只有在认证用户身份合法后,才执行将用户的ID与固定电话机的通信标识进行关联并存储的步骤,保证用户签到的合法性。
在本发明实施例的一个可选实施方案中,如果签到请求中没有携带身份认证数据,则服务器在接收到签到请求后,向固定电话机发送第一验签请求;固定电话机接收第一验签请求,并将第一验签请求发送给电子签名设备;电子签名设备接收到第一验签请求,对第一待签名数据进行签名,向固定电话机发送第一验签响应,其中,在第一验签请求中携带第一待签名数据的情况下,第一验签响应中携带的信息包括:签名得到的第一签名数据;在第一验签请求中没有携带的第一待签名数据的情况下,第一验签响应中的携带的信息包括:第一待签名数据和签名得到的第一签名数据;固定电话机将接收到的第一验签响应发送给服务器;服务器接收到第一验签响应,对第一验签响应中携带的第一签名数据进行验签。
步骤S308,服务器接收对用户的ID的呼叫,根据用户的ID与固定电话机的通信标识的关联关系,将呼叫接续到与通信标识对应的固定电话机。
可选地,在步骤S308中,在服务器接收对用户的ID的呼叫后,服务器还可以对呼叫的用户的ID进行认证,从而可以验证被呼叫的用户是否在线。即服务器向与呼叫的用户的ID关联的通信标识对应的固定电话机发送第三验签请求,其中,第三验签请求中携带有第五待签名数据;固定电话机接收第三验签请求,并将第三验签请求发送给电子签名设备;电子签名设备接收第三验签请求,对第五待签名数据进行签名;电子签名设备将签名得到的第五签名数据发送给固定电话机;固定电话机将接收到的第五签名数据发送给服务器;服务器接收到第五签名数据,对第五签名数据进行验签,在验签通过之后,执行将呼叫接续到固定电话机的步骤。
在本发明实施例的一个可选实施方案中,为了兼容现在的电话呼叫系统,服务器接收 对用户的ID的呼叫之后,判断该呼叫的类型为预设的呼叫类型,执行将呼叫接续到固定电话机的步骤。即在该可选实施方式中,服务器可以实现两种呼叫方式,一种是现有的呼叫方式,即呼叫每个固定电话机使用的电话号码的方式,另一种则是呼叫用户的ID的方式,服务器在接收到一个呼叫之后,先判断该呼叫的类型,在该呼叫的类型为呼叫用户的ID的类型时,则按照存储的用户的ID与固定电话机的通信标识的关联关系进行呼叫接续,否则,按照现有的呼叫方式进行。判断所述呼叫的类型为预设的呼叫类型,执行将所述呼叫接续到所述固定电话机的步骤。
在本发明实施例的一个可选实施方案中,服务器在将用户的ID与固定电话机的通信标识关联存储之后,还可以删除该用户的ID与固定电话机的通信标识的关联关系。基于此,服务器可以释放对用户的签到,不影响被用户签到的固定电话机的正常使用。当然,服务器可以通过如下方式至少之一触发释放对被叫用户的签到的流程:接收被叫固定电话机发送的释放签到指令后、服务器判断需要释放签到后。
即在本发明实施例的一个可选实施方案中,在固定电话机向服务器发送签到请求之后,服务器删除用户的ID与固定电话机的通信标识的关联关系之前,固定电话机向服务器发送第一释放签到请求,其中,第一释放签到请求中携带有所述用户的ID;服务器接收所述第一释放签到请求。
在本发明实施例的一个可选实施方案中,如果服务器接收到固定电话机发送的释放签到指令,则服务器还可以对用户的身份进行验证,以保证释放签到的用户身份合法。因此,在该可选实施方式中,固定电话机向服务器发送释放签到请求之前,固定电话机接收电子签名设备发送的第二释放签到请求(可以是电子签名设备主动向固定电话机发送的,也可以是固定电话机向电子签名设备请求的),其中,第二释放签到请求中携带有第三待签名数据以及对第三待签名数据进行签名得到的第三签名数据;则固定电话机向服务器发送的第一释放签到请求中还携带有第三待签名数据以及第三签名数据;服务器删除用户的ID与所述固定电话机的通信标识的关联关系可以包括:服务器至少根据第三待签名数据对所述第三签名数据进行验签,验签通过之后,删除用户的ID与固定电话机的通信标识的关联关系。
或者,在本发明实施例的一个可选实施方案中,服务器删除用户的ID与固定电话机的通信标识的关联关系之前,服务器可以向固定电话机发送第二验签请求,其中,第二验签请求中携带有第四待签名数据;固定电话机接收第二验签请求,并将第二验签请求发送给电子签名设备;电子签名设备接收到第二验签请求,对第四待签名数据进行签名;电子签名设备将签名得到的第四签名数据发送给固定电话机;固定电话机将接收到的第四签名数据发送给服务器;服务器接收到第四签名数据,对第四签名数据进行验签,在验签通过之后,执行删除用户的ID与固定电话机的通信标识关联关系的步骤。
在本发明实施例的一个可选实施方案中,如果是服务器判断需要释放签到,则在删除用户的ID与固定电话机的通信标识关联关系之后,服务器还可以通知固定电话机,服务器已释放用户的ID的签到。从而使得固定电话机可以获取当前服务器已释放该用户的ID的签到。
在本发明实施例中,在固定电话机与电子签名设备完成了身份认证之后,固定电话机与电子签名设备之间还可以协商出一个传输密钥,并将该传输密钥发送至服务器,服务器保存该传输密钥,用于后续固定电话机、服务器以及电子签名设备之间数据传输的加/解密。
由此可见,通过本发明实施例的呼叫方法,由于固定电话机向服务器发送了签到请求,告知服务器用户使用的是哪一个固定电话机,服务器由此可以将该固定电话机与用户进行关联,由此可以在接收到主叫固定电话机对该用户的呼叫时,将主叫固定电话机的呼叫接入该用户签到的固定电话机上,由此可以保证被叫用户无论使用哪一个固定电话机,只要在该固定电话机处进行了签到,就可以找到该被叫用户,方便了使用。
实施例3
本实施例提供了一种固定电话机。
图4为本实施例提供的固定电话机的结构示意图,如图4所示,该固定电话机主要包括:第二收发模块402,用于从电子签名设备获取用户的ID;第一收发模块404,用于向服务器发送签到请求,其中,签到请求中携带有用户的ID;通话模块406,用于接收服务器发送的呼叫,与主叫端建立通话。
在本发明实施例提供的技术方案中,采用本发明实施例提供的技术方案,用户的ID并不会固定的与一个固定电话机进行绑定,通过电子签名设备10,可以方便的将用户的ID与不同固定电话机进行关联,从而使得即使使用固定电话,用户也可以通过同一ID使用不同的固定电话机接听电话,实现了固定电话的移动性。另外,采用本发明实施例提供的技术方案,用户可以通过同一ID方便的使用任意固定电话机接听电话,不同的用户也可以通过同一固定电话机接听电话,提高了设备的利用率。
可选地,第一收发模块404还可以用于接收服务器发送的第一验签请求;第二收发模块还402用于将第一验签请求发送给电子签名设备,以及接收电子签名设备返回的第一验签响应,其中,在第一验签请求中携带第一待签名数据的情况下,第一验签响应中携带的信息包括:签名得到的第一签名数据,在第一验签请求中没有携带的第一待签名数据的情况下,第一验签响应中的携带的信息包括:第一待签名数据和签名得到的第一签名数据;第一收发模块404还用于将接收到的第一验签响应发送给服务器。
可选地,第二收发模块402还用于接收电子签名设备发送的第二待签名数据及电子签 名设备对第二待签名数据进行签名得到的第二签名数据;第一收发模块404发送的签到请求中携带的信息包括:用户的ID、第二待签名数据和第二签名数据;或者,签到请求中携带的信息包括:第二待签名数据和第二签名数据,其中,第二待签名数据包括用户的ID。
可选地,还可以包括:认证模块,用于对电子签名设备进行身份认证。在认证通过的情况下,第一收发模块才向服务器发送签到请求。具体的认证方式可以参见上述实施例1和实施例2中的描述,在此不再赘述。
可选地,第一收发模块404还可以用于向服务器发送第一释放签到请求,其中,第一释放签到请求中携带有用户的ID。即固定电话机可以主动发送释放签到请求,从而可以在用户不再使用时某个固定电话机时,通知服务器,使得其它用户可以使用该固定电话机,从而提高固定电话机的使用率。
可选地,第二收发模块402还可以用于接收电子签名设备发送的第二释放签到请求,其中,第二释放签到请求中携带有第三待签名数据以及对第三待签名数据进行签名得到的第三签名数据;第一收发模块404发送的第一释放签到请求中还可以携带有第三待签名数据以及第三签名数据。在该可选实施方式中,固定电话机在发起释放时,同时将身份认证数据发送给服务器,从而使得服务器可以同时进行认证,提高了安全性,并且节约了流程。
可选地,第一收发模块404还可以用于接收服务器发送的携带第四待签名数据的第二验签请求;第二收发模块402还可以用于将第二验签请求发送给电子签名设备,以及接收电子签名设备返回对第四待签名数据进行签名得到的第四签名数据;第一收发模块402还可以用于将第四签名数据返回给服务器。在该可选实施方式中,在服务器发起验签要求的情况下,固定电话机通知电子签名设备进行签名。
可选地,第一收发模块404还可以用于接收服务器发送的通知,其中,通知指示服务器已释放用户的ID的签到。在该可选实施方案中,在服务器主动释放签到的情况下,固定电话机可以及时获知,避免由于用户不知道服务器以释放签到的情况下,而漏掉重要电话的情况。
可选地,第一收发模块404还可以用于在通话模块接收服务器发送的呼叫之前,接收服务器发送的携带有第五待签名数据的第三验签请求;第二收发模块402还可以用于将第三验签请求发送给电子签名设备,以及接收电子签名设备返回对第五待签名数据进行签名得到的第五签名数据;第一收发模块404还可以用于将第五签名数据发送给服务器。从而使得服务器可以在将呼叫接续到固定电话机之前,确定用户是否在线。
从上述实施例可以看出,相对于现有技术,上述实施例中提供的呼叫方法及系统,可以将用户的ID与不同固定电话机关联,从而使得用户只需要携带存储ID的电子签名设备,便可以通过同一ID使用不同的固定电话机拨打或接听电话,相对于现有技术中用户的电话 号码只能固定在一个固定电话机上的缺陷,实现了电话号码可以灵活关联到任意一个固定电话机,即实现了电话号码的灵活移动。而且,不同的用户也可以通过同一固定电话机接听电话,提高了设备的利用率。固定电话机可以利用其电子签名设备进行身份认证以及协商传输密钥,通过对主叫用户或被叫用户进行身份认证,避免了通话某一方恶意模仿进行诈骗的情况,提高了通话系统的安全性。在通话过程中,使用传输密钥对传输数据进行加解密,保证通话数据的安全。
实施例4
本实施例提供一种通话系统,如图5所示,包括电子签名设备200以及终端100,电子签名设备200与终端100之间通过有线或无线的方式连接。电子签名设备200用于存储用户的ID,当电子签名设备200与终端100连接时,终端100通过电子签名设备200中读取其中存储的用户的ID,并将该用户的ID发送给网络侧,通知网络侧该用户当前正使用该终端,从而使得网络侧可以将呼叫该用户的ID的呼叫请求接续到终端100。从而实现“被叫号码”(即被叫用户的ID)的移动性。
在本实施例的一个可选实施方式中,终端100可以采用如图6所示的结构。
本发明实施例提供一种终端100(也可称之为云电话装置),如图6所示,包括:通信接口101、控制模块102以及电子签名设备接口103。其中,
电子签名设备接口103,用于从电子签名设备200接收签到数据,并将签到数据发送至控制模块102,签到数据至少包括终端100的用户的ID;具体应用中,电子签名设备接口103可以是有线接口,如USB接口、音频接口等,电子签名设备接口103也可以是无线接口,如蓝牙、wifi、NFC、射频等。在本实施例中签到数据(即用户的ID)不仅仅限于存储在电子签名设备200中,终端100也可以通过其他方式获取签到数据,例如,可以是用户在终端输入用户的ID(手写输入或语音输入),或者,用户在电子签名设备200输入用户的ID(手写输入或语音输入),终端接收电子签名设备200发送的用户的ID。签到数据用于指示服务器当前用户正在使用该终端。
控制模块102,用于将签到数据发送至通信接口101;
通信接口101,用于将签到数据外发。具体的,通信接口是用于连接至电话网络的接口,用于该终端100与外界的通信。
本发明实施例的终端100可以是固定电话、移动电话或者平板电脑等装置,电子签名设备200是用于身份认证的装置,可以是现有的智能密码钥匙如USBKEY、蓝牙KEY、音码KEY、复合型KEY等,也可以是专门用于本发明实施例目的的身份认证装置。
通过将电子签名设备200(智能密码钥匙)连接到本发明实施例的终端100(云电话装 置),用户可以使用任意终端,通过签到,服务管理器可以将呼叫接续到该任意终端上。进而使得一个“被叫号码”(即被叫用户的ID)不需固定在一个终端,实现了“被叫号码”的移动性。
在本实施例的一个可选实施方式中,该终端100还可以包括:听筒104以及麦克105;听筒和麦克保证用户能够通过该终端100进行通话。在该可选实施方式中,通信接口101,还可以用于接收来自外部的第一通话数据,并将第一通话数据发送至控制模块102;控制模块102,还用于将第一通话数据对应的第二通话数据发送至听筒104;接收麦克105发送的第三通话数据,将第三通话数据对应的第四通话数据发送至通信接口101;通信接口101,还用于将第四通话数据外发。具体应用中,通信接口101可以通过网络连接服务管理器,将数据发送至网络侧。通过该可选实施方式,服务器可以将呼叫用户的ID的呼叫接续到用户当前签到的终端,而“被呼号码”(即被叫用户的ID)可以不固定在一个终端上,实现被呼号码(即被叫用户的ID)的移动性。
在本实施例的一个可选实施方案中,电子签名设备接口103还用于从电子签名设备200接收电子签名设备200对待签名数据进行签名获得的身份认证数据,并将身份认证数据发送到控制模块102;控制模块102还用于将身份认证数据发送至通信接口101;通信接口101还用于将身份认证数据外发。在该可选实施方式中,待签名数据可以是通信接口101从网络侧接收过来通过电子签名设备接口103发送给电子签名设备200的,也可以是电子签名设备200自己确定的,这种情况下,电子签名设备200可以将待签名数据的明文与身份认证数据一起发送给网络侧。另外,电子签名设备200生成身份认证数据,可以是由网络侧触发,也可以是由控制模块102根据预设规则触发。
通过本可选实施方案,能够利用智能密码设备对通话一方或双方或多方通信人身份进行认证,确保通话一方或双方或多方的身份合法,保证通话的安全。
在本实施例的一个可选实施方式中,通话过程中,可以通过电子签名设备200对终端100发送的通话数据进行加密,对终端100接收到的通话数据进行解密。因此,在该可选实施方式中,第二通话数据可以为经由电子签名设备200对第一通话数据进行解密得到的;第四通话数据可以为经由电子签名设备200对第三通话数据进行加密得到的。通过该可选实施方式,由通信接口101接收网络上其他终端发来的加密数据,将收到的加密数据经由电子签名设备200进行解密后传输给听筒104,用户在听筒104听到正确解密的数据(即用户可以正常听到对方的说话);当用户需要说话时,麦克105接收到用户的语音数据,将该语音数据发送至电子签名设备200,由电子签名设备200加密后再发送至通信接口101进行往外发出,从而保证了收发数据的安全性,防止用户信息的外泄。
在本实施例的可选实施方式中,电子签名设备200中使用的对通话数据进行加解密的 加解密密钥(可以称之为传输密钥)还可以及时地进行更换,提高安全级别,例如,通话双方的电子签名设备200可以按照以下方式更换传输密钥:(1)根据跳变触发因子,将当前的传输密钥跳变为新的传输密钥;(2)获取到密钥跳变指令,将当前的传输密钥跳变为新的传输密钥。其中,跳变触发因子包括但不限于以下至少之一:跳变周期、跳变时间点、和通话数据量。密钥跳变指令包括但不限于以下至少之一:通话对端发送的密钥跳变指令、输入的密钥跳变指令、和根据预设规则生成的密钥跳变指令。通过该可选实施方式,可以为用户提供多种传输密钥更换的实现方案。
此外,在本实施例的一个可选实施方式中,终端100还可以包括:输入装置106;输入装置106用于为用户提供输入信息到终端100的装置,输入装置106可以是键盘等。当用户需要拨打电话时,可以通过输入装置106输入被叫用户的ID。在该可选实施方式中,输入装置106,接收到输入的第一输入数据,并将第一输入数据发送至控制模块102;控制模块102,将第一输入数据对应的第二输入数据发送至通信接口101。
此外,第二输入数据为经由电子签名设备200对第一输入数据进行加密得到的。从而可以保证被叫电话不被他人截取,防止信息泄漏,提高通话安全。
应用本实施例提出的终端和通话系统,使用电子签名设备存储用户的ID,用户只需要携带一只小小的电子签名设备,将电子签名设备连接到任意终端上,通过签到,服务管理器可以将该用户的ID为被叫的呼叫接续到该任意终端上。进而使得一个“被叫号码”(即被叫用户的ID)可以关联到不同的终端,而不需固定在一个终端,实现了“被叫号码”的移动性。
本发明实施例还提供一种通话系统,该系统基于上述终端实现,包括多个上述终端及多个电子签名设备。如图7所示,终端和电子签名设备配合网络侧的服务管理器(可以称之为服务器)组成通话网络,图7中所有终端通过网络远程与服务管理器进行连接。
应用本发明实施例提出的终端和通信系统,终端将可以实现分时复用,分时地连接不同用户的电子签名设备,从而提高了设备的利用率。
实施例5
本实施例提供另一种终端,本实施例的终端与实施例4中的终端的区别在于,本实施例中控制模块是安全芯片,该安全芯片具有密码计算功能,可以完成加/解密操作。以下仅对本实施例中与实施例4中不同之处进行简单说明。
如图8所示,终端300包括:通信接口301,控制模块302以及电子签名设备接口303;其中,电子签名设备接口303,用于从电子签名设备接收签到数据,并将签到数据发送至控制模块302,签到数据至少包括终端的用户的ID;控制模块302,用于将签到数据发送 至通信接口301;通信接口301,用于将签到数据外发。
可选地,该终端300还可以包括:听筒304以及麦克305;通信接口301,还可以用于接收来自外部的第一通话数据,并将第一通话数据发送至控制模块302;控制模块302,还可以用于将第一通话数据对应的第二通话数据发送至听筒304;接收麦克305发送的第三通话数据,将第三通话数据对应的第四通话数据发送至通信接口301;通信接口301,还可以用于将第四通话数据外发。
本实施例中,控制模块302为安全芯片307。该安全芯片可以独立地完成数据的加解密,从而无需将数据传输给电子签名设备进行加解密,节约了传输时间,提高了通话效率。
具体的,第二通话数据为经由安全芯片307对第一通话数据进行解密得到的;第四通话数据为经由安全芯片307对第三通话数据进行加密得到的。由通信接口301接收网络上其他电话发来的加密数据,将收到的加密数据经由安全芯片307进行解密后传输给听筒,用户在听筒听到正确解密的数据(即用户可以正常听到对方的说话);当用户需要说话时,麦克接收到用户的语音数据,将该语音数据发送至安全芯片307,由安全芯片加密后再发送至通信接口进行往外发出,从而保证了收发数据的安全性,防止用户信息的外泄。
在本实施例的一个可选实施方式中,终端300还可以包括:输入装置306,用于为用户提供输入信息到终端的装置,输入装置可以是键盘等。当用户需要拨打电话时,可以通过输入装置输入被叫用户的ID。
在本实施例的一个可选实施方式中,安全芯片307还可以对输入装置306输入的数据进行加密,在该可选实施方式中,输入装置306,用于接收到输入的第一输入数据,并将第一输入数据发送至安全芯片307;安全芯片307,用于将第一输入数据对应的第二输入数据发送至通信接口301;第二输入数据为经由电子签名设备40对第一输入数据进行加密得到的。从而可以保证用户输入信息的传输安全。
此外,安全芯片307,还用于从电子签名设备接口303接收到传输密钥,并保存传输密钥。安全芯片307使用的传输密钥由电子签名设备200生成,进一步保证数据传输的安全性。
在本实施例的一个可选实施方式中,安全芯片307还可以用于从电子签名设备接口303或者通信接口301或者输入装置接收释放签到数据,将保存的传输密钥删除。当通话结束后,或者用户不在终端身旁,或者按下特殊按钮均可以触发释放签到流程。当触发释放签到流程时,终端上的安全芯片307在接收到释放签到数据时,为了保证密钥的安全,在释放签到时,同时也将保存的传输密钥删除。通过该可选实施方式,可以及时释放终端中存储的传输密钥,避免由于没能及时删除传输密钥而导致别的用户无法使用该终端的问题。
在本实施例的一个可选实施方式中,安全芯片307还可以用于对电子签名设备40进 行认证。安全芯片307可以预先保存被叫用户的公钥,在从电子签名设备40获取被叫用户的ID或签名数据或传输密钥时,可以指示电子签名设备40发送身份认证数据,电子签名设备40接收到指示后,利用保存在私钥对待签名数据进行签名后得到身份认证数据,将身份认证数据发送给安全芯片307,安全芯片307利用公钥对身份认证数据进行认证,并在认证通过后,继续执行后续流程。其中,在该可选实施方式中,待签名数据可以是安全芯片307发送给电子签名设备40的,也可以是电子签名设备40自己确定的,这种情况下,电子签名设备40可以将待签名数据的明文与身份认证数据一起发送给安全芯片307。当然,安全芯片307对电子签名设备40进行身份认证还可以是其他形式的认证,例如通过密码方式进行认证等。通过该可选实施方式,使得终端也能验证电子签名设备的真实身份,防止被假的电子签名设备欺诈,保证用户的安全。
此外,安全芯片307,还可以用于将当前传输密钥条变为新的传输密钥。定期更换新的传输密钥,保证传输安全。
实施例6
根据本发明实施例,提供了一种通话系统。
图9为根据本发明实施例的通话系统的结构示意图,如图9所示,根据本发明实施例的通话系统包括:被叫终端110、主叫终端120、服务器130、以及与被叫终端110连接的第一电子签名设备140。
在本发明实施例提供的技术方案中,被叫终端110为支持电子签名设备的终端,被叫用户利用其使用的第一电子签名设备140在服务器130进行注册,服务器130为被叫用户分配一个唯一标识(在本发明实施例中称之为被叫用户的ID),该唯一标识存储在第一电子签名设备140中,通过该唯一标识,全网可以唯一的标识被叫用户,被叫用户在任何一个终端上签到之后,服务器都可以根据被叫用户的ID,将呼叫该ID的通话接续到该用户当前使用的终端(即被叫终端110)上。
在本发明实施例中,签到是指用户使用被叫终端110,将第一电子签名设备140中存储的被叫用户的ID发送给服务器130,服务器130接收到该被叫用户的ID后,将该被叫用户的ID与被叫终端130的通信标识进行关联,从而使服务器130获知该被叫用户当前使用的终端。在被叫用户在被叫终端110完成在服务器130的签到之后,服务器130接收到主叫终端120呼叫该被叫用户的ID的呼叫请求后,查找到与该被叫用户的ID关联的通信标识,将呼叫接续到与该通信标识对应的终端(即被叫终端110)。
采用本发明实施例提供的技术方案,被叫用户的ID并不会固定的与一个终端进行绑定,通过第一电子签名设备140,可以方便的将被叫用户的ID与不同终端进行关联,从而 使得即使使用固定电话,用户也可以通过同一ID使用不同的终端接听电话,实现了固定电话的移动性。并且,对于移动终端,用户也不必像现有技术中一般,无论到什么地方都需要携带安装SIM卡的移动终端,只需要携带存储ID的第一电子签名设备140即可。另外,采用本发明实施例提供的技术方案,用户可以通过同一ID方便的使用任意终端(包括固定终端和移动终端,即被叫终端110可以是固定终端也可以是移动终端)接听电话,不同的用户也可以通过同一终端接听电话,提高了设备的利用率。
在本发明实施例的一个可选实施方案中,对于固定电话,终端的通信标识可以是网络为该终端分配的网络端口,对于移动终端,终端的通信标识可以是移动终端的SIM卡的鉴权密钥等,对于终端上的可以进行通话的客户端,该通信标识可以是客户端当前使用的IP地址等,在具体实施过程中,通信标识也可以为终端的其它的标识,只要网络侧通过该标识可以与该终端建立连接即可,具体本发明实施例不作限定。
在本发明实施例的一个可选实施方案中,该系统还可以包括:与主叫终端120连接的第二电子签名设备150。通过该可选实施方案,主叫用户也可以通过主叫终端120向服务器130发起签到,从第二电子签名设备150中读取主叫用户的ID,并将主叫用户的ID发送给服务器130,服务器130将该主叫用户的ID与主叫终端120的通信标识进行关联。采用该可选实施方案,服务器130在接收到主叫终端120的呼叫请求时,可以根据与主叫终端120关联的主叫用户的ID,向被叫提供主叫用户的ID,从而使得被叫用户可以判断主叫用户的身份。即在本发明实施例中,可以采用如图7所示的系统,各个用户(1,2,3,……,n-1,n)分别使用一个电子签名设备在一个终端上向服务器130进行签到,服务器130将各个用户的ID与其当前使用的终端的通信标识进行关联,主叫用户使用被叫用户的ID作为被叫标识通过主叫终端120发起呼叫到服务器130,服务器130接收到呼叫请求后,从呼叫请求中获取到被叫用户的ID,查找与该被叫用户的ID关联的通信标识,然后将呼叫接续到与该通信标识对应的被叫终端110。
在现有技术中,作为主叫,当用户不在其使用的电话机位置上时,比如用其他用户的电话拨打电话时,被叫用户则无法得知该电话是由该用户拨打的,有可能会不接或漏接,错过重要的电话,或给双方造成误解,对用户的工作或生活都会带来不便。通过本发明实施例的上述可选实施方式,即使主叫用户不是在其绑定的电话机拨打电话,但被叫显示的还是该主叫用户的ID,从而解决了被叫用户无法得知拨打该呼叫的主叫用户的身份的问题,从而提高了用户体验。
在本发明实施例的一个可选实施方案中,用户在服务器130进行签到之后,还可以从服务器130释放签到,即解除服务器130中存储的用户的ID与终端的通信标识的关联关系。在具体实施过程中,签到的释放可以是服务器130发起,也可以是终端发起。例如,服务 器130可以在预定一段时间内没有接收到某个用户作为被叫或主叫的通话之后,释放该用户的签到;或者,如果服务器130可以即时的获取到用户的位置,则服务器130可以在检测到用户(例如,可以是用户携带的电子签名设备)已远离其关联的终端时,释放该用户的ID与该终端的通信标识的关联关系。或者,用户也可以通过终端向服务器130发送释放请求,请求服务器130释放该用户的ID与该终端的通信标识的关联关系,例如,用户可以通过终端拨打一个预定的附加码,向服务器130发送释放请求,或者,用户也可以通过终端的特殊键(例如,删除键)向服务器130发送释放请求,或者,用户也可以通过电子签名设备触发终端向服务器130发送释放请求(例如,可以设置长按电子签名设备上的某个功能键即发送释放指令),释放请求中可以携带请求释放的用户的ID。例如,主叫用户在与被叫用户结束通话之后,主叫用户短时间内不会再使用该主叫终端120,则主叫用户可以主动通过主叫终端120向服务器130发送释放请求,请求服务器130释放主叫用户的ID与主叫终端120的通信标识的关联关系,同样,被叫用户也可以在通过被叫终端110向服务器130发送请求释放被叫用户的ID与被叫终端130的通信标识的关联关系。通过该可选实施例,用户可以在不使用某个终端时,释放与该终端的关联关系,从而使得其它用户可以使用该终端,提高了终端的利用率。
在本发明实施例的一个可选实施方式中,如果某个用户不再使用其注册的ID,则可以向服务器130发送注销请求,注销请求中可以携带请求注销的ID,服务器130在接收到该注销请求后,可以注销该ID,或者,服务器130也可以在管理员的请求下注销某个ID,即将该ID作废,还可以将该ID重新分配给其它用户。例如,对于某局域网络,如果其中的一用户离开该局域网络,则可以注销该用户的ID。通过该可选实施方式,可以有效的管理为用户分配的ID。
在本发明实施例的可选实施方案中,为了提高安全,第一电子签名设备140可以采用具有安全芯片的装置,其中,安全芯片为具有密码计算的芯片。在具体实施过程中,第一电子签名设备140可以采用具有安全芯片的智能卡,通过无线的方式(例如NFC、蓝牙等方式)与终端连接,也可以采用具有安全芯片的电子签名钥匙(即KEY,例如:工行使用的U盾、农行使用的K宝等)通过USB接口或音频口与终端连接,具体形式本发明实施例不作限定。在本发明实施例的一个可选实施方案中,第二电子签名设备150可以采取与第一电子签名设备140相似的方式,具体不再赘述。
在本发明实施例的一个可选实施方案中,各个电子签名设备中可以保存用户的私钥,而服务器130中可以将用户的ID与其公钥对应保存。为了确保用户身份,在交互过程中,可以对用户的身份进行认证,在认证通过之后,再执行对应的操作。即在交互过程中,电子签名设备使用其私钥对待签名数据进行签名,然后终端将签名数据发送至服务器,通过 该签名数据可以对用户的身份进行认证。例如,以被叫侧为例,第一电子签名设备140中可以存储被叫用户的私钥,而服务器130中可以存储被叫用户的公钥以及对应的被叫用户的ID。被叫用户在服务器进行签到时,可以进行签名,具体的可以对签到数据(例如,被叫用户的ID)进行签名,也可以对其它待签名数据(例如,第一电子签名设备140生成的随机数,或者,服务器130发送的待签名数据,譬如,服务器130生成的随机数或被叫用户的ID)进行签名,具体本发明实施例不作限定,服务器130在接收到签名数据后,利用被叫用户的公钥,对签名数据进行验证,验证通过后,再将被叫用户的ID与被叫终端110的通信标识进行关联。另外,在本发明实施例的一个可选实施方案中,服务器130还可以在接收到被叫用户的ID的呼叫请求后,也对被叫用户进行身份验证,即向被叫用户的ID关联的通信标识对应的被叫终端110发送验证请求,请求被叫终端110发送身份认证数据,然后对被叫终端130发送的身份认证数据进行认证,认证通过后再将呼叫接续到被叫终端130。在被叫终端110发起释放请求时,被叫终端110也可以从第一电子签名设备140获取身份认证数据,在释放请求中携带身份认证数据(或者,也可以在发起释放请求之后,由服务器130向被叫终端110发送认证请求,被叫终端110响应服务器130的请求,由第一电子签名设备140对待签名数据进行签名得到身份认证数据,然后发送给服务器130)。
虽然上面只列举了上述三种情况需要进行身份认证为例进行说明,但并不限于此,在实际应用中,对于其它可能的流程,服务器130也可以先对被叫用户进行身份认证,认证通过后再执行后续的流程。
虽然上述只列举了被叫侧的情况,但对于主叫侧来说,也可以执行相应的流程对主叫用户进行认证,例如,主叫终端120在发起呼叫时,可以发送签名数据,服务器130根据该签名数据对主叫用户进行认证,认证通过后再将呼叫接续到被叫终端110。具体不再赘述。
通过对主叫用户或被叫用户进行身份认证,避免了通话某一方恶意模仿进行诈骗的情况,提高了通话系统的安全性。
在本发明实施例的一个可选实施方案中,为了保证通话数据的安全,还可以对通话过程中的传输数据进行加密。在该可选实施方式中,主叫终端120和被叫终端110可以通过各自连接的电子签名设备与对端协商传输密钥,在通话过程中,主叫终端120和被叫终端110通过其连接的电子签名设备对传输数据进行加解密。或者,也可以在主叫终端120和被叫终端110中分别设置一个加解密模块,通过加解密模块分别与对应的电子签名设备协商传输密钥,在通话过程中,通过加解密模块对传输数据进行加解密。通过该可选实施方式,可以确保通话数据的安全。
在本发明实施例的一个可选实施方案中,被叫终端110可以包括实施例2及其中各个 可选的实施方式的结构装置,主叫终端120可以包括实施例8及其中各个可选的实施方式的结构装置,服务器130可以包括实施例9及其中各个可选的实施方式的结构装置,具体描述参见下述各个实施例的描述,在此不再赘述。
实施例7
本实施例提供了一种通话装置,该通话装置可以设置在实施例所述的系统的被叫终端110中。
图10为本实施例提供的通话装置的结构示意图,如图10所示,本实施例提供的通话装置主要包括:发送模块112,用于向服务器130发送签到请求,其中,该签到请求中携带有被叫用户的ID,用于指示服务器130将被叫用户的ID与被叫终端130的通信标识关联;被叫用户的ID为被叫用户在服务器130上为被叫用户使用的第一电子签名设备140注册的唯一标识;接收模块114,用于接收到服务器130发送的呼叫请求,其中,该呼叫请求为主叫终端120对被叫用户的ID发起的呼叫请求;通话模块116,用于与主叫终端120建立通话链路,与主叫终端120进行通话。
采用本发明实施例提供的技术方案,被叫终端通过发送模块112向服务器130发送签到请求,请求将被叫用户的ID与被叫用户当前使用的被叫终端110的通信标识进行关联,在服务器130接收到呼叫该被叫用户的ID时,呼叫被接续到该被叫终端110上。因此,被叫用户的ID并不会固定的与一个终端进行绑定,通过第一电子签名设备140,可以方便的将被叫用户的ID与不同终端进行关联,从而使得即使使用固定电话,用户也可以通过同一ID使用不同的终端接听电话,实现了固定电话的移动性。并且,对于移动终端,用户也不必像现有技术中一般,无论到什么地方都需要携带安装SIM卡的移动终端,只需要携带存储ID的第一电子签名设备140即可。另外,采用本发明实施例提供的技术方案,用户可以通过同一ID方便的使用任意终端(包括固定终端和移动终端,即被叫终端110可以是固定终端也可以是移动终端)接听电话,不同的用户也可以通过同一终端接听电话,提高了设备的利用率。
在本发明实施例的一个可选实施方案中,该通话装置还可以包括:第一获取模块,用于从与被叫终端110连接的第一电子签名设备获取被叫用户的ID。通过第一电子签名设备140存储被叫用户的ID,可以方便的将被叫用户的ID与不同终端进行关联,从而使得即使使用固定电话,用户也可以通过同一ID使用不同的终端接听电话,实现了固定电话的移动性。
在本发明实施例的一个可选实施方案中,该通话装置还可以包括:认证模块,用于对第一电子签名设备140进行身份认证。在该可选实施方式中,认证模块可以预先保存被叫 用户的公钥,在从第一电子签名设备140获取被叫用户的ID时,可以指示第一电子签名设备140发送身份认证数据,第一电子签名设备140接收到指示后,利用保存在私钥对待签名数据进行签名后得到身份认证数据,将身份认证数据发送给认证模块,认证模块利用公钥对身份认证数据进行认证,并在认证通过后,可以使用第一电子签名设备140中存储的被叫用户的ID。其中,在该可选实施方式中,待签名数据可以是认证模块发送给第一电子签名设备140的,也可以是第一电子签名设备140自己确定的,这种情况下,第一电子签名设备140可以将待签名数据的明文与身份认证数据一起发送给认证模块。当然,认证模块对第一电子签名设备140进行身份认证还可以是其他形式的认证,例如通过密码方式进行认证等。
在本发明实施例的一个可选实施方案中,发送模块112还可以用于在签到请求中携带身份认证数据。在该可选实施方式中,签到请求中携带的身份认证数据是第一电子签名设备140对利用私钥对待签名数据进行签名得到,同样,待签名数据可以是第一电子签名设备140确定的,也可以是服务器130发送过来的,如果是第一电子签名设备140确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保发起签到请求的用户的身份,避免了恶意的签到。
上述可选实施方式中,待签名数据中可以包括只能为单次认证数据,例如,随机数,从而可以避免重放攻击。还可以包括被叫用户的ID。
在本发明实施例的一个可选实施方案中,服务器130在接收到主叫用户的呼叫请求后,可以进一步对被叫用户进行验签,在确保被叫用户在(即第一电子签名设备140当前与被叫终端连接的情况)的情况下,接续呼叫到被叫终端。因此,在该可选实施方案中,接收模块114还可以用于在发送模块向服务器130发送签到请求之后,在接收到服务器130发送的呼叫请求之前,接收到服务器130发送的验签请求;该通话装置还可以包括:第二获取模块,用于从第一电子签名设备140获取签名数据,其中,该签名数据为第一电子签名设备140对待签名数据进行签名获得的数据;发送模块112还可以用于将该签名数据发送至服务器130。在该可选实施方式中,待签名数据可以是第一电子签名设备140确定的,也可以是服务器130通过验签请求发送过来的,如果是第一电子签名设备140确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保当前被叫用户的身份,避免了呼叫被非被叫用户接听,确保了呼叫的安全。
在本发明实施例的一个可选实施方案中,为了提高终端的利用率,被叫用户在不使用被叫终端110时,可以发起释放请求。因此,在该可选实施方式中,发送模块112还可以用于向服务器130发送释放签到请求,该释放签到请求中可以携带有被叫用户的ID,用于指示服务器130删除被叫用户的ID与被叫终端110的通信标识的关联关系。通过该可选实 施方式,被叫用户可以及时释放被叫用户的ID与被叫终端110的关联关系,从而使得其它用户可以使用该被叫终端110,提高了被叫终端110的利用率。
在本发明实施例的一个可选实施方案中,为了确保上述发起释放签到请求的用户的确是被叫用户,而非其它用户,避免非法释放,发送模块112还可以用于在释放签到请求中携带身份认证数据。在该可选实施方式中,释放签到请求中携带的身份认证数据为第一电子签名设备140利用私钥对待签名数据进行签名后得到的数据,待签名数据可以是第一电子签名设备140确定的,也可以是服务器130通过验签请求发送过来的,如果是第一电子签名设备140确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保释放签到的被叫用户的身份,避免了非法释放,确保了安全。
在上述通话过程中,可以对传输数据进行加密,以确保通话数据的安全。在具体实施过程中,加密的方式包括但不限于:利用第一电子签名设备140进行加解密,或者,在通话装置中设置加解密模块,利用该模块进行加解密。
因此,在本发明实施例的一个可选实施方案中,该通话装置还可以包括:第一协商模块,用于利用第一电子签名设备140与主叫终端120协商传输密钥;发送模块112还可以用于将传输密钥协商过程中接收到的信息发送给第一电子签名设备140,指示第一电子签名设备140根据接收到的信息获取传输密钥;在与主叫终端120进行通话的过程中,将从主叫终端120接收到的加密数据发送给第一电子签名设备140;接收模块114还可以用于接收第一电子签名设备140通过传输密钥对接收到的加密数据进行解密后返回的明文数据;发送模块112还可以用于将需要发送给主叫终端120的传输数据发送给第一电子签名设备140;接收模块114还可以用于接收第一电子签名设备140通过传输密钥对需要发送的传输数据进行加密后的返回的密文数据;发送模块112还可以用于将密文数据发送给主叫终端120。
在本发明实施例的另一个可选实施方式中,也可以采用另外一种形式,在该可选实施方式中,该通话装置还可以包括:第二协商模块,用于与所述第一电子签名设备协商传输密钥;存储模块,用于保存所述传输密钥。发送模块112还可以用于将传输密钥发送至服务器。该通话装置还可以包括:加解密模块,用于利用传输密钥对传输数据进行加密或解密。在可选实施方式与上一个实施方式的区别在于,上一个实施方式中,主叫终端120和被叫终端110采用同一个传输密钥进行加解密,加解密在终端执行,服务器130透传主叫终端120和被叫终端110之间的传输数据,而本实施方式中,主叫终端120与服务器130使用第一传输密钥,被叫终端110与服务器130之间使用第二传输密钥,服务器130使用第一传输密钥将主叫终端120发送的数据进行解密后,使用第二传输密钥对解密后的数据进行加密后发送给被叫终端110,反向的数据相似,不再赘述。
在本发明实施例的一个可选实施方案中,该通话装置还可以包括:删除模块,用于将存储模块保存的所述传输密钥删除。例如,在通话结束后,删除模块可以主动删除存储的传输密钥,或者,也可以接收到第一电子签名设备140发送的指示后删除存储的传输密钥,或者,也可以是由服务器130发起,在接收到服务器130发送的删除指令时,删除存储的传输密钥,也可以是在释放签到的时候删除该传输密钥,具体本发明实施例不作限定。通过该可选实施方案,可以及时删除被叫终端110中存储的传输密钥,避免由于没能及时删除传输密钥而导致别的用户无法使用该终端的问题。
在本发明实施例的一个可选实施方案中,该通话装置还可以包括:执行模块,用于根据预设的跳变规则将当前使用的传输密钥跳变为新的传输密钥。从而可以进一步确保通话数据的安全。
在本发明实施例的一个可选实施方案中,执行模块可以按照以下至少之一将当前使用的传输密钥跳变为新的传输密钥:根据跳变触发因子,将当前的传输密钥跳变为新的传输密钥;获取到密钥跳变指令,将当前的传输密钥跳变为新的传输密钥。其中,跳变触发因子包括但不限于以下至少之一:跳变周期、跳变时间点、和通话数据量。密钥跳变指令包括但不限于以下至少之一:主叫终端发送的密钥跳变指令、输入的密钥跳变指令、和根据预设规则生成的密钥跳变指令。通过该可选实施方式,可以为用户提供多种实现方案。
在本发明实施例的一个可选实施方案中,该通话装置还可以包括:生成模块,用于生成线路跳变指令;发送模块112还可以用于将线路跳变指令发送至服务器,指示服务器将当前的传输线路跳变为新的传输线路,并利用新的传输线路与主叫终端进行通话。通过该可选实施方式,可以进一步保证通话的安全。
实施例8
本实施例提供了一种呼叫装置,该装置可以设置在上述实施例的主叫终端120中。
图11为本实施例提供的呼叫装置的结构示意图,如图11所示,该装置主要包括:获取模块122,用于获取到被叫用户的ID;被叫用户的ID为被叫用户在服务器130上为被叫用户使用的第一电子签名设备注册的唯一标识;呼叫模块124,用于向所述服务器发起呼叫被叫用户的呼叫请求,呼叫请求中携带有被叫用户的ID;接收模块126,用于接收服务器130返回的呼叫响应;通话模块128,用于与被叫终端110建立通话链路,并与被叫终端110进行通话,其中,被叫终端的通信标识与被叫用户的ID关联。
在本发明实施例的一个可选实施方案中,该呼叫装置还可以包括:第一发送模块,用于向服务器130发送签到请求,其中,签到请求中携带有主叫用户的ID,用于指示服务器130将主叫用户的ID与主叫终端120的通信标识关联;主叫用户的ID为主叫用户在服务 器130上为主叫用户使用的第二电子签名设备150注册的唯一标识。通过该可选实施方案,服务器130在接收到主叫终端120的呼叫请求时,可以根据与主叫终端120关联的主叫用户的ID,向被叫提供主叫用户的ID,从而使得被叫用户可以判断主叫用户的身份,从而解决了被叫用户无法得知拨打该呼叫的主叫用户的身份的问题,从而提高了用户体验。
在本发明实施例的一个可选实施方案中,获取模块122还用于从与主叫终端120连接的第二电子签名设备150获取主叫用户的ID。采用本发明实施例提供的技术方案,主叫用户的ID并不会固定的与一个终端进行绑定,通过第二电子签名设备150,可以方便的将主叫用户的ID与不同终端进行关联,从而使得即使使用固定电话,用户也可以通过同一ID使用不同的终端拨打电话,实现了固定电话的移动性。
在本发明实施例的一个可选实施方案中,该呼叫装置还可以包括:第一认证模块,用于在从与主叫终端120连接的第二电子签名设备150获取主叫用户的ID之前,对第二电子签名设备150进行身份认证。在该可选实施方式中,第一认证模块可以预先保存主叫用户的公钥,在从第二电子签名设备150获取主叫用户的ID时,可以指示第二电子签名设备150发送身份认证数据,第二电子签名设备150接收到指示后,利用保存在私钥对待签名数据进行签名后得到身份认证数据,将身份认证数据发送给第一认证模块,第一认证模块利用公钥对身份认证数据进行认证,并在认证通过后,可以使用第二电子签名设备150中存储的主叫用户的ID。其中,在该可选实施方式中,待签名数据可以是第一认证模块发送给第二电子签名设备150的,也可以是第二电子签名设备150自己确定的,这种情况下,第二电子签名设备150可以将待签名数据的明文与身份认证数据一起发送给第一认证模块。当然,认证模块对第二电子签名设备150进行身份认证还可以是其他形式的认证,例如通过密码方式进行认证等。
在本发明实施例的一个可选实施方案中,第一发送模块还用于在签到请求中携带身份认证数据。在该可选实施方式中,签到请求中携带的身份认证数据是第二电子签名设备150对利用私钥对待签名数据进行签名得到,同样,待签名数据可以是第二电子签名设备150确定的,也可以是服务器130发送过来的,如果是第二电子签名设备150确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保发起签到请求的用户的身份,避免了恶意的签到。
在本发明实施例的一个可选实施方案中,接收模块126还可以用于在向服务器130发起呼叫被叫用户的呼叫请求之后,接收到服务器130发送的验签请求;获取模块122还可以用于从第二电子签名设备150获取签名数据,该签名数据为第二电子签名设备150对待签名数据进行签名获得的数据;该呼叫装置还可以包括:第二发送模块,用于将签名数据发送至服务器130。通过该可选实施方案,可以确保呼叫接通后,接听通话的主叫用户的 身份合法,确保通话的安全性。
在本发明实施例的一个可选实施方案中,该呼叫装置还可以包括:第三发送模块,用于在主叫终端120向服务器130发送签到请求之后,向服务器130发送释放签到请求,释放签到请求中携带有主叫用户的ID,用于指示服务器130删除主叫用户的ID与主叫终端120的通信标识的关联关系。
在本发明实施例的一个可选实施方案中,第三发送模块还可以用于在释放签到请求中携带身份认证数据。在该可选实施方式中,释放签到请求中携带的身份认证数据为第二电子签名设备150利用私钥对待签名数据进行签名后得到的数据,待签名数据可以是第二电子签名设备150确定的,也可以是服务器130通过验签请求发送过来的,如果是第二电子签名设备150确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保释放签到的被叫用户的身份,避免了非法释放,确保了安全。
在上述通话过程中,可以对传输数据进行加密,以确保通话数据的安全。在具体实施过程中,加密的方式包括但不限于:利用第二电子签名设备150进行加解密,或者,在呼叫装置中设置加解密模块,利用该加解密模块进行加解密。
因此,在本发明实施例的一个可选实施方案中,呼叫装置还可以包括:第一协商模块,用于在与被叫用户使用的被叫终端建立通话链路之后,与被叫终端110进行通话之前,与被叫终端110利用各自的电子签名设备协商传输密钥;该呼叫装置还可以包括:第四发送模块,用于将传输密钥协商过程中接收到来自被叫终端110的信息发送给第二电子签名设备150,指示第二电子签名设备150根据接收到的信息获取传输密钥;在与被叫终端110进行通话的过程中,将从被叫终端110接收到的加密数据发送给第二电子签名设备150,以及将需要发送给被叫终端110的传输数据发送给第二电子签名设备150;接收模块126还可以用于在与被叫终端110进行通话的过程中,接收第二电子签名设备150通过传输密钥对接收到的加密数据进行解密后返回的明文数据;以接收第二电子签名设备150通过传输密钥对需要发送的传输数据进行加密后的返回的密文数据;第四发送模块还用于将密文数据发送给被叫终端110。
在本发明实施例的另一个可选实施方式中,也可以采用另外一种形式,在该可选实施方式中,该通话装置还可以包括:第二协商模块,用于与第二电子签名设备150协商传输密钥;存储模块,用于保存传输密钥;第五发送模块,用于将传输密钥发送至服务器130;第一加解密模块,用于在与被叫终端110进行通话的过程中,利用传输密钥对传输数据进行加密或解密。在可选实施方式与上一个实施方式的区别在于,上一个实施方式中,主叫终端120和被叫终端110采用同一个传输密钥进行加解密,加解密在终端执行,服务器130透传主叫终端120和被叫终端110之间的传输数据,而本实施方式中,主叫终端120与服 务器130使用第一传输密钥,被叫终端110与服务器130之间使用第二传输密钥,服务器130使用第一传输密钥将主叫终端120发送的数据进行解密后,使用第二传输密钥对解密后的数据进行加密后发送给被叫终端110,反向的数据相似,不再赘述。
在本发明实施例的一个可选实施方案中,该通话装置还可以包括:删除模块,用于在与被叫终端110进行通话结束之后,将存储模块保存的传输密钥删除。例如,在通话结束后,删除模块可以主动删除存储的传输密钥,或者,也可以接收到第二电子签名设备150发送的指示后删除存储的传输密钥,或者,也可以是由服务器130发起,在接收到服务器130发送的删除指令进,删除存储的传输密钥,也可以是在释放签到的时候删除该传输密钥,具体本发明实施例不作限定。通过该可选实施方案,可以及时删除主叫终端120中存储的传输密钥,避免由于没能及时删除传输密钥而导致别的用户无法使用该终端的问题。
在本发明实施例的一个可选实施方案中,第一加解密模块还可以用于在与被叫终端110进行通话的过程中,根据预设的跳变规则将当前的传输密钥跳变为新的传输密钥,并利用新的传输密钥对传输数据进行加密或解密。从而可以进一步确保通话数据的安全。
在本发明实施例的一个可选实施方案中,第一加解密模块可以按照以下至少之一将当前的传输密钥跳变为新的传输密钥:根据跳变触发因子,将当前的传输密钥跳变为新的传输密钥;获取到密钥跳变指令,将当前的传输密钥跳变为新的传输密钥。可选地,跳变触发因子,包括但不限于以下至少之一:跳变周期、跳变时间点、和通话数据量。密钥跳变指令包括以下至少之一:主叫终端110发送的密钥跳变指令、输入的密钥跳变指令、和根据预设规则生成的密钥跳变指令。通过该可选实施方式,可以为用户提供多种实现方案。
在本发明实施例的一个可选实施方案中,呼叫装置还可以包括:生成模块,用于在与被叫终端110进行通话的过程中,生成线路跳变指令;第六发送模块,用于将线路跳变指令发送至服务器130,指示服务器130将当前的传输线路跳变为新的传输线路,并利用新的传输线路与被叫终端110进行通话。。通过该可选实施方式,可以进一步保证通话的安全。
在本发明实施例的一个可选实施方案中,该呼叫装置还可以实现多方通道,即被叫用户包括多个。
在上述可选实施方案中,进一步地,呼叫装置还可以包括:获取模块122还用于在与被叫终端110进行通话之前,获取第二电子签名设备150生成的共享传输密钥;第七发送模块,用于将共享传输密钥发送至多个被叫用户的ID关联的通信标识对应的多个被叫终端;第二加解密模块,用于在与被叫终端110进行通话中,利用共享传输密钥对与多个被叫终端的传输数据进行加密或解密。
实施例9
本发明实施例提供了一种呼叫处理装置,该装置可以设置在上述各个实施例的服务器130中。
图12为本实施例提供的呼叫处理装置的结构示意图,如图12所示,该装置可以包括:接收模块132,用于接收被叫终端发送的签到请求,其中,签到请求中包括被叫用户的ID;被叫用户的ID为被叫用户在服务器上为被叫用户使用的第一电子签名设备注册的唯一标识;存储模块134,用于将被叫用户的ID与被叫终端110的通信标识进行关联并存储;建立模块136,用于在接收到主叫终端对被叫用户的ID的呼叫请求后,根据被叫用户的ID与被叫终端110的通信标识的关联关系,建立主叫终端120与被叫终端110的通话链路。
通过本实施例提供的技术方案,接收模块132在接收到被叫终端110发送的签到请求后,存储模块134将被叫用户的ID与被叫终端110的通信标识关联存储,接收到呼叫该被叫用户的ID的呼叫请求时,建立模块136将呼叫接续到被叫终端110上。因此,被叫用户的ID并不会固定的与一个终端进行绑定,通过第一电子签名设备140,可以方便的将被叫用户的ID与不同终端进行关联,从而使得即使使用固定电话,用户也可以通过同一ID使用不同的终端接听电话,实现了固定电话的移动性。并且,对于移动终端,用户也不必像现有技术中一般,无论到什么地方都需要携带安装SIM卡的移动终端,只需要携带存储ID的第一电子签名设备140即可。另外,采用本发明实施例提供的技术方案,用户可以通过同一ID方便的使用任意终端(包括固定终端和移动终端,即被叫终端110可以是固定终端也可以是移动终端)接听电话,不同的用户也可以通过同一终端接听电话,提高了设备的利用率。
在本发明实施例的一个可选实施方案中,呼叫处理装置还可以包括:第一认证模块,用于对接收到的被叫终端110发送的第一身份认证数据进行认证,并在认证通过后,触发存储模块将被叫用户的ID与被叫终端110的通信标识进行关联并存储。第一身份认证数据可以是携带在签到请求中发送给服务器130的,该身份认证数据是第一电子签名设备140对利用私钥对待签名数据进行签名得到,待签名数据可以是第一电子签名设备140确定的,也可以是服务器130发送过来的,如果是第一电子签名设备140确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保发起签到请求的用户的身份,避免了恶意的签到。
在本发明实施例的一个可选实施方案中,该呼叫处理装置还可以包括:第一删除模块,用于删除被叫用户的ID与被叫终端110的通信标识的关联关系。在具体应用中,第一删除模块可以是主动删除上述关联关系,也可以是在被叫终端110的触发下删除上述关联关系。通过该可选实施方式,可以及时释放被叫用户的ID与被叫终端110的关联关系,从而使得其它用户可以使用被叫终端110,提高了被叫终端110的利用率。
在上述可选实施方式中,如果是第一删除模块是在被叫终端110的触发下删除上述关联关系,则在删除上述关系之前,还可以对被叫用户的身份进行认证。因此,在在本发明实施例的一个可选实施方案中,接收模块132还用于接收被叫终端110返回的第二身份认证数据;该装置还包括:第二认证模块3005,用于根据第二身份认证并进行身份认证,在身份认证通过后,触发第一删除模块删除被叫用户的ID与被叫终端110的通信标识的关联关系。
在本发明实施例的一个可选实施方案中,呼叫处理装置还可以包括:第一发送模块和验签模块,第一发送模块,用于在接收到主叫终端对被叫用户的ID的呼叫请求后,向被叫终端110发送验签请求;接收模块132还用于接收被叫终端110返回的签名数据;验签模块,用于对签名数据进行验签,并在验签通过后,触发建立模块136建立主叫终端120与被叫终端110的通话链路。在该可选实施方案中,接收模块132接收到签名数据第一电子签名设备140对待签名数据进行签名获得的数据,待签名数据可以是第一电子签名设备140确定的,也可以是第一发送模块发送的验签请求中携带给第一电子签名设备140的,如果是第一电子签名设备140确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保当前被叫用户的身份,避免了呼叫被非被叫用户接听,确保了呼叫的安全。
在本发明实施例的一个可选实施方案中,为了与现在通信技术兼容,呼叫处理装置还可以包括:判断模块,用于在接收到主叫终端对被叫用户的ID的呼叫请求之后,判断呼叫请求的类型是否为预设的呼叫请求类型,如果是,则触发建立模块执行建立主叫终端120与被叫终端110的通话链路。
在上述通话过程中,可以对传输数据进行加密,以确保通话数据的安全。在本发明实施例的一个可选实施方案中,接收模块132还用于接收被叫终端110发送的第一传输密钥以及接收主叫终端120发送的第二传输密钥;存储模块134还用于保存第一传输密钥以及第二传输密钥;呼叫处理装置还可以包括:加解密模块,用于利用第一传输密钥对与被叫终端110之间的传输数据进行加密或解密,以及利用第二传输密钥对与主叫终端120之间传输数据进行加密或解密。
在本发明实施例的一个可选实施方案中,呼叫处理装置还可以包括:第二删除模块,用于删除第一传输密钥和/或第二传输密钥。例如,在通话结束后,第二删除模块可以主动删除存储的传输密钥,或者,也可以接收到被叫终端110发送的指示后删除存储的传输密钥,或者,也可以是在接收到主叫终端120发送的删除指令时,删除存储的传输密钥,也可以是在释放签到的时候删除该传输密钥,具体本发明实施例不作限定。通过该可选实施方案,可以及时删除与被叫终端110和主叫终端120相关的传输密钥,避免由于没能及时 删除传输密钥而导致别的用户无法使用该主叫终端和被叫终端的问题。
在本发明实施例的一个可选实施方案中,呼叫处理装置还可以包括:第二发送模块,用于向被叫终端110和/或主叫终端120发送密钥删除请求,用于指示被叫终端110和/或主叫终端120删除保存的传输密钥。通过该可选实施方式,在服务器130主动删除传输密钥的情况下,可以及时通知主叫终端120和/或被叫终端110删除对应的传输密钥,确保主叫终端120和/或被叫终端110与服务器130同步。
在本发明实施例的一个可选实施方案中,加解密模块还可以用于在主叫终端120与被叫终端110进行通话的过程中,根据预设的跳变规则将当前的第一传输密钥跳变为新的第一传输密钥并利用新的第一传输密钥对传输数据进行加密或解密;和/或加解密模块还用于在主叫终端120与被叫终端110进行通话的过程中,根据预设的跳变规则将当前的第二传输密钥跳变为新的第二传输密钥并利用新的第二传输密钥对传输数据进行加密或解密。通过该可选实施方案,可以进一步保证通话的安全。
在本发明实施例的一个可选实施方案中,加解密模块可以按照以下至少之一将当前的第一传输密钥跳变为新的第一传输密钥,和/或,将当前的第二传输密钥跳变为新的第二传输密钥:根据跳变触发因子,将当前的第一传输密钥跳变为新的第一传输密钥,和/或,将当前的第二传输密钥跳变为新的第二传输密钥;获取到密钥跳变指令,将当前的第一传输密钥跳变为新的第一传输密钥,和/或,将当前的第二传输密钥跳变为新的第二传输密钥。可选地,跳变触发因子,包括但不限于以下至少之一:跳变周期、跳变时间点、和通话数据量。可选地,密钥跳变指令包括但不限于以下至少之一:被叫终端110和/或主叫终端120发送的密钥跳变指令、和根据预设规则生成的密钥跳变指令。
在本发明实施例的一个可选实施方案中,呼叫处理装置还可以包括:跳变模块,用于根据预设的线路跳变规则将当前数据传输的传输线路跳变为新的传输线路。。通过该可选实施方式,可以进一步保证通话的安全。
在本发明实施例的一个可选实施方案中,该呼叫处理装置还可以实现多方通话,即被叫用户可以包括多个,接收模块132接收到的呼叫请求中携带有各个被叫用户的ID;建立模块136还可以用于向各个被叫用户的ID关联的通信标识对应的被叫终端发送多方通话请求,以及在接收到多个被叫终端110中的一个或多个返回的确认响应后,建立主叫终端120与一个或多个被叫终端、以及一个或多个被叫终端之间的通话链路。
在本发明实施例的一个可选实施方案中,接收模块132还可以用于建立主叫终端120与一个或多个被叫终端、以及一个或多个被叫终端之间的通话链路之前,接收主叫终端120发送的共享传输密钥;该呼叫处理装置还可以包括:第三发送模块,用于将共享传输密钥发送至一个或多个被叫终端。通过该可选实施方案,可以在多方通话时,对传输数据进行 加密,确保多方通话的安全性。
在本发明实施例的一个可选实施方案中,接收模块132还可以用于接收到主叫终端120发送的签到请求,签到请求中携带有主叫用户的ID;存储模块134还可以用于将主叫用户的ID与主叫终端120的通信标识进行关联并存储。通过该可选实施方案,接收模块132在接收到主叫终端120的呼叫请求时,可以根据与主叫终端120关联的主叫用户的ID,向被叫提供主叫用户的ID,从而使得被叫用户可以判断主叫用户的身份,从而解决了被叫用户无法得知拨打该呼叫的主叫用户的身份的问题,从而提高了用户体验。
在本发明实施例的一个可选实施方案中,接收模块132还可以用于在服务器收到主叫终端的签到请求之后,接收到的主叫终端120发送的第三身份认证数据;呼叫处理装置还可以包括:第三认证模块,用于对第三身份认证数据进行认证,并在认证通过后,触发存储模块将主叫用户的ID与主叫终端120的通信标识进行关联并存储。在该可选实施方式中,签到请求中携带的身份认证数据是第二电子签名设备150对利用私钥对待签名数据进行签名得到并通过主叫终端120发送给服务器130的。其中,待签名数据可以是第二电子签名设备150确定的,也可以是服务器130发送给主叫终端120的,如果是第二电子签名设备150确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保发起签到请求的用户的身份,避免了恶意的签到。
在本发明实施例的一个可选实施方案中,呼叫处理装置还可以包括:第三删除模块,用于删除主叫用户的ID与主叫终端120的通信标识的关联关系。在具体应用中,第三删除模块可以是主动删除上述关联关系,也可以是在主叫终端120的触发下删除上述关联关系。通过该可选实施方式,可以及时释放主叫用户的ID与主叫终端110的关联关系,从而使得其它用户可以使用主叫终端120,提高了主叫终端120的利用率。在上述可选实施方式中,如果是第三删除模块是在主叫终端120的触发下删除上述关联关系,则在删除上述关系之前,还可以对主叫用户的身份进行认证。
在本发明实施例的一个可选实施方案中,呼叫处理装置还可以包括:第四发送模块,用于在接收到主叫终端对被叫用户的ID的呼叫请求后,向主叫终端120发送验签请求;第四认证模块,用于在接收到主叫终端120返回的签名数据后进行验签,并在验签通过后,触发建立模块建立主叫终端120与被叫终端110的通话链路。通过该可选实施方案,可以确保呼叫接通后,接听通话的主叫用户的身份合法,确保通话的安全性。
在上述实施例2至实施例9中,作为本发明实施例的一个可选实施方案,终端(包括实施例1和3中的固定电话机、实施例4和5中的终端300、实施例6-9中的主叫终端120和被叫终端110)可以与电子签名设备间通过无线方式连接,也可以通过有线方式连接,无线方式可以包括:蓝牙、WIFI、NFC、红外或RFID等方式;有线方式可以包括:USB、 音频(耳机插头)RJ11、RJ45或串口等方式。另外,如果通话数据需要加密,那么在本发明实施例中,可以通过如下方式实现通话:
方式一:终端可以通过与终端连接的电子签名设备进行加解密操作。例如:终端通过其网络接口(例如电话端口、SIM卡的鉴权密钥、IP地址等)接收加密后的通话数据,将加密后的通话数据发送至电子签名设备,由电子签名设备解密后发送至终端,再由终端送至听筒供用户收听;终端接收到用户通过麦克输入的语音数据,再发送至电子签名设备,由电子签名设备加密后发送至终端,再由终端经由网络接口外发。
方式二:数据可以均由电子签名设备发送至网络,再由终端收听语音数据和/或采集语音数据。例如:电子签名设备通过其网络接口接收加密后的通话数据,将加密后的通话数据进行解密并经由电子签名设备与终端的连接发送至终端,再由终端发送至听筒供用户收听;终端接收到用户通过麦克输入的语音数据,再经由与电子签名设备的连接发送至电子签名设备,经由电子签名设备加密后通过电子签名设备的网络接口外发。
方式三:经由终端将加密数据接收并外发,加密数据可以由电子签名设备进行解密,需要加密的数据可以由电子签名设备进行加密,同时,电子签名设备还可以收听语音数据和/或采集语音数据。例如:终端通过其网络接口接收加密后的通话数据,将加密后的通话数据发送至电子签名设备,由电子签名设备解密后送至电子签名设备的听筒供用户收听;电子签名设备接收到用户通过电子签名设备的麦克输入的语音数据,由电子签名设备加密后发送至终端,再由终端经由网络接口外发。
当然,为了不改进现有的终端结构,还可以单独设置一个转接装置,连接在终端接口上用来与电子签名设备进行数据交互。例如:终端为固定电话时,该转接装置设置RJ11插头和插孔,插孔连接电话线,插头连接终端,该转接装置上设置与电子签名设备连接的接口(有线方式或者无线方式),该转接装置输出至终端的数据为明文,从终端接收的数据也为明文,由此,所有操作均在转接装置上完成,可以与现有终端兼容使用。
另外,本发明实施例中,电子签名设备应设置为与终端配合实现完成上述功能的结构,例如如果终端为固定电话时,那么在方式二中,电子签名设备应包含两个RJ11接口,一端连接电话线水晶头,另一端设置水晶头插入固定电话上的接口上。
实施例10
如图13所示,本实施例提供了一种呼叫方法,应用于主叫终端侧,该呼叫方法可以通过上述实施例中的主叫终端120实现,主要可以包括以下步骤(S601至S603)。
S601:主叫终端获取到被叫用户的ID。
具体的,主叫终端可以通过如下方式之一获取到被叫用户的ID:主叫用户通过主叫终 端的输入装置向主叫终端输入被叫用户的ID,主叫用户通过语音方式向主叫终端输入被叫用户的ID等。
其中,被叫用户的ID为被叫用户在服务器上为被叫用户使用的第一电子签名设备注册的唯一标识;在注册时,第一电子签名设备保存被叫用户的ID,ID可以是但不限于以下方式:数字、字母、字符、汉字之一或其组合。该ID相当于现有通信系统中用户的电话号码,方便主叫终端呼叫被叫用户。
其中,第一电子签名设备包括但不限于具有安全芯片的电子签名钥匙(KEY设备,例如工行的U盾或农行的K宝等)、具有安全芯片的智能卡等,其中,安全芯片能够进行签名运算、加解密运算、协商传输密钥的功能。
S602:主叫终端向服务器发起呼叫被叫用户的呼叫请求,呼叫请求中携带有被叫用户的ID;
S603:主叫终端接收服务器返回的呼叫响应,与被叫终端建立通话链路,并与被叫终端进行通话,其中,被叫终端的通信标识与被叫用户的ID关联。
其中,主叫终端或被叫终端包括:固定电话、移动终端或PC,PC支持网络电话,其中,固定电话的通信标识可以是固定电话的网络端口,移动终端的通信标识可以是指SIM卡的鉴权密钥,PC的通信标识可以是IP地址。移动终端可以为智能手机、平板电脑、智能腕表等。
在本发明实施例的一个可选实施方案中,本实施例的呼叫方法还可以包括主叫终端向服务器发起签到的步骤,具体包括:
主叫终端向服务器发送签到请求,签到请求中携带有主叫用户的ID,用于指示服务器将主叫用户的ID与主叫终端的通信标识关联;其中,主叫用户的ID为主叫用户在服务器上为主叫用户使用的第二电子签名设备注册的唯一标识。
在现有技术中,作为主叫,当用户不在其使用的电话机位置上时,比如用其他用户的电话拨打电话时,被叫用户则无法得知该电话是由该用户拨打的,有可能会不接或漏接,错过重要的电话,或给双方造成误解,对用户的工作或生活都会带来不便。通过本发明实施例的上述可选实施方式,即使主叫用户不是在其绑定的电话机拨打电话,但被叫显示的还是该主叫用户的ID,从而解决了被叫用户无法得知拨打该呼叫的主叫用户的身份的问题,从而提高了用户体验。
在本发明实施例的一个可选实施方案中,在主叫终端向服务器发送签到请求之前,本实施例的呼叫方法还包括:从与主叫终端连接的第二电子签名设备获取主叫用户的ID。从主叫终端获取到主叫用户的ID,主叫用户无需记忆该ID,方便用户使用,提高用户体验。
其中,第二电子签名设备包括但不限于具有安全芯片的电子签名钥匙(KEY设备,例 如工行的U盾或农行的K宝等)、具有安全芯片的智能卡等,其中,安全芯片能够进行签名运算、加解密运算、协商传输密钥的功能。第二电子签名设备在服务器注册时,将服务器侧分配的唯一标识即ID保存。
在本发明实施例的一个可选实施方案中,本实施例的呼叫方法还包括:主叫终端在签到请求中携带身份认证数据,以实现服务器侧对主叫用户的身份认证,保证主叫用户身份的合法,进而保证通话安全。
其中,主叫终端在签到请求中携带身份认证数据可以通过但不限于如下方式之一实现:
方式一:作为一种可选的方式,如图14所示,在主叫终端向服务器发送签到请求时,主叫终端可以主动在签到请求中携带身份认证数据,具体包括:
S701:主叫终端从第二电子签名设备获取身份认证数据;
身份认证数据为第二电子签名设备对待签名数据进行签名获得的认证数据;其中,待签名数据包括主叫用户的ID和/或第二电子签名设备自己生成的单次认证数据,该单次认证数据可以为随机数和事件因子之一或其组合,其中事件因子可以为每生成一次累计+1或任意值等方式生成的。
S702:主叫终端在签到请求中携带身份认证数据并发送至服务器。
方式二:作为另一种可选的方式,如图15所示,在主叫终端向服务器发送签到请求时,主叫终端还可以根据服务器发送的待签名数据生成身份认证数据,携带在签到请求中,具体包括:
S801:主叫终端在向服务器发送签到请求之前,向服务器发送签到指令;
S802:主叫终端接收服务器发送的待签名数据;
具体的,待签名数据可以包括服务器生成的单次认证数据,该单次认证数据可以为随机数和事件因子之一或其组合,其中事件因子可以为每生成一次累计+1或任意值等方式生成的。
S803:主叫终端接收第二电子签名设备至少对待签名数据进行签名获得的身份认证数据,并在签到请求中携带身份认证数据并发送至服务器。
具体的,在本步骤中,除了对待签名数据进行签名外,还可以一并对主叫用户的ID进行签名。
在步骤S602之后,在步骤S603之前,作为本发明实施例的可选实施方式,本实施例的呼叫方法还包括验签的步骤,具体包括:主叫终端接收到服务器发送的验签请求;从第二电子签名设备获取签名数据,签名数据为第二电子签名设备对待签名数据进行签名获得的数据;将签名数据发送至服务器。
其中,待签名数据包括以下至少一项:第二电子签名设备生成的随机数、验签请求中 携带的待签名数据(如服务器生成的随机数)以及主叫用户的ID。
本实施例中,服务器在呼叫连通之前,会验证主叫用户是否在线,即主叫用户的第二电子签名设备是否与当前通信端口的终端连接,如果服务器可以获得通过第二电子签名设备对待签名数据进行签名的签名数据,则说明主叫用户在线,进一步地,通过签名数据可以验证主叫用户的身份是否合法,从而保证通话安全。
在本发明实施例的一个可选实施方案中,在主叫终端向服务器发送签到请求之后,本实施例的呼叫方法还包括:主叫终端向服务器发送释放签到请求,释放签到请求中携带有主叫用户的ID,用于指示服务器删除主叫用户的ID与主叫终端的通信标识的关联关系。由此,主叫终端可以释放签到,不影响被主叫用户签到的终端的正常使用。
其中,触发主叫终端向服务器发送释放签到请求之前,主叫终端还可以接收释放签到指令,具体包括以下方式的一种或多种:
方式一:主叫终端接收到主叫用户输入的释放签到指令,例如,主叫用户输入“9#”,表示主叫用户请求释放签到;
方式二:主叫终端接收到服务器发送的释放签到指令;
方式三:主叫终端接收到与其连接的第二电子签名设备的释放签到指令,例如,主叫用户按着第二电子签名设备上的C键断开第二电子签名设备与主叫终端的连接,这时,第二电子签名设备在与主叫终端断开连接时也会发出一个释放签到指令给主叫终端。
通过该可选实施例,用户可以在不使用某个终端时,释放与该终端的关联关系,从而使得其它用户可以使用该终端,提高了终端的利用率。
为了进一步保证通话安全,保证释放签到是由真实的主叫用户发起的,在本发明实施例的一个可选实施方案中,本实施例的呼叫方法还可以包括:主叫终端在释放签到请求中携带身份认证数据,以实现服务器侧对主叫用户的身份认证,保证通话安全。该释放签到请求中携带的身份认证数据可以与在签到请求中携带的身份认证数据以相同的机制生成,例如:
作为一种可选的方式,主叫终端主动在释放签到请求中携带身份认证数据,具体实现与图14所示的方式类似,只是将签到请求替换为释放签到请求,此处不再赘述。
作为另一种可选的方式,主叫终端还可以根据服务器发送的待签名数据生成身份认证数据,携带在释放签到请求中,具体实现与图15所示的方式类似,只是将签到请求替换为释放签到请求,此处不再赘述。
为了进一步保证通话双方的安全,在本发明实施例的一个可选实施方案中,本实施例的呼叫方法还包括:主叫终端与被叫终端协商传输密钥,并利用传输密钥对传输数据加解密的步骤,具体包括:
在与被叫用户使用的被叫终端建立通话链路之后,与被叫终端进行通话之前,主叫终端与被叫终端利用各自的电子签名设备协商传输密钥,主叫终端将传输密钥协商过程中接收到的信息发送给第二电子签名设备,指示第二电子签名设备根据接收到的信息获取传输密钥;
在与被叫终端进行通话的过程中,主叫终端将从被叫终端接收到的加密数据发送给第二电子签名设备,并接收第二电子签名设备通过传输密钥对接收到的加密数据进行解密后返回的明文数据;以及将需要发送给被叫终端的传输数据发送给第二电子签名设备,接收第二电子签名设备通过传输密钥对需要发送的传输数据进行加密后的返回的密文数据,并将密文数据发送给被叫终端。
在本发明实施例的一个可选实施方案中,本实施例的主叫终端还可以包括安全芯片,该安全芯片可以用于对第二电子签名设备进行身份认证,并将第二电子签名设备与对端协商的传输密钥保存,从而不需要第二电子签名设备就可以对传输数据进行加解密,提高了处理效率。
在本发明实施例的一个可选实施方案中,在从与主叫终端连接的第二电子签名设备获取主叫用户的ID之前,本实施例的呼叫方法还包括:主叫终端对第二电子签名设备进行身份认证。由此保证主叫用户使用的第二电子签名设备的合法性。
在主叫终端具有安全芯片时,为了保证通话双方的安全,在本发明实施例的一个可选实施方案中,在与被叫用户使用的被叫终端建立通话链路之后,与被叫终端进行通话之前,本实施例的呼叫方法还包括:主叫终端与第二电子签名设备协商传输密钥,保存传输密钥,并将传输密钥发送至服务器;在与被叫终端进行通话的过程中,本实施例的呼叫还包括:利用传输密钥对传输数据进行加密或解密。通过本实施例主叫终端与第二电子签名设备协商出传输密钥,避免了传输密钥泄露的可能,保证了传输密钥的安全性;同时,主叫终端利用保存的传输密钥进行加解密,从而不需要第二电子签名设备就可以对传输数据进行加解密,提高了处理效率。
在本发明实施例的一个可选实施方案中,在与被叫终端进行通话结束之后,本发明实施例的呼叫方法还包括:将保存的传输密钥删除。由此,主叫终端将传输密钥删除后,不影响主叫终端的正常使用;同时也无法利用该主叫终端以保存的传输密钥冒充主叫用户进行加密通话了。
在本发明实施例的一个可选实施方案中,本实施例还可以在通话过程中,进行通话跳变,以防止电话被监听,将重要的通话信息泄露。通话跳变包括密钥跳变和/或线路跳变。
其中,在主叫终端与被叫终端进行通话的过程中,作为本发明实施例的一种密钥跳变可选方案,本实施例的呼叫方法还包括:主叫终端根据预设的跳变规则将当前的传输密钥 跳变为新的传输密钥,并利用新的传输密钥对传输数据进行加密或解密。
具体的,根据预设的跳变规则将当前的传输密钥跳变为新的传输密钥,包括以下至少之一:根据跳变触发因子,将当前的传输密钥跳变为新的传输密钥;获取到密钥跳变指令,将当前的传输密钥跳变为新的传输密钥。
其中,跳变触发因子包括以下至少之一:跳变周期、跳变时间点、和通话数据量。
密钥跳变指令包括以下至少之一:被叫终端发送的密钥跳变指令、输入的密钥跳变指令、和根据预设规则生成的密钥跳变指令。
本实施例中的密钥跳变可以根据固定机制同时跳变,例如,预先协商跳变触发因子,设置跳变周期为每个5分钟跳变一次,或设置跳变时间点为3分钟,即通话到达3分钟跳变,或设置通话数据量为10M,即通话数据量达到10M跳变;本实施例中的密钥跳变还可以由通话双方或服务器发起,即根据密钥跳变指令跳变,可以是被叫终端发起的跳变指令、服务器发送的密钥跳变指令(在主叫终端具有安全芯片时),也可以是主叫终端自己发起的跳变指令,如用户输入的密钥跳变指令或者主叫终端根据预设规则生成的密钥跳变指令。本实施例通过不同的密钥跳变机制,在通话过程中采用不同的传输密钥对传输数据进行加密,在防止电话被监听,进一步保证了加密的安全性和稳定性。
具体的,为了实现密钥跳变,传输密钥可以包括多个,在主叫终端与被叫终端协商传输密钥时,或者,主叫终端与其电子签名设备协商传输密钥时,均会协商出多个传输密钥,例如,主叫终端与被叫终端,或主叫终端与服务器均保存一个传输密钥列表,该列表中用于存放主叫终端与被叫终端,或主叫终端与其电子签名设备协商的多个传输密钥,或者在通话过程中,在密钥跳变时可以重新生成新的传输密钥,并将当前的传输密钥跳变为新的传输密钥,采用新的传输密钥进行数据加解密。
在主叫终端与被叫终端进行通话的过程中,作为本发明实施例的一种线路跳变可选方案,本实施例的呼叫方法还包括:主叫终端生成线路跳变指令;将线路跳变指令发送至服务器,指示服务器将当前的传输线路跳变为新的传输线路,并利用新的传输线路与被叫终端进行通话。
由此可以保证传输线路的安全性,防止通话被监听。
具体的,为了实现线路跳变,通话的传输线路也可以包括多个,服务器侧保存有传输线路列表,该传输线路列表用于存放主叫终端和被叫终端之间可建立的多个传输线路。
作为本发明实施例的一种线路跳变可选方式,本实施例还可以包括多方通话的方法,此时,被叫用户可以包括多个。在与被叫终端进行通话之前,本实施例的呼叫方法还包括:主叫终端将第二电子签名设备生成的共享传输密钥发送至多个被叫终端;在与被叫终端进行通话中,本实施例的呼叫方法还包括:利用共享传输密钥对与多个被叫终端的传输数据 进行加密或解密。此时,主叫终端可以与多个被叫终端进行通话,扩展了通话应用;同时,多方通话中的各个终端间的通话可以进行加密传输,保证了多方通话的安全性。
实施例11
如图16所示,本实施例提供了一种呼叫方法,应用于被叫终端侧,该呼叫方法可以通过上述实施例中的被叫终端110实现,主要可以包括以下步骤(S901至S903)。
S901:被叫终端向服务器发送签到请求,签到请求中携带有被叫用户的ID,用于指示服务器将被叫用户的ID与被叫终端的通信标识关联;
其中,被叫用户的ID为被叫用户在服务器上为被叫用户使用的第一电子签名设备注册的唯一标识;在注册时,第一电子签名设备保存被叫用户的ID,ID可以是但不限于以下方式:数字、字母、字符、汉字之一或其组合。该ID相当于现有通信系统中用户的电话号码,方便主叫终端呼叫被叫用户。
其中,第一电子签名设备包括但不限于具有安全芯片的电子签名钥匙(KEY设备,例如工行的U盾或农行的K宝等)、具有安全芯片的智能卡等,其中,安全芯片能够进行签名运算、加解密运算、协商传输密钥的功能。
S902:接收到服务器发送的呼叫请求,呼叫请求为主叫终端对被叫用户的ID发起的呼叫请求;
其中,主叫终端或被叫终端包括:固定电话、移动终端或PC,PC支持网络电话,其中,固定电话的通信标识可以是固定电话的网络端口,移动终端的通信标识可以是指SIM卡的鉴权密钥,PC的通信标识可以是IP地址。移动终端可以为智能手机、平板电脑、智能腕表等。
S903:与主叫终端建立通话链路,与主叫终端进行通话。
在本发明实施例的一个可选实施方案中,在步骤S901之前,本实施例的呼叫方法还包括:从与被叫终端连接的第一电子签名设备获取被叫用户的ID。从被叫终端获取到被叫用户的ID,被叫用户无需记忆该ID,方便用户使用,提高用户体验。
作为本发明实施例的一种可选方式,本实施例的呼叫方法还包括:被叫终端在签到请求中携带身份认证数据,以实现服务器侧对被叫用户的身份认证,保证被叫用户身份的合法,进而保证通话安全。
其中,被叫终端在签到请求中携带身份认证数据可以通过但不限于如下方式之一实现:
方式一:作为一种优选的方式,被叫终端主动在签到请求中携带身份认证数据,具体实现与图14所示的方式类似,只是将主叫终端替换为被叫终端,将第二电子签名设备替换为第一电子签名设备,此处不再赘述。
方式二:作为另一种优选的方式,被叫终端还可以根据服务器发送的待签名数据生成身份认证数据,携带在签到请求中,具体实现与图15所示的方式类似,只是将主叫终端替换为被叫终端,将第二电子签名设备替换为第一电子签名设备,此处不再赘述。
作为本发明实施例的一种可选实施方式,在步骤S901之后,在步骤S902之前,本实施例的呼叫方法还包括验签的步骤,具体包括:被叫终端接收到服务器发送的验签请求;从第一电子签名设备获取签名数据,签名数据为第一电子签名设备对待签名数据进行签名获得的数据;将签名数据发送至服务器。
其中,待签名数据包括以下至少一项:第一电子签名设备生成的随机数、验签请求中携带的待签名数据(如服务器生成的随机数)以及主叫用户的ID。
本实施例中,服务器在呼叫连通之前,会验证被叫用户是否在线,即被叫用户的第一电子签名设备是否与当前通信端口的终端连接,如果服务器可以获得通过第一电子签名设备对待签名数据进行签名的签名数据,则说明主叫用户在线,进一步地,通过签名数据可以验证主叫用户的身份是否合法,从而保证通话安全。
作为本发明实施例的一种可选方式,在被叫终端向服务器发送签到请求之后,本实施例的呼叫方法还包括:
被叫终端向服务器发送释放签到请求,释放签到请求中携带有被叫用户的ID,用于指示服务器删除被叫用户的ID与被叫终端的通信标识的关联关系。由此,被叫终端可以释放签到,不影响被被叫用户签到的终端的正常使用。
其中,触发被叫终端向服务器发送释放签到请求之前,被叫终端还可以接收释放签到指令,具体包括以下方式的一种或多种:
方式一:被叫终端接收到被叫用户输入的释放签到指令,例如,被叫用户输入“9#”,表示被叫用户请求释放签到;
方式二:被叫终端接收到服务器发送的释放签到指令;
方式三:被叫终端接收到与其连接的第一电子签名设备的释放签到指令,例如,被叫用户按着第一电子签名设备上的C键断开第一电子签名设备与被叫终端的连接,这时,第一电子签名设备在与被叫终端断开连接时也会发出一个释放签到指令给被叫终端。
通过该可选实施例,用户可以在不使用某个终端时,释放与该终端的关联关系,从而使得其它用户可以使用该终端,提高了终端的利用率。
作为本发明实施例的一种可选方式,为了进一步保证通话安全,保证释放签到是由真实的被叫用户发起的,本实施例的呼叫方法还包括:被叫终端在释放签到请求中携带身份认证数据,以实现服务器侧对被叫用户的身份认证,保证通话安全。该释放签到请求中携带的身份认证数据可以与在签到请求中携带的身份认证数据以相同的机制生成,例如:
作为一种可选的方式,被叫终端主动在释放签到请求中携带身份认证数据,具体实现与图13所示的方式类似,只是将签到请求替换为释放签到请求,将主叫终端替换为被叫终端,将第二电子签名设备替换为第一电子签名设备,此处不再赘述。
作为另一种可选的方式,被叫终端还可以根据服务器发送的待签名数据生成身份认证数据,携带在释放签到请求中,具体实现与图14所示的方式类似,只是将签到请求替换为释放签到请求,将主叫终端替换为被叫终端,将第二电子签名设备替换为第一电子签名设备,此处不再赘述。
作为本发明实施例的一种可选方式,为了进一步保证通话双方的安全,本实施例的呼叫方法还包括:被叫终端与主叫终端协商传输密钥,并利用传输密钥对传输数据加解密的步骤,具体包括:
在与主叫终端建立通话链路之后,与主叫终端进行通话之前,被叫终端与主叫终端利用各自的电子签名设备协商传输密钥,被叫终端将传输密钥协商过程中接收到的信息发送给第一电子签名设备,指示第一电子签名设备根据接收到的信息获取传输密钥;
在与主叫终端进行通话的过程中,被叫终端将从主叫终端接收到的加密数据发送给第一电子签名设备,并接收第一电子签名设备通过传输密钥对接收到的加密数据进行解密后返回的明文数据;以及将需要发送给主叫终端的传输数据发送给第一电子签名设备,接收第一电子签名设备通过传输密钥对需要发送的传输数据进行加密后的返回的密文数据,并将密文数据发送给主叫终端。
作为本发明实施例的一种可选方式,本实施例的被叫终端还可以包括安全芯片,该安全芯片可以用于对第一电子签名设备进行身份认证,并将第一电子签名设备与对端协商的传输密钥保存,并利用保存的传输密钥加解密,从而不需要第一电子签名设备就可以实现对传输数据的加解密,提高了处理效率。
作为本发明实施例的一种可选方式,在从与被叫终端连接的第一电子签名设备获取被叫用户的ID之前,本实施例的呼叫方法还包括:被叫终端对第一电子签名设备进行身份认证。由此保证被叫用户使用的第一电子签名设备的合法性。
在被叫终端具有安全芯片时,为了保证通话双方的安全,在本发明实施例的一个可选实施方案中,被叫终端可以保存传输密钥,并利用保存的传输密钥对传输数据进行加解密。具体地,在与主叫终端进行通话之前,本实施例的呼叫方法还包括:与第一电子签名设备协商传输密钥,保存传输密钥,并将传输密钥发送至服务器;在与主叫终端进行通话的过程中,还包括:利用传输密钥对传输数据进行加密或解密。通过本实施例被叫终端与第一电子签名设备协商出传输密钥,避免了传输密钥泄露的可能,保证了传输密钥的安全性;同时,被叫终端利用保存的传输密钥进行加解密,从而不需要第一电子签名设备就可以对 传输数据进行加解密,提高了处理效率。
作为本发明实施例的一种可选方式,在与主叫终端进行通话结束之后,本发明实施例的呼叫方法还包括:将保存的传输密钥删除。由此,被叫终端将传输密钥删除后,不影响被叫终端的正常使用;同时也无法利用该被叫终端以保存的传输密钥冒充被叫用户进行加密通话了。
作为本发明实施例的一种可选方式,本实施例还可以在通话过程中,进行通话跳变,以防止电话被监听,将重要的通话信息泄露。通话跳变包括密钥跳变和线路跳变。
其中,作为本发明实施例的一种密钥跳变可选方案,在被叫终端与主叫终端进行通话的过程中,本实施例的呼叫方法还包括:被叫终端根据预设的跳变规则将当前的传输密钥跳变为新的传输密钥,并利用新的传输密钥对传输数据进行加密或解密。
具体的,根据预设的跳变规则将当前的传输密钥跳变为新的传输密钥,包括以下至少之一:根据跳变触发因子,将当前的传输密钥跳变为新的传输密钥;获取到密钥跳变指令,将当前的传输密钥跳变为新的传输密钥。
其中,跳变触发因子,包括以下至少之一:跳变周期、跳变时间点、和通话数据量。
密钥跳变指令包括以下至少之一:被叫终端发送的密钥跳变指令、输入的密钥跳变指令、和根据预设规则生成的密钥跳变指令。
本实施例中的密钥跳变可以根据固定机制同时跳变,例如,预先协商跳变触发因子,设置跳变周期为每个5分钟跳变一次,或设置跳变时间点为3分钟,即通话到达3分钟跳变,或设置通话数据量为10M,即通话数据量达到10M跳变;本实施例中的密钥跳变还可以由通话双方或服务器发起,即根据密钥跳变指令跳变,可以是主叫终端发起的跳变指令,服务器发送的密钥跳变指令(在终端具有安全芯片时),也可以是被叫终端自己发起的跳变指令,如用户输入的密钥跳变指令或者被叫终端根据预设规则生成的密钥跳变指令。本实施例通过不同的密钥跳变机制,在通话过程中采用不同的传输密钥对传输数据进行加密,在防止电话被监听,进一步保证了加密的安全性和稳定性。
具体的,为了实现密钥跳变,传输密钥包括多个,在被叫终端与主叫终端协商传输密钥时,或者,被叫终端与其电子签名设备协商传输密钥时,均会协商出多个传输密钥,例如,被叫终端与主叫终端,或被叫终端与服务器均保存一个传输密钥列表,该列表中用于存放被叫终端与主叫终端,或被叫终端与其电子签名设备协商的多个传输密钥,或者在通话过程中,在密钥跳变时可以重新生成新的传输密钥,并将当前的传输密钥跳变为新的传输密钥,采用新的传输密钥进行数据加解密。
其中,作为本发明实施例的一种线路跳变可选方案,在与主叫终端进行通话的过程中,本实施例的呼叫方法还包括:被叫终端生成线路跳变指令;将线路跳变指令发送至服务器, 指示服务器将当前的传输线路跳变为新的传输线路,并利用新的传输线路与主叫终端进行通话。
由此可以保证传输线路的安全性,防止通话被监听。
具体的,为了实现线路跳变,通话的传输线路也可以包括多个,服务器侧保存有传输线路列表,该传输线路列表用于存放主叫终端和被叫终端之间可建立的多个传输线路。
在实施例10和实施例11中,当主叫终端或者被叫终端具有安全芯片时,终端可以对与其连接的电子签名设备进行身份认证,即主叫终端可以对第二电子签名设备进行身份认证,被叫终端也可以对第一电子签名设备进行身份认证,在具体的实施方式中,身份认证的方式均可以采用至少如下两种方式进行:
(1)方式一:
C1、终端(终端可以为被叫终端或者主叫终端)生成随机数R1;
C2、终端对随机数R1进行签名,生成签名值S1;
C3、终端将随机数R1、签名值S1以及终端的数字证书发送至电子签名设备(可以为第一电子签名设备或者第二电子签名设备);
C4、电子签名设备利用预存的根证书校验接收的终端的数字证书的合法性,如果校验该终端的数字证书合法,则执行C5,如果校验该终端的数字证书不合法,则停止身份认证流程,必要时,可以向终端反馈校验证书不通过的消息;
C5、电子签名设备从终端的数字证书中获取终端的公钥,利用终端的公钥对接收的签名值S1进行验签,如果验签通过,则执行C6,如果验签不通过,则停止身份认证流程,也可以向终端反馈验签不通过的消息;
C6、电子签名设备生成随机数R2;
C7、电子签名设备对随机数R2和接收的随机数R1进行签名,生成签名值S2;
C8、电子签名设备将随机数R2、签名值S2以及电子签名设备的数字证书发送至终端;
C9、终端利用预存的根证书校验接收的电子签名设备的数字证书的合法性,如果校验该电子签名设备的数字证书合法,则执行C10,如果校验该电子签名设备的数字证书不合法,则停止身份认证流程,必要时,可以向电子签名设备反馈校验证书不通过的消息;
C10、终端从电子签名设备的数字证书中获取电子签名设备的公钥,利用电子签名设备的公钥对接收的签名值S2进行验签,如果验签通过,则执行后续操作,如果验签不通过,则停止身份认证流程,也可以向电子签名设备反馈验签不通过的消息。
(2)方式二:
D1、终端(终端可以为被叫终端或者主叫终端)生成随机数R1,并将随机数R1发送至电子签名设备;
D2、电子签名设备(可以为第一电子签名设备或者第二电子签名设备)接收到随机数R1后,生成随机数R2,将随机数R2和电子签名设备的数字证书发送至终端;
D3、终端利用预存的根证书校验接收的电子签名设备的数字证书的合法性,如果校验该终端的数字证书合法,则执行D4,如果校验该终端的数字证书不合法,则停止身份认证流程,必要时,可以向电子签名设备反馈校验证书不通过的消息;
D4、终端对随机数R2和随机数R1进行签名,生成签名值S1;
D5、终端将签名值S1以及终端的数字证书发送至电子签名设备;
D6、电子签名设备利用预存的根证书校验接收的终端的数字证书的合法性,如果校验该终端的数字证书合法,则执行D7,如果校验该终端的数字证书不合法,则停止身份认证流程,必要时,可以向终端反馈校验证书不通过的消息;
D7、电子签名设备从终端的数字证书中获取终端的公钥,利用终端的公钥对接收的签名值S1进行验签,如果验签通过,则执行后续操作,如果验签不通过,则停止身份认证流程,也可以向终端反馈验签不通过的消息。
当然,除了上述两种方式外,终端对电子签名设备进行身份认证还有其他方式,本领域技术人员在本发明基础上扩展的其他身份认证方式都应该是本发明的保护范围。
在实施例10和实施例11中,当主叫终端或者被叫终端具有安全芯片时,在终端与电子签名设备完成了身份认证之后,终端与电子签名设备之间还可以协商出一个传输密钥,并将该传输密钥发送至服务器,服务器保存该传输密钥,用于后续终端、服务器以及电子签名设备之间数据传输的加/解密。主叫终端和被叫终端所协商出的传输密钥可以是相同的密钥,也可以是不同的密钥。当服务器与主叫终端之间进行通信时,利用主叫终端的传输密钥对信息进行加/解密;当服务器与被叫终端之间进行通信时,利用被叫终端的传输密钥对信息进行加/解密。当然,当电子签名设备需要向服务器进行签到时,可以在向服务器发送签到请求的同时发送协商密钥至服务器;在其他场合,向终端发送传输密钥也可以单独完成。
在具体的实施方式中,上述过程均可以采用至少如下六种方式进行:
(1)方式一:
E1、终端(终端可以为被叫终端或者主叫终端)生成随机数R3,利用电子签名设备的公钥对随机数R3加密生成R3的密文,并将R3的密文发送至电子签名设备;
E2、电子签名设备利用私钥解密获得R3,并生成随机数R4,利用R3和R4生成传输密钥(例如连接R3和R4成为传输密钥),并利用终端的公钥对随机数R4加密生成R4的密文,将R4的密文发送至终端;
E3、终端利用私钥解密获得R4,利用R3和R4生成传输密钥(该生成密钥的过程与 电子签名设置生成密钥的过程相同,例如连接R3和R4成为传输密钥);
E4、终端向服务器发送签到请求,当然,终端也可以不在发送签到请求的情况下单独发送保存传输密钥的请求,例如,当电子签名设备不需要向服务器签到时,则不需要发送签到请求,此时仅需要单独发送保存传输密钥的请求;
E5、服务器生成待签名信息,该待签名信息可以是随机数或其他因子,发送签名指令(用于指示电子签名设备对该待签名信息进行签名)和该待签名信息发送至电子签名设备;
E6、电子签名设备利用服务器的公钥对传输密钥进行加密,并对待签名信息和加密后的传输密钥进行签名生成签名值S3,将签名值S3和加密后的传输密钥发送至服务器;
E7、服务器对签名值S3进行验签,如果验签通过,则服务器利用私钥解密获得传输密钥,保存传输密钥。该传输密钥与电子签名设备的ID一一对应。
(2)方式二:
与方式一不同的是,方式二中是由电子签名设备生成传输密钥发送至终端,具体过程如下:
F1、电子签名设备生成传输密钥,该传输密钥用于后续与终端之间通信的加/解密,电子签名设备利用终端的公钥将该传输密钥进行加密,将加密后的传输密钥发送至终端;
F2、终端利用私钥解密获得传输密钥;
F3、终端向服务器发送签到请求,当然,终端也可以不在发送签到请求的情况下单独发送保存传输密钥的请求,例如,当电子签名设备不需要向服务器签到时,则不需要发送签到请求,此时仅需要单独发送保存传输密钥的请求;
F4、服务器生成待签名信息,该待签名信息可以是随机数或其他因子,发送签名指令(用于指示电子签名设备对该待签名信息进行签名)和该待签名信息发送至电子签名设备;
F5、电子签名设备利用服务器的公钥对传输密钥进行加密,并对待签名信息和加密后的传输密钥进行签名生成签名值S3,将签名值S3和加密后的传输密钥发送至服务器;
F6、服务器对签名值S3进行验签,如果验签通过,则服务器利用私钥解密获得传输密钥,保存传输密钥。该传输密钥与电子签名设备的ID一一对应。
(3)方式三:
G1、终端(终端可以为被叫终端或者主叫终端)生成随机数R3,利用电子签名设备的公钥对随机数R3加密生成R3的密文,并将R3的密文发送至电子签名设备;
G2、电子签名设备利用私钥解密获得R3,并生成随机数R4,利用R3和R4生成传输密钥(例如连接R3和R4成为传输密钥),并利用终端的公钥对随机数R4加密生成R4的密文,将R4的密文发送至终端;
G3、终端利用私钥解密获得R4,利用R3和R4生成传输密钥(该生成密钥的过程与 电子签名设置生成密钥的过程相同,例如连接R3和R4成为传输密钥);
G4、终端向服务器发送签到请求,当然,终端也可以不在发送签到请求的情况下单独发送保存传输密钥的请求,例如,当电子签名设备不需要向服务器签到时,则不需要发送签到请求,此时仅需要单独发送保存传输密钥的请求;
G5、服务器生成待签名信息,该待签名信息可以是随机数或其他因子,发送签名指令(用于指示电子签名设备对该待签名信息进行签名)和该待签名信息发送至电子签名设备;
G6、电子签名设备并对待签名信息和传输密钥进行签名生成签名值S3,将签名值S3发送至终端;
G7、终端利用服务器的公钥对传输密钥加密得到传输密钥的密文,将传输密钥的密文和签名值S3发送至服务器;
G8、服务器对签名值S3进行验签,如果验签通过,则服务器利用私钥解密获得传输密钥,保存传输密钥。该传输密钥与电子签名设备的ID一一对应。
(4)方式四:
H1、终端(终端可以为被叫终端或者主叫终端)生成随机数R3,利用电子签名设备的公钥对随机数R3加密生成R3的密文,并将R3的密文发送至电子签名设备;
H2、电子签名设备利用私钥解密获得R3,并生成随机数R4,利用R3和R4生成传输密钥(例如连接R3和R4成为传输密钥),并利用终端的公钥对随机数R4加密生成R4的密文,将R4的密文发送至终端;
H3、终端利用私钥解密获得R4,利用R3和R4生成传输密钥(该生成密钥的过程与电子签名设置生成密钥的过程相同,例如连接R3和R4成为传输密钥),并利用服务器的公钥对传输密钥进行加密生成传输密钥的密文;
H4、终端向服务器发送签到请求和传输密钥的密文,当然,终端也可以不在发送签到请求的情况下单独发送传输密钥的密文,例如,当电子签名设备不需要向服务器签到时,则不需要发送签到请求,此时仅需要单独传输密钥的密文;
H5、服务器生成待签名信息,该待签名信息可以是随机数或其他因子,发送签名指令(用于指示电子签名设备对该待签名信息进行签名)和该待签名信息发送至电子签名设备;
H6、电子签名设备并对待签名信息和传输密钥进行签名生成签名值S3,将签名值S3发送至服务器;
H7、服务器对签名值S3进行验签,如果验签通过,则服务器利用私钥解密获得传输密钥,保存传输密钥。该传输密钥与电子签名设备的IH一一对应。
(5)方式五:
I1、电子签名设备生成传输密钥,该传输密钥用于后续与终端之间通信的加/解密,电 子签名设备利用终端的公钥将该传输密钥进行加密,将加密后的传输密钥发送至终端;
I2、终端利用私钥解密获得传输密钥;
I3、终端向服务器发送签到请求,当然,终端也可以不在发送签到请求的情况下单独发送保存传输密钥的请求,例如,当电子签名设备不需要向服务器签到时,则不需要发送签到请求,此时仅需要单独发送保存传输密钥的请求;
I4、服务器生成待签名信息,该待签名信息可以是随机数或其他因子,发送签名指令(用于指示电子签名设备对该待签名信息进行签名)和该待签名信息发送至电子签名设备;
I5、电子签名设备并对待签名信息和传输密钥进行签名生成签名值S3,将签名值S3发送至终端;
I6、终端利用服务器的公钥对传输密钥加密得到传输密钥的密文,将传输密钥的密文和签名值S3发送至服务器;
I7、服务器对签名值S3进行验签,如果验签通过,则服务器利用私钥解密获得传输密钥,保存传输密钥。该传输密钥与电子签名设备的ID一一对应。
(6)方式六:
J1、电子签名设备生成传输密钥,该传输密钥用于后续与终端之间通信的加/解密,将传输密钥发送至终端,当然,电子签名设备还可以利用终端的公钥将该传输密钥进行加密后发送至终端;
J2、终端利用获得传输密钥,当然,当传输密钥是密文时,终端还当用私钥解密获得传输密钥;
J3、终端向服务器发送签到请求和传输密钥(也可以发送传输密钥的密文),当然,终端也可以不在发送签到请求的情况下单独发送传输密钥,例如,当电子签名设备不需要向服务器签到时,则不需要发送签到请求,此时仅需要单独传输密钥;
J4、服务器生成待签名信息,该待签名信息可以是随机数或其他因子,发送签名指令(用于指示电子签名设备对该待签名信息进行签名)和该待签名信息发送至电子签名设备;
J5、电子签名设备并对待签名信息和传输密钥进行签名生成签名值S3,将签名值S3发送至服务器;
J6、服务器对签名值S3进行验签,如果验签通过,则保存传输密钥(如果该传输密钥是密文,则服务器还当利用私钥解密获得传输密钥)。该传输密钥与电子签名设备的ID一一对应。
当然,除了上述方式外,本领域技术人员在本发明基础上扩展的协商和保存密钥的方式都应该是本发明的保护范围。
实施例12
图17示出了本发明实施例的一种呼叫方法,该呼叫方法可以采用上述的服务器130实现,参见图17,本发明实施例的呼叫方法,包括下述步骤S1001~S1003:其中:
S1001:服务器接收到被叫终端发送的签到请求,签到请求中包括被叫用户的ID;被叫用户的ID为被叫用户在服务器上为被叫用户使用的第一电子签名设备注册的唯一标识。
具体的,用户在服务器上为用户使用的电子签名设备进行注册,从而使得电子签名设备具有唯一标识,将该唯一标识作为用户的ID。ID可以是但不限于以下方式:数字、字母、字符、汉字之一或其组合。该ID相当于现有通信系统中用户的电话号码,方便主叫终端呼叫被叫用户。在进行呼叫时,可以仅提供用户的ID给服务器,服务器即可以知晓主叫用户和被叫用户为哪个。
在本发明实施例的一个可选实施方案中,用户使用电子签名设备箱服务器提出注册申请,服务器可以向电子签名设备办法证书或者使用电子签名设备内已有的其他认证单位办法的证书,服务器为用户分配一个唯一标识作为用户的ID,并将用户的ID与颁发给电子签名设备的证书绑定存储,由此,服务器可以通过为电子签名设备颁发的证书来验证电子签名设备的身份。具体的,可以通过但不限于如下方式之一进行注册:
方式一:用户持电子签名设备向服务器发送账号申请,服务器审核用户身份通过后,向电子签名设备发送密钥生成指令,电子签名设备生成密钥对,并将公钥发送至服务器,服务器生成电子签名设备的公钥证书,分配唯一标识作为用户的ID,将用户的ID与公钥证书绑定存储,并为电子签名设备签发证书,并将签发的证书发送至电子签名设备,电子签名设备保存服务器签发的证书。通过此种方式,由电子签名设备生成密钥对,保证密钥的安全性。
方式二:用户持电子签名设备向服务器发送账号申请,服务器审核用户身份通过后,向电子签名设备发送读取证书指令,电子签名设备将证书发送至服务器,服务器验证证书的合法性,并在证书合法后,分配唯一标识作为用户的ID,将用户的ID与证书绑定存储。通过此种方式,利用电子签名设备已有的证书进行绑定,提高了注册效率。
在具体使用时,被叫用户需要在使用的终端上,向服务器发送签到请求,该签到请求中至少包括被叫用户的ID,以告知服务器被叫用户使用的是哪一个终端,以便服务器确定被叫终端。
当然,为了保证被叫用户身份合法,在本发明实施例的一个可选实施方案中,在本步骤中,被叫终端在发送签到请求时,除了携带被叫用户的ID外,还可以在签到请求中携带身份认证数据并发送至服务器,以便服务器对被叫用户的身份进行认证,保证被叫身份合法。该身份认证数据可以通过如下方式之一得到:
方式一:第一电子签名设备对被叫用户的ID进行签名获得的签名数据。
方式二:第一电子签名设备待签名数据进行签名获得的签名数据,该待签名数据可以包括单次认证数据,该单次认证数据可以为第一电子签名设备生成的,也可以为被叫终端接收到服务器发送的并发送至第一电子签名设备的。该单次认证数据可以为随机数和事件因子之一或其组合,其中事件因子可以为每生成一次累计+1或任意值等方式生成的。
方式三:第一电子签名设备对待签名数据和被叫用户的ID进行签名获得的签名数据。
方式四:第一电子签名设备在注册时设置的密码或者与第一电子签名设备关联的动态口令牌生成的动态密码。
S1002:将被叫用户的ID与被叫终端的通信标识进行关联并存储;
具体的,服务器在收到被叫终端发送的被叫用户的ID后,将被叫用户的ID与被叫终端的通信标识进行关联并存储,由此,服务器可以知晓被叫用户使用的终端,以便找到被叫用户。该被叫终端的通信标识可以为固定电话的端口号、网络电话的IP地址、SIM的鉴权密钥等。
另外,在本发明实施例的一个可选实施方案中,在步骤S1001中,如果被叫终端在发送的签到请求中携带了身份认证数据,在服务器收到被叫终端的签到请求之后,本步骤中,服务器还可以对接收到的被叫终端发送的身份认证数据进行认证,并在认证通过后,执行将被叫用户的ID与被叫终端的通信标识进行关联并存储的步骤。具体的,服务器可以通过被叫用户在服务器上为第一电子签名设备注册时存储的第一电子签名设备的公钥对签名数据进行验签的方式进行身份认证,也可以验证静态密码或者动态密码的方式进行身份认证。由此保证只有在认证被叫用户身份合法后,才执行将被叫用户的ID与被叫终端的通信标识进行关联并存储的步骤,保证被叫用户签到的合法性。
当然,在本发明实施例的一个可选实施方案中,在本步骤S1002,将被叫用户的ID与被叫终端的通信标识进行关联并存储之后,还可以包括,服务器删除被叫用户的ID与被叫终端的通信标识的关联关系。基于此,服务器可以释放对被叫用户的签到,不影响被被叫用户签到的终端的正常使用。当然,服务器可以通过如下方式至少之一触发释放对被叫用户的签到的流程:接收被叫终端发送的释放签到指令后、服务器判断需要释放签到后。
在本发明实施例的一个可选实施方案中,如果服务器接收到被叫终端发送的释放签到指令,则服务器还可以对被叫用户的身份进行验证,以保证释放签到的被叫用户身份合法。此时,服务器可以接收被叫终端返回的身份认证数据,并进行身份认证,在身份认证通过后,执行服务器删除被叫用户的ID与被叫终端的通信标识的关联关系的步骤。具体的,被叫终端返回的身份认证数据可以采用与被叫终端发送签到请求时相同的方式生成,服务器可以采用对应的认证方法进行认证,在此不再赘述。
S1003:在接收到主叫终端对被叫用户的ID的呼叫请求后,根据被叫用户的ID与被叫终端的通信标识的关联关系,建立主叫终端与被叫终端的通话链路。
具体的,服务器在接收到主叫终端对被叫用户的ID的呼叫请求后,可以依据存储的被叫用户的ID与被叫终端的通信标识的关联关系,查找到被叫终端的通信标识,从而确定被叫终端的位置,建立主叫终端与被叫终端的通话链路。由此可以实现只要被叫用户的ID与被叫终端的通信标识进行了关联,即可以找到被叫用户的位置。
另外,在本发明实施例的一个可选实施方案中,在本步骤中,在接收到主叫终端对被叫用户的ID的呼叫请求后,服务器还可以向被叫终端发送验签请求,在接收到被叫终端返回的签名数据后进行验签,并在验签通过后,执行建立主叫终端与被叫终端的通话链路的步骤。具体的,该验签请求可以为单次签名数据,例如随机数和/或事件因子等。服务器只有在被叫终端返回签名数据并验签通过后才建立主叫终端与被叫终端的通话链路,由此验证了被叫用户是否在线,保证接听电话的用户确实为被叫用户本人,防止非被叫用户本人接听电话,提高了呼叫的安全性。
此外,在本发明实施例的一个可选实施方案中,在本步骤中,在接收到主叫终端对被叫用户的ID的呼叫请求之后,服务器还可以判断呼叫请求的类型为预设的呼叫请求类型,执行建立主叫终端与被叫终端的通话链路的步骤。由此,服务器可以兼容现有的通话系统,不影响正常使用,即使被叫终端已经进行了签到,也不影响正常接入该被叫终端的呼叫。
具体的,服务器可以判断接收到的主叫终端的呼叫请求的类型,判断其为被叫用户的ID,还是普通电话号码,如果为普通电话号码,则将主叫终端的呼叫接入至普通电话号码对应的被叫终端上,建立主叫终端与普通电话号码对应的被叫终端的通话链路;如果为被叫用户的ID,则将主叫终端的呼入接入至被叫用户的ID签到的被叫终端上,建立主叫终端与关联了被叫用户的ID的终端通信标识对应的终端的通话链路。
由此可见,通过本发明实施例的呼叫方法,由于被叫终端向服务器发送了签到请求,告知服务器被叫用户使用的是哪一个终端,服务器由此可以将该终端与被叫用户进行关联,由此可以在接收到主叫终端对被叫用户的呼叫时,将主叫终端接入被叫用户签到的终端上,由此可以保证被叫用户无论使用哪一个终端,只要在该终端处进行了签到,就可以找到该被叫用户,方便了使用。
此外,为了可以在被叫终端处知晓主叫的身份,在本发明实施例的一个可选实施方案中,还可以在被叫终端处显示主叫的来电显示,此时,服务器还可以接收到主叫终端发送的签到请求,签到请求中携带有主叫用户的ID;将主叫用户的ID与主叫终端的通信标识进行关联并存储。由此,服务器可以在主叫发起对被叫用户的ID的呼叫请求时,知晓主叫用户的身份。
当然,为了保证主叫用户身份的合法,在本发明实施例的一个可选实施方案中,在服务器收到主叫终端的签到请求之后,服务器还可以对接收到的主叫终端发送的身份认证数据进行认证,并在认证通过后,执行将主叫用户的ID与主叫终端的通信标识进行关联并存储的步骤。主叫终端发送的身份认证数据可以采用与被叫终端发送签到请求时相同的方式生成,服务器可以采用对应的认证方法进行认证,在此不再赘述。
当然,在本发明实施例的一个可选实施方案中,服务器在将主叫用户的ID与主叫终端的通信标识进行关联并存储之后,还可以删除主叫用户的ID与主叫终端的通信标识的关联关系。基于此,服务器可以释放对主叫用户的签到,不影响被主叫用户签到的终端的正常使用。当然,服务器可以通过与被叫终端释放签到相同的方式释放对主叫用户的签到,在此不再赘述。
在本发明实施例的一个可选实施方案中,如果服务器接收到主叫终端发送的释放签到指令,则服务器还可以对主叫用户的身份进行验证,以保证释放签到的主叫用户身份合法。此时,服务器可以接收主叫终端返回的身份认证数据,并进行身份认证,在身份认证通过后,服务器删除主叫用户的ID与主叫终端的通信标识的关联关系的步骤。具体的,主叫终端返回的身份认证数据可以采用与被叫终端返回身份认证数据的方式相同,服务器可以采用对应的认证方法进行认证,在此不再赘述。
另外,在本发明实施例的一个可选实施方案中,在接收到主叫终端对被叫用户的ID的呼叫请求后,服务器还可以向主叫终端发送验签请求,在接收到主叫终端返回的签名数据后进行验签,并在验签通过后,执行建立主叫终端与被叫终端的通话链路的步骤。具体的,该验签请求可以为单次签名数据,例如随机数和/或事件因子等。服务器只有在主叫终端返回签名数据并验签通过后才建立主叫终端与被叫终端的通话链路,由此验证了主叫用户身份的真实性,保证拨打电话的用户确实为主叫用户本人,防止非主叫用户本人拨打电话,提高了呼叫的安全性。
为了保证主叫终端与被叫终端的通话的安全性,主叫终端与被叫终端之间的通话数据或者其他数据可以经由传输密钥进行加密后在线路上传输。
在本发明实施例的一个可选实施方案中,具体的,服务器可以通过如下方式之一保证主叫终端与被叫终端之间通话的安全性:
方式一:服务器可以接收被叫终端发送的第一传输密钥并保存第一传输密钥,以及接收主叫终端发送的第二传输密钥并保存第二传输密钥;利用第一传输密钥对与被叫终端之间的传输数据进行加密或解密,以及利用第二传输密钥对与主叫终端之间传输数据进行加密或解密。通过此种方式,服务器还可以接收主叫终端发送来的加密数据,解密后再加密发送至被叫终端,也可以接收被叫终端发送来的加密数据,解密后再加密发送至主叫终端, 由于主叫终端与被叫终端分别采用了不同的传输密钥,防止破解,保证了主叫终端与被叫终端之间通话的安全性,同时,如果通话双方的某一方释放了签到,还不影响另一方正常使用自己的传输密钥。
方式二:服务器也可以将主叫终端发送来的传输密钥发送至被叫终端,此时,经由主叫终端发送来的加密数据,可以由服务器直接发送至被叫终端,而不需要经服务器解密再加密后发送,提高数据的传输效率,减少服务器的工作负担。
当然,在本发明实施例的一个可选实施方案中,服务器还需要删除第一传输密钥和/或第二传输密钥。此时,触发服务器删除第一传输密钥和/或第二传输密钥的触发时机可以包括但不限于如下至少一种方式:
服务器接收到主叫终端发送的释放签到指令、服务器接收到被叫终端发送的释放签到指令、本次通话完成之后(例如挂机)、和服务器根据预设的规则判断出需要删除(例如:服务器判断预设时间到即删除等)等。
当然,在本发明实施例的一个可选实施方案中,如果服务器主动发起(例如服务器根据预设的规则判断)删除第一传输密钥和/或第二传输密钥时,还可以向被叫终端和/或主叫终端发送密钥删除请求,用于指示被叫终端和/或主叫终端删除保存的传输密钥。此时,被叫终端和/或主叫终端可以删除保存在终端内的传输密钥,也可以指示与其连接的电子签名设备删除保存在电子签名设备内的传输密钥,例如:被叫终端指示第一电子签名设备删除保存在第一电子签名设备内的传输密钥。
此外,在本发明实施例的一个可选实施方案中,如果服务器经由接收到终端发送的释放签到指令后触发删除第一传输密钥和/或第二传输密钥时,服务器还可以对终端的用户的身份进行验证,以保证释放签到的用户身份合法。例如:服务器可以接收被叫终端返回的身份认证数据,并进行身份认证,在身份认证通过后,删除第一传输密钥。当然,主叫终端发送释放签到指令时,也可以采用相同的方式触发服务器删除第二传输密钥。具体的,终端返回的身份认证数据可以采用与终端发送签到请求时相同的方式生成,服务器可以采用对应的认证方法进行认证,在此不再赘述。
在本发明实施例中,为了进一步保证主叫终端与被叫终端通话的安全性,在本发明实施例的一个可选实施方案中,在主叫终端与被叫终端进行通话的过程中,服务器还可以根据预设的跳变规则将当前的第一传输密钥跳变为新的第一传输密钥并利用新的第一传输密钥对传输数据进行加密或解密;和/或根据预设的跳变规则将当前的第二传输密钥跳变为新的第二传输密钥并利用新的第二传输密钥对传输数据进行加密或解密。由此可以保证在通话过程中不再使用单一的传输密钥,采用变化的传输密钥来提高传输密钥的安全性,防止被破解,从而提高通话的安全性。
具体的,服务器根据预设的跳变规则将当前的第一传输密钥跳变为新的第一传输密钥,和/或,将当前的第二传输密钥跳变为新的第二传输密钥,包括但不限于如下以下至少之一:
方式一:根据跳变触发因子,将当前的第一传输密钥跳变为新的第一传输密钥,和/或,将当前的第二传输密钥跳变为新的第二传输密钥;具体的,该跳变触发因子,包括以下至少之一:跳变周期、跳变时间点、和通话数据量等。即服务器可以预先与主叫终端和/或被叫终端协商出跳变周期,之后可以根据跳变周期进行密钥跳变,服务器也可以预先与主叫终端和/或被叫终端协商出跳变时间点,之后可以根据跳变时间点进行密钥跳变,服务器还可以与主叫终端和/或被叫终端预先协商出通话数据量,之后可以根据通话数据量进行密钥跳变。
方式二:获取到密钥跳变指令,将当前的第一传输密钥跳变为新的第一传输密钥,和/或,将当前的第二传输密钥跳变为新的第二传输密钥。具体的,密钥跳变指令包括以下至少之一:被叫终端和/或主叫终端发送的密钥跳变指令、和根据预设规则生成的密钥跳变指令。即服务器可以接收被叫终端和/或主叫终端发送的密钥跳变指令,并在接收到密钥跳变指令后进行密钥跳变;服务器还可以自主生产密钥跳变指令,例如:服务器判断可以进行密钥跳变(例如周期到、时间点到、数据量到、有监听等)后,发送密钥跳变指令至被叫终端和/或主叫终端,以指示终端与服务器进行密钥跳变。
在本发明实施例中,为了进一步保证主叫终端与被叫终端通话的安全性,在本发明实施例的一个可选实施方案中,在主叫终端与被叫终端进行通话的过程中,服务器还可以根据预设的线路跳变规则将当前的传输线路跳变为新的传输线路,并利用新的传输线路对传输数据进行传输。由此可以保证传输线路的安全性,防止通话被监听。具体的,服务器可以预先存储有通话线路池,服务器可以根据预设的跳变规则在通话线路池中选择与本通话线路不同的线路进行数据传输。该预设的跳变规则可以包括但不限于如下方式至少之一:
方式一:根据跳变触发因子,将当前的传输线路跳变为新的传输线路。具体的,该跳变触发因子,包括以下至少之一:跳变周期、跳变时间点、和通话数据量等。即服务器可以预先设置跳变周期,之后可以根据跳变周期进行密钥跳变,服务器也可以预先设置跳变时间点,之后可以根据跳变时间点进行密钥跳变,服务器还可以预先设置通话数据量,之后可以根据通话数据量进行密钥跳变。
方式二:获取到线路跳变指令,将当前的传输线路跳变为新的传输线路。具体的,线路跳变指令包括以下至少之一:被叫终端和/或主叫终端发送的跳变指令、和根据预设规则生成的线路跳变指令。即服务器可以接收被叫终端和/或主叫终端发送的线路跳变指令,并在接收到线路跳变指令后进行线路跳变;服务器还可以自主生产线路跳变指令,例如:服务器判断可以进行线路跳变(例如周期到、时间点到、数据量到、有监听等)后,进行线 路跳变。
另外,在本发明实施例的一个可选实施方案中,本发明实施例还提供一种多方通话的呼叫方法,由此,可以令多方通话的被叫用户可在任一位置接听电话,此时,被叫用户包括多个,呼叫请求中携带有各个被叫用户的ID;服务器根据被叫用户的ID与被叫终端的通信标识的关联关系,建立主叫终端与被叫终端的通话链路可以通过但不限于如下方式实现:
服务器向各个被叫用户的ID关联的通信标识对应的被叫终端发送多方通话请求;接收到多个被叫终端中的一个或多个返回的确认响应后,建立主叫终端与一个或多个被叫终端、以及一个或多个被叫终端之间的通话链路。
由此,服务器基于被叫用户可以在任一位置接听电话的基础上,实现了多方通话。
此外,为了保证多方通话的安全性,对主叫终端与一个或多个被叫终端、或者多个被叫终端之间的通话数据进行加密,此时,建立主叫终端与一个或多个被叫终端、以及一个或多个被叫终端之间的通话链路之前,服务器还可以接收主叫终端发送的共享传输密钥;将共享传输密钥发送至一个或多个被叫终端。基于此,主叫终端与被叫终端可以利用共享传输密钥进行通话数据的加密传输,保证了通话数据的安全性。
在上述实施例10至实施例12中,作为本发明实施例的一个可选实施方案,终端(即主叫终端120和被叫终端110)可以与电子签名设备间通过无线方式连接,也可以通过有线方式连接,无线方式可以包括:蓝牙、WIFI、NFC、红外或RFID等方式;有线方式可以包括:USB、音频(耳机插头)RJ11、RJ45或串口等方式。另外,如果通话数据需要加密,那么在本发明实施例中,可以通过如下方式实现通话:
方式一:终端可以通过与终端连接的电子签名设备进行加解密操作。例如:终端通过其网络接口(例如电话端口、SIM卡的鉴权密钥、IP地址等)接收加密后的通话数据,将加密后的通话数据发送至电子签名设备,由电子签名设备解密后发送至终端,再由终端送至听筒供用户收听;终端接收到用户通过麦克输入的语音数据,再发送至电子签名设备,由电子签名设备加密后发送至终端,再由终端经由网络接口外发。
方式二:数据可以均由电子签名设备发送至网络,再由终端收听语音数据和/或采集语音数据。例如:电子签名设备通过其网络接口接收加密后的通话数据,将加密后的通话数据进行解密并经由电子签名设备与终端的连接发送至终端,再由终端发送至听筒供用户收听;终端接收到用户通过麦克输入的语音数据,再经由与电子签名设备的连接发送至电子签名设备,经由电子签名设备加密后通过电子签名设备的网络接口外发。
方式三:经由终端将加密数据接收并外发,加密数据可以由电子签名设备进行解密,需要加密的数据可以由电子签名设备进行加密,同时,电子签名设备还可以收听语音数据 和/或采集语音数据。例如:终端通过其网络接口接收加密后的通话数据,将加密后的通话数据发送至电子签名设备,由电子签名设备解密后送至电子签名设备的听筒供用户收听;电子签名设备接收到用户通过电子签名设备的麦克输入的语音数据,由电子签名设备加密后发送至终端,再由终端经由网络接口外发。
实施例13
如图18所示,本实施例提供了一种呼叫方法,该呼叫方法可以通过上述实施例中的被叫终端110、主叫终端120和服务器130实现,主要可以包括以下步骤(S1101至S1112)。
S1101:主叫终端向服务器发送签到请求,所述签到请求中携带有主叫用户的ID,用于指示所述服务器将所述主叫用户的ID与所述主叫终端的通信标识关联;
其中,所述主叫用户的ID为所述主叫用户在服务器上为所述主叫用户使用的第二电子签名设备注册的唯一标识。本步骤S1101为可选步骤。
S1102:被叫终端向服务器发送签到请求,所述签到请求中携带有被叫用户的ID,用于指示所述服务器将所述被叫用户的ID与所述被叫终端的通信标识关联;
其中,所述被叫用户的ID为所述被叫用户在服务器上为所述被叫用户使用的第一电子签名设备注册的唯一标识。
S1103:服务器接收到主叫终端和/或被叫终端发送的签到请求后,对接收到的主叫终端和/或被叫终端发送的身份认证数据进行认证;在认证通过后,执行步骤S1104;
本步骤S1103为可选步骤。
S1104:服务器将主叫用户的ID与主叫终端的通信标识进行关联并存储,和/或,将被叫用户的ID与被叫终端的通信标识进行关联并存储;
S1105:主叫终端获取被叫用户的ID;
具体的,主叫终端可以通过如下方式之一获取到被叫用户的ID:主叫用户通过主叫终端的输入装置向主叫终端输入被叫用户的ID,主叫用户通过语音方式向主叫终端输入被叫用户的ID等。
S1106:主叫终端向服务器发起呼叫被叫用户的呼叫请求,呼叫请求中携带有被叫用户的ID;
S1107:服务器向主叫终端和/或被叫终端发送验签请求;
S1108:主叫终端收到验签请求后,从第二电子签名设备获取签名数据,签名数据为所述第二电子签名设备对待签名数据进行签名获得的数据;将所述签名数据发送至所述服务器;
S1109:被叫终端收到验签请求后,从第一电子签名设备获取签名数据,签名数据为第 一电子签名设备对待签名数据进行签名获得的数据;将所述签名数据发送至所述服务器;
S1110:服务器在接收到主叫终端和/或被叫终端返回的签名数据后进行验签;并在验签通过后,执行步骤S1111。
其中,所述步骤S1107~步骤S1110为可选步骤。
S1111:服务器在接收到主叫终端对被叫用户的呼叫请求后,根据被叫用户的ID与被叫终端的通信标识的关联关系,建立主叫终端与被叫终端的通话链路,并向被叫终端显示主叫用户的ID;
S1112:主叫终端与被叫终端利用各自的电子签名设备协商传输密钥,并利用传输密钥对传输数据加解密。
其中,如果终端具有安全芯片,则步骤S1112也可以是,主叫终端、被叫终端分别与各自的电子签名设备协商传输密钥并存储,将协商的传输密钥发送至服务器,主叫终端、被叫终端分别利用各自的传输密钥对传输数据加解密;服务器利用接收到的主叫终端、被叫终端各种的传输密钥对传输数据加解密。
通过本实施例中提供的方法,在用户忘记带手机或不便带手机的情况下,或者,在用户只能以固定的方式拨打或接听电话的情况下,只要随身携带该电子签名设备,与任意终端连接,在服务器上签到关联通信标识与用户的ID,就可以利用电子签名设备在任意终端上实现该用户的拨打或接听电话,从而实现了固定通话方式的移动性。而且,服务器可以通过主被叫终端发送的身份认证数据验证主被叫用户的身份是否合法,从而保证与终端的通信标识关联的ID的身份合法性,进一步地,在呼叫连通之前,服务器还会验证主被叫用户是否在线,并通过签名数据验证主被叫用户的身份是否合法,从而保证通话安全。
实施例14
如图19所示,本实施例提供了一种终端向服务器发起签到的流程,终端包括主叫终端和/或被叫终端,相应的,用户包括主叫用户和/或被叫用户,电子签名设备以KEY为例,具体包括以下步骤:
S1201:终端向服务器发送签到指令;
S1202:服务器向终端返回待签名数据;
其中,待签名数据中包含服务器生成的随机数。
S1203:终端将待签名数据发送至与其连接的KEY;
S1204:KEY对服务器发送的随机数、用户的ID或KEY自身生成的随机数之一进行签名得到身份认证数据;
其中,用户的ID为用户在服务器上为用户使用的KEY注册的唯一标识。在注册时, KEY保存用户的ID;
S1205:KEY将身份认证数据以及用户的ID发送至终端;
其中,KEY还需发送其数字证书至终端,如果在步骤S1204中对终端自身生成的随机数签名,则KEY还需将终端自身生成的随机数发送至终端。
S1206:终端向服务器发送签到请求,签到请求中至少携带有用户的ID,此外还可以携带身份认证数据;
其中,终端还需发送KEY的数字证书至服务器,如果在步骤S1204中对终端自身生成的随机数签名,则签到请求中还需携带终端自身生成的随机数,以便服务器进行身份认证。
S1207:服务器对接收到的终端发送的身份认证数据进行认证;
其中,服务器对身份认证数据进行认证,具体包括:校验终端发送的证书以及校验签名后的身份认证数据,此为现有技术,这里不再赘述。
S1208:服务器在认证通过后,将用户的ID与终端的通信标识进行关联并存储。
通过本实施例中提供的方法,用户只要随身携带其KEY,将其KEY连接到任意一个终端上,这个终端在服务器签到后,即服务器将用户的ID与终端的通信标识关联后,该终端就可以接收到其他终端对该用户的ID的呼叫,在呼叫其他终端时,在对端的来电显示也是该用户的ID,从而利用KEY实现移动接听或拨打电话。并且,在签到时,服务器可以通过主被叫终端发送的身份认证数据验证主被叫用户的身份是否合法,以保证与终端的通信标识关联的ID的身份合法性,从而保证通话安全。
如图20所示,本实施例提供了一种发起释放签到的流程,终端包括主叫终端和/或被叫终端,相应的,用户包括主叫用户和/或被叫用户,电子签名设备以KEY为例,具体包括以下步骤:
S1301:终端接收到释放签到指令;
其中,释放签到的发起方可以是通话的一方,也可以是服务器。终端接收到释放签到指令,具体包括以下方式的一种或多种:
方式一:主叫终端接收到主叫用户输入的释放签到指令,例如,主叫用户输入“9#”,表示主叫用户请求释放签到;
方式二:主叫终端接收到服务器发送的释放签到指令;
方式三:主叫终端接收到与其连接的第二电子签名设备的释放签到指令,例如,主叫用户按着第二电子签名设备上的C键断开第二电子签名设备与主叫终端的连接,这时,第二电子签名设备在与主叫终端断开连接时也会发出一个释放签到指令给主叫终端。
S1302:终端向服务器发送释放签到指令;
S1303:服务器向终端返回待签名数据;
其中,待签名数据中包含服务器生成的随机数。
S1304:终端将待签名数据发送至与其连接的KEY;
S1305:KEY对服务器发送的随机数、用户的ID或KEY自身生成的随机数之一进行签名得到身份认证数据;
其中,用户的ID为用户在服务器上为用户使用的KEY注册的唯一标识。在注册时,KEY保存用户的ID;
S1306:KEY将身份认证数据以及用户的ID发送至终端;
其中,KEY还需发送其数字证书至终端,如果在步骤S1304中对终端自身生成的随机数签名,则KEY还需将终端自身生成的随机数发送至终端。
S1307:终端向服务器发送释放签到请求,释放签到请求中携带身份认证数据;
其中,终端还需发送KEY的数字证书至服务器,如果在步骤S1304中对终端自身生成的随机数签名,则释放签到请求中还需携带终端自身生成的随机数,以便服务器进行身份认证。
S1308:服务器对接收到的终端发送的身份认证数据进行认证;
其中,服务器对身份认证数据进行认证,具体包括:校验终端发送的证书以及校验签名后的身份认证数据,此为现有技术,这里不再赘述。
S1309:服务器在身份认证通过后,删除用户的ID与终端的通信标识的关联关系。
其中,如果终端具有安全芯片,则在步骤S1303中服务器向终端返回待校验数据,步骤S1304~S1306合为一步,均由终端执行,无需发给KEY进行签名,终端的安全芯片可以对服务器发送的待校验数据加密得到身份认证数据。步骤S1308中,服务器对身份认证数据进行认证,即利用对称密钥对身份认证数据解密
通过本实施例中提供的方法,用户可以在不使用某个终端时,释放与该终端的关联关系,从而使得其它用户可以使用该终端,提高了终端的利用率。并且,在释放签到时,服务器可以通过主被叫终端发送的身份认证数据验证主被叫用户的身份是否合法,以保证释放签到的发起者的身份是安全的,以防止被恶意释放签到的情况。
实施例15
本实施例提供了密钥跳变以及线路跳变的流程,具体如下:
图21示出了一种终端与终端之间进行数据交互时进行密钥跳变的流程,参见图21,其第一终端和第二终端均执行如下流程:
S1401:第一终端与第二终端利用当前传输密钥对传输数据进行加密或解密;
S1402:判断是否达到跳变点,如果未达到跳变点,执行S1401,如果达到跳变点,执 行S1403;
S1403:按照预设算法计算新的传输密钥;
S1404:利用新的传输密钥作为当前传输密钥对传输数据进行加密或解密;
S1405:判断是否结束通话,如果结束通话,执行S1406,如果未结束通话,执行S1402;
S1406:结束通话。
具体的,跳变点的跳变阈值可以设置为预设的时间间隔或者预设的数据量,每达到跳变阈值,进行一次跳变。值得说明的是,在本实施例中,第一终端执行的操作指的是第一终端通过与其连接的电子签名设备执行的操作,第二终端执行的操作指的是第二终端通过与其连接的电子签名设备执行的操作。其中,第一终端为主叫终端,第二终端为被叫终端,或者第一终端为被叫终端,第二终端为主叫终端。第一终端与第二终端可以通过但不限于如下方式之一计算新的传输密钥:
方式一:第一终端与第二终端预先协商传输密钥列表,判断达到跳变点后,依次使用预先协商的传输密钥列表中的传输密钥;例如传输密钥列表包括K0、K1……Kn,依次使用K0、K1、K2……直至通话结束。
方式二:第一终端与第二终端预先协商传输密钥列表以及跳变因子列表,判断达到跳变点后,通过预设算法计算跳变因子,确定新的传输密钥在传输密钥列表的位置,选择确定的新的传输密钥;例如传输密钥列表包括K0、K1……Kn,跳变因子列表包括:R0、R1……Rn,通过预设算法对R0进行计算,得到指向第4个位置的传输密钥K3等方式,选取新的传输密钥。
方式三:第一终端与第二终端预先协商跳变因子列表,判断达到跳变点后,通过预设算法依次对跳变因子R进行计算得到新的传输密钥;例如跳变因子列表包括:R0、R1……Rn,通过预设算法对R0进行计算得到新的传输密钥,继而通过预设的算法对R1进行计算得到新的传输密钥……直至通话结束。
方式四:第一终端与第二终端预先协商跳变因子列表,判断达到跳变点后,通过预设算法对跳变因子R以及当前传输密钥进行计算得到新的传输密钥。例如跳变因子列表包括:R0、R1……Rn,通过预设算法对R0和当前传输密钥进行计算得到新的传输密钥,继而通过预设的算法对R1和之前计算出的新的传输密钥进行计算得到新的传输密钥……直至通话结束。
以上的跳变因子可以为随机数,保证跳变因子的随机性。
图22示出了另一种终端与终端之间进行数据交互时进行密钥跳变的流程,参见图22,其第一终端与第二终端之间执行如下流程:
S1501:第一终端与第二终端利用当前传输密钥对传输数据进行加密或解密;
S1502:第一终端向第二终端发送密钥跳变请求;
S1503:第一终端与第二终端分别按照预设算法计算新的传输密钥;
S1504:利用新的传输密钥作为当前传输密钥对传输数据进行加密或解密;
S1505:判断是否结束通话,如果结束通话,执行S1506,如果未结束通话,执行S1502;
S1506:结束通话。
具体的,密钥跳变请求可以仅为一个指令,也可以包含跳变因子,其中跳变因子可以为随机数,保证跳变因子的随机性。值得说明的是,在本实施例中,第一终端执行的操作指的是第一终端通过与其连接的电子签名设备执行的操作,第二终端执行的操作指的是第二终端通过与其连接的电子签名设备执行的操作。其中,第一终端可以为主叫终端,第二终端为被叫终端;或者第二终端为主叫终端,第一终端为被叫终端。当然,本发明并不局限于第一终端发送跳变请求,也可以由第二终端发起,该流程与图22所示流程相反即可。第一终端与第二终端可以通过但不限于如下方式之一计算新的传输密钥:
方式一:第一终端与第二终端预先协商传输密钥列表,发送密钥跳变请求和接收到密钥跳变请求后,依次使用预先协商的传输密钥列表中的传输密钥;例如传输密钥列表包括K0、K1……Kn,依次使用K0、K1、K2……直至通话结束。
方式二:第一终端与第二终端预先协商传输密钥列表以及跳变因子列表,发送密钥跳变请求和接收到密钥跳变请求后,通过预设算法计算跳变因子,确定新的传输密钥在传输密钥列表的位置,选择确定的新的传输密钥;例如传输密钥列表包括K0、K1……Kn,跳变因子列表包括:R0、R1……Rn,通过预设算法对R0进行计算,得到指向第4个位置的传输密钥K3等方式,选取新的传输密钥。
方式三:第一终端与第二终端预先协商跳变因子列表,发送密钥跳变请求和接收到密钥跳变请求后,通过预设算法依次对跳变因子R进行计算得到新的传输密钥;例如跳变因子列表包括:R0、R1……Rn,通过预设算法对R0进行计算得到新的传输密钥,继而通过预设的算法对R1进行计算得到新的传输密钥……直至通话结束。
方式四:第一终端与第二终端预先协商跳变因子列表,发送密钥跳变请求和接收到密钥跳变请求后,通过预设算法对跳变因子R以及当前传输密钥进行计算得到新的传输密钥。例如跳变因子列表包括:R0、R1……Rn,通过预设算法对R0和当前传输密钥进行计算得到新的传输密钥,继而通过预设的算法对R1和之前计算出的新的传输密钥进行计算得到新的传输密钥……直至通话结束。
图23示出了一种终端与服务器之间进行数据交互时进行密钥跳变的流程,参见图23,其终端和服务器均执行如下流程:
S1601:终端与服务器利用当前传输密钥对传输数据进行加密或解密;
S1602:判断是否达到跳变点,如果未达到跳变点,执行S1601,如果达到跳变点,执行S1603;
S1603:按照预设算法计算新的传输密钥;
S1604:利用新的传输密钥作为当前传输密钥对传输数据进行加密或解密;
S1605:判断是否结束通话,如果结束通话,执行S1606,如果未结束通话,执行S1602;
S1606:结束通话。
具体的,跳变点的跳变阈值可以设置为预设的时间间隔或者预设的数据量,每达到跳变阈值,进行一次跳变。值得说明的是,在本实施例中,终端执行的操作指的是主叫终端通过与其连接的电子签名设备执行的操作,或者终端自己执行的操作。其中,终端可以主叫终端也可以为被叫终端。具体的,终端与服务器可以通过但不限于如下方式之一计算新的传输密钥:
方式一:终端与服务器预先协商传输密钥列表,判断达到跳变点后,依次使用预先协商的传输密钥列表中的传输密钥;例如传输密钥列表包括K0、K1……Kn,依次使用K0、K1、K2……直至通话结束。
方式二:终端与服务器预先协商传输密钥列表以及跳变因子列表,判断达到跳变点后,通过预设算法计算跳变因子,确定新的传输密钥在传输密钥列表的位置,选择确定的新的传输密钥;例如传输密钥列表包括K0、K1……Kn,跳变因子列表包括:R0、R1……Rn,通过预设算法对R0进行计算,得到指向第4个位置的传输密钥K3等方式,选取新的传输密钥。
方式三:终端与服务器预先协商跳变因子列表,判断达到跳变点后,通过预设算法依次对跳变因子R进行计算得到新的传输密钥;例如跳变因子列表包括:R0、R1……Rn,通过预设算法对R0进行计算得到新的传输密钥,继而通过预设的算法对R1进行计算得到新的传输密钥……直至通话结束。
方式四:终端与服务器预先协商跳变因子列表,判断达到跳变点后,通过预设算法对跳变因子R以及当前传输密钥进行计算得到新的传输密钥。例如跳变因子列表包括:R0、R1……Rn,通过预设算法对R0和当前传输密钥进行计算得到新的传输密钥,继而通过预设的算法对R1和之前计算出的新的传输密钥进行计算得到新的传输密钥……直至通话结束。
以上的跳变因子可以为随机数,保证跳变因子的随机性。
图24示出了另一种终端与服务器之间进行数据交互时进行密钥跳变的流程,参见图24,其终端与服务器之间执行如下流程:
S1701,终端与服务器利用当前传输密钥对传输数据进行加密或解密;
S1702,终端向服务器发送密钥跳变请求;
S1703,终端与服务器分别按照预设算法计算新的传输密钥;
S1704,利用新的传输密钥作为当前传输密钥对传输数据进行加密或解密;
S1705,判断是否结束通话,如果结束通话,执行S1706,如果未结束通话,执行S1702;
S1706,结束通话。
具体的,密钥跳变请求可以仅为一个指令,也可以包含跳变因子,其中跳变因子可以为随机数,保证跳变因子的随机性。值得说明的是,在本实施例中,终端执行的操作指的是终端通过与其连接的电子签名设备执行的操作,或者终端自己执行的操作。其中,终端可以为主叫终端或者被叫终端。当然,本发明并不局限于终端发送跳变请求,也可以由服务器发起,该流程与图24所示流程相反即可。具体的,终端与服务器可以通过但不限于如下方式之一计算新的传输密钥:
方式一:终端与服务器预先协商传输密钥列表,发送密钥跳变请求和接收到密钥跳变请求后,依次使用预先协商的传输密钥列表中的传输密钥;例如传输密钥列表包括K0、K1……Kn,依次使用K0、K1、K2……直至通话结束。
方式二:终端与服务器预先协商传输密钥列表以及跳变因子列表,发送密钥跳变请求和接收到密钥跳变请求后,通过预设算法计算跳变因子,确定新的传输密钥在传输密钥列表的位置,选择确定的新的传输密钥;例如传输密钥列表包括K0、K1……Kn,跳变因子列表包括:R0、R1……Rn,通过预设算法对R0进行计算,得到指向第4个位置的传输密钥K3等方式,选取新的传输密钥。
方式三:终端与服务器预先协商跳变因子列表,发送密钥跳变请求和接收到密钥跳变请求后,通过预设算法依次对跳变因子R进行计算得到新的传输密钥;例如跳变因子列表包括:R0、R1……Rn,通过预设算法对R0进行计算得到新的传输密钥,继而通过预设的算法对R1进行计算得到新的传输密钥……直至通话结束。
方式四:终端与服务器预先协商跳变因子列表,发送密钥跳变请求和接收到密钥跳变请求后,通过预设算法对跳变因子R以及当前传输密钥进行计算得到新的传输密钥。例如跳变因子列表包括:R0、R1……Rn,通过预设算法对R0和当前传输密钥进行计算得到新的传输密钥,继而通过预设的算法对R1和之前计算出的新的传输密钥进行计算得到新的传输密钥……直至通话结束。
实施例16
如图25所示,本实施例提供了一种用于多方通话的呼叫方法,该呼叫方法可以通过上述实施例中的被叫终端110、主叫终端120和服务器130实现,电子签名设备以KEY为例, 其中,主叫终端120为多方通话主叫,被叫终端包括多个,且假设多个被叫终端均已在服务器签到,服务器将被叫用户的ID与被叫终端的通信标识进行关联并存储。为了便于描述,本实施例以3个被叫终端为例,本实施例的呼叫方法主要可以包括以下步骤(S1801至S1814)。
S1801:主叫终端获取多个被叫用户的ID。
具体的,主叫终端可以通过如下方式之一获取到多个被叫用户的ID:主叫用户通过主叫终端的输入装置向主叫终端输入多个被叫用户的ID,主叫用户通过语音方式向主叫终端输入多个被叫用户的ID等。本实施例以3个被叫终端为例,被叫用户的ID也为3个。
S1802:主叫终端向服务器发起呼叫多个被叫用户的呼叫请求,呼叫请求中携带有多个被叫用户的ID。
其中,服务器在接收到主叫终端发起的呼叫请求后,还包括向主叫终端和被叫终端发起验签的步骤,具体实现方式可参见实施例13中的步骤S1107~步骤S1110,此处不再赘述,该验签的步骤为可选步骤。
S1803:服务器在接收到主叫终端对各个被叫用户的呼叫请求后,服务器根据被叫用户的ID与被叫终端的通信标识的关联关系,向各个被叫终端发起多方通话请求。
S1804:被叫终端1接收到所述多方通话请求后,确认加入多方通话,向服务器返回确认响应,该确认响应中至少携带有该被叫用户1的ID。
被叫用户1的ID是被叫终端1从其KEY1处获取的。其中,为了使主叫终端可以对被叫终端进行身份认证,该确认响应中还可以携带被叫终端1从其KEY1获取的单次认证数据。
S1805:服务器发送确认响应至主叫终端,该确认响应中至少携带有该被叫用户1的ID。
S1806:主叫终端收到确认响应后,利用其KEY生成共享密钥,并通过KEY利用被叫终端1的公钥对该共享密钥加密得到共享密钥密文并发送至服务器。
其中,主叫终端在生成共享密钥之前,还可以根据确认响应中携带的单次认证数据对被叫终端进行身份认证,在认证通过后,生成共享密钥,该认证过程包括多种可实现方式,此处不再赘述。
其中,主叫终端在发送共享密钥密文的同时,还可以向被叫终端1发送单次认证数据以便被叫终端1对主叫终端的身份进行认证,该认证过程包括多种可实现方式,此处不再赘述。
S1807:服务器将所述共享密钥密文发送至被叫终端1。
其中,服务器还将主叫终端发送给被叫终端1的单次认证数据发送至被叫终端1。
S1808:被叫终端1接收到共享密钥密文后,通过其KEY1用KEY1的私钥解密获得共 享密钥明文。
其中,被叫终端1解密共享密钥密文之前,还可以根据服务器转发的主叫终端发送的单次认证数据对主叫终端进行身份认证,在认证通过后,解密共享密钥密文,该认证过程包括多种可实现方式,此处不再赘述。
至此,被叫终端1完成加入多方通话。
同时,被叫终端2也同意加入多方通话,其加入多方通话流程与上述步骤S1804~S1808相同。
S1809:被叫终端3接收到所述多方通话请求后,拒绝加入多方通话,则向服务器返回拒绝响应,该拒绝响应中至少携带有被叫用户3的ID。
S1810:服务器接收到被叫终端3的拒绝响应后,将被叫终端3退出多方通话,并将携带有被叫用户3的ID的拒绝响应发送至主叫终端。
上述步骤S1809~S1810与上述步骤S1804~S1808同步。
S1811:服务器建立所述主叫终端与加入多方通话的各个被叫终端、以及加入多方通话的各个被叫终端之间的通话链路。
S1812:在多方通话过程中,多方通话中的各个终端(主叫终端以及加入多方通话的各个被叫终端)通过各自的KEY利用共享密钥对传输数据加密生成通话密文,并发送至服务器。
S1813:服务器将接收到的各个终端发送的通话密文广播至多方通话中的每个终端。
S1814:多方通话中的各个终端通过各自的KEY利用共享密钥对通话密文解密。
通过本实施例的呼叫方法,可以在多方通话时,终端在签到(将用户的ID与终端通信标识关联)后,多方通话的发起终端(本实施例的主叫终端)可以通过呼叫用户的ID,将与KEY连接的多个终端加入多方通话,实现移动接听,并且多方通话中的各个终端能够对传输数据进行加密,确保多方通话的安全性。
实施例17
图26示出了本发明实施例的一种签到方法,应用于服务器侧,参见图26,本发明实施例的签到方法,包括下述步骤S1901~S1902:其中:
S1901:服务器接收到终端发送的通信标识和签到请求,签到请求中包括用户ID;用户ID为用户在服务器上为用户使用的第一电子签名设备注册的唯一标识。
具体的,用户在服务器上为用户使用的电子签名设备进行注册,从而使得电子签名设备具有唯一标识,将该唯一标识作为用户ID。用户ID可以是但不限于以下方式:数字、字母、字符、汉字之一或其组合。该用户ID相当于用户的身份识别号码。在进行签到时, 用户需要在使用的终端上,向服务器发送签到请求,该签到请求中至少包括用户ID,以使得服务器可以知晓正在使用终端的用户的身份。此外,终端还发送通信标识,通信标识为终端在服务器上的通信标识,服务器可通过该通信标识寻找到终端,通信标识可以为终端的端口号(如固定电话的端口号)、IP地址/MAC地址(PC等的IP地址/MAC地址)、SIM卡的鉴权密钥(如移动终端的SIM卡)等,以便告知服务器用户使用的是哪一个终端,以便服务器确定终端。本实施例中,电子签名设备包括但不限于具有安全芯片的电子签名钥匙(KEY设备,例如工行的U盾或农行的K宝等)、具有安全芯片的智能卡等,其中,安全芯片能够进行签名运算、加解密运算、协商传输密钥的功能。
当然,为了保证用户身份合法,在本发明实施例的一个可选实施方案中,在本步骤中,终端在发送签到请求时,除了携带用户ID外,还可以在签到请求中携带用户身份认证数据并发送至服务器,以便服务器对用户的身份进行认证,保证身份合法,服务器在对用户身份认证数据进行认证后,再执行将用户ID与终端的通信标识进行关联并存储的步骤。其中,用户身份认证数据是电子签名设备对待签名数据签名得到的,待签名数据可以通过如下方式之一得到:
方式一:待签名数据可以就是用户ID。
方式二:待签名数据可以包括单次认证数据,该单次认证数据可以为电子签名设备生成的,也可以为终端接收到服务器发送的并发送至电子签名设备的。该单次认证数据可以为随机数和事件因子之一或其组合,其中事件因子可以为每生成一次累计+1或任意值等方式生成的。
方式三:方式二中的单次认证数据和用户ID的组合。
方式四:电子签名设备在注册时设置的密码或者与电子签名设备关联的动态口令牌生成的动态密码。
S1902:将用户ID与终端的通信标识进行关联并存储;
具体的,服务器在收到终端发送的用户ID后,将用户ID与终端的通信标识进行关联并存储,由此,服务器可以知晓用户使用的终端,以便通知终端开启用户请求使用的业务。在用户不携带需要使用电子设备情况下,只要随身携带电子签名设备,与任意终端连接,在服务器上签到关联终端的通信标识与用户的ID,服务器便可以将该用户ID的业务接续到用户当前签到的终端上,从而使得用户可以使用同一ID在任何终端上实现其请求的业务。为用户对电子设备的使用提供了便捷。
另外,在本发明实施例的一个可选实施方案中,在步骤S1901中,如果终端在发送的签到请求中携带了用户身份认证数据,在服务器收到终端的签到请求之后,本步骤中,服务器还可以对接收到的终端发送的用户身份认证数据进行认证,并在认证通过后,执行将 用户ID与终端的通信标识进行关联并存储的步骤。具体的,服务器可以通过用户在服务器上为电子签名设备注册时存储的电子签名设备的公钥对签名数据进行验签的方式进行身份认证,也可以验证静态密码或者动态密码的方式进行身份认证。由此保证只有在认证用户身份合法后,才执行将用户ID与终端的通信标识进行关联并存储的步骤,保证用户签到的合法性。
当然,在本发明实施例的一个可选实施方案中,服务器设定为,可以同时存储一个以上的用户ID与不同终端的通信标识的关联关系,用户可以在一个以上的不同终端进行签到,所有终端均开启用户请求使用的业务。进一步的,当服务器需要向用户正在使用的终端发出信息或建立进一步的通信联系时,可向一个以上的不同终端广播待响应信息,用户正在使用的终端根据待响应信息向服务器发出响应信息,服务器根据响应信息确定用户正在使用的终端,响应信息可以是前述可选实施方案中的用户身份认证数据。保障仅用户本人可以接收到服务器发出的信息或与服务器建立进一步的通信联系。
当然,在本发明实施例的一个可选实施方案中,服务器设定为仅可以存储一个用户ID与终端的通信标识的关联关系,即在本步骤S1902,将用户ID与终端的通信标识进行关联并存储之前,还可以包括,服务器检测用户ID是否已存在关联关系,如果用户ID已存在关联关系,则服务器需先解除关联关系,保障用户仅可同时使用一个终端设备,避免非法签到。可选的,在解除关联关系后,服务器向解除关联关系的终端发送删除关联信息,该终端根据删除关联信息关闭用户请求使用的功能。
当然,在本发明实施例的一个可选实施方案中,在本步骤S1902,将用户ID与终端的通信标识进行关联并存储之后,还可以包括,服务器发送关联成功信息至终端。用于提示终端开启用户申请使用的功能,便于用户正常使用终端。
当然,在本发明实施例的一个可选实施方案中,在本步骤S1902,将用户ID与终端的通信标识进行关联并存储之后,还可以包括,服务器删除用户ID与终端的通信标识的关联关系。基于此,服务器可以释放对用户的签到,不影响被用户签到的终端的正常使用。当然,服务器可以通过如下方式触发释放对用户的签到的流程:接收终端发送的释放签到指令,服务器判断需要释放签到后:在本发明实施例的一个可选实施方案中,如果服务器接收到终端发送的释放签到指令,则服务器还可以对用户的身份进行验证,以保证释放签到的用户身份合法。此时,服务器可以接收终端返回的用户身份认证数据,并进行身份认证,在身份认证通过后,执行服务器删除用户ID与终端的通信标识的关联关系的步骤。具体的,终端返回的用户身份认证数据可以采用与终端发送签到请求时相同的方式生成,服务器可以采用对应的认证方法进行认证,在此不再赘述。
通过本实施例中提供的方法,在用户不携带需要使用电子设备情况下,只要随身携带 电子签名设备,与任意终端连接,在服务器上签到关联终端的通信标识与用户的ID,服务器便可以将该用户ID的业务接续到用户当前签到的终端上,从而使得用户可以使用同一ID在任何终端上实现其请求的业务,此外,本实施例中,通过终端对电子签名设备进行身份认证,服务器对终端及用户身份进行认证,在认证通过后,就可以利用电子签名设备使任意终端在服务器上获得权限,从而可将任意终端随时个人化。如用户在未携带个人电脑的情况下,可在任意终端上通过电子签名设备在服务器上获得终端与用户ID的关联,获得权限,进而使用用户已购买的收费软件,在结束使用时,使用电子签名设备结束终端与用户ID的关联(即释放签到),不影响用户在其他终端上使用,在此情况下,公共终端可以预装任意收费软件,已购买权限的用户可使用用户ID与终端关联的方式使用收费软件。或者,用户可使用任意固定电话、PC或移动终端拨打或接听电话,通过电子签名设备在服务器上进行终端的通信标识与用户ID的关联,进而用该终端拨打或接听个人来电,无须携带手机。
实施例18
如图27所示,本实施例提供了一种签到方法,应用于终端侧,该签到方法可以通过实施例1中的终端实现,主要可以包括以下步骤:(S2001~S2002)
S2001:终端判断是否满足触发签到的规则;
在本发明实施例的一个可选实施方案中,终端判断是否满足签到的规则,其中,签到规则至少包含以下一项:终端接收到用户输入的签到指令;终端接收到服务器发送的签到指令;终端接收到与其连接的电子签名设备的签到指令。终端满足签到规则后向服务器发送通信标识和签到请求,可避免恶意签到。
S2002,在满足触发签到的规则后,终端向服务器发送通信标识和签到请求,签到请求中携带有用户ID,用于指示服务器将用户ID与终端的通信标识关联;
其中,用户ID为用户在服务器上为用户使用的电子签名设备注册的唯一标识;在注册时,电子签名设备保存用户ID,用户ID可以是但不限于以下方式:数字、字母、字符、汉字之一或其组合。该用户ID相当身份识别号码,方便服务器识别用户。电子签名设备包括但不限于具有安全芯片的电子签名钥匙(KEY设备,例如工行的U盾或农行的K宝等)、具有安全芯片的智能卡等,其中,安全芯片能够进行签名运算、加解密运算、协商传输密钥的功能。
通信标识为终端在服务器上的通信标识,服务器可通过该通信标识寻找到终端,通信标识可以为终端的端口号(如固定电话的端口号)、IP地址/MAC地址(PC等的IP地址/MAC地址)、SIM卡的鉴权密钥(如移动终端的SIM卡)等,以便告知服务器用户使用的是哪一个终端,以便服务器确定终端。
在本发明实施例的一个可选实施方案中,在步骤S2001之前,本实施例的签到方法还包括:终端获取用户ID。可选的,从与终端连接的电子签名设备获取用户ID,从终端获取到用户ID,用户无需记忆该ID,方便用户使用,提高用户体验(其中,该用户ID可以是电子签名设备存储的,也可以是电子签名设备接收用户通过键盘输入的),或者,终端获取用户通过终端键盘输入的用户ID。
作为本发明实施例的一种可选方式,本实施例的签到方法还包括:终端在签到请求中携带用户身份认证数据,以实现服务器侧对用户的身份认证,保证用户身份的合法,进而保证终端使用的安全。身份认证数据是电子签名设备对待签名数据签名得到的。其中,待签名数据的获取方式与实施例1中待签名数据的获取方式相同,在此不再赘述。
作为本发明实施例的一种可选方式,本实施例的签到方法还包括:终端接收服务器发送的关联成功信息,终端根据该通知开启用户请求使用的业务。
作为本发明实施例的一种可选方式,在终端向服务器发送签到请求之后,本实施例的签到方法还包括:终端向服务器发送释放签到请求,释放签到请求中携带有用户ID,用于指示服务器删除用户ID与终端的通信标识的关联关系。由此,终端可以释放签到,不影响被用户签到的终端的正常使用。
其中,触发终端向服务器发送释放签到请求之前,终端还可以接收释放签到指令,具体包括以下方式的一种或多种:
方式一:终端接收到用户输入的释放签到指令,例如,用户输入“9#”,表示用户请求释放签到;
方式二:终端接收到服务器发送的释放签到指令;
方式三:终端接收到与其连接的电子签名设备的释放签到指令,例如,用户按着电子签名设备上的C键断开电子签名设备与终端的连接,这时,电子签名设备在与终端断开连接时也会发出一个释放签到指令给终端。
通过该可选实施例,用户可以在不使用某个终端时,释放与该终端的关联关系,从而使得其它用户可以使用该终端,提高了终端的利用率。
作为本发明实施例的一种可选方式,为了进一步保证安全,保证释放签到是由真实的用户发起的,本实施例的签到方法还包括:终端在释放签到请求中携带身份认证数据,以实现服务器侧对用户的身份认证,保证安全。该释放签到请求中携带的身份认证数据可以与在签到请求中携带的身份认证数据以相同的机制生成,在此不再赘述。
作为本发明实施例的一种可选方式,本实施例的签到方法还包括:终端接收服务器发送的解除关联信息后,该终端根据解除关联信息关闭用户请求使用的功能,确保终端的正常使用。
作为本发明实施例的一个可选实施方案,终端可以与电子签名设备间通过无线方式连接,也可以通过有线方式连接,无线方式可以包括:蓝牙、WIFI、NFC、红外或RFID等方式;有线方式可以包括:USB、音频(耳机插头)RJ11、RJ45或串口等方式。
通过本实施例中提供的方法,在用户不携带需要使用电子设备情况下,只要随身携带电子签名设备,与任意终端连接,在服务器上签到关联终端的通信标识与用户的ID,服务器便可以将该用户ID的业务接续到用户当前签到的终端上,从而使得用户可以使用同一ID在任何终端上实现其请求的业务,此外,本实施例中,通过终端对电子签名设备进行身份认证,服务器对终端及用户身份进行认证,在认证通过后,就可以利用电子签名设备使任意终端在服务器上获得权限,从而可将任意终端随时个人化。如用户在未携带个人电脑的情况下,可在任意终端上通过电子签名设备在服务器上获得终端与用户ID的关联,获得权限,进而使用用户已购买的收费软件,在结束使用时,使用电子签名设备结束终端与用户ID的关联(即释放签到),不影响用户在其他终端上使用,在此情况下,公共终端可以预装任意收费软件,已购买权限的用户可使用用户ID与终端关联的方式使用收费软件。或者,用户可使用任意固定电话、PC或移动终端拨打或接听电话,通过电子签名设备在服务器上进行终端的通信标识与用户ID的关联,进而用该终端拨打或接听个人来电,无须携带手机。
实施例19
本发明实施例提供一种签到处理装置,该装置是与实施例17提供的签到方法一一对应的,在此仅做简单说明,本实施例的签到处理装置可以设置在实施例17~18的服务器中。
图28为本实施例提供的签到处理装置的结构示意图,如图28所示,该装置可以包括:接收模块3001,用于接收终端发送的签到请求,其中,签到请求中包括用户ID;用户ID为用户在签到处理装置上为用户使用的电子签名设备注册的唯一标识;接收模块3002,用于将用户ID与终端的通信标识进行关联并存储。
在本发明实施例的一个可选实施方案中,如图29所示,签到处理装置还可以包括:第一认证模块3003,用于对接收到的终端发送的第一用户身份认证数据进行认证,并在认证通过后,触发接收模块3002将用户ID与终端的通信标识进行关联并存储。第一用户身份认证数据可以是携带在签到请求中发送给签到处理装置的,该用户身份认证数据是电子签名设备利用私钥对待签名数据进行签名得到,待签名数据可以是电子签名设备确定的,也可以是签到处理装置发送过来的,如果是电子签名设备确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保发起签到请求的用户的身份,避免了恶意的签到。
在本发明实施例的一个可选实施方案中,如图29所示,该签到处理装置中还可以包括: 删除模块3004,用于删除用户ID与终端的通信标识的关联关系。在具体应用中,删除模块3004可以是主动删除上述关联关系,也可以是在终端的触发下删除上述关联关系。通过该可选实施方式,可以及时释放用户ID与终端的关联关系,从而使得其它用户可以使用终端,提高了终端的利用率。在上述可选实施方式中,如果是删除模块是在终端的触发下删除上述关联关系,则在删除上述关系之前,还可以对用户的身份进行认证。因此,在在本发明实施例的一个可选实施方案中,接收模块3001还用于接收终端返回的用户身份认证数据;如图29所示,该装置还包括:第二身份认证模块305,用于根据身份认证数据进行身份认证,在身份认证通过后,触发删除模块3004删除用户ID与终端的通信标识的关联关系。
在本发明实施例的一个可选实施方案中,该签到处理装置还可以包括:通知模块,用于在删除模块删除用户ID与终端的通信标识的关联关系之后,向终端发送删除关联信息,终端根据该通知关闭用户请求使用的功能,从而使得用户便于在其他终端签到。通知模块,还用于在存储模块将用户ID与终端的通信标识进行关联存储之后,向终端发送关联成功信息,终端可根据该通知开启用户请求使用的功能。
在本发明实施例的一个可选实施方案中,签到处理装置可以设定为可以同时存储用户ID与多个终端的通信标识的关联关系,也设定为仅可以同时存储用户ID与一个终端的通信标识的关联关系。当签到处理装置仅可以同时存储用户ID与一个终端的通信标识的关联关系时,该签到处理装置还可以包括:检测模块,用于在存储模块将用户ID与终端的通信标识进行关联存储之前,检测是否已存在用户ID与其他终端的关联关系,如果存在,删除存储模块中的关联关系。确保用户ID仅能与一个终端关联,避免非法操作。
通过本实施例中提供的方法,在用户不携带需要使用电子设备情况下,只要随身携带电子签名设备,与任意终端连接,在签到处理装置上签到关联终端的通信标识与用户的ID,签到处理装置便可以将该用户ID的业务接续到用户当前签到的终端上,从而使得用户可以使用同一ID在任何终端上实现其请求的业务,此外,本实施例中,通过终端对电子签名设备进行身份认证,签到处理装置对终端及用户身份进行认证,在认证通过后,就可以利用电子签名设备使任意终端在签到处理装置上获得权限,从而可将任意终端随时个人化。如用户在未携带个人电脑的情况下,可在任意终端上通过电子签名设备在签到处理装置上获得终端与用户ID的关联,获得权限,进而使用用户已购买的收费软件,在结束使用时,使用电子签名设备结束终端与用户ID的关联(即释放签到),不影响用户在其他终端上使用,在此情况下,公共终端可以预装任意收费软件,已购买权限的用户可使用用户ID与终端关联的方式使用收费软件。或者,用户可使用任意固定电话、PC或移动终端拨打或接听电话,通过电子签名设备在签到处理装置上进行终端的通信标识与用户ID的关联,进而用该终端 拨打或接听个人来电,无须携带手机。
实施例20
本发明实施例提供一种签到装置,该装置是与实施例18提供的签到方法一一对应的,在此仅做简单说明,本实施例的签到装置以设置在实施例17~18的终端中。
图30为本实施例提供的签到装置的结构示意图,如图30所示,该装置可以包括:签到触发模块4001,用于判断是否满足触发签到的规则,如果满足,则触发发送模块发送签到请求至服务器;发送模块4002,用于在签到触发模块触发后向服务器发送签到请求,签到请求中携带有用户ID,用户ID用于指示服务器将用户ID与签到装置的通信标识关联,用户ID为用户在服务器上为用户使用的电子签名设备注册的唯一标识。
在本发明实施例的一个可选实施方案中,签到触发模块4001判断是否满足触发签到的规则,包括以下至少一项:接收到用户输入的签到指令;接收到服务器发送的签到指令;接收到与其连接的电子签名设备的签到指令。
在本发明实施例的一个可选实施方案中,签到装置还可以包括:获取模块,用于从与签到装置连接的电子签名设备获取用户ID。
在本发明实施例的一个可选实施方案中,签到装置还可以包括:认证模块,用于对电子签名设备进行身份认证。在该可选实施方式中,认证模块可以预先保存用户的公钥,在从电子签名设备获取用户的ID时,可以指示电子签名设备发送身份认证数据,电子签名设备接收到指示后,利用保存在私钥对待签名数据进行签名后得到身份认证数据,将身份认证数据发送给认证模块,认证模块利用公钥对身份认证数据进行认证,并在认证通过后,可以使用电子签名设备中存储的用户的ID。其中,在该可选实施方式中,待签名数据可以是认证模块发送给电子签名设备的,也可以是电子签名设备自己确定的,这种情况下,电子签名设备可以将待签名数据的明文与身份认证数据一起发送给认证模块。当然,认证模块对电子签名设备进行身份认证还可以是其他形式的认证,例如通过密码方式进行认证等。
在本发明实施例的一个可选实施方案中,签到装置的发送模块4002,还用于在签到请求中携带用户身份认证数据,用户身份认证数据是电子签名设备对待签名数据签名得到的,由获取模块403从与签到装置连接的电子签名设备获取。其中,待签名数据的获取方式与实施例2中的获取方式相同,在此不再赘述。同样,待签名数据可以是电子签名设备确定的,也可以是服务器发送过来的,如果是电子签名设备确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保发起签到请求的用户的身份,避免了恶意的签到。
在本发明实施例的一个可选实施方案中,签到装置的发送模块4002,还用于向服务器 发送释放签到请求,释放签到请求中携带有用户ID,用于指示服务器删除用户ID与签到装置的通信标识的关联关系。通过该可选实施方式,用户可以及时释放用户的ID与签到装置的关联关系,从而使得其它用户可以使用该签到装置,提高了终端的利用率。
为了确保上述发起释放签到请求的用户的确是用户,避免非法释放,在本发明实施例的一个可选实施方案中,发送模块4002还用于在释放签到请求中携带用户身份认证数据。在该可选实施方式中,释放签到请求中携带的身份认证数据为电子签名设备利用私钥对待签名数据进行签名后得到的数据,待签名数据可以是电子签名设备确定的,也可以是服务器通过验签请求发送过来的,如果是电子签名设备确定的,则在签到请求中还携带有待签名数据的明文。通过该可选实施方案,可以确保释放签到的用户的身份,避免了非法释放,确保了用户的终端使用安全。
在本发明实施例的一个可选实施方案中,签到装置还包括开启模块,开启模块用于在接收到服务器发送的关联通知时,开启用户申请使用的功能。
在本发明实施例的一个可选实施方案中,签到装置还包括解除模块,解除模块用于在接收到服务器发送的解除关联通知时,关闭用户申请使用的功能。
作为本发明实施例的一个可选实施方案,签到装置可以与电子签名设备间通过无线方式连接,也可以通过有线方式连接,无线方式可以包括:蓝牙、WIFI、NFC、红外或RFID等方式;有线方式可以包括:USB、音频(耳机插头)RJ11、RJ45或串口等方式。
通过本实施例中提供的方法,在用户不携带需要使用电子设备情况下,只要随身携带电子签名设备,与任意签到装置连接,在签到处理装置上签到关联签到装置的通信标识与用户的ID,签到处理装置便可以将该用户ID的业务接续到用户当前签到的签到装置上,从而使得用户可以使用同一ID在任何签到装置上实现其请求的业务,此外,本实施例中,通过签到装置对电子签名设备进行身份认证,签到处理装置对签到装置及用户身份进行认证,在认证通过后,就可以利用电子签名设备使任意签到装置在签到处理装置上获得权限,从而可将任意设置了签到装置的终端随时个人化。如用户在未携带个人电脑的情况下,可在任意设置了签到装置的终端上通过电子签名设备在签到处理装置上获得签到装置与用户ID的关联,获得权限,进而使用用户已购买的收费软件,在结束使用时,使用电子签名设备结束终端与用户ID的关联(即释放签到),不影响用户在其他终端上使用,在此情况下,公共终端可以预装任意收费软件,已购买权限的用户可使用用户ID与终端关联的方式使用收费软件。或者,用户可使用任意固定电话、PC或移动终端拨打或接听电话,通过电子签名设备在签到处理装置上进行终端的通信标识与用户ID的关联,进而用该终端拨打或接听个人来电,无须携带手机。
流程图中或在此以其他方式描述的任何过程或方法描述可以被理解为,表示包括一个 或更多个用于实现特定逻辑功能或过程的步骤的可执行指令的代码的模块、片段或部分,并且本发明的优选实施方式的范围包括另外的实现,其中可以不按所示出或讨论的顺序,包括根据所涉及的功能按基本同时的方式或按相反的顺序,来执行功能,这应被本发明的实施例所属技术领域的技术人员所理解。
应当理解,本发明的各部分可以用硬件、软件、固件或它们的组合来实现。在上述实施方式中,多个步骤或方法可以用存储在存储器中且由合适的指令执行系统执行的软件或固件来实现。例如,如果用硬件来实现,和在另一实施方式中一样,可用本领域公知的下列技术中的任一项或他们的组合来实现:具有用于对数据信号实现逻辑功能的逻辑门电路的离散逻辑电路,具有合适的组合逻辑门电路的专用集成电路,可编程门阵列(PGA),现场可编程门阵列(FPGA)等。
本技术领域的普通技术人员可以理解实现上述实施例方法携带的全部或部分步骤是可以通过程序来指令相关的硬件完成,所述的程序可以存储于一种计算机可读存储介质中,该程序在执行时,包括方法实施例的步骤之一或其组合。
此外,在本发明各个实施例中的各功能单元可以集成在一个处理模块中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。所述集成的模块如果以软件功能模块的形式实现并作为独立的产品销售或使用时,也可以存储在一个计算机可读取存储介质中。
上述提到的存储介质可以是只读存储器,磁盘或光盘等。
在本说明书的描述中,参考术语“一个实施例”、“一些实施例”、“示例”、“具体示例”、或“一些示例”等的描述意指结合该实施例或示例描述的具体特征、结构、材料或者特点包含于本发明的至少一个实施例或示例中。在本说明书中,对上述术语的示意性表述不一定指的是相同的实施例或示例。而且,描述的具体特征、结构、材料或者特点可以在任何的一个或多个实施例或示例中以合适的方式结合。
尽管上面已经示出和描述了本发明的实施例,可以理解的是,上述实施例是示例性的,不能理解为对本发明的限制,本领域的普通技术人员在不脱离本发明的原理和宗旨的情况下在本发明的范围内可以对上述实施例进行变化、修改、替换和变型。本发明的范围由所附权利要求及其等同限定。

Claims (29)

  1. 一种呼叫方法,其特征在于,包括:
    固定电话机从电子签名设备获取用户的ID;
    所述固定电话机向服务器发送签到请求,其中,所述签到请求中携带有所述用户的ID;
    所述服务器接收所述签到请求,将所述用户的ID与所述固定电话机的通信标识关联存储;
    所述服务器接收对所述用户的ID的呼叫,根据所述用户的ID与所述固定电话机的通信标识的关联关系,将所述呼叫接续到与所述通信标识对应的所述固定电话机。
  2. 根据权利要求1所述的方法,其特征在于,在所述服务器将所述用户的ID与所述固定电话机的通信标识关联存储之前,所述方法还包括:
    所述服务器对所述电子签名设备进行身份认证,认证通过后,执行将所述用户的ID与所述固定电话机的通信标识关联存储的步骤。
  3. 根据权利要求1至2中任一项所述的方法,其特征在于,在所述固定电话机向服务器发送签到请求之前,所述方法还包括:
    所述固定电话机对所述电子签名设备进行身份认证。
  4. 根据权利要求1至2任一项所述的方法,其特征在于,在将所述用户的ID与所述固定电话机的通信标识关联存储之后,还包括:
    所述服务器删除所述用户的ID与所述固定电话机的通信标识的关联关系。
  5. 根据权利要求4所述的方法,其特征在于,在所述固定电话机向所述服务器发送签到请求之后,所述服务器删除所述用户的ID与所述固定电话机的通信标识的关联关系之前,还包括:
    所述固定电话机向所述服务器发送第一释放签到请求,其中,所述第一释放签到请求中携带有所述用户的ID;
    所述服务器接收所述第一释放签到请求。
  6. 根据权利要求1至5任一项所述的方法,其特征在于,在所述服务器接收对所述用户的ID的呼叫之后,还包括:
    判断所述呼叫的类型为预设的呼叫类型,执行将所述呼叫接续到所述固定电话机的步骤。
  7. 一种呼叫系统,其特征在于,包括:
    电子签名设备,用于存储用户的ID;
    固定电话机,用于从所述电子签名设备获取用户的ID,以及向服务器发送签到请求, 其中,所述签到请求中携带有所述用户的ID;
    所述服务器,用于接收所述签到请求,将所述用户的ID与所述固定电话机的通信标识关联存储,以及接收对所述用户的ID的呼叫,根据所述用户的ID与所述固定电话机的通信标识的关联关系,将所述呼叫接续到与所述通信标识对应的所述固定电话机。
  8. 根据权利要求7所述的系统,其特征在于,所述服务器还用于在将所述用户的ID与所述固定电话机的通信标识关联存储之前,对所述电子签名设备进行身份认证,认证通过后,触发将所述用户的ID与所述固定电话机的通信标识关联存储的操作。
  9. 根据权利要求7至8中任一项所述的系统,其特征在于,所述固定电话机还用于在向服务器发送签到请求之前,对所述电子签名设备进行身份认证。
  10. 根据权利要求7至9任一项所述的系统,其特征在于,所述服务器还用于在将所述用户的ID与所述固定电话机的通信标识关联存储之后,删除所述用户的ID与所述固定电话机的通信标识的关联关系。
  11. 根据权利要求10所述的系统,其特征在于,
    所述固定电话机还用于在向所述服务器发送签到请求之后,向所述服务器发送第一释放签到请求,其中,所述第一释放签到请求中携带有所述用户的ID;
    所述服务器还用于接收所述第一释放签到请求,触发删除所述用户的ID与所述固定电话机的通信标识的关联关系的操作。
  12. 根据权利要求7至11任一项所述的系统,其特征在于,所述服务器还用于接收对所述用户的ID的呼叫之后,判断所述呼叫的类型为预设的呼叫类型,触发将所述呼叫接续到所述固定电话机的操作。
  13. 一种固定电话机,其特征在于,包括:
    第二收发模块,用于从电子签名设备获取用户的ID;
    第一收发模块,用于向服务器发送签到请求,其中,所述签到请求中携带有所述用户的ID;
    通话模块,用于接收服务器发送的呼叫,与主叫端建立通话。
  14. 根据权利要求13所述的固定电话机,其特征在于,还包括:
    认证模块,用于对所述电子签名设备进行身份认证。
  15. 根据权利要求13至14任一项所述的固定电话机,其特征在于,
    所述第一收发模块还用于向所述服务器发送第一释放签到请求,其中,所述第一释放签到请求中携带有所述用户的ID。
  16. 一种终端,包括:通信接口,其特征在于,还包括:控制模块以及电子签名设备接口;
    所述电子签名设备接口,用于从电子签名设备接收签到数据,并将所述签到数据发送至所述控制模块,所述签到数据至少包括所述终端的用户的ID;
    所述控制模块,用于将所述签到数据发送至所述通信接口;
    所述通信接口,用于将所述签到数据外发。
  17. 根据权利要求16所述的终端,其特征在于,还包括:听筒以及麦克;
    所述通信接口,还用于接收来自外部的第一通话数据,并将所述第一通话数据发送至所述控制模块;
    所述控制模块,还用于将所述第一通话数据对应的第二通话数据发送至所述听筒;接收所述麦克发送的第三通话数据,将所述第三通话数据对应的第四通话数据发送至所述通信接口;
    所述通信接口,还用于将所述第四通话数据外发。
  18. 根据权利要求17所述的终端,其特征在于,
    所述第二通话数据为经由所述电子签名设备对所述第一通话数据进行解密得到的;
    所述第四通话数据为经由所述电子签名设备对所述第三通话数据进行加密得到的。
  19. 根据权利要求16至18任一项所述的终端,其特征在于,还包括:输入装置;
    所述输入装置,接收到输入的第一输入数据,并将所述第一输入数据发送至所述控制模块;
    所述控制模块,将所述第一输入数据对应的第二输入数据发送至所述通信接口。
  20. 根据权利要求19所述的终端,其特征在于,
    所述第二输入数据为经由所述电子签名设备对所述第一输入数据进行加密得到的。
  21. 根据权利要求17所述的终端,其特征在于,
    所述控制模块为安全芯片。
  22. 根据权利要求21所述的终端,其特征在于,
    所述第二通话数据为经由所述安全芯片对所述第一通话数据进行解密得到的;
    所述第四通话数据为经由所述安全芯片对所述第三通话数据进行加密得到的。
  23. 根据权利要求21所述的终端,其特征在于,还包括:输入装置;
    所述输入装置,接收到输入的第一输入数据,并将所述第一输入数据发送至所述安全芯片;
    所述安全芯片,将所述第一输入数据对应的第二输入数据发送至所述通信接口;
    所述第二输入数据为经由所述电子签名设备对所述第一输入数据进行加密得到的。
  24. 根据权利要求21至23任一项所述的终端,其特征在于,
    所述安全芯片,还用于从所述电子签名设备接口接收到传输密钥,并保存所述传输密 钥。
  25. 根据权利要求24所述的终端,其特征在于,
    所述安全芯片,还用于从所述电子签名设备接口或者所述通信接口或者所述输入装置接收释放签到数据,将保存的所述传输密钥删除。
  26. 根据权利要求21至25任一项所述的终端,其特征在于,
    所述安全芯片,还用于对电子签名设备进行认证。
  27. 根据权利要求24或25所述的终端,其特征在于,
    所述安全芯片,还用于将当前传输密钥条变为新的传输密钥。
  28. 根据权利要求16至27任一项所述的终端,其特征在于,
    所述电子签名设备接口还用于从所述电子签名设备接收所述电子签名设备对待签名数据进行签名获得的身份认证数据,并将所述身份认证数据发送到所述控制模块;
    所述控制模块还用于将所述身份认证数据发送至所述通信接口;
    所述通信接口还用于将所述身份认证数据外发。
  29. 一种通话系统,其特征在于,包括电子签名设备以及如权利要求16至28任一项所述的终端;所述电子签名设备与所述终端的电子签名设备接口连接。
PCT/CN2015/099912 2014-12-31 2015-12-30 呼叫方法及系统、固定电话机 WO2016107583A1 (zh)

Applications Claiming Priority (10)

Application Number Priority Date Filing Date Title
CN201410855585.5 2014-12-31
CN201410854449.4 2014-12-31
CN201410854449 2014-12-31
CN201410855585 2014-12-31
CN201510112531.4A CN104935758B (zh) 2014-12-31 2015-03-13 呼叫方法、装置及系统
CN201510112694.2 2015-03-13
CN201510112531.4 2015-03-13
CN201510112694.2A CN104935687B (zh) 2014-12-31 2015-03-13 一种终端和通话系统
CN201510406003.XA CN105119887B (zh) 2014-12-31 2015-07-10 呼叫方法及系统
CN201510406003.X 2015-07-10

Publications (1)

Publication Number Publication Date
WO2016107583A1 true WO2016107583A1 (zh) 2016-07-07

Family

ID=56284301

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/099912 WO2016107583A1 (zh) 2014-12-31 2015-12-30 呼叫方法及系统、固定电话机

Country Status (1)

Country Link
WO (1) WO2016107583A1 (zh)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112953725A (zh) * 2021-02-23 2021-06-11 浙江大华技术股份有限公司 设备私钥的确定方法及装置、存储介质、电子装置
CN114124383A (zh) * 2021-11-30 2022-03-01 中国人民解放军国防科技大学 复用同步光的地址跳变图案生成方法、装置及计算机设备
CN114760625A (zh) * 2022-04-15 2022-07-15 中国电信股份有限公司 加密通话方法、装置及系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102984335A (zh) * 2012-12-03 2013-03-20 中国联合网络通信集团有限公司 拨打固定电话的身份认证方法、设备和系统
CN103685792A (zh) * 2012-09-25 2014-03-26 阿瓦亚公司 实现非固定位置办公的系统和方法
CN104935758A (zh) * 2014-12-31 2015-09-23 天地融科技股份有限公司 呼叫方法、装置及系统
CN104935687A (zh) * 2014-12-31 2015-09-23 天地融科技股份有限公司 一种终端和通话系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103685792A (zh) * 2012-09-25 2014-03-26 阿瓦亚公司 实现非固定位置办公的系统和方法
CN102984335A (zh) * 2012-12-03 2013-03-20 中国联合网络通信集团有限公司 拨打固定电话的身份认证方法、设备和系统
CN104935758A (zh) * 2014-12-31 2015-09-23 天地融科技股份有限公司 呼叫方法、装置及系统
CN104935687A (zh) * 2014-12-31 2015-09-23 天地融科技股份有限公司 一种终端和通话系统
CN105119887A (zh) * 2014-12-31 2015-12-02 天地融科技股份有限公司 呼叫方法及系统、固定电话机

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112953725A (zh) * 2021-02-23 2021-06-11 浙江大华技术股份有限公司 设备私钥的确定方法及装置、存储介质、电子装置
CN114124383A (zh) * 2021-11-30 2022-03-01 中国人民解放军国防科技大学 复用同步光的地址跳变图案生成方法、装置及计算机设备
CN114124383B (zh) * 2021-11-30 2024-01-16 中国人民解放军国防科技大学 复用同步光的地址跳变图案生成方法、装置及计算机设备
CN114760625A (zh) * 2022-04-15 2022-07-15 中国电信股份有限公司 加密通话方法、装置及系统
CN114760625B (zh) * 2022-04-15 2024-03-01 中国电信股份有限公司 加密通话方法、装置及系统

Similar Documents

Publication Publication Date Title
CN104935758B (zh) 呼叫方法、装置及系统
CN106059869B (zh) 一种物联网智能家居设备安全控制方法及系统
CN104935432B (zh) 一种多方通话呼叫方法、装置、服务器及系统
US10038676B2 (en) Call encryption systems and methods
CN105743932B (zh) 基于票据的配置参数验证
CN108702622A (zh) 移动网络接入认证方法、装置、存储介质及区块链节点
US20130136261A1 (en) Method and System for Mobile Terminals Handing Over between Clear Session and Encrypted Session Communications
CN100466805C (zh) 一种端到端加密语音通信的方法
JP2007535193A (ja) ピアツーピア電話システムおよび方法
CN101552986B (zh) 一种流媒体业务的接入认证方法及系统
JP4848052B2 (ja) Vpnによる秘匿通信方法、そのシステム、そのプログラム、並びに、そのプログラムの記録媒体
CN104683098B (zh) 一种保密通信业务的实现方法、设备及系统
JP2018522323A (ja) 音声通信処理方法及びシステム、電子装置、並びに記憶媒体
WO2017063438A1 (zh) 一种语音加密方法、系统和装置
CN103795966B (zh) 一种基于数字证书的安全视频通话实现方法及系统
WO2016107583A1 (zh) 呼叫方法及系统、固定电话机
CN105792185A (zh) 一种通过一部智能手机使用多个手机号码的系统及方法
CN112202770A (zh) 设备联网方法及装置、设备、存储介质
CN107317943B (zh) 设定呼叫转移的方法及系统
CN107070918B (zh) 一种网络应用登录方法和系统
JP2009528607A (ja) 2つの携帯電話を使用して事前に認証するステップを具備する2つのサーバ間のトランザクション方法
CN101355485B (zh) 一种网络接入认证转换的方法及系统和装置
KR20140058196A (ko) 모바일 메시지 데이터의 보안 장치 및 방법
WO2012139486A1 (zh) 用户信息同步方法及其系统
CN104936051A (zh) 一种耳机、音箱和通话系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15875259

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15875259

Country of ref document: EP

Kind code of ref document: A1