WO2018153018A1 - Procédé et système de mise à jour de clé - Google Patents

Procédé et système de mise à jour de clé Download PDF

Info

Publication number
WO2018153018A1
WO2018153018A1 PCT/CN2017/094617 CN2017094617W WO2018153018A1 WO 2018153018 A1 WO2018153018 A1 WO 2018153018A1 CN 2017094617 W CN2017094617 W CN 2017094617W WO 2018153018 A1 WO2018153018 A1 WO 2018153018A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
public
version
authorization certificate
public key
Prior art date
Application number
PCT/CN2017/094617
Other languages
English (en)
Chinese (zh)
Inventor
吴毅成
赵梦娜
杜海涛
Original Assignee
蔚来汽车有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 蔚来汽车有限公司 filed Critical 蔚来汽车有限公司
Publication of WO2018153018A1 publication Critical patent/WO2018153018A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Definitions

  • the present invention relates to a method and system for updating a key, and more particularly to a method and system for updating a key of an uninterrupted service.
  • the user accessing the network device is typically authenticated based on the following mechanism: (1) the authorization server generates a pair of public and private keys, and then the private key is retained on the authorization server and the public Key is distributed to a plurality of network devices; (2) the authorization server generates an authorization certificate based on the user request, the authorization certificate includes a signature encrypted via the private key; (3) when the user accesses the plurality of network devices using the authorization certificate At one time, the device decrypts the signature using the public key to verify that the identity of the user is legitimate.
  • the above existing technical solutions have the following problems: in order to enhance the security of device access, the public and private key pairs are often periodically updated, and after the public and private key pairs are updated, before the update.
  • the generated authorization certificate will be invalid, and the old public key cannot verify the signature encrypted with the new private key. Therefore, in case multiple (for example, hundreds of thousands) network devices use the same public key, in order to ensure the use
  • the authorization certificate issued by the new private key can be used normally on all network devices. It must be ensured that the public key of all network devices is updated before the authorization certificate can be issued with the new private key. However, due to the network device that needs to update the key.
  • the present invention proposes a key update method and system capable of updating a key without interruption of service.
  • a key update method comprising the following steps:
  • the authorization server periodically generates a pair of public and private keys, and each time a new public-private key pair is generated, the version number associated with the public-private key pair is incremented by one;
  • the authorization server upon receiving a request from a user, the authorization server generates an authorization certificate to return to the user, wherein the authorization certificate includes at least a signature Signature encrypted via a currently valid private key, a currently valid public key The version number version, the currently valid public key Public_key_code, and the public key obtained by encrypting the public key whose version number is version using the private key of version number (version-1) Public_key_code_enc;
  • the target network device verifies whether the identity of the user is legal based on the authorization certificate and the public key currently used by the target network device The key update operation is automatically completed if the version number is different from the version number version of the currently valid public key in the authorization certificate.
  • the step (A1) further comprises: in an initialization phase, the authorization server generates an initial public-private key pair, and distributes the initial public key and an initial version number associated therewith to the Each of the plurality of network devices, each of the plurality of network devices, in turn, associates the initial public key with a public key currently in use.
  • the step (A2) is further The method includes: encrypting a public key with a version number of version based on a predetermined signature encryption algorithm and/or a digest algorithm using a private key with a version number (version-1) to obtain a Public_key_code_enc.
  • the authorization certificate further includes a visitor ID, a device ID, and an expiration time.
  • the step (A2) further comprises: generating the signature Signature in the following manner: (1) calculating a currently valid public key in the authorization certificate based on a predetermined digest algorithm a summary of the content of the version number, the visitor ID, the device ID, and the expiration time; (2) encrypting the calculated digest using the private key with the version number version based on the predetermined signature encryption algorithm to obtain the signature Signature.
  • the step (A3) further comprises: after receiving the authorization certificate provided by the user, the target network device checks for a currently valid public key in the authorization certificate. Whether the version number version is consistent with the version number of the public key currently in use, and if it is inconsistent, triggers the key update operation; otherwise, it verifies whether the user's identity is legal in the following manner: (1) calculating the basis based on the predetermined digest algorithm Deriving a summary of the content of the currently valid public key in the authorization certificate, the visitor ID, the device ID, and the expiration time to obtain the first digest value; (2) decrypting the using the public key currently being used The signature Signature in the authorization certificate obtains the second digest value; (3) compares the first digest value with the second digest value, and if the two are consistent, the verification passes, otherwise, the verification fails.
  • the key update operation includes: (1) acquiring a currently valid public key Public_key_code in the authorization certificate as a first key, and utilizing the target network device is currently Using the public key to decrypt the Public_key_code_enc in the authorization certificate to obtain the second key; (2) comparing the first key and the second key, if the two are inconsistent, the verification fails, otherwise proceeds to step (3) (3) storing a version number version of the currently valid public key in the authorization certificate and a currently valid public key Public_key_code, and The currently valid public key Public_key_code in the authorization certificate is used as the new currently used public key to complete the key update, and then the new currently used public key is used to verify whether the user's identity is legal as follows: (a) Calculating, by the predetermined digest algorithm, a digest of content composed of a version number version, a visitor ID, a device ID, and an expiration time of the currently valid public key in the authorization certificate to obtain a first digest value; (b) utilizing the Decoding the signature
  • the step (A3) further comprises: after the key update operation is completed, the target network device still saves the old version of the public key and its version number, and is at the user
  • the provided authorization certificate is based on the authorization certificate of the old version of the public-private key pair, and the authorized certificate is verified by using the saved old version of the public key corresponding thereto, and then the user is prompted to apply to the authorization server if the verification is passed.
  • the step (A3) further comprises: after receiving the reminder from the target network device, the user requests the authorization server to apply for a public key based on the latest version Replace the old authorization certificate with the generated authorization certificate.
  • a key update system comprising:
  • An authorization server that periodically generates a pair of public and private keys, and each time a new public-private key pair is generated, the version number associated with the public-private key pair is incremented by one, and upon receiving a request from the user Generating an authorization certificate to return to the user, wherein the authorization certificate includes at least a signature Signature encrypted via a currently valid private key, a version number version of the currently valid public key, a currently valid public key Public_key_code, and a usage version.
  • the private key of (version-1) is encrypted with the public key of version version version Public_key_code_enc;
  • At least one network device based on any one of the at least one network device, after receiving the authorization certificate provided by a user who wants to access the network device
  • the authorization certificate verifies whether the identity of the user is legal and automatically completes the key update operation if the version number of the public key currently used by the network device is different from the version number version of the currently valid public key in the authorization certificate.
  • the key update method and system disclosed by the present invention have the following advantages: since the key update operation can be automatically performed when the user accesses the network device, there is no need to interrupt the service and there is no need to perform offline manual update or periodic heavy-duty for devices that are temporarily unable to be networked.
  • the test which significantly improves the efficiency and performance of key updates, thereby enhancing system security.
  • FIG. 1 is a flow chart of a key update method in accordance with an embodiment of the present invention.
  • FIG. 2 is a schematic structural diagram of a key update system according to an embodiment of the present invention.
  • the key update method disclosed in the present invention includes the following steps: (A1) The authorization server periodically generates a pair of public and private keys, and each time a new public-private key pair is generated, the public-private key is generated.
  • the authorization server upon receiving the request from the user, the authorization server generates an authorization certificate to return to the user, wherein the authorization certificate at least includes encryption via the currently valid private key Signature Signature, the version number of the currently valid public key version, the currently valid public key Public_key_code, and the data obtained by encrypting the public key with the version number version using the private key with version number (version-1) Public_key_code_enc; A3) when the user accesses one of the plurality of network devices using the authorization certificate, the target network device verifies whether the identity of the user is legal based on the authorization certificate and the public key currently used by the target network device If the version number is different from the version number version of the currently valid public key in the authorization certificate The key update operation is done automatically.
  • the step (A1) further includes: in an initialization phase, the authorization server generates an initial public-private key pair, and the initial public key and an initial version associated therewith The number is distributed to each of the plurality of network devices, each of the plurality of network devices subsequently using the initial public key as the currently used public key.
  • the step (A2) further comprises: using a version number based on a predetermined signature encryption algorithm (for example, an RSA algorithm) and/or a digest algorithm (for example, an MD5 algorithm) (The private key of version-1) encrypts (ie, signs) the public key with version version to get Public_key_code_enc.
  • a predetermined signature encryption algorithm for example, an RSA algorithm
  • a digest algorithm for example, an MD5 algorithm
  • the authorization certificate further includes a visitor ID (an identifier for identifying a user), a device ID (an identifier for identifying a target network device), and Expiration time (which indicates the expiration time of the authorization certificate).
  • the step (A2) further comprises: generating the signature Signature in the following manner: (1) based on a predetermined digest algorithm (such as a hash algorithm, such as the MD5 algorithm) Calculating a summary of content consisting of a version number version, a visitor ID, a device ID, and an expiration time of a currently valid public key in the authorization certificate; (2) using a version based on a predetermined signature encryption algorithm (eg, RSA algorithm) The calculated private key is encrypted and the calculated digest is encrypted to obtain the signature Signature.
  • a predetermined digest algorithm such as a hash algorithm, such as the MD5 algorithm
  • the step (A3) further includes: after receiving the authorization certificate provided by the user, the target network device checks that the authorization certificate is currently valid.
  • the version number of the public key is the same as the version number of the public key currently in use, and if it is inconsistent, the key update operation is triggered. Otherwise, it is verified whether the user's identity is legal as follows: (1) Based on the predetermined summary The algorithm calculates a version number version, a visitor ID, a device ID, and an expiration time of the currently valid public key in the authorization certificate.
  • the key update operation includes: (1) acquiring a currently valid public key Public_key_code (ie, a version version of the public key) in the authorization certificate as the first Key, and decrypting Public_key_code_enc in the authorization certificate to obtain a second key by using a public key currently being used by the target network device (ie, a (version-1) version of the public key); (2) comparing the first a key and a second key, if the two are inconsistent, the verification fails, otherwise proceeds to step (3); (3) stores the version number version of the currently valid public key in the authorization certificate and the currently valid public key Public_key_code, and use the currently valid public key Public_key_code (that is, the public key of the version version) in the authorization certificate as a new currently used public key to complete the key update, and then utilize the new currently used public
  • the key verifies whether the identity of the user is legal in the following manner: (a) calculating, based on the MD5 algorithm, a content consisting of
  • the step (A3) further includes: after the key update operation is completed, the target network device still saves the old version of the public key and its version number. (eg (version-1) version of the public key and / or earlier version of the public key and its version number), and use the saved and used when the user-provided authorization certificate is based on the authorization certificate of the old version of the public-private key pair
  • the corresponding old version of the public key verifies the authorization certificate, and then prompts the user to apply to the authorization server for the authorization certificate generated based on the latest version of the public-private key pair if the verification is passed.
  • the step (A3) further includes: after receiving the reminder from the target network device, the user requests to apply to the authorization server based on the latest The version of the public and private key pair generated authorization certificate to replace the old authorization certificate.
  • the key update method disclosed by the present invention has the following advantages: since the key update operation can be automatically performed when the user accesses the network device, there is no need to interrupt the service and there is no need to perform offline manual update for the device that is temporarily unable to be networked or Regular retry, which significantly improves the efficiency and performance of key updates, thereby enhancing system security.
  • the key update system disclosed by the present invention includes an authorization server 1 and at least one network device 2, which periodically generates a pair of public and private keys, and generates a new public and private each time.
  • the key pair is followed by a version number associated with the public-private key pair, and an authorization certificate is generated upon receipt of the request from the user to return to the user, wherein the authorization certificate includes at least encryption via the currently valid private key
  • the signature Signature, the version number version of the currently valid public key, the currently valid public key Public_key_code, and the data Public_key_code_enc obtained by encrypting the public key whose version number is version using the private key of version number (version-1).
  • the authorization server 1 generates an initial public-private key pair in an initialization phase, and distributes an initial public key and an initial version number associated therewith to the at least one network device. Each of the at least one network device then uses the initial public key as the currently used public key.
  • the authorization service The device 1 encrypts the public key whose version number is version using the private key of version number (version-1) based on the RSA algorithm to obtain Public_key_code_enc.
  • the authorization certificate further includes a visitor ID (identifier for identifying the user), a device ID (identifier for identifying the network device), and a period Full time (which indicates the expiration time of the authorization certificate).
  • the authorization server 1 generates the signature Signature in the following manner: (1) calculating based on a predetermined digest algorithm (such as a hash algorithm, such as MD5 algorithm) A summary of the content of the currently valid public key in the authorization certificate, the version of the visitor ID, the device ID, and the expiration time; (2) the version number based on the predetermined signature encryption algorithm (for example, the RSA algorithm) The private key encrypts the computed digest to obtain the signature Signature.
  • a predetermined digest algorithm such as a hash algorithm, such as MD5 algorithm
  • the private key encrypts the computed digest to obtain the signature Signature.
  • the network device 2 After receiving the authorization certificate provided by the user, the network device 2 checks whether the version number version of the currently valid public key in the authorization certificate is The version numbers of the public keys currently in use are consistent, and if they are inconsistent, the key update operation is triggered.
  • the identity of the user is legal in the following manner: (1) calculating the basis based on a predetermined digest algorithm (for example, MD5 algorithm) Deriving a summary of the content of the currently valid public key in the authorization certificate, the visitor ID, the device ID, and the expiration time to obtain the first digest value; (2) decrypting the using the public key currently being used The signature Signature in the authorization certificate obtains the second digest value; (3) compares the first digest value with the second digest value, and if the two are consistent, the verification passes, otherwise, the verification fails.
  • a predetermined digest algorithm for example, MD5 algorithm
  • the key update operation includes: (1) acquiring a currently valid public key Public_key_code (ie, a version version of the public key) in the authorization certificate as the first Key, and decrypting the Public_key_code_enc in the authorization certificate by using the public key currently used by the target network device (ie, the (version-1) version of the public key) to obtain the first (2) comparing the first key and the second key, if the two are inconsistent, the verification fails, otherwise proceeds to step (3); (3) stores the currently valid public in the authorization certificate The version number of the key and the currently valid public key Public_key_code, and the currently valid public key Public_key_code (ie, the version of the public key) in the authorization certificate is used as the new currently used public key to complete the key update.
  • a currently valid public key Public_key_code ie, a version version of the public key
  • the authorization certificate is used as the new currently used public key to complete the key update.
  • the new currently used public key is then used to verify whether the identity of the user is legal in the following manner: (a) calculating the version of the currently valid public key in the authorization certificate based on a predetermined digest algorithm (eg, MD5 algorithm) a summary of the content of the version, the visitor ID, the device ID, and the expiration time to obtain a first digest value; (b) decrypting the signature Signature in the authorization certificate with the new currently used public key to obtain the first (2) comparing the first digest value and the second digest value, if the two are consistent, the verification is passed; otherwise, the verification fails.
  • a predetermined digest algorithm eg, MD5 algorithm
  • the network device 2 after the key update operation is completed, the network device 2 still saves the old version of the public key and its version number (for example, the version-1 version). Public key and/or earlier version of the public key and its version number), and when the user-provided authorization certificate is based on the authorization certificate of the old version of the public-private key pair, the saved public certificate corresponding to the old version is saved.
  • the authorization certificate in the case of verification, prompts the user to apply to the authorization server for an authorization certificate generated based on the latest version of the public-private key pair.
  • the key update system disclosed by the present invention has the following advantages: since the key update operation can be automatically performed when the user accesses the network device, there is no need to interrupt the service and there is no need to perform offline manual update for the device that is temporarily unable to be networked or Regular retry, which significantly improves the efficiency and performance of key updates, thereby enhancing system security.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un procédé et un système de mise à jour de clé, le procédé comprenant les étapes suivantes : un serveur d'autorisation produit périodiquement une paire de clé publique et de clé privée et ajoute 1 à un numéro de version associé à la paire de clés publique/privée après chaque production d'une nouvelle paire de clés publique/privée ; après la réception d'une demande d'un utilisateur, le serveur d'autorisation produit un certificat d'autorisation et renvoie le certificat d'autorisation à l'utilisateur ; et lorsque l'utilisateur accède à un dispositif de réseau cible d'une pluralité de dispositifs de réseau en utilisant le certificat d'autorisation, le dispositif de réseau cible vérifie si l'identité de l'utilisateur est légitime en fonction du certificat d'autorisation et réalise automatiquement une opération de mise à jour de clé si le numéro de version d'une clé publique utilisée actuellement par le dispositif de réseau cible est différent du numéro de version de la clé publique valide actuelle dans le certificat d'autorisation. Avec le procédé et le système de mise à jour de clé décrits dans la présente invention, une clé peut être mise à jour dans des conditions où le service est ininterrompu.
PCT/CN2017/094617 2017-02-21 2017-07-27 Procédé et système de mise à jour de clé WO2018153018A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710094490.XA CN106878009B (zh) 2017-02-21 2017-02-21 密钥更新方法及系统
CN201710094490.X 2017-02-21

Publications (1)

Publication Number Publication Date
WO2018153018A1 true WO2018153018A1 (fr) 2018-08-30

Family

ID=59167424

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/094617 WO2018153018A1 (fr) 2017-02-21 2017-07-27 Procédé et système de mise à jour de clé

Country Status (2)

Country Link
CN (1) CN106878009B (fr)
WO (1) WO2018153018A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111949949A (zh) * 2020-08-14 2020-11-17 山东英信计算机技术有限公司 一种软件运行方法、装置、设备及计算机可读存储介质

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106878009B (zh) * 2017-02-21 2021-04-09 蔚来(安徽)控股有限公司 密钥更新方法及系统
CN108282464B (zh) * 2017-12-28 2021-04-27 中国电子科技集团公司第三十研究所 一种基于无回传链路、应用于单向广播网的密钥更新方法
CN110535648B (zh) * 2018-05-24 2022-05-06 腾讯科技(深圳)有限公司 电子凭证生成及验证和密钥控制方法、装置、系统和介质
CN108989325A (zh) * 2018-08-03 2018-12-11 华数传媒网络有限公司 加密通信方法、装置及系统
CN110247884B (zh) * 2018-11-21 2023-05-19 浙江大华技术股份有限公司 一种更新证书的方法、装置、系统及计算机可读存储介质
CN111147259B (zh) * 2019-12-26 2022-01-14 华为技术有限公司 鉴权方法和设备
CN113379414A (zh) * 2020-03-09 2021-09-10 新开普电子股份有限公司 一种适用于双离线交易的身份核实方法及终端
CN112671538B (zh) * 2021-03-16 2021-06-22 北京翼辉信息技术有限公司 密钥更新方法、装置、系统、存储介质及计算设备

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102026178A (zh) * 2010-12-31 2011-04-20 成都三零瑞通移动通信有限公司 一种基于公钥机制的用户身份保护方法
CN104009837A (zh) * 2014-04-28 2014-08-27 小米科技有限责任公司 密钥更新方法、装置及终端
US9479340B1 (en) * 2015-03-30 2016-10-25 Amazon Technologies, Inc. Controlling use of encryption keys
US20160365976A1 (en) * 2015-06-12 2016-12-15 Konica Minolta, Inc. Cryptographic System, Updating Method, and Non-Transitory Storage Medium Encoded with Computer Readable Program
CN106878009A (zh) * 2017-02-21 2017-06-20 蔚来汽车有限公司 密钥更新方法及系统

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101335618B (zh) * 2008-07-09 2010-09-15 南京邮电大学 一种使用证书对对等网节点进行评价和授权的方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102026178A (zh) * 2010-12-31 2011-04-20 成都三零瑞通移动通信有限公司 一种基于公钥机制的用户身份保护方法
CN104009837A (zh) * 2014-04-28 2014-08-27 小米科技有限责任公司 密钥更新方法、装置及终端
US9479340B1 (en) * 2015-03-30 2016-10-25 Amazon Technologies, Inc. Controlling use of encryption keys
US20160365976A1 (en) * 2015-06-12 2016-12-15 Konica Minolta, Inc. Cryptographic System, Updating Method, and Non-Transitory Storage Medium Encoded with Computer Readable Program
CN106878009A (zh) * 2017-02-21 2017-06-20 蔚来汽车有限公司 密钥更新方法及系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111949949A (zh) * 2020-08-14 2020-11-17 山东英信计算机技术有限公司 一种软件运行方法、装置、设备及计算机可读存储介质
CN111949949B (zh) * 2020-08-14 2022-06-17 山东英信计算机技术有限公司 一种软件运行方法、装置、设备及计算机可读存储介质

Also Published As

Publication number Publication date
CN106878009A (zh) 2017-06-20
CN106878009B (zh) 2021-04-09

Similar Documents

Publication Publication Date Title
WO2018153018A1 (fr) Procédé et système de mise à jour de clé
US11606352B2 (en) Time-based one time password (TOTP) for network authentication
WO2021114923A1 (fr) Procédé et appareil de mémorisation de données et procédé et appareil de lecture de données pour données privées
US9912485B2 (en) Method and apparatus for embedding secret information in digital certificates
US9276752B2 (en) System and method for secure software update
US8589442B2 (en) Intersystem single sign-on
US7600123B2 (en) Certificate registration after issuance for secure communication
US8997198B1 (en) Techniques for securing a centralized metadata distributed filesystem
US10686768B2 (en) Apparatus and method for controlling profile data delivery
US20200412554A1 (en) Id as service based on blockchain
US20110138177A1 (en) Online public key infrastructure (pki) system
CN108696356B (zh) 一种基于区块链的数字证书删除方法、装置及系统
BR102014030327A2 (pt) método implementado por computador para impedir problemas de segurança no uso de certificados digitais na assinatura de código; sistema de computador para impedir problemas de segurança no uso de certificados digitais na assinatura de código; e produto de programa de computador
JP6967449B2 (ja) セキュリティチェックのための方法、デバイス、端末およびサーバ
WO2019109943A1 (fr) Procédé et appareil de gestion de plate-forme en nuage, dispositif électronique et support de stockage lisible
US11258601B1 (en) Systems and methods for distributed digital rights management with decentralized key management
CN113343201A (zh) 注册请求处理方法、用户身份信息管理方法及设备
CN110086818B (zh) 一种云文件安全存储系统及访问控制方法
KR101639714B1 (ko) 스마트 그리드 기기 인증 방법
CN109450951B (zh) 一种服务器端安全文件管理方法、装置及系统
CN116964586A (zh) 授权加密
JP6976405B2 (ja) アクセス管理システム、及びそのプログラム
JP2014022920A (ja) 電子署名システム、電子署名方法および電子署名プログラム
CN115242471A (zh) 信息传输方法、装置、电子设备及计算机可读存储介质
CN109088720B (zh) 一种基于混合云存储的加密文件去重方法及装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17897877

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 05.11.2019)

122 Ep: pct application non-entry in european phase

Ref document number: 17897877

Country of ref document: EP

Kind code of ref document: A1