WO2021042808A1 - Security information input method, information security device and storage medium - Google Patents
Security information input method, information security device and storage medium Download PDFInfo
- Publication number
- WO2021042808A1 WO2021042808A1 PCT/CN2020/096585 CN2020096585W WO2021042808A1 WO 2021042808 A1 WO2021042808 A1 WO 2021042808A1 CN 2020096585 W CN2020096585 W CN 2020096585W WO 2021042808 A1 WO2021042808 A1 WO 2021042808A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- information
- security
- information input
- terminal
- security information
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2133—Verifying human interaction, e.g., Captcha
Definitions
- This application relates to the technical field of identity authentication, and specifically relates to a secure information input method, an information security device, and a storage medium.
- One of the objectives of the embodiments of the present application is to provide a secure information input method, an information security device, and a storage medium, which can automatically input a password without manually inputting a password.
- a security information input method which is applied to an information security device, and the method includes:
- the information security device is a keyboard, generating security information
- the security information is input into the terminal through a keyboard protocol.
- the "generating security information” includes:
- the security information is generated.
- the security information input method includes:
- the security information is allowed to be sent.
- the identity recognition request process includes a fingerprint recognition process and/or a password recognition process.
- the security information input method further includes:
- the enter confirmation instruction is input into the terminal through a keyboard protocol.
- the security information input method before the "sending keyboard device type description information to the terminal according to the information acquisition instruction", the security information input method includes:
- the current application mode is switched to the safety information input mode.
- an information security device in a second aspect, is provided, the information security device further includes a processor and a memory, the memory stores a security information input program, and the security information input program is configured to be executed by the processor to achieve The security information input method described in any one of the above.
- the information security device further includes at least one of a USB module or a Bluetooth module.
- the information security device includes FIDO (Fast Identity Online, a fast online identity authentication mode) module, the FIDO module can switch the current application mode to the safe information input mode through mode switching.
- FIDO Fast Identity Online, a fast online identity authentication mode
- a storage medium is provided, the storage medium is a computer-readable storage medium, and a safe information input program is stored on the storage medium, and the safe information input program can be executed by one or more processors to Realize the security information input method as described in any one of the above.
- the security information input method and device provided by the embodiments of the present application have the beneficial effect of simulating a user's key press through an information security device to input security information into the terminal without manual input by the user, thereby improving user experience.
- FIG. 1 is a schematic structural diagram of an information security device provided by an embodiment of this application.
- FIG. 2 is a schematic flowchart of a security information input method provided by an embodiment of the application
- Figure 3 is a schematic diagram of a display interface of an input box of a terminal
- FIG. 4 is a schematic flowchart of another security information input method provided by an embodiment of the application.
- the information security device includes a processor 300, a memory 400, a USB module 600, a Bluetooth module 700, and FIDO (Fast Identity Online) Module 800.
- the information security device also includes a network interface (not shown) and a communication bus 700.
- the processor 300, the mode switching module 500, and the FIDO module 600 are connected through a communication bus 500.
- the memory 400 stores a safety information input program, the safety information input program is configured to be executed by the processor 300, and the processor 300 executes the safety information input program to implement the safety information input method.
- the information security device further includes at least one of a USB module 600 or a Bluetooth module 700.
- the information security device can send security information to the terminal through a wired transmission method via USB; or enter the security information into the terminal by establishing Bluetooth communication with the terminal.
- the information security device includes a FIDO module 800, and the FIDO module 800 can switch the current application mode to the security information input mode through mode switching. You can directly enter the FIDO verification mode through mode switching. When establishing a connection with a terminal that uses FIDO for identity authentication, you can directly perform FIDO authentication.
- an embodiment of the present application also provides a security information input method, which is applied to an information security device, and the security information input method includes:
- Step S101 Receive an information acquisition instruction sent by a terminal
- Step S103 Send the keyboard device type description information to the terminal according to the information acquisition instruction
- Step S105 After the terminal recognizes that the information security device is a keyboard, generate security information;
- Step S107 Input the security information into the terminal through a keyboard protocol.
- the terminal needs to confirm the type of the information security device, and the information security device sends the keyboard device type description information to the terminal in preparation for simulating the keyboard to input security information.
- the input keyboard device type description can be a keyboard descriptor or a keyboard descriptor based on the Bluetooth protocol. Specifically, after the information security device establishes a data connection with the terminal through the USB module 600 or the Bluetooth module 700, the input keyboard device type description is sent to the terminal, so that the terminal device recognizes the information security device as a keyboard.
- the terminal when the terminal sends the keyboard descriptor to the terminal through the USB module 600 or the Bluetooth module 700, the terminal recognizes that the information security device is a keyboard, and waits for the information security device to input characters. Generate security information, and input the security information into the input box of the terminal according to the keyboard protocol.
- the terminal If it is currently in the security information input mode, after the terminal recognizes that the information security device is a keyboard, it will determine whether the command to switch to FIDO mode is accepted, if it is received, switch to FIDO mode, otherwise, continue to input security information mode.
- the terminal when the user uses the terminal for login and transaction, the terminal displays a security information input box waiting for the user to input security information, and enters security information through the corresponding input keyboard device type description to complete the input of identity information .
- the method further includes: judging whether an operation of confirming input of safety information by the user is received;
- the security information is generated.
- the information security device cyclically waits for the user's confirmation to input security information, and by pressing the key, the user confirms the operation of inputting security information, and then generates security information and inputs it to the terminal .
- a single-click button can be used as an operation for the user to confirm the input of security information
- a double-click button can be used as a command to switch to the FIDO mode or a command to switch to the security information input mode.
- the security information input method may further include:
- Step S301 Enter the identity recognition request process
- Step S303 Detect whether the identification information is received; if the identification information is received, perform step S305; otherwise, perform step S301;
- Step S305 Determine whether the identity information matches the preset identity verification information; if the identity information matches the preset identity verification information, perform step S307; otherwise, perform step S301;
- Step S307 Allow sending of security information.
- the identity recognition request process includes at least one of a fingerprint recognition process or an identity verification password recognition process.
- the user identity can be further confirmed before the security information is input to the terminal.
- the information security device is a dynamic token, and the security information is a dynamic password.
- the information security device is a cipher, the security information is an account password, and after the terminal recognizes the cipher as a keyboard, the cipher further includes: displaying a list of accounts. After the user selects the account, the account password corresponding to the selected account is entered into the terminal through the keyboard protocol (specifically, the account number is entered into the terminal first, and the password is entered into the terminal again when the user confirmation instruction is received again).
- the information security device in the foregoing embodiment uses the information security device to simulate user keystrokes and input security information into the terminal without manual input by the user, thereby improving user experience.
- the memory 400 includes at least one type of readable storage medium.
- the readable storage medium includes flash memory, hard disk, multimedia card, card-type memory (such as SD or DX memory, etc.), magnetic memory, magnetic disk, and optical disk. Wait.
- the memory 400 may be an internal storage unit of an information security device, such as a hard disk of the information security device.
- the memory 400 may also be an external storage device of the information security device, such as a plug-in hard disk equipped on the information security device, a smart memory card (Smart Media Card, SMC), and a secure digital (Secure Digital, SD). Card, Flash Card, etc.
- the memory 400 may also include both an internal storage unit of an information security device and an external storage device.
- the memory 400 can be used not only to store application software and various data installed in the information security device, such as codes of the information security device, etc., but also to temporarily store data that has been output or will be output.
- the processor 300 may be a central processing unit (Central Processing Unit) in some embodiments.
- Central Processing Unit CPU
- controller a controller
- microcontroller a microprocessor
- other data processing chips are used to run program codes or process data stored in the memory 400, for example, execute a security information input program.
- the network interface may optionally include a standard wired interface and a wireless interface (such as a WI-FI interface), which is usually used to establish a communication connection between the information security device and other electronic devices.
- a standard wired interface such as a WI-FI interface
- WI-FI interface wireless interface
- the network interface is used to realize the connection and communication between these components.
- the communication bus 500 is used to implement connection and communication between these components.
- an embodiment of the present application also proposes a storage medium that stores a security information input program, and the security information input program can be executed by one or more processors to implement the following operations:
- Step S101 Receive an information acquisition instruction sent by a terminal
- Step S103 Send the keyboard device type description information to the terminal according to the information acquisition instruction
- Step S105 After the terminal recognizes that the information security device is a keyboard, generate security information;
- Step S107 Input the security information into the terminal through a keyboard protocol.
- the computer program product includes one or more computer instructions.
- the computer may be a general-purpose computer, a special-purpose computer, a computer network, or other programmable devices.
- the computer instructions may be stored in a computer-readable storage medium, or transmitted from one computer-readable storage medium to another computer-readable storage medium.
- the computer instructions may be transmitted from a website, computer, server, or data center. Transmission to another website site, computer, server or data center via wired (such as coaxial cable, optical fiber, digital subscriber line (DSL)) or wireless (such as infrared, wireless, microwave, etc.).
- wired such as coaxial cable, optical fiber, digital subscriber line (DSL)
- wireless such as infrared, wireless, microwave, etc.
- the computer-readable storage medium may be any available medium that can be stored by a computer or a data storage device such as a server or a data center integrated with one or more available media.
- the usable medium may be a magnetic medium (for example, a floppy disk, a hard disk, a magnetic tape), an optical medium (for example, a DVD), or a semiconductor medium (for example, a solid state hard disk (SSD)), etc.
- the computer program product includes one or more computer instructions.
- the computer may be a general-purpose computer, a special-purpose computer, a computer network, or other programmable devices.
- the computer instructions may be stored in a computer-readable storage medium, or transmitted from one computer-readable storage medium to another computer-readable storage medium.
- the computer instructions may be transmitted from a website, computer, server, or data center. Transmission to another website site, computer, server or data center via wired (such as coaxial cable, optical fiber, digital subscriber line (DSL)) or wireless (such as infrared, wireless, microwave, etc.).
- wired such as coaxial cable, optical fiber, digital subscriber line (DSL)
- wireless such as infrared, wireless, microwave, etc.
- the computer-readable storage medium may be any available medium that can be stored by a computer or a data storage device such as a server or a data center integrated with one or more available media.
- the usable medium may be a magnetic medium (for example, a floppy disk, a hard disk, a magnetic tape), an optical medium (for example, a DVD), or a semiconductor medium (for example, a solid state hard disk (SSD)), etc.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Input From Keyboards Or The Like (AREA)
- User Interface Of Digital Computer (AREA)
Abstract
Description
Claims (12)
- 一种安全信息输入方法,应用于信息安全设备,其特征在于,所述方法包括,A security information input method applied to information security equipment, characterized in that the method includes:接收终端发送的获取信息指令;Receive an information acquisition instruction sent by the terminal;根据所述获取信息指令,发送键盘设备类型描述信息至终端;Sending the keyboard device type description information to the terminal according to the information acquisition instruction;在所述终端识别所述信息安全设备为键盘之后,生成安全信息;After the terminal recognizes that the information security device is a keyboard, generating security information;将所述安全信息通过键盘协议输入所述终端。The security information is input into the terminal through a keyboard protocol.
- 根据权利要求1所述的安全信息输入方法,其特征在于,所述“生成安全信息”包括:The security information input method according to claim 1, wherein said "generating security information" comprises:判断是否接收到用户确认输入安全信息的操作;Determine whether the user confirms the input of the security information operation is received;若接收到用户确认输入安全信息的操作,则生成安全信息。 If the user confirms the input of the security information operation, the security information is generated.
- 根据权利要求1所述的安全信息输入方法,其特征在于,所述安全信息输入方法包括:The safety information input method according to claim 1, wherein the safety information input method comprises:进入身份识别请求流程;Enter the identification request process;检测是否接收到身份识别信息;Detect whether identification information is received;若接收到身份识别信息,则判断所述身份识别信息是否与预设的身份验证信息相匹配;If the identification information is received, it is determined whether the identification information matches the preset identity verification information;若所述身份识别信息与预设的身份验证信息相匹配,则允许发送安全信息。If the identity identification information matches the preset identity verification information, the security information is allowed to be sent.
- 根据权利要求3所述的安全信息输入方法,其特征在于,所述身份识别请求流程包括指纹识别流程和/或密码识别流程。The security information input method according to claim 3, wherein the identity recognition request process includes a fingerprint recognition process and/or a password recognition process.
- 根据权利要求1所述的安全信息输入方法,其特征在于,在所述“将所述安全信息通过键盘协议输入所述终端”之后,所述安全信息输入方法还包括:The security information input method according to claim 1, wherein after the "input the security information into the terminal through a keyboard protocol", the security information input method further comprises:生成回车确认指令;Generate a carriage return confirmation instruction;将所述回车确认指令通过键盘协议输入所述终端。The enter confirmation instruction is input into the terminal through a keyboard protocol.
- 根据权利要求1所述的安全信息输入方法,其特征在于,所述“根据所述获取信息指令,发送键盘设备类型描述信息至终端”之前,所述安全信息输入方法包括:The security information input method according to claim 1, characterized in that, before the "sending keyboard device type description information to the terminal according to the information acquisition instruction", the security information input method comprises:判断是否接收到切换到安全信息输入模式的命令;Determine whether a command to switch to the safety information input mode is received;若接收到切换到安全信息输入模式的命令,则将当前应用模式切换到安全信息输入模式。If a command to switch to the safety information input mode is received, the current application mode is switched to the safety information input mode.
- 根据权利要求1-6任一项所述的安全信息输入方法,其特征在于,所述信息安全设备为动态令牌,所述安全信息为动态口令。 The security information input method according to any one of claims 1-6, wherein the information security device is a dynamic token, and the security information is a dynamic password.
- 根据权利要求1-6任一项所述的安全信息输入方法,其特征在于,所述信息安全设备为密码器,所述安全信息为账号密码。 The security information input method according to any one of claims 1 to 6, wherein the information security device is a cipher, and the security information is an account password.
- 一种信息安全设备,其特征在于,所述信息安全设备还包括处理器和存储器,所述存储器存储有安全信息输入程序,所述安全信息输入程序被配置成有处理器执行,以实现权利要求1-8中任意一项所述的安全信息输入方法。An information security device, characterized in that the information security device further includes a processor and a memory, the memory stores a security information input program, and the security information input program is configured to be executed by the processor to implement the claims The security information input method described in any one of 1-8.
- 根据权利要求9所述的信息安全设备,其特征在于,所述信息安全设备还包括USB模块或蓝牙模块至少一种。The information security device according to claim 9, wherein the information security device further comprises at least one of a USB module or a Bluetooth module.
- 根据权利要求10所述的信息安全设备,其特征在于,所述信息安全设备包括FIDO(Fast Identity Online,快速在线身份认证模式)模块,所述FIDO模块通过模式切换可将当前应用模式切换到安全信息输入模式。The information security device according to claim 10, wherein the information security device comprises a FIDO (Fast Identity Online, fast online identity authentication mode) module, and the FIDO module can switch the current application mode to security through mode switching. Information input mode.
- 一种存储介质,其特征在于:所述存储介质为计算机可读存储介质,所述存储介质上存储有安全信息输入程序,所述安全信息输入程序可被一个或者多个处理器执行,以实现如权利要求1-8中任意一项所述安全信息输入方法。A storage medium, characterized in that: the storage medium is a computer-readable storage medium, and a safety information input program is stored on the storage medium, and the safety information input program can be executed by one or more processors to realize The security information input method according to any one of claims 1-8.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910841601.8 | 2019-09-06 | ||
CN201910841601.8A CN112464183A (en) | 2019-09-06 | 2019-09-06 | Security information input method, information security device, and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021042808A1 true WO2021042808A1 (en) | 2021-03-11 |
Family
ID=74807738
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2020/096585 WO2021042808A1 (en) | 2019-09-06 | 2020-06-17 | Security information input method, information security device and storage medium |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN112464183A (en) |
WO (1) | WO2021042808A1 (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030226016A1 (en) * | 2002-05-31 | 2003-12-04 | International Business Machines Corporation | Assurance of authentication in a computer system apparatus and method |
CN102902903A (en) * | 2012-10-10 | 2013-01-30 | 山东中孚信息产业股份有限公司 | Electronic commerce intelligent password key with button and implementation method for electronic commerce intelligent password key |
CN103425944A (en) * | 2013-07-16 | 2013-12-04 | 深圳市文鼎创数据科技有限公司 | Information safety input method and information safety device |
CN105072114A (en) * | 2015-08-11 | 2015-11-18 | 深圳市文鼎创数据科技有限公司 | Automatic form filling method, password manager, upper computer and system |
CN107315933A (en) * | 2017-05-16 | 2017-11-03 | 武汉普利商用机器有限公司 | A kind of fingerprint cipher keyboard |
-
2019
- 2019-09-06 CN CN201910841601.8A patent/CN112464183A/en active Pending
-
2020
- 2020-06-17 WO PCT/CN2020/096585 patent/WO2021042808A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030226016A1 (en) * | 2002-05-31 | 2003-12-04 | International Business Machines Corporation | Assurance of authentication in a computer system apparatus and method |
CN102902903A (en) * | 2012-10-10 | 2013-01-30 | 山东中孚信息产业股份有限公司 | Electronic commerce intelligent password key with button and implementation method for electronic commerce intelligent password key |
CN103425944A (en) * | 2013-07-16 | 2013-12-04 | 深圳市文鼎创数据科技有限公司 | Information safety input method and information safety device |
CN105072114A (en) * | 2015-08-11 | 2015-11-18 | 深圳市文鼎创数据科技有限公司 | Automatic form filling method, password manager, upper computer and system |
CN107315933A (en) * | 2017-05-16 | 2017-11-03 | 武汉普利商用机器有限公司 | A kind of fingerprint cipher keyboard |
Also Published As
Publication number | Publication date |
---|---|
CN112464183A (en) | 2021-03-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
TWI728261B (en) | Query system, method and non-transitory machine-readable medium to determine authentication capabilities | |
EP3188105B1 (en) | Verification information transmission method and terminal | |
US9667626B2 (en) | Network authentication method and device for implementing the same | |
US20150186875A1 (en) | Information Configuration Method, Device, System, Client And Server | |
CN101221641B (en) | On-line trading method and its safety affirmation equipment | |
TW201525748A (en) | Password resetting method, device having password resetting function, system having password resetting function | |
CN105656850B (en) | Data processing method, related device and system | |
CN106161475B (en) | Method and device for realizing user authentication | |
CN102983973A (en) | Trading system and trading method | |
CN103731273A (en) | Data transmission method and system | |
CN110351672A (en) | Information-pushing method, device and electronic equipment | |
TWI590172B (en) | Authorizing server,authorizing method and computer program product | |
TW201906484A (en) | Communication method and device | |
JP7286770B2 (en) | Authentication for third-party digital wallet provisioning | |
CN104079527A (en) | Information processing method and electronic equipment | |
KR101211900B1 (en) | System for Electronic Signature based on Wireless Terminal | |
US20180075230A1 (en) | Identity authentication method and apparatus | |
CN111586074B (en) | Communication method, server, Internet of things system and readable storage medium | |
CN110602679B (en) | Display and transmission method, identity authentication and data transmission device and terminal | |
WO2021042808A1 (en) | Security information input method, information security device and storage medium | |
KR101459283B1 (en) | 2 Channel authentication device and method | |
US20230063417A1 (en) | System and method for forwarding authentication requests to a nearby authenticator | |
EP3410332A1 (en) | A system and method for transferring data to an authentication device | |
US11245698B2 (en) | Registration system and registration method | |
CN114697956B (en) | Secure communication method and device based on double links |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20861430 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20861430 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 23/08/2022) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20861430 Country of ref document: EP Kind code of ref document: A1 |