CN102497465A - High-secrecy mobile information safety system and safety method for distributed secret keys - Google Patents
High-secrecy mobile information safety system and safety method for distributed secret keys Download PDFInfo
- Publication number
- CN102497465A CN102497465A CN2011103296920A CN201110329692A CN102497465A CN 102497465 A CN102497465 A CN 102497465A CN 2011103296920 A CN2011103296920 A CN 2011103296920A CN 201110329692 A CN201110329692 A CN 201110329692A CN 102497465 A CN102497465 A CN 102497465A
- Authority
- CN
- China
- Prior art keywords
- card
- safety means
- user
- information
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Telephone Function (AREA)
Abstract
The invention discloses a high-secrecy mobile information safety system and a safety method for distributed secret keys. The high-secrecy mobile information safety system comprises a client side and safety equipment, the client side is mounted on a mobile phone and communicated with a server, and the safety equipment is arranged in an earphone and communicated with the mobile phone. The high-secrecy mobile information safety system is characterized in that the earphone is connected with the safety equipment based on hardware encryption or biometrics identification by the aid of an interface, and the safety equipment stores at least one of secret keys, passwords, digital certificates and biometrics information of identification users. The high-secrecy mobile information safety system has the advantages that high-intensive information safety protection is provided for cellphone users since the earphone is utilized as the hardware encryption based mobile information safety equipment. Meanwhile, by the aid of the safety equipment based on parallel computation, single instruction calls to superior application can be met and safety guarantees of multiple services for storage and high-efficient processing of mass data can be realized. Safety of the system is greatly improved by the aid of authentication and cross check of multiple subscription information.
Description
Technical field
The present invention relates to a kind of mobile message safety system, especially relate to a kind of high secret mobile message safety system and safety method of distributed cipher key.
Background technology
Along with 3-G (Generation Three mobile communication system) (The Third-Generation Mobile Communication System; 3G) the arrival in epoch; Wireless mobile service is flourishing as never before; Smart mobile phone, palmtop PC and other mobile device are attached to " the Killer Application " that will become 3G in the business activity of standard; Mobile application welcome develop rapidly golden age, mobile application welcome develop rapidly golden age, but safety problem remain so far the restriction mobile service " blowout " critical bottleneck.Chinese scholars is attempted at computing capability and the serious limited inner seeking solution of mobile phone of resource; But under mobile phone viruses is becoming increasingly rampant attack with the SIM cloning machine; Security protection is performed practically no function, and this also is the reason that present mobile service only limits to small amount payment or directed payment.In addition, owing to the strict control of China to financial mixed operation, the conflict of interest of bank and mobile operator, SP, manufacturer makes this natural Wireless Personal Network platform of mobile phone fail to give full play to the huge potential impact that changes people's life pattern.
Because mobile device provides increasing critical function, mobile message safety becomes gradually influences end product popularization and the value-added key factor of mobile service, is the important embodiment of future market competitiveness.Because the mobile message safe practice mainly by external tissue and business monopoly, need be paid a large amount of foreign exchanges, have potential strategy and threaten with commercial, this is an opportunity to develop to the mobile message safe practice that research and development have independent intellectual property right.The user of mobile phones such as present iphone4 is more and more; But there are not reasons such as SD card slot owing to mobile phone; Dependence can not realize based on the mobile payment pattern of external security equipment financial security SD card, and the present invention as carrier, will be embedded into earphone in the earphone as the IC module or inserts earphone as the plug-in unit of earphone and come for mobile phone safeguard protection to be provided based on the security module of hardware encipher; Can effectively strengthen the information security performance of mobile phone, reach the safeguard protection of financial security level.December 5 calendar year 2001, disclosed No. 01138250.3 Chinese invention patent disclosed the fail-safe computer with information safety management unit, proposed a kind of fail-safe computer with information safety management unit.Said fail-safe computer comprises identity information input equipment interface, information safety management unit, security control performance element; The boot-strap circuit unit; Computer peripheral equipment switching circuit unit, and computer motherboard unit, security module (ELM) also can be made in the safety management unit in the fail-safe computer.Its advantage is: have self check, checking from bottom hardware control and management information, thereby solves and has improved the safeguard protection problem of computerized information.This scheme is applicable to special-purpose computer, and smart mobile phone is not suitable for, because need mobile phone be transformed, implements complicacy, and cost is high, and is infeasible, can not satisfy the demand of user mobile information safety.And the present invention just can satisfy the demand of people to the secret mobile message safety function of height under the condition of not transforming mobile phone hardware.
Fast development along with mobile communication technology; Portable terminal (mobile phone, PDA etc.) becomes individual business platform gradually; Employing becomes trend of the times based on the mobile message safety means of hardware encipher; To the phone cellphone subscriber, they have the strong desire of mobile message safeguard protection, and how to transform earphone as high mobile message safety means of maintaining secrecy becomes a urgent problem.
Summary of the invention
Technical problem to be solved by this invention provides a kind of high secret mobile message safety system and safety method.
A kind of safety device of mobile message safety system; Comprise and being installed on the mobile phone and the client of server communication and the safety means that are arranged in the earphone with mobile phone communication; It is characterized in that described earphone is connected with the safety means based on hardware encipher or living things feature recognition through interface, described safety means storaging mark user's key, password, digital certificate, biological information at least a.Described interface is at least a of bus, SDIO, USB, data line interface.Described safety means are a kind of safety means based on hardware encipher or living things feature recognition; Support SWP (Single Wire Protocol; Single-wire-protocol) at least a in agreement, PBOC standard, the QPBOC agreement, can with SIM, Micro SD card, TF card, USB device at least aly combine in twos.
A kind of NFC earphone that is used for the mobile message safeguard protection; Comprise the single-chip microcomputer and the earphone module that links to each other with single-chip microcomputer respectively through interface module, the safety means that are used for the mobile message safeguard protection that are installed in the housing, be used for and the NFC module of extraneous communication, antenna, the power supply that is used to receive extraneous NFC signal and obtains work capacity; It is characterized in that described safety means are a kind of safety means based on hardware encipher or living things feature recognition; Support at least a in SWP agreement, PBOC standard, the QPBOC agreement; Can with SIM, Micro SD card, TF card, USB device at least aly combine in twos; Interface module supporting bus, SDIO, USB, data line interface at least a, antenna is connected to said NFC module.Safety means are TF cards of supporting SWP agreement, CUPMobile bank card using standard and CUPMobile intelligent SD card Application Interface Specification; Interface module is that the TF deck of TF card is installed; The TF deck has the SWP contact of the SWP protocol signal transmission that realizes the TF card and is the Vcc contact of the SWP module for power supply that is installed in the TF card on the TF deck, SWP contact and Vcc contact can be respectively with the TF card on the SWP contact be connected with the Vcc contact.
A kind of bluetooth earphone that is used for the mobile message safeguard protection; Comprise the single-chip microcomputer and the bluetooth earphone module that links to each other with single-chip microcomputer respectively through interface module, the safety means that are used for the mobile message safeguard protection that are installed in the housing, be used for, be used to receive extraneous NFC signal with the NFC module of extraneous communication; And obtain work capacity antenna, be used for the low pressure detection module of voltage detecting; It is characterized in that described safety means are a kind of safety means based on hardware encipher or living things feature recognition; Support at least a in SWP agreement, PBOC standard, the QPBOC agreement, can with SIM, Micro SD card, TF card, USB device at least aly combine in twos.Described interface module supporting bus, SDIO, USB, data line interface at least a.Said antenna is connected to said NFC module.Described safety means are TF cards of supporting SWP agreement, CUPMobile bank card using standard and CUPMobile intelligent SD card Application Interface Specification; Described interface module is that the TF deck of TF card is installed; Said TF deck has the SWP contact of the SWP protocol signal transmission that realizes being installed in the TF card on the said TF deck and is the Vcc contact of the SWP module for power supply that is installed in the TF card on the said TF deck, said SWP contact and Vcc contact can be respectively with the TF card on the SWP contact be connected with the Vcc contact.
A kind of safety means that are used for the mobile message safeguard protection; Comprise command memory IM (Instruction Memory), AP AP (Array Processor) and data array memory DAM (Data/Instruction Array Memory); It is characterized in that described safety means are based on SIMD (Single Instruction Multiple Data stream) architecture; Article one, the instruction SI of special use (Single Instruction) can make AP AP reconstruct and convert the multiple instruction flow MI (Multiple Instruction) and the multiple data stream MD (Multiple Data stream) of parallel computation to, to accomplish multiple services safeguard protection; Described data array memory DAM also uses as the instruction array memory, can not only accomplish the concurrent reading and concurrent writing of data, and can accomplish the concurrent reading and concurrent writing of instruction; Interconnection is to adopt local router to realize between the processing elements among the described AP AP (PE, Processing Element).
A kind of safety method based on distributed cipher key is characterized in that may further comprise the steps:
1. the user holds my relevant certificate and fills in CAMEL-Subscription-Information with the earphone that has safety means in relevant departments, and described CAMEL-Subscription-Information includes, but are not limited to be used for class of business, the accrediting amount and the risk class of ID card No., bank's card number, smartcard identification, IMSI, IMEI, IP address, user name, password, biometric feature, digital certificate, key and application of identifying user.2. relevant departments return the security information that relates in the user signing contract information of encrypting, the e-commerce security basic platform IC-card application file and the described server of writing correspondence on the described safety means according to the close AES of doing appointment of the merchant of country.3. said client can be installed on the mobile phone through the mode of OTA (Over The Air) and carry out software upgrading and service downloading.Said client provides operation interface for the user, and the information that the user is needed protection is sent to said safety means and carries out safeguard protection; 4. described client and said server, said safety means, said earphone carry out authentication in twos and cross check according to CAMEL-Subscription-Information, and authentication gets nowhere if CAMEL-Subscription-Information is inconsistent, allows user's retry, retry failure back winding-up flow process.To the user of repeatedly frequent retry in the short time, described safety means, said server automatically lock this user's business, have only through relevant departments and come release.Authentication success, the information that described client needs protection the user, carry out safeguard protection through safety means after, send to said server and accomplish professional.
A kind of safety method based on distributed cipher key is characterized in that may further comprise the steps:
1. the user writes personal security's information based in hardware encipher or the living things feature recognition safety means through client, and described personal security's information includes, but are not limited to be used for ID card No., bank's card number, smartcard identification, IMSI, IMEI, IP address, user name, password, power user's password, biometric feature, digital certificate, key, buddy list and the security strategy of identifying user; Described safety means are a kind of IC-card equipment, can with SIM, Micro SD card, TF card, USB device, handset earphone at least aly combine in twos.The IC-card application file of described personal security's information stores correspondence on described safety means; 2. said client can be installed on the mobile phone through the mode of OTA (Over The Air) and carry out software upgrading and service downloading.Said client provides operation interface for the user, and the information that the user is needed protection is sent to said safety means and carries out safeguard protection; 3. described client, said safety means carry out authentication in twos and cross check according to described personal security's information, and authentication gets nowhere if CAMEL-Subscription-Information is inconsistent, allows user's retry, retry failure back termination of security flow process.To the user of repeatedly frequent retry in the short time, described safety means, said client automatically lock this user's operation, come release through power user or time-delay.Authentication success, the information that described client needs protection the user, carry out safeguard protection through safety means after, store or send.
Compared with prior art; The invention has the advantages that and utilize earphone as mobile message safety means based on hardware encipher; For cellphone subscribers such as iphone provide high-intensity information safety protection; Simultaneously, the single instrction that adopts the safety means based on parallel computation not only can satisfy upper layer application calls, and can satisfy multi-service to mass data storage, the efficient safety guarantee of handling; The authentication of multiple CAMEL-Subscription-Information and cross check have improved the fail safe of system greatly; Mode through OTA can be carried out business renewal and upgrading to the mobile message safety system easily, so extensibility is stronger.Along with the arrival of 3G (Third Generation) Moblie network, mobile phone, PDA develop into powerful individual business platform gradually, and the present invention can be under the situation that does not change mobile phone hardware, for mobile service provides high mobile message safety guarantee of maintaining secrecy.
Description of drawings
Figure l is the structural representation of the embodiment of the invention one;
Fig. 2 is the structural representation of the embodiment of the invention two;
Fig. 3 is the structural representation of the embodiment of the invention three;
Fig. 4 is the structural representation of the embodiment of the invention four;
Fig. 5 is the structural representation of the embodiment of the invention five;
Fig. 6 is the structural representation of the embodiment of the invention six;
Fig. 7 is the structural representation of the embodiment of the invention seven.
Embodiment
Embodiment describes in further detail the present invention below in conjunction with accompanying drawing.
Embodiment one: a kind of safety device of mobile message safety system; As shown in fig. 1; Comprise and being installed on the mobile phone 1 and the client 3 of server 2 communications and the safety means 5 that are arranged in the earphone 4 with mobile phone 1 communication; It is characterized in that described earphone 4 is connected with the safety means 5 based on hardware encipher or living things feature recognition through the SDIO interface; Safety means 5 storaging mark users' key, password, digital certificate, biological information at least a supports SWP agreement, PBOC standard, QPBOC agreement and TF card to be integrated into one.
Embodiment two: a kind of NFC earphone that is used for the mobile message safeguard protection; As shown in Figure 2; Comprise ARM Cortex A8 single-chip microcomputer 2 that is installed in the housing 1 and the earphone module 4 that links to each other with single-chip microcomputer 2 through UART interface module 3, through PIO interface module 3 and single-chip microcomputer 2 that link to each other and be used for the mobile message safeguard protection ESAM safety means 5, be used for the NFC module 6 of extraneous communication, be used to the antenna 7, the power supply 8 that receive extraneous NFC signal and obtain work capacity, antenna 7 is connected to NFC module 6.ESAM safety means 5 are a kind of embedded safety modules based on hardware encipher, support SWP agreement, PBOC standard, QPBOC agreement, can with SIM, Micro SD card, TF card, USB device at least aly combine in twos.
Embodiment three: a kind of NFC earphone that is used for the mobile message safeguard protection; As shown in Figure 3; Comprise ARM Cortex A8 single-chip microcomputer 2 that is installed in the housing 1 and the BF10 earphone module 4 that links to each other with single-chip microcomputer 2 through UART interface module 3, through TF deck interface module 3 and single-chip microcomputer 2 that link to each other and be used for the mobile message safeguard protection TF card information safety means 5, be used for the NFC module 6 of extraneous communication, be used to receive extraneous NFC signal and obtain the antenna 7 of work capacity, the power module 8 that is used to supply power, antenna 7 is connected to NFC module 6.TF card information safety means 5 are based on the smart card and the integrated information security card of TF card of hardware encipher, support SWP agreement, PBOC standard, QPBOC agreement, CUPMobile bank card using standard and CUPMobile intelligent SD card Application Interface Specification.TF deck 3 is realized transmitting with the SWP protocol signal of the TF card information safety means 5 that insert through the SWP contact on it; Through the SWP module for power supply of the Vcc contact on it for the TF card information safety means 5 that insert, on the TF deck 3 volume SWP contact and Vcc contact can be respectively with TF card information safety means 5 on the SWP contact be connected with the Vcc contact.
Embodiment four: a kind of bluetooth earphone that is used for the mobile message safeguard protection; As shown in Figure 4; Comprise ARM Cortex A8 single-chip microcomputer 2 that is installed in the housing 1 and the BF10 bluetooth earphone module 4 that links to each other with single-chip microcomputer 2 through UART interface module 3, through PIO interface module 3 and single-chip microcomputer 2 that link to each other and be used for the mobile message safeguard protection ESAM safety means 5, be used for the NFC module 6 of extraneous communication, be used to receive extraneous NFC signal and obtain the antenna 7 of work capacity, the power module 8 that is used to supply power, antenna 7 is connected to NFC module 6.ESAM safety means 5 are a kind of embedded safety modules based on hardware encipher, support SWP agreement, PBOC standard, QPBOC agreement, can with SIM, Micro SD card, TF card, USB device at least aly combine in twos.
Embodiment five: a kind of bluetooth earphone that is used for the mobile message safeguard protection; As shown in Figure 5; Comprise ARM Cortex A8 single-chip microcomputer 2 that is installed in the housing 1 and the BF10 bluetooth earphone module 4 that links to each other with single-chip microcomputer 2 through UART interface module 3, through TF deck interface module 3 and single-chip microcomputer 2 that link to each other and be used for the mobile message safeguard protection TF card information safety means 5, be used for the NFC module 6 of extraneous communication, be used to receive extraneous NFC signal and obtain the antenna 7 of work capacity, the power module 8 that is used to supply power, antenna 7 is connected to NFC module 6.TF card information safety means 5 are based on the smart card and the integrated information security card of TF card of hardware encipher, support SWP agreement, PBOC standard, QPBOC agreement, CUPMobile bank card using standard and CUPMobile intelligent SD card Application Interface Specification.TF deck 3 is realized transmitting with the SWP protocol signal of the TF card information safety means 5 that insert through the SWP contact on it; Through the SWP module for power supply of the Vcc contact on it for the TF card information safety means 5 that insert, on the TF deck 3 volume SWP contact and Vcc contact can be respectively with TF card information safety means 5 on the SWP contact be connected with the Vcc contact.
Embodiment six: a kind of bluetooth earphone that is used for the mobile message safeguard protection; As shown in Figure 6, comprise ARM Cortex A8 single-chip microcomputer 2 that is installed in the housing 1 and the BF10 bluetooth earphone module 4 that links to each other with single-chip microcomputer 2 through UART interface module 3, that link to each other and be used for the TF card information safety means 5 of mobile message safeguard protection through TF deck interface module 3 and single-chip microcomputer 2.TF card information safety means 5 are based on the smart card and the integrated information security card of TF card of hardware encipher, support SWP agreement, PBOC standard, QPBOC agreement, CUPMobile bank card using standard and CUPMobile intelligent SD card Application Interface Specification.Integratedly on the TF card information safety means 5 be used for being connected to the NFC module with the NFC module of extraneous communication, antenna, the antenna that is used to receive extraneous NFC signal and obtain work capacity.
Embodiment seven: a kind of safety means TF information security card that is used for the mobile message safeguard protection; As shown in Figure 7; Comprise command memory IM300, AP AP310 and data array memory DAM320; TF information security card is based on the SIMD architecture; Article one, the mobile payment safety command SI (Mobile_Payment) of special use can make AP AP reconstruct and convert multiple instruction flow MI (the mobile payment right discriminating command M obile_Payment_Authorization of parallel computation to; Mobile payment transaction command M obile_Payment_Transaction; Mobile payment advertisement command M obile_Payment _ Advertisement) and multiple data stream MD (mobile payment right discriminating data flow Mobile_Payment_Authorization_ Data_Stream; Mobile payment transaction director data Mobile_Payment_Transaction_Data_Stream, mobile payment ad data stream Mobile_Payment _ Advertisement_Data_Stream), to accomplish multiple services safeguard protection; Data array memory DAM320 also uses as the instruction array memory; MD (mobile payment right discriminating command M obile_Payment_Authorization; Mobile payment transaction command M obile_Payment_Transaction; Mobile payment advertisement command M obile_Payment _ Advertisement) can deposit in wherein; Can not only accomplish data M D (mobile payment right discriminating data flow Mobile_Payment_Authorization_ Data_Stream; Mobile payment transaction director data Mobile_Payment_Transaction_Data_Stream, the concurrent reading and concurrent writing of mobile payment ad data stream Mobile_Payment _ Advertisement_Data_Stream), and can accomplish command M D (mobile payment right discriminating command M obile_Payment_Authorization; Mobile payment transaction command M obile_Payment_Transaction, the concurrent reading and concurrent writing of mobile payment advertisement command M obile_Payment _ Advertisement); Interconnection is to adopt local router to realize between the processing elements among the AP AP310.
Embodiment eight: a kind of safety method based on distributed cipher key is characterized in that may further comprise the steps:
1. the user holds the personal identification papers and carries the earphone that is equipped with based on the TF information security IC-card safety means of hardware encipher or living things feature recognition and fill in CAMEL-Subscription-Information in relevant departments, and described CAMEL-Subscription-Information includes, but are not limited to be used for class of business and security strategy, the accrediting amount and the risk class of ID card No., bank's card number, smartcard identification, IMSI, IMEI, MSISDN, IP address, user name, password, biometric feature, digital certificate, key and application of identifying user;
2. relevant departments are according to the close AES of doing appointment of the merchant of country, the security information that relates in the user signing contract information of encrypting, the e-commerce security basic platform is returned write the IC-card application file corresponding on the described safety means and the server of relevant departments;
3. said client can be installed on the mobile phone through the mode of OTA (Over The Air) and carry out software upgrading and service downloading.Said client provides operation interface for the user, and the information that the user is needed protection is sent to said safety means according to the different security grade and carries out safeguard protection according to the different security strategy; Dynamically adjust safe class according to detected risk class; When detecting security attack; Client improves safe class rapidly according to security strategy; Have only through the more authentication and the authentication of high safety grade business is proceeded, otherwise winding-up flow process and write down risk record and supply ex-post analysis.After detecting the security attack disappearance or having got rid of security breaches,, progressively safe class is recovered normal through stability test;
4. described client and said server, said safety means, said earphone carry out mutual authentication and cross check according to CAMEL-Subscription-Information, and authentication gets nowhere if CAMEL-Subscription-Information is inconsistent, allows user's retry, retry failure back winding-up flow process.To the user of repeatedly frequent retry in the short time, described safety means, said server automatically lock and charge to blacklist to this user's business, have only through relevant departments and come release.Authentication success, the information that described client needs protection the user, carry out safeguard protection through safety means after, send to said server and accomplish professional.
Embodiment nine: a kind of safety method based on distributed cipher key is characterized in that may further comprise the steps:
1. the user writes personal security's information in the TF smart card based on hardware encipher or living things feature recognition through client, and personal security's information includes, but are not limited to be used for ID card No., bank's card number, smartcard identification, IMSI, IMEI, MSISDN, IP address, user name, password, power user's password, biometric feature, digital certificate, key, buddy list and the security strategy of identifying user; The IC-card application file of personal security's information stores correspondence on the TF smart card;
2. client can be installed on the mobile phone through the mode of OTA (Over The Air) and carry out software upgrading and service downloading.Said client provides operation interface for the user, and the information that the user is needed protection is sent to said safety means according to the different security grade and carries out safeguard protection according to the different security strategy; Dynamically adjust safe class according to detected risk class; When detecting security attack; Client improves safe class rapidly according to security strategy; Have only through the more authentication and the authentication of high safety grade business is proceeded, otherwise winding-up flow process and write down risk record and supply ex-post analysis.After detecting the security attack disappearance or having got rid of security breaches,, progressively safe class is recovered normal through stability test;
3. client, TF smart card carry out mutual authentication and cross check according to described personal security's information, and authentication gets nowhere if CAMEL-Subscription-Information is inconsistent, allows user's retry, retry failure back termination of security flow process.To the user of repeatedly frequent retry in the short time, TF smart card, client automatically lock this user's operation, come release through power user or time-delay.Authentication success, the information that client needs protection the user, carry out safeguard protection through the TF smart card after, store or send.
The above embodiment has only expressed several kinds of execution modes of the present invention, and it describes comparatively concrete and detailed, but can not therefore be interpreted as the restriction to claim of the present invention.Should be pointed out that for the person of ordinary skill of the art under the prerequisite that does not break away from the present invention's design, can also make some distortion and improvement, these all belong to protection scope of the present invention.Therefore, the protection range of patent of the present invention should be as the criterion with accompanying claims.
Claims (10)
1. the safety device of a mobile message safety system; Comprise and being installed on the mobile phone and the client of server communication and the safety means that are arranged in the earphone with mobile phone communication; It is characterized in that described earphone is connected with the safety means based on hardware encipher or living things feature recognition through interface, described safety means storaging mark user's key, password, digital certificate, biological information at least a.
2. the safety device of a kind of mobile message safety system as claimed in claim 1 is characterized in that described interface is at least a of bus, SDIO, USB, data line interface.
3. the safety device of a kind of mobile message safety system as claimed in claim 1; It is characterized in that described safety means are a kind of safety means based on hardware encipher or living things feature recognition; Support at least a in SWP agreement, PBOC standard, the QPBOC agreement, can with SIM, Micro SD card, TF card, USB device at least aly combine in twos.
4. NFC earphone that is used for the mobile message safeguard protection; Comprise the single-chip microcomputer and the earphone module that links to each other with single-chip microcomputer respectively through interface module, the safety means that are used for the mobile message safeguard protection that are installed in the housing, be used for and the NFC module of extraneous communication, antenna, the power supply that is used to receive extraneous NFC signal and obtains work capacity; It is characterized in that described safety means are a kind of safety means based on hardware encipher or living things feature recognition; Support at least a in SWP agreement, PBOC standard, the QPBOC agreement; Can with SIM, Micro SD card, TF card, USB device at least aly combine in twos; Described interface module supporting bus, SDIO, USB, data line interface at least a, said antenna is connected to said NFC module.
5. a kind of NFC earphone that is used for the mobile message safeguard protection as claimed in claim 4; It is characterized in that described safety means are TF cards of supporting SWP agreement, CUPMobile bank card using standard and CUPMobile intelligent SD card Application Interface Specification; Described interface module is that the TF deck of TF card is installed; Said TF deck has the SWP contact of the SWP protocol signal transmission that realizes being installed in the TF card on the said TF deck and is the Vcc contact of the SWP module for power supply that is installed in the TF card on the said TF deck, said SWP contact and Vcc contact can be respectively with the TF card on the SWP contact be connected with the Vcc contact.
6. bluetooth earphone that is used for the mobile message safeguard protection; Comprise the single-chip microcomputer and the bluetooth earphone module that links to each other with single-chip microcomputer respectively through interface module, the safety means that are used for the mobile message safeguard protection that are installed in the housing, be used for and the NFC module of extraneous communication, antenna, the power supply that is used to receive extraneous NFC signal and obtains work capacity; It is characterized in that described safety means are a kind of safety means based on hardware encipher or living things feature recognition; Support at least a in SWP agreement, PBOC standard, the QPBOC agreement; Can with SIM, Micro SD card, TF card, USB device at least aly combine in twos; Described interface module supporting bus, SDIO, USB, data line interface at least a, said antenna is connected to said NFC module.
7. a kind of bluetooth earphone that is used for the mobile message safeguard protection as claimed in claim 6; It is characterized in that described safety means are TF cards of supporting SWP agreement, CUPMobile bank card using standard and CUPMobile intelligent SD card Application Interface Specification; Described interface module is that the TF deck of TF card is installed; Said TF deck has the SWP contact of the SWP protocol signal transmission that realizes being installed in the TF card on the said TF deck and is the Vcc contact of the SWP module for power supply that is installed in the TF card on the said TF deck, said SWP contact and Vcc contact can be respectively with the TF card on the SWP contact be connected with the Vcc contact.
8. safety means that are used for the mobile message safeguard protection; Comprise command memory IM (Instruction Memory), AP AP (Array Processor) and data array memory DAM (Data/Instruction Array Memory); It is characterized in that described safety means are based on SIMD (Single Instruction Multiple Data stream) architecture; Article one, the instruction SI of special use (Single Instruction) can make AP AP reconstruct and convert the multiple instruction flow MI (Multiple Instruction) and the multiple data stream MD (Multiple Data stream) of parallel computation to, to accomplish multiple services safeguard protection; Described data array memory DAM also uses as the instruction array memory, can not only accomplish the concurrent reading and concurrent writing of data, and can accomplish the concurrent reading and concurrent writing of instruction; Interconnection is to adopt local router to realize between the processing elements among the described AP AP (PE, Processing Element).
9. safety method based on distributed cipher key is characterized in that may further comprise the steps:
1. the user holds my relevant certificate and carries the earphone that is equipped with based on hardware encipher or living things feature recognition safety means and fill in CAMEL-Subscription-Information in relevant departments, and described CAMEL-Subscription-Information includes, but are not limited to be used for class of business and security strategy, the accrediting amount and the risk class of ID card No., bank's card number, smartcard identification, international mobile subscriber identity IMSI, International Mobile Equipment Identity sign indicating number IMEI, mobile user comprehensive service digital net number MSISDN, IP address, user name, password, biometric feature, digital certificate, key and application of identifying user;
2. relevant departments are according to the close AES of doing appointment of the merchant of country, the security information that relates in the user signing contract information of encrypting, the e-commerce security basic platform is returned write the IC-card application file corresponding on the described safety means and the server of relevant departments;
3. said client can be installed on the mobile phone through the mode of OTA (Over The Air) and carry out software upgrading and service downloading; Said client provides operation interface for the user, and the information that the user is needed protection is sent to said safety means according to the different security grade and carries out safeguard protection according to the different security strategy; Dynamically adjust safe class according to detected risk class, when risk raises, corresponding safe class is improved, when risk reduces, safe class is recovered normal;
4. described client and said server, said safety means, said earphone carry out mutual authentication and cross check according to CAMEL-Subscription-Information, and authentication gets nowhere if CAMEL-Subscription-Information is inconsistent, allows user's retry, retry failure back winding-up flow process; To the user of repeatedly frequent retry in the short time, described safety means, said server automatically lock this user's business and pipe off, and have only through relevant departments and come release; Authentication success, the information that described client needs protection the user, carry out safeguard protection through safety means after, send to said server and accomplish professional.
10. safety method based on distributed cipher key is characterized in that may further comprise the steps:
1. the user writes personal security's information based in hardware encipher or the living things feature recognition safety means through client, and described personal security's information includes, but are not limited to be used for ID card No., bank's card number, smartcard identification, international mobile subscriber identity IMSI, International Mobile Equipment Identity sign indicating number IMEI, mobile user comprehensive service digital net number MSISDN, IP address, user name, password, power user's password, biometric feature, digital certificate, key, buddy list and the security strategy of identifying user; Described safety means are a kind of IC-card equipment, can with SIM, Micro SD card, TF card, USB device, handset earphone at least aly combine in twos; The IC-card application file of described personal security's information stores correspondence on described safety means;
2. said client can be installed on the mobile phone through the mode of OTA (Over The Air) and carry out software upgrading and service downloading; Said client provides operation interface for the user, and the information that the user is needed protection is sent to said safety means according to the different security grade and carries out safeguard protection according to the different security strategy; Dynamically adjust safe class according to detected risk class, when risk raises, corresponding safe class is improved, when risk reduces, safe class is recovered normal;
3. described client, said safety means carry out mutual authentication and cross check according to described personal security's information, and authentication gets nowhere if CAMEL-Subscription-Information is inconsistent, allows user's retry, retry failure back termination of security flow process; To the user of repeatedly frequent retry in the short time, described safety means, said client automatically lock this user's operation, come release through power user or time-delay; Authentication success, the information that described client needs protection the user, carry out safeguard protection through safety means after, store or send.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011103296920A CN102497465A (en) | 2011-10-26 | 2011-10-26 | High-secrecy mobile information safety system and safety method for distributed secret keys |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011103296920A CN102497465A (en) | 2011-10-26 | 2011-10-26 | High-secrecy mobile information safety system and safety method for distributed secret keys |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310608074.9A Division CN103646204A (en) | 2011-10-26 | 2011-10-26 | Safety device for mobile information safety protection |
Publications (1)
Publication Number | Publication Date |
---|---|
CN102497465A true CN102497465A (en) | 2012-06-13 |
Family
ID=46189250
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2011103296920A Pending CN102497465A (en) | 2011-10-26 | 2011-10-26 | High-secrecy mobile information safety system and safety method for distributed secret keys |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102497465A (en) |
Cited By (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102769811A (en) * | 2012-08-08 | 2012-11-07 | 北京鑫泰亿联视讯科技有限公司 | Bluetooth headset integrating NFC (Near Field Communication) reading and writing functions |
CN103379486A (en) * | 2013-06-08 | 2013-10-30 | 山东量子科学技术研究院有限公司 | Plug and play type portable communication secrecy device and communication method thereof |
CN103619015A (en) * | 2013-12-06 | 2014-03-05 | 孙江宁 | Method, device and system for using mobile terminal to carry out information verification |
CN103973696A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
CN103974242A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
CN103974243A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing system of voice communication |
CN103986579A (en) * | 2014-05-16 | 2014-08-13 | 天地融科技股份有限公司 | Data processing system for voice communication |
CN103987036A (en) * | 2014-05-16 | 2014-08-13 | 天地融科技股份有限公司 | Data processing system for voice communication |
CN103997732A (en) * | 2014-05-16 | 2014-08-20 | 天地融科技股份有限公司 | Data processing system in voice communication |
CN104144049A (en) * | 2014-03-11 | 2014-11-12 | 腾讯科技(深圳)有限公司 | Encryption communication method, system and device |
CN104202167A (en) * | 2014-09-18 | 2014-12-10 | 公安部第三研究所 | External authentication module and personal password based identity verification realization system and method |
CN104410968A (en) * | 2014-11-18 | 2015-03-11 | 王家城 | Portable universal integrated circuit card (UICC) subscriber terminal equipment and identity authentication system thereof |
CN104702411A (en) * | 2015-03-14 | 2015-06-10 | 丁贤根 | Token design method integrating mobile payment safety authentication and mobile phone loss alarm |
CN104702412A (en) * | 2015-03-14 | 2015-06-10 | 丁贤根 | External AI (Artificial Intelligence) safety certificate system of mobile phone for mobile payment and realizing method thereof |
CN104936051A (en) * | 2015-01-19 | 2015-09-23 | 天地融科技股份有限公司 | Earphone, sound box and conversation system |
CN105120452A (en) * | 2015-06-30 | 2015-12-02 | 小米科技有限责任公司 | Information transmission method, device and system |
CN105245349A (en) * | 2015-11-17 | 2016-01-13 | 王家城 | User wearing equipment provided with embedded UICC card |
CN105741104A (en) * | 2016-01-25 | 2016-07-06 | 恒宝股份有限公司 | Offline transaction apparatus and method based on offline transaction apparatus |
CN106330859A (en) * | 2015-07-02 | 2017-01-11 | Gn瑞声达A/S | Method of manufacturing a hearing device and hearing device with a certificate |
CN106557686A (en) * | 2016-10-31 | 2017-04-05 | 余必亚 | A kind of computer memory system of duplicate protection |
CN107667554A (en) * | 2015-06-05 | 2018-02-06 | 高通股份有限公司 | Decentralized configuration device entity |
CN108875398A (en) * | 2018-09-06 | 2018-11-23 | 山西特信环宇信息技术有限公司 | Encrypting and deciphering system and its application method based on certificate chain technology |
CN110324335A (en) * | 2019-07-02 | 2019-10-11 | 成都信息工程大学 | A kind of automobile method for upgrading software and system based on electronics mobile certificate |
CN110334498A (en) * | 2014-09-02 | 2019-10-15 | 苹果公司 | The method for unlocking another equipment using an equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1731460A (en) * | 2005-07-01 | 2006-02-08 | 潘铁军 | A mobile payment system based on distributed cipher key and encryption method |
CN101147387A (en) * | 2005-04-19 | 2008-03-19 | 诺基亚公司 | Method, device and system for controlling application start in mobile terminal device |
CN101360031A (en) * | 2007-07-20 | 2009-02-04 | 美国博通公司 | Safe communication method and system |
CN102045167A (en) * | 2009-10-20 | 2011-05-04 | 英飞凌科技股份有限公司 | Systems and methods for asymmetric cryptographic accessory authentication |
CN201903896U (en) * | 2010-12-27 | 2011-07-20 | 北京握奇数据系统有限公司 | Read-write device and terminal employing same |
-
2011
- 2011-10-26 CN CN2011103296920A patent/CN102497465A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101147387A (en) * | 2005-04-19 | 2008-03-19 | 诺基亚公司 | Method, device and system for controlling application start in mobile terminal device |
CN1731460A (en) * | 2005-07-01 | 2006-02-08 | 潘铁军 | A mobile payment system based on distributed cipher key and encryption method |
CN101360031A (en) * | 2007-07-20 | 2009-02-04 | 美国博通公司 | Safe communication method and system |
CN102045167A (en) * | 2009-10-20 | 2011-05-04 | 英飞凌科技股份有限公司 | Systems and methods for asymmetric cryptographic accessory authentication |
CN201903896U (en) * | 2010-12-27 | 2011-07-20 | 北京握奇数据系统有限公司 | Read-write device and terminal employing same |
Cited By (44)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102769811A (en) * | 2012-08-08 | 2012-11-07 | 北京鑫泰亿联视讯科技有限公司 | Bluetooth headset integrating NFC (Near Field Communication) reading and writing functions |
CN103379486A (en) * | 2013-06-08 | 2013-10-30 | 山东量子科学技术研究院有限公司 | Plug and play type portable communication secrecy device and communication method thereof |
CN103379486B (en) * | 2013-06-08 | 2016-12-28 | 山东量子科学技术研究院有限公司 | A kind of instant inserted and instant using type portable call privacy device and communication means thereof |
CN103619015A (en) * | 2013-12-06 | 2014-03-05 | 孙江宁 | Method, device and system for using mobile terminal to carry out information verification |
CN104144049A (en) * | 2014-03-11 | 2014-11-12 | 腾讯科技(深圳)有限公司 | Encryption communication method, system and device |
CN104144049B (en) * | 2014-03-11 | 2016-02-17 | 腾讯科技(深圳)有限公司 | A kind of encryption communication method, system and device |
US10164949B2 (en) | 2014-03-11 | 2018-12-25 | Tencent Technology (Shenzhen) Company Limited | Method and system for encrypted communications |
US10412061B2 (en) | 2014-03-11 | 2019-09-10 | Tencent Technology (Shenzhen) Company Limited | Method and system for encrypted communications |
CN103974243A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing system of voice communication |
CN103997732A (en) * | 2014-05-16 | 2014-08-20 | 天地融科技股份有限公司 | Data processing system in voice communication |
CN103973696B (en) * | 2014-05-16 | 2017-09-19 | 天地融科技股份有限公司 | A kind of data processing method of voice call |
CN103987036A (en) * | 2014-05-16 | 2014-08-13 | 天地融科技股份有限公司 | Data processing system for voice communication |
CN103997732B (en) * | 2014-05-16 | 2017-09-19 | 天地融科技股份有限公司 | A kind of data handling system of voice call |
CN103987036B (en) * | 2014-05-16 | 2017-07-25 | 天地融科技股份有限公司 | A kind of data handling system of voice call |
CN103986579B (en) * | 2014-05-16 | 2017-07-21 | 天地融科技股份有限公司 | A kind of data handling system of voice call |
CN103986579A (en) * | 2014-05-16 | 2014-08-13 | 天地融科技股份有限公司 | Data processing system for voice communication |
CN103974243B (en) * | 2014-05-16 | 2017-11-10 | 天地融科技股份有限公司 | A kind of data handling system of voice call |
CN103974242A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
CN103974242B (en) * | 2014-05-16 | 2017-11-10 | 天地融科技股份有限公司 | A kind of data processing method of voice call |
CN103973696A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
CN110334498B (en) * | 2014-09-02 | 2023-08-29 | 苹果公司 | Method for unlocking one device by using the other device |
CN110334498A (en) * | 2014-09-02 | 2019-10-15 | 苹果公司 | The method for unlocking another equipment using an equipment |
US11329827B2 (en) | 2014-09-02 | 2022-05-10 | Apple Inc. | Method of using one device to unlock another device |
CN104202167B (en) * | 2014-09-18 | 2018-04-06 | 公安部第三研究所 | The system and method for authentication is realized based on external authentication module and personal identification number |
CN104202167A (en) * | 2014-09-18 | 2014-12-10 | 公安部第三研究所 | External authentication module and personal password based identity verification realization system and method |
CN104410968A (en) * | 2014-11-18 | 2015-03-11 | 王家城 | Portable universal integrated circuit card (UICC) subscriber terminal equipment and identity authentication system thereof |
CN104936051B (en) * | 2015-01-19 | 2018-09-28 | 天地融科技股份有限公司 | A kind of earphone, speaker and phone system |
CN104936051A (en) * | 2015-01-19 | 2015-09-23 | 天地融科技股份有限公司 | Earphone, sound box and conversation system |
CN104702411A (en) * | 2015-03-14 | 2015-06-10 | 丁贤根 | Token design method integrating mobile payment safety authentication and mobile phone loss alarm |
CN104702411B (en) * | 2015-03-14 | 2017-12-29 | 丁贤根 | Have the token design method of mobile payment security certification and mobile phone loss alarm concurrently |
CN104702412B (en) * | 2015-03-14 | 2018-02-02 | 丁贤根 | Mobile payment mobile telephone external AI security certification systems and its implementation |
CN104702412A (en) * | 2015-03-14 | 2015-06-10 | 丁贤根 | External AI (Artificial Intelligence) safety certificate system of mobile phone for mobile payment and realizing method thereof |
CN107667554A (en) * | 2015-06-05 | 2018-02-06 | 高通股份有限公司 | Decentralized configuration device entity |
CN105120452B (en) * | 2015-06-30 | 2018-11-23 | 北京小米支付技术有限公司 | Transmit the method, apparatus and system of information |
CN105120452A (en) * | 2015-06-30 | 2015-12-02 | 小米科技有限责任公司 | Information transmission method, device and system |
CN106330859B (en) * | 2015-07-02 | 2021-07-23 | Gn瑞声达A/S | Method of manufacturing a hearing device and hearing device with a certificate |
CN106330859A (en) * | 2015-07-02 | 2017-01-11 | Gn瑞声达A/S | Method of manufacturing a hearing device and hearing device with a certificate |
CN105245349A (en) * | 2015-11-17 | 2016-01-13 | 王家城 | User wearing equipment provided with embedded UICC card |
CN105741104A (en) * | 2016-01-25 | 2016-07-06 | 恒宝股份有限公司 | Offline transaction apparatus and method based on offline transaction apparatus |
CN105741104B (en) * | 2016-01-25 | 2020-12-22 | 恒宝股份有限公司 | Off-line transaction device and method based on same |
CN106557686A (en) * | 2016-10-31 | 2017-04-05 | 余必亚 | A kind of computer memory system of duplicate protection |
CN108875398A (en) * | 2018-09-06 | 2018-11-23 | 山西特信环宇信息技术有限公司 | Encrypting and deciphering system and its application method based on certificate chain technology |
CN110324335A (en) * | 2019-07-02 | 2019-10-11 | 成都信息工程大学 | A kind of automobile method for upgrading software and system based on electronics mobile certificate |
CN110324335B (en) * | 2019-07-02 | 2020-04-28 | 成都信息工程大学 | Automobile software upgrading method and system based on electronic mobile certificate |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102497465A (en) | High-secrecy mobile information safety system and safety method for distributed secret keys | |
US10592906B2 (en) | Electronic transaction system and a transaction terminal adapted for such a system | |
CN101729502B (en) | Method and system for distributing key | |
CN102792724B (en) | The protection of the communication channel between security module and NFC circuit | |
CN102932333A (en) | Safety equipment with mobile payment function, system and method | |
CN101377838A (en) | Data safety processing method | |
CN202004846U (en) | Cellphone shield capable of protecting mobile payment security | |
CN102792723B (en) | Be coupled to the protection of the security module in the telecommunication apparatus of NFC circuit | |
CN101467158A (en) | System and method for activating telephone-based payment instrument | |
CN101895513A (en) | Log-in authentication system for service website and implementation method | |
CN108012268A (en) | A kind of mobile phone terminal SIM card and the method for safe handling App, medium | |
CN108305068A (en) | A kind of recharge method and system of stored value card | |
CN103916844A (en) | Subscriber identity module card opening method and virtual subscriber identity module card server | |
KR20110090899A (en) | The system and method of contactless authorization of a payment | |
CN103426084A (en) | Electronic payment system and remote-based or near-field-based payment method | |
CN101316167A (en) | Registration and login method of safety authentication, system and mobile terminal | |
CN102411814A (en) | Identity authentication method, handheld ATM (automated teller machine) terminal and system | |
CN102136172A (en) | Card terminal and realization method thereof used by individuals or families | |
CN101790166A (en) | Digital signing method based on mobile phone intelligent card | |
CN102609740A (en) | Mobile smart card system with identity authentication function and security method of mobile smart card system | |
CN101770665A (en) | One-card system based on IC identification card | |
CN101916459A (en) | Safe electronic ticket method | |
Rossnagel | Mobile qualified electronic signatures and certification on demand | |
CN105225102A (en) | Method of mobile payment and the wearable mobile payment device for the method under line | |
CN101727704A (en) | Handheld equipment specially used for mobile bank terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C12 | Rejection of a patent application after its publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120613 |