CN101739623A - Trusted payment computer system - Google Patents
Trusted payment computer system Download PDFInfo
- Publication number
- CN101739623A CN101739623A CN200810225574A CN200810225574A CN101739623A CN 101739623 A CN101739623 A CN 101739623A CN 200810225574 A CN200810225574 A CN 200810225574A CN 200810225574 A CN200810225574 A CN 200810225574A CN 101739623 A CN101739623 A CN 101739623A
- Authority
- CN
- China
- Prior art keywords
- trusted
- card reading
- tpm
- usb
- computer system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
A trusted payment computer system relates to the technical field of information security. The system comprises input equipment, a trusted computer mainframe, output equipment and trusted card reading equipment, wherein the input equipment, the trusted computer mainframe and the output equipment are connected in sequence; and the trusted card reading equipment is connected with the trusted computer mainframe by a USB-HID interface. The input equipment includes a keyboard and a mouse and the output equipment is a display. The system is characterized in that TPM chips are embedded in the trusted computer mainframe to serve as the root of trust for measurement, the root of trust for reporting and the root of trust for storage. A system of trust for measurement inside the trusted computer mainframe completes the following step-by-step measurement: measurement of integrity carried out on trusted BIOS by TPM, measurement of integrity carried out on MBR by trusted BIOS, measurement of integrity carried out on OS Kernel by MBR and measurement of integrity carried out on a PE file by a trusted monitoring program. A software system installed on the trusted computer mainframe contains a TPM management program, a trusted card reading equipment management program and a payment transaction management program. The system is convenient and easy to use and can reliably ensure the security of the whole trusted payment transaction.
Description
Technical field
The present invention relates to field of information security technology, particularly trusted payment computer system.
Background technology
Along with paying the flourish of industry by mails, in order to ensure the security of paying by mails, a lot of safety practices has been applied in each payment link.It is the simplest that account adds the password mode, also is the minimum mode of security.Modes such as phishing, fake site, swindle note are easy to make user's account and password to be defrauded of.The keyboard sniffer can be stolen user's the user name and password by recording user keystroke incident.In order to prevent above-mentioned attack, be born secure browser control and soft keyboard technology, but constantly the rootkit attack technology of development still can break up this defensive measure.Digital certificate technique is the highest a kind of identity identifying technology of present security, but the secret storage problem of asymmetric public and private key also is not well solved in the digital certificate system.
The reliable computing technology of prior art adopts " white list " mode, has only the software of being trusted to move in client computer, can guarantee the credibility of computing environment in this way.In electronic payment process, need input user's number of the account and password usually.Because the number of the account of input and password are expressly to occur, to be very easy to suffer security attack in the payment terminal computing machine.And, because the user regularly will import very long numeric string, to make mistakes easily, this makes the ease for use of the service of E-Payment by mails reduce, inconvenient user uses.
Summary of the invention
In order to solve above-mentioned problems of the prior art, the purpose of this invention is to provide a kind of trusted payment computer system.It is convenient easy-to-use, can reliably guarantee the security of whole trusted payment transaction.
In order to reach the foregoing invention purpose, technical scheme of the present invention realizes as follows:
A kind of trusted payment computer system, it comprises input equipment, Trusted Computing machine host, the output device that links to each other successively and passes through USB-HID interface and the interconnective trusted card reading equipment of Trusted Computing machine host.Described input equipment is keyboard and mouse, and output device is a display.Its design feature is that described Trusted Computing machine host is embedded in the TPM chip as credible tolerance root, credible report root and trusted storage root.---credible BIOS---MBR---OS Kernel and the credible watchdog routine---integrality of PE file that the credible gauging system of Trusted Computing machine host inside is measured TPM step by step.Comprise TPM supervisory routine, trusted card reading device manager and payment transaction supervisory routine on the Trusted Computing machine host in the installed software system.
In above-mentioned trusted payment computer system, described trusted card reading equipment link to each other with the Trusted Computing machine host with the USB-HID protocol mode with independent USB device or with link to each other with the Trusted Computing machine host with the USB-HID protocol mode after the PC keyboard is integrated the parallel USB-HUB of access.
In above-mentioned trusted payment computer system, described TPM supervisory routine realizes the function of TPM initialization, the modification of Owner password, backup and recovery, the identify label of trusted computer host platform, crypto-operation and key management.
In above-mentioned trusted payment computer system, whole electric payment transaction process is in charge of and is coordinated to described payment transaction supervisory routine.
In above-mentioned trusted payment computer system, described trusted card reading equipment comprises assembly:
Processor is responsible for the arithmetic sum logical operation, for the operation of software in the trusted card reading equipment provides the computing support;
Storage unit is responsible for stored programme Firmware and data, and program Firmware is responsible for realizing software function;
The storage administration protected location is realized allocation of space and access control to storage unit;
Randomizer generates the true random number meet national Password Management office standard;
The RSA engine is realized the RSA public key algorithm, and RSA Algorithm meets international RSA Algorithm standard;
The bank card card reader reads bank card magnetic track information;
Keypad is for the user provides input interface to trusted card reading equipment input digit;
Liquid crystal display provides information with the character way of output to the user;
Voice cue module provides information in the voice output mode to the user;
The USB controller, the organization internal data offer external unit in the usb signal mode, and the usb signal of outside input is converted into the manageable signal of trusted card reading device interior;
Intercom mutually by bus between each assembly of trusted card reading equipment.
In above-mentioned trusted payment computer system, the instruction set of described processor adopting standard 8051 nuclears or compatibility 8051.
In above-mentioned trusted payment computer system, the data of storing in the described storage unit are the data of ephemeral data or permanent storage, and program in the storage unit and data are all stored with cipher mode.
The present invention is owing to adopted said structure, and by using trusted card reading equipment, the user can replace manual input number of the account with the operation of swiping the card, and ease for use strengthens.Bank card account number of inputing from trusted card reading equipment and password enter the Trusted Computing machine host in the mode of ciphertext and are forwarded to remote server end in the electronic fare payment system, make that the Malware in the main frame can't obtain user's the bank card account number and the cleartext information of password.Simultaneously, by authentication mutually, can prevent Malware and user forgery or distort trusted card reading equipment between trusted card reading equipment and the Trusted Computing machine host, further guarantee the security of whole trusted payment computer system.The present invention can prevent that simple energy from analyzing SPA (Simple Power Analysis) and differential power is analyzed DPA (Differential Power Analysis) attack.
The invention will be further described below in conjunction with the drawings and specific embodiments.
Description of drawings
Fig. 1 is the trusted payment computer system structural representation that trusted card reading equipment of the present invention directly links to each other with the reliable PC main frame;
Fig. 2 is the trusted payment computer system structural representation that the PC keyboard of the integrated trusted card reading equipment of the present invention links to each other with the reliable PC main frame;
Fig. 3 is the fundamental diagram of the credible gauging system of the present invention;
Fig. 4 is the structural representation of trusted card reading equipment of the present invention;
Fig. 5 is an application mode process flow diagram of the present invention.
Embodiment
Referring to Fig. 1 to Fig. 4, the present invention includes input equipment, Trusted Computing machine host, the output device that links to each other successively and pass through USB-HID interface and the interconnective trusted card reading equipment of Trusted Computing machine host.Input equipment is keyboard and mouse, and output device is a display.Trusted card reading equipment link to each other with the Trusted Computing machine host with the USB-HID protocol mode with independent USB device or with link to each other with the Trusted Computing machine host with the USB-HID protocol mode after the PC keyboard is integrated the parallel USB-HUB of access.---credible BIOS---MBR---OS Kernel and the credible watchdog routine---integrality of PE file that the Trusted Computing machine host is embedded in the TPM chip as credible tolerance root, credible report root and trusted storage root, and the credible gauging system of Trusted Computing machine host inside is measured TPM step by step.Comprise TCM supervisory routine, trusted card reading device manager and payment transaction supervisory routine on the Trusted Computing machine host in the installed software system.
The TPM supervisory routine mainly realizes functions such as TPM initialization, the modification of Owner password, backup and recovery, the identify label of trusted computer host platform, crypto-operation and key management.For trusted computer host platform identify label function, mainly finish by following operation.
(1) a pair of RSA public private key pair of the inner generation of TPM; wherein the RSA private key places the TPM chip internal to carry out encipherment protection; the RSA PKI is transferred to trusted third party's signature platform identity digital certificate, and this platform identity digital certificate externally characterizes the uniqueness of this trusted computer host platform.
(2) platform identity digital certificate importing TPM chip internal carries out encipherment protection, has only TPM Owner that access rights are just arranged.
(3) in electronic transaction process, carry out digital signature by the data that main frame outwards transmits by TPM, other transaction entity can be by verifying that this signature letter office receives packet and whether sent by this main frame.
Because RSA private key, platform identity digital certificate, digital signature procedure etc. are all finished at the TPM chip internal; and the TPM standard provides perfect memory protection and access control mechanisms, makes Malware can't pseudo-produce a new host computer system identical with this machine with the user.Thereby solved the identity uniqueness problem of trusted computer host computer system in electronic transaction process, established solid foundation smoothly for electronic transaction.
In actual application, a trusted computer host platform can characterize the identity of self by a plurality of platform letters of identity via trusted third party's signature, and these platform identity digital certificates all can externally characterize the uniqueness of trusted computer host platform.
Whole electric payment transaction process is in charge of and is coordinated to the payment transaction supervisory routine, finishes following major function:
(1) coordination and management TPM supervisory routine are to the digital certificate request service of national CA (CertificateAuthority) mechanism, and the signature algorithm in the digital certificate adopts RSA Algorithm and the SHA-1 algorithm that meets the TPM standard.
(2) coordination and management trusted card reading device manager are to the digital certificate request service of third party CA mechanism, and the signature algorithm in the digital certificate adopts RSA Algorithm and the SHA-1 algorithm that meets the TPM standard.
(3) scheduling TpM supervisory routine and trusted card reading device manager in the digital certificate mode, are realized the two-way authentication of Trusted Computing machine host and trusted card reading equipment, and to the user feedback authentication result.
(4) be responsible for setting up SSL (Secure Sockets Layer) secure communication channel at trusted payment computer system and online electronic fare payment system remote server end, in SSL, asymmetric arithmetic adopts the RSA Algorithm that meets the TPM standard, and symmetry algorithm adopts DES or the 3DES algorithm that meets international standard.
(5) link of certain in electronic payment process, notice trusted card reading device manager is finished user card punching, the user inputs operations such as password, reception is from the data message that card number and password are encrypted and signed of trusted card reading device manager input, and is transmitted to the TPM supervisory routine through this data message and other Transaction Information.
(6) TPM carries out digital signature to above-mentioned message and other Transaction Information, and the data delivery after will signing is given the payment transaction supervisory routine.
(7) the payment transaction supervisory routine is given online electronic fare payment system remote server end with above-mentioned data by the SSL channel transfer of having set up.
The operation of whole credible gauging system comprises following content:
(1) computer starting or when resetting, the self check of TPM chip.If self check is not passed through, the system closure operation.Self check is passed through, and changes step (2) over to.
(2) TPM measures the complete line of credible BIOS, and the metric that is kept among the PCR when metric and last system normally moved compares, if comparison result is inconsistent, then points out the user, whether continues operation by user's decision.If comparison result is both unanimities, then change step (3) over to.If system carries out initialization for the first time, then metric is write PCR.
(3) credible BIOS measures the integrality of MBR, and the metric that is kept among the PCR when metric and last system normally moved compares, if comparison result is inconsistent, then points out the user, whether continues operation by user's decision.If comparison result is both unanimities, system continues guiding, and control is committed to Trusted GRUB.If system carries out initialization for the first time, then metric is write PCR.
(4) Trusted GRUB measures the integrality of OS Kernel, and the metric that is kept among the PCR when metric and last system normally moved compares, if comparison result is inconsistent, then points out the user, whether continues operation by user's decision.Simultaneously, TrustedGRUB also carries out integrity measurement to credible watchdog routine and attached file digest values database thereof, and the metric that is kept among the PCR when metric and last system normally moved is compared, if comparison result is inconsistent, then point out the user, whether continue operation by user's decision.If above-mentioned two tolerance are all passed through, system's control is committed to OS Kernel.If system carries out initialization for the first time, then two metrics are write PCR.
(5) after OS Kernel startup was finished, system was ready, and this moment, various application programs can bring into operation.Before every program run, credible watchdog routine is carried out integrity measurement to the PE file of this program, and the corresponding list item in metric and the file digest values database is compared.If comparison result is consistent, then this application program launching operation.If comparison result is inconsistent, then point out the user, whether continue to move this program by user's decision.If program is moved for the first time, feasible watchdog routine carries out writing the file digest values database behind the integrity measurement to the PE file of this program.
(6) TPM supervisory routine, trusted card reading device manager and payment transaction supervisory routine etc. are monitored in real time by credible watchdog routine.In case these several programs are suffered illegally to distort, credible watchdog routine can be reported to the police immediately, and the prompting user carries out corresponding operating, to guarantee the safety of whole payment transaction process.
Trusted card reading equipment of the present invention comprises assembly:
Processor, processor adopting standard 8051 nuclear or compatible 8051 instruction set are responsible for the arithmetic sum logical operation, for the operation of software in the trusted card reading equipment provides the computing support;
Storage unit is responsible for stored programme Firmware and data, and program Firmware is responsible for realizing software function; The data of storing in the storage unit are the data of ephemeral data or permanent storage, and program in the storage unit and data are all stored with cipher mode;
The storage administration protected location is realized allocation of space and access control to storage unit;
Randomizer generates the true random number meet national Password Management office standard;
The RSA engine is realized the RSA public key algorithm, and RSA Algorithm meets international RSA Algorithm standard;
The bank card card reader reads bank card magnetic track information;
Keypad is for the user provides input interface to trusted card reading equipment input digit;
Liquid crystal display provides information with the character way of output to the user;
Voice cue module provides information in the voice output mode to the user;
The USB controller, the organization internal data offer external unit in the usb signal mode, and the usb signal of outside input is converted into the manageable signal of trusted card reading device interior;
Intercom mutually by bus between each assembly of trusted card reading equipment.
Referring to Fig. 5, trusted card reading equipment matches with the trusted card reading device manager, and its application process step is:
(1) during the trusted card reading device initialize, inner to generate RSA key right, and the private key of this cipher key pair is stored in storage unit and is subjected to safeguard protection, and PKI exports trusted third party to by the payment transaction supervisory routine.
(2) trusted third party makes digital certificate according to other relevant information of the PKI that generates in (1) and this trusted card reading equipment (as the unique hardware sequence number of trusted card reading equipment etc.), and the digital certificate of making is fed back to trusted card reading equipment by the payment transaction supervisory routine.
(3) trusted card reading equipment imports the digital certificate that trusted third party issues, and is stored in storage unit.This digital certificate is used for the identity to outside sign oneself.
(4) trusted card reading equipment in use, can import the digital certificate that external entity (as Trusted Computing machine host, online electronic fare payment system server end) is used for characterizing self identity, the validity of this digital certificate can be verified, and the PKI of main body can be from this digital certificate, extracted.
When (5) user swipes the card operation, the magnetic track information of bank card is acquired, this magnetic track information uses the PKI in the digital certificate that characterizes third party transaction entity (inserting front server etc. as online electronic fare payment system server end, China Unionpay's payment) identity to carry out rsa encryption, and carry out the RSA signature with the private key of trusted card reading equipment, the information after signature is finished is transported to the Trusted Computing machine host.
When (6) user is by keypad input bank card password, liquid crystal display shows " * " number, trusted card reading equipment reads password, this password uses the PKI in the digital certificate that characterizes third party transaction entity (inserting front server etc. as online electronic fare payment system server end, China Unionpay's payment) identity to carry out rsa encryption, and carry out the RSA signature with the private key of trusted card reading equipment, the information after signature is finished is transported to the Trusted Computing machine host.
(7) the reliable PC main frame will be submitted to Unionpay's server by the secure network passage through the bank card account number and the encrypted message of trusted card reading devices encrypt and signature, Unionpay's server use self ECC private key is decrypted above information, obtains user's bank card account number and password;
(8) Unionpay's server then to user account carry out inquiry into balance, operation such as withhold, and operating result fed back to the reliable PC main frame;
(9) if withholing to wait operates successfully, reliable PC to trusted card reading equipment, and shows end operation with information feedback such as deducted amounts on liquid crystal display.
Claims (7)
1. trusted payment computer system, it comprises the input equipment that links to each other successively, the Trusted Computing machine host, output device and by USB-HID interface and the interconnective trusted card reading equipment of Trusted Computing machine host, described input equipment is keyboard and mouse, output device is a display, it is characterized in that, described Trusted Computing machine host is embedded in the TPM chip as credible tolerance root, credible report root and trusted storage root, the credible gauging system of Trusted Computing machine host inside is measured TPM step by step, and------MBR---OS Kernel and the credible watchdog routine---integrality of PE file comprises the TPM supervisory routine to credible BIOS in the installed software system on the Trusted Computing machine host, trusted card reading device manager and payment transaction supervisory routine.
2. trusted payment computer system according to claim 1, it is characterized in that, described trusted card reading equipment link to each other with the Trusted Computing machine host with the USB-HID protocol mode with independent USB device or with link to each other with the Trusted Computing machine host with the USB-HID protocol mode after the PC keyboard is integrated the parallel USB-HUB of access.
3. trusted payment computer system according to claim 1 and 2, it is characterized in that described TPM supervisory routine realizes the function of TPM initialization, the modification of Owner password, backup and recovery, the identify label of trusted computer host platform, crypto-operation and key management.
4. trusted payment computer system according to claim 3 is characterized in that, whole electric payment transaction process is in charge of and is coordinated to described payment transaction supervisory routine.
5. trusted payment computer system according to claim 4 is characterized in that, described trusted card reading equipment comprises assembly:
Processor is responsible for the arithmetic sum logical operation, for the operation of software in the trusted card reading equipment provides the computing support;
Storage unit is responsible for stored programme Firmware and data, and program Firmware is responsible for realizing software function;
The storage administration protected location is realized allocation of space and access control to storage unit;
Randomizer generates the true random number meet national Password Management office standard;
The RSA engine is realized the RSA public key algorithm, and RSA Algorithm meets international RSA Algorithm standard;
The bank card card reader reads bank card magnetic track information;
Keypad is for the user provides input interface to trusted card reading equipment input digit;
Liquid crystal display provides information with the character way of output to the user;
Voice cue module provides information in the voice output mode to the user;
The USB controller, the organization internal data offer external unit in the usb signal mode, and the usb signal of outside input is converted into the manageable signal of trusted card reading device interior;
Intercom mutually by bus between each assembly of trusted card reading equipment.
6. trusted payment computer system according to claim 5 is characterized in that, the instruction set of described processor adopting standard 8051 nuclears or compatibility 8051.
7. trusted payment computer system according to claim 6 is characterized in that the data of storing in the described storage unit are the data of ephemeral data or permanent storage, and program in the storage unit and data are all stored with cipher mode.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810225574A CN101739623A (en) | 2008-11-06 | 2008-11-06 | Trusted payment computer system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810225574A CN101739623A (en) | 2008-11-06 | 2008-11-06 | Trusted payment computer system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101739623A true CN101739623A (en) | 2010-06-16 |
Family
ID=42463080
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810225574A Pending CN101739623A (en) | 2008-11-06 | 2008-11-06 | Trusted payment computer system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101739623A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103092364A (en) * | 2011-10-28 | 2013-05-08 | 国民技术股份有限公司 | Multifunctional mouse |
| CN106533692A (en) * | 2016-11-01 | 2017-03-22 | 济南浪潮高新科技投资发展有限公司 | Digital certificate application method based on TPM |
| CN110046489A (en) * | 2019-04-10 | 2019-07-23 | 山东超越数控电子股份有限公司 | A kind of credible access verifying system based on domestic Loongson processor, computer and readable storage medium storing program for executing |
-
2008
- 2008-11-06 CN CN200810225574A patent/CN101739623A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103092364A (en) * | 2011-10-28 | 2013-05-08 | 国民技术股份有限公司 | Multifunctional mouse |
| CN106533692A (en) * | 2016-11-01 | 2017-03-22 | 济南浪潮高新科技投资发展有限公司 | Digital certificate application method based on TPM |
| CN110046489A (en) * | 2019-04-10 | 2019-07-23 | 山东超越数控电子股份有限公司 | A kind of credible access verifying system based on domestic Loongson processor, computer and readable storage medium storing program for executing |
| CN110046489B (en) * | 2019-04-10 | 2023-02-24 | 超越科技股份有限公司 | Trusted access verification system based on domestic Loongson processor, computer and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10491379B2 (en) | System, device, and method of secure entry and handling of passwords | |
| CN101739622A (en) | Trusted payment computer system | |
| CN110677418B (en) | Trusted voiceprint authentication method and device, electronic equipment and storage medium | |
| Dai et al. | SBLWT: A secure blockchain lightweight wallet based on trustzone | |
| WO2020073513A1 (en) | Blockchain-based user authentication method and terminal device | |
| CN100583768C (en) | Safety requirement based remote proving method and system thereof | |
| US7934096B2 (en) | Integrity protected smart card transaction | |
| CN101739624A (en) | Trusted payment network system | |
| CN105718807B (en) | Android system and its authentic authentication system based on soft TCM and credible software stack and method | |
| WO2017143757A1 (en) | Trustworthiness measuring method and device for cloud computing platform | |
| JP2015154491A (en) | System and method for remote access and remote digital signature | |
| CN101527024A (en) | Safe web bank system and realization method thereof | |
| CN109889495B (en) | Quantum computation resistant electronic seal method and system based on multiple asymmetric key pools | |
| CN107133512A (en) | POS terminal control method and device | |
| CN102024115B (en) | Computer with user security subsystem | |
| Gallery et al. | Trusted computing: Security and applications | |
| CN107548542B (en) | User authentication method with enhanced integrity and security | |
| CN114760070A (en) | Digital certificate issuing method, digital certificate issuing center and readable storage medium | |
| CN103051618A (en) | Terminal authentication equipment and network authentication method | |
| CN101739623A (en) | Trusted payment computer system | |
| CN201327659Y (en) | Credible card reading device | |
| CN101547098B (en) | Method and system for security certification of public network data transmission | |
| Nauman et al. | Token: Trustable keystroke-based authentication for web-based applications on smartphones | |
| CN201378346Y (en) | Credible payment computer device | |
| CN102708491A (en) | Trusted computing based novel USB (universal serial bus) Key device and safety transaction method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20100616 |