CN102624709A - Divulgence prevention method based on Bluetooth for cloud architecture - Google Patents
Divulgence prevention method based on Bluetooth for cloud architecture Download PDFInfo
- Publication number
- CN102624709A CN102624709A CN2012100452391A CN201210045239A CN102624709A CN 102624709 A CN102624709 A CN 102624709A CN 2012100452391 A CN2012100452391 A CN 2012100452391A CN 201210045239 A CN201210045239 A CN 201210045239A CN 102624709 A CN102624709 A CN 102624709A
- Authority
- CN
- China
- Prior art keywords
- mobile phone
- bluetooth
- server
- cloud
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a divulgence prevention method based on Bluetooth for a cloud architecture. A user digital certificate is manufactured according to a serial number of a memory card of a mobile phone and stored in the memory card of the mobile phone and a cloud shared authentication database in an encrypted file manner; when the cloud shared file needs to be used, Bluetooth of the mobile phone is firstly connected with Bluetooth of a computer; after the matching succeeds, when a user visits a cloud server, the Bluetooth of the mobile phone and the Bluetooth of the computer can produce respective operation results; an operation result of the server is compared with a response result returned by the mobile phone; and if the operation result of the server is the same as the response result returned by the mobile phone, the user is regarded as a legal user and successfully logs in to be authenticated. The divulgence prevention method has the advantages that by encoding hardware of the mobile phone to manufacture the user certificate, the certificate has uniqueness; and then the certificate is stored in the memory card of the mobile phone in an encrypted file manner and cannot be cracked or copied, so that double authentications are simultaneously provided by the mobile phone and the server and the divulgence of information is prevented conveniently and rapidly.
Description
Technical field
The invention belongs to the computer information safety technique field, relate in particular to a kind of anti-method of divulging a secret that is used for the cloud framework based on bluetooth.
Background technology
Cloud computing is since being suggested, and develop rapidly has had some available cloud computing services at present.Cloud computing receives to praise highly widely, is that this has brought huge performance space to us because its minimized client capable of using realizes complicacy to be handled and the storage characteristics efficiently.If system for cloud computing is promoted in the information resources Sharing Management, can improve the ability that information resources are shared undoubtedly greatly.
As the technology of a novelty, cloud computing was once occupying the significantly space of a whole page of medium, yet easy to use except at present complimentary of cloud storage saved resource, outside the advantage such as reduce cost, and fail safe, the query of aspects such as stability is also extensively paid close attention to by people.Yet aspect security threat, a safe and reliable authentication mode has played decisive role.
Present stage, the login authentication means comprised following several modes:
User name+cipher mode; Simple, protect nonessential system, the password easy crack.The user name password can be forgotten about that various account password too much are prone to obscure.Because password is static data, the trojan horse program or the audiomonitor in the network that are easy to resided in the calculator memory are intercepted and captured.It is the identification authentication mode that is absolutely unsafe;
Dynamic password; Be usually used in each bank's Internet-based banking services.The authentication mode of dynamic password be exactly when each user logins except importing conventional static password, also to import a dynamic password that at every turn all can change again.Common one-time pad has solved the stolen problem of client password.At present main flow is used to generate the dynamic password terminal has three kinds of hardware tokens, note password, handset token.And the shortcoming of dynamic password can not be ignored, and particularly the developer keeps " back door " (taking place in this a lot of banking systems that are operated in the foreign country) for own probably, will become the hidden danger of whole system maximum.
USB key; Comparatively speaking, USB Key is safer, but USB Key is perfectly safe, and also has the possibility that is cracked.Because the user goes out carelessness, cause USB key to lose or uses after do not pull out, go out to handle official business and leave behind, the loss that causes also is the problem of people's headache.
Biological characteristic: the native textures such as fingerprint, iris, palmmprint, vocal print that utilize the people are as the authentication means of identification, and different people has different biological characteristics, therefore hardly maybe be by counterfeit.Therefore fail safe is the highest, reliable identity authentication mode, but various relevant recognition technology does not also have maturation, does not have the scale commercialization, and accuracy and stability have much room for improvement, and particularly when biological special disappearance, cannot utilize with regard to possibility.
Along with the development of science and technology mobile phone has become a kind of necessary tool of carrying in our the life and work amusement.
And the appearance of cell phone intelligent system, the function that makes mobile phone is from strength to strength.It has independently operating system as PC, can the supercomputing data.Along with the application of cell phone intelligent system more and more widely, how to make the cell phone intelligent system possess the problem that more utility functions become needs thinking.
Summary of the invention
The present invention provides a kind of anti-method of divulging a secret that is used for the cloud framework based on bluetooth; Utilize the mobile phone hardware numbering scheme to make user's certificate; Make certificate have uniqueness, be kept at encrypt file again and be not cracked in the mobile phone EMS memory card or duplicate, realize the fail safe of information preferably.
To achieve these goals, the present invention adopts following technical scheme:
A kind of anti-method of divulging a secret that is used for the cloud framework based on bluetooth, wherein, said method step comprises:
A1: make customer digital certificate according to mobile phone EMS memory card sequence number, and be saved in mobile phone EMS memory card and the shared authentication database of cloud with the form of encrypt file;
A2: when using the cloud shared file, earlier Bluetooth of mobile phone is connected with the computer bluetooth;
A3: after mating successfully, the user is when visit high in the clouds server, and Bluetooth of mobile phone can send a checking request and pass to cloud share service device through network, and server is received this request back and generated a random number and return to computer and through bluetooth and pass on the mobile phone;
A4: it is said that mobile phone uses this random number and is stored in key in the mobile phone and carries out the MD5 computing and obtain an operation result and give server as authentication proof; Meanwhile, server uses this random number and this client's key that is stored in the server database to carry out the MD5 computing;
A5: the response results that the operation result and the mobile phone of server are passed back is compared,, think that then this user is a validated user, this user's debarkation authentication success if identical.
Said cloud shared file exists with the ciphertext form in the process of circulation.
Said mobile phone and the distance of computer exceed the Bluetooth transmission scope then automatic disconnection be connected with server.
A kind of anti-method of divulging a secret that is used for the cloud framework provided by the invention based on bluetooth; Utilize the mobile phone hardware numbering scheme to make user's certificate; Make certificate have uniqueness; Be kept at encrypt file again and be not cracked in the mobile phone EMS memory card or duplicate, make mobile phone and server that double authentication is provided simultaneously, prevented divulging a secret of information quickly and easily.
Description of drawings
Fig. 1 is an operation principle sketch map provided by the invention;
Fig. 2 is a verification process sketch map provided by the invention.
Embodiment
Specify the present invention below in conjunction with accompanying drawing, it explains principle of the present invention as the part of this specification through embodiment, other aspects of the present invention, and characteristic and advantage thereof will become very clear through this detailed description.
Like Fig. 1, shown in 2, a kind of anti-method of divulging a secret that is used for the cloud framework based on bluetooth, wherein, said method step comprises:
A1: make customer digital certificate according to mobile phone EMS memory card sequence number, and be saved in mobile phone EMS memory card and the shared authentication database of cloud with the form of encrypt file;
A2: when using the cloud shared file, earlier Bluetooth of mobile phone is connected with the computer bluetooth;
A3: after mating successfully, the user is when visit high in the clouds server, and Bluetooth of mobile phone can send a checking request and pass to cloud share service device through network, and server is received this request back and generated a random number and return to computer and through bluetooth and pass on the mobile phone;
A4: it is said that mobile phone uses this random number and is stored in key in the mobile phone and carries out the MD5 computing and obtain an operation result and give server as authentication proof; Meanwhile, server uses this random number and this client's key that is stored in the server database to carry out the MD5 computing;
A5: the response results that the operation result and the mobile phone of server are passed back is compared,, think that then this user is a validated user, this user's debarkation authentication success if identical.
Said cloud shared file exists with the ciphertext form in the process of circulation.
Said mobile phone and the distance of computer exceed the Bluetooth transmission scope then automatic disconnection be connected with server.
Verification process: mobile phone sends user certificate and passes to server through network, and Cloud Server is obtained the sequence number that the user is transmitted, if sequence number errors then the computer refusal provides service page; If sequence number is correct; Then Cloud Server from database, obtain user profile carry out MD5 calculate summary simultaneously Cloud Server send checking to computer; Computer will be passed to mobile phone through bluetooth, rely on cell phone system to carry out MD5 again and calculate summary and give server through network-feedback, and Cloud Server obtains result and mobile phone with server operation and uploads result's check correctness of making a summary of comparing; If correct, service is provided then; If mistake, then refusal provides service page.
A kind of anti-method of divulging a secret that is used for the cloud framework provided by the invention based on bluetooth; Utilize the mobile phone hardware numbering scheme to make user's certificate; Make certificate have uniqueness; Be kept at encrypt file again and be not cracked in the mobile phone EMS memory card or duplicate, make mobile phone and server that double authentication is provided simultaneously, prevented divulging a secret of information quickly and easily.
The above disclosed the preferred embodiments of the present invention that are merely can not limit the present invention's interest field certainly with this, so according to the equivalent variations that claim of the present invention is done, still belong to the scope that the present invention is contained.
Claims (3)
1. anti-method of divulging a secret that is used for the cloud framework based on bluetooth is characterized in that said method step comprises:
A1: make customer digital certificate according to mobile phone EMS memory card sequence number, and be saved in mobile phone EMS memory card and the shared authentication database of cloud with the form of encrypt file;
A2: when using the cloud shared file, earlier Bluetooth of mobile phone is connected with the computer bluetooth;
A3: after mating successfully, the user is when visit high in the clouds server, and Bluetooth of mobile phone can send a checking request and pass to cloud share service device through network, and server is received this request back and generated a random number and return to computer and through bluetooth and pass on the mobile phone;
A4: it is said that mobile phone uses this random number and is stored in key in the mobile phone and carries out the MD5 computing and obtain an operation result and give server as authentication proof; Meanwhile, server uses this random number and this client's key that is stored in the server database to carry out the MD5 computing;
A5: the response results that the operation result and the mobile phone of server are passed back is compared,, think that then this user is a validated user, this user's debarkation authentication success if identical.
2. the anti-method of divulging a secret that is used for the cloud framework based on bluetooth as claimed in claim 1 is characterized in that said cloud shared file exists with the ciphertext form in the process of circulation.
3. the anti-method of divulging a secret that is used for the cloud framework based on bluetooth as claimed in claim 1 is characterized in that, said mobile phone and the distance of computer exceed the Bluetooth transmission scope then automatic disconnection be connected with server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012100452391A CN102624709A (en) | 2012-02-27 | 2012-02-27 | Divulgence prevention method based on Bluetooth for cloud architecture |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012100452391A CN102624709A (en) | 2012-02-27 | 2012-02-27 | Divulgence prevention method based on Bluetooth for cloud architecture |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102624709A true CN102624709A (en) | 2012-08-01 |
Family
ID=46564394
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012100452391A Pending CN102624709A (en) | 2012-02-27 | 2012-02-27 | Divulgence prevention method based on Bluetooth for cloud architecture |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102624709A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103945373A (en) * | 2014-04-25 | 2014-07-23 | 上海大众汽车有限公司 | Safety encryption scheme for Bluetooth transmission data |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1811813A (en) * | 2006-03-02 | 2006-08-02 | 韩林 | Two-factor dynamic cipher verification method and system |
| CN101064535A (en) * | 2007-04-12 | 2007-10-31 | 复旦大学 | Intelligent authentication method and system based on close range wireless communication handset |
| CN101739622A (en) * | 2008-11-06 | 2010-06-16 | 同方股份有限公司 | Trusted payment computer system |
| CN102195932A (en) * | 2010-03-05 | 2011-09-21 | 北京路模思科技有限公司 | Method and system for realizing network identity authentication based on two pieces of isolation equipment |
| WO2011150346A2 (en) * | 2010-05-28 | 2011-12-01 | Laurich Lawrence A | Accelerator system for use with secure data storage |
-
2012
- 2012-02-27 CN CN2012100452391A patent/CN102624709A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1811813A (en) * | 2006-03-02 | 2006-08-02 | 韩林 | Two-factor dynamic cipher verification method and system |
| CN101064535A (en) * | 2007-04-12 | 2007-10-31 | 复旦大学 | Intelligent authentication method and system based on close range wireless communication handset |
| CN101739622A (en) * | 2008-11-06 | 2010-06-16 | 同方股份有限公司 | Trusted payment computer system |
| CN102195932A (en) * | 2010-03-05 | 2011-09-21 | 北京路模思科技有限公司 | Method and system for realizing network identity authentication based on two pieces of isolation equipment |
| WO2011150346A2 (en) * | 2010-05-28 | 2011-12-01 | Laurich Lawrence A | Accelerator system for use with secure data storage |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103945373A (en) * | 2014-04-25 | 2014-07-23 | 上海大众汽车有限公司 | Safety encryption scheme for Bluetooth transmission data |
| CN103945373B (en) * | 2014-04-25 | 2018-05-01 | 上汽大众汽车有限公司 | The safe encryption method of bluetooth data transmission |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11647023B2 (en) | Out-of-band authentication to access web-service with indication of physical access to client device | |
| US20220058655A1 (en) | Authentication system | |
| US11784791B2 (en) | Verifying an identity based on multiple distributed data sources using a blockchain to safeguard the identity | |
| JP3222165U (en) | System to realize universal distributed solution for user authentication by mutual authentication configuration | |
| RU2747947C2 (en) | Systems and methods of personal identification and verification | |
| US10237064B2 (en) | Using everyday objects as cryptographic keys | |
| US11003760B2 (en) | User account recovery techniques using secret sharing scheme with trusted referee | |
| CN101051908B (en) | Dynamic cipher certifying system and method | |
| US9648015B1 (en) | Systems and methods for facilitating secure authentication using a biometric-enabled transitory password authentication device | |
| RU2621625C2 (en) | Method of public identifier generating for authentication of individual, identification object holder | |
| WO2013138714A1 (en) | Authentication system | |
| CN105868970B (en) | authentication method and electronic equipment | |
| CN113221128B (en) | Account and password storage method and registration management system | |
| US9906525B1 (en) | Systems and methods for facilitating secure authentication of third-party applications and/or websites using a biometric-enabled transitory password authentication device | |
| JP2015521766A5 (en) | ||
| EP2992472A1 (en) | User authentication | |
| CN103853950A (en) | Authentication method based on mobile terminal and mobile terminal | |
| CN103024706A (en) | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication | |
| AU2020329197A1 (en) | Systems and methods for use in provisioning tokens associated with digital identities | |
| Singhal et al. | Software tokens based two factor authentication scheme | |
| EP3915221B1 (en) | Offline interception-free interaction with a cryptocurrency network using a network-disabled device | |
| CN103929310A (en) | Mobile phone client side password unified authentication method and system | |
| CN103854177A (en) | Safe E-bank implementation method | |
| CN102624709A (en) | Divulgence prevention method based on Bluetooth for cloud architecture | |
| CN107330315B (en) | Personal data security terminal and sharing method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20120801 |