CN103632078B - Hard certificates constructing method and system, certificate storage device - Google Patents

Hard certificates constructing method and system, certificate storage device Download PDF

Info

Publication number
CN103632078B
CN103632078B CN201310642415.4A CN201310642415A CN103632078B CN 103632078 B CN103632078 B CN 103632078B CN 201310642415 A CN201310642415 A CN 201310642415A CN 103632078 B CN103632078 B CN 103632078B
Authority
CN
China
Prior art keywords
certificate
user
hard
soft
subscriber data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310642415.4A
Other languages
Chinese (zh)
Other versions
CN103632078A (en
Inventor
廖卫民
张永强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Age Of Security Polytron Technologies Inc
Original Assignee
Age Of Security Polytron Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Age Of Security Polytron Technologies Inc filed Critical Age Of Security Polytron Technologies Inc
Priority to CN201310642415.4A priority Critical patent/CN103632078B/en
Publication of CN103632078A publication Critical patent/CN103632078A/en
Application granted granted Critical
Publication of CN103632078B publication Critical patent/CN103632078B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention provides a kind of hard certificates constructing method, including:The soft certificate that the CA systems prestored in the certificate storage device for reading access are signed and issued;Certificate request information is sent, the certificate request information includes the subscriber data of the soft certificate and user's input;Receive the digital certificate of CA systems return and be implanted into the certificate storage device, obtain hard certificate;Wherein, the digital certificate is the subscriber data that the CA systems are checked the subscriber data of user input and prestored, and after the authentication for passing through user according to soft certificate, the digital certificate signed and issued according to the subscriber data.The present invention also provides corresponding hard certificates constructing system, and a kind of certificate storage device, can improve certificate issued speed, security risk is low.

Description

Hard certificates constructing method and system, certificate storage device
Technical field
The present invention relates to digital certificate technique field, more particularly to a kind of hard certificates constructing method, a kind of hard certificate life Into system, and a kind of certificate storage device.
Background technology
At present, according to the difference of storage medium, digital certificate store mode is broadly divided into two kinds, a kind of with e-file Form is stored, referred to as soft certificate(Document certificate), without digital certificate medium, can be operated, only be needed on any computer Download to import and can be used;Another is that certificate is stored in hardware security medium, and private key cannot be exported, and is referred to as hard Certificate(Medium certificate).Because the level of security of hardware certificate is higher than the level of security of soft certificate, therefore, domestic many safety will Higher application system is asked to require that user uses hard certificate.With being widely popularized that hard certificate is used, CA(Certificate Authority, certificate Shou Zheng center)The efficiency of the hard certificate of mechanism granting also has higher requirement.
Currently, mainly there are two kinds of modes for providing hard certificate, one kind is " do and issue " mode;Another is " in advance Issue in advance " pattern.
The processing mode of " do and issue " pattern is:Application materials are submitted on user to CA a foreground that accepts, and are accepted a little Foreground personnel inspection subscriber data, is then audited, and subscriber data is sent to CA after passing through and signed and issued by examination & verification, and certificate information is provided with user Expect close relation, finally certificate is downloaded in hardware device.The defect of which mainly has:
Issue speed slow, input cost is high;Except encryption key is in addition to KMC produces in advance, all operations Interim execution, particularly data typing, medium-initializing, signature key generation etc. be all it is interim produce, have a strong impact on Issue speed;In order to ensure service quality, or being exactly that increase is accepted a little, or being exactly to increase admissibility staff, this is in very great Cheng Cost is added on degree.
The efficiency for accepting a foreground is low;When accepting, operator needs print pin envelope, printing acceptance form, charge etc., Foreground efficiency is at a fairly low.When foreground transacting business amount is big, often occur that user is deposited in foreground, have impact on Service Quality Amount, in some instances it may even be possible to complaint can be caused.
Existing many CA mechanisms release remote download certificate, but this downloading process at present, otherwise it is to be controlled using grant number Authority processed, otherwise it is exactly that, by short message mode authorized access code mode, such a mode security performance is low.
The processing mode of " issue in advance in advance " pattern is:CA shifts to an earlier date issues a collection of hard certificate in advance(Anonymous information), certificate letter Breath is unrelated with subscriber data, user to when accepting foreground and applying for certificate, foreground personnel just the hard certificate issued issued in advance to User.Which does not include user profile due to certificate, it is impossible to the effective information of user is directly excavated from certificate, is application system Make troubles;For application, anonymity will have unpredictable security risk.
The content of the invention
Based on this, the present invention provides a kind of hard certificates constructing method and system, and a kind of certificate storage device, can improve Hard certificate issued speed, security risk is low.
A kind of hard certificates constructing method, comprises the following steps:
The soft certificate that the CA systems prestored in the certificate storage device for reading access are signed and issued;
Certificate request information is sent, the certificate request information includes user's money of the soft certificate and user's input Material;
Receive the digital certificate of CA systems return and be implanted into the certificate storage device, obtain hard certificate;Wherein, the number Word certificate is the subscriber data that the CA systems are checked the subscriber data of user's input and prestored, and is passed through according to soft certificate After the authentication of user, the digital certificate signed and issued according to the subscriber data.
A kind of hard certificates constructing method, comprises the following steps:
The certificate request information of user terminal is received, it is soft that the certificate request information includes prestoring in certificate storage device Certificate and the subscriber data of user's input;
The subscriber data checked the subscriber data of user's input and prestored, and according to the soft certificate to the user Carry out authentication;
If the user is by authentication, digital certificate is signed and issued according to the subscriber data and the user is returned to End, hard certificate is generated for the user terminal.
A kind of certificate storage device, prestores the soft certificate that CA systems are signed and issued, for being demonstrate,proved firmly to the application of CA systems for user Book.
A kind of hard certificates constructing system, including user terminal, the user terminal include:
The soft certificate that the CA systems prestored in soft certificate read module, the certificate storage device for reading access are signed and issued;
Application information sending module, for sending certificate request information, the certificate request information includes the soft card Book and the subscriber data of user's input;
Hard certificate implant module, it is raw for receiving the digital certificate of CA systems return and being implanted into the certificate storage device Into hard certificate;Wherein, the digital certificate is the user that the CA systems are checked the subscriber data of user's input and prestored Data, and the digital certificate signed and issued according to the subscriber data.
A kind of hard certificates constructing system, including CA systems, the CA systems include:
Application information receiving module, the certificate request information for receiving user terminal, the certificate request information includes The soft certificate prestored in certificate storage device and the subscriber data of user's input;
Authentication module, for the subscriber data checked the subscriber data of user's input and prestored, and according to institute State soft certificate and authentication is carried out to the user;
Digital certificate generation module, if signing and issuing number according to the subscriber data by authentication for the user Word certificate simultaneously returns to the user terminal, and hard certificate is generated for the user terminal.
CA systems are prestored in above-mentioned hard certificates constructing method and system, and certificate storage device, certificate storage device The soft certificate signed and issued in advance, user can be deposited after certificate storage device is received to the hard certificate of CA system applications, CA systems by certificate Store up equipment in soft certificate to user carry out authentication, by can then be signed and issued after certification according to subscriber data digital certificate for Family end implantation certificate storage device obtains hard certificate;The soft certificate stored in the present invention in certificate storage device is signed in advance by CA systems Hair, user voluntarily can obtain hard certificate by downloading digital certificate, on the one hand simplify certificate issued program, improve certificate issued speed Spend, on the other hand the verification voucher using soft certificate as identity, the distribution process security performance of hard certificate is very high.
Brief description of the drawings
Fig. 1 is hard schematic flow sheet of the certificates constructing method in embodiment one of the present invention.
Fig. 2 is hard schematic flow sheet of the certificates constructing method in embodiment two of the present invention.
Fig. 3 is hard schematic flow sheet of the certificates constructing method in embodiment three of the present invention.
Fig. 4 is hard structural representation of the certificates constructing system in embodiment five of the present invention.
Fig. 5 is hard structural representation of the certificates constructing system in embodiment six of the present invention.
Embodiment
The present invention is described in further detail with reference to embodiment and accompanying drawing, but embodiments of the present invention are not limited to This.
Embodiment one,
As shown in figure 1, being a kind of schematic flow sheet of hard certificates constructing method in the present embodiment, the present embodiment is with user What the handling process at end was illustrated, comprise the following steps:
The soft certificate that the CA systems prestored in S11, the certificate storage device of reading access are signed and issued;
S12, transmission certificate request information, the certificate request information include the user of the soft certificate and user's input Data;
S13, the digital certificate for receiving the return of CA systems are simultaneously implanted into the certificate storage device, obtain hard certificate;Wherein, institute The subscriber data that digital certificate is checked the subscriber data of user's input and prestored for the CA systems is stated, and according to soft certificate After the authentication of user, the digital certificate signed and issued according to the subscriber data;
The soft certificate that CA systems are signed and issued in advance is prestored in the present embodiment, in certificate storage device, user to service provider applies Hard certificate, provides the certificate storage device by service provider, is connected after certificate storage device is received with user terminal, pass through user terminal To the hard certificate of CA system applications;User sends certificate request information, the certificate in certificate hard to CA system applications to CA systems Include in application information soft certificate and user input subscriber data, soft certificate as the identity of user verification voucher;
The subscriber data that CA systems are checked the subscriber data of user's input and prestored, and user is entered by soft certificate Row authentication, can use the identification authentication mode based on PKI technologies, and its security is higher;If user is by authentication, Digital certificate can be signed and issued according to subscriber data and returns to user terminal, is implanted into the certificate storage device, most soft certificate turns at last For hard certificate, original feature of the hard certificate level of security and hard certificate that have is remained.
Soft certificate in the present embodiment is signed and issued and is previously implanted in certificate storage device in advance by CA systems, and user can be voluntarily Hard certificate is downloaded, certificate issued program is on the one hand simplified, certificate issued speed is improved, identity is on the other hand used as using soft certificate Verification voucher, the distribution process security performance of hard certificate is very high;Effective subscriber data is contained in hard certificate, is reduced Because anonymous is to the security risk brought of application, for anonymous, it is to avoid carried out in multiple operation systems The process of binding, so as to reduce the workload of operation system maintenance.
In a preferred embodiment, carried in the soft certificate that the soft certificate can in advance be signed and issued for CA systems, the soft certificate There are the equipment Serial Number of the certificate storage device and the sequence number of the CA systemic presuppositions;
The CA systems according to soft certificate by the authentication of user the step of be:The CA systems pass through the equipment Sequence number and the default sequence number carry out authentication to the user.
Soft certificate in the present embodiment is unrelated with user profile, and the equipment of certificate storage device is included in soft certificate information Sequence number, and the custom rule of CA systemic presuppositions sequence number, it is ensured that certificate DN(The distinguished name of certificate authority person) All it is unique, soft certificate is used for authentication, the hard Credential-Security performance finally given is high.
As shown in Fig. 2 being a kind of schematic flow sheet of hard certificates constructing method in the present embodiment, the present embodiment is with CA systems What the handling process of system was illustrated, comprise the following steps:
S21, the certificate request information for receiving user terminal, the certificate request information include prestoring in certificate storage device Soft certificate and user input subscriber data;
S22, the subscriber data of verification user's input and the subscriber data prestored, and according to the soft certificate to described User carries out authentication;
If S23, the user are by authentication, digital certificate is signed and issued and described in returning to according to the subscriber data User terminal, hard certificate is generated for the user terminal.
In a preferred embodiment, it may also include step:If the user can not return to mistake letter by authentication Breath.
In the present embodiment, CA systems, which are received in the certificate request information of user, the certificate request information, includes soft certificate The subscriber data inputted with user;Soft certificate is pre-stored in certificate storage device, is signed and issued in advance by CA systems, and user is receiving certificate It is connected after storage device with user terminal, user is by user terminal to the hard certificate of CA system applications, and soft certificate is used as user identity Verify voucher;The subscriber data that CA systems are checked the subscriber data of user input and prestored, at the same by soft certificate to Family carries out authentication, and based on the identification authentication mode of PKI technologies, its security is higher;, can if user is by authentication Signed and issued according to subscriber data and user terminal is returned to after digital certificate, certificate storage medium is implanted into for user terminal, generate hard certificate.
Soft certificate in the present embodiment is signed and issued and is previously implanted in certificate storage device in advance by CA systems, and user can be voluntarily Hard certificate is downloaded, certificate issued program is on the one hand simplified, certificate issued speed is improved, identity is on the other hand used as using soft certificate Verification voucher, the distribution process security performance of hard certificate is very high;Effective subscriber data is contained in hard certificate, is reduced Because anonymous is to the security risk brought of application, for anonymous, it is to avoid carried out in multiple operation systems The process of binding, so as to reduce the workload of operation system maintenance.
In a preferred embodiment, the equipment Serial Number of the certificate storage device is carried in the soft certificate and described The sequence number of CA systemic presuppositions;
It is described according to the soft certificate to the user carry out authentication the step of be:By the equipment Serial Number and Default sequence number carries out authentication to the user;
Soft certificate in the present embodiment is unrelated with user profile, and the equipment of certificate storage device is included in soft certificate information Sequence number, and the custom rule of CA systemic presuppositions sequence number, it is ensured that certificate DN(The distinguished name of certificate authority person) All it is unique, soft certificate is used for authentication, the hard Credential-Security performance of user terminal generation is very high.
Embodiment three,
As shown in figure 3, the present embodiment specifically describes the generation of hard certificate and provides processing procedure, comprise the following steps:
Hard certificate is applied on S31, the foreground that accepts of user to service provider;
S32, accept after foreground examination & verification subscriber data, provide certificate storage medium to user, terminate foreground application work;Its In, soft certificate is prestored in the certificate storage medium that the service provider provides, by the hardware vendor of certificate storage medium when dispatching from the factory It has been be implanted into that, soft certificate is signed and issued by CA mechanisms;
Certificate storage medium accessing user end is inputted its personal information by S33, user, and certificate request is sent to CA mechanisms Information;Wherein certificate request information includes the subscriber data of the soft certificate prestored in certificate storage device and user's input;
S34, CA authorities certificate request information, the user for checking the subscriber data of user's input and prestoring provide Material, and authentication is carried out to user according to soft certificate;
S35, user are by authentication, and digital certificate is signed and issued according to the subscriber data by CA mechanisms;
S36, user's downloading digital certificate are simultaneously implanted into certificate storage medium, obtain hard certificate, terminate certificate request flow.
It can be seen that from above-mentioned flow, the certificate issued efficiency of the present embodiment is very high, soft certificate is signed and issued and is implanted into all Fulfil ahead of schedule, the foreground admissibility pressure of service provider is greatly decreased, need to only carry out depositing subscriber data examination & verification after discharge certificate The work of storage media.
Example IV
In the present embodiment there is provided a kind of certificate storage device, the certificate storage device prestores what CA systems were signed and issued Soft certificate, for supplying user to the hard certificate of CA system applications;
Wherein, the sequence number of equipment Serial Number and the CA systemic presuppositions, the equipment sequence are carried in the soft certificate Row number and default sequence number are used for the CA systems and carry out authentication to user when user applies for hard certificate.
Relative to traditional certificate storage device, prestore that CA systems sign and issue in the certificate storage device of the present embodiment is soft Certificate, can be used to carry out authentication during hard to the CA system applications certificate of user;Relative to traditional authorization code authentication mode, sheet Identification authentication mode of the embodiment based on PKI technologies, the verification voucher using soft certificate as identity, security performance is very high;Together When, signing and issuing and being implanted into for soft certificate has all been fulfiled ahead of schedule, can significantly improve operating efficiency.
Soft certificate in the present embodiment is unrelated with user profile, and the equipment of certificate storage device is included in soft certificate information Sequence number, and the custom rule of CA systemic presuppositions sequence number, it is ensured that certificate DN(The distinguished name of certificate authority person) All it is unique, equipment Serial Number and default sequence number are used for authentication, the hard Credential-Security for ultimately generating user terminal Performance is high.
Embodiment five
As shown in figure 4, being a kind of structural representation of hard certificates constructing system in the present embodiment, said with user terminal It is bright, including:
The soft card that the CA systems prestored in soft certificate read module 41, the certificate storage device for reading access are signed and issued Book;
Application information sending module 42, for sending certificate request information, the certificate request information includes described soft Certificate and the subscriber data of user's input;
Hard certificate implant module 43, for receiving the digital certificate of CA systems return and being implanted into the certificate storage device, Generate hard certificate;Wherein, the digital certificate is the use that the CA mechanisms check the subscriber data of user's input and prestored After family data, and the authentication for passing through user according to soft certificate, the digital certificate signed and issued according to the subscriber data.
In a preferred embodiment, carried in the soft certificate that the soft certificate is signed and issued in advance for CA systems, the soft certificate The sequence number of the equipment Serial Number of the certificate storage device and the CA systemic presuppositions;The CA systems pass through the equipment sequence Row number and default sequence number carry out authentication to the user.
Embodiment six
As shown in figure 5, being a kind of structural representation of hard certificates constructing system in the present embodiment, said with CA systems It is bright, including:
Wrapped in application information receiving module 51, the certificate request information for receiving user terminal, the certificate request information Include the subscriber data of the soft certificate prestored in certificate storage device and user's input;
Authentication module 52, for the subscriber data checked the subscriber data of user's input and prestored, and according to The soft certificate carries out authentication to the user;
Digital certificate generation module 53, if being signed and issued for the user by authentication according to the subscriber data Digital certificate simultaneously returns to the user terminal, and hard certificate is generated for the user terminal.
In a preferred embodiment, if the authentication module be additionally operable to the user can not by authentication, Return to error message.
In a preferred embodiment, the equipment Serial Number of the certificate storage device is carried in the soft certificate and described The sequence number of CA systemic presuppositions, the digital certificate generation module is additionally operable to by the equipment Serial Number and default sequence number Authentication is carried out to the user.
CA systems are prestored in hard certificates constructing method and system of the invention, and certificate storage device, certificate storage device The soft certificate that system is signed and issued in advance, user can pass through certificate after certificate storage device is received to the hard certificate of CA system applications, CA systems Soft certificate in storage device carries out authentication to user, is supplied by can then sign and issue digital certificate after certification according to subscriber data User terminal implantation certificate storage device obtains hard certificate;The soft certificate stored in the present invention in certificate storage device is pre- by CA systems Sign and issue, user voluntarily can obtain hard certificate by downloading digital certificate, on the one hand simplify certificate issued program, improve certificate issued speed Spend, on the other hand the verification voucher using soft certificate as identity, the distribution process security performance of hard certificate is very high.
Embodiment described above only expresses the several embodiments of the present invention, and it describes more specific and detailed, but simultaneously Therefore the limitation to the scope of the claims of the present invention can not be interpreted as.It should be pointed out that for one of ordinary skill in the art For, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to the guarantor of the present invention Protect scope.Therefore, the protection domain of patent of the present invention should be determined by the appended claims.

Claims (16)

1. a kind of hard certificates constructing method, it is characterised in that comprise the following steps:
The soft certificate that the CA systems prestored in the certificate storage device for reading access are signed and issued;
Certificate request information is sent, the certificate request information includes the subscriber data of the soft certificate and user's input;
Receive the digital certificate of CA systems return and be implanted into the certificate storage device, obtain hard certificate;Wherein, the numeral card Book is the subscriber data that the CA systems are checked the subscriber data of user's input and prestored, and passes through user according to soft certificate Authentication after, the digital certificate signed and issued according to the subscriber data;The hard certificate includes the subscriber data.
2. hard certificates constructing method according to claim 1, it is characterised in that the soft certificate is what CA systems were signed and issued in advance The equipment Serial Number of the certificate storage device and the sequence of the CA systemic presuppositions are carried in soft certificate, the soft certificate Number.
3. hard certificates constructing method according to claim 2, it is characterised in that the CA systems according to soft certificate by using The step of authentication at family is:The CA systems are by the equipment Serial Number and the default sequence number to the user Carry out authentication.
4. a kind of hard certificates constructing method, it is characterised in that comprise the following steps:
The certificate request information of user terminal is received, the certificate request information includes the soft certificate prestored in certificate storage device The subscriber data inputted with user;
The subscriber data checked the subscriber data of user's input and prestored, and the user is carried out according to the soft certificate Authentication;
If the user is by authentication, digital certificate is signed and issued according to the subscriber data and the user terminal is returned to, Hard certificate is generated for the user terminal, the hard certificate includes the subscriber data.
5. hard certificates constructing method according to claim 4, it is characterised in that also including step:If the user can not By authentication, then error message is returned.
6. the hard certificates constructing method according to claim 4 or 5, it is characterised in that carried in the soft certificate described The equipment Serial Number of certificate storage device and the sequence number of CA systemic presuppositions.
7. hard certificates constructing method according to claim 6, it is characterised in that described to be used according to the soft certificate described Family carry out authentication the step of be:Identity is carried out by the equipment Serial Number and default sequence number to the user to recognize Card.
8. a kind of certificate storage device, it is characterised in that prestore the soft certificate that CA systems are signed and issued, for supplying user to CA systems Apply for hard certificate, the hard certificate includes subscriber data.
9. certificate storage device according to claim 8, it is characterised in that carry equipment Serial Number in the soft certificate With the sequence number of the CA systemic presuppositions, the equipment Serial Number and default sequence number are used for the CA systems and applied in user Authentication is carried out to user during hard certificate.
10. a kind of hard certificates constructing system, it is characterised in that including user terminal, the user terminal includes:
The soft certificate that the CA systems prestored in soft certificate read module, the certificate storage device for reading access are signed and issued;
Application information sending module, for sending certificate request information, the certificate request information include the soft certificate and The subscriber data of user's input;
Hard certificate implant module, for receiving the digital certificate of CA systems return and being implanted into the certificate storage device, generation is hard Certificate;Wherein, the digital certificate is the subscriber data that the CA systems are checked the subscriber data of user's input and prestored, And after the authentication for passing through user according to soft certificate, the digital certificate signed and issued according to the subscriber data, the hard certificate bag Containing the subscriber data.
11. hard certificates constructing system according to claim 10, it is characterised in that the soft certificate is that CA systems are signed and issued in advance Soft certificate, carry the equipment Serial Number of the certificate storage device and the sequence of the CA systemic presuppositions in the soft certificate Number.
12. hard certificates constructing system according to claim 11, it is characterised in that the CA systems pass through the equipment sequence Row number and the default sequence number carry out authentication to the user.
13. a kind of hard certificates constructing system, it is characterised in that including CA systems, the CA systems include:
Application information receiving module, the certificate request information for receiving user terminal, the certificate request information includes certificate The soft certificate prestored in storage device and the subscriber data of user's input;
Authentication module, for the subscriber data checked the subscriber data of user's input and prestored, and according to described soft Certificate carries out authentication to the user;
Digital certificate generation module, if signing and issuing digital card according to the subscriber data by authentication for the user Book simultaneously returns to the user terminal, and hard certificate is generated for the user terminal, and the hard certificate includes the subscriber data.
14. hard certificates constructing system according to claim 13, it is characterised in that the authentication module is additionally operable to: If the user can not return to error message by authentication.
15. the hard certificates constructing system according to claim 13 or 14, it is characterised in that carried in the soft certificate State the equipment Serial Number of certificate storage device and the sequence number of the CA systemic presuppositions.
16. hard certificates constructing system according to claim 15, it is characterised in that the digital certificate generation module is also used In by the default sequence number to the user carry out authentication.
CN201310642415.4A 2013-12-03 2013-12-03 Hard certificates constructing method and system, certificate storage device Active CN103632078B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310642415.4A CN103632078B (en) 2013-12-03 2013-12-03 Hard certificates constructing method and system, certificate storage device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310642415.4A CN103632078B (en) 2013-12-03 2013-12-03 Hard certificates constructing method and system, certificate storage device

Publications (2)

Publication Number Publication Date
CN103632078A CN103632078A (en) 2014-03-12
CN103632078B true CN103632078B (en) 2017-08-04

Family

ID=50213116

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310642415.4A Active CN103632078B (en) 2013-12-03 2013-12-03 Hard certificates constructing method and system, certificate storage device

Country Status (1)

Country Link
CN (1) CN103632078B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10511587B2 (en) * 2015-06-11 2019-12-17 Siemens Aktiengesellschaft Authorization apparatus and method for an authorized issuing of an authentication token for a device
CN106921639A (en) * 2015-12-28 2017-07-04 航天信息股份有限公司 Mobile digital certificate application method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1447269A (en) * 2003-04-10 2003-10-08 深圳市深信服电子科技有限公司 Certificate authentication system and method based on hardware characteristics
CN101127111A (en) * 2006-08-18 2008-02-20 中信银行 Internet bank U disc KEY ciphering, authentication device and method
CN101447867A (en) * 2008-12-31 2009-06-03 中国建设银行股份有限公司 Method for managing digital certificate and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1447269A (en) * 2003-04-10 2003-10-08 深圳市深信服电子科技有限公司 Certificate authentication system and method based on hardware characteristics
CN101127111A (en) * 2006-08-18 2008-02-20 中信银行 Internet bank U disc KEY ciphering, authentication device and method
CN101447867A (en) * 2008-12-31 2009-06-03 中国建设银行股份有限公司 Method for managing digital certificate and system

Also Published As

Publication number Publication date
CN103632078A (en) 2014-03-12

Similar Documents

Publication Publication Date Title
US8145899B2 (en) Creation of user digital certificate for portable consumer payment device
CN106656488B (en) Key downloading method and device for POS terminal
CN103905207B (en) Method and system for unifying APK signature
US7159114B1 (en) System and method of securely installing a terminal master key on an automated banking machine
US8549602B2 (en) System and method for handling permits for user authentication tokens
CN101866498B (en) Electronic ticket implementation method and system based on intelligent card
US7415609B1 (en) Automated banking machine system and method
CN105635049A (en) Anti-counterfeit tax control method and device based on client identifier password
KR100411448B1 (en) public-key infrastructure based digital certificate methods of issuing and system thereof
JP2004032731A (en) Security method using encryption, and electronic equipment suitable for it
CN101465732B (en) Method and terminal for ensuring digital certificate safety
CN106953732B (en) Key management system and method for chip card
WO2006031203A1 (en) An interactive television system
US11514419B2 (en) Method of configuring or changing a configuration of a POS terminal and/or assignment of the POS terminal to an operator
CN106936588A (en) A kind of trustship method, the apparatus and system of hardware controls lock
CN103077461B (en) System and method for applying for financial document using mobile communication device
CN103854180A (en) Credit voucher generating method and system, and application authorization method and system
CN101826219A (en) Rail transportation ticket-card processing intelligent system and data encryption auditing method
CN104145454B (en) For the method for the checking of email delivery
CN102255732B (en) Safe certificate issuing method based on USB (Universal Serial Bus) key
WO2011139135A1 (en) System and method for issuing endorsement key credential in trusted computing environment using local certificate authority
CN108460597B (en) Key management system and method
CN103632078B (en) Hard certificates constructing method and system, certificate storage device
CN101447037A (en) Control system for establishing and using user account by user terminal and method thereof
CN101369296A (en) Method and system for implementing off-line printing limitation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 528200 science and technology road, Nanhai Software Science Park, Nanhai Town, Nanhai District, Foshan, Guangdong

Applicant after: Age of security Polytron Technologies Inc

Address before: 528200 science and technology road, Nanhai Software Science Park, Nanhai Town, Nanhai District, Foshan, Guangdong

Applicant before: Guangdong Certificate Authority Center Co., Ltd.

COR Change of bibliographic data
GR01 Patent grant
GR01 Patent grant