CN106850700B - Safety operation legality identification method and device - Google Patents

Safety operation legality identification method and device Download PDF

Info

Publication number
CN106850700B
CN106850700B CN201710233155.3A CN201710233155A CN106850700B CN 106850700 B CN106850700 B CN 106850700B CN 201710233155 A CN201710233155 A CN 201710233155A CN 106850700 B CN106850700 B CN 106850700B
Authority
CN
China
Prior art keywords
electronic device
safety operation
verification
verification information
channel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710233155.3A
Other languages
Chinese (zh)
Other versions
CN106850700A (en
Inventor
孙吉平
刘跃峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Senseshield Technology Co Ltd
Original Assignee
Beijing Senseshield Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Senseshield Technology Co Ltd filed Critical Beijing Senseshield Technology Co Ltd
Priority to CN201710233155.3A priority Critical patent/CN106850700B/en
Publication of CN106850700A publication Critical patent/CN106850700A/en
Application granted granted Critical
Publication of CN106850700B publication Critical patent/CN106850700B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a kind of safety operation legality identification method, be applied to the first electronic device, first electronic device can the legal identity in a network environment to client user authenticate, this method includes:S1, first electronic device receive the safety operation order of the client;S2, first electronic device execute safety operation corresponding with the safety operation order and save result data;S3, first electronic device generate verification information according to the safety operation order;S4, first electronic device according to the verification information carry out the first verification operation, if being verified, first electronic device to the client send safety operation result data;Otherwise, first electronic device, which generates, cancels code for the cancellation code return client.The invention also discloses a kind of safety operation legitimate verification devices.

Description

Safety operation legality identification method and device
Technical field
The present invention relates to computer and field of communication security, in particular to a kind of safety operation legality identification method and dress It sets.
Background technique
In network trading, need to guarantee the safety of server-side, communication channel, client, three is indispensable, individually appoints What uneasiness all can not achieve Secure Transaction.And for the angle of client, guarantee that the user of client has and closes Method identity is the element firstly the need of consideration.
In the prior art, the method authenticated to client user's legal identity mainly has:Use intelligent cipher Key (USB Key), comprising representing the cryptographic algorithm private key of user identity in USB Key, when needing to authenticate user's identity, It is digitally signed using this private key, server-side verifies this signature to verify the legal identity of user.The method can protect The user for demonstrate,proving client has legal identity, but cannot be guaranteed the legitimacy of network trading.Under normal conditions, client one As based on open computing platform, such as PC (personal computer), be easy by malware attacks such as trojan horses, malice is soft Part can forge transaction, and the user for cheating client authenticates illegal transaction.
Additionally there are in a manner of being verified with the channel that trade network is physically segregated, such as from server The wireless signal at end, short message verification code from server end etc., also can be to a certain extent to the legal identity of user It is verified.But by taking mobile phone identifying code as an example, due to the presence of user setting or malice tool, the mobile phone of current mainstream Platform, all there may be the situations that short message verification code is intercepted.Such as smart phone such as priority assignation is improper, it is easy to by malice App short message reading, and upload server silently;It is easy to be issued to mobile phone from base station in short message again or under GSM (2G) network During by sniff, that is, intercept and capture.The first situation typically occurs in android system, but under second situation then itself It is unrelated with cell phone system platform.
It can be seen that at present in this technical field based on the above two o'clock reason, believed by digital signature or second Road verification mode all cannot be guaranteed to verify the legal identity of user.
Summary of the invention
In order to overcome the deficiencies of the prior art, the present invention provides a kind of safety operation legality identification method and devices.Make User verifies safety operation by operation electronic device, effectively prevents the attack from client Malware.
The technical solution of the embodiment of the present invention is this realization:
First aspect of the embodiment of the present invention provides a kind of safety operation legality identification method, is applied to the first electronics and fills Set, first electronic device can the legal identity in a network environment to client user authenticate, this method includes:
S1, first electronic device receive the safety operation order that the client is sent;
S2, first electronic device execute safety operation corresponding with the safety operation order and protect result data It deposits;
S3, first electronic device generate verification information according to the safety operation order, are tested according to prompt Card information is inputted;
S4, first electronic device carry out the first verification operation according to the input, if being verified, first electricity Sub-device sends the result data of safety operation to the client;Otherwise, first electronic device, which generates, cancels code for institute It states and cancels the code return client.
Preferably, first electronic device generates verification information according to the safety operation order, including:Described One electronic device obtains the corresponding verification information of safety operation order by inquiry pre-set list.
Preferably, the first electronic device prompt input according to the verification information and includes:
The first electronic device prompt is physically entered according to the verification information according to predetermined condition;
First electronic device carries out the first verification operation according to the input:Execution is physically entered according to described Physical verification.
Preferably, first electronic device carries out the first verification operation according to the verification information, including:
The first electronic device prompt carries out input according to the verification information and includes:The first electronic device prompt Second channel verification information is inputted according to the verification information;
First electronic device carries out the first verification operation according to the input:First electronic device according to The second channel verification information carries out second channel verification operation,
Wherein the second channel verification information is obtained from server.
Preferably, the first electronic device prompt input according to the verification information and further includes:Described first Electronic device prompt inputs second channel verification information according to the verification information;
First electronic device carries out the first verification operation according to the input:The first electronic device root Second channel verification operation is carried out according to the second channel verification information,
Wherein the second channel verification information is obtained from server.
First electronic device carries out the second verification operation according to the second channel verification information;
Wherein the second channel verification information is obtained from server.Preferably, the safety operation, including data plus One of close, data deciphering, data summarization, digital signature or digital signature authentication are a variety of.
Preferably, the prompt of the first electronic device includes showing information on the first electronic device;Or in the first electronics Voice prompt is issued on device;Or vibration is generated on the first electronic device.
The second aspect of the embodiment of the present invention provides a kind of safety operation legitimate verification device, fills as the first electronics Set, first electronic device can the legal identity in a network environment to client user authenticate, which includes:
Communication interface, the safety operation order sent for receiving the client to first electronic device;
Safe computing module, for responding the safety operation order, executing safety operation and saving result data, and Verification information is generated according to the safety operation order;
Verification tip module is inputted for prompting according to the verification information;
Input module, for receiving the input;
Main processing block is configured to pass through the communication if being verified according to the input the first verification operation of progress Interface sends the result data of safety operation to the client;Otherwise, it generates and cancels code and by the communication interface by institute It states and cancels the code return client.
Preferably, the safe computing module obtains the corresponding verifying letter of safety operation order by inquiry pre-set list Breath.
Preferably, the verification tip module, which is configured to prompt, carries out object according to predetermined condition according to the verification information Reason input;
The input module includes the first input module being physically entered described in reception;
The main processing block is configured to be physically entered execution physical verification according to.
Preferably, the verification tip module, which is configured to prompt, inputs second channel verifying letter according to the verification information Breath;
The input module includes the second input module for receiving the second channel verification information;
The main processing block is configured to carry out second channel verification operation according to the second channel verification information,
Wherein the second channel verification information is obtained from server.
Preferably, the verification tip module, which is further configured to prompt, inputs second channel according to the verification information Verification information;The input module further includes the second input module for receiving the second channel verification information;
The main processing block is further configured to carry out second channel verifying behaviour according to the second channel verification information Make,
Wherein the second channel verification information is obtained from server.
Preferably, the safety operation, including data encryption, data deciphering, data summarization, digital signature or number label One of name verifying is a variety of.
Preferably, the verification tip module includes:
The display screen of information is shown on the first electronic device;Or the sounding of voice prompt is issued on the first electronic device Device;Or the shaking device of vibration is generated on the first electronic device.
Preferably, the communication interface, including serial line interface, parallel interface, universal serial bus, firewire, integrated electricity Road bus interface, serial peripheral or bluetooth.
Safety operation legality identification method and device of the present invention are applied to first electronic device, such as USBKey etc. and set It is standby, first electronic device can the legal identity in a network environment to client user authenticate.Of the invention real In the method for applying example offer, this method is by receiving the safety operation order of the client in first electronic device;So Safety operation order is executed afterwards and saves result, and then carries out the verifying of operation validity again.It is provided in the embodiment of the present invention Method in, when carrying out operation validity verifying, first electronic device according to the safety operation order generate verify Information;And then the first verification operation is carried out according to the verification information by first electronic device, and if being verified, described the One electronic device sends the result data of safety operation to the client;Otherwise, first electronic device, which generates, cancels code The cancellation code is returned into the client.In this course, it after client generates safety operation order, cannot directly control Electronic device accesses the sensitive informations such as the user data for including inside it, key.When carrying out safety operation to transaction data, need Want user carry out operation validity verifying, such as by be physically entered and/or second channel input safety operation is tested Card can just be completed to operate.To which the Malware in client is unable to complete the illegal transaction of forgery, it is ensured that network trading It is all to verify to complete by legitimate user.Further, by way of the additional prompt in electronic device, it is ensured that User will not be cheated by illegal transaction.
Detailed description of the invention
Fig. 1 is the implementation process schematic diagram of safety operation legality identification method of the present invention.
Fig. 2 is the corresponding safety operation legitimate verification device of one safety operation legality identification method of the embodiment of the present invention Logic composition block diagram.
Fig. 3 is the implementation process schematic diagram of one safety operation legality identification method of the embodiment of the present invention.
Fig. 4 is the logic composition block diagram of safety operation legitimate verification device concrete application scene one of the present invention.
Fig. 5 is the implementation process schematic diagram of one safety operation legality identification method of application scenarios of the present invention.
Fig. 6 is the logic composition block diagram of safety operation legitimate verification device concrete application scene two of the present invention.
Fig. 7 is the implementation process schematic diagram of the safety operation legality identification method of application scenarios two of the present invention.
Specific embodiment
Currently, the electronic device of client connection verifies the legitimacy of operation or the identity of operator of client Method, be by the physical certifying mode on electronic device to needed to be implemented in client first operation carry out physics recognize Card.But it is relatively cumbersome in the process flow of this method, by taking network bank business as an example, have certain customers be even switched off the protection of excellent shield and Use mobile phone dynamic verification code instead.This, which is undoubtedly, is worthy of consideration and improved place.In view of the foregoing, as shown in Figure 1, it is of the invention It proposes a kind of safety operation legality identification method, is applied to the first electronic device, which can be in network rings The legal identity of client user is authenticated under border, this method includes:
S1, the client send safety operation order to first electronic device;
S2, first electronic device respond the safety operation order, execute safety operation and save result data;
S3, first electronic device generate verification information according to the safety operation order;
S4, first electronic device according to the verification information carry out the first verification operation, if being verified, execute S5 step, first electronic device send the result data of safety operation to the client;Otherwise, S6 step, institute are executed It states the first electronic device and generates and cancel code for the cancellation code return client.
Realization of the invention is described in detail below with reference to example, appended attached drawing purposes of discussion only for reference, not For limiting the present invention.Embodiment is further described in detail technical solution of the present invention.
Embodiment one
Fig. 2 show the logic composition block diagram of the present embodiment safety operation legitimate verification device, as shown in Fig. 2, this hair A kind of safety operation legitimate verification device that bright embodiment one provides, as the first electronic device, the first electronic device energy Enough to authenticate in a network environment to the legal identity of client user, which includes:
Communication interface 220 sends safety operation order to first electronic device 210 for receiving the client;
Safe computing module 270, for responding the safety operation order, executing safety operation and saving result data To data memory module 240;And verification information is generated according to the safety operation order;
Verification tip module 260, for prompting user to verify the verification information by the first electronic device 210;
Main processing block 230 verifies the verification information, if being verified, by communication interface 220 to the client Send the result data of safety operation;Otherwise, it generates cancellation code and the cancellation code is returned into the client by communication interface 220 End.In the present embodiment, connection is also connected with and is physically entered module 250 on main processing block 230, for receiving the object of user Reason input, including the biosensors such as switch, key, touch screen, fingerprint Identification sensor, voice input module etc., can be The combination of one of input unit or a variety of input units.Module 250 is physically entered to receive after user is physically entered, to Main processing block 230 sends verification information.
In the present embodiment, the client is the computer system that user can operate in network, including but unlimited In:PC (personal computer), intelligent mobile phone etc.;The safety operation, including but not limited to:Data encryption, data deciphering, The safe operation such as data summarization, digital signature, digital signature authentication.
Wherein, the main processing block 230 is responsible for receiving client transmission by communication interface 220 and client communication Safety operation order, safety operation order is kept in data memory module, reads safety operation life from data memory module It enables or user data, reception is physically entered the input of module or second channel input module, generates verification tip information simultaneously It sends verification tip information to verification tip module, send safe computing module for safety operation order and receives return number According to, by safety operation implementing result return to client.The communication interface 220 can be serial line interface (UART), connect parallel Mouth, universal serial bus (USB), firewire (IEEE1394), IC bus interface (IIC), serial peripheral (SPI), bluetooth The interfaces such as interface.
The safe computing module 270, can integrate in main processing block 230, be also possible to independent arithmetic element And it is connect with main processing block 230.
The data memory module 240, can integrate in main processing block 230, be also possible to independent storage unit And it is connect with main processing block 230, such as may include:RAM, EPROM, EEPROM, Flash, hard disk, ferroelectric memory etc..
Further, with it is described be physically entered module 250 similarly, second channel input module 280 can also be increased, The second channel input module 280, can integrate in main processor modules 230, be also possible to independent wired or wireless Receiving module.Such as gsm module, 3G module or USB module etc..
And accordingly, the verification tip module 260 in the present embodiment is connect with main processing block 230, can wrap Include one of following the description or combination:Display screen, light emitting device, sounding device, vibration device etc..
It is illustrated in primary network transaction below with reference to Fig. 2, Fig. 3, realizes this using the first electronic device of the invention The detailed process of inventive method:
S301, client send safety operation order to by communication interface 220 main process task of first electronic device 210 Module 230.
Safety operation order is sent safe computing module 270 by S302, main processing block 230.
S303, safe computing module 270 execute safety operation, and result is returned to main processing block 230.
Safety operation implementing result is kept in data memory module 240 by S304, main processing block 230.
S305, main processing block 230 generate verification tip information according to safety operation order and are sent to verification tip mould Block 260.
S306, verification tip module 260 physically prompt the user with verification tip information.
S307, being physically entered for the reception user of module 250, and and/or second channel input module are physically entered 280 receive the verification information of server-side.
S308, module 250 and/or second channel input module 280 are physically entered and inputs to verify to main processing block 230 and is believed Breath carries out the first verification operation and/or the second verification operation.The input mode of the verification information, including be physically entered and second Channel input.It is physically entered including but not limited to:The biosensors such as switch, key, touch screen, fingerprint Identification sensor, language Sound input etc.;Second channel input refer to by with the physically-isolated channel validation information of trade network, such as:From server-side Wireless signal, the short message verification code from server-side, the Email identifying code from server end etc..
S309,230 query safe of main processing block operate corresponding verification information, believe with the verifying inputted in step S308 Breath comparison.If consistent, step S311 is executed, it is no to then follow the steps S312.In practical applications, the query safe operation life Corresponding verification information is enabled, can be realized by lookup table mode, including that every safety operation order is corresponding in mapping table tests Demonstrate,prove information.Mapping table, which can be, to be preset in an electronic, and dynamic generation is also possible to.
S310, main processing block 230 read temporary safety operation implementing result from data memory module 240, pass through Communication interface 220 is sent to client, terminates this process.
S311, main processing block 230 are returned to client cancels code, terminates this process.
Application scenarios one
With reference to Fig. 4, client is PC machine (PC) in this application scenarios;Electronic device is USB Key401, Including:Single-chip microcontroller 403, flash storage 404, RAM memory 405, gsm module 406, light emitting diode 407, encryption chip 408 and the USB interface 402 that is communicated with PC machine.
With reference to Fig. 5, the safety operation of network trading is to be digitally signed to transaction data, and process includes:
S501, PC machine send digital signature order and transaction data to by USB interface 402 monolithic of USB Key401 In machine 403.
S502, single-chip microcontroller 403 read user's signature private key from flash storage 404, with digital signature order and transaction Data are sent to encryption chip 408 together.
S503, encryption chip 408 are digitally signed transaction data, and signature is returned to single-chip microcontroller 403.
S504, single-chip microcontroller 403 store signature result into RAM memory 405.
S505, single-chip microcontroller 403 obtain the flashing mode of light emitting diode 407 according to transaction data;For example, according to trade gold The size of volume determines flashing times.
S506, single-chip microcontroller 403 control Light-Emitting Diode 407 and flash according to the flashing mode in S505.
S507, gsm module 406 receive the short message comprising verification information that server is sent and are sent to single-chip microcontroller 403.
S508, single-chip microcontroller 403 read pre-stored verification information from flash storage 404, send out with gsm module 406 The verification information sent is compared;If consistent, step S509 is executed, it is no to then follow the steps S510.
S509, single-chip microcontroller 403 read signature result from RAM memory 405, and return to PC by USB interface 402 Machine terminates this process.
S510, single-chip microcontroller 403 are returned to PC machine cancels code, this cancels the spy that code is PC machine and USB Key401 arranges in advance Different return code indicates that USB Key401 cancels the signature to transaction data;Terminate this process.
In this application, second channel verification information is obtained by server, and receives server hair by gsm module 406 The second channel verification information sent, and gsm module 406 is the composition part appearance as the first electronic device.It is envisioned that , by another the second electronic equipment with gsm module, technical solution of the present invention equally may be implemented.
Application scenarios two
With reference to Fig. 6, client is smart phone in application scenarios two;Electronic device is bluetooth key 601, including:Intelligence It can card chip 603 (being integrated with microprocessor, RAM, flash storage, safe calculation coprocessor), touch screen 604, display screen 605 and the wireless Bluetooth interface 602 that is communicated with smart phone.
With reference to Fig. 7, the safety operation of network trading is to be digitally signed to transaction data, and process includes:
S701, smart phone send bluetooth key 601 for digital signature order and transaction data by blue tooth interface 602 Intelligent card chip 603 in.
S702, intelligent card chip 603 read user's signature private key from internal flash storage, with digital signature order And transaction data is sent to internal security calculation coprocessor together.
S703, safe calculation coprocessor are digitally signed transaction data, and signature is returned to intelligent card chip 603。
S704, intelligent card chip 603 store signature result into internal RAM memory.
S705, intelligent card chip 603 extract trading account and transaction amount from transaction data and are sent to display screen 605。
S706, display screen 605 show trading account and transaction amount.
S707, touch screen 604 receive the verification information of the input of user, and are sent to intelligent card chip 603.
S708, intelligent card chip 603 read pre-stored verification information from internal flash storage, with user The verification information of input is compared;If consistent, step S709 is executed, it is no to then follow the steps S710.
S709, intelligent card chip 603 read signature result from internal RAM memory, and are returned by blue tooth interface 602 To smart phone, terminate this process.
S710, intelligent card chip 603 are returned to smart phone cancels code, and it is smart phone and bluetooth key that this, which cancels code, The 601 special return codes arranged in advance indicate that bluetooth key 601 cancels the signature to transaction data;Terminate this process.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the scope of the present invention.It is all Within the spirit and principles in the present invention, made any modification, equivalent replacement and improvement etc. should be included in guarantor of the invention Within the scope of shield.

Claims (15)

1. safety operation legality identification method is applied to the first electronic device, which can be in network environment Under the legal identity of client user is authenticated, this method includes:
S1, first electronic device receive the safety operation order of the client;
S2, first electronic device execute safety operation corresponding with the safety operation order and save result data;
S3, first electronic device generate verification information according to the safety operation order, are believed with prompt according to the verifying Breath is inputted;
S4, first electronic device carry out the first verification operation according to the input, and first verification operation is used for institute It states safety operation to be verified, if being verified, first electronic device sends the result of safety operation to the client Data;Otherwise, first electronic device, which generates, cancels code for the cancellation code return client.
2. safety operation legality identification method as described in claim 1, which is characterized in that first electronic device according to The safety operation order generates verification information, including:First electronic device obtains safety behaviour by inquiry pre-set list Make to order corresponding verification information.
3. safety operation legality identification method as described in claim 1, which is characterized in that the first electronic device prompt Carrying out input according to the verification information includes:
The first electronic device prompt is physically entered according to the verification information according to predetermined condition;
First electronic device carries out the first verification operation according to the input:Execution physics is physically entered according to described Verifying.
4. safety operation legality identification method as described in claim 1, which is characterized in that the first electronic device prompt Carrying out input according to the verification information includes:
The first electronic device prompt inputs second channel verification information according to the verification information;
First electronic device carries out the first verification operation according to the input:First electronic device is according to Second channel verification information carries out second channel verification operation,
Wherein the second channel verification information is obtained from server.
5. safety operation legality identification method as claimed in claim 3, which is characterized in that
The first electronic device prompt carries out input according to the verification information and further includes:First electronic device prompts root Second channel verification information is inputted according to the verification information;
First electronic device carries out the first verification operation according to the input:First electronic device is according to institute It states second channel verification information and carries out second channel verification operation, wherein the second channel verification information is obtained from server.
6. safety operation legality identification method as described in claim 1, which is characterized in that the safety operation, including number According to one of encryption, data deciphering, data summarization, digital signature or digital signature authentication or a variety of.
7. safety operation legality identification method as described in claim 1, which is characterized in that the prompt packet of the first electronic device It includes:Information is shown on the first electronic device;Or voice prompt is issued on the first electronic device;Or on the first electronic device Generate vibration.
8. safety operation legitimate verification device, as the first electronic device, which can be in a network environment The legal identity of client user is authenticated, which includes:
Communication interface, the safety operation order sent for receiving the client to first electronic device;
Safe computing module, for responding the safety operation order, executing safety operation and saving result data, and according to The safety operation order generates verification information;
Verification tip module is inputted for prompting according to the verification information;
Input module, for receiving the input;
Main processing block is configured to pass through the communication interface if being verified according to the input the first verification operation of progress The result data of safety operation is sent to the client;Otherwise, it generates and cancels code and taken by the communication interface by described The code that disappears returns to the client.
9. safety operation legitimate verification device as claimed in claim 8, which is characterized in that the safe computing module passes through It inquires pre-set list and obtains the corresponding verification information of safety operation order.
10. safety operation legitimate verification device as claimed in claim 8, which is characterized in that
The verification tip module is configured to prompt and is physically entered according to the verification information according to predetermined condition;
The input module includes the first input module being physically entered described in reception;
The main processing block is configured to be physically entered execution physical verification according to.
11. safety operation legitimate verification device as claimed in claim 8, which is characterized in that
The verification tip module is configured to prompt and inputs second channel verification information according to the verification information;
The input module includes the second input module for receiving the second channel verification information;
The main processing block is configured to carry out second channel verification operation according to the second channel verification information,
Wherein the second channel verification information is obtained from server.
12. safety operation legitimate verification device as claimed in claim 10, which is characterized in that
The verification tip module is further configured to prompt and inputs second channel verification information according to the verification information;
The input module further includes the second input module for receiving the second channel verification information;The main processing block into One step is configured to carry out second channel verification operation according to the second channel verification information, wherein second channel verifying letter Breath is obtained from server.
13. safety operation legitimate verification device as claimed in claim 8, which is characterized in that the safety operation, including number According to one of encryption, data deciphering, data summarization, digital signature or digital signature authentication or a variety of.
14. safety operation legitimate verification device as claimed in claim 8, which is characterized in that the verification tip module packet It includes:The display screen of information is shown on the first electronic device;Or the sounding device of voice prompt is issued on the first electronic device; Or the shaking device of vibration is generated on the first electronic device.
15. safety operation legitimate verification device as claimed in claim 8, which is characterized in that the communication interface, including string Line interface, parallel interface, universal serial bus, firewire, IC bus interface, serial peripheral or bluetooth.
CN201710233155.3A 2017-04-11 2017-04-11 Safety operation legality identification method and device Active CN106850700B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710233155.3A CN106850700B (en) 2017-04-11 2017-04-11 Safety operation legality identification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710233155.3A CN106850700B (en) 2017-04-11 2017-04-11 Safety operation legality identification method and device

Publications (2)

Publication Number Publication Date
CN106850700A CN106850700A (en) 2017-06-13
CN106850700B true CN106850700B (en) 2018-11-20

Family

ID=59147897

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710233155.3A Active CN106850700B (en) 2017-04-11 2017-04-11 Safety operation legality identification method and device

Country Status (1)

Country Link
CN (1) CN106850700B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101034986A (en) * 2007-01-15 2007-09-12 北京飞天诚信科技有限公司 Method and system for securely using the intelligent secrete key device
CN101216923A (en) * 2008-01-07 2008-07-09 中国工商银行股份有限公司 A system and method to enhance the data security of e-bank dealings

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100542088C (en) * 2005-08-11 2009-09-16 北京握奇数据***有限公司 A kind of physical certifying method and a kind of electronic installation
CN101296078A (en) * 2007-04-23 2008-10-29 北京深思洛克数据保护中心 Information interactive affirmation device in internetwork communication
CN101252439B (en) * 2008-04-10 2010-09-01 北京飞天诚信科技有限公司 System and method for increasing information safety equipment security
CN101290645A (en) * 2008-05-19 2008-10-22 北京深思洛克数据保护中心 Method for enhancing information safety equipment verification safety
CN101593251A (en) * 2008-05-27 2009-12-02 中信国安信息科技有限公司 Digital signature device and digital signature method
CN101374049B (en) * 2008-10-24 2010-10-06 北京飞天诚信科技有限公司 Method and system for improving signature safety
CN101807237B (en) * 2010-03-01 2012-10-03 飞天诚信科技股份有限公司 Signature method and device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101034986A (en) * 2007-01-15 2007-09-12 北京飞天诚信科技有限公司 Method and system for securely using the intelligent secrete key device
CN101216923A (en) * 2008-01-07 2008-07-09 中国工商银行股份有限公司 A system and method to enhance the data security of e-bank dealings

Also Published As

Publication number Publication date
CN106850700A (en) 2017-06-13

Similar Documents

Publication Publication Date Title
TWI667585B (en) Method and device for safety authentication based on biological characteristics
ES2953529T3 (en) Multi-user strong authentication token
CN110677418B (en) Trusted voiceprint authentication method and device, electronic equipment and storage medium
CN104285229B (en) Via the security of the sensing data of embedded controller strengthening system
US9183365B2 (en) Methods and systems for fingerprint template enrollment and distribution process
ES2599985T3 (en) Validation at any time for verification tokens
CN106656502A (en) Computer systems and safe execution method
CN106533687A (en) Identity authentication method and device
JP2000222362A (en) Method and device for realizing multiple security check point
CN105868970B (en) authentication method and electronic equipment
CN108540457B (en) Safety equipment and biological authentication control method and device thereof
CN107733973A (en) Method of controlling security, terminal, server and computer-readable medium
WO2019010669A1 (en) Method, apparatus and system for identity validity verification
CN104618307B (en) Network bank business Verification System based on credible calculating platform
US20200233947A1 (en) System and method for facilitating authentication via a short-range wireless token
CN109087102A (en) Transaction protection robot system based on block chain
CN106850700B (en) Safety operation legality identification method and device
CN104010306A (en) Mobile device user identity authentication system and method
CN102647415A (en) Audio-interface-based method and system for providing identity authentication
US20240129139A1 (en) User authentication using two independent security elements
CN115935318A (en) Information processing method, device, server, client and storage medium
CN108471419A (en) Certificate sharing method based on trusted identity
JP4760124B2 (en) Authentication device, registration device, registration method, and authentication method
KR101611099B1 (en) Method for issuing of authentication token for real name identification, method for certifying user using the authentication token and apparatus for performing the method
JP6790839B2 (en) Secure element, UIM card, authentication method, and authentication program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder

Address after: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing

Patentee after: Beijing Shendun Technology Co.,Ltd.

Address before: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing

Patentee before: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd.

CP01 Change in the name or title of a patent holder