CN110740136B - 面向开放银行的网络安全控制方法及开放银行平台 - Google Patents
面向开放银行的网络安全控制方法及开放银行平台 Download PDFInfo
- Publication number
- CN110740136B CN110740136B CN201911004113.8A CN201911004113A CN110740136B CN 110740136 B CN110740136 B CN 110740136B CN 201911004113 A CN201911004113 A CN 201911004113A CN 110740136 B CN110740136 B CN 110740136B
- Authority
- CN
- China
- Prior art keywords
- client
- information
- request
- string
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3827—Use of message hashing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0625—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Technology Law (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
Claims (3)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911004113.8A CN110740136B (zh) | 2019-10-22 | 2019-10-22 | 面向开放银行的网络安全控制方法及开放银行平台 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911004113.8A CN110740136B (zh) | 2019-10-22 | 2019-10-22 | 面向开放银行的网络安全控制方法及开放银行平台 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110740136A CN110740136A (zh) | 2020-01-31 |
CN110740136B true CN110740136B (zh) | 2022-04-22 |
Family
ID=69270743
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911004113.8A Active CN110740136B (zh) | 2019-10-22 | 2019-10-22 | 面向开放银行的网络安全控制方法及开放银行平台 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110740136B (zh) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111698312B (zh) * | 2020-06-08 | 2022-10-21 | 中国建设银行股份有限公司 | 基于开放平台的业务处理方法、装置、设备和存储介质 |
CN112468450B (zh) * | 2020-11-06 | 2023-05-23 | 通联支付网络服务股份有限公司 | 一种api开放平台针对服务商间整合api接口的方法 |
CN112822258B (zh) * | 2020-12-31 | 2023-04-07 | 北京神州数字科技有限公司 | 银行开放***接入方法及*** |
CN113395269B (zh) * | 2021-06-04 | 2023-02-17 | 上海浦东发展银行股份有限公司 | 一种数据交互方法、装置 |
CN114429341B (zh) * | 2022-01-24 | 2022-12-02 | 吉林银行股份有限公司 | 一种分组缴费方法、装置及设备 |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101442409A (zh) * | 2007-11-23 | 2009-05-27 | 东方钢铁电子商务有限公司 | 用于b2b数据交换的加密方法及*** |
CN102413464A (zh) * | 2011-11-24 | 2012-04-11 | 杭州东信北邮信息技术有限公司 | 基于gba的电信能力开放平台密钥协商***和方法 |
CN102573112A (zh) * | 2010-12-07 | 2012-07-11 | 中国电信股份有限公司 | 电信网络能力开放方法、***及联盟支撑平台 |
CN102932149A (zh) * | 2012-10-30 | 2013-02-13 | 武汉理工大学 | 一种集成ibe数据加密*** |
CN103248481A (zh) * | 2012-02-10 | 2013-08-14 | 工业和信息化部电信传输研究所 | 一种基于应用数字签名认证的开放api公共授权访问控制的方法 |
CN104199654A (zh) * | 2014-08-27 | 2014-12-10 | 百度在线网络技术(北京)有限公司 | 开放平台的调用方法及装置 |
CN104283841A (zh) * | 2013-07-02 | 2015-01-14 | 阿里巴巴集团控股有限公司 | 对第三方应用进行服务访问控制的方法、装置及*** |
CN108183907A (zh) * | 2017-12-29 | 2018-06-19 | 浪潮通用软件有限公司 | 一种认证方法、服务器及认证*** |
US10319029B1 (en) * | 2014-05-21 | 2019-06-11 | Plaid Technologies, Inc. | System and method for programmatically accessing financial data |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140089202A1 (en) * | 2012-09-27 | 2014-03-27 | Michael K. Bond | CRM Security Core |
CN106097167A (zh) * | 2016-06-07 | 2016-11-09 | 深圳心驰技术有限公司 | 一种金融押运信息服务*** |
CN106789067B (zh) * | 2016-12-13 | 2022-04-22 | 北京握奇智能科技有限公司 | 一种基于TEE和可穿戴设备的手机网银Key方法及*** |
CN108428173A (zh) * | 2018-01-31 | 2018-08-21 | 孙中东 | 1+1+n互联网银行应用架构与其商业模式应用 |
-
2019
- 2019-10-22 CN CN201911004113.8A patent/CN110740136B/zh active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101442409A (zh) * | 2007-11-23 | 2009-05-27 | 东方钢铁电子商务有限公司 | 用于b2b数据交换的加密方法及*** |
CN102573112A (zh) * | 2010-12-07 | 2012-07-11 | 中国电信股份有限公司 | 电信网络能力开放方法、***及联盟支撑平台 |
CN102413464A (zh) * | 2011-11-24 | 2012-04-11 | 杭州东信北邮信息技术有限公司 | 基于gba的电信能力开放平台密钥协商***和方法 |
CN103248481A (zh) * | 2012-02-10 | 2013-08-14 | 工业和信息化部电信传输研究所 | 一种基于应用数字签名认证的开放api公共授权访问控制的方法 |
CN102932149A (zh) * | 2012-10-30 | 2013-02-13 | 武汉理工大学 | 一种集成ibe数据加密*** |
CN104283841A (zh) * | 2013-07-02 | 2015-01-14 | 阿里巴巴集团控股有限公司 | 对第三方应用进行服务访问控制的方法、装置及*** |
US10319029B1 (en) * | 2014-05-21 | 2019-06-11 | Plaid Technologies, Inc. | System and method for programmatically accessing financial data |
CN104199654A (zh) * | 2014-08-27 | 2014-12-10 | 百度在线网络技术(北京)有限公司 | 开放平台的调用方法及装置 |
CN108183907A (zh) * | 2017-12-29 | 2018-06-19 | 浪潮通用软件有限公司 | 一种认证方法、服务器及认证*** |
Also Published As
Publication number | Publication date |
---|---|
CN110740136A (zh) | 2020-01-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110740136B (zh) | 面向开放银行的网络安全控制方法及开放银行平台 | |
US10164996B2 (en) | Methods and systems for providing a low value token buffer | |
CN108027926B (zh) | 基于服务的支付的认证***和方法 | |
JP6703510B2 (ja) | モバイルデバイスにおいてセキュアエレメントなしでアドバンスド記憶鍵を生成するための方法およびシステム | |
US8827154B2 (en) | Verification of portable consumer devices | |
US7606560B2 (en) | Authentication services using mobile device | |
US10049356B2 (en) | Authentication of card-not-present transactions | |
GB2549118A (en) | Electronic payment system using identity-based public key cryptography | |
US10546292B1 (en) | Systems and methods for substitute low-value tokens in secure network transactions | |
US12008548B2 (en) | Systems and methods for using a cryptogram lockbox | |
US11716200B2 (en) | Techniques for performing secure operations | |
CN113015991A (zh) | 安全的数字钱包处理*** | |
CN111698312A (zh) | 基于开放平台的业务处理方法、装置、设备和存储介质 | |
WO2024109551A1 (zh) | 数字化支付处理方法、装置、设备、***及介质 | |
CN112202794A (zh) | 交易数据的保护方法、装置、电子设备和介质 | |
US20230090972A1 (en) | Online secret encryption | |
CN110601836B (zh) | 密钥获取方法、装置、服务器和介质 | |
WO2023101778A1 (en) | Implementing a cryptography agent and a secure hardware-based enclave to prevent computer hacking of client applications | |
WO2020055401A1 (en) | Checkout with mac | |
TW202422436A (zh) | 數位化支付處理方法、裝置、設備、系統及介質 | |
WO2021163155A1 (en) | Systems and methods for provisioning funding card numbers to third party wallets | |
CN117997560A (zh) | 企业身份验证方法及设备 | |
WO2022220993A1 (en) | Secure transmission of sensitive data over an electronic network | |
CN114462990A (zh) | 基于数字货币进行免密支付的方法和装置 | |
CN115222402A (zh) | 一种数字货币的支付方法、装置和*** |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information |
Inventor after: Peng Yun Inventor after: Huang Zhimin Inventor after: Yang Yang Inventor after: Wu Yifan Inventor before: Chen Honghong Inventor before: Zhou Lei Inventor before: Fan Xingze |
|
CB03 | Change of inventor or designer information | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20210119 Address after: 25 Financial Street, Xicheng District, Beijing 100033 Applicant after: China Construction Bank Corp. Address before: 101-302, 3 / F, building 18, yard 10, xibeiwangdong Road, Haidian District, Beijing Applicant before: DIGITAL CHINA FINANCIAL SOFTWARE Co.,Ltd. |
|
TA01 | Transfer of patent application right | ||
GR01 | Patent grant | ||
GR01 | Patent grant |