CN111243129A - Secure communication system and method for transmitting paper files - Google Patents
Secure communication system and method for transmitting paper files Download PDFInfo
- Publication number
- CN111243129A CN111243129A CN201811440938.XA CN201811440938A CN111243129A CN 111243129 A CN111243129 A CN 111243129A CN 201811440938 A CN201811440938 A CN 201811440938A CN 111243129 A CN111243129 A CN 111243129A
- Authority
- CN
- China
- Prior art keywords
- information
- module
- unlocking
- ciphertext
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00563—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys using personal physical data of the operator, e.g. finger prints, retinal images, voicepatterns
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
- G07C2009/00412—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal being encrypted
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a secure communication system and a secure communication method for transmitting paper files, which comprise at least one file insurance device, an NB-IOT communication base station, a server and at least one terminal device; the file insurance equipment is used for executing locking and unlocking actions, acquiring and verifying the biological characteristic information of a transmitter, encrypting data comprising an unlocking request and position information and decrypting a received authorization unlocking information ciphertext; the NB-IOT communication base station is used for transmitting a data ciphertext containing an unlocking request and position information to the server and receiving an authorized unlocking information ciphertext transmitted by the server; the server is used for transmitting a data ciphertext containing the unlocking request and the position information to the terminal equipment and receiving an authorized unlocking information ciphertext transmitted by the terminal equipment; the terminal equipment is used for carrying out decryption processing on the data ciphertext containing the unlocking request and the position information and carrying out encryption processing on the generated authorized unlocking information.
Description
Technical Field
The invention relates to the technical field of wireless communication, in particular to a secure communication system and a secure communication method for transmitting paper files.
Background
When sensitive paper files need to be transmitted among departments such as public security, court and inspection institute, the traditional solution is that a transmitter, a monitoring person, a committee and the like need to monitor the transmission process of the sensitive paper files in the whole process, so as to ensure the consistency and safe transmission of the sensitive paper files. However, this method requires a plurality of workers, which results in a great reduction in work efficiency, and once there is a problem of negligence of the workers involved, the consistency and safety of the paper file cannot be effectively ensured.
In order to solve the problems of consistency and safety in the traditional sensitive paper file transfer process, people always seek an ideal technical solution.
Disclosure of Invention
The invention aims to provide a safe communication system and a method for transmitting paper files, which aim to overcome the defects in the prior art, realize the consistency of sensitive paper files and the safety of a transmission process by adopting an intelligent lock and combining an NB-IOT technology, a data encryption technology and a safety module with high safety performance, and greatly improve the working efficiency.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
a secure communication system for transmitting paper files comprises at least one file insurance device, an NB-IOT communication base station, a server and at least one terminal device, wherein the NB-IOT communication base station is in communication connection with the file insurance device and the server respectively, and the server is in communication connection with the terminal device;
the file insurance equipment is used for executing locking and unlocking actions, acquiring and verifying biological characteristic information of a transmitter, encrypting data comprising an unlocking request and position information and decrypting a received authorization unlocking information ciphertext;
the NB-IOT communication base station is used for transmitting the data ciphertext containing the unlocking request and the position information to the server and receiving the authorized unlocking information ciphertext transmitted by the server;
the server is used for transmitting the data ciphertext containing the unlocking request and the position information to the terminal equipment and receiving the authorized unlocking information ciphertext transmitted by the terminal equipment;
and the terminal equipment is used for decrypting the data ciphertext containing the unlocking request and the position information and encrypting the generated authorized unlocking information.
Based on the above, the file insurance equipment is provided with an intelligent lock, and the intelligent lock comprises a microprocessor, an execution module, a biological feature recognition module, a positioning module, a first security module and an NB-IOT communication module; the microprocessor is respectively connected with the execution module, the biological feature recognition module, the positioning module, the first security module and the NB-IOT communication module and is used for carrying out information cooperation and interaction with the modules; the execution module is used for executing locking and unlocking actions according to the information of the microprocessor; the biological characteristic identification module is used for acquiring human body biological characteristic information; the positioning module is used for acquiring the position information of the file insurance equipment; the first security module is used for encrypting data comprising the unlocking request and the position information and decrypting the authorized unlocking information ciphertext; the NB-IOT communication module is used for sending the data ciphertext containing the unlocking request and the position information and receiving the authorized unlocking information ciphertext.
Based on the above, the terminal device comprises a processor, a network communication module, a second security module and a display module; the processor is respectively connected with the network communication module, the second safety module and the display module and is used for carrying out information cooperation and interaction with the modules; the network communication module is used for receiving the unlocking request and the ciphertext of the position information and sending the authorized unlocking information ciphertext; the second security module is used for decrypting the unlocking request and the position information and encrypting the authorized unlocking information ciphertext; the display module is used for displaying the unlocking request and the position information.
Based on the above, the biometric identification module includes at least one of a fingerprint module, an iris module, a human face module, a finger vein module, a palm print module, and a voice print module.
Based on the above, the file insurance equipment is further provided with a display device at least used for displaying the biometric verification information, the authorized unlocking information and the related process prompt information of the deliverer.
The invention also provides a secure communication method of the secure communication system for transmitting the paper file, which specifically comprises the following steps:
s1, after the paper file is locked into the file insurance equipment, the biological characteristic information of a transmitter is collected and stored through the biological characteristic identification module in the file insurance equipment, and the biological characteristic information is used as preset biological characteristic information;
s2, after the piece insurance equipment stored with the paper piece is transmitted to a target place, the biological characteristic information of a transmitter is collected through the biological characteristic identification module and is compared with the preset biological characteristic information for verification;
s3, after the verification is passed, the file insurance equipment acquires the data comprising the unlocking request and the position information, encrypts the data by the first security module, and sends the data to the server by the NB-IOT communication base station, and the server receives the data ciphertext comprising the unlocking request and the position information and forwards the data ciphertext to the terminal equipment;
s4, the terminal equipment decrypts the data ciphertext including the unlocking request and the position information through the second security module, and then obtains the data plaintext including the unlocking request and the position information;
s5, after verifying that the file insurance equipment is transmitted to a target location through the position information, the terminal equipment returns an authorized unlocking information ciphertext to the file insurance equipment according to the unlocking request, and the file insurance equipment decrypts the authorized unlocking information ciphertext, collects the biological characteristic information of the transmitter again and compares and verifies the biological characteristic information;
and S6, after the verification is passed, opening the file insurance equipment through the intelligent lock, and taking out the paper file from the file insurance equipment by a deliverer.
Based on the above, before S1, the method further includes: and carrying out information binding on the file insurance equipment and the terminal equipment.
Based on the above, before S3, the method further includes that the file insurance device performs two-way identity authentication based on a digital certificate with the terminal device; and the file insurance equipment and the terminal equipment perform key negotiation to obtain a session key for encrypting and decrypting communication information between the file insurance equipment and the terminal equipment.
Based on the above, the process of returning, according to the unlocking request, authorized unlocking information to the file insurance device in S5, and the process of decrypting, by the file insurance device, the authorized unlocking information ciphertext and acquiring again biometric information of the deliverer to verify includes:
the terminal equipment encrypts the generated authorized unlocking information through the second security module and then sends the encrypted authorized unlocking information to the server through the network communication module, and the server sends the ciphertext of the authorized unlocking information to the NB-IOT communication module through the NB-IOT communication base station;
the file insurance equipment receives the ciphertext of the authorized unlocking information through the NB-IOT communication module, decrypts the ciphertext of the authorized unlocking information through the first security module to obtain the plaintext of the authorized unlocking information, and acquires the biological characteristic information of a transmitter through the biological characteristic identification module to compare with the preset biological characteristic information for verification.
Based on the above, the process of performing digital certificate-based bidirectional identity authentication between the file insurance device and the terminal device and the process of performing key agreement between the file insurance device and the terminal device are all completed on the basis of the NB-IOT communication base station and the transmission channel built by the server.
Compared with the prior art, the invention has prominent substantive characteristics and remarkable progress, particularly:
(1) by introducing the NB-IOT communication technology, the system has wide coverage, low power consumption and capability of supporting mass connection;
(2) the first security module and the second security module are respectively arranged in the file insurance equipment and the terminal equipment, so that a security channel between the file insurance equipment and the terminal equipment is constructed, a malicious attacker is effectively prevented from intercepting data information, and the transmission security of data including an unlocking request and position information and authorized unlocking information is ensured;
(3) the biological characteristic recognition module of the intelligent lock arranged on the file insurance equipment can collect the biological characteristic information of a transmitter, and subsequently, whether the biological characteristic information is correct or not is verified to ensure the safety and consistency of the sensitive paper file in the transmission process, so that the file insurance equipment is more intelligent and networked;
(4) one or more superior leaders can be configured through the terminal equipment to transmit authorized unlocking information, and only after the authorized unlocking information transmitted by the terminal equipment is obtained and the biological characteristic information is verified to be correct, the intelligent lock can be correctly unlocked, the file insurance equipment can be unlocked, and the consistency and the safety of sensitive paper files can be ensured;
(5) identity authentication and key agreement are carried out between the file insurance equipment and the terminal equipment, so that the legality of the identities of the two parties and the safety of data transmission are ensured, and the damage of illegal equipment and malicious molecules to the transmission of sensitive paper files is prevented;
(6) by collecting and verifying the biological characteristic information of the deliverer for multiple times, the safety and consistency of the delivery of the paper file are effectively ensured, and the situation that persons except the deliverer illegally send an unlocking request and obtain authorized unlocking information so as to illegally obtain the paper file is avoided;
(7) the invention only needs a deliverer, thereby greatly improving the working efficiency.
Drawings
FIG. 1 is an overall block diagram of the secure communication system for communicating paper documents of the present invention.
FIG. 2 is a block diagram of a file insurance device in a secure communication system for communicating paper files in accordance with the present invention.
Fig. 3 is a block diagram illustrating a terminal device in a secure communication system for transferring paper documents according to the present invention.
FIG. 4 is a flow chart of a method of secure communication for communicating paper documents in accordance with the present invention.
Detailed Description
In order to make the present invention clearer, the technical solution of the present invention is further described in detail by the following embodiments.
As shown in fig. 1, a secure communication system for delivering paper documents includes at least one document insurance device, an NB-IOT communication base station, a server, and at least one terminal device, where the NB-IOT communication base station is in communication connection with the document insurance device and the server, respectively, and the server is in communication connection with the terminal device;
the file insurance equipment is used for executing locking and unlocking actions, acquiring and verifying biological characteristic information of a transmitter, encrypting data comprising an unlocking request and position information and decrypting a received authorization unlocking information ciphertext;
the NB-IOT communication base station is used for transmitting the data ciphertext containing the unlocking request and the position information to the server and receiving the authorized unlocking information ciphertext transmitted by the server;
the server is used for transmitting the data ciphertext containing the unlocking request and the position information to the terminal equipment and receiving the authorized unlocking information ciphertext transmitted by the terminal equipment;
and the terminal equipment is used for decrypting the data ciphertext containing the unlocking request and the position information and encrypting the generated authorized unlocking information.
As shown in fig. 2, specifically, an intelligent lock is disposed on the file insurance device, and the intelligent lock includes a microprocessor, an execution module, a biometric identification module, a positioning module, a first security module, and an NB-IOT communication module; the microprocessor is respectively connected with the execution module, the biological feature recognition module, the positioning module, the first security module and the NB-IOT communication module and is used for carrying out information cooperation and interaction with the modules; the execution module is used for executing locking and unlocking actions according to the information of the microprocessor; the biological characteristic identification module is used for acquiring human body biological characteristic information; the positioning module is used for acquiring the position information of the file insurance equipment; the first security module is used for encrypting data comprising the unlocking request and the position information and decrypting the authorized unlocking information ciphertext; the NB-IOT communication module is used for sending the data ciphertext containing the unlocking request and the position information and receiving the authorized unlocking information ciphertext.
As shown in fig. 3, specifically, the terminal device includes a processor, a network communication module, a second security module, and a display module; the processor is respectively connected with the network communication module, the second safety module and the display module and is used for carrying out information cooperation and interaction with the modules; the network communication module is used for receiving the unlocking request and the ciphertext of the position information and sending the authorized unlocking information ciphertext; the second security module is used for decrypting the unlocking request and the position information and encrypting the authorized unlocking information ciphertext; the display module is used for displaying the unlocking request and the position information.
Specifically, the biometric identification module comprises at least one of a fingerprint module, an iris module, a human face module, a finger vein module, a palm print module and a voiceprint module.
Specifically, the file insurance device is further provided with a display device at least used for displaying the biometric verification information, the authorized unlocking information and the related process prompt information of the deliverer.
As shown in fig. 4, the present invention further provides a secure communication method of a secure communication system for transferring a paper file, where the secure communication method specifically includes:
s1, after the paper file is locked into the file insurance equipment, the biological characteristic information of a transmitter is collected and stored through the biological characteristic identification module in the file insurance equipment, and the biological characteristic information is used as preset biological characteristic information;
s2, after the piece insurance equipment stored with the paper piece is transmitted to a target place, the biological characteristic information of a transmitter is collected through the biological characteristic identification module and is compared with the preset biological characteristic information for verification;
s3, after the verification is passed, the file insurance equipment acquires the data comprising the unlocking request and the position information, encrypts the data by the first security module, and sends the data to the server by the NB-IOT communication base station, and the server receives the data ciphertext comprising the unlocking request and the position information and forwards the data ciphertext to the terminal equipment;
s4, the terminal equipment decrypts the data ciphertext including the unlocking request and the position information through the second security module, and then obtains the data plaintext including the unlocking request and the position information;
s5, after verifying that the file insurance equipment is transmitted to a target location through the position information, the terminal equipment returns an authorized unlocking information ciphertext to the file insurance equipment according to the unlocking request, and the file insurance equipment decrypts the authorized unlocking information ciphertext, collects the biological characteristic information of the transmitter again and compares and verifies the biological characteristic information;
and S6, after the verification is passed, opening the file insurance equipment through the intelligent lock, and taking out the paper file from the file insurance equipment by a deliverer.
In practical application, in order to ensure that a deliverer can safely deliver paper files and ensure the consistency and the safety of the paper files, the biological characteristic information of the deliverer, such as information of fingerprints, human faces, finger veins and the like, needs to be collected for many times; after the target location is reached, the unlocking request and the position information are sent only after the collected biological characteristic information of the deliverer is verified to be correct, and other people except the deliverer are prevented from sending the unlocking request and the position information; when the file insurance equipment receives the authorized unlocking information, the file insurance equipment cannot be directly opened, but the biological characteristic information of the deliverer is collected again, and if the biological characteristic information passes the verification, the file insurance equipment can be opened, so that the situation that other personnel except the deliverer obtain the paper file on site is effectively avoided.
Specifically, before S1, the method further includes: and carrying out information binding on the file insurance equipment and the terminal equipment.
Specifically, before S3, the method further includes that the file insurance device performs two-way identity authentication based on a digital certificate with the terminal device; and the file insurance equipment and the terminal equipment perform key negotiation to obtain a session key for encrypting and decrypting communication information between the file insurance equipment and the terminal equipment.
Specifically, the process of returning, according to the unlocking request, authorized unlocking information to the file insurance device in S5, and the process of decrypting, by the file insurance device, the authorized unlocking information ciphertext and acquiring again biometric information of the deliverer to verify the biometric information includes:
the terminal equipment encrypts the generated authorized unlocking information through the second security module and then sends the encrypted authorized unlocking information to the server through the network communication module, and the server sends the ciphertext of the authorized unlocking information to the NB-IOT communication module through the NB-IOT communication base station;
the file insurance equipment receives the ciphertext of the authorized unlocking information through the NB-IOT communication module, decrypts the ciphertext of the authorized unlocking information through the first security module to obtain the plaintext of the authorized unlocking information, and acquires the biological characteristic information of a transmitter through the biological characteristic identification module to compare with the preset biological characteristic information for verification.
Specifically, the process of performing digital certificate-based bidirectional identity authentication on the file insurance device and the terminal device and the process of performing key agreement on the file insurance device and the terminal device are all completed on the basis of the NB-IOT communication base station and a transmission channel built by the server.
It should be finally noted that the above-mentioned embodiments are only used for illustrating the technical solutions of the present invention and not for limiting the same, and those skilled in the art should make modifications to the specific embodiments of the present invention or make equivalent substitutions for part of technical features without departing from the spirit of the technical solutions of the present invention, and all of them should be covered in the technical solutions claimed in the present invention.
Claims (10)
1. A secure communication system for transmitting paper files is characterized by comprising at least one file insurance device, an NB-IOT communication base station, a server and at least one terminal device, wherein the NB-IOT communication base station is in communication connection with the file insurance device and the server respectively, and the server is in communication connection with the terminal device;
the file insurance equipment is used for executing locking and unlocking actions, acquiring and verifying biological characteristic information of a transmitter, encrypting data comprising an unlocking request and position information and decrypting a received authorization unlocking information ciphertext;
the NB-IOT communication base station is used for transmitting the data ciphertext containing the unlocking request and the position information to the server and receiving the authorized unlocking information ciphertext transmitted by the server;
the server is used for transmitting the data ciphertext containing the unlocking request and the position information to the terminal equipment and receiving the authorized unlocking information ciphertext transmitted by the terminal equipment;
and the terminal equipment is used for decrypting the data ciphertext containing the unlocking request and the position information and encrypting the generated authorized unlocking information.
2. The secure communication system for communicating paper documents as claimed in claim 1, wherein an intelligent lock is provided on said document insurance device, said intelligent lock comprising a microprocessor, an execution module, a biometric identification module, a positioning module, a first security module and an NB-IOT communication module; the microprocessor is respectively connected with the execution module, the biological feature recognition module, the positioning module, the first security module and the NB-IOT communication module and is used for carrying out information cooperation and interaction with the modules; the execution module is used for executing locking and unlocking actions according to the information of the microprocessor; the biological characteristic identification module is used for acquiring human body biological characteristic information; the positioning module is used for acquiring the position information of the file insurance equipment; the first security module is used for encrypting data comprising the unlocking request and the position information and decrypting the authorized unlocking information ciphertext; the NB-IOT communication module is used for sending the data ciphertext containing the unlocking request and the position information and receiving the authorized unlocking information ciphertext.
3. The secure communication system for communicating paper documents as claimed in claim 1, wherein said terminal device comprises a processor, a network communication module, a second security module, a display module; the processor is respectively connected with the network communication module, the second safety module and the display module and is used for carrying out information cooperation and interaction with the modules; the network communication module is used for receiving the unlocking request and the ciphertext of the position information and sending the authorized unlocking information ciphertext; the second security module is used for decrypting the unlocking request and the position information and encrypting the authorized unlocking information ciphertext; the display module is used for displaying the unlocking request and the position information.
4. The secure communication system for communicating paper documents as claimed in claim 2, wherein said biometric module comprises at least one of a fingerprint module, an iris module, a face module, a finger vein module, a palm print module, a voice print module.
5. The secure communication system for delivery of paper files of claim 2, wherein a display device is further provided on the file insurance device for displaying at least the biometric verification information of the delivery person, the authorized unlocking information, and the associated process prompting information.
6. A secure communication method using the secure communication system for delivering paper documents according to any one of claims 1 to 5, the secure communication method comprising:
s1, after the paper file is locked into the file insurance equipment, the biological characteristic information of a transmitter is collected and stored through the biological characteristic identification module in the file insurance equipment, and the biological characteristic information is used as preset biological characteristic information;
s2, after the piece insurance equipment stored with the paper piece is transmitted to a target place, the biological characteristic information of a transmitter is collected through the biological characteristic identification module and is compared with the preset biological characteristic information for verification;
s3, after the verification is passed, the file insurance equipment acquires the data comprising the unlocking request and the position information, encrypts the data by the first security module, and sends the data to the server by the NB-IOT communication base station, and the server receives the data ciphertext comprising the unlocking request and the position information and forwards the data ciphertext to the terminal equipment;
s4, the terminal equipment decrypts the data ciphertext including the unlocking request and the position information through the second security module, and then obtains the data plaintext including the unlocking request and the position information;
s5, after verifying that the file insurance equipment is transmitted to a target location through the position information, the terminal equipment returns an authorized unlocking information ciphertext to the file insurance equipment according to the unlocking request, and the file insurance equipment decrypts the authorized unlocking information ciphertext, collects the biological characteristic information of the transmitter again and compares and verifies the biological characteristic information;
and S6, after the verification is passed, opening the file insurance equipment through the intelligent lock, and taking out the paper file from the file insurance equipment by a deliverer.
7. The secure communication method for communicating paper parcels of claim 6, further comprising, prior to S1: and carrying out information binding on the file insurance equipment and the terminal equipment.
8. The secure communication method for communicating paper portfolio of claim 6, further comprising, prior to S3, the portfolio insurance device performing digital certificate-based two-way identity authentication with the terminal device; and the file insurance equipment and the terminal equipment perform key negotiation to obtain a session key for encrypting and decrypting communication information between the file insurance equipment and the terminal equipment.
9. The secure communication method for delivering paper files according to claim 6, wherein the step of returning authorized unlocking information to the file insurance device according to the unlocking request in S5, the process of decrypting the authorized unlocking information ciphertext by the file insurance device and collecting the biometric information of the deliverer again for verification comprises:
the terminal equipment encrypts the generated authorized unlocking information through the second security module and then sends the encrypted authorized unlocking information to the server through the network communication module, and the server sends the ciphertext of the authorized unlocking information to the NB-IOT communication module through the NB-IOT communication base station;
the file insurance equipment receives the ciphertext of the authorized unlocking information through the NB-IOT communication module, decrypts the ciphertext of the authorized unlocking information through the first security module to obtain the plaintext of the authorized unlocking information, and acquires the biological characteristic information of a transmitter through the biological characteristic identification module to compare with the preset biological characteristic information for verification.
10. The secure communication method for delivering paper files according to claim 8, wherein the process of performing two-way identity authentication based on a digital certificate with the terminal device and performing key agreement with the terminal device is completed on the basis of a transmission channel established by the NB-IOT communication base station and the server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811440938.XA CN111243129B (en) | 2018-11-29 | 2018-11-29 | Secure communication system and method for transmitting paper files |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811440938.XA CN111243129B (en) | 2018-11-29 | 2018-11-29 | Secure communication system and method for transmitting paper files |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111243129A true CN111243129A (en) | 2020-06-05 |
CN111243129B CN111243129B (en) | 2022-02-11 |
Family
ID=70864049
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811440938.XA Active CN111243129B (en) | 2018-11-29 | 2018-11-29 | Secure communication system and method for transmitting paper files |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111243129B (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN204087261U (en) * | 2014-07-18 | 2015-01-07 | 安然 | A kind of valuables logistics distribution system |
CN105298298A (en) * | 2015-11-04 | 2016-02-03 | 上海太赫紫电子科技有限公司 | Safety type safety box unlocked through mobile phone |
CN105901964A (en) * | 2016-06-24 | 2016-08-31 | 青岛安正网络科技有限公司 | Intelligent paper medium archive management device |
CN206124508U (en) * | 2016-11-05 | 2017-04-26 | 金香华 | Prevent file for economy lost |
CN108354296A (en) * | 2018-02-09 | 2018-08-03 | 深圳市安卓工控设备有限公司 | A kind of concerning security matters vectors safe carrying box |
CN108900530A (en) * | 2018-07-30 | 2018-11-27 | 郑州信大捷安信息技术股份有限公司 | A kind of safe communication system and method |
CN109392190A (en) * | 2018-11-16 | 2019-02-26 | 国网安徽省电力有限公司淮南供电公司 | Confidential document flow system and control method |
-
2018
- 2018-11-29 CN CN201811440938.XA patent/CN111243129B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN204087261U (en) * | 2014-07-18 | 2015-01-07 | 安然 | A kind of valuables logistics distribution system |
CN105298298A (en) * | 2015-11-04 | 2016-02-03 | 上海太赫紫电子科技有限公司 | Safety type safety box unlocked through mobile phone |
CN105901964A (en) * | 2016-06-24 | 2016-08-31 | 青岛安正网络科技有限公司 | Intelligent paper medium archive management device |
CN206124508U (en) * | 2016-11-05 | 2017-04-26 | 金香华 | Prevent file for economy lost |
CN108354296A (en) * | 2018-02-09 | 2018-08-03 | 深圳市安卓工控设备有限公司 | A kind of concerning security matters vectors safe carrying box |
CN108900530A (en) * | 2018-07-30 | 2018-11-27 | 郑州信大捷安信息技术股份有限公司 | A kind of safe communication system and method |
CN109392190A (en) * | 2018-11-16 | 2019-02-26 | 国网安徽省电力有限公司淮南供电公司 | Confidential document flow system and control method |
Also Published As
Publication number | Publication date |
---|---|
CN111243129B (en) | 2022-02-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111614637B (en) | Secure communication method and system based on software cryptographic module | |
US8843760B2 (en) | Biometric identification method | |
CN103124269B (en) | Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment | |
US7725717B2 (en) | Method and apparatus for user authentication | |
CN101958892B (en) | Electronic data protection method, device and system based on face recognition | |
CN105847247A (en) | Authentication system and working method thereof | |
CN106488452B (en) | Mobile terminal safety access authentication method combining fingerprint | |
CN101340436B (en) | Method and apparatus implementing remote access control based on portable memory apparatus | |
CN109410406A (en) | A kind of authorization method, device and system | |
CN109150535A (en) | A kind of identity identifying method, equipment, computer readable storage medium and device | |
CN101420301A (en) | Human face recognizing identity authentication system | |
CN102448061A (en) | Method and system for preventing phishing attack on basis of mobile terminal | |
CN102572817A (en) | Method and intelligent memory card for realizing mobile communication confidentiality | |
CN107989514A (en) | There is the safety box of dynamic password | |
CN104935441A (en) | Authentication method and relevant devices and systems | |
CN109889669A (en) | A kind of unlocked by mobile telephone method and system based on secure cryptographic algorithm | |
CN106789024A (en) | A kind of remote de-locking method, device and system | |
CN107911211B (en) | Two-dimensional code authentication system based on quantum communication network | |
CN101908964A (en) | Method for authenticating remote virtual cryptographic equipment | |
CN103152326A (en) | Distributed authentication method and authentication system | |
CN110738764A (en) | Security control system and method based on intelligent lock | |
CN107786978B (en) | NFC authentication system based on quantum encryption | |
CN107888376B (en) | NFC authentication system based on quantum communication network | |
CN111243129B (en) | Secure communication system and method for transmitting paper files | |
Chen et al. | Design of a secure medical data sharing system via an authorized mechanism |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |