CN111414605A - Unlocking method and device of embedded security unit, electronic equipment and storage medium - Google Patents
Unlocking method and device of embedded security unit, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN111414605A CN111414605A CN202010187688.4A CN202010187688A CN111414605A CN 111414605 A CN111414605 A CN 111414605A CN 202010187688 A CN202010187688 A CN 202010187688A CN 111414605 A CN111414605 A CN 111414605A
- Authority
- CN
- China
- Prior art keywords
- unlocking
- embedded
- security unit
- unit
- embedded security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Lock And Its Accessories (AREA)
Abstract
The application discloses an unlocking method and device of an embedded safety unit, electronic equipment and a storage medium, wherein the unlocking method of the embedded safety unit is applied to the electronic equipment, the electronic equipment comprises the embedded safety unit, and the unlocking method of the embedded safety unit comprises the following steps: when the electronic equipment detects that the embedded safety unit is locked, sending state information to a server managed by a trusted service, wherein the state information is used for indicating that the embedded safety unit is in a locked state; receiving an unlocking instruction returned by the server; and unlocking the embedded safety unit according to the unlocking instruction. The method can realize the on-line unlocking of the embedded safety unit and bring convenience to the unlocking of the embedded safety unit.
Description
Technical Field
The present application relates to the field of electronic devices, and in particular, to an unlocking method and apparatus for an embedded security unit, an electronic device, and a storage medium.
Background
With the rapid development of the technology level, electronic devices with multiple functions have become important tools essential for life and work, and therefore, the requirements of the electronic devices on safety are higher and higher. To ensure security, electronic devices usually use an Embedded Secure Element (ESE) to store data of some important information, such as a bank card, a bus card, and the like.
When the electronic device realizes some functions, for example, reading data of a bus card or recharging the bus card, an instruction needs to be sent to the embedded security unit, and then the embedded security unit responds to the instruction sent by the electronic device to complete corresponding operations. However, the embedded security unit may perform self-protection and enter a locked state, and when the embedded security unit is locked, the embedded security unit needs to be unlocked.
Disclosure of Invention
In view of the foregoing problems, the present application provides an unlocking method and apparatus for an embedded security unit, an electronic device, and a storage medium.
In a first aspect, an embodiment of the present application provides an unlocking method for an embedded security unit, which is applied to an electronic device, where the electronic device includes the embedded security unit, and the method includes: when the electronic equipment detects that the embedded safety unit is locked, sending state information to a server managed by a trusted service, wherein the state information is used for indicating that the embedded safety unit is in a locked state; receiving an unlocking instruction returned by the server; and unlocking the embedded safety unit according to the unlocking instruction.
In a second aspect, an embodiment of the present application provides an unlocking apparatus for an embedded security unit, which is applied to an electronic device, where the electronic device includes the embedded security unit, and the apparatus includes: the electronic equipment comprises an information sending module, an instruction receiving module and an unlocking module, wherein the information sending module is used for sending state information to a trusted service management server when the electronic equipment detects that the embedded security unit is locked, and the state information is used for indicating that the embedded security unit is in a locked state; the instruction receiving module is used for receiving an unlocking instruction returned by the server; the unlocking module is used for unlocking the embedded safety unit according to the unlocking instruction.
In a third aspect, an embodiment of the present application provides an electronic device, including: one or more processors; a memory; one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to perform the method for unlocking an embedded security unit as provided in the first aspect above.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium, where a program code is stored in the computer-readable storage medium, and the program code may be called by a processor to execute the unlocking method of the embedded security unit provided in the first aspect.
According to the scheme, the electronic equipment interacts with the server of trusted service management when detecting that the embedded safety unit is locked, so that an unlocking instruction for unlocking is obtained, the embedded safety unit is unlocked according to the unlocking instruction, online unlocking of the embedded safety unit under the locking condition is achieved, a user does not need to spend excessive operation and energy to unlock the embedded safety unit offline, the time of the user is saved, and the user experience is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 shows a schematic diagram of an application scenario provided in an embodiment of the present application.
Fig. 2 shows a flow chart of a method for unlocking an embedded security unit according to an embodiment of the present application.
Fig. 3 shows a flow chart of a method for unlocking an embedded security unit according to another embodiment of the present application.
Fig. 4 shows a flow chart of a method for unlocking an embedded security unit according to yet another embodiment of the present application.
Fig. 5 shows a flowchart of a method for unlocking an embedded security unit according to yet another embodiment of the present application.
Fig. 6 shows a block diagram of an unlocking device of an embedded security unit according to an embodiment of the present application.
Fig. 7 is a block diagram of an electronic device for executing an unlocking method of an embedded security unit according to an embodiment of the present application.
Fig. 8 is a storage unit for storing or carrying program code for implementing an unlocking method of an embedded security unit according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
With the rapid development of electronic devices, functions that can be realized by mobile terminals are increasing, for example, the mobile terminals can realize various payment and verification functions. The mobile terminal has higher and higher requirements for security while realizing these functions. Therefore, most mobile terminals are provided with an Embedded Secure Element (ESE), which may be a tamper-resistant chip, and may have different sizes and different designs, and may be Embedded in any electronic device. The security of important information can be ensured because it ensures that data is stored in a secure place and that the information is only open to authorized applications and personnel.
The embedded security unit has a wide application range, and can ensure the security of any equipment and application programs in various use cases (such as payment, tickets, traffic, access control, ticketing, companies, cloud computing, e-government affairs and the like). The functionality of embedded security units tends to be diversified according to different devices, in particular in terms of retrieving data in a remote secure manner, secure connections, strong user authentication, device integration, etc.
The ESE has a self-protection mechanism, when the ESE is considered to be attacked (such as frequently wrong keys), a register for counting the attack times is added with 1, and after the register is added for a certain number (such as 32), the ESE enters a locking state, and when the terminal sends a command again, the ESE returns to 66A5 and does not respond any more. When the situation occurs, the data stored in the ESE cannot be operated any more, for example, the bus card cannot be read and recharged, and at this time, the ESE needs to be returned to the factory to unlock the ESE.
The inventor finds that, through long-term research, at present, an ESE chip manufacturer generally provides an undisclosed script to perform offline unlocking, the offline unlocking method is complex and cannot synchronize an unlocking state with a Trusted Service Management (TSM) server, and meanwhile, an access key (plaintext) of the ESE is required during unlocking, so that the key leakage possibility is caused.
In view of the above problems, the inventor provides an unlocking method and apparatus for an embedded security unit, an electronic device, and a storage medium, which are provided in the embodiments of the present application, and can acquire an unlocking instruction for unlocking by interacting with a trusted service management server when the embedded security unit in the electronic device is locked, and unlock the embedded security unit according to the unlocking instruction, thereby implementing online unlocking of the embedded security unit under the locked condition, without requiring a user to spend excessive operations and efforts to perform offline unlocking, saving time of the user, and improving user experience. The specific unlocking method of the embedded security unit is described in detail in the following embodiments.
The following first describes an application scenario in the embodiment of the present application. As shown in fig. 1, fig. 1 shows a schematic diagram of an application scenario provided in an embodiment of the present application, where the application scenario includes: server 200 and electronic device 100. The server 200 is a TSM server, and the TSM server is used for managing the ESE, for example, the TMS server may be a server of a trusted service management platform of an ESE vendor. The TSM server may manage states (e.g., a locked state, an unlocked state, a secure state) of the ESE, and may also issue an unlocking instruction for unlocking the ESE. The specific type of the electronic device 100 may not be limited, and may be, for example, a mobile phone, a tablet computer, a smart watch, and the like, and an Embedded Secure Element (ESE) may be disposed in the electronic device 100.
In some embodiments, the electronic device 100 and the server 200 may communicate over a network. The electronic device 100 interacts with the server 200 to feed back the state of the ESE to the server 200, and to obtain related data from the server 200, such as an unlocking instruction for unlocking the ESE.
Referring to fig. 2, fig. 2 is a flowchart illustrating an unlocking method of an embedded security unit according to an embodiment of the present application. In a specific embodiment, the unlocking method of the embedded security unit is applied to the unlocking device 400 of the embedded security unit shown in fig. 6 and the electronic device 100 (fig. 7) equipped with the unlocking device 400 of the embedded security unit. The following will describe a specific process of this embodiment by taking an electronic device as an example, where the electronic device includes an embedded security unit. As will be described in detail with respect to the flow shown in fig. 2, the unlocking method of the embedded security unit may specifically include the following steps:
step S110: and when the electronic equipment detects that the embedded safety unit is locked, sending state information to a server managed by a trusted service, wherein the state information is used for indicating that the embedded safety unit is in a locked state.
When an embedded security unit in the electronic device is accessed, the embedded security unit can be accessed only by a corresponding key. Applications that are generally authorized by a server managed by a trusted service, or by the system of the electronic device, can access the embedded security unit with the correct key. Of course, in some scenarios, when performing offline operations on the embedded security unit, such as offline maintenance and processing, the relevant user may also access the embedded security unit using the correct key. Thus, in some cases, the embedded security unit may be considered attacked when it receives the key if the key used to access the embedded security unit is wrong. For example, if an unauthorized malicious application wants to retrieve stored security data from the embedded security unit, the malicious application may access the embedded security unit with the wrong key because the malicious application does not have the corresponding key, and thus the embedded security unit may be considered to be attacked. For example, when the embedded security unit is maintained online, if the maintenance is not performed at a designated maintenance point, the maintenance person cannot know the correct key for accessing the embedded security unit, and therefore, there may be a case where the embedded security unit is accessed using the wrong key, and in this case, the embedded security unit may also be considered to be attacked. Of course, the above scenario is only an example, and the scenario in which the embedded security unit is considered to be attacked due to a key error is not limited thereto.
Of course, besides the key error, the embedded security unit may also be considered to be attacked because of other situations that may compromise security, such as physical attack. Physical attacks are snooping physical characteristics of a chip (such as voltage, clock, energy radiation and the like) and destructive actions (such as splitting and physical cloning of the chip) through physical means (generally by means of related instruments and meters and the like), so as to achieve the purpose of acquiring internal programs or data.
In the embodiment of the present application, each time the embedded security unit considers that the embedded security unit is attacked, the register for counting the number of attacked times of the attack is incremented by 1. In addition, the embedded security unit is usually configured with a preset attack frequency, and when the number counted by the register reaches the preset attack frequency, that is, the recorded attack frequency is equal to or greater than the preset attack frequency, the embedded security unit locks itself and does not respond to an external instruction any more.
Further, the embedded security unit may upload the locked state to a system of the electronic device after locking it. The system of the electronic device is determined by an operating system installed therein, and may be, for example, an android system or the like.
In an embodiment of the application, the electronic device may detect that the embedded security unit is locked after obtaining its locked state uploaded to the embedded security unit. In this case, the electronic device may send status information to the server of the trusted service management, the status information indicating that the embedded security unit is in the locked state, so that the server knows the locked state of the embedded security unit and returns information for unlocking thereto.
In some implementations, the electronic device can generate the above state information from the attribute information of the embedded security element. The attribute information may include identity information representing the identity of the embedded security unit, such as a number, a model, a chip identifier, and the like. It can be understood that, for security, manufacturers of the embedded security unit may set different access keys for different chips, so that different access keys are required to unlock the embedded security unit when unlocking the embedded security unit, and therefore, the attribute information may include identity information, so as to obtain an unlocking instruction corresponding to the embedded security unit from the server, that is, an unlocking instruction for unlocking the embedded security unit.
Step S120: and receiving an unlocking instruction returned by the server.
In this embodiment of the application, after the electronic device sends the above state information to the server managed by the trusted service, the server may record the state of the embedded security unit according to the received state information, so as to synchronize the locked state of the embedded security unit. The state information may be used as a request for obtaining an unlocking instruction, and the server may return the unlocking instruction to the electronic device according to the state information. When the server returns an unlocking instruction to the electronic equipment, the server can acquire the unlocking instruction of the embedded security unit according to the embedded security unit installed in the electronic equipment, and return the unlocking instruction to the electronic equipment. Accordingly, the electronic device may receive an unlocking instruction returned by the server managed by the trusted service.
In some embodiments, the unlocking instruction corresponding to each different embedded security unit may be stored in advance in a server managed by a trusted service, and after the server obtains the state information sent by the electronic device, the server may read the unlocking instruction corresponding to the embedded security unit according to the state information.
In some embodiments, the unlocking instruction may include various information and instructions, such as an access key, that need to be used in the unlocking process of the embedded security unit for unlocking. The instructions in the unlock instruction may be a series of apdu instructions and comply with corresponding security specifications. Of course, the specific content included in the unlocking instruction may not be a limitation, and the specific content of the unlocking instruction may be determined by the design of the manufacturer.
Step S130: and unlocking the embedded safety unit according to the unlocking instruction.
In the embodiment of the application, after the electronic device receives the unlocking instruction, the electronic device can unlock the embedded security unit in the locked state according to the unlocking instruction. The electronic equipment can send the unlocking instruction to the embedded safety unit, and the embedded safety unit can unlock according to the unlocking instruction after receiving the unlocking instruction so as to unlock the embedded safety unit.
According to the unlocking method of the embedded safety unit, the electronic equipment interacts with the server of the trusted service management to obtain the unlocking instruction for unlocking under the condition that the embedded safety unit is detected to be locked, and the embedded safety unit is unlocked according to the unlocking instruction, so that online unlocking of the embedded safety unit under the locking condition is achieved, a user does not need to spend excessive operation and energy to perform offline unlocking, the time of the user is saved, and the user experience is improved.
Referring to fig. 3, fig. 3 is a flowchart illustrating an unlocking method of an embedded security unit according to another embodiment of the present application. The unlocking method of the embedded safety unit is applied to the electronic equipment, and the application corresponding to the embedded safety unit is installed in the electronic equipment. As will be described in detail with respect to the flow shown in fig. 3, the unlocking method of the embedded security unit may specifically include the following steps:
step S210: and when the electronic equipment detects that the embedded safety unit is locked, sending state information to a server managed by a trusted service through the application, wherein the state information is used for indicating that the embedded safety unit is in a locked state.
In this embodiment of the application, one or more applications corresponding to the embedded security unit may be installed in the electronic device, and the applications may use the embedded security unit to read and write data in the embedded security unit, that is, have a right to access the embedded security unit. In addition, the application corresponding to the embedded security unit may be an application authorized by the server managed by the trusted service, and therefore, the application corresponding to the embedded security unit may also perform data interaction with the server managed by the trusted service, for example, an interface for accessing the server managed by the trusted service is provided in the application corresponding to the embedded security unit.
When the electronic device detects that the embedded security unit is locked, the electronic device can send the state information to a server managed by the trusted service by using the application corresponding to the embedded security unit. If only one application corresponding to the embedded security unit is installed in the electronic equipment, the electronic equipment can send the state information to the server by using the application; if the electronic device is provided with the applications corresponding to the at least two embedded security units, the electronic device can send the state information to the server by using any one of the at least two applications.
Step S220: and receiving an unlocking instruction returned by the server through the application.
In this embodiment of the application, when the electronic device sends the state information to the server through the application corresponding to the embedded security unit, the electronic device may receive an unlocking instruction returned by the server through the application. For example, when the electronic device sends state information indicating that the embedded security unit is locked to the server through the application 1, the application 1 may send the state information to the server through a corresponding interface accessing the server managed by the trusted service, and the subsequent server also returns an unlocking instruction to the application 1 through the interface.
Step S230: and the application transmits the unlocking instruction to an open mobile interface.
In an implementation of the present application, after receiving the unlocking instruction, the application corresponding to the embedded security unit in the electronic device may communicate with the embedded security unit through an Open Mobile interface (OMA) when the embedded security unit is unlocked according to the unlocking instruction. OMA may serve as an access interface for the embedded security unit, among other things. Specifically, when the embedded security unit is unlocked according to the unlocking instruction, the unlocking instruction may be transmitted to the OMA, so that the OMA subsequently transmits the unlocking instruction to the embedded security unit.
Step S240: and the open mobile interface transmits the unlocking instruction to the embedded safety unit, and the unlocking instruction is used for unlocking the embedded safety unit.
In this embodiment of the present application, after receiving the unlocking instruction, the OMA may transmit the unlocking instruction to the embedded security unit. Therefore, the embedded safety unit can be unlocked according to the unlocking instruction after the embedded safety unit obtains the unlocking instruction.
In some embodiments, the open mobile interface may transmit the unlock instruction to the embedded security unit through a Rich Execution Environment (REE) or through a Trusted Execution Environment (TEE). Here, the REE is an open environment created on the electronic device for versatility and richness, runs an operating system (e.g., Android OS, IOS, etc.) of the electronic device, and can open a download to a third party after the device is produced. TEE is relative to REE. The TEE is a concept proposed by a Global Platform (GP) organization for the REE of the intelligent mobile terminal, and is an operating environment coexisting with the REE but isolated from the REE. A Trusted operating system (Trusted OS) runs in the TEE, and can provide security services for the operating system (i.e., Rich OS) running in the REE. Through the combination of a set of hardware and software, the safe transmission, storage and processing of various sensitive data in the TEE can be ensured, and the confidentiality and integrity of the execution of Trusted Application (TA) and the end-to-end safety of data access authority can be ensured. The OMA may transmit the unlocking instruction to the embedded security unit through the REE, and may also transmit the unlocking instruction to the embedded security unit through the TEE, and the specific selected execution environment may not be limited.
Step S250: and acquiring unlocking information output by the embedded safety unit, wherein the unlocking information is used for indicating that the embedded safety unit is in an unlocking state.
In embodiments of the application, the interaction of the electronic device with the server of trusted service management may be bidirectional in order to synchronize the state of the embedded security unit. Specifically, after the embedded security unit completes unlocking, the embedded security unit may output unlocking information, and feed the unlocking information back to a system of the electronic device, or feed the unlocking information back to an application corresponding to the embedded security unit, so as to feed the unlocking information back to the server, and synchronize the state of the embedded security unit by the server.
Step S260: and sending the unlocking information of the embedded safety unit to the server.
In some embodiments, the embedded security unit may transmit the status information to the OMA module after unlocking, and may specifically select to transmit through the REE or the TEE. The OMA module can transmit the unlocking information to the application transmitting the state information after obtaining the unlocking information, and the application feeds the unlocking information back to the server after obtaining the unlocking information, so that the server can know that the embedded security unit is successfully unlocked and is in an unlocked state after receiving the unlocking information, and the server managed by the trusted service can record that the embedded security unit is currently in the unlocked state.
The unlocking information of the embedded safety unit in the unlocking state is fed back to the server after the embedded safety unit is unlocked after the unlocking instruction is obtained, so that the electronic equipment and the server managed by the trusted service can synchronize the unlocking state of the embedded safety unit, and the problem that the electronic equipment and the server managed by the trusted service cannot synchronize the unlocking state with the server managed by the trusted service due to offline unlocking is solved.
According to the unlocking method of the embedded safety unit, the installed embedded safety application interacts with the server of the trusted service management, the unlocking instruction is obtained and then transmitted to the embedded safety unit for unlocking, online unlocking of the embedded safety unit under the locking condition is achieved, a user does not need to spend excessive operation and energy for offline unlocking, time of the user is saved, and user experience is improved. In addition, the unlocking information of the embedded safety unit in the unlocking state is fed back to the server, so that the electronic equipment and the server managed by the trusted service can synchronize the unlocking state of the embedded safety unit, and the problem that the unlocking state cannot be synchronized with the server managed by the trusted service due to offline unlocking is solved.
Referring to fig. 4, fig. 4 is a flowchart illustrating an unlocking method of an embedded security unit according to another embodiment of the present application. The unlocking method of the embedded security unit is applied to the electronic device, and will be described in detail with respect to the flow shown in fig. 4, where the unlocking method of the embedded security unit may specifically include the following steps:
step S310: and when the electronic equipment detects that the embedded safety unit is locked, acquiring the unlocking times of the unlocked embedded safety unit.
In the embodiment of the application, the electronic device can be provided with the embedded security unit, and the unlocking times of the embedded security unit cannot exceed corresponding times, so that the embedded security unit is prevented from being continuously unlocked online under the condition that lawless persons or malicious applications attack the embedded security unit. Therefore, when the electronic equipment detects that the embedded safety unit is locked, the unlocking times of the unlocked embedded safety unit are obtained so as to determine whether the embedded safety unit can be unlocked online. The electronic device may record the unlocking times of unlocking the embedded security unit, and for example, the unlocking times may be counted by a register.
In some embodiments, the electronic device may obtain the number of times that the embedded security unit is unlocked within a preset time period. It can be understood that if the embedded security unit is indeed attacked by malware or lawless persons, the malware or lawless persons may continuously perform online unlocking on the embedded security unit within a period of time, so that the unlocking times within the preset period of time may be set to be obtained to avoid hindering normal unlocking of the embedded security unit.
Step S320: and if the unlocking times are more than the specified times, outputting second prompt contents, wherein the second prompt contents are used for indicating a user to perform offline detection on the embedded safety unit.
In the embodiment of the application, after the electronic device obtains the unlocking times, the unlocking times can be compared with the specified times, and whether the unlocking times are greater than the specified times or not is determined according to a comparison result. The specified times is used as the upper limit of the embedded security unit for online unlocking, and if the unlocking times is greater than the specified times, online unlocking cannot be performed. Therefore, if the unlocking times are larger than the specified times, the electronic equipment does not execute the online unlocking process of the embedded safety unit. The specific numerical value of the number of times of designation is not limited, and may be, for example, 5 times or 10 times.
In this embodiment of the application, if the unlocking times are greater than the specified times, the electronic device may output second prompt content to instruct a user to perform offline detection on the embedded security unit. It can be understood that when the number of times of unlocking is greater than the specified number of times, online unlocking cannot be performed, so that if the embedded security unit needs to be unlocked, a user can perform online detection to perform unlocking, maintenance and the like, thereby preventing further attack on the embedded security unit by a lawbreaker or malicious application.
Step S330: and if the unlocking times are less than or equal to the specified times, sending the state information to a server managed by the trusted service.
In this embodiment of the application, if the electronic device determines that the number of times of unlocking the embedded security unit is less than or equal to the specified number of times, sending the status information to the server managed by the trusted service, that is, performing the processes of steps S330 to S360, may be performed. Specifically, step S330 may refer to the contents of the foregoing embodiments, and is not described herein again.
Step S340: and receiving an unlocking instruction returned by the server.
In the embodiment of the present application, step S340 may refer to the contents of the foregoing embodiments, and is not described herein again.
Step S350: and outputting first prompt content, wherein the first prompt content is used for prompting to unlock the embedded safety unit.
In the embodiment of the application, after the electronic device obtains the unlocking instruction, the electronic device can also output first prompt content to prompt a user to unlock the embedded security unit, so that the embedded security unit can be unlocked only when the user needs to confirm unlocking, and attack of malicious software on the embedded security unit is prevented. The form of the first prompt content may not be limited, and for example, the first prompt content may be in a pop-up window form.
Step S360: and when the unlocking operation is detected, executing unlocking the embedded safety unit according to the unlocking instruction.
In the embodiment of the application, after the electronic device outputs the first prompt content, the operation of the user may be detected, and if the unlocking operation is detected, that is, when the user confirms the unlocking operation, the step of unlocking the embedded security unit according to the unlocking instruction is executed, so as to complete unlocking the embedded security unit.
In some embodiments, the electronic device may further set a corresponding authentication process, for example, password authentication, fingerprint authentication, face authentication, and the like, and when the identity authentication passes, the electronic device confirms that the unlocking operation is detected and executes the unlocking process, so as to prevent a lawbreaker from unlocking the embedded security unit online, thereby further attacking the embedded security unit.
According to the embedded security unit provided by the embodiment of the application, when the electronic equipment detects that the embedded security unit is locked, the process of online unlocking is executed only when the unlocking times of the electronic equipment are determined to be not more than the specified times, so that the embedded security unit is continuously unlocked online under the condition that lawless persons or malicious applications attack the embedded security unit. In addition, after the unlocking instruction is obtained, the user is prompted to unlock the embedded security unit, so that the embedded security unit can be unlocked only when the user needs to confirm unlocking, and attack of malicious software on the embedded security unit is prevented.
Referring to fig. 5, fig. 5 is a flowchart illustrating an unlocking method of an embedded security unit according to still another embodiment of the present application. The unlocking method of the embedded security unit is applied to the electronic device, and will be described in detail with respect to the flow shown in fig. 5, where the unlocking method of the embedded security unit may specifically include the following steps:
step S410: and when the electronic equipment detects that the embedded safety unit is locked, outputting third prompt content, wherein the third prompt content is used for prompting that the embedded safety unit is locked and prompting a user to input unlocking verification information.
In the embodiment of the application, when the electronic device detects that the embedded security unit is locked, third prompt content can be output to prompt a user that the embedded security unit is locked and prompt the user to input unlocking verification information. The unlocking verification information is used for triggering an unlocking process of the embedded safety unit, and the unlocking verification information is prompted to be input by a user, so that the online unlocking process is executed only under the condition that the subsequent unlocking verification information is verified successfully, and lawless persons or malicious software is prevented from unlocking the embedded safety unit online.
Step S420: and acquiring unlocking verification information input by a user.
In the embodiment of the application, after the electronic device outputs the third prompt content, the operation of the user may be detected to receive the unlocking verification information input by the user. The specific form of the unlocking verification information may not be limited, for example, the unlocking verification information may be a face image, a digital password, a graphic password, fingerprint information, and the like.
Step S430: and if the unlocking verification information is not matched with the preset verification information, sending attack indication information to the server, wherein the attack indication information is used for indicating that the embedded safety unit is attacked and indicating that the server forbids providing services for the embedded safety unit within a preset time length.
In the embodiment of the application, after the electronic device obtains the unlocking verification information, the unlocking verification information can be matched with the preset verification information. The preset verification information may be verification information set by a user or verification information set by a manufacturer, and is not limited herein. The preset verification information is used for verifying whether the current online unlocking process is in compliance or not so as to avoid malicious online unlocking.
After the electronic device matches the unlocking verification information with the preset verification information, whether an online unlocking process is performed or not can be determined according to a matching result. And if the unlocking verification information is not matched with the preset verification information, the electronic equipment does not perform the online unlocking process, and sends attack indication information to a server managed by the trusted service, wherein the attack indication information is used for indicating that the embedded security unit is attacked and indicating that the server forbids to provide service for the embedded security unit within a preset time length. It can be understood that if the unlocking verification information is not matched with the preset verification information, it indicates that the user who has performed online unlocking before may be an illegal user, and therefore, the online unlocking process is not performed, and the trusted management server is instructed not to provide the service for the embedded security unit within the preset duration, so as to prevent further attack to the embedded security unit by a lawbreaker, and protect the property and information of the user.
Of course, in some embodiments, the attack indication information may be sent to the server only when the unlocking verification information continuously input by the user for multiple times is not matched with the preset verification information, so as to avoid that the unlocking verification information input by the user is inaccurate due to misoperation and the like under some conditions, and the embedded security unit cannot be continuously unlocked online.
Step S440: and if the unlocking verification information is matched with preset verification information, sending state information to a server managed by the trusted service.
If the electronic device determines that the unlocking verification information matches the preset verification information, sending the status information to the trusted service management server may be performed, that is, the processes of step S440 to step S460 are performed.
Step S450: and receiving an unlocking instruction returned by the server.
Step S460: and unlocking the embedded safety unit according to the unlocking instruction.
In the embodiment of the present application, the contents of step S440 to step S460 may participate in the foregoing embodiments, and are not described herein again.
According to the unlocking method of the embedded safety unit, when the electronic equipment detects that the embedded safety unit is locked, the on-line unlocking process is executed only when the unlocking verification information input by the user is determined to be matched with the preset verification information, and therefore the embedded safety unit is continuously unlocked on line under the condition that lawless persons or malicious applications attack the embedded safety unit is avoided. When the unlocking verification information input by the user is not matched with the preset verification information, the server of the trusted management is indicated not to provide the service for the embedded security unit within the preset time length, so that a lawbreaker is prevented from further attacking the embedded security unit, and the property and the information of the user are protected.
Referring to fig. 6, a block diagram of an unlocking device 400 for an embedded security unit according to an embodiment of the present application is shown. The unlocking device 400 of the embedded security unit is applied to the electronic device, and the unlocking device 400 of the embedded security unit includes: the device comprises an information sending module 410, an instruction receiving module 420 and an unlocking module 430. The information sending module 410 is configured to send, when the electronic device detects that the embedded security unit is locked, status information to a trusted service management server, where the status information is used to indicate that the embedded security unit is in a locked state; the instruction receiving module 420 is configured to receive an unlocking instruction returned by the server; the unlocking module 430 is configured to unlock the embedded security unit according to the unlocking instruction.
In some embodiments, an application corresponding to the embedded security unit is installed in the electronic device. The instruction receiving module 420 may be specifically configured to: and receiving an unlocking instruction returned by the server through the application. In this manner, the unlocking module 430 may include: a first transmission unit and a second transmission unit. The first transmission unit is used for transmitting the unlocking instruction to an open mobile interface by the application; the second transmission unit is used for transmitting the unlocking instruction to the embedded safety unit through the open mobile interface, and the unlocking instruction is used for unlocking the embedded safety unit.
In this embodiment, the second transmission unit may specifically be configured to: and the open mobile interface transmits the unlocking instruction to the embedded safety unit through a rich execution environment REE or a trusted execution environment TEE.
In some embodiments, the unlocking device 400 of the embedded security unit may further include: the device comprises an information acquisition module and an information sending module. The information acquisition module is used for acquiring unlocking information output by the embedded safety unit after the embedded safety unit is unlocked according to the unlocking instruction, wherein the unlocking information is used for indicating that the embedded safety unit is in an unlocking state; and the information sending module is used for sending the unlocking information of the embedded safety unit to the server.
In some embodiments, the unlocking device 400 of the embedded security unit may further include: a first prompt module. The first prompting module is used for outputting first prompting content before the embedded safety unit is unlocked according to the unlocking instruction, and the first prompting content is used for prompting the embedded safety unit to be unlocked. When the unlocking operation is detected, the unlocking module 430 executes unlocking on the embedded security unit according to the unlocking instruction.
In some embodiments, the information sending module 410 may include: the device comprises a number acquisition unit and a first sending execution unit. The electronic equipment is used for acquiring the unlocking times of the embedded safety unit when the electronic equipment detects that the embedded safety unit is locked; and the first sending execution unit is used for sending the state information to a server managed by the trusted service if the unlocking times are less than or equal to the specified times.
In this embodiment, the unlocking means 400 of the embedded security unit may further include: and a second prompting module. And the second prompting module is used for outputting second prompting content if the unlocking times are more than the specified times, wherein the second prompting content is used for indicating a user to carry out offline detection on the embedded safety unit.
In some embodiments, the information sending module 410 may also include: the device comprises a locking prompting unit, a verification information acquisition unit and a second sending execution unit. The locking prompting unit is used for outputting third prompting content when the electronic equipment detects that the embedded safety unit is locked, wherein the third prompting content is used for prompting that the embedded safety unit is locked and prompting a user to input unlocking verification information; the verification information acquisition unit is used for acquiring unlocking verification information input by a user; and the second sending execution unit is used for sending the state information to a server managed by the trusted service if the unlocking verification information is matched with the preset verification information.
In this embodiment, the unlocking means 400 of the embedded security unit may further include: and an attack indication sending module. The attack indication sending module is used for sending attack indication information to the server if the unlocking verification information is not matched with the preset verification information, wherein the attack indication information is used for indicating that the embedded safety unit is attacked and indicating that the server forbids providing service for the embedded safety unit within a preset time length.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and modules may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, the coupling between the modules may be electrical, mechanical or other type of coupling.
In addition, functional modules in the embodiments of the present application may be integrated into one processing module, or each of the modules may exist alone physically, or two or more modules are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode.
To sum up, the scheme provided by the application acquires the unlocking instruction for unlocking by interacting with the server of trusted service management through the electronic equipment under the condition that the embedded security unit is detected to be locked, and unlocks the embedded security unit according to the unlocking instruction, so that online unlocking of the embedded security unit under the locking condition is realized, a user does not need to spend excessive operation and energy to unlock the embedded security unit offline, the time of the user is saved, and the user experience is improved.
Referring to fig. 7, a block diagram of an electronic device according to an embodiment of the present application is shown. The electronic device 100 may be a smart phone, a tablet computer, a smart watch, or other electronic devices capable of running an application program. The electronic device 100 in the present application may include one or more of the following components: a processor 110, a memory 120, and one or more applications, wherein the one or more applications may be stored in the memory 120 and configured to be executed by the one or more processors 110, the one or more programs configured to perform a method as described in the aforementioned method embodiments.
The processor 110 may include one or more Processing cores, the processor 110 may connect various parts throughout the electronic device 100 using various interfaces and lines, perform various functions of the electronic device 100 and process data by running or executing instructions, programs, code sets, or instruction sets stored in the memory 120, and calling data stored in the memory 120, alternatively, the processor 110 may be implemented in at least one hardware form of Digital Signal Processing (DSP), Field-Programmable Gate Array (FPGA), Programmable logic Array (Programmable L organic Array, P L a), the processor 110 may be implemented in the form of at least one of a Central Processing Unit (CPU), Graphics Processing Unit (GPU), and modem, etc., wherein the CPU primarily processes operating systems, user interfaces, application programs, etc., the GPU is responsible for displaying content, the modem is used for rendering, and the modem may be implemented separately for communication, or may be implemented in a separate chip.
The Memory 120 may include a Random Access Memory (RAM) or a Read-Only Memory (Read-Only Memory). The memory 120 may be used to store instructions, programs, code sets, or instruction sets. The memory 120 may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, instructions for implementing at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing various method embodiments described below, and the like. The data storage area may also store data created by the electronic device 100 during use (e.g., phone book, audio-video data, chat log data), and the like.
Referring to fig. 8, a block diagram of a computer-readable storage medium according to an embodiment of the present application is shown. The computer-readable medium 800 has stored therein a program code that can be called by a processor to execute the method described in the above-described method embodiments.
The computer-readable storage medium 800 may be an electronic memory such as a flash memory, an EEPROM (electrically erasable programmable read only memory), an EPROM, a hard disk, or a ROM. Alternatively, the computer-readable storage medium 800 includes a non-volatile computer-readable storage medium. The computer readable storage medium 800 has storage space for program code 810 to perform any of the method steps of the method described above. The program code can be read from or written to one or more computer program products. The program code 810 may be compressed, for example, in a suitable form.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not necessarily depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.
Claims (12)
1. An unlocking method of an embedded security unit is applied to an electronic device, the electronic device comprises the embedded security unit, and the method comprises the following steps:
when the electronic equipment detects that the embedded safety unit is locked, sending state information to a server managed by a trusted service, wherein the state information is used for indicating that the embedded safety unit is in a locked state;
receiving an unlocking instruction returned by the server;
and unlocking the embedded safety unit according to the unlocking instruction.
2. The method according to claim 1, wherein an application corresponding to the embedded security unit is installed in the electronic device, and the receiving of the unlocking instruction returned by the server includes:
receiving an unlocking instruction returned by the server through the application;
the unlocking the embedded security unit according to the unlocking instruction comprises the following steps:
the application transmits the unlocking instruction to an open mobile interface;
and the open mobile interface transmits the unlocking instruction to the embedded safety unit, and the unlocking instruction is used for unlocking the embedded safety unit.
3. The method of claim 2, wherein the open mobile interface transmitting the unlock instruction to the embedded security unit comprises:
and the open mobile interface transmits the unlocking instruction to the embedded safety unit through a rich execution environment REE or a trusted execution environment TEE.
4. The method according to claim 1, wherein after the unlocking the embedded security unit according to the unlocking instruction, the method further comprises:
acquiring unlocking information output by the embedded safety unit, wherein the unlocking information is used for indicating that the embedded safety unit is in an unlocking state;
and sending the unlocking information of the embedded safety unit to the server.
5. The method according to any one of claims 1-4, wherein prior to said unlocking the embedded security unit according to the unlocking instruction, the method further comprises:
outputting first prompt content, wherein the first prompt content is used for prompting to unlock the embedded safety unit;
and when the unlocking operation is detected, executing unlocking the embedded safety unit according to the unlocking instruction.
6. The method of any of claims 1-4, wherein sending state information to a trusted service management server when the electronic device detects that the embedded security unit is locked comprises:
when the electronic equipment detects that the embedded safety unit is locked, acquiring the unlocking times of the unlocked embedded safety unit;
and if the unlocking times are less than or equal to the specified times, sending the state information to a server managed by the trusted service.
7. The method of claim 6, further comprising:
and if the unlocking times are more than the specified times, outputting second prompt contents, wherein the second prompt contents are used for indicating a user to perform offline detection on the embedded safety unit.
8. The method of any of claims 1-4, wherein sending state information to a trusted service management server when the electronic device detects that the embedded security unit is locked comprises:
when the electronic equipment detects that the embedded safety unit is locked, outputting third prompt content, wherein the third prompt content is used for prompting that the embedded safety unit is locked and prompting a user to input unlocking verification information;
acquiring unlocking verification information input by a user;
and if the unlocking verification information is matched with preset verification information, sending state information to a server managed by the trusted service.
9. The method of claim 8, further comprising:
and if the unlocking verification information is not matched with the preset verification information, sending attack indication information to the server, wherein the attack indication information is used for indicating that the embedded safety unit is attacked and indicating that the server forbids providing services for the embedded safety unit within a preset time length.
10. An unlocking device of an embedded security unit, which is applied to an electronic device including the embedded security unit, the device comprising: an information sending module, an instruction receiving module and an unlocking module, wherein,
the information sending module is used for sending state information to a server managed by trusted service when the electronic equipment detects that the embedded security unit is locked, wherein the state information is used for indicating that the embedded security unit is in a locked state;
the instruction receiving module is used for receiving an unlocking instruction returned by the server;
the unlocking module is used for unlocking the embedded safety unit according to the unlocking instruction.
11. An electronic device, comprising:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to perform the method of any of claims 1-9.
12. A computer-readable storage medium, having stored thereon program code that can be invoked by a processor to perform the method according to any one of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010187688.4A CN111414605B (en) | 2020-03-17 | 2020-03-17 | Unlocking method and device of embedded security unit, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010187688.4A CN111414605B (en) | 2020-03-17 | 2020-03-17 | Unlocking method and device of embedded security unit, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111414605A true CN111414605A (en) | 2020-07-14 |
| CN111414605B CN111414605B (en) | 2023-07-18 |
Family
ID=71491287
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010187688.4A Active CN111414605B (en) | 2020-03-17 | 2020-03-17 | Unlocking method and device of embedded security unit, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111414605B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112560116A (en) * | 2020-12-04 | 2021-03-26 | Oppo(重庆)智能科技有限公司 | Function control method, device and storage medium |
| CN112685754A (en) * | 2020-12-25 | 2021-04-20 | 珠海零边界集成电路有限公司 | Unlocking circuit and unlocking method of debugging interface |
| CN113918918A (en) * | 2021-12-10 | 2022-01-11 | 四川华鲲振宇智能科技有限责任公司 | System and method for online unlocking of social security card and password resetting |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101459902A (en) * | 2007-12-13 | 2009-06-17 | 中兴通讯股份有限公司 | Credible service manager system and method for mobile payment |
| US20120304254A1 (en) * | 2011-05-26 | 2012-11-29 | First Data Corporation | Systems and Methods for Identifying Devices by a Trusted Service Manager |
| CN103186858A (en) * | 2012-02-05 | 2013-07-03 | 深圳市家富通汇科技有限公司 | Trusted service management method |
| CN103370954A (en) * | 2011-03-14 | 2013-10-23 | 捷讯研究有限公司 | Mobile wireless communications device having a near field communication (NFC) device and providing memory erasure and related methods |
| CN104125226A (en) * | 2014-07-28 | 2014-10-29 | 北京握奇智能科技有限公司 | Locking and unlocking application method, device and system |
| US20160253652A1 (en) * | 2015-02-27 | 2016-09-01 | Samsung Electronics Co., Ltd. | Electronic device providing electronic payment function and operation method thereof |
| WO2016156682A1 (en) * | 2015-04-01 | 2016-10-06 | Valeo Comfort And Driving Assistance | Method for loading a virtual key in a user terminal and associated user terminal |
| CN106102054A (en) * | 2016-05-27 | 2016-11-09 | 深圳市雪球科技有限公司 | A kind of method and communication system that safe unit is carried out safety management |
| CN107493561A (en) * | 2017-08-07 | 2017-12-19 | 北京小米移动软件有限公司 | Shared equipment unlocking method, apparatus and system |
| EP3306971A1 (en) * | 2016-10-05 | 2018-04-11 | Gemalto Sa | Method, device, server and system for securing an access to at least one service |
| CN108319857A (en) * | 2017-12-29 | 2018-07-24 | 北京握奇智能科技有限公司 | Trusted application adds unlocking method and system |
| CN110555706A (en) * | 2019-08-30 | 2019-12-10 | 北京银联金卡科技有限公司 | Face payment security method and platform based on security unit and trusted execution environment |
| CN110708364A (en) * | 2019-09-19 | 2020-01-17 | RealMe重庆移动通信有限公司 | Electronic equipment unlocking method and device, electronic equipment and storage medium |
-
2020
- 2020-03-17 CN CN202010187688.4A patent/CN111414605B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101459902A (en) * | 2007-12-13 | 2009-06-17 | 中兴通讯股份有限公司 | Credible service manager system and method for mobile payment |
| CN103370954A (en) * | 2011-03-14 | 2013-10-23 | 捷讯研究有限公司 | Mobile wireless communications device having a near field communication (NFC) device and providing memory erasure and related methods |
| US20120304254A1 (en) * | 2011-05-26 | 2012-11-29 | First Data Corporation | Systems and Methods for Identifying Devices by a Trusted Service Manager |
| CN103186858A (en) * | 2012-02-05 | 2013-07-03 | 深圳市家富通汇科技有限公司 | Trusted service management method |
| CN104125226A (en) * | 2014-07-28 | 2014-10-29 | 北京握奇智能科技有限公司 | Locking and unlocking application method, device and system |
| US20160253652A1 (en) * | 2015-02-27 | 2016-09-01 | Samsung Electronics Co., Ltd. | Electronic device providing electronic payment function and operation method thereof |
| WO2016156682A1 (en) * | 2015-04-01 | 2016-10-06 | Valeo Comfort And Driving Assistance | Method for loading a virtual key in a user terminal and associated user terminal |
| CN106102054A (en) * | 2016-05-27 | 2016-11-09 | 深圳市雪球科技有限公司 | A kind of method and communication system that safe unit is carried out safety management |
| EP3306971A1 (en) * | 2016-10-05 | 2018-04-11 | Gemalto Sa | Method, device, server and system for securing an access to at least one service |
| CN107493561A (en) * | 2017-08-07 | 2017-12-19 | 北京小米移动软件有限公司 | Shared equipment unlocking method, apparatus and system |
| CN108319857A (en) * | 2017-12-29 | 2018-07-24 | 北京握奇智能科技有限公司 | Trusted application adds unlocking method and system |
| CN110555706A (en) * | 2019-08-30 | 2019-12-10 | 北京银联金卡科技有限公司 | Face payment security method and platform based on security unit and trusted execution environment |
| CN110708364A (en) * | 2019-09-19 | 2020-01-17 | RealMe重庆移动通信有限公司 | Electronic equipment unlocking method and device, electronic equipment and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 李洁 牛天耘 易敏昕: ""TSM技术研究及国内外TSM生态环境浅析"", 《软件产业与工程》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112560116A (en) * | 2020-12-04 | 2021-03-26 | Oppo(重庆)智能科技有限公司 | Function control method, device and storage medium |
| CN112685754A (en) * | 2020-12-25 | 2021-04-20 | 珠海零边界集成电路有限公司 | Unlocking circuit and unlocking method of debugging interface |
| CN113918918A (en) * | 2021-12-10 | 2022-01-11 | 四川华鲲振宇智能科技有限责任公司 | System and method for online unlocking of social security card and password resetting |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111414605B (en) | 2023-07-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111414605B (en) | Unlocking method and device of embedded security unit, electronic equipment and storage medium | |
| CN103400068B (en) | Multi-level verification is used to control user to the system and method for the access of locked resource | |
| EP3941014A1 (en) | Digital key-based identity authentication method, terminal apparatus, and medium | |
| CN111143816B (en) | Verification and authorization method and verification server | |
| CN110009776B (en) | Identity authentication method and device | |
| CN102930199A (en) | Safe machine registration in a multi-tenant subscription enviroment | |
| WO2015055141A1 (en) | Method and device for controlling debug port of terminal device | |
| JP2005235159A (en) | Secure remote access system | |
| US20080120726A1 (en) | External storage device | |
| CN102523338B (en) | Handheld terminal with unlocking function and unlocking method thereof | |
| CN107977568B (en) | MCU safety protection identity authentication device and method | |
| CN109145651B (en) | Data processing method and device | |
| TWI534711B (en) | Smart card and access method thereof | |
| CN110691352B (en) | SIM card access control method, device, medium and equipment | |
| CN110610564A (en) | Key management device, key management method, key management system, and readable storage medium | |
| CN108965108B (en) | Message pushing method and related equipment | |
| US8185941B2 (en) | System and method of tamper-resistant control | |
| CN110708364A (en) | Electronic equipment unlocking method and device, electronic equipment and storage medium | |
| CN109302442A (en) | A kind of data storage method of proof and relevant device | |
| CN102122332B (en) | Method and system for managing password of electronic signing tool | |
| CN110597557B (en) | System information acquisition method, terminal and medium | |
| KR101555914B1 (en) | Universal serial bus remote control system | |
| US11200574B2 (en) | Secure mode for electronic access control readers | |
| CN113643015B (en) | Method, device and system for managing account transfer | |
| CN111010478B (en) | Mobile terminal protection method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |