CN113114607A - Terminal equipment - Google Patents
Terminal equipment Download PDFInfo
- Publication number
- CN113114607A CN113114607A CN202010025042.6A CN202010025042A CN113114607A CN 113114607 A CN113114607 A CN 113114607A CN 202010025042 A CN202010025042 A CN 202010025042A CN 113114607 A CN113114607 A CN 113114607A
- Authority
- CN
- China
- Prior art keywords
- data
- processing module
- processor
- protocol
- application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007781 pre-processing Methods 0.000 claims abstract description 11
- 238000001914 filtration Methods 0.000 claims description 11
- 238000000034 method Methods 0.000 claims description 10
- 230000008569 process Effects 0.000 claims description 10
- 238000004806 packaging method and process Methods 0.000 claims description 8
- 238000001514 detection method Methods 0.000 claims description 4
- 238000004891 communication Methods 0.000 abstract description 18
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 238000005538 encapsulation Methods 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides terminal equipment, and relates to the technical field of communication. The terminal device includes: an application processor, a baseband processor, and a security processor coupled in series with the application processor and the baseband processor; wherein the secure processor is to: and preprocessing the data transmitted by the application processor or received by the baseband processor. The scheme of the invention solves the safety risk existing in the encryption communication processing of the existing terminal equipment.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a terminal device.
Background
The encryption communication is an effective means for solving the data communication safety problem through a cryptographic technology, and can effectively prevent information from being stolen or tampered in the public network transmission process. The encryption intelligent terminal is an intelligent terminal adopting an encryption communication technology, and is the most popular communication carrier for encryption communication application.
The current mainstream implementation mode is realized in a calling mode, namely, data analysis, filtration and encapsulation are realized in an intelligent terminal operating system in a software mode, software runs in a terminal processor, and when encryption and decryption processing is required, a cryptographic module is accessed in a calling mode.
However, although the cryptographic module is independent hardware, the software for processing the data packet is implemented based on the operating system and runs in the terminal application processor, on one hand, it cannot be guaranteed that the encryption processing software is not bypassed, and on the other hand, part of the encrypted communication intermediate data and processing logic are exposed to the terminal application processor, which has a greater security risk.
Disclosure of Invention
The invention aims to provide a terminal device, which solves the security risk existing in the encryption communication processing of the existing terminal device.
To achieve the above object, an embodiment of the present invention provides a terminal device, including:
an application processor, a baseband processor, and a security processor coupled in series with the application processor and the baseband processor; wherein the secure processor is to:
and preprocessing the data transmitted by the application processor or received by the baseband processor.
Optionally, the secure processor comprises:
the protocol processing module is used for negotiating with the protocol of the opposite terminal equipment;
and the data processing module is used for encrypting and decrypting the application data sent by the application processor or received by the baseband processor according to the protocol successfully negotiated by the protocol processing module.
Optionally, the data processing module is further configured to:
after application data sent by the application processor or received by the baseband processor is acquired, performing policy matching detection and encrypted channel state query on the application data;
and after the application data conforms to the configured strategy and an encryption channel is established, encrypting and decrypting the application data.
Optionally, the protocol processing module is further configured to: under the condition that the data processing module inquires that the encryption channel is not established, carrying out key agreement with opposite-end equipment;
the data processing module is further configured to: and under the condition that the key negotiation times between the protocol processing module and the opposite terminal equipment are greater than a preset threshold value and the negotiation is not successful, discarding the application data.
Optionally, the protocol processing module is further configured to configure policy configuration and cryptographic key data of the data processing module.
Optionally, the secure processor further comprises:
and the password module is used for carrying out encryption and decryption processing on the sent or received protocol data and carrying out safe storage realized by the protocol in the negotiation process.
Optionally, the data processing module is implemented by using a field programmable gate array FPGA.
Optionally, the protocol processing module is implemented by a microkernel.
Optionally, the data processing module is further configured to discard the application data if the application data does not conform to the policy configured by the protocol processing module.
Optionally, the data processing module is further configured to:
decapsulating the received data; or,
packaging the transmitted data; or,
and filtering the protocol data received by the baseband processor.
Optionally, the pre-processing comprises at least one of:
filtering data;
strategy matching;
encrypting;
decrypting;
packaging;
and (6) unpacking.
The technical scheme of the invention has the following beneficial effects:
according to the terminal device provided by the embodiment of the invention, the safety processor special for preprocessing the data passing through the channel is connected in series between the application processor and the baseband processor, so that all data packets received by the baseband processor can enter the application processor after being processed by the safety processor, and all data packets sent by the application processor can be sent by the baseband processor after being processed by the safety processor, so that encrypted communication processing cannot be bypassed, illegal data cannot enter the application processor, and the safety of the terminal device is guaranteed.
Drawings
Fig. 1 is a structural diagram of a terminal device according to an embodiment of the present invention;
FIG. 2 is a block diagram of a secure processor in an embodiment of the invention;
fig. 3 is an application diagram of a terminal device according to an embodiment of the present invention;
fig. 4 is a second schematic application diagram of the terminal device according to the embodiment of the present invention.
Detailed Description
In order to make the technical problems, technical solutions and advantages of the present invention more apparent, the following detailed description is given with reference to the accompanying drawings and specific embodiments.
It should be appreciated that reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, the appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
In various embodiments of the present invention, it should be understood that the sequence numbers of the following processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
In addition, the terms "system" and "network" are often used interchangeably herein.
In the embodiments provided herein, it should be understood that "B corresponding to a" means that B is associated with a from which B can be determined. It should also be understood that determining B from a does not mean determining B from a alone, but may be determined from a and/or other information.
As shown in fig. 1, a terminal device according to an embodiment of the present invention includes:
an application processor 110, a baseband processor 120, and a secure processor 130 coupled in series with the application processor 110 and the baseband processor 120; wherein the secure processor 130 is configured to:
data transmitted by the application processor 110 or received by the baseband processor 130 is preprocessed.
Thus, in the terminal device according to the embodiment of the present invention, the security processor 130 dedicated to preprocessing the data passing through is connected in series between the application processor 110 and the baseband processor 120, so that all data packets received by the baseband processor 120 must be processed by the security processor 130 before entering the application processor 110, and all data packets sent by the application processor 100 must be processed by the security processor 130 before being sent by the baseband processor 120, so that the encrypted communication processing cannot be bypassed, and illegal data cannot enter the application processor 110, thereby ensuring the security of the terminal device.
It should be noted that in this embodiment, the secure processor independently implements all cryptographic communication functions, and therefore, optionally, the preprocessing includes at least one of:
filtering data;
strategy matching;
encrypting;
decrypting;
packaging;
and (6) unpacking.
Therefore, the safety processor performs processing such as filtering, strategy matching, encryption, decryption, encapsulation, decapsulation and the like on the data passing through the channel, and sends the data to the application processor or the baseband processor for further processing, so that the situation that plaintext data cannot be sent and illegal data cannot enter the application processor is guaranteed.
For example, the process of preprocessing the data sent by the application processor by the security processor includes: strategy matching, data filtering, packaging and encryption, so that the preprocessed data are sent out through the baseband processor, the plaintext data of the application processor cannot be directly sent out through the baseband processor, and the risk of plaintext data leakage is avoided. The flow of preprocessing the data received by the baseband processor by the secure processor comprises the following steps: strategy matching, data filtering, decapsulation and decryption, so that if the data received by the baseband processor is illegal, the data processed by the security processor cannot enter the application processor.
The strategy matching is mainly performed based on internet protocol IP address, port number, protocol number and other information of network data, when terminal equipment performs system deployment, a strategy file can be built in, and the security processor performs strategy matching on a network data packet passing through according to the strategy file. Of course, the policy file may support manual configuration by the user, and may also be updated via a secure channel through the management center during use.
In addition, for other non-network data interaction such as behavior AT commands between the application processor and the baseband processor, the security processor does not process the data interaction, and the clear text passes through the data interaction.
Generally, the main application scenario of encrypted communication of a terminal device is to implement encryption protection on data traffic carried on a packet data communication channel, such as data traffic of mobile office, mail, video conference, and the like. The main implementation mode is that an encryption tunnel is established between the terminal equipment and an encryption gateway deployed before the service server, so that the confidentiality of interactive data transmitted in a public network when the terminal equipment accesses the service server is ensured, and other access data cannot pass through the terminal equipment. Thus, in this embodiment, before performing encrypted communication with an opposite end device, a terminal device needs to perform protocol negotiation, and optionally, as shown in fig. 2, the security processor includes:
the protocol processing module 210 is configured to negotiate with a peer device;
and the data processing module 220 is configured to perform encryption and decryption processing on the application data sent by the application processor or received by the baseband processor according to the protocol successfully negotiated by the protocol processing module.
The protocol processing module 210 is responsible for implementing a protocol, and performs protocol negotiation with a peer device, where the protocol includes, but is not limited to, a key negotiation protocol, a remote key management protocol, and a local key management protocol. The data processing module 220 can complete the encryption of the application data sent by the application processor or the decryption of the application data received by the baseband processor according to the protocol successfully negotiated by the protocol processing module.
Preferably, the data processing module performs calculation based on a preset symmetric cryptographic algorithm to realize high-speed encryption and decryption processing.
In addition, after negotiation, the protocol processing module can determine and store the policy and the cryptographic key data used for encrypted communication, and therefore, optionally, the protocol processing module is further configured to configure the policy and the cryptographic key data of the data processing module, so that the data processing module can further process based on the protocol negotiation with the peer device.
In this embodiment, the data processing module is further configured to:
after application data sent by the application processor or received by the baseband processor is acquired, performing policy matching detection and encrypted channel state query on the application data;
and after the application data conforms to the configured strategy and an encryption channel is established, encrypting and decrypting the application data.
Here, in order to ensure the validity of the application data, the data processing module performs policy matching detection and encrypted channel state query on the application data after acquiring the application data sent by the application processor or received by the baseband processor; after the application data conforms to the configured policy and the encryption channel is established, the application data is further encrypted and decrypted. Of course, as known from the above, the configured policy may be a built-in policy file when the system is deployed, or may be a policy determined after a protocol processing module negotiates with an opposite device protocol.
For the case that the encryption channel is not established, optionally, the protocol processing module is further configured to: under the condition that the data processing module inquires that the encryption channel is not established, carrying out key agreement with opposite-end equipment;
the data processing module is further configured to: and under the condition that the key negotiation times between the protocol processing module and the opposite terminal equipment are greater than a preset threshold value and the negotiation is not successful, discarding the application data.
Therefore, under the condition that the encryption channel is not established, the terminal equipment performs key agreement with the opposite terminal equipment through the protocol processing module to try to establish the encryption channel. However, in order to avoid resource waste, a preset threshold is set, and the number of key negotiations is limited to avoid unlimited attempts. Therefore, the data processing module discards the application data when the number of times of key negotiation between the protocol processing module and the opposite terminal device is greater than the preset threshold and the negotiation is not successful.
The protocol processing module can maintain the state of the encryption channel and inform the data processing module.
Furthermore, for application data that does not comply with the configured policy, optionally, the data processing module is further configured to: and under the condition that the application data does not accord with the strategy configured by the protocol processing module, discarding the application data.
It should also be noted that in this embodiment, as shown in fig. 2, the secure processor further includes:
the cipher module 230 is configured to perform encryption and decryption processing on the sent or received protocol data and perform secure storage for protocol implementation in the negotiation process.
Like this, set up in the security processor and be exclusively used in the agreement data to send or receive and carry out the password module 230 of encryption and decryption processing, the encryption and decryption processing that realizes the encryption and decryption processing of application data and agreement is realized by data processing module and password module two parts respectively, has avoided the influence that agreement processing handled application data encryption and decryption processing, has stopped simultaneously because the agreement is handled and is called the problem that cryptographic algorithm leads to application data encryption and decryption processing performance to reduce. Of course, the cryptographic module 230 also securely stores the certificate, the key, the cryptographic protocol, the sensitive data, and the like involved in the protocol negotiation.
Preferably, the encryption and decryption processing of the cryptographic module is calculated based on a preset asymmetric algorithm, and of course, a required random number can also be generated.
It should be appreciated that to implement the functionality of the secure processor, the data processing module is further configured to:
decapsulating the received data; or,
packaging the transmitted data; or,
and filtering the protocol data received by the baseband processor.
Thus, the received data can be unpacked for subsequent processing; packaging the sending data; and for the protocol data received by the baseband processor, the access of illegal data packets to the protocol processing module is avoided through filtering.
In this embodiment, in order to reduce the dependence on the processor operating system, optionally, the data processing module is implemented by using a field programmable gate array FPGA.
The data processing module realized by the FPGA does not depend on an operating system kernel protocol stack, so that the influence possibly caused by operating system bugs is shielded, and the processing flow is simplified; moreover, the encryption and decryption processing of the pass-through application data is independently realized, so that the interactive access among modules is reduced, and the encryption and decryption processing efficiency of the application data is accelerated; and the system is connected between the application processor and the baseband processor in series and cannot be bypassed.
In this embodiment, optionally, the protocol processing module is implemented by using a microkernel.
The protocol processing module is realized by the microkernel, and the password protocol is realized in the protocol processing module in an application process mode and is called when password calculation is needed. In this way, the implementation of the cryptographic protocol is isolated from the open software environment of the application processor on the one hand; and on the other hand, the operating system operated by the application processor is simplified, the processing efficiency is improved, and the vulnerability risk is reduced.
The following describes an application of the terminal device according to the embodiment of the present invention with reference to a specific scenario:
as shown in fig. 3, the application processor generates an IP packet to send to the security processor. The security processor carries out strategy matching on the IP data packet and directly discards the IP data packet which does not conform to the strategy. And for the IP data packet which accords with the strategy, checking the state of the corresponding encryption channel, if the encryption channel is not established, negotiating with the key of opposite terminal equipment, trying to establish the encryption channel, but if the number of times of trying to negotiate the key exceeds the preset threshold value and is still unsuccessful, terminating the key negotiation, and discarding the IP data packet. Of course, if the encryption channel is successfully established, the IP data packet is encapsulated and the plaintext data is encrypted. And finally, sending the encrypted ciphertext IP data packet to a baseband processor, and sending the ciphertext IP data packet to opposite-end equipment, such as a service server, by the baseband processor.
As shown in fig. 4, the baseband processor receives the IP packet sent by the peer device and sends it to the security processor. The security processor carries out strategy matching on the IP data packet and directly discards the IP data packet which does not conform to the strategy. And for the IP data packet which accords with the strategy, checking the state of the corresponding encryption channel, if the encryption channel is not established, negotiating with the key of opposite terminal equipment, trying to establish the encryption channel, but if the number of times of trying to negotiate the key exceeds the preset threshold value and is still unsuccessful, terminating the key negotiation, and discarding the IP data packet. Of course, if the encryption channel is successfully established, the IP data packet is decapsulated, and the ciphertext data is decrypted. And finally, sending the decrypted clear IP data packet to an application processor, and handing the IP data packet to an upper protocol stack by the application processor for processing.
To sum up, the terminal device according to the embodiment of the present invention, by connecting the security processor dedicated to pre-processing the data passing through the channel in series between the application processor and the baseband processor, ensures that all data packets received by the baseband processor must be processed by the security processor before entering the application processor, and simultaneously all data packets sent by the application processor must be processed by the security processor before being sent by the baseband processor, so that the encrypted communication processing cannot be bypassed, and illegal data cannot enter the application processor, thereby ensuring the security of the terminal device.
It is further noted that the terminal devices described in this specification include, but are not limited to, smart phones, tablet computers, and the like.
In the embodiments of the present invention described above with reference to the drawings, many different forms and embodiments of the invention may be made without departing from the spirit and teaching of the invention and, therefore, the invention should not be construed as limited to the exemplary embodiments set forth herein. Rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. In the drawings, the size and relative sizes of elements may be exaggerated for clarity. The terminology used herein is for the purpose of describing particular example embodiments only and is not intended to be limiting. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. Unless otherwise indicated, a range of values, when stated, includes the upper and lower limits of the range and any subranges therebetween.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (11)
1. A terminal device, comprising:
an application processor, a baseband processor, and a security processor coupled in series with the application processor and the baseband processor; wherein the secure processor is to:
and preprocessing the data transmitted by the application processor or received by the baseband processor.
2. The terminal device of claim 1, wherein the security processor comprises:
the protocol processing module is used for negotiating with the protocol of the opposite terminal equipment;
and the data processing module is used for encrypting and decrypting the application data sent by the application processor or received by the baseband processor according to the protocol successfully negotiated by the protocol processing module.
3. The terminal device of claim 2, wherein the data processing module is further configured to:
after application data sent by the application processor or received by the baseband processor is acquired, performing policy matching detection and encrypted channel state query on the application data;
and after the application data conforms to the configured strategy and an encryption channel is established, encrypting and decrypting the application data.
4. The terminal device of claim 3,
the protocol processing module is further configured to: under the condition that the data processing module inquires that the encryption channel is not established, carrying out key agreement with opposite-end equipment;
the data processing module is further configured to: and under the condition that the key negotiation times between the protocol processing module and the opposite terminal equipment are greater than a preset threshold value and the negotiation is not successful, discarding the application data.
5. The terminal device according to claim 3, wherein the protocol processing module is further configured to configure policy and cryptographic key data for the data processing module.
6. The terminal device of claim 2, wherein the security processor further comprises:
and the password module is used for carrying out encryption and decryption processing on the sent or received protocol data and carrying out safe storage realized by the protocol in the negotiation process.
7. The terminal device according to claim 2, wherein the data processing module is implemented using a Field Programmable Gate Array (FPGA).
8. The terminal device according to claim 2, wherein the protocol processing module is implemented using a microkernel.
9. The terminal device of claim 2, wherein the data processing module is further configured to: and under the condition that the application data does not accord with the strategy configured by the protocol processing module, discarding the application data.
10. The terminal device of claim 2, wherein the data processing module is further configured to:
decapsulating the received data; or,
packaging the transmitted data; or,
and filtering the protocol data received by the baseband processor.
11. The terminal device of claim 1, wherein the pre-processing comprises at least one of:
filtering data;
strategy matching;
encrypting;
decrypting;
packaging;
and (6) unpacking.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010025042.6A CN113114607A (en) | 2020-01-10 | 2020-01-10 | Terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010025042.6A CN113114607A (en) | 2020-01-10 | 2020-01-10 | Terminal equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113114607A true CN113114607A (en) | 2021-07-13 |
Family
ID=76708682
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010025042.6A Pending CN113114607A (en) | 2020-01-10 | 2020-01-10 | Terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113114607A (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8418230B1 (en) * | 2012-08-28 | 2013-04-09 | Netcomm Wireless Limited | Apparatus and method for mobile communications and computing |
| CN105141625A (en) * | 2015-09-18 | 2015-12-09 | 郑州信大捷安信息技术股份有限公司 | Safety mobile intelligent terminal based on password isolation mode and realization method thereof |
| CN106919847A (en) * | 2017-03-02 | 2017-07-04 | 成都三零瑞通移动通信有限公司 | A kind of anti-by-pass method of coded communication based on android intelligent terminals |
| US20170214662A1 (en) * | 2016-01-21 | 2017-07-27 | Samsung Electronics Co., Ltd. | Security chip and application processor |
| CN107539271A (en) * | 2017-08-22 | 2018-01-05 | 济宁中科先进技术研究院有限公司 | Low-power consumption high safety vehicle anti-theft tracing system and its method |
| CN107564145A (en) * | 2017-08-22 | 2018-01-09 | 济宁中科先进技术研究院有限公司 | The automobile double mode automatic switch door device and its method of built-in security chip |
| CN108337676A (en) * | 2018-03-08 | 2018-07-27 | 广州三星通信技术研究有限公司 | encryption communication method and mobile terminal for mobile terminal |
| CN109905237A (en) * | 2015-05-16 | 2019-06-18 | 西蒙乐思有限公司 | Pass through the method for movement station and cellular network communication |
-
2020
- 2020-01-10 CN CN202010025042.6A patent/CN113114607A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8418230B1 (en) * | 2012-08-28 | 2013-04-09 | Netcomm Wireless Limited | Apparatus and method for mobile communications and computing |
| CN109905237A (en) * | 2015-05-16 | 2019-06-18 | 西蒙乐思有限公司 | Pass through the method for movement station and cellular network communication |
| CN105141625A (en) * | 2015-09-18 | 2015-12-09 | 郑州信大捷安信息技术股份有限公司 | Safety mobile intelligent terminal based on password isolation mode and realization method thereof |
| US20170214662A1 (en) * | 2016-01-21 | 2017-07-27 | Samsung Electronics Co., Ltd. | Security chip and application processor |
| CN106919847A (en) * | 2017-03-02 | 2017-07-04 | 成都三零瑞通移动通信有限公司 | A kind of anti-by-pass method of coded communication based on android intelligent terminals |
| CN107539271A (en) * | 2017-08-22 | 2018-01-05 | 济宁中科先进技术研究院有限公司 | Low-power consumption high safety vehicle anti-theft tracing system and its method |
| CN107564145A (en) * | 2017-08-22 | 2018-01-09 | 济宁中科先进技术研究院有限公司 | The automobile double mode automatic switch door device and its method of built-in security chip |
| CN108337676A (en) * | 2018-03-08 | 2018-07-27 | 广州三星通信技术研究有限公司 | encryption communication method and mobile terminal for mobile terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8468337B2 (en) | Secure data transfer over a network | |
| JP2009506617A (en) | System and method for processing secure transmission information | |
| WO2008039468A2 (en) | Security encapsulation of ethernet frames | |
| CN114143068B (en) | Electric power internet of things gateway equipment container safety protection system and method thereof | |
| US20050198498A1 (en) | System and method for performing cryptographic operations on network data | |
| CN111385259A (en) | Data transmission method, data transmission device, related equipment and storage medium | |
| CN106161386B (en) | Method and device for realizing IPsec (Internet protocol Security) shunt | |
| US20080133915A1 (en) | Communication apparatus and communication method | |
| CN110691074B (en) | IPv6 data encryption method and IPv6 data decryption method | |
| CN113783868B (en) | Method and system for protecting Internet of things safety of gate based on commercial password | |
| CN117254976B (en) | National standard IPsec VPN realization method, device and system based on VPP and electronic equipment | |
| KR100617321B1 (en) | Method and Apparatus for Protection to Link Security Attack | |
| US7564976B2 (en) | System and method for performing security operations on network data | |
| CN103269301A (en) | Desktop type IPSecVPN cryptographic machine and networking method | |
| CN110768958B (en) | IPv4 data encryption method and IPv4 data decryption method | |
| CN113765900B (en) | Protocol interaction information output transmission method, adapter device and storage medium | |
| CN114338116B (en) | Encryption transmission method and device and SD-WAN network system | |
| CN114301967B (en) | Control method, device and equipment for narrowband Internet of things | |
| EP3552367B1 (en) | Method and intermediate network node for managing tcp segment | |
| CN113114607A (en) | Terminal equipment | |
| CN110351308B (en) | Virtual private network communication method and virtual private network device | |
| CN210839642U (en) | Device for safely receiving and sending terminal data of Internet of things | |
| CN110492994B (en) | Trusted network access method and system | |
| US20080059788A1 (en) | Secure electronic communications pathway | |
| CN111885062B (en) | RS485 bus-based communication system and method with authentication encryption function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210713 |