CN113360948A - Method and device for protecting user secret data - Google Patents

Method and device for protecting user secret data Download PDF

Info

Publication number
CN113360948A
CN113360948A CN202110733736.XA CN202110733736A CN113360948A CN 113360948 A CN113360948 A CN 113360948A CN 202110733736 A CN202110733736 A CN 202110733736A CN 113360948 A CN113360948 A CN 113360948A
Authority
CN
China
Prior art keywords
data
cloud
user
encryption
local
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202110733736.XA
Other languages
Chinese (zh)
Inventor
肖鑫磊
陈建伟
唐晓玲
师文杰
刘鹤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Token Cloud Shanghai Technology Co ltd
Original Assignee
Token Cloud Shanghai Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Token Cloud Shanghai Technology Co ltd filed Critical Token Cloud Shanghai Technology Co ltd
Priority to CN202110733736.XA priority Critical patent/CN113360948A/en
Publication of CN113360948A publication Critical patent/CN113360948A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the field of computer technology and information security, in particular to a method and a device for protecting user secret data. The data protection system comprises a data operation module, a data encryption module, a digital identity authentication module, a data storage module and a data authority control module; the data protection method adopts digital identity authentication based on zero knowledge proof as the identity and authority distribution proof of a user, and adopts an isolation authentication mode to carry out sectional encryption protection on data. The invention aims to provide a secure, reliable, fast and convenient covert data protection system for a user, provides a user covert data protection method based on a zero-knowledge proof digital identity system, and has the effect of integrating various user characteristics such as the self-verification safety of local intelligent equipment, the availability of data stored in a cloud, the operation convenience of internet login authentication and the like.

Description

Method and device for protecting user secret data
Technical Field
The invention relates to the field of computer technology and information security, in particular to a method and a device for protecting user secret data.
Background
With the development of digital technology, smart devices such as mobile phones and the like have higher and higher proportions in daily life. The mobile phone gradually transits from the communication equipment which can only make a call and send a short message at the beginning to a personal portable intelligent terminal which processes daily work information. With the enhancement of the dependence of people on the intelligent device, important and private data (referred to as "secret data" in this document) such as various account numbers, passwords and sensitive files can be operated and stored in the intelligent device. Once the intelligent device is lost, stolen or illegally hacked, the leakage of the private data causes great harm and trouble to users.
At present, all large mobile phone manufacturers provide encryption products such as 'privacy space', 'safe deposit box', and the like based on equipment local, but once a mobile phone of a user is lost, secret data of the user can be lost, and great loss is generated. If the mobile phone is damaged, the user can transfer the stored data only by continuously selecting the original mobile phone brand mobile phone, so that the convenience of using the data of the user is limited to a great extent.
The existing network data storage company also provides privacy data storage products based on cloud, such as 'privacy space', 'safe deposit box', and the like, so that data roaming operation can be performed at a plurality of equipment terminals while data storage service is provided for users, and convenience in storing and using secret data of the users is improved to a certain extent. However, most of these data storage companies verify the identity of the user based on the "username + password" or "mobile phone number + verification code". Under the condition that the password is leaked or the mobile phone is lost, the private data of the user is easily leaked.
Through the analysis and comparison of the two types of existing covert data protection products, the current data storage products have the relatively serious mutual restriction phenomenon on the safety and convenience of covert data, the effects of the two products cannot be achieved at the same time, and the loss and leakage of user covert data can be possibly caused.
Disclosure of Invention
In order to overcome the defects in the prior art, the invention aims to provide a system and a method for protecting user secret data, which solve the three difficulties of the prior secret data protection:
(1) the security of the user identity in the login authentication link is disclosed, so that personal information is leaked and the user is maliciously forged to log in an account;
(2) the user secretly stores data in the local storage of the intelligent equipment, so that the data can be stolen by viruses or malicious software of the intelligent equipment or cannot be easily transferred to other intelligent equipment;
(3) the security holes of the user hidden data stored at the transmission end and the cloud end lead to the stealing of the user data by hackers or malicious attacks.
While the difficulties are solved, the convenience of operation of the user on the intelligent device needs to be guaranteed, and knowledge of the user outside the conventional cognitive range of the internet cannot be introduced.
In order to solve the problems, the invention is mainly innovated from the following two aspects:
(1) developing and using digital identity authentication service conforming to zero-knowledge proof to solve security loopholes of users in a login authentication link and break identity confirmation of transferring secret data among various intelligent devices by the users;
(2) and developing and using multi-section encryption and authority services conforming to isolation authentication so as to solve data storage security loopholes of users at local and cloud sides and prevent leakage of user secret data.
One or more embodiments of the present description are implemented as follows:
one or more embodiments of the present specification provide a method for protecting user covert data, the method including:
when the secret data needs to be stored, interacting with the cloud end to obtain a local data operation credential;
acquiring secret data required to be stored by a user, and recoding the user data locally on the intelligent equipment to obtain recoded data;
carrying out encryption operation on the recoded data to obtain local encrypted data;
after local encrypted data are obtained, sending the local encrypted data to the cloud end, and deleting original data of the local machine;
when the secret data needs to be read or used, a local data operation credential is used for acquiring a storage data list from the cloud end and submitting an encrypted data downloading request;
receiving encrypted data from the cloud and storing the encrypted data in local intelligent equipment;
decrypting the file downloaded to the local storage device by using the local data operation certificate to obtain decrypted data;
the decrypted data is presented to the user and the encrypted data stored in the local storage device is deleted.
One or more embodiments of the present specification provide a method for protecting user secret data, which is applied to a cloud, where the method includes:
interacting with a client to acquire digital identity information of a client operation user;
when the secret data needs to be stored, generating and returning local data operation credentials to the client according to the user digital identity information;
receiving local encrypted data submitted by a client, and carrying out encryption processing by using cloud data encryption parameters to obtain cloud encrypted data;
storing the cloud encrypted data in a cloud;
when the secret data needs to be read or used, receiving local encryption parameters submitted by the client, and returning a cloud storage data list to the client;
receiving a data downloading request, and decrypting the cloud encrypted data by using the cloud data encryption parameter to obtain cloud decrypted data;
and returning the cloud decrypted data to the client.
One or more embodiments of the present specification provide an apparatus for user privacy data protection, which is applied to a client, and the apparatus includes:
the digital identity authentication module: the system is used for providing functions of collecting and submitting digital identity authentication information and the like in the process of carrying out digital identity authentication on a user;
a data operation module: the functions of inputting, selecting and uploading original data, and safely displaying and downloading protected secret data are provided;
a data encryption module: the cloud-side encryption method and the cloud-side encryption device are used for providing encryption operation on given data and providing functions of subsequent data transmission, local storage and decryption of encrypted data acquired from a cloud side at a secure intelligent device end.
One or more embodiments of the present specification provide an apparatus for securing user secret data, which is applied to a cloud, and the apparatus includes:
the digital identity authentication module: the system comprises a client, a server and a server, wherein the client is used for providing functions of verifying and authenticating digital identity authentication information collected and submitted by the client and generating a digital identity mark and the like;
a data encryption module: the cloud terminal encryption and decryption system is used for providing encryption operation on given data and providing functions of encryption and decryption on subsequent data transmission, cloud storage, cloud data before data interaction with a client and the like;
a data storage module: functions of providing authentication for data access authority, storing encrypted protected secret data and the like;
the data authority control module: the cloud data access authority management system is used for providing functions of generating local data operation credentials, maintaining cloud data access authority and the like.
Compared with the prior art, the invention has the following positive effects:
the invention aims to provide a secure, reliable, fast and convenient covert data protection system for a user, provides a method for protecting user covert data of a digital identity system based on zero-knowledge proof, and has the effect of integrating various user characteristics such as the self-verification safety of local intelligent equipment, the availability of data stored in a cloud, the operation convenience of internet login authentication and the like.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
fig. 1 is a schematic flow chart of an embodiment of a user secret data protection method according to the present invention;
fig. 2 is a schematic structural composition diagram of an embodiment of the user covert data protection system according to the present invention.
Detailed Description
The technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a flowchart illustrating an embodiment of a method for protecting user secret data according to the present invention. As shown in fig. 1, the method for protecting user secret data of this embodiment includes:
and (2) performing digital identity authentication on the intelligent equipment by a user, wherein the digital identity meets the requirement of zero knowledge proof, and only the digital identity representing the 'I is me' can be returned and verified without disclosing any personal information representing the 'I is me'.
After completing digital identity authentication on the intelligent equipment, the user acquires the digital identity and the authentication credential and stores the digital identity and the authentication credential in the data operation module.
The data operation module submits the digital identity identification and the authentication voucher to the data authority control module for obtaining the data operation voucher.
The data authority control module inquires the authentication result of the user to the digital identity identification system and verifies whether the user passes the digital identity authentication. And if the user does not pass the digital identity authentication, the whole process is exited.
In specific implementation, the digital identity system in the digital identity authentication step needs to meet the requirement of zero knowledge proof, only the digital identity representing "i am me" can be returned and verified, and any personal information representing "i am who" does not need to be disclosed.
And generating a data access certificate, namely after the user passes the digital identity authentication, generating a data operation certificate by the data authority control module, binding the digital identity of the user with the data operation certificate, and returning the data access certificate.
In specific implementation, the data operation certificate in the step of generating the data access certificate comprises the data access certificate and a data encryption parameter; the data access credential may have timeliness, and in the present embodiment, the minimum duration of the data access credential is 300 seconds, and the maximum duration is 86400 seconds; in this embodiment, when the data authority control module generates the user data operation certificate for the first time, the data authority control module generates two sets of data encryption parameters according to the encryption algorithm, wherein the two sets of data encryption parameters are a local encryption parameter used for data encryption of the intelligent device and a remote encryption parameter used for data service to encrypt user data, and the two sets of data encryption parameters are encrypted and stored by the data authority control module; the encryption algorithm, in the present embodiment, uses the advanced encryption standard (AES-256-CBC) of the block cipher operation mode with a key length of 256 bits as the data encryption algorithm, and uses the SM4 block cipher algorithm of the block cipher operation mode with a key length of 128 bits as the encryption algorithm of the encryption parameter.
And issuing a data access strategy, namely after the data authority control module generates a data operation certificate, generating a data access strategy through the data operation certificate, and issuing the data access strategy to the data storage module.
And a step of local data obfuscating, encrypting and submitting, wherein after a user inputs or selects data needing to be protected in the intelligent device, the data encryption module performs obfuscation processing on the data, and then encrypts the data after the obfuscation processing. And after the data confusion encryption is finished, submitting the data to the data storage module through the data operation module.
In a specific implementation, the obfuscating process in the step of submitting the obfuscated local data encryption is, in this embodiment, the data obfuscating process includes:
(1) converting the data to be obfuscated into a byte stream, namely a byte stream B1;
(2) creating a byte stream B2 with the same length as the byte stream B1, traversing the byte stream B1 to ensure that B2[ i ] is B1[ i ] xor 0xFF, and at the moment, the byte stream B2 is an obfuscated result of the byte stream B1;
and a remote data encryption and storage step, wherein the data storage module encrypts and stores the data for the second time after receiving the user data submitted by the data operation module and subjected to local data confusion encryption.
Fig. 2 is a schematic structural composition diagram of an embodiment of the user covert data protection system according to the present invention. As shown in fig. 2, the user covert data protection system of the present embodiment is composed of an intelligent device, a digital identity service and a data storage service, respectively, wherein:
and the intelligent equipment provides a basic hardware environment for the data operation module and the data encryption module.
In specific implementation, the data operation module is installed in the intelligent device in the form of application software, and the hardware environment and the operation system of the intelligent device have the authentication capability of accessing the citizen network electronic identity system. In this embodiment, in order to ensure that the communication of the data service is not illegally acquired by a third party in the smart device and the digital identity service, a data communication process encapsulates a digital envelope on transmission data on the basis of a transport layer security protocol (TLS), so as to further improve data security.
The core control module is a logic module and consists of modules providing basic data operation and flow control, and comprises a digital identity authentication module, a data encryption module and a data authority control module.
In specific implementation, the digital identity service and the data authority control module are cloud services and can be deployed in public cloud or private cloud services; the data encryption module is deployed in the form of a binary library file in the intelligent device and the cloud service. In this embodiment, the digital identity service provides digital identity authentication for the intelligent device and provides a digital identity authentication query function for the data authority control module based on the citizen network identity identification system of the ministry of public security; the data authority control module is deployed in a public cloud service in a network interface mode and provides functions of data access credentials, user data acquisition and the like for the data operation module; the data encryption module is compiled into a dynamic language link library file, is deployed in the intelligent device client and the data storage service, and provides functions of data encryption, decryption, data confusion, restoration and the like for the data storage module and the data operation module.
The data storage service comprises a data storage module.
In specific implementation, the data storage service is a cloud service, and can be deployed in a public cloud or a private cloud service; further, the data storage module may be a public cloud data storage service with access control rights. In this embodiment, the data storage module uses public cloud data storage service, and provides functions of data storage, data access authority authentication and the like for the data operation module.

Claims (11)

1. A user secret data protection method is applied to a client, and comprises the following steps:
interacting with the cloud to obtain local data operation credentials;
acquiring user data, and recoding the user data to obtain recoded data;
carrying out encryption operation on the recoded data to obtain local encrypted data;
after local encrypted data are obtained, sending the local encrypted data to the cloud end, and deleting original data of the local machine;
obtaining a storage data list from the cloud by using a local data operation credential, and submitting an encrypted data downloading request;
receiving encrypted data from the cloud and storing the encrypted data in a local storage device;
decrypting the file downloaded to the local storage device by using the local data operation certificate to obtain decrypted data;
the decrypted data is presented to the user and the encrypted data stored in the local storage device is deleted.
2. The method of claim 1, prior to re-encoding the user data, further comprising:
judging whether the user data is character string data or not, and judging whether the user data is character string data or not;
the method further comprises the following steps:
if the judgment result is yes, firstly carrying out byte stream conversion processing on the user data, and then recoding the converted user data byte stream to obtain recoded data.
3. The method of claim 1, wherein the local data manipulator comprises a user digital identity, a local data encryption parameter, a cloud data manipulator; wherein: the local data encryption parameter is a set of keys used for data encryption.
4. The method of claim 1, wherein said re-encoding is a reversible conversion process of source byte stream data by a set of methods.
5. The method of claim 1, wherein the encrypted data download request comprises a user digital identifier, a cloud data credential, and a data download identifier.
6. A user secret data protection method is applied to a cloud end, and comprises the following steps:
interacting with a client to acquire digital identity information of a client operation user;
generating and returning local data operation credentials to the client according to the user digital identity information;
receiving local encrypted data submitted by a client, and carrying out encryption processing by using cloud data encryption parameters to obtain cloud encrypted data;
storing the cloud encrypted data in a cloud;
receiving local data encryption parameters submitted by the client, and returning a cloud storage data list to the client;
receiving a data downloading request, and decrypting the cloud encrypted data by using the cloud data encryption parameter to obtain cloud decrypted data;
and returning the cloud decrypted data to the client.
7. The method of claim 5, before returning the local data ticket to the client, further comprising:
inquiring whether the local data encryption parameter and the cloud data encryption parameter exist in the cloud of the user according to the digital identity information of the user, wherein the judgment result is yes;
the method further comprises the following steps:
if the judgment result is negative, randomly generating user local data encryption parameters and cloud data encryption parameters, encrypting and storing the user local data encryption parameters and the cloud data encryption parameters in the cloud by using a cloud key, and then generating and returning other local data operation parameters.
8. The method of claim 5, before returning the cloud storage data list to the client, further comprising:
verifying whether the local data operation credential submitted by the client is valid according to the user digital identity information, and judging that the local data operation credential is valid;
the method further comprises the following steps:
if the judgment result is negative, the interaction with the client is terminated.
9. A user privacy data protection apparatus applied to a client, the apparatus comprising:
the digital identity authentication module: the system is used for providing functions of collecting and submitting digital identity authentication information and the like in the process of carrying out digital identity authentication on a user;
a data operation module: the functions of inputting, selecting and uploading original data, and safely displaying and downloading protected secret data are provided;
a data encryption module: the cloud-side encryption method and the cloud-side encryption device are used for providing encryption operation on given data and providing functions of subsequent data transmission, local storage and decryption of encrypted data acquired from a cloud side at a secure intelligent device end.
10. A user covert data protection device is applied to a cloud, and the device comprises:
the digital identity authentication module: the system comprises a client, a server and a server, wherein the client is used for providing functions of verifying and authenticating digital identity authentication information collected and submitted by the client and generating a digital identity mark and the like;
a data encryption module: the cloud terminal encryption and decryption system is used for providing encryption operation on given data and providing functions of encryption and decryption on subsequent data transmission, cloud storage, cloud data before data interaction with a client and the like;
a data storage module: functions of providing authentication for data access authority, storing encrypted protected secret data and the like; the data authority control module: the cloud data access authority management system is used for providing functions of generating local data operation credentials, maintaining cloud data access authority and the like.
11. A user secret data protection system is characterized by comprising a data operation module, a data encryption module, a digital identity authentication module, a data storage module and a data authority control module; wherein:
the data operation module is used for providing the functions of inputting, selecting and uploading original data, safely displaying and downloading protected secret data and the like;
the data encryption module is used for providing encryption protection for given data for subsequent data transmission and storage, decrypting the secret data stored in the cloud end by a user at the safe intelligent equipment end and the like;
the digital identity authentication module is used for providing functions of generating, updating, checking and the like of digital identity identification for a user, the digital identity meets the requirement of zero knowledge proof, only the digital identity representing 'I is me' can be returned and verified, and any personal information representing 'I is who' does not need to be disclosed;
the data storage module is used for providing authentication for data access authority and storing functions of encrypted protected secret data and the like;
and the data authority control module is used for providing functions of generating data operation credentials, maintaining data access authority and the like.
CN202110733736.XA 2021-06-30 2021-06-30 Method and device for protecting user secret data Withdrawn CN113360948A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110733736.XA CN113360948A (en) 2021-06-30 2021-06-30 Method and device for protecting user secret data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110733736.XA CN113360948A (en) 2021-06-30 2021-06-30 Method and device for protecting user secret data

Publications (1)

Publication Number Publication Date
CN113360948A true CN113360948A (en) 2021-09-07

Family

ID=77537354

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110733736.XA Withdrawn CN113360948A (en) 2021-06-30 2021-06-30 Method and device for protecting user secret data

Country Status (1)

Country Link
CN (1) CN113360948A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102882923A (en) * 2012-07-25 2013-01-16 北京亿赛通科技发展有限责任公司 Secure storage system and method for mobile terminal
CN103795715A (en) * 2014-01-20 2014-05-14 冯丽娟 Privacy protection method, privacy recovery method and privacy protection system
CN106357678A (en) * 2016-10-24 2017-01-25 宇龙计算机通信科技(深圳)有限公司 Cloud encryption storage method for intelligent terminal and intelligent terminal
CN106888097A (en) * 2017-03-30 2017-06-23 福建北卡科技有限公司 Identity identifying method based on zero-knowledge proof under a kind of HCE patterns
CN109063438A (en) * 2018-08-06 2018-12-21 中钞***产业发展有限公司杭州区块链技术研究院 A kind of data access method, device, local data secure access equipment and terminal
CN110659467A (en) * 2019-09-29 2020-01-07 浪潮(北京)电子信息产业有限公司 Remote user identity authentication method, device, system, terminal and server
CN111797427A (en) * 2020-06-04 2020-10-20 中国科学院信息工程研究所 Block chain user identity supervision method and system considering privacy protection

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102882923A (en) * 2012-07-25 2013-01-16 北京亿赛通科技发展有限责任公司 Secure storage system and method for mobile terminal
CN103795715A (en) * 2014-01-20 2014-05-14 冯丽娟 Privacy protection method, privacy recovery method and privacy protection system
CN106357678A (en) * 2016-10-24 2017-01-25 宇龙计算机通信科技(深圳)有限公司 Cloud encryption storage method for intelligent terminal and intelligent terminal
CN106888097A (en) * 2017-03-30 2017-06-23 福建北卡科技有限公司 Identity identifying method based on zero-knowledge proof under a kind of HCE patterns
CN109063438A (en) * 2018-08-06 2018-12-21 中钞***产业发展有限公司杭州区块链技术研究院 A kind of data access method, device, local data secure access equipment and terminal
CN110659467A (en) * 2019-09-29 2020-01-07 浪潮(北京)电子信息产业有限公司 Remote user identity authentication method, device, system, terminal and server
CN111797427A (en) * 2020-06-04 2020-10-20 中国科学院信息工程研究所 Block chain user identity supervision method and system considering privacy protection

Similar Documents

Publication Publication Date Title
CN111447214B (en) Method for centralized service of public key and cipher based on fingerprint identification
US11432150B2 (en) Method and apparatus for authenticating network access of terminal
CN113067699B (en) Data sharing method and device based on quantum key and computer equipment
KR20080065964A (en) Apparatus and methods for securing architectures in wireless networks
CN111954211B (en) Novel authentication key negotiation system of mobile terminal
US7913096B2 (en) Method and system for the cipher key controlled exploitation of data resources, related network and computer program products
KR102676616B1 (en) Method and apparatus, computer device, and storage medium for authenticating biometric payment devices
CN111224784B (en) Role separation distributed authentication and authorization method based on hardware trusted root
EP2414983B1 (en) Secure Data System
CN115473655B (en) Terminal authentication method, device and storage medium for access network
CN109525565A (en) A kind of defence method and system for SMS interception attack
US20060053288A1 (en) Interface method and device for the on-line exchange of content data in a secure manner
CN114282189A (en) Data security storage method, system, client and server
CN117082501A (en) Mobile terminal data encryption method
CN111698203A (en) Cloud data encryption method
CN110807210A (en) Information processing method, platform, system and computer storage medium
KR20110128371A (en) Mobile authentication system and central control system, and the method of operating them for mobile clients
CN112019351B (en) Mobile terminal information interaction method based on SDKey
JP4372403B2 (en) Authentication system
CN113360948A (en) Method and device for protecting user secret data
KR20040088137A (en) Method for generating encoded transmission key and Mutual authentication method using the same
Shi et al. Research on multiple security authentication schemes for mobile applications of power trading platforms
CN113726523B (en) Multiple identity authentication method and device based on Cookie and DR identity cryptosystem
CN113037686B (en) Multi-database secure communication method and system, computer readable storage medium
JP4626001B2 (en) Encrypted communication system and encrypted communication method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20210907

WW01 Invention patent application withdrawn after publication