CN117097564A - Password service calling method, device, terminal equipment and storage medium - Google Patents
Password service calling method, device, terminal equipment and storage medium Download PDFInfo
- Publication number
- CN117097564A CN117097564A CN202311348215.8A CN202311348215A CN117097564A CN 117097564 A CN117097564 A CN 117097564A CN 202311348215 A CN202311348215 A CN 202311348215A CN 117097564 A CN117097564 A CN 117097564A
- Authority
- CN
- China
- Prior art keywords
- service
- target
- cryptographic
- password
- communication protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 61
- 230000007246 mechanism Effects 0.000 claims abstract description 76
- 238000004891 communication Methods 0.000 claims description 123
- 238000011156 evaluation Methods 0.000 claims description 34
- 238000012423 maintenance Methods 0.000 claims description 10
- 238000012544 monitoring process Methods 0.000 claims description 8
- 238000011161 development Methods 0.000 abstract description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 230000018109 developmental process Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 238000012550 audit Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000007726 management method Methods 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 230000032683 aging Effects 0.000 description 2
- 238000007796 conventional method Methods 0.000 description 2
- 238000007711 solidification Methods 0.000 description 2
- 230000008023 solidification Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008094 contradictory effect Effects 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a password service calling method, a device, terminal equipment and a storage medium, and relates to the technical field of network security, wherein the method comprises the following steps: receiving a password service call request sent by a service requester through a preset standard interface; determining target equipment and target password service according to the password service call request; and calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester. By adopting the technical scheme of the application, the application development difficulty of the password service calling system can be reduced, and the maintainability and the expandability of the password service calling system are further improved.
Description
Technical Field
The present application relates to the field of network security technologies, and in particular, to a method and apparatus for invoking cryptographic services, a terminal device, and a storage medium.
Background
In recent years, quantum computer hardware is rapidly developed, quantum computing super strong computing power and quantum algorithm form a more direct and urgent threat to modern public key cryptography, and the security of a cryptographic service calling system constructed in the exigual day is drastically weakened according to moore's law.
In order to improve the security of the password service invoking system, the conventional method is to update and expand the existing system, but the existing system is difficult to update and expand due to solidification and aging of the system and other objective reasons. For example, some huge and old cryptographic service invocation systems have algorithm loopholes because of weak encryption strength or low base cryptographic library version, because of numerous associated devices and modules, the whole body is driven by traction, if the cryptographic service invocation system is recompiled once and then updated completely based on a new cryptographic library, the cryptographic algorithm and the cryptographic service invocation are very complex, the requirements on professional technology are very high, the use is inappropriately, so that the operation is easy and successful or not, huge resources are inevitably consumed, and meanwhile, great risks are brought, and even disasters are caused.
In summary, how to overcome the above-mentioned problems and improve the maintainability and expandability of the cryptographic service invocation system is a technical problem that needs to be solved in the art.
Disclosure of Invention
The application mainly aims to provide a password service calling method, a device, terminal equipment and a storage medium, and aims to improve maintainability and expandability of a password service calling system.
In order to achieve the above object, the present application provides a cryptographic service invocation method, the cryptographic service invocation method comprising:
receiving a password service call request sent by a service requester through a preset standard interface;
determining target equipment and target password service according to the password service call request;
and calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester.
Optionally, the step of calling the target cryptographic service from the target device based on a preset security mechanism includes:
performing policy allocation for the target password service based on a preset security mechanism;
and calling the target password service from the target equipment according to the strategy allocation result.
Optionally, the target cryptographic service includes a cryptographic algorithm service, and the security mechanism includes an algorithmic security mechanism;
the step of performing policy allocation for the target cryptographic service based on a preset security mechanism includes:
performing security assessment for the cryptographic algorithm service based on the algorithm security mechanism;
if the security assessment of the cryptographic algorithm service is qualified, strategy allocation is carried out according to the cryptographic algorithm service;
And if the security evaluation of the cryptographic algorithm service is not qualified, taking the second cryptographic algorithm service which is qualified in the security evaluation in the target equipment as the cryptographic algorithm service, and executing the step of strategy allocation according to the cryptographic algorithm service according to the second cryptographic algorithm service.
Optionally, the target cryptographic service further comprises a communication protocol list service, and the security mechanism further comprises a protocol security mechanism;
the step of performing policy allocation for the target cryptographic service based on a preset security mechanism further includes:
performing security assessment for the communication protocol list service based on the protocol security mechanism;
if the security assessment of the communication protocol list service is qualified, strategy allocation is carried out according to the communication protocol list service;
and if the security evaluation of the communication protocol list service is not qualified, taking the second communication protocol list service with qualified security evaluation in the target equipment as the communication protocol list service, and executing the strategy allocation step according to the communication protocol list service according to the second communication protocol list service.
Optionally, the method further comprises:
returning the communication protocol list service to the service requester for the service requester to select an identification of a target communication protocol service from the communication protocol list service so as to generate a target communication protocol creation request;
And receiving the target communication protocol creation request sent by the service requester, calling the target communication protocol service from the target equipment according to the target communication protocol creation request, and returning the target communication protocol service to the service requester.
Optionally, the step of calling the target cryptographic service from the target device based on a preset security mechanism and returning the target cryptographic service to the service requester further includes:
sending an allocation request of the target password service to the target equipment according to a preset security mechanism, so that the target equipment calls a corresponding operation center module to carry out password operation according to the allocation request to obtain an operation result;
and receiving the operation result returned by the target equipment, and returning the operation result to the service requester as a target password service.
Optionally, the method further comprises:
detecting the update states of the service requester and the target device based on a preset operation and maintenance monitoring module;
and if the service requester and/or the target equipment are changed, updating the password data according to the changed service requester and/or the target equipment.
In addition, to achieve the above object, the present application also provides a cryptographic service invocation apparatus including:
the call request receiving module is used for receiving a password service call request sent by a service requester through a preset standard interface;
the determining module is used for determining target equipment and target password service according to the password service calling request;
and the service calling module is used for calling the target password service from the target equipment based on a preset security mechanism and returning the target password service to the service requester.
Wherein, each functional module of the cryptographic service calling device realizes the steps of the cryptographic service calling method as described above in the running process.
In addition, to achieve the above object, the present application also provides a terminal device including: the system comprises a head state identification sensor, a memory, a processor and a cryptographic service calling program stored on the memory and capable of running on the processor, wherein the cryptographic service calling program realizes the steps of the cryptographic service calling method when being executed by the processor.
In addition, in order to achieve the above object, the present application also proposes a storage medium, which is a computer-readable storage medium, on which a cryptographic service invocation program is stored, which when executed by a processor, implements the steps of the cryptographic service invocation method as described above.
The application provides a password service calling method, a device, terminal equipment and a storage medium, wherein the password service calling method comprises the following steps: receiving a password service call request sent by a service requester through a preset standard interface; determining target equipment and target password service according to the password service call request; and calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester.
Compared with the traditional password service calling method, the password service calling method has the advantages that the password service calling request sent by the service requester is received through the preset standard interface; then, determining target equipment of the password service and target password service according to the password service call request; and finally, calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester.
Therefore, the application enables the service requester and the target equipment providing the bottom password service to be updated independently by decoupling the connection between the service requester and the target equipment without mutual influence; meanwhile, a unified standard interface is provided for the service requester through the password middleware, and the unified standard interface is adapted to interfaces of different target devices, so that the application development difficulty of the password service calling system is reduced, and the maintainability and the expandability of the password service calling system are further improved.
Drawings
Fig. 1 is a schematic device structure diagram of a hardware operating environment of a terminal device according to an embodiment of the present application;
FIG. 2 is a flowchart illustrating an implementation of an embodiment of a cryptographic service invocation method according to the present application;
FIG. 3 is a schematic diagram of a system frame according to an embodiment of a cryptographic service invocation method of the present application;
FIG. 4 is a schematic diagram of a first scenario involved in an embodiment of a cryptographic service invocation method according to the present application;
FIG. 5 is a schematic diagram of a second scenario involved in an embodiment of a cryptographic service invocation method according to the present application;
fig. 6 is a schematic diagram of functional modules of an embodiment of a cryptographic service invocation apparatus according to the present application.
The achievement of the objects, functional features and advantages of the present application will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
It should be noted that all directional indicators (such as up, down, left, right, front, and rear … …) in the embodiments of the present application are merely used to explain the relative positional relationship, movement, etc. between the components in a particular posture (as shown in the drawings), and if the particular posture is changed, the directional indicator is changed accordingly.
In the present application, unless specifically stated and limited otherwise, the terms "connected," "affixed," and the like are to be construed broadly, and for example, "affixed" may be a fixed connection, a removable connection, or an integral body; can be mechanically or electrically connected; either directly or indirectly, through intermediaries, or both, may be in communication with each other or in interaction with each other, unless expressly defined otherwise. The specific meaning of the above terms in the present application can be understood by those of ordinary skill in the art according to the specific circumstances.
Furthermore, descriptions such as those referred to as "first," "second," and the like, are provided for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implying an order of magnitude of the indicated technical features in the present disclosure. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In addition, the technical solutions of the embodiments may be combined with each other, but it is necessary to base that the technical solutions can be realized by those skilled in the art, and when the technical solutions are contradictory or cannot be realized, the combination of the technical solutions should be considered to be absent and not within the scope of protection claimed in the present application.
The embodiment of the application provides terminal equipment.
As shown in fig. 1, fig. 1 is a schematic device structure diagram of a hardware operating environment of a terminal device according to an embodiment of the present application. In a hardware operating environment of a terminal device, the terminal device may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. Wherein the communication bus 1002 is used to enable connected communication between these components. The user interface 1003 may include a Display, an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may further include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a stable memory (non-volatile memory), such as a disk memory. The memory 1005 may also optionally be a storage device separate from the processor 1001 described above.
It will be appreciated by those skilled in the art that the terminal device structure shown in fig. 1 is not limiting of the device and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
As shown in fig. 1, an operating system, a network communication module, a user interface module, and a cryptographic service invocation program may be included in the memory 1005, which is one type of computer storage medium.
In the device shown in fig. 1, the network interface 1004 is mainly used for connecting to a background server, and performing data communication with the background server; the user interface 1003 is mainly used for connecting a client (user side) and performing data communication with the client; and the processor 1001 may be configured to call a cryptographic service calling program stored in the memory 1005, and perform the following operations:
receiving a password service call request sent by a service requester through a preset standard interface;
determining target equipment and target password service according to the password service call request;
and calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester.
Optionally, the processor 1001 may be further configured to call a cryptographic service calling program stored in the memory 1005, and perform the following operations:
performing policy allocation for the target password service based on a preset security mechanism;
and calling the target password service from the target equipment according to the strategy allocation result.
Optionally, the target cryptographic service includes a cryptographic algorithm service, and the security mechanism includes an algorithmic security mechanism;
the processor 1001 may also be configured to call a cryptographic service calling program stored in the memory 1005, and perform the following operations:
performing security assessment for the cryptographic algorithm service based on the algorithm security mechanism;
if the security assessment of the cryptographic algorithm service is qualified, strategy allocation is carried out according to the cryptographic algorithm service;
and if the security evaluation of the cryptographic algorithm service is not qualified, taking the second cryptographic algorithm service which is qualified in the security evaluation in the target equipment as the cryptographic algorithm service, and executing the step of strategy allocation according to the cryptographic algorithm service according to the second cryptographic algorithm service.
Optionally, the target cryptographic service further comprises a communication protocol list service, and the security mechanism further comprises a protocol security mechanism;
the processor 1001 may also be configured to call a cryptographic service calling program stored in the memory 1005, and perform the following operations:
performing security assessment for the communication protocol list service based on the protocol security mechanism;
if the security assessment of the communication protocol list service is qualified, strategy allocation is carried out according to the communication protocol list service;
And if the security evaluation of the communication protocol list service is not qualified, taking the second communication protocol list service with qualified security evaluation in the target equipment as the communication protocol list service, and executing the strategy allocation step according to the communication protocol list service according to the second communication protocol list service.
Optionally, the processor 1001 may be further configured to call a cryptographic service calling program stored in the memory 1005, and perform the following operations:
returning the communication protocol list service to the service requester for the service requester to select an identification of a target communication protocol service from the communication protocol list service so as to generate a target communication protocol creation request;
and receiving the target communication protocol creation request sent by the service requester, calling the target communication protocol service from the target equipment according to the target communication protocol creation request, and returning the target communication protocol service to the service requester.
Optionally, the processor 1001 may be further configured to call a cryptographic service calling program stored in the memory 1005, and perform the following operations:
sending an allocation request of the target password service to the target equipment according to a preset security mechanism, so that the target equipment calls a corresponding operation center module to carry out password operation according to the allocation request to obtain an operation result;
And receiving the operation result returned by the target equipment, and returning the operation result to the service requester as a target password service.
Optionally, the processor 1001 may be further configured to call a cryptographic service calling program stored in the memory 1005, and perform the following operations:
detecting the update states of the service requester and the target device based on a preset operation and maintenance monitoring module;
and if the service requester and/or the target equipment are changed, updating the password data according to the changed service requester and/or the target equipment.
Based on the above hardware structure, the overall concept of each embodiment of the cryptographic service invoking method of the present application is presented.
In the embodiment of the application, in recent years, quantum computer hardware is rapidly developed, quantum computing super strong computing power and quantum algorithm form a more direct and urgent threat to modern public key cryptography, and the security of a cryptographic service calling system constructed in the exigual day is rapidly weakened according to moore's law.
In order to improve the security of the password service invoking system, the conventional method is to update and expand the existing system, but the existing system is difficult to update and expand due to solidification and aging of the system and other objective reasons. For example, some huge and old cryptographic service invocation systems have algorithm loopholes because of weak encryption strength or low base cryptographic library version, because of numerous associated devices and modules, the whole body is driven by traction, if the cryptographic service invocation system is recompiled once and then updated completely based on a new cryptographic library, the cryptographic algorithm and the cryptographic service invocation are very complex, the requirements on professional technology are very high, the use is inappropriately, so that the operation is easy and successful or not, huge resources are inevitably consumed, and meanwhile, great risks are brought, and even disasters are caused.
In summary, how to overcome the above-mentioned problems and improve the maintainability and expandability of the cryptographic service invocation system is a technical problem that needs to be solved in the art.
In view of the above problems, an embodiment of the present application provides a cryptographic service invocation method, including: receiving a password service call request sent by a service requester through a preset standard interface; determining target equipment and target password service according to the password service call request; and calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester.
Compared with the traditional password service calling method, the password service calling method has the advantages that the password service calling request sent by the service requester is received through the preset standard interface; then, determining target equipment of the password service and target password service according to the password service call request; and finally, calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester.
Therefore, the application enables the service requester and the target equipment providing the bottom password service to be updated independently by decoupling the connection between the service requester and the target equipment without mutual influence; meanwhile, a unified standard interface is provided for the service requester through the password middleware, and the unified standard interface is adapted to interfaces of different target devices, so that the application development difficulty of the password service calling system is reduced, and the maintainability and the expandability of the password service calling system are further improved.
Based on the above general idea of the cryptographic service invocation method of the present application, various embodiments of the cryptographic service invocation method of the present application are presented.
Referring to fig. 2, fig. 2 is a flowchart illustrating a first embodiment of a cryptographic service invocation method according to the present application. It should be noted that although a logical order is depicted in the flowchart, in some cases the steps depicted or described may be performed in a different order than presented herein.
In this embodiment, the cryptographic service invoking method of the present application is applied to the terminal device described above. For easy understanding and explanation, in this embodiment, the cryptographic middleware is used as a direct execution body to explain the cryptographic service invoking method of the present application.
As shown in fig. 2, in this embodiment, the cryptographic service calling method of the present application may include:
s10, receiving a password service call request sent by a service requester through a preset standard interface;
in this embodiment, a cryptographic service call system is provided, where the system includes a service requester, a cryptographic middleware and a service provider, where the service requester proposes a cryptographic service call request based on an actual application requirement, and the cryptographic middleware is configured to receive, through a preset standard interface, a cryptographic service call request sent by the service requester, adapt, according to the request, to the corresponding service provider, obtain return data corresponding to the request from the service provider, and then return the return data to the service requester.
Compared with the prior password service calling system in which a service requester directly requests a service provider to call password service, when a request object is different password devices of different password service providers, a great amount of adaptation, verification, integration and development work exist in calling because of different interface specifications of the devices.
In addition, in a possible embodiment, the standard interface may include a pkcs#11 interface, a SKF interface, an SDF interface, a CSP, a KSP interface, and other common interfaces, and may also be customized to meet the industry or user requirements according to the industry or user characteristics, which is not limited in this embodiment.
Step S20, determining target equipment and target password service according to the password service call request;
in this embodiment, after the cryptographic middleware receives the cryptographic service call request sent by the service requester, the cryptographic middleware may determine the target device and the target cryptographic service according to the unique identifier of the target device and the unique identifier of the target cryptographic service, which are carried in the cryptographic service call request.
In this embodiment, the target device is a service provider that makes a call request for the service requester, and may be a cryptographic library or a cryptographic device of different manufacturers and different models, where the target device has a cryptographic operation function and provides a call interface for performing encryption protection or security authentication on sensitive information that does not belong to a national secret. The target cryptographic service is a cryptographic application type, such as a cryptographic algorithm service, a communication protocol service, etc., of which the service requester makes a call request.
And step S30, calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester.
In this embodiment, the cryptographic middleware invokes the target cryptographic service from the target device based on a preset security mechanism, performs security application audit evaluation on the invoked cryptographic service, timely filters or closes the unsafe cryptographic service based on the security mechanism, and returns the safe target cryptographic service to the service requester for invocation.
In this way, in this embodiment, the service requester is separated from the password library and the password device by adopting the password middleware, and the password middleware provides password call to the outside, coordinates password service resources in the pair, and routes and directs the requirement of the service requester to the bottom password producer program that actually provides the service, such as: software, hardware or firmware, etc. Thus, the updating of the available password library or password equipment does not need to be recompiled, reinstalled or even restarted, and seamless butt joint non-inductive upgrading is achieved. Because the password library is separated from the application program and is easy to update or modify, and new and safer password algorithms, password protocols and password components are easy to integrate, an efficient and convenient password service call flow is constructed, and sustainable password service and security guarantee are provided for a service requester.
In this embodiment, as shown in fig. 3, compared with the existing cryptographic service invocation system in which an application program (i.e., a service requester) is directly connected with each cryptographic device and a cryptographic library, the application program needs to follow respective interface specifications of different devices and different cryptographic libraries to develop, the cryptographic service invocation system in this embodiment separates the service requester from the cryptographic library and the cryptographic devices by adopting a cryptographic middleware, thereby reducing development and maintenance difficulties, centralizing configuration management, supporting a security protocol capable of being controlled by a trial, and improving maintainability and expandability of the cryptographic service invocation system.
Optionally, in a possible embodiment, the step S10 may include:
step 301, sending an allocation request of the target password service to the target device according to a preset security mechanism, so that the target device calls a corresponding operation center module to perform password operation according to the allocation request to obtain an operation result;
in this embodiment, the preset password security mechanism is a tool for evaluating password security, and risks and weak points in the password service can be identified through the mechanism, so that the password security is further enhanced. After the password middleware determines that the security of the target password service is qualified according to the security mechanism, sending a target password allocation request to target equipment, and calling an operation center module configured by the target equipment to carry out password operation according to the received allocation request to obtain an operation result corresponding to the allocation request.
And step S302, receiving the operation result returned by the target equipment, and returning the operation result to the service requester as a target password service.
In this embodiment, the cryptographic middleware receives the operation result returned by the target device, and returns the operation result to the service requester through the standard interface as the target cryptographic service.
In this way, the embodiment integrates the bottom interfaces and implementation of all service providers through the password middleware, provides unified standardized and normalized interfaces, avoids misuse or abuse caused by the inexhaustibility of algorithms, and provides safe password service for users through an integrated password security mechanism.
In this embodiment, the embodiment of the present application receives a cryptographic service call request sent by a service requester through a preset standard interface; determining target equipment and target password service according to the password service call request; and calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester.
Specifically, compared with the traditional password service calling system, the password service calling system comprises a service requester, a password middleware and a service provider, wherein the service provider provides a password service calling request based on actual application requirements, the password middleware is used for receiving the password service calling request sent by the service requester through a preset standard interface, adapting the corresponding service provider according to the request, acquiring return data corresponding to the request from the service provider, and returning the return data to the service requester; after receiving the password service call request sent by the service requester, the password middleware can determine the target equipment and the target password service according to the unique identifiers of the target equipment and the target password service as the password service call request carries the unique identifiers of the target equipment and the target password service; and finally, the password middleware invokes the target password service from the target equipment based on a preset security mechanism, performs security application audit evaluation on the invoked password service, timely filters or closes unsafe password service based on the security mechanism, and returns the safe target password service to the service requester for invocation.
Thus, the embodiment of the application enables the service requester and the target equipment providing the bottom password service to be respectively and independently updated without mutual influence by decoupling the connection between the service requester and the target equipment; meanwhile, a unified standard interface is provided for the service requester through the password middleware, and the unified standard interface is adapted to interfaces of different target devices, so that the application development difficulty of the password service calling system is reduced, and the maintainability and the expandability of the password service calling system are further improved.
Further, based on the first embodiment of the cryptographic service invocation method of the present application described above, a second embodiment of the cryptographic service invocation method of the present application is presented.
In this embodiment, the step of "invoking the target cryptographic service from the target device based on the preset security mechanism" in the above step S30 may include:
step S303: performing policy allocation for the target password service based on a preset security mechanism;
step S304: and calling the target password service from the target equipment according to the strategy allocation result.
In this embodiment, the cryptographic middleware performs policy deployment on the target cryptographic service based on a preset security mechanism, so as to realize security configuration and auditable controllability of the cryptographic service, and then, the cryptographic middleware invokes the target cryptographic service from the target device according to the determined result after deployment, so as to ensure that the invoked target cryptographic service is safe and reliable.
Optionally, in a possible embodiment, the target cryptographic service includes a cryptographic algorithm service, and the security mechanism includes an algorithmic security mechanism; step S303 may include:
performing security assessment for the cryptographic algorithm service based on the algorithm security mechanism;
if the security assessment of the cryptographic algorithm service is qualified, strategy allocation is carried out according to the cryptographic algorithm service;
in this embodiment, the cryptographic middleware performs security evaluation on the cryptographic algorithm service based on the algorithm security mechanism, determines whether the security evaluation of the cryptographic algorithm service requested by the service requester is qualified, and if the security of the cryptographic algorithm service is strong, that is, the security evaluation is qualified, the cryptographic middleware performs policy allocation according to the cryptographic algorithm service, and requests to invoke the underlying algorithm service corresponding to the cryptographic algorithm service from the target device.
And if the security evaluation of the cryptographic algorithm service is not qualified, taking the second cryptographic algorithm service which is qualified in the security evaluation in the target equipment as the cryptographic algorithm service, and executing the step of strategy allocation according to the cryptographic algorithm service according to the second cryptographic algorithm service.
In this embodiment, the cryptographic middleware determines whether the security evaluation of the cryptographic algorithm service requested by the service requester is qualified, if the security of the cryptographic algorithm service is weak, that is, the security evaluation is not qualified, the cryptographic middleware uses the second cryptographic algorithm service qualified in the security evaluation in the target device as the cryptographic algorithm service, improves the security of the cryptographic service requested to be invoked by the service requester, performs policy allocation according to the second cryptographic algorithm service, and requests to invoke the underlying algorithm service corresponding to the second cryptographic algorithm service to the target device.
It should be noted that in this embodiment, the cryptographic algorithm service includes, but is not limited to, openSSL, mozilla-NSS, gnuTLS, wolfcrypt, botan and BouncyCastle.
In this embodiment, as shown in fig. 4, an application program (i.e., a service requester) sends an upper layer call request to a cryptographic middleware, the cryptographic middleware receives a request through a unified standard algorithm interface, identifies a target device and a target cryptographic service corresponding to the call request, and when determining that the target cryptographic service is the cryptographic algorithm service, performs algorithm audit security assessment through a security mechanism to determine policy allocation, and then, the cryptographic middleware sends a bottom layer service call request to a cryptographic service interface of a cryptographic module (i.e., a service provider) according to the allocation result, the cryptographic module performs operation through an operation center module to obtain an operation result, returns the operation result to the cryptographic middleware, and then, transfers the returned result to the application program, so that all algorithms and devices requested by the service requester must be used by the cryptographic middleware through strict test and security assessment, thereby improving the security of the cryptographic service call system.
Optionally, in a possible embodiment, the target cryptographic service further includes a communication protocol list service, and the security mechanism further includes a protocol security mechanism; step S303 may further include:
performing security assessment for the communication protocol list service based on the protocol security mechanism;
if the security assessment of the communication protocol list service is qualified, strategy allocation is carried out according to the communication protocol list service;
in this embodiment, the cryptographic middleware performs security evaluation on the communication protocol list service based on the protocol security mechanism, determines whether the security evaluation of the communication protocol list service requested by the service requester is qualified, and if the confidentiality of the communication protocol list service is strong, that is, the security evaluation is qualified, the cryptographic middleware performs policy allocation according to the communication protocol list service, so as to generate a secure communication protocol implementation.
It should be noted that, in this embodiment, the communication protocol list service is a key for protecting network communication security, and defines encryption, authentication and integrity protection modes of data in a transmission process. The communication protocols in the communication protocol list service include, but are not limited to, SSL3.0, TLS1.0, TLS1.1 and TLS1.2 protocols, and GMT0024 and GMT0025 specify SSLVPN and IP-Sec application rules, national standard GB/T38636-2020 information Security technology Transport Layer Cryptographic Protocol (TLCP), and the like.
And if the security evaluation of the communication protocol list service is not qualified, taking the second communication protocol list service with qualified security evaluation in the target equipment as the communication protocol list service, and executing the strategy allocation step according to the communication protocol list service according to the second communication protocol list service.
In this embodiment, the cryptographic middleware determines whether the security evaluation of the communication protocol list service requested by the service requester is qualified, if the security of the communication protocol list service is weak, that is, the security evaluation is not qualified, the cryptographic middleware uses the second communication protocol list service qualified in the security evaluation in the target device as the communication protocol list service, improves the security of the cryptographic service requested to be invoked by the service requester, and performs policy allocation according to the second communication protocol list service, so as to generate a secure communication protocol implementation.
Based on this, in a possible embodiment, the cryptographic service calling method of the present application may further include:
step S305: returning the communication protocol list service to the service requester for the service requester to select an identification of a target communication protocol service from the communication protocol list service so as to generate a target communication protocol creation request;
Step S306: and receiving the target communication protocol creation request sent by the service requester, calling the target communication protocol service from the target equipment according to the target communication protocol creation request, and returning the target communication protocol service to the service requester.
In this embodiment, the cryptographic middleware returns the communication protocol list service to the service requester, the service requester selects an identifier corresponding to the target communication protocol service from the communication protocol list service, so that the service requester generates a target communication protocol creation request according to the identifier of the target communication protocol service, and sends the target communication protocol creation request to the cryptographic middleware, the cryptographic middleware identifies the requested target communication protocol service in the request based on the received target communication protocol creation request and the security communication protocol implementation generated by allocation, requests to call the target communication protocol service to the target device, or to call the underlying protocol service corresponding to the target communication protocol service, and returns the called target communication protocol service to the service requester for cryptographic service.
In this embodiment, as shown in fig. 5, an application program (i.e., a service requester) sends a protocol list request to a cryptographic middleware, the cryptographic middleware receives the request through a unified interface, identifies a target device and a target cryptographic service corresponding to the protocol list request, and when determining that the target cryptographic service is the communication protocol list service, performs protocol audit security assessment through a security mechanism to determine policy allocation, then, the cryptographic middleware returns a list result to the application program according to the allocation result, has an application program to select a target protocol creation request, and sends a bottom service call request to a cryptographic service interface of a cryptographic module (i.e., a service provider) according to the request, the cryptographic module performs an operation through an operation center module to obtain an operation result, and returns the operation result to the cryptographic middleware, and then transfers the returned result to the application program, thereby completing protocol creation, so that the communication protocol requested by the service requester and the cryptographic suite must be used by the cryptographic middleware through strict test and security evaluator, thereby improving the security of the cryptographic service call system.
Optionally, in a possible embodiment, the cryptographic service calling method of the present application may further include:
step A: detecting the update states of the service requester and the target device based on a preset operation and maintenance monitoring module;
and (B) step (B): and if the service requester and/or the target equipment are changed, updating the password data according to the changed service requester and/or the target equipment.
In this embodiment, the cryptographic middleware monitors update states of the service requester and the target device in real time based on a preset operation and maintenance monitoring module, and updates cryptographic data according to the service requester and/or the target device after the service requester and/or the target device are changed when the service requester and/or the target device are monitored to be changed. Thus, in the embodiment, the cryptographic middleware provides security cryptographic application management such as system operation and maintenance monitoring, cryptographic interface specification, cryptographic policy allocation and the like, ensures the security and compliance of the cryptographic service calling system, and improves the maintainability and expandability of the cryptographic service calling system.
Thus, in the embodiment, a mode of centralized management and maintenance of the cryptographic functions is provided, so that updating and repairing of the cryptographic algorithm, protocol and components are more convenient, and service requesters such as upper-layer application programs are not required to recompile and integrate testing; in addition, through various cryptography tools and mechanisms provided by the cryptographic middleware, the cryptographic service calling system can promote application innovation, widen the application field of cryptography, reduce the cryptographic application difficulty and lead the cryptographic technology to be easy and convenient.
In addition, the embodiment of the application also provides a password service calling device.
Referring to fig. 6, the cryptographic service calling device of the present application includes:
the call request receiving module 10 is configured to receive a password service call request sent by a service requester through a preset standard interface;
a determining module 20, configured to determine a target device and a target cryptographic service according to the cryptographic service invocation request;
and the service calling module 30 is used for calling the target password service from the target equipment based on a preset security mechanism and returning the target password service to the service requester.
Optionally, the service invocation module 30 includes:
the strategy allocation unit is used for carrying out strategy allocation on the target password service based on a preset security mechanism;
and the service calling unit is used for calling the target password service from the target equipment according to the strategy allocation result.
Optionally, the target cryptographic service includes a cryptographic algorithm service, the security mechanism includes an algorithm security mechanism, and the policy deployment unit includes:
the first allocation subunit is used for carrying out security assessment on the cryptographic algorithm service based on the algorithm security mechanism; if the security assessment of the cryptographic algorithm service is qualified, strategy allocation is carried out according to the cryptographic algorithm service; and if the security evaluation of the cryptographic algorithm service is not qualified, taking the second cryptographic algorithm service with qualified security evaluation in the target equipment as the cryptographic algorithm service, and executing the step of strategy allocation according to the cryptographic algorithm service according to the second cryptographic algorithm service.
Optionally, the target cryptographic service further comprises a communication protocol list service, and the security mechanism further comprises a protocol security mechanism; the policy deployment unit further includes:
a second deployment subunit, configured to perform security assessment for the communication protocol list service based on the protocol security mechanism; if the security assessment of the communication protocol list service is qualified, strategy allocation is carried out according to the communication protocol list service; and if the security evaluation of the communication protocol list service is not qualified, taking the second communication protocol list service with qualified security evaluation in the target equipment as the communication protocol list service, and executing the step of strategy allocation according to the communication protocol list service according to the second communication protocol list service.
Optionally, the cryptographic service calling device of the present application further includes:
a communication protocol service calling module, configured to return the communication protocol list service to the service requester, so that the service requester selects an identifier of a target communication protocol service from the communication protocol list service to generate a target communication protocol creation request; and receiving the target communication protocol creation request sent by the service requester, calling the target communication protocol service from the target equipment according to the target communication protocol creation request, and returning the target communication protocol service to the service requester.
Optionally, the service calling module 30 is further configured to send an allocation request of the target cryptographic service to the target device according to a preset security mechanism, so that the target device calls a corresponding operation center module to perform cryptographic operation according to the allocation request, and an operation result is obtained; and receiving the operation result returned by the target equipment, and returning the operation result to the service requester as a target password service.
Optionally, the cryptographic service calling device of the present application includes:
the operation and maintenance monitoring module is used for detecting the update states of the service requester and the target equipment based on a preset operation and maintenance monitoring module; and if the service requester and/or the target equipment are changed, updating the password data according to the changed service requester and/or the target equipment.
The function implementation of each module in the above-mentioned cryptographic service calling device corresponds to each step in the above-mentioned cryptographic service calling method embodiment, and the function and implementation process thereof are not described in detail herein.
The present application also proposes a storage medium, which is a computer-readable storage medium, on which a program for cryptographic service invocation is stored, which when executed by a processor implements the steps of the cryptographic service invocation method of the present application as described above.
The specific embodiment of the storage medium of the present application is basically the same as the above-mentioned embodiments of the cryptographic service invocation method, and will not be described herein.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing embodiment numbers of the present application are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present application.
The foregoing description is only of the preferred embodiments of the present application, and is not intended to limit the scope of the application, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.
Claims (10)
1. A cryptographic service invocation method, characterized in that the cryptographic service invocation method comprises:
receiving a password service call request sent by a service requester through a preset standard interface;
determining target equipment and target password service according to the password service call request;
and calling the target password service from the target equipment based on a preset security mechanism, and returning the target password service to the service requester.
2. The cryptographic service invocation method according to claim 1, wherein the step of invoking the target cryptographic service from the target device based on a preset security mechanism comprises:
performing policy allocation for the target password service based on a preset security mechanism;
and calling the target password service from the target equipment according to the strategy allocation result.
3. The cryptographic service invocation method of claim 2, wherein the target cryptographic service comprises a cryptographic algorithm service and the security mechanism comprises an algorithmic security mechanism;
the step of performing policy allocation for the target cryptographic service based on a preset security mechanism includes:
performing security assessment for the cryptographic algorithm service based on the algorithm security mechanism;
if the security assessment of the cryptographic algorithm service is qualified, strategy allocation is carried out according to the cryptographic algorithm service;
and if the security evaluation of the cryptographic algorithm service is not qualified, taking the second cryptographic algorithm service which is qualified in the security evaluation in the target equipment as the cryptographic algorithm service, and executing the step of strategy allocation according to the cryptographic algorithm service according to the second cryptographic algorithm service.
4. The cryptographic service invocation method of claim 2, wherein the target cryptographic service further comprises a communication protocol list service, and the security mechanism further comprises a protocol security mechanism;
the step of performing policy allocation for the target cryptographic service based on a preset security mechanism further includes:
performing security assessment for the communication protocol list service based on the protocol security mechanism;
If the security assessment of the communication protocol list service is qualified, strategy allocation is carried out according to the communication protocol list service;
and if the security evaluation of the communication protocol list service is not qualified, taking the second communication protocol list service with qualified security evaluation in the target equipment as the communication protocol list service, and executing the strategy allocation step according to the communication protocol list service according to the second communication protocol list service.
5. The cryptographic service invocation method of claim 4, wherein the method further comprises:
returning the communication protocol list service to the service requester for the service requester to select an identification of a target communication protocol service from the communication protocol list service so as to generate a target communication protocol creation request;
and receiving the target communication protocol creation request sent by the service requester, calling the target communication protocol service from the target equipment according to the target communication protocol creation request, and returning the target communication protocol service to the service requester.
6. The cryptographic service invocation method according to claim 1, wherein the step of invoking the target cryptographic service from the target device based on a preset security mechanism and returning the target cryptographic service to the service requester further comprises:
Sending an allocation request of the target password service to the target equipment according to a preset security mechanism, so that the target equipment calls a corresponding operation center module to carry out password operation according to the allocation request to obtain an operation result;
and receiving the operation result returned by the target equipment, and returning the operation result to the service requester as a target password service.
7. The cryptographic service invocation method of any one of claims 1-6, wherein the method further comprises:
detecting the update states of the service requester and the target device based on a preset operation and maintenance monitoring module;
and if the service requester and/or the target equipment are changed, updating the password data according to the changed service requester and/or the target equipment.
8. A cryptographic service invocation apparatus, characterized in that the cryptographic service invocation apparatus comprises:
the call request receiving module is used for receiving a password service call request sent by a service requester through a preset standard interface;
the determining module is used for determining target equipment and target password service according to the password service calling request;
And the service calling module is used for calling the target password service from the target equipment based on a preset security mechanism and returning the target password service to the service requester.
9. A terminal device, characterized in that the terminal device comprises: a head state identification sensor, a memory, a processor and a cryptographic service invocation program stored on the memory and executable on the processor, which when executed by the processor, implements the steps of the cryptographic service invocation method of any of claims 1 to 7.
10. A storage medium, characterized in that the storage medium is a computer-readable storage medium, on which a cryptographic service invocation program is stored, which when executed by a processor, implements the steps of the cryptographic service invocation method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311348215.8A CN117097564B (en) | 2023-10-18 | 2023-10-18 | Password service calling method, device, terminal equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311348215.8A CN117097564B (en) | 2023-10-18 | 2023-10-18 | Password service calling method, device, terminal equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117097564A true CN117097564A (en) | 2023-11-21 |
| CN117097564B CN117097564B (en) | 2024-02-02 |
Family
ID=88772105
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311348215.8A Active CN117097564B (en) | 2023-10-18 | 2023-10-18 | Password service calling method, device, terminal equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117097564B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117424761A (en) * | 2023-12-19 | 2024-01-19 | 北京格尔国信科技有限公司 | Transmission processing method and system based on TLCP quantum security and electronic equipment |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090019514A1 (en) * | 2007-07-11 | 2009-01-15 | Kristin Marie Hazlewood | Method and system for enforcing password policy in a distributed directory |
| US20090178106A1 (en) * | 2008-01-09 | 2009-07-09 | Daw Feng | Password policy enforcement in a distributed directory when policy information is distributed |
| CN107005568A (en) * | 2014-12-17 | 2017-08-01 | 亚马逊技术有限公司 | Data safety is operated with being expected |
| CN111311261A (en) * | 2020-02-24 | 2020-06-19 | 中国工商银行股份有限公司 | Security processing method, device and system for online transaction |
| CN111934885A (en) * | 2020-07-23 | 2020-11-13 | 武汉珈港科技有限公司 | Password device security virtualization method and system based on proxy mechanism |
| CN112270000A (en) * | 2020-09-18 | 2021-01-26 | 武汉船舶通信研究所(中国船舶重工集团公司第七二二研究所) | Cryptographic service providing method, apparatus and computer-readable storage medium |
| CN115102791A (en) * | 2022-08-24 | 2022-09-23 | 南京华盾电力信息安全测评有限公司 | Password service monitoring system and method based on mimicry defense |
| CN115118475A (en) * | 2022-06-21 | 2022-09-27 | 成都卫士通信息产业股份有限公司 | Method, device, equipment and medium for dispatching cryptographic equipment cluster |
| CN115396240A (en) * | 2022-10-28 | 2022-11-25 | 豪符密码检测技术(成都)有限责任公司 | Method, system and storage medium for luring and detecting state secret SSL protocol |
| WO2023164268A1 (en) * | 2022-02-28 | 2023-08-31 | Apple Inc. | Devices, methods, and graphical user interfaces for authorizing a secure operation |
-
2023
- 2023-10-18 CN CN202311348215.8A patent/CN117097564B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090019514A1 (en) * | 2007-07-11 | 2009-01-15 | Kristin Marie Hazlewood | Method and system for enforcing password policy in a distributed directory |
| US20090178106A1 (en) * | 2008-01-09 | 2009-07-09 | Daw Feng | Password policy enforcement in a distributed directory when policy information is distributed |
| CN107005568A (en) * | 2014-12-17 | 2017-08-01 | 亚马逊技术有限公司 | Data safety is operated with being expected |
| CN111311261A (en) * | 2020-02-24 | 2020-06-19 | 中国工商银行股份有限公司 | Security processing method, device and system for online transaction |
| CN111934885A (en) * | 2020-07-23 | 2020-11-13 | 武汉珈港科技有限公司 | Password device security virtualization method and system based on proxy mechanism |
| CN112270000A (en) * | 2020-09-18 | 2021-01-26 | 武汉船舶通信研究所(中国船舶重工集团公司第七二二研究所) | Cryptographic service providing method, apparatus and computer-readable storage medium |
| WO2023164268A1 (en) * | 2022-02-28 | 2023-08-31 | Apple Inc. | Devices, methods, and graphical user interfaces for authorizing a secure operation |
| CN115118475A (en) * | 2022-06-21 | 2022-09-27 | 成都卫士通信息产业股份有限公司 | Method, device, equipment and medium for dispatching cryptographic equipment cluster |
| CN115102791A (en) * | 2022-08-24 | 2022-09-23 | 南京华盾电力信息安全测评有限公司 | Password service monitoring system and method based on mimicry defense |
| CN115396240A (en) * | 2022-10-28 | 2022-11-25 | 豪符密码检测技术(成都)有限责任公司 | Method, system and storage medium for luring and detecting state secret SSL protocol |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117424761A (en) * | 2023-12-19 | 2024-01-19 | 北京格尔国信科技有限公司 | Transmission processing method and system based on TLCP quantum security and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117097564B (en) | 2024-02-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5987039B2 (en) | Multiple domain systems and domain ownership | |
| US10135803B2 (en) | Dynamic identity switching | |
| CN117097564B (en) | Password service calling method, device, terminal equipment and storage medium | |
| CN110069941A (en) | A kind of interface access authentication method, apparatus and computer-readable medium | |
| US9137023B1 (en) | Self-signed certificates for computer application signatures | |
| CA2923740C (en) | Software code signing system and method | |
| US8782412B2 (en) | Secured privileged access to an embedded client on a mobile device | |
| JP5572409B2 (en) | Electronic device, virtual machine providing device, and virtual machine service using method using the same | |
| WO2015078407A1 (en) | Method for sharing application between terminals, and terminals | |
| CN100583114C (en) | System and method for remote security enablement | |
| US12047185B2 (en) | Metering cloud workloads at edge computing devices | |
| CN110071933B (en) | Secure socket layer acceleration method, device, equipment and readable storage medium | |
| JP2013508821A (en) | Registration and credential rollout to access subscription services | |
| CN111526111B (en) | Control method, device and equipment for logging in light application and computer storage medium | |
| CN105518686B (en) | Software cancels infrastructure | |
| JP5631940B2 (en) | Information processing apparatus, method, and program | |
| CN112835782B (en) | Interface access test method and system | |
| US20060117100A1 (en) | Communication device and communication system capable of facilitating operations | |
| AU2019251158A1 (en) | Service API invoking method and related device | |
| CN111614628B (en) | Kernel reinforcement system and method, cloud server, client, electronic device and storage medium | |
| Bilac et al. | One solution of an android in-vehicle infotainment service for communication with advanced driver assistance system | |
| Muthukumaran et al. | Protecting the integrity of trusted applications in mobile phone systems | |
| US20220327044A1 (en) | Generating a software application | |
| CN115576626A (en) | Method, device and storage medium for safe mounting and dismounting of USB (Universal Serial bus) device | |
| US20220329480A1 (en) | Agent application for managing information technology infrastructures |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |