CN102708491A - Trusted computing based novel USB (universal serial bus) Key device and safety transaction method thereof - Google Patents
Trusted computing based novel USB (universal serial bus) Key device and safety transaction method thereof Download PDFInfo
- Publication number
- CN102708491A CN102708491A CN2012101295059A CN201210129505A CN102708491A CN 102708491 A CN102708491 A CN 102708491A CN 2012101295059 A CN2012101295059 A CN 2012101295059A CN 201210129505 A CN201210129505 A CN 201210129505A CN 102708491 A CN102708491 A CN 102708491A
- Authority
- CN
- China
- Prior art keywords
- usb key
- key equipment
- usb
- computing machine
- memory module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000003860 storage Methods 0.000 claims description 6
- 238000012790 confirmation Methods 0.000 claims description 2
- 230000006855 networking Effects 0.000 claims description 2
- 230000008676 import Effects 0.000 claims 1
- 238000004364 calculation method Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 241000700605 Viruses Species 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
An embodiment of the invention discloses a trusted computing based novel USB (universal serial bus) Key device and a safety transaction method thereof. The USB Key device is internally provided with a web browser, and the safety transaction method includes: setting up connection between a computer and the USB Key device; and after the connection is set up successfully, enabling the computer to start to use the web browser internally arranged in the USB Key device for online transaction, wherein cached data and historical records of the web browser during operation are stored on the USB Key device. By the aid of the technical scheme in the embodiment, online transaction safety can be effectively enhanced.
Description
Technical field
The present invention relates to field of information security technology, relate in particular to a kind of novel USB Key equipment and method for secure transactions thereof based on Trusted Computing.
Background technology
Along with popularizing and development of ecommerce, more and more users is chosen on the network and carries on business, and guarantees that the security of system in the commercial activity process is to realize the key of ecommerce with credibility.
USB Key is a kind of small and exquisite USB interface hardware device, and shape and common USB flash disk are similar.Built-in single-chip microcomputer of USB Key or intelligent card chip have certain storage space, can store user's private key and digital certificate, utilize the built-in public key algorithm of USB Key to realize the authentication to user identity.Carrier as digital certificate; USB Key PKIX (PKI; Public Key Infrastructure) system is through built-in safety chip generation, preservation, distribution and managing keys, and powerful computing ability makes key need not leave the operation that safety chip just can carry out encryption and decryption and signature verification.
Tradition USB Key adopts the client solution; Though user's key only produces in the USB of high degree of safety Key and can not derive; But because the processing procedure of transaction is carried out on personal computer (PC, Personal Computer), USB Key carries out internet bank trade through being connected with PC; Transaction Information is presented on the PC, handles to the bank backstage through Network Transmission.In this process, just there is a serious potential safety hazard: the Transaction Information that shows on the PC page; The information of signing with use key among the USB Key possibly be inconsistent; Because possibly receiving the influence of virus or wooden horse, PC cause the Transaction Information of demonstration to be distorted; And, cause the display message of PC and the information inconsistency among the USB Key because the information among the USB Key can not be distorted, visible; Traditional USB Key can't solve the PC reliability disadvantages, can't guarantee the security of online transaction.
Summary of the invention
The embodiment of the invention provides a kind of novel USB Key equipment and method for secure transactions thereof based on Trusted Computing, is used to improve the security of online transaction.
For solving the problems of the technologies described above, the embodiment of the invention provides following technical scheme:
A kind of method for secure transactions based on USB Key equipment, above-mentioned USB Key equipment is built-in with web browser, and above-mentioned method for secure transactions comprises:
Computing machine and above-mentioned USB Key equipment connect;
After the above-mentioned success that connects, the aforementioned calculation machine is launched the built-in web browser of above-mentioned USB Key equipment and is carried out online transaction, and wherein, above-mentioned web browser data in buffer and historical record in operational process are stored on the above-mentioned USB Key equipment.
A kind of USB Key equipment based on Trusted Computing comprises:
Usb interface module, first memory module, second memory module and cpu control circuit;
Wherein:
Above-mentioned usb interface module is used to connect computing machine;
Above-mentioned first memory module is used for the storage networking browser, and after connecting with convenient aforementioned calculation machine and above-mentioned USBKey equipment, the web browser that the aforementioned calculation machine is launched above-mentioned first memory module storage carries out online transaction;
Above-mentioned second memory module is used for storing above-mentioned web browser at operational process data in buffer and historical record;
Above-mentioned cpu control circuit is connected with above-mentioned usb interface module, above-mentioned first memory module and above-mentioned second memory module respectively, is used to control the operation of above-mentioned usb interface module, above-mentioned first memory module and above-mentioned second memory module.
Therefore, USB Key equipment embedded with network browser in the embodiment of the invention, and when connecting with computing machine; Make computing machine launch the built-in web browser of USB Key equipment and carry out online transaction, web browser data in buffer and historical record are stored in the USB Key equipment, on the connected computing machine that can not leak; Therefore; In whole process of exchange, computing machine can't get access to the Transaction Information of online transaction, and all business are all carried out in USB Key equipment; Fundamentally solve the trust problem of computing machine, improved the security of online transaction.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art; To do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below; Obviously, the accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills; Under the prerequisite of not paying creative work property, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is example structure synoptic diagram of a kind of USB Key equipment provided by the invention;
Fig. 2 is a kind of another example structure synoptic diagram of USB Key equipment provided by the invention;
Fig. 3 is a kind of another example structure synoptic diagram of USB Key equipment provided by the invention;
Fig. 4 is embodiment schematic flow sheet of method for secure transactions based on USB Key equipment provided by the invention.
Embodiment
The embodiment of the invention provides a kind of novel USB Key equipment and method for secure transactions thereof based on Trusted Computing.
For make goal of the invention of the present invention, characteristic, advantage can be more obvious and understandable; To combine the accompanying drawing in the embodiment of the invention below; Technical scheme in the embodiment of the invention is carried out clear, intactly description; Obviously, described embodiment only is the present invention's part embodiment, but not whole embodiment.Based on the embodiment among the present invention, those of ordinary skills are not making the every other embodiment that is obtained under the creative work prerequisite, all belong to the scope of the present invention's protection.
A kind of USB Key equipment based on Trusted Computing that provides in the face of the embodiment of the invention is down described, and embedded with network browser in the USB Key equipment in the embodiment of the invention sees also Fig. 1, and the USB Key equipment 10 in the embodiment of the invention comprises:
Wherein, usb interface module 11 is used to connect computing machine (like PC).
Wherein, first memory module 12 is used to store above-mentioned web browser, and after connecting with convenient aforementioned calculation machine and USB Key equipment 10, the web browser that the aforementioned calculation machine is launched 12 storages of first memory module carries out online transaction.
Wherein, second memory module 13 is used to store above-mentioned web browser institute's data in buffer and historical record.
In embodiments of the present invention, first memory module 12 can be identical memory module with second memory module 13, also can be two memory modules independently, does not limit here.
Further; On embodiment basis shown in Figure 1; As shown in Figure 2; USB Key equipment 20 in the embodiment of the invention also comprises: the key-press module 15 that is connected with cpu control circuit 14, key-press module 15 are for the user provides input interface, so that the user is through the trade confirmation information of the above-mentioned online transaction of key-press module 15 inputs.
Further, on Fig. 1 or embodiment basis shown in Figure 2, the USB Key equipment in the embodiment of the invention also comprises: display screen.Be illustrated in figure 3 as the USB Key equipment 30 on basis embodiment illustrated in fig. 2, display screen 16 is used to show the Transaction Information of above-mentioned online transaction.
Need to prove; As also being built-in with SOS in Fig. 1, Fig. 2 and the USB Key equipment shown in Figure 3; USB Key equipment also should include the secure IC chip module of the digital certificate that is used to encapsulate key and this key; Cpu control circuit 14 is the core circuit of USB Key equipment, is responsible for each module and the above-mentioned SOS of USB Key equipment are integrated.The data of transmitting between USB Key equipment and the computing machine that is connected are view data, and the data of promptly transmitting between USB Key equipment and the computing machine that is connected do not have clear data.USB-Key in the embodiment of the invention possesses the ability of Trusted Computing; The mode that makes USB-Key possess the ability of Trusted Computing can be: in USB-Key, set up a root of trust, the root of trust credibility is guaranteed by physical security, technical security and Administrative Security jointly; Then, set up a trust chain again, begin hardware platform to USB-Key from root of trust; Arrive the SOS of USB-Key again, arrive the application program of USB-Key again, level metric authentication one-level; One-level is trusted one-level, thereby this trust is expanded on the hardware and software platform of whole USB-Key.
USB Key equipment in the embodiment of the invention can be used for network bank business based safety certification; Certainly; In being applicable to that also various e-commerce and e-governments such as Internet securities, online bid, the online tax are used, can Information Security and reliability guarantee be provided for government department, enterprises and institutions, Internet service merchant and personal network use.
Therefore, USB Key equipment embedded with network browser in the embodiment of the invention, and when connecting with computing machine; Make computing machine launch the built-in web browser of USB Key equipment and carry out online transaction, web browser data in buffer and historical record are stored in the USB Key equipment, on the connected computing machine that can not leak; Therefore; In whole process of exchange, computing machine can't get access to the Transaction Information of online transaction, and all business are all carried out in USB Key equipment; Fundamentally solve the trust problem of computing machine, improved the security of online transaction.
The method for secure transactions based on USB Key equipment that provides in the face of the embodiment of the invention is down described, and sees also Fig. 4, and the method for secure transactions based on USB Key equipment in the embodiment of the invention comprises:
401, computing machine and USB Key equipment connect;
USB Key equipment through as Fig. 1, Fig. 2 and embodiment illustrated in fig. 3 in usb interface module 11 be inserted on the computing machine, computing machine is through the driver that operation USB Key equipment carries, and accomplishes and being connected of USBKey equipment.
402, after the above-mentioned success that connects, launch the built-in web browser of above-mentioned USB Key equipment and carry out online transaction;
In embodiments of the present invention; USB Key equipment is built-in with web browser; Network browser stores is in USB Key equipment, so that after computing machine and above-mentioned USB Key equipment connects, launch the built-in web browser of above-mentioned USB Key equipment and carry out online transaction.
File system in the USB Key equipment in the embodiment of the invention is not opened to the outside world; Computing machine is after connecting with USB Key equipment; Only can start the software (like above-mentioned web browser, special-purpose transaction software etc.) of being permitted in the USB Key equipment, each software in the USB Key equipment all can only be started by corresponding agency on the computing machine.The credible Service Management in backstage (TSM, Trusted Services Manager) system can manage USB Key equipment, provides such as services such as software upgrading, certificate loading, new business loading/deletion, user log offs.
Above-mentioned web browser data in buffer and historical record in operational process are stored on the above-mentioned USBKey equipment, do not understand outer not relating on the computing machine.
USB Key equipment in the embodiment of the invention can be used for network bank business based safety certification; Certainly; In being applicable to that also various e-commerce and e-governments such as Internet securities, online bid, the online tax are used, can Information Security and reliability guarantee be provided for government department, enterprises and institutions, Internet service merchant and personal network use.
Therefore, USB Key equipment embedded with network browser in the embodiment of the invention, and when connecting with computing machine; Make computing machine launch the built-in web browser of USB Key equipment and carry out online transaction, web browser data in buffer and historical record are stored in the USB Key equipment, on the connected computing machine that can not leak; Therefore; In whole process of exchange, computing machine can't get access to the Transaction Information of online transaction, and all business are all carried out in USB Key equipment; Fundamentally solve the trust problem of computing machine, improved the security of online transaction.
Below in conjunction with Fig. 1 the application of the USB Key equipment in the embodiment of the invention is described:
Therefore, USB Key equipment embedded with network browser in the embodiment of the invention, web browser data in buffer and historical record are stored in the data memory module of USB Key equipment; Connected PC can not leak; Make that in whole process of exchange, PC can't obtain Transaction Information, all business are all carried out in USB Key equipment; Fundamentally solve the trust problem of PC, improved the security of online transaction.Further, complete safe reliable operating system that the USB Key equipment in the embodiment of the invention is also built-in can be resisted virus attack, has fundamentally stopped trojan horse etc. to network bank business based attack; Identify the digital certificate of key signature as uniqueness, can prevent personation; The management of data receives cipher controlled in the USB Key equipment, and the key of protected data is sealed in the secure IC chip, can guarantee that key can not be stolen, thereby guarantees that data can not leak, and possess the ability of Trusted Computing.
More than novel USB Key equipment and the method for secure transactions thereof based on Trusted Computing provided by the present invention carried out detailed introduction; For one of ordinary skill in the art; Thought according to the embodiment of the invention; The part that on embodiment and range of application, all can change, to sum up, this description should not be construed as limitation of the present invention.
Claims (6)
1. the method for secure transactions based on USB Key equipment is characterized in that, said USB Key equipment is built-in with web browser, and said method for secure transactions comprises:
Computing machine and said USB Key equipment connect;
After the said success that connects, said computing machine is launched the built-in web browser of said USB Key equipment and is carried out online transaction, and wherein, said web browser data in buffer and historical record in operational process are stored on the said USB Key equipment.
2. method for secure transactions according to claim 1 is characterized in that, the data of transmitting between said computing machine and the said USB Key equipment are view data.
3. the USB Key equipment based on Trusted Computing is characterized in that, comprising:
Usb interface module, first memory module, second memory module and cpu control circuit;
Wherein:
Said usb interface module is used to connect computing machine;
Said first memory module is used for the storage networking browser, and after connecting with said computing machine of box lunch and said USB Key equipment, the web browser that said computing machine is launched said first memory module storage carries out online transaction;
Said second memory module is used for storing said web browser at operational process data in buffer and historical record;
Said cpu control circuit is connected with said usb interface module, said first memory module and said second memory module respectively, is used to control the operation of said usb interface module, said first memory module and said second memory module.
4. USB Key equipment according to claim 3 is characterized in that, said USB Key equipment also comprises:
The key-press module that is connected with said cpu control circuit is so that the user imports the trade confirmation information of said online transaction through said key-press module.
5. according to claim 3 or 4 described USB Key equipment, it is characterized in that,
Said USB Key equipment also comprises:
With the display screen that said cpu control circuit is connected, said display screen is used to show the Transaction Information of said online transaction.
6. according to claim 3 or 4 described USB Key equipment, it is characterized in that,
The data of transmitting between the connected computing machine of said USB Key equipment are view data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012101295059A CN102708491A (en) | 2012-04-27 | 2012-04-27 | Trusted computing based novel USB (universal serial bus) Key device and safety transaction method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012101295059A CN102708491A (en) | 2012-04-27 | 2012-04-27 | Trusted computing based novel USB (universal serial bus) Key device and safety transaction method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102708491A true CN102708491A (en) | 2012-10-03 |
Family
ID=46901221
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012101295059A Pending CN102708491A (en) | 2012-04-27 | 2012-04-27 | Trusted computing based novel USB (universal serial bus) Key device and safety transaction method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102708491A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103530936A (en) * | 2013-10-08 | 2014-01-22 | 上海众人网络安全技术有限公司 | Electronic cipherer and transaction historical record retention query method of electronic cipherer |
| CN108494565A (en) * | 2018-05-24 | 2018-09-04 | 北京深思数盾科技股份有限公司 | digital signature system and method |
| CN110084024A (en) * | 2019-04-29 | 2019-08-02 | 四川长虹教育科技有限公司 | Terminal device, the system and method for software login are carried out based on movable storage device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201207651Y (en) * | 2008-03-19 | 2009-03-11 | 阎琳 | USB digital autograph device |
| CN102324008A (en) * | 2011-09-23 | 2012-01-18 | 郑州信大捷安信息技术股份有限公司 | Web bank's FTP client FTP and method of application based on USB safety storing encrypted card |
-
2012
- 2012-04-27 CN CN2012101295059A patent/CN102708491A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201207651Y (en) * | 2008-03-19 | 2009-03-11 | 阎琳 | USB digital autograph device |
| CN102324008A (en) * | 2011-09-23 | 2012-01-18 | 郑州信大捷安信息技术股份有限公司 | Web bank's FTP client FTP and method of application based on USB safety storing encrypted card |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103530936A (en) * | 2013-10-08 | 2014-01-22 | 上海众人网络安全技术有限公司 | Electronic cipherer and transaction historical record retention query method of electronic cipherer |
| CN103530936B (en) * | 2013-10-08 | 2015-08-19 | 上海众人网络安全技术有限公司 | Querying method preserved in a kind of electronic cipher device and transactions history record thereof |
| CN108494565A (en) * | 2018-05-24 | 2018-09-04 | 北京深思数盾科技股份有限公司 | digital signature system and method |
| CN110084024A (en) * | 2019-04-29 | 2019-08-02 | 四川长虹教育科技有限公司 | Terminal device, the system and method for software login are carried out based on movable storage device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12058248B2 (en) | Quantum-safe networking | |
| KR102493744B1 (en) | Security Verification Method Based on Biometric Characteristics, Client Terminal, and Server | |
| CN101651675B (en) | By the method and system that authentication code is verified client | |
| US6321333B1 (en) | Efficient digital certificate processing in a data processing system | |
| WO2020073513A1 (en) | Blockchain-based user authentication method and terminal device | |
| CN108989346A (en) | The effective identity trustship agility of third party based on account concealment authenticates access module | |
| CN107948156A (en) | The closed key management method and system of a kind of identity-based | |
| CN101527634B (en) | System and method for binding account information with certificates | |
| CN106022080A (en) | Cipher card based on PCIe (peripheral component interface express) interface and data encryption method of cipher card | |
| CN104660605A (en) | Multi-factor identity authentication method and system | |
| CN107332671A (en) | A kind of safety mobile terminal system and method for secure transactions based on safety chip | |
| CN101527024A (en) | Safe web bank system and realization method thereof | |
| CN101739622A (en) | Trusted payment computer system | |
| CN102694781A (en) | Internet-based system and method for security information interaction | |
| EP3133791B1 (en) | Double authentication system for electronically signed documents | |
| CN102694782A (en) | Internet-based device and method for security information interaction | |
| CN105978855A (en) | System and method for protecting personal information security in real-name system | |
| CN110874726A (en) | TPM-based digital currency security protection method | |
| Zhao et al. | Safety Protection of E-Commerce Logistics Information Data Under The Background Of Big Data. | |
| CN112862484A (en) | Secure payment method and device based on multi-terminal interaction | |
| US20210266311A1 (en) | Blockchain and dnssec-based user authentication method, system, device and medium | |
| CN103532961A (en) | Method and system for authenticating identity of power grid website based on trusted crypto modules | |
| CN114697113A (en) | Hardware accelerator card-based multi-party privacy calculation method, device and system | |
| CN102708491A (en) | Trusted computing based novel USB (universal serial bus) Key device and safety transaction method thereof | |
| CN102609842A (en) | Payment cipher device based on hardware signature equipment, and application method of payment cipher device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 519060 Guangdong province Zhuhai Nanping Science and Technology Industrial Park Road No. 8 screen Applicant after: Eastcompeace Technology Co., Ltd. Address before: 519060 Guangdong province Zhuhai Nanping Science and Technology Industrial Park Road No. 8 screen Applicant before: Eastcompeace Smart Card Co., Ltd. |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: APPLICANT; FROM: EASTCOMPEACE SMART CARD CO., LTD. TO: EASTCOMPEACE TECHNOLOGY CO., LTD. |
|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20121003 |