CN112000956A - Identity verification method and system based on trusted computer - Google Patents
Identity verification method and system based on trusted computer Download PDFInfo
- Publication number
- CN112000956A CN112000956A CN202010876457.4A CN202010876457A CN112000956A CN 112000956 A CN112000956 A CN 112000956A CN 202010876457 A CN202010876457 A CN 202010876457A CN 112000956 A CN112000956 A CN 112000956A
- Authority
- CN
- China
- Prior art keywords
- trusted computer
- storage medium
- trusted
- alarm
- secret key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides an identity authentication method based on a trusted computer, which comprises the following steps: in response to the fact that the mobile storage medium is connected with the trusted computer, automatically reading a secret key stored in the mobile storage medium through a Basic Input Output System (BIOS) of the trusted computer, and judging whether the secret key is trusted or not so as to perform identity authentication; if the identity authentication fails, the BIOS controls an alarm to give an alarm, and the trusted computer is shut down; and if the identity authentication is passed, generating a new encryption key based on the secret key, replacing the secret key in the mobile storage medium, and starting the trusted computer. The invention effectively solves the problem of inflexibility of manual password input or fingerprint decryption in the prior art, and leads users to be more convenient, flexible and safe when decrypting the trusted computer by themselves or requesting others to help to operate the trusted computer; and the problem that the same secret key is stolen or leaked after long-term use is effectively avoided, so that the identity verification of the trusted computer is safer and more reliable.
Description
Technical Field
The invention relates to the field of computer security, in particular to an identity authentication method and system based on a trusted computer.
Background
With the rapid development of the information industry and internet technology, computers have become a major tool for daily office work. Among them, some office computers in the field of political affairs offices have particularly high requirements on security and credibility, and currently, security and credibility technologies based on computer platforms are gradually developed, and these credibility technologies ensure that data of users are not stolen and tampered, and can provide stronger computer security.
Most trusted computers have a link of authenticating users, but in this link, a password protection mode is mostly adopted. If the password setting is complex, the password is not convenient to memorize; if the password is set simply, the security is difficult to ensure; in addition, by means of manual password input, if one password is too long in use period, the password is easy to leak or steal; if the password is changed frequently, the password is inconvenient to remember. Although the problems can be well avoided and the safety is improved by using the modes of fingerprint identification and the like, the computer has the characteristic of inconvenient carrying, and under the condition that some people are not in the field and still need to use a trusted computer, the computer cannot be decrypted and started by using the fingerprint identification verification mode, so that the problem of poor flexibility is caused when the computer is used.
Disclosure of Invention
In view of this, an embodiment of the present invention provides an identity authentication method and system based on a trusted computer, so as to solve the problem that the flexibility and the security of the identity authentication link of the trusted computer in the prior art cannot be considered at the same time.
Based on the above object, an aspect of the embodiments of the present invention provides an identity authentication method based on a trusted computer, including the following steps:
in response to the fact that the mobile storage medium is connected with the trusted computer, automatically reading a secret key stored in the mobile storage medium through a Basic Input Output System (BIOS) of the trusted computer, and judging whether the secret key is trusted or not so as to perform identity authentication;
if the identity authentication fails, the BIOS controls an alarm to give an alarm, and the trusted computer is shut down;
and if the identity authentication is passed, generating a new encryption key based on the secret key, replacing the secret key in the mobile storage medium, and starting the trusted computer.
In some embodiments, further comprising: and in response to detecting that the mobile storage medium is abnormal in the working process of the trusted computer, the trusted computer controls an alarm to alarm and shut down.
In some embodiments, further comprising: during the operation process of the trusted computer, the mobile storage medium automatically stores the operation record on the trusted computer.
In some embodiments, the operational rights of the operational record are configured to be undeletable by a user on the trusted computer.
In some embodiments, the new encryption key comprises a system time parameter of the trusted computer at the time of the authentication and a measurement result at the time of boot of the trusted computer.
In some embodiments, the alarm mode of the alarm comprises an audio prompt and a display interface prompt of the trusted computer.
In some embodiments, the key includes user personal information and a digital certificate.
In some embodiments, the removable storage medium includes a cryptographic chip for operating a cryptographic algorithm.
In another aspect of the embodiments of the present invention, an identity verification system based on a trusted computer is further provided, including: the identity authentication module is configured to respond to the detection that the mobile storage medium is connected with the trusted computer, automatically read the secret key stored in the mobile storage medium through the BIOS of the trusted computer, and judge whether the secret key is trusted to perform identity authentication; the abnormal starting module is configured for controlling an alarm to give an alarm and shutting down the trusted computer if the identity authentication fails; and the starting module is configured to generate a new encryption key based on the secret key and replace the secret key in the mobile storage medium if the identity authentication is passed, and start the trusted computer.
In some embodiments, the system further comprises a response exception module configured to control an alarm to alarm and shut down in response to detecting an exception to the removable storage media during operation of the trusted computer.
The invention has the following beneficial technical effects:
1. by adopting the mobile storage medium with the secret key to communicate with the trusted computer and carry out identity verification, the problem of inflexibility of manual password input or fingerprint decryption in the prior art is effectively solved, so that a user can decrypt the trusted computer by himself or request others to help to operate the trusted computer more conveniently, flexibly and safely;
2. when the authentication is not passed, the BIOS controls the alarm to alarm, and then the computer is shut down, so that the user can be prompted that the trusted computer is shut down due to the fact that the authentication is not passed, and not due to abnormal reasons such as power failure and the like, and the use experience of the user is improved on the premise of ensuring the safety;
3. when the set identity authentication passes, the secret key is generated into a new encryption secret key and is stored in the mobile storage medium, so that the problem that the same secret key is stolen or leaked after long-term use is effectively avoided, and the identity authentication of the trusted computer is safer and more reliable.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other embodiments can be obtained by using the drawings without creative efforts.
FIG. 1 is a diagram illustrating an embodiment of a trusted computer based authentication method according to the present invention;
fig. 2 is a schematic diagram of an embodiment of an authentication system based on a trusted computer provided in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the following embodiments of the present invention are described in further detail with reference to the accompanying drawings.
It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are used for distinguishing two entities with the same name but different names or different parameters, and it is understood that "first" and "second" are only used for convenience of expression and should not be construed as limiting the embodiments of the present invention. Furthermore, the terms "comprises" and "comprising," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements does not include all of the other steps or elements inherent in the list.
In view of the above-mentioned objects, a first aspect of the embodiments of the present invention provides an embodiment of an identity verification method based on a trusted computer. Fig. 1 is a schematic diagram illustrating an embodiment of the trusted computer based authentication method provided by the present invention. As shown in fig. 1, the embodiment of the present invention includes the following steps:
step S10, in response to detecting that the mobile storage medium is connected with the trusted computer, automatically reading the secret key stored in the mobile storage medium through the BIOS of the trusted computer, and judging whether the secret key is trusted for identity authentication;
step S20, if the identity authentication fails, the BIOS controls the alarm to alarm, and shuts down the trusted computer;
step S30, if the authentication is passed, generating a new encryption key based on the key and replacing the key in the removable storage medium, and starting the trusted computer.
In the embodiment of the present invention, the trusted computer and the mobile storage medium are connected through a communication interface, and the communication interface is a universal serial bus interface, but is not limited thereto. The mobile storage medium stores preset information, and the information has a secret key for proving identity. When the mobile storage medium is connected with the trusted computer, the BIOS of the trusted computer automatically reads the secret key stored in the mobile storage medium; because the BIOS is started after the computer is started, the program is set as the BIOS to automatically read the information in the mobile storage medium, the manual operation of a user is not needed, and the identity authentication process can be more efficient and quicker. After the trusted computer reads the secret key in the mobile storage medium, judging whether the secret key is the secret key authorized by the trusted computer; if the secret key is approved by the trusted computer, the identity authentication is passed; if the secret key is not approved by the trusted computer, the identity authentication is not passed; the problem that decryption is inflexible when passwords or fingerprints are manually input in the prior art is effectively solved, and the user can decrypt the trusted computer by himself or request other people to help operate the trusted computer more conveniently, flexibly and safely. Security can be ensured by using a key that can be recognized by a trusted computer.
When the identity verification fails, the BIOS controls the alarm to give an alarm, and then the trusted computer is shut down; therefore, a better prompt effect can be achieved for the user, the user is prompted that the trusted computer is powered off because the authentication is not passed, and the trusted computer is not powered off due to abnormal reasons such as power failure and the like, so that the user can conveniently find out the reason that the trusted computer cannot be powered on, and the use experience of the user is improved on the premise of ensuring the safety.
When the identity authentication passes, updating the secret key to generate a new encryption secret key, and storing the new encryption secret key in the mobile storage medium; therefore, the problem that the same secret key is stolen or leaked after long-term use is effectively avoided; in the prior art, a password is manually input, and if the service cycle of one password is too long, the password is easy to leak or steal; if the password is changed frequently, the password is inconvenient to remember, and the problem is well solved through the embodiment of the invention, so that the identity authentication of the trusted computer is safer and more reliable. When the trusted computer is started next time by using the mobile storage medium, the new encryption key in the starting process is used as the key for starting the trusted computer next time.
In some embodiments, the trusted computer based authentication method further comprises: and in response to detecting that the mobile storage medium is abnormal in the working process of the trusted computer, the trusted computer controls an alarm to alarm and shut down. Because the mobile storage medium is an external device of the trusted computer, the situation of poor contact caused by accidental pulling out or mistaken collision can occur, and once the situation occurs, the user can receive the prompt of an alarm; in order to ensure safety, the alarm alarms for a period of time, and then the trusted computer is shut down.
In some embodiments, the trusted computer based authentication method further comprises: during the operation of the trusted computer, the removable storage medium automatically stores the operation record on the trusted computer. In this embodiment, the mobile storage medium may be used as a monitoring device, so that data protection of the trusted computer is realized on the premise of ensuring convenience in use of the user.
In some embodiments, the operational rights of the operational record are configured to be undeletable by the user on the trusted computer. The operation records cannot be manually and directly deleted on the trusted computer, and the use records stored in the mobile storage medium can be checked by a user to judge whether the mobile storage medium is stolen, so that the safety is further improved.
In some embodiments, the new encryption key includes a system time parameter of the trusted computer when the authentication is passed, and a measurement result at boot time of the trusted computer. The new encryption key is used as the key for the next trusted computer boot. Thus, the risk that the same key is stolen or leaked after long-term use can be avoided; the time parameter can also play a monitoring role; the measurement result is information when the identity authentication is measured and information after the identity authentication is measured.
In some embodiments, the alarm mode of the alarm comprises an audio prompt and a display interface prompt of the trusted computer. In this embodiment, the alarm is a buzzer, but is not limited thereto. The buzzer is arranged on a mainboard of the trusted computer, and sound alarm and display interface prompt of the trusted computer are realized through the design of hardware and software, so that a user can find abnormal conditions in time.
In some embodiments, the key includes user personal information and a digital certificate. The personal information of the user has the legality approved by the trusted computer, and the digital certificate has the uniqueness.
In some embodiments, the removable storage medium includes an encryption chip, the encryption chip being configured to operate an encryption algorithm. The encryption chip is used for storing a secret key and other key information, carrying out operation of an encryption algorithm, and realizing an authentication link in the starting process of the trusted computer together with a BIOS (basic input output System), an operating system, application software and the like of the trusted computer.
In another aspect of the embodiment of the present invention, an identity verification system based on a trusted computer is also provided. Fig. 2 is a schematic diagram of an embodiment of the trusted computer based authentication system provided by the present invention. A trusted computer based authentication system comprising: the identity authentication module 10 is configured to, in response to detecting that the mobile storage medium is connected to the trusted computer, automatically read the secret key stored in the mobile storage medium through a BIOS of the trusted computer, and determine whether the secret key is trusted to perform identity authentication; the abnormal starting module 20 is configured to control the alarm to alarm by the BIOS if the identity authentication fails, and shut down the trusted computer; and a boot module 30 configured to generate a new encryption key based on the key and replace the key in the removable storage medium if the authentication is passed, and boot the trusted computer.
In some embodiments, the system further includes a response exception module 40 configured to control the alarm to alarm and shut down in response to detecting an exception to the removable storage media during operation of the trusted computer.
The identity authentication system based on the trusted computer has the characteristics of simultaneously considering the safety and the flexibility of the identity authentication link, and can be used as a reliable identity authentication system.
Finally, it should be noted that, as one of ordinary skill in the art can appreciate, all or part of the processes of the methods of the above embodiments may be implemented by a computer program to instruct related hardware, and the program of the method for authenticating based on a trusted computer may be stored in a computer readable storage medium, and when executed, may include the processes of the embodiments of the methods as described above. The storage medium of the program may be a magnetic disk, an optical disk, a Read Only Memory (ROM), a Random Access Memory (RAM), or the like. The embodiments of the computer program may achieve the same or similar effects as any of the above-described method embodiments.
Furthermore, the methods disclosed according to embodiments of the present invention may also be implemented as a computer program executed by a processor, which may be stored in a computer-readable storage medium. Which when executed by a processor performs the above-described functions defined in the methods disclosed in embodiments of the invention.
Further, the above method steps and system elements may also be implemented using a controller and a computer readable storage medium for storing a computer program for causing the controller to implement the functions of the above steps or elements.
Further, it should be appreciated that the computer-readable storage media (e.g., memory) herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of example, and not limitation, nonvolatile memory can include Read Only Memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which can act as external cache memory. By way of example and not limitation, RAM is available in a variety of forms such as synchronous RAM (DRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The storage devices of the disclosed aspects are intended to comprise, without being limited to, these and other suitable types of memory.
Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as software or hardware depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the disclosed embodiments of the present invention.
The various illustrative logical blocks, modules, and circuits described in connection with the disclosure herein may be implemented or performed with the following components designed to perform the functions herein: a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination of these components. A general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP, and/or any other such configuration.
The steps of a method or algorithm described in connection with the disclosure herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC. The ASIC may reside in a user terminal. In the alternative, the processor and the storage medium may reside as discrete components in a user terminal.
In one or more exemplary designs, the functions may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer. By way of example, and not limitation, such computer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a general-purpose or special-purpose computer, or a general-purpose or special-purpose processor. Also, any connection is properly termed a computer-readable medium. For example, if the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, Digital Versatile Disc (DVD), floppy disk, blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.
The foregoing is an exemplary embodiment of the present disclosure, but it should be noted that various changes and modifications could be made herein without departing from the scope of the present disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosed embodiments of the invention may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
It should be understood that, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.
The numbers of the embodiments disclosed in the embodiments of the present invention are merely for description, and do not represent the merits of the embodiments.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, and the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, of embodiments of the invention is limited to these examples; within the idea of an embodiment of the invention, also technical features in the above embodiment or in different embodiments may be combined and there are many other variations of the different aspects of the embodiments of the invention as described above, which are not provided in detail for the sake of brevity. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of the embodiments of the present invention are intended to be included within the scope of the embodiments of the present invention.
Claims (10)
1. An identity authentication method based on a trusted computer is characterized by comprising the following steps:
in response to the fact that the mobile storage medium is connected with the trusted computer, automatically reading a secret key stored in the mobile storage medium through a Basic Input Output System (BIOS) of the trusted computer, and judging whether the secret key is trusted or not so as to perform identity authentication;
if the identity authentication fails, the BIOS controls an alarm to give an alarm, and the trusted computer is shut down;
and if the identity authentication is passed, generating a new encryption key based on the secret key, replacing the secret key in the mobile storage medium, and starting the trusted computer.
2. The method of claim 1, further comprising:
and in response to detecting that the mobile storage medium is abnormal in the working process of the trusted computer, the trusted computer controls an alarm to alarm and shut down.
3. The method of claim 1, further comprising:
during the operation process of the trusted computer, the mobile storage medium automatically stores the operation record on the trusted computer.
4. The method of claim 3, wherein the operational rights of the operational record are configured to be undeletable by a user on the trusted computer.
5. The method of claim 1, wherein the new encryption key comprises a system time parameter of the trusted computer when the authentication is passed, and a measurement result at boot-up of the trusted computer.
6. The method according to claim 1 or 2, wherein the alarm mode of the alarm comprises an audible reminder and a display interface prompt of the trusted computer.
7. The method of claim 1, wherein the key comprises user personal information and a digital certificate.
8. The method of claim 1, wherein the removable storage medium comprises a cryptographic chip, and wherein the cryptographic chip is configured to operate a cryptographic algorithm.
9. A trusted computer based authentication system comprising:
the identity authentication module is configured to respond to detection that the mobile storage medium is connected with a trusted computer, automatically read a secret key stored in the mobile storage medium through a basic input/output system (BIOS) of the trusted computer, and judge whether the secret key is trusted to perform identity authentication;
the abnormal starting module is configured for controlling an alarm to give an alarm and shutting down the trusted computer if the identity authentication fails; and
and the starting module is configured to generate a new encryption key based on the secret key and replace the secret key in the mobile storage medium if the identity authentication is passed, and start the trusted computer.
10. The system of claim 9, further comprising a response exception module configured to control an alarm to alarm and shut down the trusted computer in response to detecting an exception to the removable storage media during operation of the trusted computer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010876457.4A CN112000956A (en) | 2020-08-27 | 2020-08-27 | Identity verification method and system based on trusted computer |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010876457.4A CN112000956A (en) | 2020-08-27 | 2020-08-27 | Identity verification method and system based on trusted computer |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112000956A true CN112000956A (en) | 2020-11-27 |
Family
ID=73471364
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010876457.4A Pending CN112000956A (en) | 2020-08-27 | 2020-08-27 | Identity verification method and system based on trusted computer |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112000956A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1755572A (en) * | 2004-09-30 | 2006-04-05 | 联想(北京)有限公司 | Computer security startup method |
| CN101685425A (en) * | 2008-09-28 | 2010-03-31 | 联想(北京)有限公司 | Mobile storage device and method of encrypting same |
| CN103198247A (en) * | 2013-04-15 | 2013-07-10 | 加弘科技咨询(上海)有限公司 | Computer safety protection method and computer safety protection system |
| CN203300226U (en) * | 2012-12-12 | 2013-11-20 | 中国大唐集团财务有限公司 | High-security secret key USB flash disk |
| CN106663161A (en) * | 2014-12-31 | 2017-05-10 | 谷歌公司 | Secure host interactions |
| CN107146086A (en) * | 2017-06-09 | 2017-09-08 | 北京明华联盟科技有限公司 | The method and mobile terminal of authentication |
| CN111316596A (en) * | 2019-03-29 | 2020-06-19 | 阿里巴巴集团控股有限公司 | Encryption chip with identity authentication |
-
2020
- 2020-08-27 CN CN202010876457.4A patent/CN112000956A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1755572A (en) * | 2004-09-30 | 2006-04-05 | 联想(北京)有限公司 | Computer security startup method |
| CN101685425A (en) * | 2008-09-28 | 2010-03-31 | 联想(北京)有限公司 | Mobile storage device and method of encrypting same |
| CN203300226U (en) * | 2012-12-12 | 2013-11-20 | 中国大唐集团财务有限公司 | High-security secret key USB flash disk |
| CN103198247A (en) * | 2013-04-15 | 2013-07-10 | 加弘科技咨询(上海)有限公司 | Computer safety protection method and computer safety protection system |
| CN106663161A (en) * | 2014-12-31 | 2017-05-10 | 谷歌公司 | Secure host interactions |
| CN107146086A (en) * | 2017-06-09 | 2017-09-08 | 北京明华联盟科技有限公司 | The method and mobile terminal of authentication |
| CN111316596A (en) * | 2019-03-29 | 2020-06-19 | 阿里巴巴集团控股有限公司 | Encryption chip with identity authentication |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3905078A1 (en) | Identity verification method and system therefor | |
| US9454656B2 (en) | System and method for verifying status of an authentication device through a biometric profile | |
| CN101106455B (en) | Identity authentication method and intelligent secret key device | |
| US20110246757A1 (en) | Unattended secure remote pc client wake, boot and remote login using smart phone | |
| JP2016520265A (en) | Generation of working security keys based on security parameters | |
| CN108256302B (en) | Data security access method and device | |
| CN105005721B (en) | Computer mandate opening control system and method based on computer booting key | |
| CN111723376A (en) | A monitoring and control method, circuit and device for an in-board trusted platform | |
| WO2018166163A1 (en) | Pos terminal control method, pos terminal, server and storage medium | |
| PH12015502592B1 (en) | Self-authentication device and method | |
| CN112468294B (en) | Access method and authentication equipment of vehicle-mounted TBOX | |
| CA2848839C (en) | Methods and devices for detecting unauthorized access to credentials of a credential store | |
| WO2012035628A1 (en) | Information processing device, method of controlling information processing device, information processing device control program and computer readable recording medium with information processing device control program recorded thereon | |
| US11328049B2 (en) | Efficient and secure provisioning and updating of identity credentials | |
| CN114189862A (en) | Wireless terminal and interface access authentication method of wireless terminal in Uboot mode | |
| US9210134B2 (en) | Cryptographic processing method and system using a sensitive data item | |
| WO2017092507A1 (en) | Application encryption method and device, and application access method and device | |
| KR20210024070A (en) | Safe operation method and system of stored data | |
| CN112000956A (en) | Identity verification method and system based on trusted computer | |
| US10652241B1 (en) | Dynamic and secure coupling between auxiliary devices and endpoint resources | |
| CN113761538A (en) | Security boot file configuration method, boot method, device, equipment and medium | |
| JP4833294B2 (en) | Information processing apparatus and activation method | |
| CN108363912B (en) | Program code secret protection method and device | |
| CN114154164A (en) | Method, device and equipment for safely starting FPGA (field programmable Gate array) and readable medium | |
| CN116842545A (en) | File encryption-based data anti-luxury method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201127 |
|
| RJ01 | Rejection of invention patent application after publication |