Patent application number | Description | Published |
20080201764 | METHOD AND SYSTEM FOR CONTROLLING THE SMART ELECTRIC APPLIANCE - The present invention discloses a method for controlling the smart electric appliance by connecting a key device to a smart electric appliance and performing control operations on the smart electric appliance in accordance with the control settings for the key device after positively authenticating the internal device descriptor of the key device. Also, the present invention discloses a system according to the method mentioned above, including a smart electric appliance comprising a USB interface module, an authentication module, an execution module and a general control module, and a key device comprising a smart storage module. By introducing the key device, authenticating the key device before allowance of use of the smart electric appliance, and setting different control operation levels for different users of the smart electric appliance, it becomes very secure to use the smart electric appliance, while it becomes more flexible to use the same. | 08-21-2008 |
20080283617 | CONTACTLESS CARD AND A CONTROL METHOD THEREOF - The present invention relates to a contactless card in smart card field and a control method thereof. The contactless card comprises a card chip, an antenna resonant circuit, and a confirmation unit. The confirmation unit, being separated from the antenna resonant circuit and connected to the I/O interface of the card chip, is used for confirming a card operation command by a cardholder so as to send a confirmation message to the card chip. The control method can be realized according to the following steps: putting a contactless card into a valid range for its reader; determining by the contactless card whether a command transmitted from the reader needs to be confirmed by the cardholder, if not, responding to the command by the contactless card, otherwise waiting for confirmation message by the contactless card; and receiving the confirmation message from the cardholder and responding to the command by the contactless card. The present method provides the cardholder with the light on the control of command execution and prevents the information stored in the card from being stolen or mis-operation to the card, which improves the usability of the contactless card and eliminates the impedance and enhances the continuity of the antenna resonant circuit and brings the convenience to the cardholder. | 11-20-2008 |
20080294902 | METHOD AND SYSTEM FOR IMPROVING SECURITY OF THE KEY DEVICE - The present invention provides a method and a system for improving security of a key device in the information security filed. In order to solve the problem that the security performance of the key device is lower due to the possible tamper of the data needed for encryption and signature in prior art, the present invention provides the method, including steps in which the key device is connected to a computer, then is used to receive the data input by the user through a computer and display the same after a user makes a successful authentication; and to make digital signature or encryption of the data input after the user confirms the content displayed. The above-mentioned system comprises an authentication module, a data receiving module, a display module, a confirmation information receiving module, and a key module. The present invention makes relative display on the key device according to the data input by the user, and provides an input device or generates a random authentication code for confirmation and therefore prevents invalid digital signature or encryption, and improves the security of the key device greatly. | 11-27-2008 |
20080296371 | METHOD OF ACTIVATING A FINGERPRINT IDENTIFICATION PROCESS OF A SMART CARD ACCORDING TO A GIVEN CONDITION AND A DEVICE THEREOF - The present invention relates to a method of activating a fingerprint identification process of a smart card according to a given condition and a device thereof. The present invention uses a contactless smart card as a carrier of the fingerprint identification technology and incorporates user identification during use of the card to make the transaction or access process more secure and efficient. The invention provides the steps of how to determine whether the fingerprint identification process of the smart card should be activated to verify the validation of the user before the transaction according to the comparison result between the transaction amount and the preset conditional value. | 12-04-2008 |
20080307409 | METHOD FOR VIRTUALIZING A PERSONAL WORKING ENVIRONMENT AND DEVICE FOR THE SAME - The present invention is directed to a method for virtualizing a personal working environment and a device for the same, relating to the information security field. The method comprises the steps of: installing a Virtual Machine (VM) environment on a device; upon virtualizing the personal working environment, connecting the device to a host, loading the VM environment into the host; and responding to a user operation and saving data of the user operation to the device by the VM environment. The device comprises a communication interface module, a VM environment storage module, and a control module. The present invention provides a means for secure and convenient mobile work. | 12-11-2008 |
20090055892 | AUTHENTICATION METHOD AND KEY DEVICE - The present invention discloses an authentication method and a key device and relates to the information security field. The authentication method comprises initiating user authentication, generating a dynamic code and then a first verification code on the basis of the dynamic code, and outputting the dynamic code, by a key device; and receiving a second verification code entered by a user via a host, and collating the second verification code with the first verification code, by the key device, and if a match is found, the user access is authorized to the key device; otherwise, the user access is prohibited. The key device comprises a trigger module, a generator module, an output module, a communication module, a collator module, a controller module and a security module. According to the present invention, better security is achieved by reducing the possibility of sensitive information disclosure and misuse in case of password theft for the key device. | 02-26-2009 |
20090132819 | SYSTEM FOR SELF-SERVICE RECHARGING AND METHOD FOR THE SAME - The present invention discloses a method for self-service recharging and a system for the same, relating to the security communications of online banking. The system comprises a client and a server. The method mainly comprises the steps of: 1) establishing a data security channel between the client and the server; 2) inputting an identifier by a user to a secure transaction device; 3) determining whether the identifier is legitimate; and if legitimate allowing the user to input a recharging operation message; 4) connecting to the server and transmitting a recharging operation request packet after receiving the recharging operation message; 5) verifying whether the secure transaction device is legitimate by the server according to information in a database stored natively, and if legitimate, deducting a recharging amount from a user account, recording an operation log, and transmitting a recharging permission command packet to the secure transaction device; and 6) conducting a recharging operation by the secure transaction device and recording an operation log. The present invention provides a way to conveniently and rapidly recharge. | 05-21-2009 |
20090138863 | Method And Apparatus For Protecting .NET Programs - The present invention discloses a method and apparatus for protecting .net programs, relating to software protection. The method mainly includes: selecting a binary code segment from a .net program; transforming the binary code segment, and removing it from the .net program; writing the binary code segment to a shell of the .net program, and writing a shell calling instruction to the .net program; and executing the .net program, and calling a .net virtual machine to execute the binary code segment. The apparatus includes a selecting module, a transforming and removing module, a writing module, and an executing module. The programs running on the .net platform can be protected simply by being transformed. | 05-28-2009 |
20090161924 | ONE TIME PASSWORD GENERATING METHOD AND APPARATUS - The invention relates to a one-time password generating method and an apparatus. The method includes steps of collecting fingerprint images, extracting fingerprint feature data from those fingerprint images, and comparing the fingerprint feature data with one or more pre-stored fingerprint feature templates for authentication. After the authentication is passed, a one-time password is generated by the corresponding fingerprint feature template or a user's secret corresponding to the template. The invention also discloses a one-time password apparatus, including a fingerprint collecting unit, a fingerprint feature extracting unit, a storage unit, a comparison unit, a one-time password generating unit, a control unit, and an output unit. By adding fingerprint authentication function to a one-time password generating apparatus, the invention avoids disadvantages such as no user authentication in the present apparatus, only for a single user, and imitation of the apparatus by others when it is lost or theft, as a result, increases security of the apparatus. | 06-25-2009 |
20090198861 | Device With A USB Interface Which Can Be Used As A Time-Sharing Standard I/O Interface And A Method Thereof - The invention provides a device with a USB interface which can be used as a time-sharing standard I/O interface. The device includes a USB interface module, a status detecting module, a power extracting module and a switch module. The power extracting module is connected to the USB interface module, the switch module is connected to the USB interface module, and the status detecting module is connected to the switch module and the USB interface module. With an interface used in a time-sharing way according to the invention, the device can transfer data according to the USB protocol or standard I/O interface protocol depending on the tool used. When the data needs to be transferred according to the I/O interface protocol, there is no need to open the casing of the USB device and it is more convenient to use because the I/O interface protocol can be defined by the user. | 08-06-2009 |
20090249066 | Method for Safe Operation and A System Thereof - The present invention relating to computer security field provides a method for safe operation and a system thereof. The method includes: loading the compressed kernel of a safe operating system to a memory of a computer, decompressing the driver of a security device to the memory of the computer; a security master process inquiring the security device and determining whether the security device is legitimate, and if so, the safe operating system creates a security sub-process with which the safe operating system performing information interaction with the security device; verifying whether a user is legitimate, if so, permitting the safe operating system to run properly; otherwise, performing exception handling. The system includes an operating system storage device, a security device and a computer. The presented invention provides a solution that a kernel program of a safe operating system is cooperated with a security device by starting the safe operating system. In the whole process of the computer operation, the kernel of the safe operating system works with the security device, and the security device completes the verification of the user ID and the processing of file data encryption/decryption, which assures the security of the computer operation. | 10-01-2009 |
20090249373 | METHOD FOR PROGRAM PROTECTION BASED ON .NET CARD AND A SYSTEM THEREOF - A method and system for program protection based on a .NET card. The method includes compiling, by a first device, first source code into a first assembly, and storing the first assembly to a .NET card. Information of a remotely invoked class in the first source code is extracted to form a new class. A remote invocation instruction is written in the new class to generate second source code. The second source code is compiled into a second assembly, and the .NET card and the second assembly are provided to a second device. The second device executes the second assembly, remotely invoking the class in the first source code, executing the class at the .NET card via an interface of the .NET card, and receiving an execution result returned by the .NET card. The system includes a .NET card, a first device and a second device. | 10-01-2009 |
20090265722 | METHOD AND SYSTEM FOR DYNAMICALLY SWITCHING BETWEEN DIFFERENT DEVICE CONFIGURATIONS - A method for dynamically switching between different device configurations to improve the utilization of the device and save the cost. The method comprises the steps of obtaining the current configuration information of a device connected to a host; and if the current configuration of the device does not meet the requirements of the host, switching the current configuration of the device to a suitable one for the host. A system for the same is also provided to improve the utilization of the device and save the cost. | 10-22-2009 |
20090265769 | METHOD FOR AUTOMATICALLY GENERATING AND FILLING IN LOGIN INFORMATION AND SYSTEM FOR THE SAME - A system for automatically generating and filling login information to improve the security in storage and use of the login information. The system comprises a monitoring module, a registration module, and a login module; the monitoring module is coupled to the registration module and the login module; the monitoring module is adapted to check for an entry of login information corresponding to the identifier of the current page, and prompt a result to the user, and transmit a signal to the registration module and the login module to perform a registration and/or login operation; the registration module comprises a login information generation unit, a login information storage unit, and a first user confirmation unit; and the login module comprises a login information input unit and a second user confirmation unit. A method for the same is also disclosed. | 10-22-2009 |
20090287688 | Method for Searching for Class and Function Based on .NET Card and .NET Card Thereof - The present invention relates to information security field and presents a method for searching for a class and a function based on a .NET card and a .NET card thereof. The method includes: building a first character string according to information of a class currently executed by the .NET card, or information of a function currently executed by the .NET card and a class that the function belongs to; computing a first index value from the first character string; searching for a first locator value corresponding to the first index value in an index table pre-stored in the .NET card, wherein index values in the index table are generated in the same way as the first index value is generated; finding, in a runtime library of the .NET card, the class or the function currently executed according to the first locator value. The .NET card includes a storage module, a building module, a computing module and a searching module. The invention improves the speed of searching for a class or a function when a program is executed in the .NET card. And the index table consumes a small part of the memory of the .NET card, therefore the method is convenient and easy to implement. | 11-19-2009 |
20090289117 | Method For Reducing RF Interference Inside Dual-Interface Card Reader And Dual-Interface Card Reader Thereof - The present invention provides a method for reducing RF interference inside a dual-interface card reader and a dual-interface card reader, which relate to dual-interface card reader field. The method includes: adjusting RF power by the dual-interface card reader to reach a specified maximum value; determining the type of an IC card which is operating currently by the dual-interface card reader; if the IC card is a contactless IC card, responding to the contactless card and not responding to any contact IC card before the operation of the contactless IC card is completed by the dual-interface card reader; if the IC card is a contact IC card, adjusting the RF power so as to make the RF power to be lower and responding to the contact IC card by the dual-interface card reader, and if a contactless IC is operating before the operation of the contact IC card is completed, responding to the contactless IC card simultaneously by the dual-interface card reader. The dual-interface card reader includes: a determining module, a control module, a contact card communication module, a contactless card communication module and a data transferring module. The invention provides a solution for reducing RF interference inside a dual-interface card reader, which is implemented easily and conveniently. The identification effect of the dual-interface card reader is improved. | 11-26-2009 |
20100082843 | Method and System for Implementing Automatic Installation of Key Device - The invention discloses a method and system for implementing automatic installation of a key device, and relates to the field of smart card. The method includes steps of: establishing, by the key device, a connection with a computer; declaring to the computer that the key device itself is a compound device containing a USB keyboard device; sending a predefined first keyboard message sequence to the computer, wherein the first keyboard message sequence is used for starting an operation environment of the computer; converting, after the operation environment is started, a pre-stored script instruction for running an installation program into a second keyboard message sequence, and sending the second keyboard message sequence to the computer; sending a predefined third keyboard message sequence to the computer, wherein the third keyboard message sequence is used for running the installation program. The system includes a key device and a computer. According to the invention, by way of interaction between the key device and the computer, the technical problem that the key device can not be installed automatically in the case that the autorun function of the Windows system is shielded is solved, thereby facilitating automatic installation of the key device. | 04-01-2010 |
20100082966 | METHOD FOR COMPUTER STARTUP PROTECTION AND SYSTEM THEREOF - A method for computer startup protection, wherein the method includes steps that a computer powers up, and loads and executes a dynamic password computer startup protection program; the dynamic password computer startup protection program receives a password entered by a user; the password is obtained by the user via sending a dynamic password generating command to a dynamic password device; then the dynamic password computer startup protection program determines whether the password is valid, if so, the dynamic password computer startup protection program loads a computer startup program of the computer; otherwise the dynamic password computer startup protection program does not load the computer startup program of the computer. A system includes a computer and a dynamic password generating device. | 04-01-2010 |
20100115465 | Logon System and Method Thereof - The invention discloses a logon system and a method thereof, which relates to information security field. The invention solves the problems that the user can log on Windows by username and password only. In the invention, the Credential Provider module adapted to pop up a human-computer interactive interface when the Credential Provider module is called by the operating system of the computer; further adapted to collect the information needed for logging on the operating system and transfer the collected information to the operating system of the computer; the Cryptographic Service Provider module is adapted to perform authentication with the information received from the operating system of the computer; and, if the authentication is successful, to perform operation with the corresponding private key of the key device logon certificate to generate credential information needed for logging on the operating system. The embodiments of the invention are applied for logging on the Windows, which provide more alternative logon ways for the user. | 05-06-2010 |
20110042455 | METHOD FOR INPUTTING A PASSWORD AND A DEVICE THEREFOR - A method for inputting a password and a device thereof are disclosed in the invention, relating to the information security field and solving the problem that a password input by a user is easy to be intercepted. The method includes steps that, a password inputting device acquires an instruction in accordance with ISO/IEC 7816 standard from an upper computer, and determines whether the instruction is a password checking instruction or not, and if it is not, the device sends the instruction to the smart card; or else if it is, the device receives the password input by the user, encloses it to the password checking instruction, sends the instruction enclosed with the password to the smart card, receives the result of executing the password checking instruction from the smart card, and sends the result to the upper computer. The solution of the invention is used for improving the security of inputting a password in avoidance that the password is intercepted when being transmitted. | 02-24-2011 |
20110042457 | CARD READER WITH MULTIPLE FUNCTIONS AND A METHOD FOR IMPLEMENTING THE SAME - The invention discloses a method for implementing a card reader with multiple functions and a card reader therewith. The method includes that a card reader determines whether a card is inserted in the slot of the card reader and whether the card reader is online; if no card is inserted in the slot, the card reader performs operation to generate a one-time password; if a card is inserted in the slot and the card reader is online, the card reader performs corresponding operation on the card according to the card operating requirement, while if a card is inserted in the slot and the card reader is offline, the card reader performs operation with the card to generate a Token; otherwise, to end the process. The card reader includes a power module, an input/output module, a determining module, an operating module, and a performing module. With good common performance, the card reader provided by the invention performs as smart card reader and verification whether a card is inserted in the card reader or not, which overcomes the shortcomings that the card reader in the prior art has simplex function. | 02-24-2011 |
20110047386 | SIGNING METHOD, APPARATUS, AND SYSTEM - A signing method, apparatus, and system, which relate to the information security field. The present invention overcomes the problem of signature counterfeit in prior art. The client host generates a transaction message and determines the key information of the message after receiving transaction information entered by a user, forms a data packet for signing, and transmits the data packet to the USB key, which will then extract the key information and output it for confirmation by the user, and if a confirmation is received, the USB key signs the data packet and transmits a signature to the client host; after receiving the signature and the transaction message from the client host, the server extracts the key information from the transaction message to form a data packet for signing and verifies the signature against the data packet. The embodiments of the present invention are mainly applicable to the field of information security. | 02-24-2011 |
20110119750 | METHOD FOR IMPROVING NETWORK APPLICATION SECURITY AND THE SYSTEM THEREOF - A method for improving network application security and the system thereof are disclosed in the invention, relating to the field of information security. The method includes: a proxy server in a customer terminal host receives a protocol message, generated and sent by the customer terminal software according to the information input by a user, and obtains the protocol content after parsing the protocol message, and determines whether critical information is included in the protocol content, if it is, the server sends the protocol content to the smart key device; and the smart key device obtains the critical information by parsing it and sends it to the user, and after a confirmation information is gotten from the user, the smart key device signs the protocol content and sends the signature result to the server; and then the server generates a new protocol message to an application server according to the signature result and the protocol content; after an error confirmation or no confirmation is received within a predetermined time period by the user, the smart key device performs the exception handling. The system includes a smart key device and a proxy server in the customer terminal host. The invention improves network application security on the premise of no change to the customer terminal, and it is usable and compatible. | 05-19-2011 |
20110119766 | METHOD, DEVICE AND SYSTEM FOR PROTECTING SOFTWARE - The invention, related to information security field, discloses a method for protecting software, and device and system thereof. The method includes that a security device is connected with a terminal device; the security device receives service instruction, determines whether the clock inside the security device is activated, reads the current time of the clock and determines whether the current time is valid; if so, the security device executes the service instruction and returns the executing result to the terminal device; otherwise, the security device returns false result to the terminal device. The invention provides more secure service to the protected software, meanwhile, extends lifetime of the security device. | 05-19-2011 |
20110197007 | METHOD FOR RECOGNIZING A CARD READER WITH MULTIPLE CARD HOLDERS AND METHOD FOR COMMUNICATING BETWEEN A HOST AND THE CARD READER AND SYSTEM THEREOF - The present invention discloses a method, related to smart card reader field, for recognizing a card reader with multiple card holders. The method includes connecting, by the card reader with multiple card readers, to a host and loading, by the host, card reader device bus driver; obtaining, by the card reader device bus driver, the device information of the card reader with multiple card readers and creating physical device object according to the device information; installing and loading, by the host, smart card function driver for each physical device object and registering a standard smart card driver library for every smart card function driver; creating, by the smart card service of the host, a new smart card device record in the resource manager of the smart card service according to the smart card function driver loaded and the smart card driver library registered and recognizing the card reader with multiple card readers as a plurality of smart card devices. The invention further discloses a method for communicating between the host and the card reader with multiple card holders based on the recognizing method described above and a system thereof. | 08-11-2011 |
20110264669 | METHOD FOR COMPRESSING A .NET FILE - The invention discloses a method for compressing a .net file, characterized by at least one of the following steps of obtaining and compressing reference type in a .net tile; obtaining and compressing definition method in a .net file; obtaining and compressing method body of the definition method in a .net file; obtaining and compressing Namespace in a .net file; obtaining and compressing definition type in a .net file. By compressing the .net file, the invention efficiently reduces the storage space occupied by the .net file, and makes it stored in a small-sized medium, such as a smart card. | 10-27-2011 |
20110271350 | METHOD FOR PROTECTING SOFTWARE - A method for protecting software is disclosed in the invention, including steps of analyzing the software or obtaining source codes of the software, and modifying the instructions obtained from analyzing the software or source codes of the software, and programming the modified instructions or compiling the modified source codes to obtain new software and ending or going on running the rest of instructions according to the result of executing the new instructions. By executing this method, the software is protected. | 11-03-2011 |
20120047503 | METHOD FOR VIRTUALIZING A PERSONAL WORKING ENVIRONMENT AND DEVICE FOR THE SAME - The present invention is directed to a method for virtualizing a personal working environment and a device for the same, relating to the information security field. The method comprises the steps of: installing a Virtual Machine (VM) environment on a device; upon virtualizing the personal working environment, connecting the device to a host, loading the VM environment into the host; and responding to a user operation and saving data of the user operation to the device by the VM environment. The device comprises a communication interface module, a VM environment storage module, and a control module. The present invention provides a means for secure and convenient mobile work. | 02-23-2012 |
20120089653 | Data Converting Method and a Device Therefor - A data converting method and device therefor are disclosed by the invention, relating to data converting algorithm field, solving the problem of complicate data converting method in prior art. Steps of the invention are obtaining offset from the predetermined byte of the data string to be converted; obtaining the predetermined bits of data from the data string to be converted according to the offset; converting the obtained bits to decimal number; determining whether size of the decimal number is smaller than the first predetermined length, if so, keeping adding 0 to the upper digit of the decimal number till the first predetermined length is reached, and taking the data with added 0 as the converted data; otherwise keeping obtaining data from low bit of the decimal number, till the first predetermined length is reached, and taking the obtained data as the converted data. The method of the invention is mainly used for devices and methods requiring data converting, e.g. one time password generating method and device therefor. | 04-12-2012 |
20120096214 | Working Method for Information Security Device with CF Interface and Working System Thereof - A working method for information security device with CF interface and working system thereof are disclosed in the invention. The method includes that the card reading apparatus sends instruction to the information security device with CF interface, and the information security device with CF interface determines the object being operated by the instruction, if the object is flash module in the information security device with CF interface, the information security device with CF interface operates the flash module as normal, or else if the object is information security chip of the information security device with CF interface, the information security device with CF interface performs information security operation on the information security chip;
| 04-19-2012 |
20120117618 | METHOD FOR CALIBRATING A TEMPERATURE FLOAT OF A ONE TIME PASSWORD TOKEN AND A ONE TIME PASSWORD TOKEN THEREOF - A method for calibrating a temperature float of a one time password token and a device thereof are provided in the invention relating to the information security field. The method includes steps: the one time password token measures a current ambient temperature at intervals of a first predetermined time, retrieves a data table for a characteristic value relating to the measured temperature, and calibrates a current time value inside the token according to the characteristic value at intervals of a second predetermined time. The one time password token includes a timer module, a measuring module, a retrieving module, a table storing module, a calibrating module, a triggering module, a generating module and a displaying module. The invention calibrates time differentiation of the one time password token caused by the temperature float. | 05-10-2012 |
20120124380 | USB COMPOSITE DEVICE AND METHOD THEREFOR - The invention, which relates to information security device, provides a USB composite device and implementing method thereof. The invention provides a solution that integrates the mass storage function and the key device function on a single device. A USB composite device is connected with a host computer and claims its device type; the composite device receives the operating instruction allocated by the host computer and determines whether the instruction is key device operating instruction; if so, performs key device operating; otherwise, performs data reading/writing operating. Providing higher data security and good usability for the user, the solution of the invention is easy to use. | 05-17-2012 |
20120131679 | METHOD FOR PROTECTING SOFTWARE BASED ON CLOCK OF SECURITY DEVICE AND SECURITY DEVICE THEREOF - The invention discloses a software protecting method based on clock of a security device and a security device thereof. The method includes connecting to a terminal device to the security device, receiving the service instruction sent from protected software of the terminal device, protecting the protected software of the terminal device by the security device via the preset time protecting function. The security device includes an interface module and a control module. Thereby, the control module includes a communicating unit and a software protecting unit. The security device of the invention binds with functions such as time and date easily according to the time limit information which limits the time of using the security device and controls the start time and expiring time of using the security device accurately which provides safer service for protecting the software. | 05-24-2012 |
20120137131 | AUTHENTICATION METHOD, SYSTEM, AND DEVICE - The present invention provides an authentication method, an authentication system, and an authentication device, which is in information security field. The method includes that a service side receives a username and a first value from a client side, searches a seed of a dynamic password token, and generates a first dynamic password according to the first value and the seed, converts the first dynamic password to the first authentication password and the second authentication password, and sends the first authentication password to the user; the dynamic password token generates a second dynamic password and sends the first authentication password to a user; the dynamic password token generates a second dynamic password and converts the second dynamic password to a third authentication password and a fourth authentication password; the user compares the first authentication password and the third authentication password to determine that they are identical, so as to confirm that the user is legal or the transaction is permissible. The invention prevents malicious attack and operation of illegal users, which improves the security of information and property of the users. | 05-31-2012 |
20120210408 | VERIFICATION METHOD AND SYSTEM THEREOF - The invention discloses an authenticating method and a system thereof, which relates to information security field and solves the problem that the user information is not safe in transaction process. The embodiment of the invention comprises that the server side receives user data information and a first dynamic password sent from the user side; the server side generates the first authenticating dynamic password according to the user data information; server side verifies the first dynamic password according to the first authenticating dynamic password and generates the second authenticating dynamic password after successful verification; the server side sends the second authenticating dynamic or the first password to the user side; the server side executes the transaction data in the user data information or permits the user to log on after using a third authenticating dynamic password generated by the server side to verify the user data information or the third dynamic password sent from the user side successfully. The invention enhances the safety of transaction for the user and prevents the user from loss caused by logging on phishing website by the user. | 08-16-2012 |
20120272212 | METHOD FOR INSERTING CODE INTO .NET PROGRAMS AND APPARATUS THEREFOR - The present invention discloses a method for inserting code into .Net program and an apparatus therefor, relating to the field of information security. The method comprises the steps of: writing information of code to be inserted to import table of a .Net executable file; adding address of the code to be inserted to import address table (IAT) of the .Net executable file to form a new import address table; change offset address of entry point of the .Net executable file to address of the new IAT; and change flag in header of metadata table of the .Net executable file to enable the .Net executable file to meet certification requirements when being executed. The apparatus comprises a writing module, a forming module, and a modification module. The method and apparatus provided by the present invention implement code insertion into .Net executable file without the dependency on assembly and disassembly tools and are easy to use. The problems of low efficiency, poor stability, and poor compatibility in inserting code into .Net executable file can be solved by the present invention. | 10-25-2012 |
20120278508 | METHOD FOR ACCESSING MULTIPLE CARD SLOTS AND APPARATUS FOR THE SAME - The present invention discloses a method for accessing multiple card slots and an apparatus for the same, which relate to data communication field. The method comprises establishing a connection from a CCID to a host, declaring at least a pair of IN/OUT endpoints used for implementing a response pipe and a command pipe as BULK-IN and BULK-OUT endpoints, declaring at least one IN endpoint used for implementing an event notification pipe as an interrupt endpoint, and declaring, by the CCID, the CCID itself as a device compliant with a CCID standard and the number of card slots supported by the CCID to the host; accessing the CCID by the host; receiving, by the CCID, a BULK-OUT packet and determining, by the CCID, a type of a CCID command issued by the host according to the BULK-OUT packet; in case the CCID command is a channel extension command, determining if it is a channel switch command; and if so, parsing the channel switch command and activating a card slot the host tries to access. | 11-01-2012 |
20120291023 | DEVICE AND METHOD FOR AUTOMATIC DRIVER INSTALLATION - Provided are a device and method for automatic driver installation. The device comprises: a remoter server, a client host and an information security device. The remote server stores driver and interface protocol program downloading service for the client host. The client host is in communication connection with the remote server, receives data information inputted by the information security device, and downloads the driver or interface protocol program from the remote server according to the data information and install or load the driver or interface protocol program. The information security device is in communication connection with the client host and feedbacks data information according to instruction issued by the client host. The present scheme can effectively reduce the number of times user account control (UAC) window pops up and ensure operating system security while installing and deploying middleware, thus simplifying user operation. | 11-15-2012 |
20120296819 | METHOD FOR OPERATING AN E-PURSE - The invention discloses a method for operating an e-purse, relating to the information security field. The method includes that a CPU card enters into a contactless induction area of a terminal, is powered up and initialized, receives an operation initializing instruction from the terminal, reads and stores data comprising transaction amount in the operation initializing instruction, and performs the related operation. The operation initializing instruction is a complex loading initializing instruction or a purchase initializing instruction. The data comprises transaction amount. | 11-22-2012 |
20130010955 | METHOD FOR IMPLEMENTING AN ENCRYPTION ENGINE - Disclosed is a method for implementing an encryption engine, which includes: when an engine binding interface is called, a hardware encryption engine establishes a connection with a hardware encryption equipment, acquires an algorithm list of said hardware encryption equipment, and fills a first data structure; when a key initialization interface is called, said hardware encryption engine, according to the transmitted first data structure, sets an encryption/decryption algorithm to be used by said hardware encryption equipment, and retrieves a corresponding algorithm key; and if no algorithm key is retrieved, said hardware encryption engine controls said hardware encryption equipment to create said algorithm key; when a data encryption/decryption interface is called, said hardware encryption engine, according to the currently set encryption/decryption algorithm and said algorithm key, controls said hardware encryption equipment to perform an encryption/decryption operation on the transmitted data, and outputs the operation result; and when an engine release interface is called, said hardware encryption engine ends the connection with said hardware encryption equipment. The present invention can add or extend the encryption/decryption algorithm that can only be implemented in hardware to a software algorithm library. | 01-10-2013 |
20130013095 | AUDIO COMMUNICATION BASED ELECTRONIC SIGNATURE SYSTEM AND METHOD THEREOF - An audio communication based electronic signature system and a method thereof are provided. The system includes: an audio smart key device including an interface module, a data processing module, a smart key module and a power module; and a terminal including an audio output interface, an audio input interface and an application unit. The interface module of the audio smart key device communicates with the terminal in the form of audio signal and it can perform operations of A/D conversion and modulation and demodulation on the audio signal. In the signing method, the terminal sends an audio signal including important data to the smart key device, the audio smart key device receives and decodes the audio signal, demodulates the decoded data and decrypts the demodulated data, signs the decrypted data, encodes, modulates and encrypts the signature result subsequently, sends the crypted result to the terminal, where the encrypted result is sent to the server for signature verification. | 01-10-2013 |
20130031277 | METHOD FOR IDENTIFYING VERSION TYPE OF WINDOWS OPERATING SYSTEM ON A HOST BY A USB DEVICE - The invention provides a method for identifying version type of a Windows operating system on a host by USB device, relating to operating system field and including steps: A, USB device is powered on and initialized; B, the USB device performs USB enumeration, determines whether a first predetermined instruction is received in process of USB enumeration, if yes, determines the operating system is a first operating system and goes to Step D, if no, goes to C; C, the USB device determines the device type returned in process of USB enumeration, if it is a CCID device, determines whether the received instruction includes a second predetermined instruction, if yes, determines the operating system is a second operating system, if no, determines the operating system is a third operating system; when the device is an SCSI device, the USB device determines whether the second received SCSI instruction is a third predetermined instruction or fourth predetermined instruction, if it is the third predetermined instruction, determines that the operating system is a second operating system, if it is the fourth predetermined instruction, determines that the operating system is a third operating system; D, the USB device establishes communication with the host, waits for instruction sent by the host and returns related information to the host according to the determined type of the host operating system. | 01-31-2013 |
20130042029 | METHOD FOR IDENTIFYING HOST OPERATING SYSTEM BY UNIVERSAL SERIAL BUS (USB) DEVICE - A method for identifying a host operating system by a Universal Serial Bus (USB) device is disclosed, which pertains to the field of information security. The method includes: A) the USB device is powered on and initiated; B) it is determined whether the first setup packet is a first preset command, if yes, C is performed, if not, D is performed; C) it is determined whether the seventh byte of the first preset command is a second preset value, if yes, an operating system identification is set as a first preset identification, and F is performed, otherwise, E is performed; D) it is determined whether the first setup packet is a second preset command, if yes, the operating system identification is set as a second preset identification, and F is performed, otherwise, E is performed; E) information interaction with the host is performed according to a default operating system identification until the last setup packet is received, and it is determined whether the last setup packet is a third preset command, if yes, the operating system identification is set as a third preset identification, if not, the operating system identification is set as a fourth preset identification; F) information interaction with the host is performed according to the present operating system identification, and then it waits to receive the instructions issued by the host. | 02-14-2013 |
20130080773 | FILE PROTECTING METHOD AND A SYSTEM THEREFOR - The invention discloses a file protecting method and a system therefor, relating to the information security field. The method includes: an application receives an instruction for opening a protected file sent by a user and invokes an upper interface of an operation system, and the upper interface sends an instruction for opening the protected file sent by a file system, and a filter driver intercepts the instruction for opening the protected file sent by the upper-layer interface to the file system, if the filter driver determines that the application is valid, it creates an image file on a virtual disk for the protected file, and returns a handler of the image file and reads or writes the protected file by the handler, which avoids a possible disclosure of plain text of the protected file in a buffer in prior art. | 03-28-2013 |
20130097419 | METHOD AND SYSTEM FOR ACCESSING E-BOOK DATA - Provided is a method for accessing e-book data, including: step A: e-book hardware establishes a connection with an electronic device and negotiates a reading key; step B: the electronic device downloads e-book data via a client, specifically is: firstly, the electric device establishes a connection with the client; the client sends a connection establishment request to a server; the server verifies the identification of the electronic device via the client; if the verification is not passed, then the access will be refused; if the verification is passed, then the server uses a downloaded key to encrypt the e-book data and sends the encrypted e-book data to the electronic device via the client; and step C: the electronic hardware establishes a connection with the electronic device, processes the encrypted e-book data using the downloaded key and/or the reading key, and the e-book hardware displays the e-book data. The method provided in the present embodiment not only enables the download and reading of the e-book to be more rapid but also protects the copyright of the e-book. | 04-18-2013 |
20130104218 | METHOD AND SYSTEM FOR SECURELY ACCESSING TO PROTECTED RESOURCE - The invention provides a method for securely accessing to protected resource and a system thereof, which belongs to information security field. A first terminal sends a request for accessing to the protected resource to a second terminal, and sends a user name and first data to the second terminal; the second terminal generates second data, and searches for a secret on a third terminal; the second terminal processes the first data, the second data, and the secret, so as to obtain a first characteristic value; the third terminal processes the first data, the second data, and the secret so as to obtain a second characteristic value, and upon receiving a confirmation message, processes the first data, the second data, and a secret pre-stored at/on the third terminal so as to obtain a third characteristic value; the first terminal sends the third characteristic value to the second terminal; the second terminal processes the first data, the second data, and the secret to generate a fourth characteristic value, and determines whether the fourth characteristic value is identical to the third characteristic value by comparison, if they are identical, accessing is permitted; otherwise, accessing is refused. | 04-25-2013 |
20130110846 | DATA PROCESSING METHOD AND APPARATUS | 05-02-2013 |
20130160103 | IMAGE COLLECTION BASED INFORMATION SECURITY METHOD AND SYSTEM - An image collection based information security method and system is disclosed. The method includes a server side receiving a first transaction data sent by a client side and generating a second transaction data with the first data. The server converts the second data into an image, and sends the image to the client. A dynamic token collects the image, pre-processes, and converts the image into a third transaction data, and displays the third data for user's confirmation. The token generates and displays a second dynamic password according to the third data. The client receives the second password input by a user and sends same to the server. The server receives the second password and generates a first dynamic password, determines whether the first password is identical to the second password; if yes, the authentication is successful and the transaction is executed; if no, the transaction is cancelled. | 06-20-2013 |
20130176103 | SAFE METHOD FOR CARD ISSUING, CARD ISSUING DEVICE AND SYSTEM - A safe method for card issuing, a card issuing device and system, which relate to the technical field of information security and solve the problem of low efficiency in existing card issuing methods. The embodiment of the safe method for card issuing in the present invention comprises: a managing card and a card issuing device performing a check and certification for card issuing; the card issuing device sending in sequence a card operating system download command sequence to at least one user card, and instructing the at least one user card to download the card operating system according to the card operating system download command sequence; the card issuing device activating the card operation system downloaded onto the at least one user card. The embodiments of the present invention are mainly used in various solutions which require card issuing technology, such as card issuing for public transport systems, and card issuing for bank cards and access cards. | 07-11-2013 |
20130198527 | EXECUTION METHOD OF .NET PROGRAM AFTER ENCRYPTION - The present invention provides an execution method of a .NET program after encryption. An operating system allocates a process address space to a .NET program process and maps PE files into the process address space respectively. After the .NET program process runs, it is judged whether a currently running program module is encrypted. The .NET program process continues to run after the encrypted program module is decrypted. If the current program module calls a subroutine module, it is judged whether the subroutine module is encrypted. If the subroutine module is encrypted, a decryption operation is performed, and the .NET program process continues to run. With the method, encryption management can be performed on the .NET program based on modules, thereby providing diversified functions for protecting .NET software. | 08-01-2013 |
20130291083 | WIRELESS SMART KEY DEVICE AND SIGNING METHOD THEREOF - The disclosure discloses a wireless smart key device and signing method thereof. The wireless smart key device includes an online device and an offline device; the online device includes a serial communication interface, a first module and a first wireless receiving and sending module; the offline device includes a second module, a power module, a second wireless receiving and sending module, an information inputting module and an information outputting module. The signing method includes that the online device is powered up, receives transaction information message sent by a host computer and communicates with the offline device; the offline device obtains transaction information, outputs the transaction information, waits for receiving user operation information and receives the user operation information; the offline device communicates with the online device; the online device obtains operation result of processing the user operation; the online device sends corresponding operation result to the host computer. | 10-31-2013 |
20130304779 | METHOD AND DEVICE FOR GENERATING BIG PRIME - The invention discloses a method for generating a large prime number and a system thereof. The method includes Step 1, generating a random number in size corresponding to number of digits input by a user, in which number of digits of the random number is identical to number of digits input by the user; Step 2, obtaining remainders by dividing all prime numbers in a predetermined little prime number table by a current value of the random number so as to form a remainder array; Step 3, determining whether there is a remainder 0 in the remainder array, if yes, going to Step 4; otherwise, going to Step 5; Step 4, updating the random number with a predetermined step, updating remainders in remainder array and going to Step 3; Step 5, checking for whether a current value of the random number is a prime number, if yes, going to Step 6; otherwise, going to Step 4; and Step 6, storing or outputting the current value of the random number. The solution provided by embodiments of the invention reduces primality test times, and thus saves time of generating a large prime number. | 11-14-2013 |
20140082709 | DYNAMIC PASSWORD AUTHENTICATION METHOD AND SYSTEM THEREOF - The present invention discloses a dynamic password authentication method and a system thereof. The method comprises: a server receives first information sent from the client, generates second information according to the first information, sets every transmission bit in the second information to be in corresponding brightness status or color status to obtain a third information and sends it to a client; the client transforms the third information into impulse optical signal and outputs it; a dynamic password device transforms the impulse optical signal into intermediate information, extracts part or all of it and transforms it into display information; the dynamic password device receives trigger information, generates a first dynamic password; the server generates a second dynamic password or a set of second dynamic passwords and verifies whether the first dynamic password is legitimate by it. Security of authentication is improved by the present invention. | 03-20-2014 |
20140082710 | METHOD FOR AUTHENTICATING AN OTP AND AN INSTRUMENT THEREFOR - A method for authenticating an OTP (one time password) and an instrument therefor, in which the method includes determining whether the OTP token is authenticated successfully, if the OTP token is not authenticated successfully, setting size of an authentication window to be a first predetermined time length and authenticating the obtained OTP according to the authentication window; if the OTP token is authenticated successfully, determining whether the interval between the authentication success time and the current system time is longer than a second predetermined time length, if yes, setting size of the authentication window to be a third predetermined time length and authenticating the obtained OTP according to the authentication window and the authentication success time, in which the third predetermined time length is shorter than the first predetermined time length; otherwise, setting size of the authentication window to be a fourth predetermined time length and authenticating the obtained OTP according to the authentication window and the authentication success time, in which the fourth time length is shorter than the third predetermined time length. The invention can ensure both the authentication success rate and the authentication security. | 03-20-2014 |
20140101747 | SYSTEM AND METHOD FOR COMMUNICATION BETWEEN DYNAMIC TOKEN AND TOOL - The present invention relates to the field of information security. Disclosed are a system and method for communication between a dynamic token and a tool, the system comprising a tool part and a dynamic token part; the tool part comprises a control module and a tool radio frequency communication module; the dynamic token part comprises an MCU and liquid crystal module and an OTP radio frequency communication module. The method comprises: the tool part transmits a modulated wake-up command signal to the dynamic token part in the form of an electromagnetic wave; when a wake-up response command signal returned by the dynamic token part is correctly received, the tool part transmits the modulated command signal to the dynamic token part in the form of an electromagnetic wave; and the tool part detects the amplitude variation of the generated carrier signal, judges whether the response signal is correctly received, and operates correspondingly. | 04-10-2014 |
20140115339 | METHOD AND APPARATUS FOR SERIAL DEVICE REGISTRATION - Disclosed in the present invention are a method and apparatus for serial device registration. Said method comprises: a first serial device establishes connection with a second serial device; the first serial device reports the device attribute information of the first serial device to the second serial device, so as to initiate the process of registering the first serial device in the second device; in the registration process, after receiving the request of asking for signature certificate from the second serial device, the first serial device sends a first signature certificate to the second serial device; computing the received first challenge code returned from the second serial device, and obtaining a first signature value; sending the first signature value to the second serial device, so as to authenticate the first signature value by the second serial device and return the authentication result to the first serial device; after the authentication, the first serial device accomplishes the registration in the second serial device. The present invention solves the problem of lacking security authentication mechanism at the time of registering, thus improving communication security. | 04-24-2014 |
20140185799 | METHOD FOR GENERATING LARGE PRIME NUMBER IN EMBEDDED SYSTEM - A method for generating a large prime number in an embedded system, comprising: (1) setting all identifiers in an identifier group in a first storage area; generating and storing a random number with preset bit length in a third storage area; modulizing the data in the third storage area by using the data stored in the storage unit of a second storage area as a modulus; determining the serial number of the identifier to be reset in the identifier group according to the modulized value and the data in the storage unit corresponding to the modulized value; and resetting the identifier corresponding to the serial number; (2) judging whether a set identifier exists in the identifier group, if yes, then executing step (3); otherwise, returning to step (1); and (3), determining a number to be detected according to the random number and the serial number of the set identifier in the identifier group; detecting the primality of the number to be detected; if the number to be detected passes the primality detection, then outputting the number to be detected; and if the numbers to be detected corresponding to all the set identifiers in the identifier group fail to pass the primality detection, then returning to step (1). The present method has high efficiency and is suitable for an embedded system. | 07-03-2014 |
20140201395 | USB KEY AND A METHOD FOR COMMUNICATION BETWEEN THE USB KEY AND A TERMINAL - A USB Key and a method for communication between the USB Key and a terminal are provided, of which the USB Key includes an interface module, a power module and an MCU module. The MCU module is configured to make initialization setting after power on, check for power level status of each mode pin in the MCU module, and in case of the power level status conforms to a first predetermined condition, set the pin for serial interface communication in the MCU module to a high impedance state, configure a USB function, receive a request for enumerating the device being initiated by a terminal connecting to the interface module, and after enumeration, perform USB communication with the terminal; and in case that the power level status conforms to a second predetermined condition, set a pin for performing USB communication in the MCU module to high impedance state, set the serial interface function, initiate a request for enumerating the device to the terminal connecting to the interface module, and after enumeration, perform a serial-interface communication with the terminal. The USB Key in the invention is able to be compatible with a USB interface and a serial interface. | 07-17-2014 |
20140208403 | METHOD FOR IDENTIFYING PULSE OPTICAL SIGNAL AND DEVICE THEREOF - The invention provides a method for identifying pulse optical signal, including: a. receiving first trigger information; b. collecting and identifying pulse optical signal with a predetermined method to obtain a unit of data; c. parsing the unit of data and determining type of it, if the unit of data is a unit of data representing header information, step d is executed; or if the unit of data is other type of unit of data, step b is executed; d. going on collecting and identifying pulse optical signal with the predetermined method to obtain a unit of data; e. determining whether all units of data corresponding to the unit of data representing the header information is received; f. packeting the unit of data representing the header information with all corresponding units of data into a group of data packets. The invention converts the pulse optical signal into bits, packets and converts the bits into a data packet, and receives the photosensitive-transfer information which accelerates the process of obtaining required data by a signal identifying device. | 07-24-2014 |
20140223524 | KEY UPDATING METHOD AND SYSTEM THEREOF - A key updating method and system are provided. In the method, (1) a back-end authentication system receives a current dynamic password generated by a dynamic token and authenticates the current dynamic password, and if the authentication succeeds, generates key updating information and goes to (2); (2), the back-end authentication system generates a first updating key according to the key updating information and a first initial key stored therein and copies the first updating key to a buffer of the first initial key; the dynamic token obtains and authenticates the key updating information, and if the authentication succeeds, generates a second updating key according to the key updating information and a second initial key stored in the dynamic token and copies the second updating key to a buffer of the second initial key; or if authentication fails, quits the key updating. The solution avoids risk incurred by accidental key leakage. | 08-07-2014 |
20140298029 | CONTACTLESS SEED PROGRAMMING METHOD AND SYSTEM THEREOF - The invention discloses a contactless seed programming method, belonging to information security field. In the method, a seed programming device obtains a token ID of a dynamic token, obtains corresponding first seed data according to the token ID, communicates with the dynamic token contactlessly, obtains first seed data from the dynamic token, decrypts the first seed data so as to obtain second seed data, encrypts the second seed data with the first data so as to obtain third seed data and sends the third seed data to the dynamic token; and the dynamic token decrypts the seed and updates seed stored in itself. By the invention, programming operation is simplified and programming efficiency is improved by communicating with the dynamic token contactlessly and security is ensured by transferring the encrypted seed during communication between the programming device and the token. | 10-02-2014 |
20140324926 | METHOD FOR SMART CARD TO PROCESS CAP FILE - A method for a smart card to process a CAP file, including the following steps: a smart card establishing a connection with an external terminal, performing initialization, receiving an APDU command corresponding to a CAP file, storing the data contained in the APDU command in a communication cache area, judging the value of a first state flag bit of the card, and performing different operations with respect to the value of a different second state flag bit. The method for a smart card to process a CAP file provided herein can effectively utilize the storage resources of a smart card and improve the download speed of the CAP files and ensure the integrity of the contents in the CAP files and the smart card. | 10-30-2014 |