339results about How to "Ensure communication security" patented technology

The invention provides a chip of a consumable container, which comprises a storage module, a control module, an interface module and a data safety module. The storage module is used for storing initial data, printing data, control data and key data; the interface module is used for realizing data communication between the storage module and the control module; the data safety module is respectively connected with the interface module and the control module, and is used for identifying a type and a content of data communicated between a printer and the chip, encrypting matched data in a selected safe mode and decrypting the data; the control module is connected with the storage module and is used for controlling data communication between the chip and the printer and the access operation of the data of the storage module and external data and sending a corresponding control command to the chip according to a safety module processing result so as to realize data communication; and the same keys are stored in the printer and the chip. The invention also provides a data communication method for the chip, the consumable container with the chip structure, and imaging equipment with the consumable container. The safety of the communication data of the chip can be protected.

The invention provides a method and a device for secure communication in Internet of Things. For communication between devices of any two parties, namely a first device and a second device, in the Internet of Things with interconnected devices of three parties, namely a cloud platform, an intelligent device and a mobile terminal, the first device executes the following steps of carrying out identity validity judgement with the second device through a method for verifying a digital signature of a digital certificate; and communicating with the second device when the first device and the second device both successfully pass through the identity validity judgement. Through adopting the method for verifying the digital certificate to carry out identity authentication on various interconnected intelligent devices in the Internet of Things, and the security control of bidirectional authentication is realized in a process for communication between the intelligent devices, so that the security risks that the devices are counterfeit and the opposite terminal is forged are effectively prevented and the communication security of the intelligent device is guaranteed. After identity authentication, the encrypted communication is carried out, so that the hacking risk is effectively prevented and the communication security is more completely guaranteed.

The invention discloses a method for detecting network anomaly of a wireless sensor based on trust evaluation. The method comprises a monitoring step, a fuzzification step, a DS fusion step, a recommended information processing step, and a determining step. A main process is collecting node behavior characteristics, calculating a trust value thereof through a fuzzy theory and a DS evidence theory, determining node operating states by a judging mechanism, and finding malicious nodes, so that effectiveness of data collected by network is ensured. Through monitoring behavior of evaluated nodes, abnormal nodes existed in the network are detected, and the abnormal nodes are broadcasted to neighbor nodes so as to prevent the abnormal nodes destroy normal operation of the whole network.

The invention provides a signature algorithm for server validation. The signature algorithm includes the following achievement steps: when a WEB front-end server communicates with a background server, a signature is added to a request parameter, character strings are formed through a specific combination of the parameters and are spliced, the finally obtained character strings are subjected to MD5 signature to serve as a communication passing parameter; the signature is recomputed when a server end receives a request, whether the request parameter is consistent with the passing parameter is judged, and if not, it is indicated that the call request is forged or tampered with. Compared with the prior art, the signature algorithm for server validation guarantees safety in the passing process through multi-hierarchy encryption, and guarantees accuracy in the receiving process by using a matched algorithm of the signature algorithm on the server.

The invention discloses a method for ensuring the security of client software. The method comprises the following steps of: 1, downloading the software by using a terminal, and adding terminal identity authentication information into a software packet by using a server; 2, transmitting a binding request to the server by using the terminal; 3, verifying the legality of the binding request, and if the binding request is legal, transmitting a binding success information to the terminal; 4, verifying the legality of the binding success information; 5, transmitting a login request to the server by using the terminal; 6, verifying the legality of the login request, and if the login request is legal, transmitting a login success information to the terminal; and 7, verifying the legality of the login success information, and if the login success information is legal, keeping a session. By the method, the software can be better prevented from being falsified; the security of communication between the terminal and the server can be ensured; replay attacks can be effectively prevented; the software can be detected whether to be falsified or not; and even though a hacker downloads the software and attacks the server by falsifying the software, only the terminal cannot be used normally and the normal use of other users may not be influenced.

The invention discloses a self-supporting lightning-proof optical cable. The self-supporting lightning-proof optical cable comprises a cable core, a covered layer and a suspension wire, wherein the cable core is used for transmitting an optical signal and power; the covered layer is covered with the cable core; and the suspension wire is connected with the covered layer. The covered layer comprises a shielding layer, an outer sheath and a ground layer, wherein the shielding layer shields the cable core; the outer sheath coats the shielding layer; and the ground layer is arranged between the cable core and the shielding layer. The self-supporting lightning-proof optical cable of the invention can prevent communication equipment from being damaged by thunder and lightening, effectively prevent an electromagnetic field generated by the shielding cable from disturbing other communication cable signals and prevent external electromagnetic field from disturbing the cable core.

The invention relates to an Internet of Things security management system. A private key center and an application server perform communication authentication data transmission through a soft shield;the application server side performs mutual communication of key distribution, identity authentication and data encryption with the client control terminal and the Internet of Things terminal at the same time; mutual communication of identity authentication and data encryption is carried out between the client control terminal and the Internet of Things terminal, wherein the private key center comprises a KPC key production assembly, a KMC key management assembly and a key authentication assembly, the application server comprises a security edge computing SDK module and a server application module, and the client control terminal comprises an encryption and decryption security module and a client application module, and the Internet of Things terminal comprises an Internet of Things communication module, a security algorithm module and an SE chip. According to the Internet of Things security management system, only the user is completely autonomous and controllable in the Internet of Things system, the cloud system does not have the authority of directly operating the user equipment, and the Internet of Things control security level can be effectively improved.

The invention discloses an Internet of things home appliance management system and an Internet of things home appliance management method. The system comprises an Internet of things home appliance management platform, a plurality of home modular terminals and various home appliances in which decoding singlechip controllers are arranged. The management method comprises the following steps that: the Internet of things home appliance management platform starts the Internet of things home modular terminals by short messages or in an Internet communication mode, so that two-way communication of home appliance control information between the terminals and the management platform is realized; electric wires which pass through the interior of a home are connected with power line carrier communication interfaces included in the various Internet of things home appliances, so that communication with the decoding singlechip controllers arranged in the networked home appliances is realized; and the decoding singlechip controllers in the home appliances carry out instruction identity identification and matching and translate control instructions sent to the controllers into same address codes of each control key in a monitoring program corresponding to a keyboard controlled by the home appliances, so that direct connection with conventional control functions of each home appliance is realized. A simple, easy and low-cost method is provided for managing requirements of the Internet of things home appliances of different manufacturers.

The invention discloses an access method to realize multimode security identification in WLAN and solve the problem that the selective access into two protocols of IEEE802.11i and WAPI, which comprises: with the compatibility of two protocols and internet distinguishability, integrating the said two protocols with current wireless network card of IEEE802.11b on link layer in TCP/IP protocol by dividing the protocol identification modules of IEEE 802.11 and WAPI into link level and service level for individual integration; finally, with terminal, recognizing network, selecting opposite identification, and adaptive taking a dialogue with a protocol to access network. This invention has strong adaptability, well compatibility and security in WLAN access.

The invention relates to an end-to-end speech encryption method which includes the steps that a first mobile terminal in the conversation mode receives the key information sent by the key management server through a short message and establishes an encryption conversation channel with a second mobile terminal which is the other end of the conversation and receives the key information; when the encryption channel is established, the first mobile terminal has the encrypted conversation with the second mobile terminal according to the key information. The invention also relates to an end-to-end speech encryption device and a system. The called and calling parties in the conversation mode receive the key information sent by the key management server through short messages and realize the encrypted conversation according to the key information so that the end-to-end conversation encryption processing is realized and the communication security is guaranteed; besides, the short message mode has the advantages of simple realization and easy implementation.

The present invention relates to a data transmission method in an internet of things. Data is transmitted between terminals in an internet of things environment; a transmit end sends original data to network data transmission devices; the network data transmission devices sequentially add a digital signature to each piece of data; and the final network data transmission device verifies all digital signatures of the received data, determines that the data is from the transmit end through a set path, and then sends the original data to a receive end. The present invention further provides a data transmission system in the internet of things and a data transmission apparatus in the internet of things. The data is singed when passing each hardware device in transmission, a later receiving device can verify the signature, so that multiple nodes on one communication chain are managed safely and effectively, the whole communication chain is ensured to communicate safely, and a non-credit person is prevented from intruding and controlling the device.

The invention relates to an anti-quantum-computing key negotiation method based on asymmetric key pools. The method includes a group. The group includes a plurality of use ends. The key pools are stored in quantum key cards configured for all the use ends, and include private key pools of the current parties and public key pools of the other members of the group. Equal negotiation keys are obtained through interaction of parameters of all the parties and the key pools of the current parties, and then key negotiation of every two terminals is realized. The quantum key card are independent hardware isolation equipment, greatly reduces possibility of stealing the keys by malicious software or malicious operations, and also cannot be obtained and cracked by quantum computers; and in the group,an asymmetric key exchange manner is adopted to realize key negotiation between objects, key sharing of two communication parties is realized, other objects cannot get corresponding shared keys, andcommunication security of the two communication parties in the group is guaranteed.

The invention discloses a sensor network distributed access control method capable of protecting user privacy. The method comprises the following steps: broadcasting a pre-established group access list pool to all of the network users by a network owner, and loading the group access list pool in all of sensor nodes; generating request information and ring signature information by a network user when the network user proposes an access requirement, transmitting the request information and the ring signature information to a sensor node to be accessed, wherein the request information includes a user random number; after the sensor node to be accessed receives the request information and the ring signature information, checking the request information according to the group access list pool to determine whether the request information is valid; refusing the request information if the request information is invalid; and determining whether the ring signature information is correct by the sensor node if the request information is valid, if correct, transmitting the data requested by the network user to the network user via the sensor node, otherwise, refusing the request information.

The invention discloses an information protection method and device based on a link layer discovery protocol. The information protection method includes the steps that a home terminal device organizes self-carried information to form a plurality of different TLV messages, encapsulates the TLV messages into a data unit of the link layer discovery protocol to form LLDP messages, draws out LLDPDU fields encapsulated in the LLDP messages, carries out encryption on the TLV messages in the LLDPDU fields, and sends the encrypted cryptographs to a neighbor device adjacent to the home terminal device; the neighbor device decrypts the cryptographs, and carries out further analysis on the received LLDP messages to finish information interaction. According to the information protection method and device, an encryption method for both communication parties of a LLDP protocol is introduced, the information protection method and device ensure communication safety of the LLDP protocol, enable the device for operating the LLDP protocol to be not easily influenced by hostile attacks from the Internet and other aspects, and improve the safety of protocol operation.

The invention provides an inter-application communication method of an online application platform. The inter-application communication method comprises the following steps: a client side of the online application platform starts an application and creates an application process according to a predetermined communication protocol; the processable message type of the application is recorded; when inter-application communication is carried out, a message from a sender application is received and delivered into a message queue of one application process corresponding to a receiver application; the application process corresponding to the receiver application monitors and processes the message in the message queue; and when the sender application or the receiver application quits, the application process is destroyed. The invention also provides a client side of the online application platform and an application process manager of the online application platform, wherein the client side comprises multiple applications and an application process manager; and the application process manager of the online application platform comprises a process creating interface, a process message sending interface and a process destroying interface. The introduced user participation and authorization procedures due to a safety factor in information transmission are avoided fundamentally.

Embodiments of the invention disclose a method and device for security authentication. The method comprises the following steps: performing password authentication with a server based on a transmittedpassword authentication message to obtain a password authentication result; sending an authentication request message to the server when determining that the password authentication result characterizes password authentication success; and performing security authentication by the way of digitally signing all interaction messages through the server, and performing digital signature verification through the client, or by way of performing public key encryption by the client on the local random numbers and all the interaction messages, and verifying the random numbers returned by the server. Thus, the identity correctness of both communication parties is ensured by the way of combining the password authentication with digital signature, or combining the password authentication with public key encryption, thereby avoiding network attacks such as message leakage and malicious information tampering during the communication, improving the reliability of network authentication, and guaranteeing the user's communication security.

The invention discloses a vehicle node certificate updating method based on a Vehicle to X (V2X) network. A vehicle node applies for an updated certificate from a PKI (Public Key Infrastructure) system via a roadside node; the PKI system sends part of private keys to the vehicle node; the vehicle node generates a new public key and a new private key using the part of private keys and part of private keys generated per se, generates a certificate using the new private key, and sends the certificate to the PKI system; the PKI system verifies the validity and the accuracy of the certificate; and after the certificate passes the verification, the PKI system updates the certificate of the vehicle node using the public key generated by the vehicle node, and issues the updated certificate to the whole network. The updated certificate, the new public key and the new private key are all generated using part of private keys of the PKI system and part of private keys of the vehicle node, and only the vehicle node has node private keys, so the information issued by the vehicle node can be effectively prevented from being decrypted by the PKI system, and the security and the non-repudiation of communication of the vehicle node in the V2X network are guaranteed.