649results about How to "Without compromising security" patented technology

An electronic system providing banking services, comprises a server having a first interface for communication with user mobile telephony devices over a mobile telephone network; and a second interface for communication with an intermediary acting as a gateway to banking records of multiple banking organisations. The first interface is adapted to allow at least balance enquiry requests to be submitted to one of the multiple banking organisations by means of the intermediary and to provide at least balance enquiry replies for display on the user mobile telephony device. The invention provides the functions of the high street ATM using the mobile phone environment.

Embodiments provided herein include techniques for enabling a mobile device to communicate with smart media in a manner that can sidestep the secure element of the mobile device—and the costs associated with it. The mobile device can communicate with the smart media using near-field communication (NFC) by creating an encrypted connection with a remote computer while bypassing a secure element of the mobile device. This allows the mobile device to provide point-of-sale (POS) functionality by reading and/or writing to the smart media, without compromising the security of the smart media.

An apparatus having a bill validator. The apparatus having a storage area within a housing. The bill validator operable to input bills into the storage area. The bill validator being removable secured within the housing. The removable bill validator permitting the bill validator to be removed from the housing for servicing without comprising security of the storage area.

Techniques for portable devices functioning as an electronic purse (e-purse) are disclosed. According to one aspect of the invention, a mechanism is provided to enable a portable device to conduct transactions over an open network with a payment server without compromising security. In one embodiment, a device is loaded with an e-purse manager. The e-purse manager is configured to manage various transactions and functions as a mechanism to access an emulator therein. The transactions may be conducted over a wired network or a wireless network. A three-tier security model is contemplated to support the security of the transactions from the e-purse. The three-tier security model includes a physical security, an e-purse security and a card manager security, concentrically encapsulating one with another. Security keys (either symmetric or asymmetric) are personalized within the three-tier security model.

The invention belongs to the technical field of mobile platform access control, and particularly discloses an immediate access conferring method aiming at low interference of a mobile platform. According to the fact that a system call interceptor is designed and achieved on the interior of a mobile platform operating system, direct access of application programs on the mobile platform to sensitive resources can be effectively intercepted. According to the fact that communication information among courses is recorded in operating system nucleus, the fact that the application programs indirectly access the sensitive resources through open interfaces of other application programs can be effectively controlled, and therefore all standing of access of the sensitive resources is achieved. According to the immediate access conferring method aiming at the low interference of the mobile platform, safety is guaranteed, most of harmless access can be filtered at the same time, for tiny minority of access possibly triggering the safe problems, access information can be immediately provided for a user so as to help the user to make correct access conferring.

The invention discloses a method and a system for extended use of quantum keys in an IPSec VPN (internet protocol security-virtual private network) system. The IPSec VPN system comprises at least two IPSec VPN gateways including an initiating IPSec VPN gateway and a responding IPSec VPN gateway as well as corresponding quantum key management terminals. The method comprises steps as follows: through parallel processing of negotiation of the quantum keys and IKE (internet key exchange) negotiated keys, the quantum keys are taken as first session keys for preferential use, and the IKE negotiated keys are taken as second session keys for safety communication. Besides, the invention further provides the corresponding IPSec VPN gateway, the quantum key management terminals and the IPSec VPN system. The quantum keys are taken as the session keys through extended use, so that the session key updating frequency is greatly increased and the safety communication performance of conventional IPSec VPN is guaranteed under the condition that an original IPSec VPN is compatible.

The invention discloses a crypto chip system for resisting physical invasion and side-channel attack and an implementation method thereof. The system comprises a dynamic key management module, a nonvolatile memory module and a trust management end. The invention also discloses an implementation method for the system, which comprises the following steps: (1) initializing, (2) key calling counting and starting; (3) key generation and recovery; (4) closing; and (5) opening. The key is dynamically extracted from a physically no-cloning key module, the trust management end is introduced, and the steps in the implementation method are combined, so that the nonvolatile memory of the chip has the capacity for resisting physical invasion and attack. The application number of times of each key is counted to implement forced updating after reaching the specified value, so that the side-channel attacker can not collect the same key to adequately reveal the sample, and thus, the side-channel attack becomes invalid.

The invention discloses an access control method for a virtual machine system. A virtual machine is arranged in a system to serve as a manager virtual machine, and other virtual machines serve as client virtual machines. An access control module is arranged in the manager virtual machine and used for performing access control over the client virtual machines according to the information of the client virtual machines, and an access control proxy module is arranged in a virtual machine monitor and used for receiving access request information of the client virtual machines and forwarding the access request information to the access control module. By the technical scheme, the scale of the virtual machine monitor is not increased, the safety of the virtual machine monitor is not reduced, the access control over the virtual machines can be performed, the access of the virtual machines to physical resources can be effectively controlled, and safety threat such as attack and communication among the virtual machines and service rejection in the virtual machine system can be avoided.

The invention provides a method for authenticating identification among peer-to-peer nodes in a P2P network. Each peer-to-peer node in the P2P network has a certificate which is acquired when a user node logs on the network through a certificate server, and the certificate comprises an encryption result of a private key of the certificate server to a public key of the user node. The method comprises the following steps: a first user node transmits an identification authentication message to a second user node in the network, wherein the identification authentication message comprises a certificate of the first user node and the public key of the first user node; a second user node authenticates identification of the first user node by the identification authentication message, after authentication succeeds, the identification authentication message is returned to the first user node, wherein the identification authentication message comprises a certificate of the second user node and the public key of the second user node; and the first user node authenticates the identification of the second user node by the identification authentication message returned by the second user node, and if the authentication succeeds, identification authentication between two user nodes succeeds.

The invention discloses a dual authentication method for SSH safe login. The method includes the following steps: a client sends a user name and a password or certificate, and a user uses the user name and the password or certificate to log in a managed SSH authentication server; if the user name and the password or certificate are valid, the SSH authentication server returns a two-dimensional code to be displayed on the client; the user uses an intelligent terminal to scan the two-dimensional code displayed on the client; the intelligent terminal generates signature information for a login session of this time to a two-dimensional verification server or the SSH authentication server through the two-dimensional code, a built-in certificate and a hardware token thereof; and the SSH authentication server verifies whether the signature information is correct, and if the signature information is correct, the SSH authentication server logs in successfully. The dual authentication method for SSH safe login has the beneficial effects that a secondary authentication process based on a two-dimensional code is added, and two-dimensional code information is leaked, is unique and cannot be repetitive, thereby greatly improving security of login verification of the SSH authentication server, and preventing the problem of identity theft caused by user password loss.

The invention discloses a modified self-insulating composite external wall material, and belongs to a gypsum building material. The material comprises the following components in percentage by weight: 75 to 84 percent of gel material, 0.2 to 1.5 percent of heat insulating material, 3 to 6 percent of modifying agent and 12 to 18 percent of water; the gel material consists of gypsum, fly ash, cement and lime, wherein the gypsum and the fly ash are in the majority; the heat insulating material is one or more of polyphenyl granules, rice hulls, straws, saw dust and expanded perlite; and the modifying agent is a common salt compound or a mixture of the common salt compound, aluminum powder and polyvinyl chloride (PVC) latex powder. The external wall material for manufacturing external wall building blocks or external wallboards by optimized proportion and modification treatment remarkably improves the comprehensive performance of water prevention, heat insulation, shock resistance and pressure resistance; and production and construction are convenient, the raw materials are easily obtained, industrial and agricultural byproducts are fully utilized, and environmentally-friendly and energy-saving requirements are met.

The invention discloses a virtual machine system which comprises a management virtual machine, a virtual machine monitor, a client virtual machine and a safety virtual machine. The management virtual machine is used for authenticating the client virtual machine and sending an authenticated result to the virtual machine monitor. The virtual machine monitor is used for transmitting an access request sent from the client virtual machine to the management virtual machine. The authenticated result sent from the management virtual machine is transmitted to the client virtual machine. The authenticated result sent from the client virtual machine is transmitted to the safety virtual machine. According to access permission, physical resources are accessed and an access result is returned to the client virtual machine. The client virtual machine is used for sending the access request and the authenticated result to the virtual machine monitor. The safety virtual machine is used for issuing the access permission of the client virtual machine to the virtual machine monitor. The invention further discloses a safety control method of the virtual machine system. With the system and the method, workload of the virtual machine monitor can be lowered, the access permission of the client virtual machine can be flexibly controlled, and the access of the client virtual machine to the physical resources is effectively controlled.

The invention discloses a system for an escalator and an automatic moving pavement, which comprises all safety switches for detecting deletion of steps, chain fracture of chains, strap breakage of hand straps, skirt panels and the like, an escalator main control device, a plurality of auxiliary control devices and communication buses for connecting all the control devices, wherein a group of contacts of all safety switches is connected with the escalator main control device, when any one safety switch is turned off, the power supply of an escalator driving device is cut off so as to ensure safety. Another group of contacts of the safety switches is connected with the auxiliary control devices for detecting the state of the safety switches. Each auxiliary control device is connected with the main control device through the buses for carrying out data communication. The invention is capable of conveniently carrying out failure detection and control, is easy for system expansion and has low manufacturing cost.

The invention relates to passenger dedicated lines and provides a train-receiving signal control system of a passenger dedicated line railway station. The train-receiving signal control system comprises two station-entering signal machines and an effective station track. Fouling posts are arranged at the two ends of the effective station track correspondingly. A platform section is arranged in the position, corresponding to a platform, of the effective station track and located between the two fouling posts. A departure signal machine is arranged between each fouling post and the platform section. At least parts of passing protective areas are located on first turnout sections on the inner sides of the departure signal machines in the corresponding directions. Successive routes of train-receiving routes are automatically arranged through interlocking equipment, and the tail ends of the successive routes are located on the first turnout sections on the inner sides of the corresponding departure signal machines. According to the improved train-receiving signal control system of the passenger dedicated line railway station, the original travelling safety is not reduced, and meanwhile at least parts of the passing protective areas are arranged on the inner sides of the departure signal machines, so that the distances between the departure signal machines and the fouling posts are shortened, the length of the station track can be decreased, and land and the construction cost are saved.

The invention discloses a luminance-controllable roadway illumination control method and system. Luminance of illumination lamps is dynamically controlled according to factors such as the danger level of a road, the weather, the environment, and positions, advancing directions and speeds of vehicles and pedestrians. High-luminance continuous illumination is conducted on dangerous road sections where accidents easily occur and critical areas with poor public security and is conducted when the severe weather such as the windy weather and the rainy weather exists. For common road sections and time periods, when the vehicles and the pedestrians pass by, illumination is only conducted on the security area in front of the vehicles and the pedestrians and the security area behind the vehicles and the pedestrians, and the illumination lamps outside the security areas are only kept in the pre-working states of the illumination lamps or turned off. According to the method and the system, the requirement for conducting illumination as required is met by dynamically adjusting the luminance, and therefore energy consumption can be well lowered, illumination efficiency is improved, and cost is reduced.

The invention provides a key sharing method and device. The method comprises the steps of decomposing a key k into n mutually different sub-keys by employing a (t, n) threshold algorithm according to preset parameters of a system; adding time stamps and parity check bits to the sub-keys, thereby generating n sub-key interaction information packets; signing the sub-key interaction information packets by employing a second public key and a first private key, thereby generating n signed information packets, and distributing the signed information packets to corresponding sub-key clients; verifying the signed information packets by employing a second private key and a first public key and checking the signed information packets according to the time stamps and the parity check bits, thereby obtaining the sub-keys, and storing the sub-keys in the corresponding sub-key clients; and obtaining the sub-keys stored in at least t sub-key clients, restoring the at least t sub-keys to the key k by employing the (t, n) threshold algorithm, wherein the first private key and the first public key are a mutually matching key pair, and the second private key and the second public key are a mutually matching key pair.

The invention discloses an external internet-of-things smart-phone call-out elevator wireless simulation artificial-triggering device. The device comprises externally arranged button controllers on elevator rooms of all floors, the button controllers comprise button control boxes, the part, on one side of each button control box, of a box body covers corresponding elevator buttons, the part, on the other side of each button control box, of the box body is fixedly installed on a wall, a button touching mechanism is arranged inside the part, on one side of each button control box, of the box body, and a button driving mechanism is arranged inside the part, on the other side of each button control box, of the box body. The button touching mechanisms comprise inner and outer touching buttons, and the outer touching buttons press the elevator buttons through the inner touching buttons in a touching mode. The button driving mechanisms comprise telescopic shafts, transmission rods and cams, wherein the transmission rods are arranged in the left-right direction. Wireless signal receiving and transmitting devices are further arranged inside the box bodies and used for receiving wireless signal instructions and controlling the cams to rotate, and at the maximum eccentric positions of the cams, the telescopic shafts push the inner touching buttons to touch the elevator buttons through the transmission rods. The device is arranged outside the elevator rooms, corresponds to the elevator buttons, is only responsible for controlling the elevator buttons and does not affect safe and normal usage of an elevator.

The invention discloses a door control system and a control management method. The method comprises the following steps of: acquiring a face image of a calling user in advance by using the door control system; identifying the face image of the calling user; and automatically opening the door control after successful identification and when the called user is at home. Compared with the prior art, the door control system adopts different processing modes for an external user who needs to enter the door control system by establishing a personnel association information database and adopting a face identifying technique, so that the external user who needs to access the door control system usually can automatically open the door control when the visited user is at home. The door control system and the control management method have the advantages of improving the user experience of the door control system, facilitating the using of the users and not reducing safety.

The invention discloses a low current grounding wire selection method based on residual current variable, and the method comprises the following steps of: (1) correctly identifying whether an electric distribution network has a single-phase ground fault by adopting the neutral point displacement voltage of the electric distribution network as characteristic quantity; (2) after the ground fault happens, compensating the grounding current of a fault point by virtue of an arc-suppression coil to achieve the effects of reducing the grounding current and extinguishing grounding arc light; (3) adjusting the tap position of a first tap arc-suppression coil on the premise of ensuring that the grounding residual current meets the standard request; (4) because the neutral point displacement voltagebefore and after the tap position adjustment of the arc-suppression coil changes, converting the zero-sequence current of each outgoing line subjected to the tap position adjustment to be below the voltage level before the top position adjustment by utilizing a voltage translation method so as to prevent the wire selection characteristic quantity from being influenced by the neutral point displacement voltage; and (5) selecting the line with the single-phase ground fault according to the change values of the zero-sequence current of each outgoing line after voltage translation before and after the tap position adjustment. The low current grounding wire selection method based on residual current variable can be used for improving the accuracy of wire selection.

A sound control method and device using single push-button to control the speech instruction is disclosed. A speech input unit is used to input the speech instruction information from a user, and convert it to digital information. A speech instruction module can receive the speech instruction information of the speech input unit and compare it with the prestored speech instruction information to generate corresponding speech instruction code and information which are received by a speech control host to control the devices to be controlled. The speech information is converted to the analog signal to generate sound for pilotting the user.