Communication system and communication method based on hardware security module

A technology of a hardware security module and a communication system, which is applied in the communication field of secure communication based on the hardware security module, can solve the problems of cumbersome encryption and decryption verification code, increase the difficulty of development and maintenance, and be easily intercepted and attacked, and achieve fast compatibility. , The effect of the program is easy to use and easy to maintain

Active Publication Date: 2018-05-25
上海慧银信息科技有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The purpose of the present invention is, when the socket communication method in the prior art adopts Socket communication without any encryption, its data is transmitted in plain text, and it is easy to be intercepted and attacked during the transmission process, and the encryption and decryption verification code is adopted when encrypted communication More cumbersome technical issues that increase the difficulty of development and maintenance. Provide a communication system and method based on hardware security modules to prevent data from being stolen by illegal users and ensure safe transmission of information on the Internet; it can prevent device certificates from being illegally modified. , to ensure the security of the private key of the device

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Communication system and communication method based on hardware security module
  • Communication system and communication method based on hardware security module
  • Communication system and communication method based on hardware security module

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The communication system and communication method based on the hardware security module provided by the present invention will be described in detail below in conjunction with the accompanying drawings.

[0020] refer to figure 2 , a schematic diagram of the architecture of a communication system based on a hardware security module according to the present invention. The system includes a hardware security module 22 and an SSL forwarding server 24 .

[0021] The hardware security module 22 is set on the client 21, and is used to match a corresponding client certificate to the client 21 when called by the client 21. That is, the hardware security module 22 is responsible for securely providing the client certificate to the client 21 .

[0022] A Hardware Security Module (HSM for short) is a physical certificate library, in which multiple private keys, corresponding public keys, and public key certificates corresponding to each public key are stored. Storing the priva...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a communication system and method based on a hardware safety module. The system comprises the hardware safety module and an SSL forwarding server. The hardware safety module is disposed on a client side, and is used to match a corresponding client certificate to the client side when the hardware safety module is called by the client side; the SSL forwarding server is used to perform verification of the client certificate and to negotiate with the client side to obtain a communication private key after the verification is passes, the SSL forwarding server and the client side adopt the communication private key later, communication data of the client side is forwarded to an intranet server to be processes, and data after being processed by the intranet server is fed back to the client side; and the SSL forwarding server and the intranet server are located in the same communication network. The data can be prevented from being stolen by an illegal user, and safe transmission of information on the Internet is guaranteed; and an equipment certificate can be prevented from being illegally modified, and safety the private key of equipment is guaranteed.

Description

technical field [0001] The invention relates to the technical field of communication, in particular to a communication method for secure communication based on a hardware security module. Background technique [0002] The current communication methods between the client and the server mainly include: [0003] a) Socket communication method: Socket is the cornerstone of communication and the basic operation unit of network communication supporting TCP / IP protocol. It is an abstract representation of the endpoint in the network communication process, including five kinds of information necessary for network communication: the protocol used for connection, the IP address of the local host, the protocol port of the local process, the IP address of the remote host, and the protocol of the remote process port. When the application layer communicates data through the transport layer, TCP will encounter the problem of providing concurrent services for multiple application processe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0428
Inventor 金海青张旭东李敏
Owner 上海慧银信息科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products