Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for identity verification of digital certificate based on TEE (Trusted Execution Environment)

An identity verification method and digital certificate technology, applied in digital transmission systems, user identity/authority verification, transmission systems, etc., can solve the problems of insecure, unstable, and low-level identity authentication methods

Active Publication Date: 2016-03-23
神州融安数字科技(北京)有限公司
View PDF2 Cites 54 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] In view of this, the technical problem to be solved by this application is that the existing identity authentication methods are insecure, unstable, inconvenient and low in compatibility

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for identity verification of digital certificate based on TEE (Trusted Execution Environment)
  • Method and system for identity verification of digital certificate based on TEE (Trusted Execution Environment)
  • Method and system for identity verification of digital certificate based on TEE (Trusted Execution Environment)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0084]An identity verification method based on a TEE digital certificate, comprising a terminal 2 pre-configured digital certificate system 1, a digital certificate signature process and a digital certificate verification process, characterized in that the terminal 2 has a TEE, and the digital certificate signature process , performed on the terminal 2, used to sign the user request using a digital certificate private key, the digital certificate verification process is used to authenticate the identity of the user requesting, and the authentication method includes verifying the legality of the digital certificate and Validity, integrity and correctness of the signature; wherein, the digital certificate signing process is performed under the TEE.

[0085] The user request specifically includes an application request of the client, and the application request needs to be authenticated. The digital certificate system 1 is located in the terminal 2TEE, TEE is the abbreviation of ...

Embodiment 2

[0090] An identity verification method based on a TEE digital certificate, comprising a terminal 2 pre-configured digital certificate system 1, a digital certificate signature process and a digital certificate verification process, characterized in that the terminal 2 has a TEE, and the digital certificate signature process , performed on the terminal 2, used to sign the user request using a digital certificate private key, the digital certificate verification process is used to authenticate the identity of the user requesting, and the authentication method includes verifying the legality of the digital certificate and Validity, integrity and correctness of the signature; wherein, the digital certificate signing process is performed under the TEE.

[0091] like figure 1 As shown in the flow chart of the digital certificate signing process in the embodiment of the present application, the client is an internal application client of the terminal 2, and the internal application c...

Embodiment 3

[0101] An identity verification method based on a TEE digital certificate, comprising a terminal 2 pre-configured digital certificate system 1, a digital certificate signature process and a digital certificate verification process, characterized in that the terminal 2 has TEE and REE, and the digital certificate The signature process is performed on the terminal 2, and is used to generate a digital certificate for the user request, and the digital certificate verification process is used to authenticate the identity of the user requesting, and the authentication method includes the digital certificate; wherein the digital certificate The system 1 is located in the terminal 2TEE, and the digital certificate signing process is performed under the TEE.

[0102] The client is an external application client of the terminal 2, and the digital certificate signing process includes:

[0103] Step ①: The digital certificate system 1 securely stores user identity information, root CA cer...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for identity verification of a digital certificate based on a TEE (Trusted Execution Environment). The method comprises pre-configuration of a digital certificate system through a terminal, a digital certificate signature process and a digital certificate signature verification process. The method is characterized in that the terminal is provided with the TEE; the digital certificate signature process is carried out on the terminal and is used for utilizing a private key of the digital certificate to sign for a user request; the digital certificate signature verification process is used for authenticating identity of a requested user, and the authentication method comprises verification of validity and effectiveness of the digital certificate and integrity and correctness of the signature, wherein the digital certificate signature process is carried out under the TEE; the sensitive information, such as a user key, identity information, biological characteristic information and password information, is stored through a secure storage module, so that the problems that the signature process is carried out in REE and the sensitive information of the user is stored under the REE environment to cause privacy disclosure and stolen hidden danger of property in the prior art are avoided.

Description

technical field [0001] This application relates to the field of information technology, in particular, to a TEE-based digital certificate identity verification method and system. Background technique [0002] PKI is the abbreviation of PublicKeyInfrastructure, that is, public key infrastructure. It is a system or platform that provides asymmetric encryption and decryption and digital signature verification services. The purpose is to manage keys and digital certificates. PKI is a standard-compliant technology and specification that uses public key encryption technology to provide a set of security basic platforms for the development of e-commerce and e-government. [0003] In order to improve the identity authentication security of online banking, telephone banking, online securities, telephone securities, online shopping, online games and other network application systems, various industries and enterprises have launched PKI, OTP, Identity authentication systems such as bi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32
CPCH04L9/3231H04L9/3249H04L9/3263
Inventor 李登峰
Owner 神州融安数字科技(北京)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products