Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and system for implementing data security protection in application communication

A technology for protecting data and implementing methods, applied in the field of information security, can solve problems such as replay attacks, potential safety hazards, and easy leakage of sensitive information, and achieve the effects of strengthening security, increasing security, and preventing sensitive information from leaking

Active Publication Date: 2021-03-16
FEITIAN TECHNOLOGIES
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] In the existing technology, the communication data between the IC card and the terminal is transmitted in plain text, which is easily intercepted by illegal users, and there is a great security risk
At present, Bluetooth cards and wearable payment devices are more and more widely used. Compared with the communication distance of standard IC cards, Bluetooth cards have a longer communication distance (such as 10 meters), sensitive information is easy to leak, and data is easy to be tampered with. Replay attack, so it is necessary to establish an encryption mechanism to ensure the security of data in the communication between the Bluetooth card or wearable device and the terminal

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for implementing data security protection in application communication
  • A method and system for implementing data security protection in application communication
  • A method and system for implementing data security protection in application communication

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0063] Embodiment 1 of the present invention provides a method for implementing data security protection in application communication, such as figure 1 shown, including:

[0064] Step S1: The terminal selects the corresponding application by sending an application selection instruction to the Bluetooth card;

[0065] In this embodiment, step S1 includes:

[0066] Step S1-0: the terminal sends a selection application command to the Bluetooth chip in the Bluetooth card;

[0067] Step S1-1: The Bluetooth chip judges whether the sending sequence counter in the selection application command is abnormal, and if so, returns the third encapsulation result including an error status code to the terminal, and executes step S1-4; otherwise, parses the selection application command and converts the first 3. The analysis result is sent to the security chip in the Bluetooth card;

[0068] Specifically, the parsing of the selection application command in step S1-1 is specifically: the Blue...

Embodiment 2

[0121] Embodiment 2 of the present invention provides a method for implementing data security protection in application communication, such as figure 2 shown, including:

[0122] Step 200: the terminal sends an application selection instruction to the Bluetooth chip in the Bluetooth card;

[0123] In this embodiment, the terminal sends the selection application instruction to the Bluetooth chip by calling the writeCharacteristic interface of the BluetoothGatt class; specifically, the selection application instruction includes the working mode, the sending sequence counter, the command code, the command length, the command data field, the byte checksum;

[0124] For example, the selection application command in this embodiment is 01 00 0B 01 01 04 00 0C 00A4 04 0007A0 00 00 03 33 01 01 0E; wherein, 01 is the working mode, indicating that the Bluetooth card is a contact smart card operation mode; 0B 01 is The value of the sending sequence counter, the initial value of the sen...

Embodiment 3

[0204] Embodiment 3 of the present invention provides a system for implementing data security protection in application communication, including a terminal 3 and a Bluetooth card 4; the Bluetooth card 4 includes a Bluetooth chip 40 and a security chip 41;

[0205] Terminal 3 includes:

[0206] The sending selection module 301 is used to provide the bluetooth card 4 to send the selection application instruction to select the corresponding application;

[0207] The first obtaining module 302 is used to obtain the terminal random number from the background server;

[0208] The first encapsulation module 303 is configured to encapsulate the updated sending sequence counter and the APDU instruction containing the terminal random number into a secure channel initialization instruction, and the initial value of the sending sequence counter is a random number;

[0209] The first sending module 304 is used to send the security channel initialization instruction of the first packaging ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an implementation method and system for protecting data security in application communication. The method comprises the following steps: the terminal sends a secure channel initialization instruction to the Bluetooth chip of the Bluetooth card; the Bluetooth chip parses the secure channel initialization instruction to obtain an APDU instruction, and transmits the instructionto the security chip of the Bluetooth card; the security chip generates a new APDU instruction, sends the instruction to the Bluetooth chip for encapsulation, and then sends the instruction to the terminal; the terminal parses the encapsulation result and sends the parsing result to the background server for verification; the terminal sends the secure channel authentication instruction to the Bluetooth chip when the verification is successful; the Bluetooth chip parses the secure channel authentication command to obtain the APDU instruction, and sends the instruction to the security chip forverification; the Bluetooth chip encapsulates the verification result of the security chip and sends the result to the terminal; and if the terminal determines that the encapsulation result is legal,the terminal and the Bluetooth card use a secure channel process key to encrypt the interactive data there-between for communication.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method and system for implementing data security protection in application communication. Background technique [0002] In the prior art, the communication data between the IC card and the terminal is transmitted in plain text, which is easily intercepted by illegal users, and there is a great security risk. At present, Bluetooth cards and wearable payment devices are more and more widely used. Compared with the communication distance of standard IC cards, Bluetooth cards have a longer communication distance (such as 10 meters), sensitive information is easy to leak, and data is easy to be tampered with. Replay attacks, so it is necessary to establish an encryption mechanism to ensure the security of data in the communication between the Bluetooth card or wearable device and the terminal. Contents of the invention [0003] The object of the present invention is to provide...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L29/06
CPCH04L9/0869H04L9/0897H04L63/0428H04L63/083H04L63/12H04L2212/00
Inventor 陆舟于华章
Owner FEITIAN TECHNOLOGIES