Cross-domain intercom group communication system, method and apparatus, and device and medium

By interacting with a quantum-safe software development kit and a quantum key system, authentication code information is generated and verified, solving the security problem of cross-domain group intercom communication and realizing secure communication between cross-domain intercom terminals.

WO2026138686A1PCT designated stage Publication Date: 2026-07-02CHINA TELECOM QUANTUM INFORMATION TECH GRP CO LTD

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
CHINA TELECOM QUANTUM INFORMATION TECH GRP CO LTD
Filing Date
2025-12-19
Publication Date
2026-07-02

AI Technical Summary

Technical Problem

In existing technologies, cross-domain group intercom communication cannot meet security encryption requirements and cannot achieve cross-domain group intercom communication.

Method used

By employing a quantum-safe software development kit and a quantum key system, authentication code information is generated and verified through the interaction between the first and second intercom terminals, ensuring the security of cross-domain communication.

Benefits of technology

It enables secure communication between cross-domain intercom terminals, ensuring the security and reliability of communication, and allows intercom group terminals in cross-domain quantum resource pools to communicate.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN2025143986_02072026_PF_FP_ABST
    Figure CN2025143986_02072026_PF_FP_ABST
Patent Text Reader

Abstract

Provided in the embodiments of the present application are a cross-domain intercom group communication system, method and apparatus, and a device and a medium. In the present application, a first quantum security software development kit sends to a first quantum key system a key application request for the communication of a group, receives first authentication code information and a key identifier that are sent by means of the first quantum key system, and sends group information of the group, the first authentication code information and the key identifier to a second quantum security software development kit; the second quantum security software development kit sends an identity token of the second quantum security software development kit, the group information, the first authentication code information and the key identifier to a second quantum key system; the second quantum key system determines verified authentication code information; and a second intercom terminal establishes communication with a first intercom terminal by means of the verified authentication code information, such that the first intercom terminal and the second intercom terminal can communication with each other even if they are terminals in an intercom group of a cross-domain quantum resource pool.
Need to check novelty before this filing date? Find Prior Art

Description

A cross-domain intercom group communication system, method, apparatus, device, and medium

[0001] This application claims priority to Chinese Patent Application No. 202411954671.1, filed on December 27, 2024, entitled "A Cross-Domain Intercom Group Communication System, Method, Apparatus, Device and Medium", the entire contents of which are incorporated herein by reference. Technical Field

[0002] This application relates to the field of communication technology, and in particular to a cross-domain intercom group communication system, a cross-domain intercom group communication method, a cross-domain intercom group communication device, an electronic device, and a computer-readable storage medium. Background Technology

[0003] With the development of communication technology, public network intercom group communication provides wide coverage and convenient communication. However, in order to protect the security of communication, encryption technology is used to encrypt communication data during intercom communication. However, the relevant technologies cannot meet the needs of cross-domain group intercom. Summary of the Invention

[0004] In view of the above problems, embodiments of this application are proposed to provide a cross-domain intercom group communication system, a cross-domain intercom group communication method, a cross-domain intercom group communication device, an electronic device, and a computer-readable storage medium that overcome or at least partially solve the above problems.

[0005] To address the aforementioned issues, in a first aspect, embodiments of this application disclose a cross-domain intercom group communication system, characterized in that the system comprises: a first intercom terminal, a second intercom terminal, a first quantum-safe software development kit, a second quantum-safe software development kit, a first quantum key system, and a second quantum key system;

[0006] The first intercom terminal is used to send a call request to the first quantum-safe software development kit;

[0007] The first quantum-safe software development kit is used to receive the call request and, in response to the call request, send a key application request for group communication to the first quantum key system; receive the first authentication code information and key identifier sent by the first quantum key system; and send the group information, the first authentication code information, and the key identifier of the group to the second intercom terminal.

[0008] The first quantum key system is configured to receive the key request, determine the first authentication code information and the key identifier based on the key request, and send the first authentication code information and the key identifier to the first quantum-safe software development kit.

[0009] The second intercom terminal is used to receive group information of the group, the first authentication code information and the key identifier, and send the group information of the group, the first authentication code information and the key identifier to the second quantum security software development kit; receive the verified authentication code information sent by the second quantum key system; and establish communication with the first intercom terminal according to the verified authentication code information.

[0010] The second quantum-safe software development kit is used to receive the group information, the first authentication code information, and the key identifier; and to send the identity token of the second quantum-safe software development kit, the group information, the first authentication code information, and the key identifier to the second quantum key system.

[0011] The second quantum key system is used to receive the identity token of the second quantum-safe software development kit, the group information, the first authentication code information, and the key identifier; determine the verified authentication code information based on the identity token of the second quantum-safe software development kit, the group information, the first authentication code information, and the key identifier; and send the verified authentication code information to the second intercom terminal.

[0012] Optionally, the system further includes: a quantum-safe intercom resource control center;

[0013] The first quantum-safe software development kit (SDK) is configured to receive a call request from a first intercom terminal and, in response to the call request, send a query request to the quantum-safe intercom resource control center; receive the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship from the quantum-safe intercom resource control center; obtain the identity token corresponding to the first quantum-safe software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group; generate a key request for communication of the group based on the identity token corresponding to the first quantum-safe software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the system identifier of the first quantum key system, the system identifier of the second quantum key system, the quantum network node relationship of the group, and the group identifier of the group; and send the key request to the first quantum key system.

[0014] The quantum-safe intercom resource control center is used to receive the query request, determine the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship; and send the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship to the first quantum-safe software development kit.

[0015] Optionally, the system further includes: an intercom service system;

[0016] The first intercom terminal is used to send a group creation application request to the intercom service system; obtain the group identifier of the group sent by the intercom service system; and send a group join request to the second intercom terminal.

[0017] The intercom system is configured to receive the group creation request; create a group according to the group creation request and determine the group identifier; and send the group identifier to the first intercom terminal.

[0018] The second intercom terminal is used to receive the group join request and join the group according to the group join request.

[0019] Optionally, the system further includes: an intercom service system;

[0020] The first quantum-safe software development kit is used to send the group information, the first authentication code information and the key identifier of the group to the intercom service system;

[0021] The docking service system is used to receive the group information, the first authentication code information and the key identifier of the group; and send the group information, the first authentication code information and the key identifier of the group to the second intercom terminal;

[0022] The second intercom terminal is used to receive the group information, the first authentication code information and the key identifier of the group.

[0023] Optionally, the group information of the group includes: the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0024] Optionally, the second quantum key system is used to determine the corresponding quantum key based on the key identifier, and to determine the second authentication code information based on the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier of the group, and the quantum key; and to verify the second authentication code information based on the first authentication code information to obtain the verified authentication code information.

[0025] Secondly, embodiments of this application also disclose a cross-domain intercom group communication method, wherein the method is applied to a first quantum-safe software development kit; the first quantum-safe software development kit is deployed on a first intercom terminal, and the method includes:

[0026] Receive the call request sent by the first intercom terminal, and respond to the call request by sending a key application request for group communication to the first quantum key system;

[0027] The system receives a first authentication code and a key identifier sent by the first quantum key system; the first authentication code and the key identifier are determined by the first quantum key system according to the key application request.

[0028] The group information, the first authentication code information, and the key identifier of the group are sent to the second intercom terminal, so that the second intercom terminal sends the group information, the first authentication code information, and the key identifier to the second quantum-safe software development kit. The second quantum-safe software development kit sends its identity token, the group information, the first authentication code information, and the key identifier to the second quantum key system. The second quantum key system determines the verified authentication code information based on the identity token, the group information, the first authentication code information, and the key identifier of the second quantum-safe software development kit, and sends the verified authentication code information to the second intercom terminal. The second intercom terminal establishes communication with the first intercom terminal through the verified authentication code information. The first intercom terminal and the second intercom terminal are intercom terminals within the same group but operating across different domains. The second quantum-safe software development kit is deployed in the second intercom terminal.

[0029] Optionally, receiving the call request sent by the first intercom terminal and responding to the call request by sending a key application request for group communication to the first quantum key system includes:

[0030] Receive a call request sent by the first intercom terminal, and respond to the call request by sending a query request to the quantum secure intercom resource control center;

[0031] The system receives the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship sent by the quantum secure intercom resource control center; the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship are determined by the quantum secure intercom resource control center according to the query request.

[0032] Obtain the identity token corresponding to the first quantum security software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group;

[0033] Based on the identity token corresponding to the first quantum security software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the system identifier of the first quantum key system, the system identifier of the second quantum key system, the quantum network node relationship of the group, and the group identifier of the group, a key request for communication for the group is generated.

[0034] Send the key request to the first quantum key system.

[0035] Optionally, before receiving the call request sent by the first intercom terminal and responding to the call request by sending a key application request for group communication to the first quantum key system, the method further includes:

[0036] The first intercom terminal sends a group creation request to the intercom service system.

[0037] The first intercom terminal receives the group identifier of the group sent by the intercom service system; the group identifier is determined by the intercom service system based on the group application request when the group is established.

[0038] The first intercom terminal sends a group join request to the second intercom terminal, so that the second intercom terminal joins the group according to the group join request.

[0039] Optionally, sending the group information of the group, the first authentication code information, and the key identifier to the second intercom terminal includes:

[0040] The group information, the first authentication code information, and the key identifier of the group are sent to the second intercom terminal through the intercom service system.

[0041] Optionally, the group information of the group includes: the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0042] Thirdly, embodiments of this application also disclose a cross-domain intercom group communication method, wherein the method is applied to a second quantum-safe software development kit; the second quantum-safe software development kit is deployed on a second intercom terminal, and the method includes:

[0043] The second intercom terminal receives group information, first authentication code information, and key identifier from the first quantum secure software development kit (MSK). The first authentication code information and the key identifier are determined by the first quantum key system based on a key request. The key request is initiated by the first quantum secure software development kit receiving a call request from the first intercom terminal and responding to the call request by sending a key request for communication within the group to the first quantum key system. The first intercom terminal and the second intercom terminal are intercom terminals within the same group that operate across different domains.

[0044] The identity token of the second quantum-safe software development kit, the group information, the first authentication code information, and the key identifier are sent to the second quantum key system;

[0045] The second intercom terminal receives the verified authentication code information determined by the second quantum key system based on the identity token of the second quantum security software development kit, the group information, the first authentication code information, and the key identifier.

[0046] The second intercom terminal establishes communication with the first intercom terminal based on the verified authentication code information.

[0047] Optionally, the group information includes: the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0048] Optionally, the verified authentication code information is obtained by the second quantum key system determining the corresponding quantum key based on the key identifier, determining the second authentication code information based on the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier of the group, and the quantum key, and verifying the second authentication code information based on the first authentication code information to obtain the verified authentication code information.

[0049] Fourthly, embodiments of this application also disclose a cross-domain intercom group communication device, the device being applied to a first quantum-safe software development kit; the first quantum-safe software development kit is deployed on a first intercom terminal, and the device includes:

[0050] The first receiving module is configured to receive a call request sent by the first intercom terminal and, in response to the call request, send a key application request for group communication to the first quantum key system.

[0051] The second receiving module is used to receive the first authentication code information and the key identifier sent by the first quantum key system; the first authentication code information and the key identifier are determined by the first quantum key system according to the key application request;

[0052] A first sending module is used to send group information of the group, the first authentication code information, and the key identifier to a second intercom terminal, so that the second intercom terminal sends the group information, the first authentication code information, and the key identifier to a second quantum-safe software development kit. The second quantum-safe software development kit sends its identity token, the group information, the first authentication code information, and the key identifier to a second quantum key system. The second quantum key system determines verified authentication code information based on the identity token, the group information, the first authentication code information, and the key identifier of the second quantum-safe software development kit, and sends the verified authentication code information to the second intercom terminal. The second intercom terminal establishes communication with the first intercom terminal through the verified authentication code information. The first intercom terminal and the second intercom terminal are intercom terminals within the same group but operating across different domains. The second quantum-safe software development kit is deployed in the second intercom terminal.

[0053] Optionally, the first receiving module includes:

[0054] The first receiving submodule is used to receive the call request sent by the first intercom terminal and respond to the call request by sending a query request to the quantum secure intercom resource control center.

[0055] The second receiving submodule is used to receive the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship sent by the quantum secure intercom resource control center; the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship are determined by the quantum secure intercom resource control center according to the query request.

[0056] The acquisition submodule allows the user to acquire the identity token corresponding to the first quantum security software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0057] The generation submodule is used to generate a key request for communication for the group based on the identity token corresponding to the first quantum security software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the system identifier of the first quantum key system, the system identifier of the second quantum key system, the quantum network node relationship of the group, and the group identifier of the group.

[0058] The first sending submodule is used to send the key request to the first quantum key system.

[0059] Optionally, the device further includes:

[0060] The second sending module is used to send a group establishment application request to the intercom service system through the first intercom terminal;

[0061] The third receiving module is used to receive the group identifier of the group sent by the intercom service system through the first intercom terminal; the group identifier is determined by the intercom service system based on the group application request when the group is established.

[0062] The third sending module is used to send a group join request to the second intercom terminal through the first intercom terminal, so that the second intercom terminal joins the group according to the group join request.

[0063] Optionally, the first transmitting module includes:

[0064] The second sending submodule is used to send the group information of the group, the first authentication code information and the key identifier to the second intercom terminal through the intercom service system.

[0065] Optionally, the group information of the group includes: the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0066] Fifthly, embodiments of this application also provide a cross-domain intercom group communication device, the device being applied to a second quantum-safe software development kit; the second quantum-safe software development kit is deployed on a second intercom terminal, and the device includes:

[0067] The fourth transmitting module is used to receive group information, first authentication code information, and key identifier of a group sent by the first quantum security software development kit through the second intercom terminal; the first authentication code information and the key identifier are determined by the first quantum key system according to a key application request; the key application request is initiated by the first quantum security software development kit receiving a call request sent by the first intercom terminal and responding to the call request by sending a key application request for communication of the group to the first quantum key system; the first intercom terminal and the second intercom terminal are intercom terminals that are cross-domain within the same group;

[0068] The fifth sending module is used to send the identity token of the second quantum-safe software development kit, the group information, the first authentication code information and the key identifier to the second quantum key system;

[0069] The fourth receiving module is used to receive, through the second intercom terminal, the verified authentication code information determined by the second quantum key system based on the identity token of the second quantum security software development kit, the group information, the first authentication code information, and the key identifier;

[0070] The communication module is used to establish communication with the first intercom terminal through the second intercom terminal based on the verified authentication code information.

[0071] Optionally, the group information includes: the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0072] Optionally, the verified authentication code information is obtained by the second quantum key system determining the corresponding quantum key based on the key identifier, determining the second authentication code information based on the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier of the group, and the quantum key, and verifying the second authentication code information based on the first authentication code information to obtain the verified authentication code information.

[0073] Sixthly, this application also discloses an apparatus including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor executes the computer program to implement the steps of the cross-domain intercom group communication method as described above.

[0074] In a seventh aspect, this application also discloses a computer-readable storage medium storing a computer program that, when executed by a processor, implements the steps of the cross-domain intercom group communication method described above.

[0075] The embodiments of this application have the following advantages:

[0076] In this embodiment, the first quantum-safe software development kit first receives a call request from the first intercom terminal, and responds to the call request by sending a key application request for group communication to the first quantum key system. Then, it receives first authentication code information and a key identifier from the first quantum key system. The first authentication code information and key identifier are determined by the first quantum key system based on the key application request. Finally, it sends group information, the first authentication code information, and the key identifier to the second quantum-safe software development kit of the second intercom terminal. The second quantum-safe software development kit then sends its identity token, group information, first authentication code information, and key identifier to the second quantum key system. The quantum key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier from the second quantum-safe software development kit, and sends the verified authentication code information to the second intercom terminal. The second intercom terminal establishes communication with the first intercom terminal using the verified authentication code information. Thus, the second intercom terminal and the first intercom terminal can communicate even if they are terminals in an intercom group within a cross-domain quantum resource pool. Attached Figure Description

[0077] The above and / or additional aspects and advantages of this application will become apparent and readily understood from the description of the embodiments taken in conjunction with the following drawings, wherein:

[0078] Figure 1 is a flowchart of a cross-domain intercom communication method provided in an embodiment of this application;

[0079] Figure 2 is a structural block diagram of a cross-domain intercom terminal provided in an embodiment of this application;

[0080] Figure 3 is a flowchart of the steps for establishing a cross-domain intercom group according to an embodiment of this application;

[0081] Figure 4 is a flowchart of another cross-domain intercom communication method provided in an embodiment of this application;

[0082] Figure 5 is a flowchart of another cross-domain intercom communication method provided in an embodiment of this application;

[0083] Figure 6 is a structural block diagram of a cross-domain intercom group communication system provided in an embodiment of this application;

[0084] Figure 7 is a structural block diagram of a cross-domain intercom group communication device provided in an embodiment of this application;

[0085] Figure 8 is a structural block diagram of another cross-domain intercom group communication device provided in an embodiment of this application;

[0086] Figure 9 is a schematic diagram of the structure of a computing processing device for a cross-domain intercom communication method proposed in an embodiment of this application;

[0087] Figure 10 is a schematic diagram of the structure of a computer program for a cross-domain intercom communication method proposed in an embodiment of this application. Detailed Implementation

[0088] To make the above-mentioned objectives, features and advantages of this application more apparent and understandable, the application will be further described in detail below with reference to the accompanying drawings and specific embodiments.

[0089] In related technologies, although encryption technology is used to encrypt communication data to protect communication security, it cannot meet the needs of cross-domain group intercom. To solve the above-mentioned technical problems, this application provides a cross-domain intercom group communication system. A first intercom terminal is used to send a call request to a first quantum-safe software development kit (SDK). The first quantum-safe SSD is used to receive the call request and, in response, send a key request for group communication to a first quantum key system; receive first authentication code information and a key identifier sent by the first quantum key system; and send group information, first authentication code information, and a key identifier to a second intercom terminal. The first quantum key system is used to receive the key request and determine the first authentication code information and key identifier based on the key request; and send the first authentication code information and key identifier to the first quantum-safe SSD. The second intercom terminal is used to receive the group information, first authentication code information, and key identifier, and... The system sends the first authentication code information and key identifier to the second quantum secure software development kit; receives the verified authentication code information sent by the second quantum key system; establishes communication with the first intercom terminal based on the verified authentication code information; the second quantum secure software development kit is used to receive group information, the first authentication code information, and the key identifier; sends the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit to the second quantum key system; the second quantum key system is used to receive the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit, determine the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit; and sends the verified authentication code information to the second intercom terminal. Thus, the second quantum secure key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit. The second intercom terminal establishes communication with the first intercom terminal through the verified authentication code information, thereby enabling the first intercom terminal and the second intercom terminal to communicate even if they are terminals in a cross-domain quantum resource pool intercom group.

[0090] Referring to Figure 1, a flowchart of a cross-domain intercom communication method provided in an embodiment of this application is shown. The method is applied to a first quantum-safe software development kit; the first quantum-safe software development kit is deployed on a first intercom terminal, and the method may specifically include the following steps:

[0091] Step 101: Receive the call request sent by the first intercom terminal, and respond to the call request by sending a key application request for group communication to the first quantum key system.

[0092] In this embodiment, the cross-domain intercom communication method targets intercom terminals between different domains. These intercom terminals can refer to terminals in different cities, while terminals within the same city use the same quantum resource pool and the same quantum cryptography system. Figure 2 shows a structural block diagram of an intercom terminal. Intercom terminals 1a and 1b are connected to quantum key system 1, 2a and 2b are connected to quantum key system 2, and 3a and 3b are connected to quantum key system 3. Quantum key systems 1, 2, and 3 are respectively connected to the quantum secure intercom resource control center via a quantum network. Intercom terminals 1a and 1b are non-cross-domain intercom terminals, operating within the same city; intercom terminals 2a and 2b are non-cross-domain intercom terminals, operating within the same city; and intercom terminals 3a and 3b are non-cross-domain intercom terminals, operating within the same city. When intercom terminal 1a and intercom terminal 2b are cross-domain intercom terminals and need to communicate through a quantum network, it is considered cross-domain interoperability.

[0093] This application allows for the establishment of a talk group before the first talk terminal sends a call request to the first quantum-safe software development kit.

[0094] In this embodiment of the application, before receiving the call request sent by the first intercom terminal and responding to the call request to send a key application request for group communication to the first quantum key system, the method may further include: sending a group establishment application request to the intercom service system through the first intercom terminal; receiving a group identifier of the group sent by the intercom service system through the first intercom terminal; the group identifier is determined by the intercom service system based on the group application request to establish the group; and sending a group join request to the second intercom terminal through the first intercom terminal, so that the second intercom terminal joins the group according to the group join request.

[0095] Specifically, as shown in Figure 3, a flowchart illustrating the steps for establishing a cross-domain intercom group according to an embodiment of this application is illustrated. A first intercom terminal can send a group establishment request to the intercom service system. After the intercom service system verifies the identity of the first intercom terminal, it can establish the group based on the group application request. This group can be a cross-domain group. The system then determines the group identifier and sends it to the first intercom terminal. The first intercom terminal can then select a second intercom terminal and add it to the group. The second intercom terminal and the first intercom terminal are cross-domain intercom terminals.

[0096] In this embodiment of the application, a first quantum-safe software development kit may be deployed in the first intercom terminal. After the first intercom terminal pulls the second intercom terminal into the group, the first intercom terminal may send a call request to the first quantum-safe software development kit. The first quantum-safe software development kit may respond to the call request and send a key application request for group communication to the first quantum key system. The first quantum key system belongs to the quantum key system corresponding to the first intercom terminal.

[0097] In one embodiment, receiving a call request from a first intercom terminal and responding to the call request by sending a key application request for group communication to a first quantum key system may include: receiving a call request from the first intercom terminal and responding to the call request by sending a query request to a quantum secure intercom resource control center; receiving the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship from the quantum secure intercom resource control center; the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship are determined by the quantum secure intercom resource control center according to the query request; obtaining the identity token corresponding to the first quantum secure software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group; generating a key application request for group communication based on the identity token corresponding to the first quantum secure software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the system identifier of the first quantum key system, the system identifier of the second quantum key system, the quantum network node relationship of the group, and the group identifier of the group; and sending the key application request to the first quantum key system.

[0098] Specifically, a user can send a call request to the first quantum-safe software development kit through the first intercom terminal. The first quantum-safe software development kit then sends a query request for the group to the quantum-safe intercom resource control center. After receiving the query request, the quantum-safe intercom resource control center can determine the system identifier of the first quantum key system corresponding to the first intercom terminal in the group, the system identifier of the second quantum key system corresponding to the second intercom terminal, and the quantum network node relationship. Then, it sends the system identifiers of the first and second quantum key systems and the quantum network node relationship to the first quantum-safe software development kit.

[0099] After acquiring the first quantum-safe software development kit (SDK), the system can obtain the identity token corresponding to the SSD, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier. Then, based on the identity token, the identity identifiers of the first and second intercom terminals, the system identifiers of the first and second quantum key systems, the quantum network node relationships of the group, and the group identifier, a key request is sent to the first quantum key system. This key request includes the identity token, the identity identifiers of the first and second intercom terminals, and the system identifier of the first quantum key system.

[0100] The second quantum key system's system identifier, the quantum network node relationships of the group, and the group identifier.

[0101] Step 102: Receive the first authentication code information and key identifier sent by the first quantum key system; the first authentication code information and the key identifier are determined by the first quantum key system according to the key application request.

[0102] In this embodiment of the application, after the first quantum security software development kit sends a key request to the first quantum key system, the first quantum key system can determine the corresponding quantum key based on the key request. This quantum key is used for group management and communication. Then, the system determines the key identifier and first authentication code information corresponding to the quantum key.

[0103] Specifically, after receiving a key request, the first quantum key system can apply for a quantum key from the quantum network based on the quantum network node relationship, the system identifier of the first quantum key system, and the system identifier of the second quantum key system. This quantum key can be generated and distributed to the first quantum key system by the quantum key distribution system. This quantum key can be a quantum key for group management and communication between the first and second quantum key systems. The system also determines the key identifier corresponding to the quantum key. Based on the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier, the system performs HMAC (Hash-based Message Authentication Code) operation to obtain the first authentication code information. The system then sends the first authentication code information and the key identifier to the first quantum security software development kit.

[0104] Step 103: Send the group information of the group, the first authentication code information and the key identifier to the second intercom terminal.

[0105] In this embodiment, after the first quantum-safe software development kit (SDK) receives the first authentication code information and the key identifier, it can send the group information, the first authentication code information, and the key identifier to the second intercom terminal. This causes the second intercom terminal to send the group information, the first authentication code information, and the key identifier to the second SSD. The second SSD then sends its identity token, group information, first authentication code information, and key identifier to the second quantum key system. The second quantum key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier of the second SSD, and sends the verified authentication code information to the second intercom terminal. The second intercom terminal establishes communication with the first intercom terminal using the verified authentication code information. The first and second intercom terminals belong to the same group but are cross-domain intercom terminals. The second quantum-safe software development kit is deployed in the second intercom terminal.

[0106] In one embodiment, sending the group information, the first authentication code information, and the key identifier of the group to the second intercom terminal may include: sending the group information, the first authentication code information, and the key identifier of the group to the second intercom terminal through the intercom service system.

[0107] Specifically, after receiving the first authentication code information and key identifier, the first quantum security software development kit can send the group information, the first authentication code information and key identifier to the intercom service system, and the intercom service system can then send the group information, the first authentication code information and key identifier to the second intercom terminal.

[0108] In this application, the group information includes: the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0109] Specifically, after receiving the first authentication code information and key identifier, the first quantum-safe software development kit (SDK) can send the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier of the group, the first authentication code information, and the key identifier to the intercom service system. The intercom service system can store the relationship between the first authentication code information and the second intercom terminal, and based on the identity identifier of the second intercom terminal, send the identity identifier of the first intercom terminal, the group identifier of the group, the key identifier, and the first authentication code information to the second intercom terminal. After receiving the identity identifier of the first intercom terminal, the group identifier of the group, the key identifier, and the first authentication code information, the second intercom terminal can send these information to the second quantum-safe software development kit (SDK). The second quantum-safe software development kit then sends its identity token, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier, the key identifier, and the first authentication code information to the second quantum key system. The second quantum key system can obtain the corresponding quantum key based on the key identifier, and then... The identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier, and the key identifier are used to perform HMAC operations to obtain the second authentication code information. The second quantum key system then determines the validity period of the identity token of the second quantum security software development kit based on the identity token of the second quantum security software development kit, and verifies whether the second authentication code information is consistent with the first authentication code information. If they are consistent, the verification is successful, and the verified authentication code information is sent to the second intercom terminal. The validity period of the verified authentication code information is consistent with the validity period of the identity token of the second quantum security software development kit. Finally, the second intercom terminal establishes communication with the first intercom terminal based on the verified authentication code information.

[0110] In this embodiment, a call request is received from a first intercom terminal, and in response, a key request for communication within a group is sent to a first quantum key system. The system receives first authentication code information and a key identifier from the first quantum key system. The first authentication code information and key identifier are determined by the first quantum key system based on the key request. Group information, the first authentication code information, and the key identifier are sent to a second intercom terminal, causing the second intercom terminal to send these information to a second quantum-safe software development kit (SDK). The second SSD sends its identity token, group information, first authentication code information, and key identifier to the second quantum key system. The second quantum key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier, and sends the verified authentication code information to the second intercom terminal. The second intercom terminal establishes communication with the first intercom terminal using the verified authentication code information. The first and second intercom terminals are intercom terminals within the same group but operating across different domains. The second quantum-safe software development kit is deployed within the second intercom terminal. Thus, the second quantum secure key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit. The second intercom terminal establishes communication with the first intercom terminal through the verified authentication code information, thereby enabling the first intercom terminal and the second intercom terminal to communicate even if they are terminals in a cross-domain quantum resource pool intercom group.

[0111] Referring to Figure 4, a flowchart of another cross-domain intercom communication method provided in this application embodiment is shown. The method is applied to a second quantum-safe software development kit; the second quantum-safe software development kit is deployed on a second intercom terminal, and the method may specifically include the following steps:

[0112] Step 401: Receive group information, first authentication code information and key identifier sent by the first quantum security software development kit through the second intercom terminal.

[0113] In this embodiment, the first quantum-safe software development kit (SDK) can send group information, first authentication code information, and key identifier to the second intercom terminal. The second intercom terminal then sends the group information, first authentication code information, and key identifier to the second SSD. The first authentication code information and key identifier are determined by the first quantum key system based on a key request. The key request is initiated by the first quantum-safe software development kit receiving a call request from the first intercom terminal and responding by sending a key request for group communication to the first quantum key system. The first and second intercom terminals are intercom terminals within the same group but operating across different domains.

[0114] In this application, the group information may include: the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0115] Specifically, the first intercom terminal can send a group creation request to the intercom service system. After the intercom service system verifies the identity of the first intercom terminal, it can create a group according to the group creation request. This group can be a cross-domain group. Then, it determines the group identifier and sends the group identifier to the first intercom terminal. The first intercom terminal can then select a second intercom terminal and add it to the group. The second intercom terminal and the first intercom terminal are cross-domain intercom terminals.

[0116] In this embodiment of the application, a first quantum-safe software development kit may be deployed in the first intercom terminal. After the first intercom terminal pulls the second intercom terminal into the group, the first intercom terminal may send a call request to the first quantum-safe software development kit. The first quantum-safe software development kit may respond to the call request and send a key application request for group communication to the first quantum key system. The first quantum key system belongs to the quantum key system corresponding to the first intercom terminal.

[0117] Users can send a call request to the first quantum secure software development kit through the first intercom terminal. The first quantum secure software development kit responds by sending a query request for the group to the quantum secure intercom resource control center. After receiving the query request, the quantum secure intercom resource control center can determine the system identifier of the first quantum key system corresponding to the first intercom terminal in the group, the system identifier of the second quantum key system corresponding to the second intercom terminal, and the quantum network node relationship. Then, it sends the system identifiers of the first and second quantum key systems and the quantum network node relationship to the first quantum secure software development kit.

[0118] After acquiring the first quantum-safe software development kit, the system can obtain the identity token corresponding to the first quantum-safe software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group. Then, based on the identity token corresponding to the first quantum-safe software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the system identifier of the first quantum key system, the system identifier of the second quantum key system, the quantum network node relationship of the group, and the group identifier of the group, a key request is sent to the first quantum key system. The key request includes the identity token corresponding to the first quantum-safe software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the system identifier of the first quantum key system, the system identifier of the second quantum key system, the quantum network node relationship of the group, and the group identifier of the group.

[0119] After receiving a key request, the first quantum key system can request a quantum key from the quantum network based on the quantum network node relationship, the system identifier of the first quantum key system, and the system identifier of the second quantum key system. This quantum key can be generated and distributed to the first quantum key system by the quantum key distribution system. This quantum key can be a quantum key for group management and communication between the first and second quantum key systems. The system also determines the key identifier corresponding to the quantum key. Based on the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier, the system performs HMAC operation to obtain the first authentication code information. The system then sends the first authentication code information and the key identifier to the first quantum security software development kit.

[0120] After receiving the first authentication code information and key identifier, the first quantum security software development kit can send the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier, the first authentication code information, and the key identifier to the intercom service system. The intercom service system can store the relationship between the first authentication code information and the second intercom terminal, and send the identity identifier of the first intercom terminal, the group identifier, the key identifier, and the first authentication code information to the second intercom terminal according to the identity identifier of the second intercom terminal.

[0121] Step 402: Send the identity token of the second quantum-safe software development kit, the group information, the first authentication code information, and the key identifier to the second quantum key system.

[0122] In this embodiment of the application, after receiving the group information, the first authentication code information and the key identifier of the group, the second quantum secure software development kit can send the identity token, group information, first authentication code information and key identifier of the second quantum secure software development kit to the second quantum key system.

[0123] Specifically, the second quantum secure software development kit sends the identity token of the second quantum secure software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier, the key identifier, and the first authentication code information to the second quantum key system.

[0124] Step 403: Receive the verified authentication code information determined by the second quantum key system based on the identity token of the second quantum security software development kit, the group information, the first authentication code information, and the key identifier through the second intercom terminal.

[0125] In this embodiment, after the second quantum secure software development kit sends its identity token, group information, first authentication code information, and key identifier to the second quantum key system, the second quantum key system can determine the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit, and then send the verified authentication code information to the second intercom terminal.

[0126] In this application, the verified authentication code information is determined by the second quantum key system based on the key identifier to determine the corresponding quantum key. Based on the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier of the group, and the quantum key, the second authentication code information is determined. The second authentication code information is verified based on the first authentication code information to obtain the verified authentication code information.

[0127] Specifically, the second quantum key system can obtain the corresponding quantum key based on the key identifier. Then, it performs HMAC operation based on the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier, and the key identifier to obtain the second authentication code information. The second quantum key system then determines the validity period of the identity token of the second quantum security software development kit based on the identity token of the second quantum security software development kit, and verifies whether the second authentication code information is consistent with the first authentication code information. If they are consistent, the verification is successful, and the verified authentication code information is sent to the second intercom terminal. The validity period of the verified authentication code information is consistent with the validity period of the identity token of the second quantum security software development kit.

[0128] Step 404: The second intercom terminal establishes communication with the first intercom terminal based on the verified authentication code information.

[0129] In this embodiment of the application, after receiving the verified authentication code information sent by the second quantum key system, the second intercom terminal can establish communication with the first intercom terminal based on the verified authentication code information.

[0130] To better understand this application, the embodiments of this application will now be described in detail with reference to FIG5.Figure 5 shows a flowchart of another cross-domain intercom communication method provided in this embodiment of the application. The first intercom terminal sends a call request to the first quantum-safe SDK (Software Development Kit). The first quantum-safe SDK responds to the call request by sending a query request to the quantum-safe intercom resource center. The quantum-safe intercom resource center sends the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship to the first quantum-safe SDK. The first quantum-safe SDK sends its identity token, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the system identifier of the first quantum key system, the system identifier of the second quantum key system, the quantum network node relationship, and the group identifier to the first quantum key system. The first quantum-safe SDK then... The network node relationship, the system identifier of the first quantum key system, and the system identifier of the second quantum key system are used to apply for a quantum key from the quantum network. Then, based on the quantum key, the identity identifiers of the first and second intercom terminals, and the group identifier, HMAC operations are performed to obtain the first authentication code information. The first authentication code information and the key identifier are sent to the first quantum security SDK. The first quantum security SDK sends the identity identifiers of the first and second intercom terminals, the group identifier, the first authentication code information, and the key identifier to the intercom service system. The intercom service system stores the first authentication code information and the relationship between the second and second intercom terminals, and then uses the second quantum key system to... The system first sends the identity identifier of the first intercom terminal, the group identifier, the key identifier, and the first authentication code to the second intercom terminal. The second intercom terminal then sends the identity identifier of the first intercom terminal, the group identifier, the key identifier, and the first authentication code to the second quantum security SDK. The second quantum security SDK then sends the identity token of the second quantum security software development kit, the identity identifiers of the first and second intercom terminals, the group identifier, the key identifier, and the first authentication code to the second quantum key system. The second quantum key system obtains the corresponding quantum key based on the key identifier, and then... HMAC operations are performed based on the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier, and the key identifier to obtain the second authentication code information. The second quantum key system then determines the validity period of the identity token of the second quantum security SDK based on the identity token of the second quantum security SDK, and verifies whether the second authentication code information is consistent with the first authentication code information. If they are consistent, the verification is successful, and the verified authentication code information is sent to the second intercom terminal. The validity period of the verified authentication code information is consistent with the validity period of the identity token of the second quantum security SDK. Finally, the second intercom terminal establishes communication with the first intercom terminal based on the verified authentication code information.

[0131] In this embodiment, a call request is received from a first intercom terminal, and in response, a key request for communication within a group is sent to a first quantum key system. The system receives first authentication code information and a key identifier from the first quantum key system. The first authentication code information and key identifier are determined by the first quantum key system based on the key request. Group information, the first authentication code information, and the key identifier are sent to a second intercom terminal, causing the second intercom terminal to send these information to a second quantum-safe software development kit (SDK). The second SSD sends its identity token, group information, first authentication code information, and key identifier to the second quantum key system. The second quantum key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier, and sends the verified authentication code information to the second intercom terminal. The second intercom terminal establishes communication with the first intercom terminal using the verified authentication code information. The first and second intercom terminals are intercom terminals within the same group but operating across different domains. The second quantum-safe software development kit is deployed within the second intercom terminal. Thus, the second quantum secure key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit. The second intercom terminal establishes communication with the first intercom terminal through the verified authentication code information, thereby enabling the first intercom terminal and the second intercom terminal to communicate even if they are terminals in a cross-domain quantum resource pool intercom group.

[0132] It should be noted that, for the sake of simplicity, the method embodiments are all described as a series of actions. However, those skilled in the art should understand that the embodiments of this application are not limited to the described order of actions, because according to the embodiments of this application, some steps can be performed in other orders or simultaneously. Secondly, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions involved are not necessarily required by the embodiments of this application.

[0133] Referring to Figure 6, a structural block diagram of a cross-domain intercom group communication system provided in an embodiment of this application is shown. The system includes: a first intercom terminal 601, a second intercom terminal 602, a first quantum-safe software development kit 603, a second quantum-safe software development kit 604, a first quantum key system 605, and a second quantum key system 606.

[0134] The first intercom terminal 601 is used to send a call request to the first quantum safety software development kit 603;

[0135] The first quantum security software development kit 603 is used to receive the call request and, in response to the call request, send a key application request for group communication to the first quantum key system 605; receive the first authentication code information and key identifier sent by the first quantum key system 605; and send the group information, the first authentication code information, and the key identifier to the second intercom terminal 602.

[0136] The first quantum key system 605 is configured to receive the key request, determine the first authentication code information and the key identifier based on the key request, and send the first authentication code information and the key identifier to the first quantum security software development kit 603.

[0137] The second intercom terminal 602 is used to receive the group information, the first authentication code information and the key identifier of the group, and send the group information, the first authentication code information and the key identifier of the group to the second quantum security software development kit 604; receive the verified authentication code information sent by the second quantum key system 606; and establish communication with the first intercom terminal 601 according to the verified authentication code information.

[0138] The second quantum-safe software development kit 604 is used to receive the group information, the first authentication code information, and the key identifier; and to send the identity token of the second quantum-safe software development kit 604, the group information, the first authentication code information, and the key identifier to the second quantum key system 606.

[0139] The second quantum key system 606 is used to receive the identity token, the group information, the first authentication code information, and the key identifier from the second quantum secure software development kit 604, and to determine the verified authentication code information based on the identity token, the group information, the first authentication code information, and the key identifier from the second quantum secure software development kit 604; and to send the verified authentication code information to the second intercom terminal 602.

[0140] In one embodiment, the system further includes: a quantum-safe intercom resource control center;

[0141] The first quantum-safe software development kit 603 is used to receive a call request sent by the first intercom terminal 601 and, in response to the call request, send a query request to the quantum-safe intercom resource control center; receive the system identifier of the first quantum key system 605, the system identifier of the second quantum key system 606, and the quantum network node relationship sent by the quantum-safe intercom resource control center; obtain the identity token corresponding to the first quantum-safe software development kit 603, the identity identifier of the first intercom terminal 601, the identity identifier of the second intercom terminal 602, and the group identifier of the group; generate a key application request for communication of the group based on the identity token corresponding to the first quantum-safe software development kit 603, the identity identifier of the first intercom terminal 601, the identity identifier of the second intercom terminal 602, the system identifier of the first quantum key system 605, the system identifier of the second quantum key system 606, the quantum network node relationship of the group, and the group identifier of the group; and send the key application request to the first quantum key system 605.

[0142] The quantum-safe intercom resource control center is used to receive the query request, determine the system identifier of the first quantum key system 605, the system identifier of the second quantum key system 606, and the quantum network node relationship; and send the system identifier of the first quantum key system 605, the system identifier of the second quantum key system 606, and the quantum network node relationship to the first quantum-safe software development kit 603.

[0143] In one embodiment, the system further includes: an intercom service system;

[0144] The first intercom terminal 601 is used to send a group establishment application request to the intercom service system; obtain the group identifier of the group sent by the service intercom system; and send a group join request to the second intercom terminal 602.

[0145] The intercom system is used to receive the group creation request; create a group according to the group creation request and determine the group identifier; and send the group identifier to the first intercom terminal 601.

[0146] The second intercom terminal 602 is used to receive the group join request and join the group according to the group join request.

[0147] In one embodiment, the system further includes: an intercom service system;

[0148] The first quantum security software development kit 603 is used to send the group information of the group, the first authentication code information and the key identifier to the intercom service system;

[0149] The docking service system is used to receive the group information, the first authentication code information and the key identifier of the group; and send the group information, the first authentication code information and the key identifier of the group to the second intercom terminal 602.

[0150] The second intercom terminal 602 is used to receive the group information, the first authentication code information and the key identifier of the group.

[0151] In one embodiment, the group information of the group includes: the identity identifier of the first intercom terminal 601, the identity identifier of the second intercom terminal 602, and the group identifier of the group.

[0152] In one embodiment, the second quantum key system 606 is used to determine the corresponding quantum key based on the key identifier, determine the second authentication code information based on the quantum key, the identity identifier of the first intercom terminal 601, the identity identifier of the second intercom terminal 602, the group identifier of the group, and the quantum key; and verify the second authentication code information based on the first authentication code information to obtain the verified authentication code information.

[0153] In this embodiment, a first intercom terminal is used to send a call request to a first quantum-safe software development kit (SDK); the first quantum-safe software development kit is used to receive the call request and, in response to the call request, send a key request for group communication to a first quantum key system; receive first authentication code information and key identifier sent by the first quantum key system; and send group information, first authentication code information, and key identifier to a second intercom terminal; the first quantum key system is used to receive the key request and determine the first authentication code information and key identifier according to the key request; and send the first authentication code information and key identifier to the first quantum-safe software development kit; the second intercom terminal is used to receive the group information, first authentication code information, and key identifier, and then... The system sends an identifier to the second quantum-safe software development kit (SDK); receives verified authentication code information from the second quantum key system; establishes communication with the first intercom terminal based on the verified authentication code information; the second quantum-safe software development kit receives group information, the first authentication code information, and the key identifier; sends the identity token, group information, first authentication code information, and key identifier from the second quantum-safe software development kit to the second quantum key system; the second quantum key system receives the identity token, group information, first authentication code information, and key identifier from the second quantum-safe software development kit, determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier from the second quantum-safe software development kit; and sends the verified authentication code information to the second intercom terminal. Thus, the second quantum-safe key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier from the second quantum-safe software development kit, and the second intercom terminal establishes communication with the first intercom terminal based on the verified authentication code information, enabling communication between the first and second intercom terminals even if they are terminals in a cross-domain quantum resource pool intercom group.

[0154] Referring to Figure 7, a structural block diagram of a cross-domain intercom group communication device provided in an embodiment of this application is shown. The device is applied to a first quantum-safe software development kit; the first quantum-safe software development kit is deployed on a first intercom terminal and may specifically include the following modules:

[0155] The first receiving module 701 is used to receive the call request sent by the first intercom terminal and, in response to the call request, send a key application request for group communication to the first quantum key system.

[0156] The second receiving module 702 is used to receive the first authentication code information and the key identifier sent by the first quantum key system; the first authentication code information and the key identifier are determined by the first quantum key system according to the key application request.

[0157] The first sending module 703 is used to send group information of the group, the first authentication code information, and the key identifier to the second intercom terminal, so that the second intercom terminal sends the group information, the first authentication code information, and the key identifier to the second quantum-safe software development kit. The second quantum-safe software development kit sends its identity token, the group information, the first authentication code information, and the key identifier to the second quantum key system. The second quantum key system determines the verified authentication code information based on the identity token, the group information, the first authentication code information, and the key identifier of the second quantum-safe software development kit, and sends the verified authentication code information to the second intercom terminal. The second intercom terminal establishes communication with the first intercom terminal through the verified authentication code information. The first intercom terminal and the second intercom terminal are intercom terminals within the same group that are cross-domain. The second quantum-safe software development kit is deployed in the second intercom terminal.

[0158] In one embodiment, the first receiving module 701 includes:

[0159] The first receiving submodule is used to receive the call request sent by the first intercom terminal and respond to the call request by sending a query request to the quantum secure intercom resource control center.

[0160] The second receiving submodule is used to receive the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship sent by the quantum secure intercom resource control center; the system identifier of the first quantum key system, the system identifier of the second quantum key system, and the quantum network node relationship are determined by the quantum secure intercom resource control center according to the query request.

[0161] The acquisition submodule allows the user to acquire the identity token corresponding to the first quantum security software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0162] The generation submodule is used to generate a key request for communication for the group based on the identity token corresponding to the first quantum security software development kit, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the system identifier of the first quantum key system, the system identifier of the second quantum key system, the quantum network node relationship of the group, and the group identifier of the group.

[0163] The first sending submodule is used to send the key request to the first quantum key system.

[0164] In one embodiment, the device further includes:

[0165] The second sending module is used to send a group establishment application request to the intercom service system through the first intercom terminal;

[0166] The third receiving module is used to receive the group identifier of the group sent by the intercom service system through the first intercom terminal; the group identifier is determined by the intercom service system based on the group application request when the group is established.

[0167] The third sending module is used to send a group join request to the second intercom terminal through the first intercom terminal, so that the second intercom terminal joins the group according to the group join request.

[0168] In one embodiment, the first transmitting module 703 includes:

[0169] The second sending submodule is used to send the group information of the group, the first authentication code information and the key identifier to the second intercom terminal through the intercom service system.

[0170] In one embodiment, the group information of the group includes: the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0171] In this embodiment, the first receiving module is used to receive a call request sent by the first intercom terminal and, in response to the call request, send a key application request for group communication to the first quantum key system; the second receiving module is used to receive first authentication code information and key identifier sent by the first quantum key system; the first authentication code information and key identifier are determined by the first quantum key system according to the key application request; the first sending module is used to send group information, first authentication code information, and key identifier to the second intercom terminal, so that the second intercom terminal sends the group information, first authentication code information, and key identifier to the second quantum security software development kit, the second quantum... The secure software development kit (SDK) sends the identity token, group information, first authentication code information, and key identifier of the second quantum secure SSD to the second quantum key system. The second quantum key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier of the second quantum secure SSD, and sends the verified authentication code information to the second intercom terminal. The second intercom terminal establishes communication with the first intercom terminal using the verified authentication code information. The first and second intercom terminals belong to the same group but are cross-domain intercom terminals. The second quantum secure SSD is deployed in the second intercom terminal. Thus, by having the second quantum secure key system determine the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier of the second quantum secure SSD, and the second intercom terminal establishes communication with the first intercom terminal using the verified authentication code information, the first and second intercom terminals can communicate even if they are terminals in a cross-domain quantum resource pool intercom group.

[0172] Referring to Figure 8, a structural block diagram of another cross-domain intercom group communication device provided in an embodiment of this application is shown. The device is applied to a second quantum-safe software development kit; the second quantum-safe software development kit is deployed on a second intercom terminal and may specifically include the following modules:

[0173] The fourth transmitting module 801 is used to receive group information, first authentication code information, and key identifier of a group sent by the first quantum security software development kit through the second intercom terminal; the first authentication code information and the key identifier are determined by the first quantum key system according to a key application request; the key application request is initiated by the first quantum security software development kit receiving a call request sent by the first intercom terminal and responding to the call request by sending a key application request for communication of the group to the first quantum key system; the first intercom terminal and the second intercom terminal are intercom terminals that are cross-domain within the same group;

[0174] The fifth sending module 802 is used to send the identity token of the second quantum-safe software development kit, the group information, the first authentication code information and the key identifier to the second quantum key system;

[0175] The fourth receiving module 803 is used to receive, through the second intercom terminal, the verified authentication code information determined by the second quantum key system based on the identity token of the second quantum security software development kit, the group information, the first authentication code information, and the key identifier;

[0176] The communication module 804 is used to establish communication with the first intercom terminal through the second intercom terminal based on the verified authentication code information.

[0177] In one embodiment, the group information includes: the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, and the group identifier of the group.

[0178] In one embodiment, the verified authentication code information is obtained by the second quantum key system determining the corresponding quantum key based on the key identifier, determining the second authentication code information based on the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier of the group, and the quantum key, and verifying the second authentication code information based on the first authentication code information to obtain the verified authentication code information.

[0179] In this embodiment, the fourth sending module is used to receive group information, first authentication code information, and key identifier of the group sent by the first quantum secure software development kit (MSK) through the second intercom terminal; the first authentication code information and key identifier are determined by the first quantum key system according to the key application request; the key application request is initiated by the first quantum secure software development kit receiving a call request sent by the first intercom terminal and responding to the call request by sending a key application request for communication of the group to the first quantum key system; the first intercom terminal and the second intercom terminal are intercom terminals within the same group but operating across different domains; the fifth sending module is used to send the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit to the second quantum key system; the fourth receiving module is used to receive, through the second intercom terminal, the verified authentication code information determined by the second quantum key system based on the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit; the communication module is used to establish communication with the first intercom terminal through the second intercom terminal based on the verified authentication code information. Thus, the second quantum secure key system determines the verified authentication code information based on the identity token, group information, first authentication code information, and key identifier of the second quantum secure software development kit. The second intercom terminal establishes communication with the first intercom terminal through the verified authentication code information, thereby enabling the first intercom terminal and the second intercom terminal to communicate even if they are terminals in a cross-domain quantum resource pool intercom group.

[0180] As the device embodiment is basically similar to the method embodiment, the description is relatively simple, and relevant parts can be found in the description of the method embodiment.

[0181] The various component embodiments of this application can be implemented in hardware, or as software modules running on one or more processors, or a combination thereof. Those skilled in the art will understand that microprocessors or digital signal processors (DSPs) can be used in practice to implement some or all of the functions of some or all of the components in the computing processing device according to the embodiments of this application. This application can also be implemented as a device or apparatus program (e.g., a computer program and computer program product) for performing part or all of the methods described herein. Such an implementation of this application can be stored on a computer-readable medium, or can be in the form of one or more signals. Such signals can be downloaded from an Internet website, provided on a carrier signal, or provided in any other form.

[0182] For example, Figure 9 illustrates a computing processing device that can implement the method according to this application. This computing processing device conventionally includes a processor 1010 and a computer program product or computer-readable medium in the form of a memory 1020. The memory 1020 can be an electronic memory such as flash memory, EEPROM (Electrically Erasable Programmable Read-Only Memory), EPROM, hard disk, or ROM. The memory 1020 has a storage space 1030 for program code 1031 for performing any of the method steps described above. For example, the storage space 1030 for the program code can include various program codes 1031 respectively for implementing the various steps in the above method. These program codes can be read from or written to one or more computer program products. These computer program products include program code carriers such as hard disks, compact discs (CDs), memory cards, or floppy disks. Such computer program products are typically portable or fixed storage units as described with reference to Figure 10. The storage unit can have storage segments, storage spaces, etc., arranged similarly to the memory 1020 in the computing processing device of Figure 9. The program code can be compressed, for example, in a suitable form. Typically, the storage unit includes computer-readable code 1031', that is, code that can be read by a processor such as 1010, which, when run by a computing processing device, causes the computing processing device to perform the various steps in the methods described above.

Claims

1. A cross-domain push-to-talk group communication system, wherein, The system comprises a first intercom terminal, a second intercom terminal, a first quantum security software development kit, a second quantum security software development kit, a first quantum key system and a second quantum key system; The first intercom terminal is configured to send a calling request to the first quantum security software development kit; The first quantum security software development kit is configured to receive the calling request, and in response to the calling request, send a key application request for group communication to the first quantum key system; receive first authentication code information and a key identifier sent by the first quantum key system; and send group information of the group, the first authentication code information and the key identifier to the second intercom terminal; The first quantum key system is configured to receive the key application request, and determine the first authentication code information and the key identifier according to the key application request; and send the first authentication code information and the key identifier to the first quantum security software development kit; The second intercom terminal is configured to receive the group information of the group, the first authentication code information and the key identifier, send the group information of the group, the first authentication code information and the key identifier to the second quantum security software development kit, receive checked authentication code information sent by the second quantum key system, and establish communication with the first intercom terminal according to the checked authentication code information; The second quantum security software development kit is configured to receive the group information, the first authentication code information and the key identifier; and send an identity token of the second quantum security software development kit, the group information, the first authentication code information and the key identifier to the second quantum key system; The second quantum key system is configured to receive the identity token of the second quantum security software development kit, the group information, the first authentication code information and the key identifier, determine checked authentication code information according to the identity token of the second quantum security software development kit, the group information, the first authentication code information and the key identifier, and send the checked authentication code information to the second intercom terminal.

2. The cross-domain talk-through group communication system of claim 1, wherein, The system further comprises a quantum security intercom resource control center. The first quantum security software development kit is configured to receive a call request sent by the first intercom terminal, and send a query request to a quantum security intercom resource control center in response to the call request; receive system identification of the first quantum key system, system identification of the second quantum key system, and quantum network node relationship sent by the quantum security intercom resource control center; obtain an identity token corresponding to the first quantum security software development kit, an identity of the first intercom terminal, an identity of the second intercom terminal, and a group identification of a group; generate a key application request for communication of the group according to the identity token corresponding to the first quantum security software development kit, the identity of the first intercom terminal, the identity of the second intercom terminal, the system identification of the first quantum key system, the system identification of the second quantum key system, the quantum network node relationship of the group, and the group identification of the group; and send the key application request to the first quantum key system. The quantum security intercom resource control center is configured to receive the query request, determine the system identification of the first quantum key system, the system identification of the second quantum key system, and the quantum network node relationship; and send the system identification of the first quantum key system, the system identification of the second quantum key system, and the quantum network node relationship to the first quantum security software development kit.

3. The cross-domain talk-through group communication system of claim 1, wherein, The system further comprises an intercom service system. The first intercom terminal is configured to send a group establishment application request to the intercom service system, obtain a group identification of a group sent by the intercom service system, and send a group joining request to the second intercom terminal. The intercom service system is configured to receive the group establishment application request, establish a group according to the group application request, determine a group identification of the group, and send the group identification of the group to the first intercom terminal. The second intercom terminal is configured to receive the group joining request and join the group according to the group joining request.

4. The cross-domain talk-through group communication system of claim 1, wherein, The system further comprises an intercom service system. The first quantum security software development kit is configured to send group information of the group, the first authentication code information, and the key identification to the intercom service system. The intercom service system is configured to receive the group information of the group, the first authentication code information, and the key identification, and send the group information of the group, the first authentication code information, and the key identification to the second intercom terminal. The second intercom terminal is configured to receive the group information of the group, the first authentication code information, and the key identification.

5. The cross-domain talk-through group communication system of claim 1, wherein, The group information of the group comprises an identity of the first intercom terminal, an identity of the second intercom terminal, and a group identification of the group.

6. The cross-domain intercom group communication system according to claim 5, wherein The second quantum key system is configured to determine a corresponding quantum key according to the key identifier, and determine second authentication code information according to the quantum key, the identity identifier of the first intercom terminal, the identity identifier of the second intercom terminal, the group identifier of the group, and the quantum key. The second authentication code information is verified according to the first authentication code information to obtain the verified authentication code information.

7. A cross-domain push-to-talk group communication method, wherein, The method is applied to a first quantum security software development kit, and the first quantum security software development kit is deployed in a first intercom terminal. The method comprises the following steps: receiving a calling request sent by the first intercom terminal, and sending a key application request for communication of a group to a first quantum key system in response to the calling request; receiving first authentication code information and a key identifier sent by the first quantum key system, wherein the first authentication code information and the key identifier are determined by the first quantum key system according to the key application request; sending group information of the group, the first authentication code information, and the key identifier to a second intercom terminal, so that the second intercom terminal sends the group information, the first authentication code information, and the key identifier to a second quantum security software development kit, the second quantum security software development kit sends an identity token of the second quantum security software development kit, the group information, the first authentication code information, and the key identifier to a second quantum key system, the second quantum key system determines verified authentication code information according to the identity token of the second quantum security software development kit, the group information, the first authentication code information, and the key identifier, and sends the verified authentication code information to the second intercom terminal, and the second intercom terminal establishes communication with the first intercom terminal through the verified authentication code information; the first intercom terminal and the second intercom terminal belong to intercom terminals in the same group and cross domains of each other; and the second quantum security software development kit is deployed in the second intercom terminal.

8. The cross-domain call group communication method of claim 7, wherein, The receiving of the calling request sent by the first intercom terminal and the sending of the key application request for communication of the group to the first quantum key system in response to the calling request comprise the following steps: receiving a calling request sent by the first intercom terminal, and sending a calling request to a quantum security intercom resource control center in response to the calling request; receiving system identifiers of a first quantum key system and a second quantum key system and a quantum network node relationship sent by the quantum security intercom resource control center, wherein the system identifiers of the first quantum key system and the second quantum key system and the quantum network node relationship are determined by the quantum security intercom resource control center according to the query request; obtaining an identity token corresponding to the first quantum security software development kit, an identity identifier of the first intercom terminal, an identity identifier of the second intercom terminal, and a group identifier of the group; and According to the identity token of the first quantum security software development kit, the identity of the first intercom terminal, the identity of the second intercom terminal, the system identity of the first quantum key system, the system identity of the second quantum key system, the quantum network node relationship of the group, and the group identity of the group, a key application request for communication of the group is generated; The key application request is sent to the first quantum key system.

9. The cross-domain call group communication method of claim 7, wherein, Before the receiving of the calling request sent by the first intercom terminal and the sending of the key application request for communication of the group to the first quantum key system in response to the calling request, the method further comprises: Sending a group establishment application request to the intercom service system through the first intercom terminal; Receiving the group identity of the group sent by the intercom service system through the first intercom terminal; the group identity is established by the intercom service system according to the group application request and the group identity determined by the group; Sending a group joining request to the second intercom terminal through the first intercom terminal, so that the second intercom terminal joins the group according to the group joining request.

10. The cross-domain call group communication method of claim 7, wherein, The sending of the group information of the group, the first authentication code information, and the key identity to the second intercom terminal comprises: Sending the group information of the group, the first authentication code information, and the key identity to the second intercom terminal through the intercom service system.

11. The cross-domain intercom group communication method of claim 7, wherein The group information of the group comprises the identity of the first intercom terminal, the identity of the second intercom terminal, and the group identity of the group.

12. A cross-domain push-to-talk group communication method, wherein, The method is applied to a second quantum security software development kit; the second quantum security software development kit is deployed on a second intercom terminal, and the method comprises: Receiving, by the second intercom terminal, the group information of the group, the first authentication code information, and the key identity sent by the first quantum security software development kit; the first authentication code information and the key identity are determined by the first quantum key system according to a key application request; the key application request is sent by the first quantum security software development kit to the first quantum key system in response to a calling request sent by the first intercom terminal; the first intercom terminal and the second intercom terminal belong to the same group and cross domains with each other; Sending the identity token of the second quantum security software development kit, the group information, the first authentication code information, and the key identity to a second quantum key system; Receiving, by the second intercom terminal, the verified authentication code information determined by the second quantum key system according to the identity token of the second quantum security software development kit, the group information, the first authentication information, and the key identity; Establishing communication with the first intercom terminal according to the verified authentication code information by the second intercom terminal.

13. The cross-domain intercom group communication method of claim 12, wherein The group information comprises: an identity of the first intercom terminal, an identity of the second intercom terminal, and a group identity of the group.

14. The cross-domain intercom group communication method of claim 13, wherein, The verified authentication code information is determined by the second quantum key system according to the key identifier, the quantum key, the identity of the first intercom terminal, the identity of the second intercom terminal, the group identity of the group, and the quantum key, the second authentication code information is verified according to the first authentication code information, and the verified authentication code information is obtained.

15. A cross-domain push-to-talk group communication apparatus, wherein, The device is applied to a first quantum security software development kit; the first quantum security software development kit is deployed in a first intercom terminal, and the device comprises: A first receiving module is configured to receive a calling request sent by the first intercom terminal and send a key application request for group communication to a first quantum key system in response to the calling request; A second receiving module is configured to receive first authentication code information and a key identifier sent by the first quantum key system; the first authentication code information and the key identifier are determined by the first quantum key system according to the key application request; A first sending module is configured to send group information of the group, the first authentication code information, and the key identifier to a second intercom terminal, so that the second intercom terminal sends the group information, the first authentication code information, and the key identifier to a second quantum security software development kit; the second quantum security software development kit sends an identity token of the second quantum security software development kit, the group information, the first authentication code information, and the key identifier to a second quantum key system; the second quantum key system determines verified authentication code information according to the identity token of the second quantum security software development kit, the group information, the first authentication code information, and the key identifier, and sends the verified authentication code information to the second intercom terminal; the second intercom terminal establishes communication with the first intercom terminal through the verified authentication code information; the first intercom terminal and the second intercom terminal belong to intercom terminals in the same group; and the second quantum security software development kit is deployed in the second intercom terminal.

16. A cross-domain push-to-talk group communication apparatus, wherein, The device is applied to a second quantum security software development kit; the second quantum security software development kit is deployed in a second intercom terminal, and the device comprises: a fourth sending module, configured to receive, by the second intercom terminal, group information, first authentication code information and a key identifier of a group sent by the first quantum security software development kit; the first authentication code information and the key identifier are determined by the first quantum key system according to a key application request; the key application request is received by the first quantum security software development kit from the first intercom terminal, and the first quantum security software development kit sends the key application request for communication of the group to the first quantum key system in response to the calling request; the first intercom terminal and the second intercom terminal belong to the same group and cross domains of each other; a fifth sending module, configured to send an identity token of the second quantum security software development kit, the group information, the first authentication code information and the key identifier to the second quantum key system; a fourth receiving module, configured to receive, by the second intercom terminal, the first authentication code information determined by the second quantum key system according to the identity token of the second quantum security software development kit, the group information, the first authentication code information and the key identifier; a communication module, configured to establish communication with the first intercom terminal by the second intercom terminal according to the first authentication code information.

17. A computing processing device, wherein, comprises: a memory, wherein computer readable code is stored; one or more processors, when the computer readable code is executed by the one or more processors, the computing processing device executes the steps of the cross-domain intercom group communication method according to any one of claims 5-11 or 12-14.

18. A computer program comprising computer readable code which, when run on a computing processing device, causes the computing processing device to perform the steps of the cross-domain intercom group communication method according to any one of claims 5-11 or 12-14.

19. A computer readable medium having stored therein the computer program of claim 18.