48 results about "SAFER" patented technology

A system and method for transforming a software application comprising binary code and optionally associated data, from an original form to a more secure form. The method includes performing a combination of binary transmutations to the application, and interlocking the transmutations by generating and placing interdependencies between the transmutations, wherein a transmutation is an irreversible change to the application. Different types of the transmutations are applied at varied granularities of the application. The transmutations are applied to the application code and the implanted code as well. The result is a transformed software application which is semantically equivalent to the original software application but is resistant to static and/or dynamic attacks.

Security can be enforced in a consistent manner with respect to various computing environments that may be operable in a computing system. Consistent security criteria can be generated, based on input security criterion, in a computer readable and storable form and stored in a computer readable storage medium, thereby allowing the consistent security criterion to be effectively provided to a computing system for enforcement of the input security criterion in a consistent manner with respect to, for example, (a) a first executable computer code effectively supported by an Operating System (OS), and (b) a second computer code effectively supported by the Virtual Computing Environment (VCE). A Trusted Component (TC) can effectively provide a consistent security criterion as a part and/or form that is suitable for a particular computing environment. The TC can, for example, be an automated tool that performs various functions including: verifying the consistency of security criteria, generation and deployment of consistent security criteria, and transformation of security criteria to parts and/or forms suitable for various computing environments. In addition, a Virtual Computing Environment (VCE) can obtain from the Operating System (OS) one or more security criteria. The Virtual Computing Environment (VCE) can be operable in a Trusted Computing Environment (TCE) and interface with a Trusted Operating System (TOS) that effectively enforces Mandatory Access Control (MAC), thereby allowing the Virtual Computing Environment (VCE) to leverage the security provided by the OS. The OS can, for example, be a Security-Enhanced Linux (SELinux) Operating System operating as a Trusted Component in a Trusted Environment that includes a Trusted Security Agent (TSA) operable to deploy consistent security criteria.

The invention discloses a method for establishing a channel in a TLS1_3 protocol based on a national cryptographic algorithm. The method comprises a key exchange stage, a server parameter stage and anidentity authentication stage. In the key exchange phase, an SM2 key exchange algorithm is introduced to negotiate a shared key, and compared with international algorithms such as ECDH and ECDSA, a safer mechanism is adopted; in the identity authentication stage, compared with an RSA algorithm, the SM2 algorithm has the advantages that the encryption strength is similar to the safety performanceof a 3072-bit RSA algorithm when the key length of the SM2 algorithm is 256 bits, two message words are used in each round of a compression function of the SM3 algorithm, and the SM3 algorithm has higher word completeness than an existing SHA256 algorithm. In a symmetric encryption algorithm, an SM4 algorithm is introduced, a 32-round nonlinear iterative structure is adopted, the number of roundsof calculation is far larger than that of an AES algorithm, and safety is higher. According to the method, by improving the encryption algorithm serving as a data transmission safety core, secret keyleakage in the transmission process is avoided, and the safety of establishing a TLS1_3 channel is improved to a great extent.

The invention discloses a pharmaceutical composition containing 18 amino acids. The pharmaceutical composition containing 18 amino acids is characterized in that raw materials of 18 amino acids and auxiliary materials of an antioxidant and a pH conditioning agent are prepared into compound amino acid injections (18AA-IV) having different concentrations, wherein the compound amino acid injection is the pharmaceutical composition containing 18 amino acids and has a pH value of 3.5 to 5.5. The pharmaceutical composition containing 18 amino acids does not contain a sulfite antioxidant and thoroughly prevents the damage of sulfites on the human body. Products of the pharmaceutical composition containing 18 amino acids are safer in clinical use. An accelerated stability test proves that the pharmaceutical composition (18AA-IV) containing 18 amino acids has the stability the same as or superior to the stability of commercial sulfite-containing like products.

The invention discloses a TLS secure communication method. The method comprises the following steps: a server and a client call certificates of each other; encrypting an encryption suite and key exchange information sent by the client by adopting the public key of the server certificates; encrypting the encryption suite selection and key exchange information sent by the server by adopting the public keys of the client certificates; allowing the client to decrypt the received encryption suite selection and key exchange information sent by the server by using the private key of the client; and allowing the server to decrypt the received encryption suite selection and key exchange information sent by the client by using the private key of the server. The TLS secure communication method has the beneficial effects that the secure communication method is suitable for occasions with relatively high data transmission security requirements; synchronous updating of certificates of the two parties can also be included in the ciphertext, and safety is higher.

An emergency response system that is used by schools to alert students, faculty, and staff on the school campus of critical situations. The system utilizes ID cards that are issued to the students, faculty, and staff at the beginning of each new school year, and issued to visitors as needed. The ID cards each have a miniature receiver, control circuitry, antenna and battery embedded into them along with a flat speaker and an LED light. If an emergency on the grounds of the school is imminent or ongoing, a master transmitter box is triggered by an administrator. The triggering of the transmitter sends coded RF signals out to ID cards and repeaters that are strategically placed through the school property. Signals received by the receivers embedded into the ID cards and decoded by the control circuitry trigger the speaker and LED in the ID cards to alert persons carrying the ID cards.

The invention relates to a synthetic process of O-ethyl-S-n-proply-(3-ethyl-2-cyano imine-1-imidazole) phosphate. The process comprises the following steps of: 1) synthesis of O-ethyl-S-n-proply-S-propyl phosphoryl chloride; 2) synthesis of 1-ethyl-2-(N-cyano imine) imidazole; and 3) synthesis of O-ethyl-S-n-proply-(3-ethyl-2-cyano imine-1-imidazole) phosphate. The process provided by the invention has the beneficial effects that the reaction step and time are shortened, the yield is improved from 50% to over 70%, and the total yield is improved; according to the process, potassium carbonate replaces flammable and combustible sodium hydride, so that the reaction condition is more mild and the production process is safer; based on dipropyl dithio and phosphorus trichloride as initial raw materials, S-n-proply phosphoryl dichloride is synthesized and reacted with ethanol to obtain O-ethyl-S-n-propyl-phosphoryl chloride; the line is short and the raw material is easy to get with less wastewater, and the method is suitable for industrialization.

The invention provides a data encryption method and device based on an encryption algorithm and computer equipment, and the method comprises the steps: carrying out the encryption of a file through anAES encryption algorithm and an AES secret key, and obtaining a file ciphertext; encrypting the secret key of the AES through the public key of the RSA to obtain a secret key ciphertext; storing thepublic key and the private key of the RSA into a KeyStore file of a management tool of the Java data certificate, wherein the KeyStore file generates a KeyStore password; storing the file ciphertext,the key ciphertext and the KeyStore password into an SO dynamic library; and performing code obfuscation on Java program codes used in the encryption process through a ProGuard code obfuscation tool.The method has the beneficial effects that the RSA private key is stored by using the KeyStore key, so that the RSA private key is safer and cannot be violently cracked. And the SO dynamic inventory KeyStore password and the encrypted ciphertext of the RSA are used, so that the KeyStore password and the encrypted ciphertext of the RSA are more difficult to analyze and obtain. Code obfuscation is carried out by using a ProGuard tool, so that the code implementation process cannot be effectively decompiled.

The invention discloses a method for realizing secure transmission of data based on a national cryptographic SM2-SM3-SM4 algorithm, which comprises the following steps of: adding the SM2-SM3-SM4 national cryptographic algorithm in a cipher.c cryptographic algorithm file in an OpenSSH (Open Secure Shell) source code, modifying the cipher.c cryptographic algorithm file in the OpenSSH source code, and generating a session key and a session ID (Identity); carrying out identity authentication on the OpenSSH client; establishing an encryption tunnel, the OpenSSH client and the OpenSSH server starting to communicate, and the integrity of data transmission between the OpenSSH client and the OpenSSH server being verified through a digest algorithm; and session data transmission between the OpenSSH client side and the OpenSSH server side being encrypted. According to the method, the source codes of the OpenSSH client side and the OpenSSH server side are modified, the adaptation of the SM2-SM3-SM4 cryptographic algorithm is increased, a safer mechanism is adopted, the information encryption calculation amount and complexity are improved, and an encryption communication tunnel is established, so that the attack on the block cipher algorithm can be effectively resisted when the OpenSSH client side accesses the OpenSSH server side.

The invention discloses a commodity anti-counterfeiting code generation and verification method, and the method comprises the steps: distributing one to three ID codes of different anti-counterfeitingcode types to each commodity, enabling the ID codes to be composed of codes of the anti-counterfeiting code types, manufacturer identification codes and commodity codes, and enabling the anti-counterfeiting code types to comprise a plain code, a secret code and an internal code; and allocating a verification password corresponding to each ID code, wherein the verification password is a characterstring formed by encrypting the ID code or a character string formed by combining and encrypting the ID code, the production time of the ID code and at least one random value. The commodity anti-counterfeiting code verification method comprises the following steps: receiving anti-counterfeiting code information, wherein the anti-counterfeiting code information comprises the ID code and the verification password; and judging whether the anti-counterfeiting code type of the ID code is a plain code, a secret code or an internal code. According to the commodity anti-counterfeiting code generationand verification method, commodity anti-counterfeiting is safer and more reliable.

The invention discloses an encryption communication method and system of an Arm architecture application processor. The method comprises: an application operating system being made to run at a first-level exception level of the application processor; a microkernel system which at least performs memory allocation management and control running in a second-level exception level, higher than the first-level exception level, of the application processor, wherein the microkernel system divides a memory into a first memory area and a second memory area; the microkernel system enabling the application operating system to only read and write the first memory area, the communication chip only reading and writing the second memory area, and performing reading and writing between the first memory area and the second memory area through a hardware encryption module arranged outside the application processor. According to the invention, the risk that encryption is bypassed can be greatly reduced, so that communication is safer.

The invention relates to a split binary data encryption method, which solves the problem that the development of the information communication industry is restricted due to the fact that the space occupied by encrypted binary data is increased or the encrypted binary data is easy to crack. According to the method, binary data is encrypted in a split mode, the space occupied by original data is notincreased any more except a small number of simple keys after data encryption, and the encrypted data and the original data have no logical relation, so that the purpose of safer data transmission and storage is achieved.

The invention provides a working key generation method and device and a computer readable storage medium, and belongs to the technical field of information security. The method comprises the following steps: the terminal receiving an operation instruction sent by an upper computer, obtaining a working key purpose and a working key algorithm according to the operation instruction, setting the working key purpose as a first purpose by the terminal, generating derived data according to the first purpose, a master key identifier, a first numerical value and a master key algorithm, determining the length of a working key according to the working key algorithm, obtaining data in a working key buffer area as a key, generating the working key according with the length of the working key according to the key and the derived data, executing corresponding operation according to the operation instruction and the working key, and returning an operation result to the upper computer. Compared with an encryption scheme in the prior art, the method provided by the invention is safer and wider in application range.

The invention relates to a glyoxylic acid production process, in particular to a glyoxylic acid continuous oxidation process, and belongs to the technical field of chemical synthesis. The process comprises the following steps: fully and evenly mixing glyoxal, a cocatalyst and an initiator which are accurately measured to obtain a mixture A; after preheating by a preheater, feeding the mixture A into an initiation kettle for reaction with nitric acid to obtain a reaction solution; then feeding the reaction solution into a first oxidation kettle, a second oxidation kettle and a thermal insulation kettle which are connected in series sequentially to complete oxidation reaction; after cooling by a cooler, obtaining an oxidation solution, and performing concentration dehydration, crystallization for oxalic acid removal and dechlorination to obtain teh glyoxylic acid finished product, wherein the molar ratio of glyoxal, nitric acid, the cocatalyst and the initiator is 1:0.3-0.4:0.2-0.3:0.01-00.2. The process is safer and more efficient, can reduce the production cost and improve stability of product quality, and is an industrial glyoxylic acid production process which is easy to operatecontinuously.

The invention discloses a security cloud audit method and a security cloud audit system with updatable verification label, comprising the following steps: 1, initializing; 2, updating the key; 3, verifying the update of the tag; 4, verifying the generation of the tag; 5, generating evidence; 6: auditing. The invention can effectively protect the audit key of the user and the file saved by the useron the cloud server, thereby making the audit key and the file of the user more secure.

The invention provides a container image data management method, device and system. The method comprises the steps of acquiring an image data scheduling request; sending a first test request to at least two data management servers simultaneously according to the image data scheduling request; acquiring first test result information fed back by a running server; according to the first test result information, determining a first target data management server; and sending the image data scheduling request to the first target data management server, so as to enable the first target data management server to respond to the image data scheduling request. According to the method, at least two data management servers are adopted for storing image data for backup, so that the image data is safer.In the prior art, only one data management server is adopted, once image data fails, containers corresponding to the image data cannot be created. The invention solves the problem in the prior art.