CN1592197A - Method of identification between user device and local client use or remote-network service - Google Patents

Method of identification between user device and local client use or remote-network service Download PDF

Info

Publication number
CN1592197A
CN1592197A CN 03156489 CN03156489A CN1592197A CN 1592197 A CN1592197 A CN 1592197A CN 03156489 CN03156489 CN 03156489 CN 03156489 A CN03156489 A CN 03156489A CN 1592197 A CN1592197 A CN 1592197A
Authority
CN
China
Prior art keywords
authentication
service
access equipment
ustomer premises
premises access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 03156489
Other languages
Chinese (zh)
Other versions
CN100426719C (en
Inventor
施宣明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Maishiya (Beijing) Science and Technology Co., Ltd.
Original Assignee
TAIJUN INDUSTRY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TAIJUN INDUSTRY Co Ltd filed Critical TAIJUN INDUSTRY Co Ltd
Priority to CNB031564895A priority Critical patent/CN100426719C/en
Publication of CN1592197A publication Critical patent/CN1592197A/en
Application granted granted Critical
Publication of CN100426719C publication Critical patent/CN100426719C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Abstract

This invention provides a method for authenticating authority limitation between a user end device and local customer end application /remote network service which sets certification information and safety unit interfaces in user end device, sets path certification documents and access safety unit interface matched to the certification information, the safety interface is the specific protocol for their communication, when a user needs an application or service, the safety unit interface sends the two certification documents to a certifying unit for authentication, the authenticated user end devices can get the software service or service, if not, it is refused.

Description

The method of authentication between ustomer premises access equipment and local client application or telecommunication network service
Technical field
The present invention relates to field of computer technology, specifically, relate to that ustomer premises access equipment and local client are used or the telecommunication network service between the method for authentication, especially realize based on the software and hardware combining mode at user side and the client application service between the method for authentication.
Background technology
The continuous development of application software and network service will cause the information interaction between user and the application service.This information interaction can not be unconfined, must be to carry out under security mechanism.On the one hand, need know which user has the right to use which application or service; On the other hand, the user also needs to know which part personal information which application or service can calling parties.
In information interactive process, bipartite authentication of user and application service and authentication had certain methods to realize, but all there are the defective of self in these methods.The technology of soft encryption for example; be not rely on hard-wired especially resist technology to software; mainly contain cipher code method, computer hardware check addition, key floppy disc method; the defective of these class methods is relatively easy crack of encryption method; its verification condition is changeless in addition; in case be cracked, with rapid spread.Based on software publishing and network service demands of applications, have to take widely this technology, but how-do-you-do usually appears in this encrypted authentication method at present, be difficult to realize such as purposes such as copyright protections.For specific application, can also adopt the hardware encryption technology, hardware encipher dog for example, the shortcoming of this mode is: a hardware can only be protected at an application service, and is limited in using on a certain fixing local terminal or the remote server.The hardware encryption mode of so too " fixing ", though fail safe is higher, but flexibility, universality and mobility are relatively poor, can not satisfy far away and be authorized to general mandate and the mobile requirement used of user for different application, different local terminal or remote service in the actual conditions.
Summary of the invention
The object of the present invention is to provide the method for authentication between application of a kind of ustomer premises access equipment and local client or telecommunication network service, realize the authentication of user, and the user is to the authentication of the rights of using of network service the client application rights of using of mandate.
A further object of the present invention is to provide the method for authentication between a kind of ustomer premises access equipment and local client application or telecommunication network service, realizes client application or the network service authentication to user's access rights.
Another object of the present invention is to provide a kind of ustomer premises access equipment and local client use or the telecommunication network service between the method for authentication, can finish the authentication of user between serving with a plurality of client application or network by same hardware device.
Another purpose of the present invention is to provide the method for authentication between a kind of ustomer premises access equipment and local client application or telecommunication network service, ustomer premises access equipment and local client are used or authentication condition can be dynamically changed, be controlled in the telecommunication network service as required, ensure data security neatly.
For this reason, the present invention is achieved through the following technical solutions above-mentioned purpose: authentication information and security mechanism interface are set in ustomer premises access equipment, are provided with in using or serving and the authentication document of described authentication information coupling and the path of access security mechanism interface; The security mechanism interface is the specific protocol of both communication, when user's request application or service, by the security mechanism interface that is provided with between ustomer premises access equipment and application or the service, hand over authentication mechanism to carry out authentication both authentication documents, the ustomer premises access equipment that authentication is passed through can obtain software application or service; Do not pass through, then refuse this user.
Hardware device stores, leading subscriber and client application or the network service required interactive information of the present invention by having security mechanism; realize that information security is deposited, information management and information security be mutual, thereby derive: hardware device identification, subscriber authentication, user authority management, user data are shared, secure data is deposited and a series of functions such as management, software copyright protection, customized application service.
Description of drawings
Fig. 1 is the structural representation of authentication system of the present invention;
Fig. 2 is the schematic flow sheet of authentication content of the present invention;
Fig. 3 is the flow chart of authentication of the present invention and visit.
Embodiment
Below with reference to the accompanying drawings and embodiment, technical scheme of the present invention is described in further detail.
Referring to Fig. 1, the authentication mechanism between user that the present invention combines for a kind of hardware and software and client application or the network service.By the security mechanism of setting up in the hardware device; the authentication document (AKF) that authorized client is used or network is served; the security mechanism interface of following; to carrying out the authentication system of authentication between hardware device and the software application service; can realize the authentication between the service of user and client application or network; the realization information security is deposited; information management and information security are mutual, thereby derive: hardware device identification; subscriber authentication; user authority management; user data is shared; secure data is deposited and is managed; software copyright protection; a series of functions such as customized application service.
As shown in Figure 2, method of the present invention comprises the content of 3 aspects:
The first, the hardware device that has security mechanism.This equipment has the algorithm of safe enciphered data space, encryption and authentication, the authentication information of self and characteristic information.This equipment can be embodied in different electronic products, as: USB flash memory, keyboard fetch equipment, MP3 fetch equipment, PDA fetch equipment, STB fetch equipment, disk fetch equipment, intelligent PDA fetch equipment, data bank, e-book, multifunction wireless equipment E-phone, digital camera, recording pen etc.
The second, follow the application or the service of security mechanism interface.These application and service all have authentication document, and by set security mechanism interface accessing hardware device.
Three, authentication system.Authentication system is finished the process of authentication, is used for the mutual authentication that hardware device and application service both sides carry out legitimacy and authority.Authentication system can be realized by the IC of hardware device, also can realize by software mode, and also can be the combination of the two.
When using or service when needing access hardware devices, its concise and to the point process is as follows:
Use or service transmission access request, simultaneously authentication document is submitted to authentication system;
Authentication system is obtained the authentication document of using or serving, and obtains the authentication information and the characteristic information of hardware device self simultaneously;
Whether authentication system authenticates this hardware device and has the right to use this application or service, as haves no right, and returns error message, stops visit; Otherwise, continue;
Authentication system authenticates this application or whether service has the right to visit this hardware device, as haves no right, and returns error message, stops visit; Otherwise, continue;
Authentication system authenticates effective visit information of this hardware device (useful space, size or the like) this application or service;
After authentication was passed through, this application or service were by set security mechanism interface accessing hardware device.
Referring to Fig. 3, user's hardware device of the present invention has security mechanism structure and characteristics again.The hardware device chip has the characteristic information of this equipment, comprises the sign of unique device id number and device type.Hardware device comprises MP3, the PDA data bank, and digital camera, types such as recording pen, each type is subdivided into different models, different manufacturers again, and the movable storage device with same model, same manufacturer is same classification.In user's hardware device, have the key list that adds, deciphers, be used for the information of safety encipher data area stores is added, deciphers, also have the functional module of execution information encryption and decryption.Carry out encrypting and decrypting for information, can utilize the mode of software or hardware independence or combination to realize.Above-mentioned encrypting and decrypting algorithm can be qualified any algorithm, and for example DES algorithm, RSA Algorithm, and user's hardware device also has the Management Information Base collection are used to realize the verification process between hardware device and application or the service.
Be provided with the safety encipher data field of a constant volume in user's hardware device.In this data field, the authentication information that has this hardware device, these information are set of a services package, the content of each services package comprises: effective marker, be used to indicate whether this type of service is unlocked, the authentication document of which classification be can accept by indicating this hardware device, application or service which classification this hardware device can use just indicated; Effective time, be used to indicate this type of service effectively by the time.
If the data in the access security encrypted data region are necessary by certificate verification, and can only conduct interviews by the security mechanism interface.
The present invention on the other hand, the application of mandate or service can be client application, also can be that the network service of far-end is used, this local client or telecommunication network can call the security mechanism interface, and have authentication document.This authentication document is issued when authorizing, and application that each is authorized to or service all have the authentication document of oneself.This authentication document comprises: the authentication document version is used to write down the version information of authentication document; The effective coverage title is used for indicating the application of mandate or the zone that service can be visited in hardware device safety encipher data field; Effective coverage length is used for indicating the application of mandate or the length in the zone that service can be visited in hardware device safety encipher data field.Above-mentioned authentication document also comprises the string of maintaining secrecy, and is used for authentication certificate owner's legitimacy; Valid expiration date, be used to limit effective time of this certificate; Service type is used to indicate the COS of this authentication document correspondence; Using method is used to formulate the access mode to the effective coverage, as uses which key to carry out encryption and decryption; The authentication document deletion is used to delete this authentication document.
Authentication system of the present invention obtains the authentication information of hardware from hardware device, obtains authentication document from application or the service center of authorizing, as the foundation of carrying out authentication.Authentication system can utilize hardware device IC with authentication mechanism algorithm and/or the authentication mechanism algorithm realized of software hardware identification information and authentication document are authenticated.
Particularly, step of the present invention is:
At first, set authentication information, just services package information for each hardware device.Each hardware device all carries out the setting of authentication information when dispatching from the factory, authentication information can also be made amendment by the mode of software or network remote control.
Secondly, service or the specific AKF authentication document of application generation for each mandate consign to the user by issuing channel.The AKF authentication document has valid expiration date, needs periodic replacement.
When the service of authorizing or use when wanting access hardware devices information, send access request, simultaneously the AKF file is submitted to authentication system.Read the authentication information of hardware at this moment by authentication system, just services package information.
Authentication system verifies at first whether this hardware device has authority to use this application or service, and promptly whether the user of this hardware device has authority to use this application or service.Specifically: authentication system reads " service type " in the AKF authentication document, judges whether this " service type " is effective service in the authentication service package informatin of hardware.As not being, prove that this hardware device lack of competence uses this application or service, return error message, finish; In this way, continue.Whether authentication system is judged in the services package information of hardware should " service type " expired.If expired, prove that this hardware device lack of competence uses this application or service, return error message, finish; As not out of date, continue.
Authentication system is analyzed the AKF authentication document then, verifies this application or the service access rights to hardware device information.Specifically: authentication system reads " effective time " in the AKF file, judges whether the AKF file is expired, if expired, returns error message, finishes; As not out of date, continue.Read " string of maintaining secrecy " in the AKF file, judge whether user's identity is legal, as illegal, returns error message, finish; As legal, then continue.Read " effective coverage title " in the AKF file, judge that the user wishes whether the space of visiting is consistent with effective addressing space, as inconsistent, returns error message, finishes; As unanimity, continue.Read " effective coverage size " in the AKF file, judge whether addressing space overflows, as overflow, return error message, finish; As not overflowing, then showing this application or service has authority visit it wants the hardware device information of visiting.Read " using method " in the AKF file at last, obtain the key ID that lecture is used, and by the information on the security mechanism interface accessing hardware device.
Adopt the present invention, realize that the process of two-way authentication is as follows:
Authentication system obtains hardware identification information from hardware device, obtains authentication document from application or the service center of authorizing, as the foundation of authentication.
Wherein, the user device hardware authentication information is the set of a services package, has indicated that this hardware device is to the application of mandate or the rights of using of service.To the authentication of hardware identification information, just to the authentication of hardware device equipment authority.
Authentication document has then indicated the application of authorizing or the service rights of using to hardware device.To the authentication of authentication document, just to the authentication of the authority of the application of authorizing or service.
When adopting the present invention to realize authentication between using of a hardware device and a plurality of service, the user device hardware authentication information is the set of a services package, a plurality of services packages have been comprised, each services package can indicate the rights of using of this hardware device to the application or the service of a certain class authority, so can verify this hardware device and a plurality of service authentication between using by hardware identification information.
The present invention realizes that dynamically the condition of control authentication is: the user device hardware authentication information is to make amendment by the mode of software or network remote control; The AKF authentication document can be changed simultaneously.So both sides' authentication condition all can dynamically be controlled.
It should be noted last that, above embodiment is only unrestricted in order to technical scheme of the present invention to be described, although the present invention is had been described in detail with reference to preferred embodiment, those of ordinary skill in the art is to be understood that, can make amendment or be equal to replacement technical scheme of the present invention, and not breaking away from the spirit and scope of technical solution of the present invention, it all should be encompassed in the middle of the claim scope of the present invention.

Claims (24)

1, the method for authentication between the service of a kind of ustomer premises access equipment and local client application/telecommunication network, it is characterized in that: authentication information and security mechanism interface are set in ustomer premises access equipment, in using or serving, are provided with and the authentication document of authentication information coupling and the path of access security mechanism interface; The security mechanism interface is the specific protocol of both communication, when user's request application or service, by the security mechanism interface that is provided with between ustomer premises access equipment and application or the service, hand over authentication mechanism to carry out authentication both authentication documents, the ustomer premises access equipment that authentication is passed through can obtain software application or service; Do not pass through, then refuse this user.
2, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network, it is characterized in that: ustomer premises access equipment is USB flash memory, keyboard fetch equipment, MP3 fetch equipment, PDA fetch equipment, STB fetch equipment, disk fetch equipment, intelligent PDA fetch equipment, data bank, electronic dictionary, multifunction wireless equipment, digital camera, recording pen.
3, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network, it is characterized in that: the authentication mechanism of realizing authentication process is arranged on ustomer premises access equipment or client, is perhaps undertaken by both combinations.
4, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network, it is characterized in that: it is to be carried out to ustomer premises access equipment by application or service that authentication mechanism carries out authentication, and promptly whether application or service authentication ustomer premises access equipment have rights of using.
5, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network, it is characterized in that: the authentication information that is provided with in the ustomer premises access equipment is the set of services package, is used for authentication between realization and application or the service.
6, the method for authentication between the service of ustomer premises access equipment according to claim 5 and local client application/telecommunication network is characterized in that: described services package set contains one or more services package information.
7, the method for authentication between the service of ustomer premises access equipment according to claim 6 and local client application/telecommunication network, it is characterized in that: described services package information comprises effective marker and/or effective time, and wherein effective marker indicates the rights of using information of ustomer premises access equipment for certain application or service; Indicated the effective time that this type of service is used effective time.
8, the method for authentication between the service of ustomer premises access equipment according to claim 7 and local client application/telecommunication network is characterized in that: services package information can be downloaded by network remote and dynamically update.
9, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network, it is characterized in that: authentication information is set in the ustomer premises access equipment can make amendment by software or network remote control mode.
10, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network is characterized in that: comprise authentication document version, effective coverage title and effective coverage length in the authentication document that application or service are provided with; Described authentication document version is used to write down the version information of authentication document; Described effective coverage title is used for indicating the application of mandate or the zone that service can be visited in hardware device safety encipher data field; Described effective coverage length is used for indicating the application of mandate or the length in the zone that service can be visited in hardware device safety encipher data field.
11, the method for authentication between the service of ustomer premises access equipment according to claim 10 and local client application/telecommunication network is characterized in that: also comprise valid expiration date in the authentication document that application or service are provided with, be used to limit the effective time of certificate.
12, the method for authentication between the service of ustomer premises access equipment according to claim 10 and local client application/telecommunication network, it is characterized in that: also comprise service type in the authentication document that application or service are provided with, be used to indicate the COS of this authentication document correspondence.
13, the method for authentication between the service of ustomer premises access equipment according to claim 10 and local client application/telecommunication network is characterized in that: also comprise the authentication document deletion in the authentication document that application or service are provided with, be used to delete authentication document.
14, the method for authentication between the service of ustomer premises access equipment according to claim 10 and local client application/telecommunication network is characterized in that: also comprise the string of maintaining secrecy in the authentication document that application or service are provided with, be used for certificate of certification owner's legitimacy.
15, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network is characterized in that: generate when the setting of application or service authentication file is obtained or made by network.
16, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network is characterized in that: using or serving is provided by local client or telecommunication network.
17, according to the method for authentication between the service of the arbitrary described ustomer premises access equipment of claim 1 to 16 and local client application/telecommunication network, it is characterized in that: the concrete steps of authentication are between ustomer premises access equipment and application or the service: when service of authorizing or application need calling party end facility information, send access request, simultaneously authentication document is submitted to authentication mechanism; Authentication mechanism reads the authentication information of ustomer premises access equipment, just services package information; Verify whether this ustomer premises access equipment has authority to use this application or service; Authentication mechanism reads " service type " in the authentication document, judges whether this " service type " is effective service in the authentication service package informatin of hardware; As not being, prove that this ustomer premises access equipment lack of competence uses this application or service, return error message, finish; Whether in this way, " service type " is somebody's turn to do in the authentication mechanism judgement in the services package information of hardware expired; If expired, prove that this ustomer premises access equipment lack of competence uses this application or service, return error message, finish; As not out of date, authentication mechanism analysis authentication file is verified this application or the service access rights to hardware information; Read " effective time " in the authentication document, judge whether authentication document is expired; If expired, return error message, finish; As not out of date, read " string of maintaining secrecy " in the authentication document, judge whether user's identity is legal; If illegal, return error message, finish; As legal, then ustomer premises access equipment obtains this application or service.
18, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network is characterized in that: security mechanism is set in the ustomer premises access equipment, realizes the protection of devices encrypt data space by cryptographic algorithm.
19, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network is characterized in that: also be provided with identity information and/or type identification information in the ustomer premises access equipment.
20, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network, it is characterized in that: described authentication mechanism carries out authentication and comprises by ustomer premises access equipment to using or service is carried out, i.e. whether ustomer premises access equipment authentication application or service has rights of using.
21, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network, it is characterized in that: be provided with the secure data storage district in the ustomer premises access equipment, security mechanism is set, comprise built-in key list, be used for the data of encryption and decryption safety encipher data storage area.
22, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network, it is characterized in that: application or service authentication file comprise the authority of device security data storage area visit, valid data zone name or area size are used to limit this application or service and are merely able to visit corresponding data storage area.
23, the method for authentication between the service of ustomer premises access equipment according to claim 1 and local client application/telecommunication network, it is characterized in that: application or service authentication file comprise the equipment using method, be used to formulate access mode for the secure data storage district, obtain corresponding key, realize data encrypting and deciphering.
24, according to the method for authentication between the service of the arbitrary described ustomer premises access equipment of claim 20 to 23 and local client application/telecommunication network, it is characterized in that: ustomer premises access equipment is for using or serving and carry out, be whether ustomer premises access equipment authentication application or service be when having rights of using, authentication mechanism reads " the effective coverage title " in the authentication document, judges that the user wishes whether the space of visiting is consistent with effective addressing space; As inconsistent, return error message, finish; As unanimity, read " effective coverage size " in the authentication document, judge whether addressing space overflows; As overflow, return error message, finish; As not overflowing, this application or service have the authority visit it want the ustomer premises access equipment information of visiting; Read " using method " in the authentication document, obtain the key ID that lecture is used, by the information on the security mechanism interface accessing ustomer premises access equipment.
CNB031564895A 2003-09-01 2003-09-01 Method of identification between user device and local client use or remote-network service Expired - Fee Related CN100426719C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB031564895A CN100426719C (en) 2003-09-01 2003-09-01 Method of identification between user device and local client use or remote-network service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB031564895A CN100426719C (en) 2003-09-01 2003-09-01 Method of identification between user device and local client use or remote-network service

Publications (2)

Publication Number Publication Date
CN1592197A true CN1592197A (en) 2005-03-09
CN100426719C CN100426719C (en) 2008-10-15

Family

ID=34598435

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB031564895A Expired - Fee Related CN100426719C (en) 2003-09-01 2003-09-01 Method of identification between user device and local client use or remote-network service

Country Status (1)

Country Link
CN (1) CN100426719C (en)

Cited By (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100464549C (en) * 2005-10-28 2009-02-25 广东省电信有限公司研究院 Method for realizing data safety storing business
CN101517591A (en) * 2006-09-29 2009-08-26 英特尔公司 Architecture for virtual security module
CN101727274A (en) * 2008-10-16 2010-06-09 埃森哲环球服务有限公司 Method, system and graphical user interface for enabling a user to access enterprise data on a portable electronic device
CN101789968A (en) * 2010-01-08 2010-07-28 深圳市沟通科技有限公司 Safe enterprise mobile working application delivery method
CN1889426B (en) * 2005-06-30 2010-08-25 联想(北京)有限公司 Method and system for realizing network safety storing and accessing
CN101931908A (en) * 2010-07-23 2010-12-29 中兴通讯股份有限公司 Method, device and system for acquiring service by portable equipment
CN101938627A (en) * 2009-06-30 2011-01-05 中兴通讯股份有限公司 System and method for realizing authentication monitoring
CN101127599B (en) * 2006-08-18 2011-05-04 华为技术有限公司 An identity and right authentication method and system and a biological processing unit
USD640976S1 (en) 2008-08-28 2011-07-05 Hewlett-Packard Development Company, L.P. Support structure and/or cradle for a mobile computing device
CN101212489B (en) * 2006-12-27 2011-08-03 财团法人工业技术研究院 Asset management monitoring method and switching device for asset management monitoring
US8234509B2 (en) 2008-09-26 2012-07-31 Hewlett-Packard Development Company, L.P. Portable power supply device for mobile computing devices
US8305741B2 (en) 2009-01-05 2012-11-06 Hewlett-Packard Development Company, L.P. Interior connector scheme for accessorizing a mobile computing device with a removeable housing segment
US8385822B2 (en) 2008-09-26 2013-02-26 Hewlett-Packard Development Company, L.P. Orientation and presence detection for use in configuring operations of computing devices in docked environments
US8395547B2 (en) 2009-08-27 2013-03-12 Hewlett-Packard Development Company, L.P. Location tracking for mobile computing device
US8401469B2 (en) 2008-09-26 2013-03-19 Hewlett-Packard Development Company, L.P. Shield for use with a computing device that receives an inductive signal transmission
US8437695B2 (en) 2009-07-21 2013-05-07 Hewlett-Packard Development Company, L.P. Power bridge circuit for bi-directional inductive signaling
USD687038S1 (en) 2009-11-17 2013-07-30 Palm, Inc. Docking station for a computing device
US8527688B2 (en) 2008-09-26 2013-09-03 Palm, Inc. Extending device functionality amongst inductively linked devices
US8688037B2 (en) 2008-09-26 2014-04-01 Hewlett-Packard Development Company, L.P. Magnetic latching mechanism for use in mating a mobile computing device to an accessory device
US8712324B2 (en) 2008-09-26 2014-04-29 Qualcomm Incorporated Inductive signal transfer system for computing devices
US8755815B2 (en) 2010-08-31 2014-06-17 Qualcomm Incorporated Use of wireless access point ID for position determination
US8850045B2 (en) 2008-09-26 2014-09-30 Qualcomm Incorporated System and method for linking and sharing resources amongst devices
US8868939B2 (en) 2008-09-26 2014-10-21 Qualcomm Incorporated Portable power supply device with outlet connector
US8954001B2 (en) 2009-07-21 2015-02-10 Qualcomm Incorporated Power bridge circuit for bi-directional wireless power transmission
CN104468562A (en) * 2014-12-03 2015-03-25 南京信息工程大学 Portable transparent data safety protection terminal oriented to mobile applications
US9083686B2 (en) 2008-11-12 2015-07-14 Qualcomm Incorporated Protocol for program during startup sequence
CN104809367A (en) * 2014-01-24 2015-07-29 中辉世纪传媒发展有限公司 Digital rights management (DRM) protection method and device for service program
US9097544B2 (en) 2009-08-27 2015-08-04 Qualcomm Incorporated Location tracking for mobile computing device
CN104819097A (en) * 2015-04-03 2015-08-05 北京天诚同创电气有限公司 Protection method and device of programmable logic controller program of wind turbine generator
CN105009131A (en) * 2012-09-22 2015-10-28 谷歌公司 Multi-tiered authentication methods for facilitating communications amongst smart home devices and cloud-based servers
US9201457B1 (en) 2001-05-18 2015-12-01 Qualcomm Incorporated Synchronizing and recharging a connector-less portable computer system
CN105337964A (en) * 2015-09-30 2016-02-17 宇龙计算机通信科技(深圳)有限公司 Data security protection method and device
US9395827B2 (en) 2009-07-21 2016-07-19 Qualcomm Incorporated System for detecting orientation of magnetically coupled devices
CN106575208A (en) * 2014-07-29 2017-04-19 三菱电机株式会社 Display operation system
CN107111630A (en) * 2014-11-05 2017-08-29 谷歌公司 Open locally applied from browser
CN109587107A (en) * 2017-09-28 2019-04-05 通用汽车环球科技运作有限责任公司 Method and apparatus for application authentication
CN110032414A (en) * 2019-03-06 2019-07-19 联想企业解决方案(新加坡)有限公司 Apparatus and method for secure user authentication in remote console mode

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11526698B2 (en) * 2020-06-05 2022-12-13 Adobe Inc. Unified referring video object segmentation network
US11657230B2 (en) 2020-06-12 2023-05-23 Adobe Inc. Referring image segmentation

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6263446B1 (en) * 1997-12-23 2001-07-17 Arcot Systems, Inc. Method and apparatus for secure distribution of authentication credentials to roaming users
CN100463479C (en) * 2001-12-25 2009-02-18 中兴通讯股份有限公司 Wide-band network authentication, authorization and accounting method

Cited By (48)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9201457B1 (en) 2001-05-18 2015-12-01 Qualcomm Incorporated Synchronizing and recharging a connector-less portable computer system
CN1889426B (en) * 2005-06-30 2010-08-25 联想(北京)有限公司 Method and system for realizing network safety storing and accessing
CN100464549C (en) * 2005-10-28 2009-02-25 广东省电信有限公司研究院 Method for realizing data safety storing business
CN101127599B (en) * 2006-08-18 2011-05-04 华为技术有限公司 An identity and right authentication method and system and a biological processing unit
CN101517591A (en) * 2006-09-29 2009-08-26 英特尔公司 Architecture for virtual security module
CN101212489B (en) * 2006-12-27 2011-08-03 财团法人工业技术研究院 Asset management monitoring method and switching device for asset management monitoring
USD640976S1 (en) 2008-08-28 2011-07-05 Hewlett-Packard Development Company, L.P. Support structure and/or cradle for a mobile computing device
US8850045B2 (en) 2008-09-26 2014-09-30 Qualcomm Incorporated System and method for linking and sharing resources amongst devices
US8527688B2 (en) 2008-09-26 2013-09-03 Palm, Inc. Extending device functionality amongst inductively linked devices
US8868939B2 (en) 2008-09-26 2014-10-21 Qualcomm Incorporated Portable power supply device with outlet connector
US8234509B2 (en) 2008-09-26 2012-07-31 Hewlett-Packard Development Company, L.P. Portable power supply device for mobile computing devices
US8385822B2 (en) 2008-09-26 2013-02-26 Hewlett-Packard Development Company, L.P. Orientation and presence detection for use in configuring operations of computing devices in docked environments
US8401469B2 (en) 2008-09-26 2013-03-19 Hewlett-Packard Development Company, L.P. Shield for use with a computing device that receives an inductive signal transmission
US8712324B2 (en) 2008-09-26 2014-04-29 Qualcomm Incorporated Inductive signal transfer system for computing devices
US8688037B2 (en) 2008-09-26 2014-04-01 Hewlett-Packard Development Company, L.P. Magnetic latching mechanism for use in mating a mobile computing device to an accessory device
CN101727274B (en) * 2008-10-16 2014-10-15 埃森哲环球服务有限公司 Method, system and graphical user interface for enabling a user to access enterprise data on a portable electronic device
CN101727274A (en) * 2008-10-16 2010-06-09 埃森哲环球服务有限公司 Method, system and graphical user interface for enabling a user to access enterprise data on a portable electronic device
US9083686B2 (en) 2008-11-12 2015-07-14 Qualcomm Incorporated Protocol for program during startup sequence
US8305741B2 (en) 2009-01-05 2012-11-06 Hewlett-Packard Development Company, L.P. Interior connector scheme for accessorizing a mobile computing device with a removeable housing segment
CN101938627B (en) * 2009-06-30 2014-03-19 中兴通讯股份有限公司 System and method for realizing authentication monitoring
CN101938627A (en) * 2009-06-30 2011-01-05 中兴通讯股份有限公司 System and method for realizing authentication monitoring
US8954001B2 (en) 2009-07-21 2015-02-10 Qualcomm Incorporated Power bridge circuit for bi-directional wireless power transmission
US8437695B2 (en) 2009-07-21 2013-05-07 Hewlett-Packard Development Company, L.P. Power bridge circuit for bi-directional inductive signaling
US9395827B2 (en) 2009-07-21 2016-07-19 Qualcomm Incorporated System for detecting orientation of magnetically coupled devices
US9097544B2 (en) 2009-08-27 2015-08-04 Qualcomm Incorporated Location tracking for mobile computing device
US8395547B2 (en) 2009-08-27 2013-03-12 Hewlett-Packard Development Company, L.P. Location tracking for mobile computing device
USD687038S1 (en) 2009-11-17 2013-07-30 Palm, Inc. Docking station for a computing device
CN101789968B (en) * 2010-01-08 2013-06-05 深圳市沟通科技有限公司 Safe enterprise mobile working application delivery method
CN101789968A (en) * 2010-01-08 2010-07-28 深圳市沟通科技有限公司 Safe enterprise mobile working application delivery method
CN101931908B (en) * 2010-07-23 2014-06-11 中兴通讯股份有限公司 Method, device and system for acquiring service by portable equipment
CN101931908A (en) * 2010-07-23 2010-12-29 中兴通讯股份有限公司 Method, device and system for acquiring service by portable equipment
WO2012009922A1 (en) * 2010-07-23 2012-01-26 中兴通讯股份有限公司 Method, apparatus and system for obtaining traffic service by portable device
US8522046B2 (en) 2010-07-23 2013-08-27 Zte Corporation Method, apparatus and system for acquiring service by portable device
US9191781B2 (en) 2010-08-31 2015-11-17 Qualcomm Incorporated Use of wireless access point ID for position determination
US8755815B2 (en) 2010-08-31 2014-06-17 Qualcomm Incorporated Use of wireless access point ID for position determination
CN105009131A (en) * 2012-09-22 2015-10-28 谷歌公司 Multi-tiered authentication methods for facilitating communications amongst smart home devices and cloud-based servers
CN105009131B (en) * 2012-09-22 2018-09-21 谷歌有限责任公司 Promote the multilayer authentication method communicated between intelligent home equipment and server based on cloud
CN104809367A (en) * 2014-01-24 2015-07-29 中辉世纪传媒发展有限公司 Digital rights management (DRM) protection method and device for service program
CN106575208A (en) * 2014-07-29 2017-04-19 三菱电机株式会社 Display operation system
US10999354B2 (en) 2014-11-05 2021-05-04 Google Llc Opening local applications from browsers
CN107111630A (en) * 2014-11-05 2017-08-29 谷歌公司 Open locally applied from browser
CN104468562A (en) * 2014-12-03 2015-03-25 南京信息工程大学 Portable transparent data safety protection terminal oriented to mobile applications
CN104468562B (en) * 2014-12-03 2017-12-15 南京信息工程大学 A kind of data security protecting portable terminal transparent towards Mobile solution
CN104819097A (en) * 2015-04-03 2015-08-05 北京天诚同创电气有限公司 Protection method and device of programmable logic controller program of wind turbine generator
CN105337964B (en) * 2015-09-30 2019-06-11 宇龙计算机通信科技(深圳)有限公司 The guard method of data safety and device
CN105337964A (en) * 2015-09-30 2016-02-17 宇龙计算机通信科技(深圳)有限公司 Data security protection method and device
CN109587107A (en) * 2017-09-28 2019-04-05 通用汽车环球科技运作有限责任公司 Method and apparatus for application authentication
CN110032414A (en) * 2019-03-06 2019-07-19 联想企业解决方案(新加坡)有限公司 Apparatus and method for secure user authentication in remote console mode

Also Published As

Publication number Publication date
CN100426719C (en) 2008-10-15

Similar Documents

Publication Publication Date Title
CN100426719C (en) Method of identification between user device and local client use or remote-network service
CN111783075B (en) Authority management method, device and medium based on secret key and electronic equipment
US8402508B2 (en) Delegated authentication for web services
CN102217277B (en) Method and system for token-based authentication
AU2004200468B2 (en) A method, system and computer-readable storage for a licensor to issue a digital license to a requestor
CN1224213C (en) Method for issuing an electronic identity
US7503074B2 (en) System and method for enforcing location privacy using rights management
AU2004200471B2 (en) Publishing digital content within a defined universe such as an organization in accordance with a digital rights management (DRM) system
US6976162B1 (en) Platform and method for establishing provable identities while maintaining privacy
CN100504819C (en) Access authentication method, information processing unit and detachable recording device
EP1460511B1 (en) Reviewing cached user-group information in connection with issuing a digital rights management (DRM) license for content
US20050137889A1 (en) Remotely binding data to a user device
US20030217264A1 (en) System and method for providing a secure environment during the use of electronic documents and data
US20020178370A1 (en) Method and apparatus for secure authentication and sensitive data management
CN1991856A (en) Locking applications for specially marked content
CN1708941A (en) Digital-rights management system
CN1714529A (en) Domain-based digital-rights management system with easy and secure device enrollment
KR20030036787A (en) System for establishing an audit trail to protect objects distributed over a network
JP2004530222A (en) Method and apparatus for supporting multiple zones of trust in a digital rights management system
KR20030036788A (en) System for protecting objects distributed over a network
CN1934821A (en) Authentication between device and portable storage
CN1973518A (en) Authentication of untrusted gateway without disclosure of private information
CN106533693B (en) Access method and device of railway vehicle monitoring and overhauling system
WO2007086015A2 (en) Secure transfer of content ownership
US20050138400A1 (en) Digital content protection method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: TAIJUN TECHNOLOGY(SHENZHEN) LTD.

Free format text: FORMER OWNER: TAIJUN INDUSTRIAL CO., LTD.

Effective date: 20050422

C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20050422

Address after: 518106, No. 23, third industrial zone, down village, Gongming Town, Shenzhen, Guangdong, Baoan District

Applicant after: Taijun Science and Technology (Shenzhen) Co., Ltd.

Address before: Taoyuan County of Taiwan province Zhongli City Ring Road No. 400 10F 7

Applicant before: Taijun Industry Co., Ltd.

C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: MAISHIYA (BEIJING) SCIENCE AND TECHNOLOGY CO., LTD

Free format text: FORMER OWNER: TAI GUEN TECHNOLOGY (SHENZHEN) CO., LTD.

Effective date: 20150107

C41 Transfer of patent application or patent right or utility model
COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 518106 SHENZHEN, GUANGDONG PROVINCE TO: 100086 HAIDIAN, BEIJING

TR01 Transfer of patent right

Effective date of registration: 20150107

Address after: 100086, 23 floor, block B, digital building, No. 2 South Avenue, Beijing, Haidian District, Zhongguancun

Patentee after: Maishiya (Beijing) Science and Technology Co., Ltd.

Address before: 518106, No. 23, third industrial zone, down village, Gongming Town, Shenzhen, Guangdong, Baoan District

Patentee before: Taiguen Technology (Shenzhen) Co., Ltd.

CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20081015

Termination date: 20150901

EXPY Termination of patent right or utility model