[go: up one dir, main page]

CN107979813A - A kind of trustworthy location operation management method - Google Patents

A kind of trustworthy location operation management method Download PDF

Info

Publication number
CN107979813A
CN107979813A CN201711214443.0A CN201711214443A CN107979813A CN 107979813 A CN107979813 A CN 107979813A CN 201711214443 A CN201711214443 A CN 201711214443A CN 107979813 A CN107979813 A CN 107979813A
Authority
CN
China
Prior art keywords
location
trusted
trusted location
management platform
management method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711214443.0A
Other languages
Chinese (zh)
Inventor
刘显明
江虹
李彬
鄂驰
陈雪莲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Information And Communication Branch Of Jiangxi Electric Power Co Ltd
State Grid Corp of China SGCC
Original Assignee
Information And Communication Branch Of Jiangxi Electric Power Co Ltd
State Grid Corp of China SGCC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Information And Communication Branch Of Jiangxi Electric Power Co Ltd, State Grid Corp of China SGCC filed Critical Information And Communication Branch Of Jiangxi Electric Power Co Ltd
Priority to CN201711214443.0A priority Critical patent/CN107979813A/en
Publication of CN107979813A publication Critical patent/CN107979813A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/02Reservations, e.g. for tickets, services or events
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0283Price estimation or determination
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0645Rental transactions; Leasing transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Development Economics (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Tourism & Hospitality (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Operations Research (AREA)
  • Human Resources & Organizations (AREA)
  • Game Theory and Decision Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明提供了一种可信位置运营管理方法,包括可信位置生成装置、可信位置运营管理平台、可信位置使用装置和可信位置用户。本发明的可信位置生成装置以可信硬件芯片为可信根节点生成可信位置,并提供给可信位置管理平台;由可信位置运营管理平台生成信任链,并对外发布可信位置及收费标准;可信位置使用装置读取并验证可信位置管理平台发布的可信位置;可信位置用户通过可信位置使用装置获得可信位置。因此,本发明在现有基于位置服务技术框架基础上增加了可信位置,可以避免位置伪装带来的危害,并且可以对可信位置的使用进行计价、收费等操作,实现可信位置的安全有效运营。

The invention provides a trusted location operation management method, which includes a trusted location generating device, a trusted location operation management platform, a trusted location using device and a trusted location user. The trusted location generating device of the present invention uses a trusted hardware chip as a trusted root node to generate a trusted location, and provides it to the trusted location management platform; the trusted location operation management platform generates a trust chain, and releases the trusted location and Charging standards; the trusted location using device reads and verifies the trusted location released by the trusted location management platform; the trusted location user obtains the trusted location through the trusted location using device. Therefore, the present invention adds a trusted location on the basis of the existing location-based service technology framework, which can avoid the harm caused by location masquerade, and can perform operations such as pricing and charging for the use of the trusted location, and realize the security of the trusted location. Operate effectively.

Description

一种可信位置运营管理方法A trusted location operation management method

技术领域technical field

本发明涉及计算机领域,特别是涉及一种可信位置运营管理方法。The invention relates to the field of computers, in particular to a trusted location operation management method.

背景技术Background technique

位置服务指提供物体地理位置信息的服务,早期主要用于提高紧急情况下迅速定位求救者的场景。在移动互联网发展过程中产生了大量新型的应用,这些应用与终端的可移动、可定位和随身携带等特性相结合,为用户提供个性化的、位置相关的服务。目前的学术界的研究领域更多地集中在用户个性化行为及群体智能等方面。随着移动互联网和位置服务技术的发展和融合,在产业界已经有了许多基于位置服务的商业化产品,例如,车载导航软硬件、微信、电话手表等。但是位置伪装技术的不断发展,位置信息的不可信性极大阻碍了基于位置服务技术的进一步商用化。随着物联网的发展,万物互联的需求使得位置信息的可信性提升成为一个必须解决的问题。并且,位置使用的计费、收费等需求也没有充分考虑。Location services refer to services that provide geographical location information of objects. In the early days, they were mainly used to improve the scene of quickly locating rescuers in emergency situations. A large number of new applications have emerged during the development of the mobile Internet. These applications are combined with the mobile, locatable and portable characteristics of the terminal to provide users with personalized and location-related services. The current academic research fields are more focused on the user's personalized behavior and group intelligence. With the development and integration of mobile Internet and location-based service technology, there have been many commercialized products based on location-based services in the industry, such as car navigation software and hardware, WeChat, phone watches, etc. However, the continuous development of location camouflage technology and the unreliability of location information have greatly hindered the further commercialization of location-based service technology. With the development of the Internet of Things, the demand for the Internet of Everything makes the improvement of the credibility of location information a problem that must be solved. Moreover, the billing and charging requirements of location usage are not fully considered.

发明内容Contents of the invention

本发明在现有基于位置服务技术框架基础上增加了可信位置,可以避免位置伪装带来的危害,并且可以对可信位置的使用进行计价、收费等操作,实现可信位置的安全有效运营。The invention adds a trusted location on the basis of the existing location-based service technology framework, which can avoid the harm caused by location masquerade, and can perform operations such as pricing and charging for the use of the trusted location, and realize safe and effective operation of the trusted location .

本发明解决其技术问题所采用的技术方案是:The technical solution adopted by the present invention to solve its technical problems is:

一种可信位置运营管理方法,包括可信位置生成装置、可信位置运营管理平台、可信位置使用装置和可信位置用户。本发明的可信位置生成装置以可信硬件芯片为可信根节点生成可信位置,并提供给可信位置管理平台;由可信位置运营管理平台生成信任链,并对外发布可信位置及收费标准;可信位置使用装置读取并验证可信位置管理平台发布的可信位置;可信位置用户通过可信位置使用装置获得可信位置。A trusted location operation management method includes a trusted location generating device, a trusted location operation management platform, a trusted location using device and a trusted location user. The trusted location generating device of the present invention uses a trusted hardware chip as a trusted root node to generate a trusted location, and provides it to the trusted location management platform; the trusted location operation management platform generates a trust chain, and releases the trusted location and Charging standards; the trusted location using device reads and verifies the trusted location released by the trusted location management platform; the trusted location user obtains the trusted location through the trusted location using device.

可信位置管理平台,对不同制造商、不同运营商的可信位置生成装置进行统一接入;对不同制造商、不同运营商的可信位置使用装置进行统一接入;对可信位置的提供进行定价,对可信位置的使用进行计费;The trusted location management platform provides unified access to trusted location generation devices of different manufacturers and different operators; unified access to trusted location use devices of different manufacturers and different operators; provides trusted location Pricing and billing for use of trusted locations;

在上述任意实施例的基础上,进一步地,所述可信位置信息包括基础位置信息和附加可信位置信息,其中,所述基础位置信息为当前地理位置信息,所述附加可信位置信息为所述可信硬件芯片根据预置算法生成的计算结果值;On the basis of any of the above embodiments, further, the trusted location information includes basic location information and additional trusted location information, wherein the basic location information is current geographic location information, and the additional trusted location information is The calculation result value generated by the trusted hardware chip according to a preset algorithm;

在此基础上,进一步地,所述可信位置生成装置为第一次使用输入位置坐标后即不可随意更改,用于确保位置的唯一性,在装置中内置检测软件,装置移动则启动位置失效算法。On this basis, further, the trusted position generation device cannot be changed at will after the input position coordinates are used for the first time, and is used to ensure the uniqueness of the position. The detection software is built in the device, and the position will be invalidated when the device moves. algorithm.

在上述任意实施例的基础上,进一步地,一个应用对应于一个可信位置使用装置,一个应用将该位置能进行的用户、时间点、操作发送给可信位置运营管理平台,并生成白名单信任链。On the basis of any of the above embodiments, further, an application corresponds to a device using a trusted location, and an application sends the users, time points, and operations that can be performed at the location to the trusted location operation and management platform, and generates a whitelist chain of trust.

在上述任意实施例的基础上,进一步地,可信位置使用装置将可信位置使用密钥发送给可信位置用户。On the basis of any of the above embodiments, further, the trusted location usage device sends the trusted location usage key to the trusted location user.

在上述任意实施例的基础上,进一步地,可信位置用户将位置使用密钥发送给可信位置生成装置,并建立与可信位置的连接。On the basis of any of the above embodiments, further, the trusted location user sends the location usage key to the trusted location generation device, and establishes a connection with the trusted location.

本发明的有益效果是:The beneficial effects of the present invention are:

本发明在现有基于位置服务技术框架基础上增加了可信位置,可以避免位置伪装带来的危害,并且可以对可信位置的使用进行计价、收费等操作,实现可信位置的有效运营。通过使用本发明提供的可信位置,可以实现一个应用的一个功能只能在一个可信位置由一个用户以一个预约价格进行使用。这不但提高了位置服务的安全性,同时也提供了一种可信位置的运营手段。综上所述,本发明具有安全性和经济性好的特点。The present invention adds a trusted location on the basis of the existing location-based service technology framework, which can avoid the harm caused by location masquerade, and can perform operations such as pricing and charging for the use of the trusted location, so as to realize the effective operation of the trusted location. By using the trusted location provided by the present invention, it can be realized that one function of one application can only be used by one user at one reserved price at one trusted location. This not only improves the security of location services, but also provides a means of operating trusted locations. In summary, the present invention has the characteristics of good safety and economy.

上述说明仅是本发明技术方案的概述,为了能够更清楚了解本发明的技术手段,并可依照说明书的内容予以实施,以下以本发明的较佳实施例并配合附图详细说明如后。The above description is only an overview of the technical solutions of the present invention. In order to understand the technical means of the present invention more clearly and implement them according to the contents of the description, the preferred embodiments of the present invention and accompanying drawings are described in detail below.

附图说明Description of drawings

通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的,而并不认为是对本发明的限制。而且在整个附图中,用相同的参考符号表示相同的部件。在附图中:Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiment. The drawings are only for the purpose of illustrating a preferred embodiment and are not to be considered as limiting the invention. Also throughout the drawings, the same reference numerals are used to designate the same parts. In the attached picture:

图1示出了本发明实施例一提供的一种可信位置运营管理方法的示意图;Fig. 1 shows a schematic diagram of a trusted location operation management method provided by Embodiment 1 of the present invention;

图2示出了本发明实施例一提供的一种可信位置运营管理方法的具体案例示意图。Fig. 2 shows a schematic diagram of a specific case of a trusted location operation management method provided by Embodiment 1 of the present invention.

具体实施方式Detailed ways

为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

本发明实施例提供了一种可信位置运营管理方法,包括可信位置生成装置、可信位置运营管理平台、可信位置使用装置和可信位置用户。本发明实施例的技术效果是这样实现的:An embodiment of the present invention provides a trusted location operation management method, including a trusted location generating device, a trusted location operation management platform, a trusted location using device, and a trusted location user. The technical effect of the embodiment of the present invention is achieved like this:

如图1所示:在S101中,可信位置生成装置以可信硬件芯片为可信根节点生成可信位置,并提供给可信位置管理平台。可信位置信息包括基础位置信息和附加可信位置信息,所述基础位置信息为当前地理位置信息,所述附加可信位置信息为所述可信硬件芯片根据预置算法生成的计算结果值。As shown in FIG. 1 : in S101 , the trusted location generation device uses a trusted hardware chip as a trusted root node to generate a trusted location, and provides it to the trusted location management platform. The trusted location information includes basic location information and additional trusted location information, the basic location information is current geographic location information, and the additional trusted location information is a calculation result value generated by the trusted hardware chip according to a preset algorithm.

在S102中,可信位置管理平台接收可信位置生成装置发送的可信位置信息,根据可信位置生成装置的类别生成适配器,接入可信位置管理平台。以可信位置管理平台内置可信硬件芯片为根,以六元组(应用、可信位置、用户、时间点、操作、价格)信息作为输入,生成白名单信任链。并发布带有公钥信息的可信位置。In S102, the trusted location management platform receives the trusted location information sent by the trusted location generating device, generates an adapter according to the type of the trusted location generating device, and accesses the trusted location management platform. With the trusted hardware chip built into the trusted location management platform as the root and the six-tuple (application, trusted location, user, time point, operation, price) information as the input, a whitelist trust chain is generated. And publish a trusted location with public key information.

在S103中,可信位置使用装置读取并验证可信位置管理平台发布的可信位置。本发明实施例中,可信位置使用装置会通过装置内置的算法验证可信位置。由于可信位置使用装置及可信位置生成装置都通过可信位置管理平台进行信任链生成和验证工作,所以本发明中的可信位置使用装置和可信位置生成装置在密钥使用方面是互相透明的,这也保证了可信位置的安全性。In S103, the trusted location using device reads and verifies the trusted location issued by the trusted location management platform. In the embodiment of the present invention, the device for using the trusted location will verify the trusted location through an algorithm built in the device. Since both the trusted location use device and the trusted location generation device perform trust chain generation and verification work through the trusted location management platform, the trusted location use device and the trusted location generation device in the present invention are mutual in terms of key usage. Transparently, this also guarantees the security of trusted locations.

在S104中,可信位置用户通过可信位置使用装置获得可信位置,获得白名单中的应用服务。这里,可信位置用户收到可信位置使用装置的确认信息后,即可使用可信位置使用装置白名单上的功能;并进一步将可信位置使用信息传递到可信位置运营管理平台。In S104, the trusted location user obtains the trusted location through the trusted location using device, and obtains the application service in the whitelist. Here, the trusted location user can use the functions on the whitelist of the trusted location usage device after receiving the confirmation information from the trusted location usage device; and further transmit the trusted location usage information to the trusted location operation management platform.

进一步地,可信位置生成装置第一次使用输入位置坐标后即不可随意更改,用于确保位置的唯一性,在装置中内置检测软件,如装置移动则启动位置失效算法。这确保了可信根位置的安全性。Furthermore, after the trusted location generating device uses the input location coordinates for the first time, it cannot be changed arbitrarily to ensure the uniqueness of the location. Detection software is built into the device, and if the device moves, the location invalidation algorithm will be activated. This ensures the security of the root of trust location.

在上述任意实施例的基础上,进一步地,可信位置管理平台对可信位置的提供进行定价,对可信位置的使用进行计费,提供了一种可信位置的运营手段。On the basis of any of the above embodiments, further, the trusted location management platform provides a price for the provision of the trusted location, charges for the use of the trusted location, and provides a means for operating the trusted location.

在上述任意实施例的基础上,进一步地,可信位置生成装置装载在现场设备上,现场设备可以是固定在墙壁上的可信信号源。On the basis of any of the above embodiments, further, the trusted location generating device is loaded on a field device, and the field device may be a trusted signal source fixed on a wall.

在上述任意实施例的基础上,进一步地,可信位置使用装置装载在中心设备上,中心设备可以是可信服务器或可信计算机。On the basis of any of the above embodiments, further, the apparatus for using a trusted location is loaded on a central device, and the central device may be a trusted server or a trusted computer.

本发明还提供了一种实施例,如图2所示,本发明实施例以手机或PC机为用户设备,以PC服务器为中心设备。The present invention also provides an embodiment. As shown in FIG. 2 , the embodiment of the present invention uses a mobile phone or a PC as a user device, and a PC server as a central device.

第一步,可信位置生成装置初始化,根据装置的物理位置、装置TCM芯片内置加密算法,密钥等信息生成可信位置。例如:某可信位置服务公司将昌北机场停车场B区的L01号定位装置的物理位置信息作为输入,生成TL01号可信位置的可信位置信息;如果物理位置信息发生变化,装置内置的位置检测模块则启动TL01号位置失效算法,将L01号定位装置标识为不可信位置。可信位置生成装置通过位置发送模块定期将可信位置信息发给可信位置运营管理平台。In the first step, the trusted location generation device is initialized, and the trusted location is generated according to the physical location of the device, the built-in encryption algorithm of the TCM chip of the device, and the key. For example: a trusted location service company takes the physical location information of No. L01 positioning device in Area B of Changbei Airport parking lot as input to generate trusted location information of TL01 trusted location; if the physical location information changes, the built-in device The location detection module starts the location invalidation algorithm of TL01, and identifies the location device of L01 as an untrusted location. The trusted location generating device regularly sends the trusted location information to the trusted location operation management platform through the location sending module.

可信位置运营管理平台对接收到的可信位置信息进行验证,并以验证通过的可信位置信息为根,生成初始信任链。该信任链负责验证某个用户在该可信位置拥有的应用服务权限。The trusted location operation management platform verifies the received trusted location information, and uses the verified trusted location information as the root to generate an initial trust chain. This chain of trust is responsible for validating a user's permissions to application services at that trusted location.

第二步,可信位置使用装置对可信位置运营管理平台进行查询,获得应用服务需要的可信位置及使用价格,将这个可信位置上某个用户能够访问的应用服务作为输入信息,写入可信位置使用预约模块,并更新该可信位置的信任链。例如:某车辆租赁系统的李明用户在TL01号可信位置时,可以使用车辆解锁和车辆归还功能。In the second step, the trusted location using device queries the trusted location operation and management platform to obtain the trusted location and usage price required by the application service, and uses the application service that a certain user can access in this trusted location as input information, write Enter the trusted location to use the reservation module, and update the trust chain of the trusted location. For example: Li Ming, a user of a vehicle rental system, can use the vehicle unlock and vehicle return functions when he is in the trusted location of TL01.

第三步,可信位置用户在某个位置上调用某个应用服务时,需要先访问可信位置使用装置,查询在该位置该应用服务可用的可信位置。例如:某车辆租赁系统的李明用户手机在昌北机场能够使用的可信位置为停车场B区TL01号可信位置。In the third step, when a trusted location user invokes a certain application service in a certain location, he needs to first visit the trusted location using device, and inquire about the trusted location where the application service is available. For example: the trusted location of Li Ming's mobile phone in Changbei Airport is the trusted location of TL01 in Area B of the parking lot.

第四步,可信位置使用装置将在该位置该应用服务可用的可信位置及位置使用密钥发送给可信位置用户。例如:某车辆租赁系统的可信位置使用装置将昌北机场停车场B区TL01号可信位置验证密钥发送给李明用户手机。In the fourth step, the device for using the trusted location sends the trusted location and location usage key available for the application service at the location to the user of the trusted location. For example: the trusted location use device of a certain vehicle rental system sends the trusted location verification key of No. TL01, Area B, Changbei Airport parking lot, to the mobile phone of user Li Ming.

第五步,可信位置用户将位置使用密钥发送给可信位置生成装置,并建立与可信位置的连接。例如,李明用户手机上部署的车辆租赁系统APP建立与TL01号可信位置的连接。In the fifth step, the trusted location user sends the location usage key to the trusted location generation device, and establishes a connection with the trusted location. For example, the vehicle rental system APP deployed on Li Ming's user's mobile phone establishes a connection with the trusted location of TL01.

第六步,可信位置生成装置向可信位置用户发送确认信息。例如,TL01号可信位置向李明用户手机上部署的车辆租赁系统APP发送可信位置确认信息。此时,李明用户手机上部署的车辆租赁系统APP即可使用车辆解锁功能。In the sixth step, the trusted location generating device sends confirmation information to the trusted location user. For example, the trusted location of TL01 sends trusted location confirmation information to the vehicle rental system APP deployed on Li Ming's user's mobile phone. At this time, the vehicle rental system APP deployed on Li Ming's user's mobile phone can use the vehicle unlocking function.

可信位置运营管理平台将以上述确认信息做为可信位置使用依据,进行计费操作。The trusted location operation and management platform will use the above confirmation information as the basis for using the trusted location to perform billing operations.

第七步,可信位置运营管理平台记录可信位置的使用情况、费用信息。并将可信位置使用账单发送给可信位置使用装置,此做为可信位置使用结束的标志。例如,某车辆租赁系统收到一张昌北机场停车场B区的TL01号可信位置的使用账单。In the seventh step, the trusted location operation and management platform records the usage and cost information of the trusted location. And the trusted location usage bill is sent to the trusted location usage device, which is used as a sign of the end of the trusted location usage. For example, a vehicle rental system receives a bill for the use of trusted location TL01 in Area B of Changbei Airport parking lot.

从上述例子可以看到,通过使用本发明提供的可信位置,某车辆租赁系统的李明用户到达昌北机场后,即可在手机上看到一个可用的可信位置TL01位于停车场B区。这在为车厢租赁系统用户提供有效定位的同时,也限定了可信位置TL01只能由已付费的位置使用装置使用,这不但提高了位置服务的安全性,同时也提供了一种可信位置的运营手段。综上所述,本发明具有安全性和经济性好的特点。As can be seen from the above example, by using the trusted location provided by the present invention, after Li Ming user of a vehicle rental system arrives at Changbei Airport, he can see an available trusted location TL01 located in the parking lot B area on his mobile phone . While providing effective positioning for the users of the carriage rental system, it also limits that the trusted location TL01 can only be used by paid location usage devices, which not only improves the security of location services, but also provides a trusted location means of operation. In summary, the present invention has the characteristics of good safety and economy.

需要说明的是:对于前述的各方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为依据本发明,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本发明所必须的。It should be noted that, for the foregoing method embodiments, for the sake of simple description, they are expressed as a series of action combinations, but those skilled in the art should know that the present invention is not limited by the described action sequence. Because of the present invention, certain steps may be performed in other orders or simultaneously. Secondly, those skilled in the art should also know that the embodiments described in the specification belong to preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.

在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其他实施例的相关描述。In the foregoing embodiments, the descriptions of each embodiment have their own emphases, and for parts not described in detail in a certain embodiment, reference may be made to relevant descriptions of other embodiments.

可以理解的是,上述方法及交换机中的相关特征可以相互参考。另外,上述实施例中的“第一”、“第二”等是用于区分各实施例,而并不代表各实施例的优劣。It can be understood that the above methods and related features in the switch can refer to each other. In addition, "first", "second" and so on in the above embodiments are used to distinguish each embodiment, and do not represent the advantages and disadvantages of each embodiment.

所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的方法,装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the method, device and unit described above can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.

在此提供的算法和显示不与任何特定计算机、虚拟系统或者其它设备固有相关。各种通用系统也可以与基于在此的示教一起使用。根据上面的描述,构造这类系统所要求的结构是显而易见的。此外,本发明也不针对任何特定编程语言。应当明白,可以利用各种编程语言实现在此描述的本发明的内容,并且上面对特定语言所做的描述是为了披露本发明的最佳实施方式。The algorithms and displays presented herein are not inherently related to any particular computer, virtual system, or other device. Various generic systems can also be used with the teachings based on this. The structure required to construct such a system is apparent from the above description. Furthermore, the present invention is not specific to any particular programming language. It should be understood that various programming languages can be used to implement the content of the present invention described herein, and the above description of specific languages is for disclosing the best mode of the present invention.

在此处所提供的说明书中,说明了大量具体细节。然而,能够理解,本发明的实施例可以在没有这些具体细节的情况下实践。在一些实例中,并未详细示出公知的方法、结构和技术,以便不模糊对本说明书的理解。In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure the understanding of this description.

类似地,应当理解,为了精简本公开并帮助理解各个发明方面中的一个或多个,在上面对本发明的示例性实施例的描述中,本发明的各个特征有时被一起分组到单个实施例、图、或者对其的描述中。然而,并不应将该公开的方法解释成反映如下意图:即所要求保护的本发明要求比在每个权利要求中所明确记载的特征更多的特征。更确切地说,如下面的权利要求书所反映的那样,发明方面在于少于前面公开的单个实施例的所有特征。因此,遵循具体实施方式的权利要求书由此明确地并入该具体实施方式,其中每个权利要求本身都作为本发明的单独实施例。Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, in order to streamline this disclosure and to facilitate an understanding of one or more of the various inventive aspects, various features of the invention are sometimes grouped together in a single embodiment, figure, or its description. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention.

本领域那些技术人员可以理解,可以对实施例中的装置中的模块进行自适应性地改变并且把它们设置在与该实施例不同的一个或多个设备中。可以把实施例中的模块或单元或组件组合成一个模块或单元或组件,以及此外可以把它们分成多个子模块或子单元或子组件。除了这样的特征和/或过程或者单元中的至少一些是相互排斥之外,可以采用任何组合对本说明书(包括伴随的权利要求、摘要和附图)中公开的所有特征以及如此公开的任何方法或者设备的所有过程或单元进行组合。除非另外明确陈述,本说明书(包括伴随的权利要求、摘要和附图)中公开的每个特征可以由提供相同、等同或相似目的的替代特征来代替。Those skilled in the art can understand that the modules in the apparatus in the embodiment can be adaptively changed and arranged in one or more devices different from the embodiment. Modules or units or components in the embodiments may be combined into one module or unit or component, and furthermore may be divided into a plurality of sub-modules or sub-units or sub-assemblies. All features disclosed in this specification (including accompanying claims, abstract and drawings), as well as any method or method so disclosed, may be used in any combination, except that at least some of such features and/or processes or units are mutually exclusive. All processes or units of equipment are combined. Each feature disclosed in this specification (including accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.

此外,本领域的技术人员能够理解,尽管在此所述的一些实施例包括其它实施例中所包括的某些特征而不是其它特征,但是不同实施例的特征的组合意味着处于本发明的范围之内并且形成不同的实施例。例如,在下面的权利要求书中,所要求保护的实施例的任意之一都可以以任意的组合方式来使用。Furthermore, those skilled in the art will understand that although some embodiments described herein include some features included in other embodiments but not others, combinations of features from different embodiments are meant to be within the scope of the invention. and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.

本发明的各个部件实施例可以以硬件实现,或者以在一个或者多个处理器上运行的软件模块实现,或者以它们的组合实现。本领域的技术人员应当理解,可以在实践中使用微处理器或者数字信号处理器(DSP)来实现根据本发明实施例提供的装置中的一些或者全部部件的一些或者全部功能。本发明还可以实现为用于执行这里所描述的方法的一部分或者全部的设备或者装置程序(例如,计算机程序和计算机程序产品)。这样的实现本发明的程序可以存储在计算机可读介质上,或者可以具有一个或者多个信号的形式。这样的信号可以从因特网网站上下载得到,或者在载体信号上提供,或者以任何其他形式提供。The various component embodiments of the present invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art should understand that a microprocessor or a digital signal processor (DSP) may be used in practice to implement some or all functions of some or all components in the device provided according to the embodiments of the present invention. The present invention can also be implemented as an apparatus or an apparatus program (for example, a computer program and a computer program product) for performing a part or all of the methods described herein. Such a program for realizing the present invention may be stored on a computer-readable medium, or may be in the form of one or more signals. Such a signal may be downloaded from an Internet site, or provided on a carrier signal, or provided in any other form.

应该注意的是上述实施例对本发明进行说明而不是对本发明进行限制,并且本领域技术人员在不脱离所附权利要求的范围的情况下可设计出替换实施例。在权利要求中,不应将位于括号之间的任何参考符号构造成对权利要求的限制。单词“包含”不排除存在未列在权利要求中的元件或步骤。位于元件之前的单词“一”或“一个”不排除存在多个这样的元件。本发明可以借助于包括有若干不同元件的硬件以及借助于适当编程的计算机来实现。在列举了若干装置的单元权利要求中,这些装置中的若干个可以是通过同一个硬件项来具体体现。单词第一、第二、以及第三等的使用不表示任何顺序。可将这些单词解释为名称。It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In a unit claim enumerating several means, several of these means can be embodied by one and the same item of hardware. The use of the words first, second, and third, etc. does not indicate any order. These words can be interpreted as names.

Claims (7)

1.一种可信位置运营管理方法,其特征在于:所述方法包括:1. A trusted location operation and management method, characterized in that: the method comprises: 可信位置生成装置,以可信硬件芯片为可信根节点生成可信位置,并提供给可信位置管理平台;The trusted location generation device uses the trusted hardware chip as the trusted root node to generate the trusted location and provides it to the trusted location management platform; 可信位置运营管理平台,生成信任链,并对外发布可信位置及收费标准;The trusted location operation and management platform generates a chain of trust, and publishes the trusted location and charging standards; 可信位置使用装置,读取并验证可信位置管理平台发布的可信位置;The trusted location usage device reads and verifies the trusted location issued by the trusted location management platform; 可信位置用户,通过可信位置使用装置获得可信位置。A trusted location user obtains a trusted location through a trusted location using device. 2.根据权利要求1所述的一种可信位置运营管理方法,其特征在于:所述可信位置生成装置以可信硬件芯片为可信根节点生成可信位置信息;所述可信位置信息包括基础位置信息和附加可信位置信息,其中,所述基础位置信息为当前地理位置信息,所述附加可信位置信息为所述可信硬件芯片根据预置算法生成的计算结果值。2. A trusted location operation and management method according to claim 1, characterized in that: said trusted location generation device uses a trusted hardware chip as a trusted root node to generate trusted location information; said trusted location The information includes basic location information and additional trusted location information, wherein the basic location information is current geographic location information, and the additional trusted location information is a calculation result value generated by the trusted hardware chip according to a preset algorithm. 3.根据权利要求1所述的一种可信位置运营管理方法,其特征在于:所述可信位置生成装置为第一次使用输入位置坐标后即不可随意更改,用于确保位置的唯一性,在装置中内置检测软件,装置移动则启动位置失效算法。3. A trusted location operation and management method according to claim 1, characterized in that: the trusted location generating device cannot be changed arbitrarily after inputting the location coordinates for the first use, and is used to ensure the uniqueness of the location , the detection software is built in the device, and the location failure algorithm is started when the device moves. 4.根据权利要求1所述的一种可信位置运营管理方法,其特征在于:可信位置运营管理平台对不同制造商、不同运营商的可信位置生成装置进行统一接入;对不同制造商、不同运营商的可信位置使用装置进行统一接入;对可信位置的提供进行定价,对可信位置的使用进行计费。4. A trusted location operation and management method according to claim 1, characterized in that: the trusted location operation and management platform uniformly accesses trusted location generating devices of different manufacturers and different operators; Provide unified access to the trusted location using devices of different operators and operators; price the provision of trusted location, and charge for the use of trusted location. 5.根据权利要求1所述的一种可信位置运营管理方法,其特征在于:一个应用对应于一个可信位置使用装置,一个应用将该位置能进行的用户、时间点、操作发送给可信位置运营管理平台,并生成白名单信任链。5. A trusted location operation and management method according to claim 1, characterized in that: one application corresponds to a trusted location using device, and one application sends the user, time point, and operation that can be performed at the location to the trusted location. Trust location operation and management platform, and generate a whitelist trust chain. 6.根据权利要求1所述的一种可信位置运营管理方法,其特征在于:可信位置使用装置将可信位置使用密钥发送给可信位置用户。6. A trusted location operation and management method according to claim 1, characterized in that: the trusted location using device sends the trusted location using key to the trusted location user. 7.根据权利要求1所述的一种可信位置运营管理方法,其特征在于:可信位置用户将位置使用密钥发送给可信位置生成装置,并建立与可信位置的连接,获得白名单中的应用服务。7. A trusted location operation and management method according to claim 1, characterized in that: the trusted location user sends the location use key to the trusted location generating device, and establishes a connection with the trusted location to obtain white list of application services.
CN201711214443.0A 2017-11-28 2017-11-28 A kind of trustworthy location operation management method Pending CN107979813A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711214443.0A CN107979813A (en) 2017-11-28 2017-11-28 A kind of trustworthy location operation management method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711214443.0A CN107979813A (en) 2017-11-28 2017-11-28 A kind of trustworthy location operation management method

Publications (1)

Publication Number Publication Date
CN107979813A true CN107979813A (en) 2018-05-01

Family

ID=62012118

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711214443.0A Pending CN107979813A (en) 2017-11-28 2017-11-28 A kind of trustworthy location operation management method

Country Status (1)

Country Link
CN (1) CN107979813A (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101689311A (en) * 2007-06-26 2010-03-31 Nxp股份有限公司 Road toll system
CN102663837A (en) * 2012-05-18 2012-09-12 无锡普智联科高新技术有限公司 On-street parking fee payment system and method based on mobile phone client
CN102860100A (en) * 2010-03-10 2013-01-02 交互数字专利控股公司 Location determination of infrastructure device and terminal device
CN103093641A (en) * 2011-11-02 2013-05-08 中兴通讯股份有限公司 Method capable of achieving parking lot information inquiry on mobile terminal and server thereof
US20140248887A1 (en) * 2013-03-04 2014-09-04 T-Mobile Usa, Inc. Closed Communication System
CN105049257A (en) * 2015-08-12 2015-11-11 北京因特信安软件科技有限公司 Cloud platform scheduling method based on trusted geographical location information
WO2016107470A1 (en) * 2014-12-30 2016-07-07 腾讯科技(深圳)有限公司 Parking management method, server, user terminal, and system
CN106792551A (en) * 2017-02-21 2017-05-31 上海量明科技发展有限公司 Distinguish the method for charging, order car terminal and system in shared vehicle parking position

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101689311A (en) * 2007-06-26 2010-03-31 Nxp股份有限公司 Road toll system
CN102860100A (en) * 2010-03-10 2013-01-02 交互数字专利控股公司 Location determination of infrastructure device and terminal device
CN103093641A (en) * 2011-11-02 2013-05-08 中兴通讯股份有限公司 Method capable of achieving parking lot information inquiry on mobile terminal and server thereof
CN102663837A (en) * 2012-05-18 2012-09-12 无锡普智联科高新技术有限公司 On-street parking fee payment system and method based on mobile phone client
US20140248887A1 (en) * 2013-03-04 2014-09-04 T-Mobile Usa, Inc. Closed Communication System
WO2016107470A1 (en) * 2014-12-30 2016-07-07 腾讯科技(深圳)有限公司 Parking management method, server, user terminal, and system
CN105049257A (en) * 2015-08-12 2015-11-11 北京因特信安软件科技有限公司 Cloud platform scheduling method based on trusted geographical location information
CN106792551A (en) * 2017-02-21 2017-05-31 上海量明科技发展有限公司 Distinguish the method for charging, order car terminal and system in shared vehicle parking position

Similar Documents

Publication Publication Date Title
US11336635B2 (en) Systems and methods for authenticating device through IoT cloud using hardware security module
CN104516783B (en) Authority control method and device
CN110245144B (en) Protocol data management method, device, storage medium and system
CN107592964B (en) System, apparatus and method for multi-owner transfer of ownership of equipment
US11316683B2 (en) Systems and methods for providing IoT security service using hardware security module
WO2021238954A1 (en) Installation management of applet applications
WO2021114918A1 (en) Integrity checking method and apparatus, terminal device and verification server
CN103366135B (en) The security system driven by tenant in storage cloud and method
JP7760673B2 (en) Method, system, and program for controlling IoT devices using a messenger bot
CN103561006B (en) Application authentication method and device and application authentication server based on Android
JP2019523494A (en) Method and system realized by blockchain
CN103155613A (en) Method and apparatus for access credential provisioning
US9838869B1 (en) Delivering digital content to a mobile device via a digital rights clearing house
US20210318888A1 (en) Registered applications for electronic devices
CN103141126A (en) Methods and apparatuses for access credential provisioning
JP2007505559A (en) Method and apparatus for content protection in a wireless network
WO2021169382A1 (en) Link test method and apparatus, electronic device and storage medium
CN105303084A (en) Privilege management system and method
CN104581625A (en) Position privacy protection method and system based on particle size control
US20140230040A1 (en) Validation of Service Management Requests of a Mobile Device in a Geographically Bounded Space
US10019696B2 (en) Distributed digital rights-managed file transfer and access control
US20240372710A1 (en) Quorum-based authorization
CN105704712B (en) Network resource sharing method, mobile terminal and server
US20250141678A1 (en) Time-Aware Blockchain Staged Regulatory Control of Internet of Things Data
CN110866265A (en) Data storage method, device and storage medium based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180501