[go: up one dir, main page]

CN111552940A - A security module-based data transmission system and method - Google Patents

A security module-based data transmission system and method Download PDF

Info

Publication number
CN111552940A
CN111552940A CN202010408960.7A CN202010408960A CN111552940A CN 111552940 A CN111552940 A CN 111552940A CN 202010408960 A CN202010408960 A CN 202010408960A CN 111552940 A CN111552940 A CN 111552940A
Authority
CN
China
Prior art keywords
data
unit
terminal
verification
data transmission
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010408960.7A
Other languages
Chinese (zh)
Inventor
许广利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
North China University of Science and Technology
Original Assignee
North China University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by North China University of Science and Technology filed Critical North China University of Science and Technology
Priority to CN202010408960.7A priority Critical patent/CN111552940A/en
Publication of CN111552940A publication Critical patent/CN111552940A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention discloses a data transmission system and method based on a security module, which belongs to the technical field of data security transmission, and comprises an identity verification terminal, a data transmission terminal and a data verification terminal, wherein the computer terminal verifies the identity information of a computer user through a digital verification unit, a fingerprint verification unit and a face identification unit in the identity verification terminal, after the identity information is authenticated and authorized, the data to be transmitted is encrypted through a data encryption unit in the data transmission terminal to generate a ciphertext, a first processor in the data transmission terminal transmits the encrypted ciphertext to the data verification terminal, and a data decryption unit in the data verification terminal decrypts the received encrypted data And verification of fingerprints and facial features prevent outsiders from using the computer.

Description

一种基于安全模块的数据传输系统及方法A security module-based data transmission system and method

技术领域technical field

本发明涉及数据安全传输技术领域,具体为一种基于安全模块的数据传输系统及方法。The invention relates to the technical field of data security transmission, in particular to a data transmission system and method based on a security module.

背景技术Background technique

随着科学技术的不断发展,特别是随着互联网技术的飞速发展,人们的生活日益网络化、信息化,客户端往往需要服务器提供大量的数据信息,也需要向服务器提供相关数据,有时甚至需要向服务器提供用户的个人信息,因此,信息传输的安全问题越来越成为众人关注的焦点问题,对于数据的传输加密方案也越来越多,目前对数据的加解密方案通常都是采用固定密钥进行加解密的方式,安全等级较低,一旦密钥被破解,将造成极大危害。With the continuous development of science and technology, especially with the rapid development of Internet technology, people's lives are increasingly networked and informatized. The client often needs the server to provide a large amount of data information, and also needs to provide the server with relevant data, and sometimes even needs The user's personal information is provided to the server. Therefore, the security of information transmission has become more and more the focus of attention, and there are more and more encryption schemes for data transmission. The encryption and decryption method of the key has a low level of security. Once the key is cracked, it will cause great harm.

且现有的数据传输多数通过计算机终端进行传输,但是对于计算机确缺少对使用者的身份信息核实,因此存在着数据外泄的的安全隐患,鉴于上述提出的问题,我们需要研发一种基于安全模块的数据传输系统及方法解决上述问题。And most of the existing data transmission is transmitted through computer terminals, but the computer lacks verification of the user's identity information, so there is a security risk of data leakage. In view of the above problems, we need to develop a security-based The modular data transmission system and method solve the above problems.

发明内容SUMMARY OF THE INVENTION

本部分的目的在于概述本发明的实施方式的一些方面以及简要介绍一些较佳实施方式。在本部分以及本申请的说明书摘要和发明名称中可能会做些简化或省略以避免使本部分、说明书摘要和发明名称的目的模糊,而这种简化或省略不能用于限制本发明的范围。The purpose of this section is to outline some aspects of embodiments of the invention and to briefly introduce some preferred embodiments. Some simplifications or omissions may be made in this section and the abstract and title of the application to avoid obscuring the purpose of this section, abstract and title, and such simplifications or omissions may not be used to limit the scope of the invention.

鉴于现有基于安全模块的数据传输系统及方法中存在的问题,提出了本发明。In view of the problems existing in the existing security module-based data transmission systems and methods, the present invention is proposed.

因此,本发明的目的是提供一种基于安全模块的数据传输系统及方法,能够实现在使用计算机传输数据的过程中,首先对计算机使用者的身份进行验证审核,防止外人操作,其次可以通过第一处理器、数据加密单元和防破解单元对数据进行加密传输,防止数据被破解盗取。Therefore, the purpose of the present invention is to provide a data transmission system and method based on a security module, which can realize that in the process of using a computer to transmit data, firstly, the identity of the computer user is verified and audited to prevent outsiders from operating, and secondly, it can pass the first A processor, a data encryption unit and an anti-cracking unit encrypt and transmit data to prevent the data from being cracked and stolen.

为解决上述技术问题,根据本发明的一个方面,本发明提供了如下技术方案:In order to solve the above-mentioned technical problems, according to one aspect of the present invention, the present invention provides the following technical solutions:

一种基于安全模块的数据传输系统,其包括包括身份验证终端、数据传输终端和数据验证终端,所述身份验证终端包括数字验证单元、指纹验证单元和面部识别单元,所述数据传输终端包括数据加密单元、第一处理器和防破解单元,所述数据验证终端包括数据解密单元、第二处理器和异常警报单元。A data transmission system based on a security module, which includes an identity verification terminal, a data transmission terminal and a data verification terminal, the identity verification terminal includes a digital verification unit, a fingerprint verification unit and a face recognition unit, and the data transmission terminal includes data An encryption unit, a first processor and an anti-cracking unit, the data verification terminal includes a data decryption unit, a second processor and an abnormal alarm unit.

作为本发明所述的一种基于安全模块的数据传输系统的一种优选方案,其中:所述数字验证单元为数字密码验证器、指纹验证单元为指纹识别器、面部识别单元为高清摄像头,且数字验证模块、指纹验证单元和面部识别单元均与计算机终端连接。As a preferred solution of the security module-based data transmission system according to the present invention, wherein: the digital verification unit is a digital password validator, the fingerprint verification unit is a fingerprint reader, and the facial recognition unit is a high-definition camera, and The digital verification module, the fingerprint verification unit and the face recognition unit are all connected with the computer terminal.

作为本发明所述的一种基于安全模块的数据传输方法的一种优选方案,其中:该方法如下;As a preferred solution of the security module-based data transmission method of the present invention, wherein: the method is as follows;

步骤一:计算机终端通过身份验证终端中的数字验证单元、指纹验证单元和面部识别单元验证计算机使用者的身份信息;Step 1: the computer terminal verifies the identity information of the computer user through the digital verification unit, the fingerprint verification unit and the facial recognition unit in the identity verification terminal;

步骤二:身份信息认证授权后,通过数据传输终端中的数据加密单元将待传输的数据加密并生成密文;Step 2: after the identity information authentication and authorization, the data to be transmitted is encrypted by the data encryption unit in the data transmission terminal and a ciphertext is generated;

步骤三:数据传输终端中的第一处理器将加密后的密文传输给数据验证终端;Step 3: the first processor in the data transmission terminal transmits the encrypted ciphertext to the data verification terminal;

步骤四:数据验证终端中的数据解密单元解密接收到的加密数据,得到解密后的数据后通过第二处理器显示明文;Step 4: the data decryption unit in the data verification terminal decrypts the received encrypted data, and after obtaining the decrypted data, the second processor displays the plaintext;

步骤五:异常警报单元检测数据是否异常,当数据明文异常时,并发出警报。Step 5: The abnormal alarm unit detects whether the data is abnormal, and issues an alarm when the data is abnormal in plaintext.

作为本发明所述的一种基于安全模块的数据传输方法的一种优选方案,其中:所述数据加密模块和数据解密模块采用EDS加密算法。As a preferred solution of the security module-based data transmission method of the present invention, the data encryption module and the data decryption module use an EDS encryption algorithm.

作为本发明所述的一种基于安全模块的数据传输方法的一种优选方案,其中:所述数据传输终端包括防破解单元,所述防破解单元包括防网络破解模块、防端点破解模块和防存储破解模块。As a preferred solution of the security module-based data transmission method of the present invention, wherein: the data transmission terminal includes an anti-cracking unit, and the anti-cracking unit includes an anti-network cracking module, an anti-endpoint cracking module, and an anti-cracking module. Storage cracking module.

作为本发明所述的一种基于安全模块的数据传输方法的一种优选方案,其中:所述数据传输终端为计算机终端,所述数据验证终端为云服务器终端。As a preferred solution of the security module-based data transmission method of the present invention, wherein: the data transmission terminal is a computer terminal, and the data verification terminal is a cloud server terminal.

与现有技术相比,本发明的有益效果是:通过该一种基于安全模块的数据传输系统及方法的设置,结构设计合理,通过身份验证终端、数字验证终端、指纹验证单元和面部识别模块,实现了对计算机使用者的密令、指纹和面部特征的验证审核,防止外人使用该计算机,通过第一处理器和数据加密单元的配合,实现了对待传输数据进行加密和防破解传输,通过数据解密单元、第二处理器和异常警报模块,实现了对加密文件的接收和破解,和检测检测文件是否被读取过,保证的看数据传输的安全性。Compared with the prior art, the beneficial effects of the present invention are: through the setting of the security module-based data transmission system and method, the structure design is reasonable, and the identity verification terminal, the digital verification terminal, the fingerprint verification unit and the face recognition module are provided. , realizes the verification and audit of the password, fingerprint and facial features of the computer user, prevents outsiders from using the computer, and realizes the encryption and anti-cracking transmission of the data to be transmitted through the cooperation of the first processor and the data encryption unit. The decryption unit, the second processor and the abnormal alarm module realize the reception and cracking of the encrypted file, and the detection and detection of whether the file has been read, so as to ensure the security of data transmission.

附图说明Description of drawings

为了更清楚地说明本发明实施方式的技术方案,下面将结合附图和详细实施方式对本发明进行详细说明,显而易见地,下面描述中的附图仅仅是本发明的一些实施方式,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其它的附图。其中:In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the present invention will be described in detail below with reference to the accompanying drawings and detailed embodiments. As far as technical personnel are concerned, other drawings can also be obtained based on these drawings without paying creative labor. in:

图1为本发明结构示意图;Fig. 1 is the structural representation of the present invention;

图2为本实用新方法流程图图。Fig. 2 is a flow chart of the method of the present invention.

具体实施方式Detailed ways

为使本发明的上述目的、特征和优点能够更加明显易懂,下面结合附图对本发明的具体实施方式做详细的说明。In order to make the above objects, features and advantages of the present invention more clearly understood, the specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings.

在下面的描述中阐述了很多具体细节以便于充分理解本发明,但是本发明还可以采用其他不同于在此描述的其它方式来实施,本领域技术人员可以在不违背本发明内涵的情况下做类似推广,因此本发明不受下面公开的具体实施方式的限制。Many specific details are set forth in the following description to facilitate a full understanding of the present invention, but the present invention can also be implemented in other ways different from those described herein, and those skilled in the art can do so without departing from the connotation of the present invention. Similar promotion, therefore, the present invention is not limited by the specific embodiments disclosed below.

其次,本发明结合示意图进行详细描述,在详述本发明实施方式时,为便于说明,表示器件结构的剖面图会不依一般比例作局部放大,而且所述示意图只是示例,其在此不应限制本发明保护的范围。此外,在实际制作中应包含长度、宽度及深度的三维空间尺寸。Next, the present invention is described in detail with reference to the schematic diagrams. When describing the embodiments of the present invention in detail, for the convenience of explanation, the cross-sectional views showing the device structure will not be partially enlarged according to the general scale, and the schematic diagrams are only examples, which should not be limited here. The scope of protection of the present invention. In addition, the three-dimensional spatial dimensions of length, width and depth should be included in the actual production.

为使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明的实施方式作进一步地详细描述。In order to make the objectives, technical solutions and advantages of the present invention clearer, the embodiments of the present invention will be further described in detail below with reference to the accompanying drawings.

本发明提供如下技术方案:一种基于安全模块的数据传输系统及方法,在使用计算机传输数据的过程中,首先对计算机使用者的身份进行验证审核,防止外人操作,其次可以通过第一处理器、数据加密单元和防破解单元对数据进行加密传输,防止数据被破解盗取,请参阅图1至图2,包括身份验证终端、数据传输终端和数据验证终端;The present invention provides the following technical solutions: a data transmission system and method based on a security module, in the process of using a computer to transmit data, firstly, the identity of the computer user is verified and audited to prevent outsiders from operating, and secondly, the first processor can , the data encryption unit and the anti-cracking unit encrypt and transmit the data to prevent the data from being cracked and stolen, please refer to Figure 1 to Figure 2, including the identity verification terminal, the data transmission terminal and the data verification terminal;

请再次参阅图1至图2;Please refer to Figure 1 to Figure 2 again;

步骤一:计算机终端通过身份验证终端中的数字验证单元、指纹验证单元和面部识别单元验证计算机使用者的身份信息,具体的,数字验证单元为数字密码验证器、指纹验证单元为指纹识别器、面部识别单元为高清摄像头,使用者通过数字密码验证输入数字密码指令,或者通过指纹识别器采集指纹,通过指纹验证,再或者通过高清摄像头采集面部特征信息,通过面部验证,实现对使用者的身份审核,防止外人操作,数据泄露;Step 1: The computer terminal verifies the identity information of the computer user through the digital verification unit, the fingerprint verification unit and the facial recognition unit in the identity verification terminal. The facial recognition unit is a high-definition camera. The user enters a digital password command through digital password verification, or collects fingerprints through a fingerprint reader, passes fingerprint verification, or collects facial feature information through a high-definition camera, and passes face verification to realize the identity of the user. Audit to prevent outsiders from operating and data leakage;

步骤二:身份信息认证授权后,通过数据传输终端中的数据加密单元将待传输的数据加密并生成密文,具体的,身份信息审核确认后,通过数据加密单元将待传输的数据进行加密,数据加密单元采用EDS加密算法,加密过程为,在一个初始置换IP后,数据明文被分成右半部分和左半部分,每部位32位,以L0R0表示,然后进行16轮迭代乘积变换,称为函数f,将数据和密钥结合起来,16轮之后,左右两部分在连接起来,在经过一个初始逆置换,算法结束生成密文;Step 2: After the identity information is authenticated and authorized, the data to be transmitted is encrypted by the data encryption unit in the data transmission terminal and a ciphertext is generated. Specifically, after the identity information is verified and confirmed, the data to be transmitted is encrypted by the data encryption unit. The data encryption unit adopts the EDS encryption algorithm. The encryption process is: after an initial IP replacement, the data plaintext is divided into a right half and a left half, each of which is 32 bits, represented by L 0 R 0 , and then performs 16 rounds of iterative product transformation. , called the function f, which combines the data and the key. After 16 rounds, the left and right parts are connected. After an initial inverse permutation, the algorithm ends to generate the ciphertext;

步骤三:数据传输终端中的第一处理器将加密后的密文传输给数据验证终端,具体的,数据传输终端中的第一处理器通过数据传输单元将加密后的密文传输给数据验证终端中的数据解密单元;Step 3: The first processor in the data transmission terminal transmits the encrypted ciphertext to the data verification terminal. Specifically, the first processor in the data transmission terminal transmits the encrypted ciphertext to the data verification terminal through the data transmission unit. A data decryption unit in the terminal;

步骤四:数据验证终端中的数据解密单元解密接收到的加密数据,得到解密后的数据后通过第二处理器显示明文,具体的,数据验证终端中的数据解密单元解密接收到的加密数据后,通过数据解密单元解析密文,解密算法的过程为,将密文分成右半部分和左半部分,每部位32位,以L0R0表示,然后进行16轮迭代乘积变换,称为函数f,将数据和密钥结合起来,16轮之后,左右两部分在连接起来,在经过一个初始逆置换,算法结束生成明文,得到解密后的数据明文后通过第二处理器显示明文;Step 4: The data decryption unit in the data verification terminal decrypts the received encrypted data, and after obtaining the decrypted data, the second processor displays the plaintext. Specifically, the data decryption unit in the data verification terminal decrypts the received encrypted data. , the ciphertext is parsed by the data decryption unit. The process of the decryption algorithm is to divide the ciphertext into a right half and a left half, each with 32 bits, represented by L 0 R 0 , and then perform 16 rounds of iterative product transformation, which is called a function f. Combine the data and the key. After 16 rounds, the left and right parts are connected. After an initial inverse permutation, the algorithm ends to generate the plaintext, and after the decrypted data plaintext is obtained, the plaintext is displayed by the second processor;

步骤五:异常警报单元检测数据是否异常,当数据明文异常时,并发出警报,具体的,当数据解密单元解析数据密文得到数据明文后,第二处理器检测数据明文被阅读的次数,当数据明文被查阅的次数异常时,第二处理器则会发出警报,提醒工作人员数据存在异常。Step 5: The abnormality alarm unit detects whether the data is abnormal. When the data plaintext is abnormal, an alarm is issued. Specifically, after the data decryption unit parses the data ciphertext to obtain the data plaintext, the second processor detects the number of times the data plaintext is read. When the number of times the data plaintext is consulted is abnormal, the second processor will issue an alarm to remind the staff that the data is abnormal.

工作原理:在基于安全模块的数据传输系统及方法使用的过程中,当有数据需要传输时,通过身份验证终端、数字验证终端、指纹验证单元和面部识别模块,实现了对计算机使用者的密令、指纹和面部特征的验证审核,防止外人使用该计算机,通过第一处理器和数据加密单元的配合,实现了对待传输数据进行加密和防破解传输,通过数据解密单元、第二处理器和异常警报模块,实现了对加密文件的接收和破解,和检测检测文件是否被读取过,保证的看数据传输的安全性。Working principle: In the process of using the data transmission system and method based on the security module, when there is data to be transmitted, the password of the computer user is realized through the identity verification terminal, the digital verification terminal, the fingerprint verification unit and the face recognition module. , verification and auditing of fingerprints and facial features, to prevent outsiders from using the computer, through the cooperation of the first processor and the data encryption unit, the data to be transmitted is encrypted and crack-proof transmission is realized, through the data decryption unit, the second processor and the abnormal The alarm module realizes the reception and cracking of encrypted files, and detects whether the files have been read, so as to ensure the security of data transmission.

虽然在上文中已经参考实施方式对本发明进行了描述,然而在不脱离本发明的范围的情况下,可以对其进行各种改进并且可以用等效物替换其中的部件。尤其是,只要不存在结构冲突,本发明所披露的实施方式中的各项特征均可通过任意方式相互结合起来使用,在本说明书中未对这些组合的情况进行穷举性的描述仅仅是出于省略篇幅和节约资源的考虑。因此,本发明并不局限于文中公开的特定实施方式,而是包括落入权利要求的范围内的所有技术方案。Although the present invention has been described above with reference to the embodiments, various modifications may be made and equivalents may be substituted for parts thereof without departing from the scope of the invention. In particular, as long as there is no structural conflict, the various features in the disclosed embodiments of the present invention can be combined with each other in any way, and the description of these combinations is not exhaustive in this specification. For the sake of omitting space and saving resources. Therefore, the present invention is not limited to the specific embodiments disclosed herein, but includes all technical solutions falling within the scope of the claims.

Claims (6)

1.一种基于安全模块的数据传输系统,其特征在于:包括身份验证终端、数据传输终端和数据验证终端,所述身份验证终端包括数字验证单元、指纹验证单元和面部识别单元,所述数据传输终端包括数据加密单元、第一处理器和防破解单元,所述数据验证终端包括数据解密单元、第二处理器和异常警报单元,身份验证终端用于对计算机使用者的身份进行验证审核,防止外人操作,数据传输终端用于通过第一处理器、数据加密单元和防破解单元对数据进行加密传输,防止数据被破解盗取,数据验证终端用于,解码明文和检测数据明文被阅读的次数,当数据明文被查阅的次数异常时,第二处理器则会发出警报,提醒工作人员数据存在异常。1. a data transmission system based on a security module, is characterized in that: comprise identity verification terminal, data transmission terminal and data verification terminal, described identity verification terminal comprises digital verification unit, fingerprint verification unit and face recognition unit, described data The transmission terminal includes a data encryption unit, a first processor and an anti-cracking unit, the data verification terminal includes a data decryption unit, a second processor and an abnormal alarm unit, and the identity verification terminal is used for verifying and auditing the identity of the computer user, To prevent operation by outsiders, the data transmission terminal is used to encrypt and transmit the data through the first processor, the data encryption unit and the anti-cracking unit to prevent the data from being cracked and stolen, and the data verification terminal is used to decode the plaintext and detect the plaintext of the data being read. When the number of times the data plaintext is consulted is abnormal, the second processor will issue an alarm to remind the staff that the data is abnormal. 2.根据权利要求1所述的一种基于安全模块的数据传输系统,其特征在于:所述数字验证单元为数字密码验证器、指纹验证单元为指纹识别器、面部识别单元为高清摄像头,且数字验证模块、指纹验证单元和面部识别单元均与计算机终端连接。2. a kind of data transmission system based on security module according to claim 1, is characterized in that: described digital verification unit is digital password authenticator, fingerprint verification unit is fingerprint reader, face recognition unit is high-definition camera, and The digital verification module, the fingerprint verification unit and the face recognition unit are all connected with the computer terminal. 3.根据权利要求1-2任意一项所述的一种基于安全模块的数据传输方法,其特征在于:该方法如下;3. The data transmission method based on a security module according to any one of claims 1-2, characterized in that: the method is as follows; 步骤一:计算机终端通过身份验证终端中的数字验证单元、指纹验证单元和面部识别单元验证计算机使用者的身份信息;Step 1: the computer terminal verifies the identity information of the computer user through the digital verification unit, the fingerprint verification unit and the facial recognition unit in the identity verification terminal; 步骤二:身份信息认证授权后,通过数据传输终端中的数据加密单元将待传输的数据加密并生成密文;Step 2: after the identity information authentication and authorization, the data to be transmitted is encrypted by the data encryption unit in the data transmission terminal and a ciphertext is generated; 步骤三:数据传输终端中的第一处理器将加密后的密文传输给数据验证终端;Step 3: the first processor in the data transmission terminal transmits the encrypted ciphertext to the data verification terminal; 步骤四:数据验证终端中的数据解密单元解密接收到的加密数据,得到解密后的数据后通过第二处理器显示明文;Step 4: the data decryption unit in the data verification terminal decrypts the received encrypted data, and after obtaining the decrypted data, the second processor displays the plaintext; 步骤五:异常警报单元检测数据是否异常,当数据明文异常时,并发出警报。Step 5: The abnormal alarm unit detects whether the data is abnormal, and issues an alarm when the data is abnormal in plaintext. 4.根据权利要求1所述的一种基于安全模块的数据传输方法,其特征在于:所述数据加密模块和数据解密模块采用EDS加密算法。4. A kind of data transmission method based on security module according to claim 1, is characterized in that: described data encryption module and data decryption module adopt EDS encryption algorithm. 5.根据权利要求1所述的一种基于安全模块的数据传输方法,其特征在于:所述数据传输终端包括防破解单元,所述防破解单元包括防网络破解模块、防端点破解模块和防存储破解模块。5. A security module-based data transmission method according to claim 1, wherein the data transmission terminal comprises an anti-cracking unit, and the anti-cracking unit comprises an anti-network cracking module, an anti-endpoint cracking module and an anti-cracking module. Storage cracking module. 6.根据权利要求1所述的一种基于安全模块的数据传输方法,其特征在于:所述数据传输终端为计算机终端,所述数据验证终端为云服务器终端。6 . The data transmission method based on a security module according to claim 1 , wherein the data transmission terminal is a computer terminal, and the data verification terminal is a cloud server terminal. 7 .
CN202010408960.7A 2020-05-14 2020-05-14 A security module-based data transmission system and method Pending CN111552940A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010408960.7A CN111552940A (en) 2020-05-14 2020-05-14 A security module-based data transmission system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010408960.7A CN111552940A (en) 2020-05-14 2020-05-14 A security module-based data transmission system and method

Publications (1)

Publication Number Publication Date
CN111552940A true CN111552940A (en) 2020-08-18

Family

ID=72006425

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010408960.7A Pending CN111552940A (en) 2020-05-14 2020-05-14 A security module-based data transmission system and method

Country Status (1)

Country Link
CN (1) CN111552940A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112671748A (en) * 2020-12-18 2021-04-16 深圳中科智能技术有限公司 Traceable encrypted data transmission method and system
WO2025130269A1 (en) * 2023-12-21 2025-06-26 福建省星云大数据应用服务有限公司 Blockchain-based method and system for remote big data acquisition and secure transmission

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102761417A (en) * 2012-06-27 2012-10-31 宇龙计算机通信科技(深圳)有限公司 Method for processing data transmission of terminals and terminal
CN103258276A (en) * 2013-04-26 2013-08-21 张铁网 Electronic traceability system and traceability method in commodity production, circulation and consumption process
WO2013128091A1 (en) * 2012-02-27 2013-09-06 Morpho Method for verifying the identity of a user of a communicating terminal and associated system
CN105871892A (en) * 2016-05-17 2016-08-17 北京联合大学 File cloud storage security solution method and system
CN106446192A (en) * 2016-09-29 2017-02-22 广州鹤互联网科技有限公司 Method and device for management of sign-off document
CN109951489A (en) * 2019-03-27 2019-06-28 深圳市网心科技有限公司 A digital identity authentication method, device, device, system and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013128091A1 (en) * 2012-02-27 2013-09-06 Morpho Method for verifying the identity of a user of a communicating terminal and associated system
CN102761417A (en) * 2012-06-27 2012-10-31 宇龙计算机通信科技(深圳)有限公司 Method for processing data transmission of terminals and terminal
CN103258276A (en) * 2013-04-26 2013-08-21 张铁网 Electronic traceability system and traceability method in commodity production, circulation and consumption process
CN105871892A (en) * 2016-05-17 2016-08-17 北京联合大学 File cloud storage security solution method and system
CN106446192A (en) * 2016-09-29 2017-02-22 广州鹤互联网科技有限公司 Method and device for management of sign-off document
CN109951489A (en) * 2019-03-27 2019-06-28 深圳市网心科技有限公司 A digital identity authentication method, device, device, system and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112671748A (en) * 2020-12-18 2021-04-16 深圳中科智能技术有限公司 Traceable encrypted data transmission method and system
WO2025130269A1 (en) * 2023-12-21 2025-06-26 福建省星云大数据应用服务有限公司 Blockchain-based method and system for remote big data acquisition and secure transmission

Similar Documents

Publication Publication Date Title
JP6941146B2 (en) Data security service
CN103124269B (en) Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment
JP6678457B2 (en) Data security services
CN101483654A (en) Method and system for implementing authentication and data safe transmission
US20120290833A1 (en) Certificate Blobs for Single Sign On
CN112968774B (en) Method, device storage medium and equipment for encrypting and decrypting configuration file
CN103036864A (en) Template delivery type cancelable biometric authentication system and method therefor
CN108900296B (en) Secret key storage method based on biological feature identification
CN113348455A (en) Apparatus and method for providing authentication, non-repudiation, managed access, and twin discrimination of data using data control signatures
CN110225014B (en) IoT device identity authentication method based on fingerprint centralized distribution
TWI476629B (en) Data security and security systems and methods
CN111552940A (en) A security module-based data transmission system and method
CN111698253A (en) Computer network safety system
CN117614671A (en) Encryption processing method and device for electronic accounting files
CN115086020A (en) Cloud evidence obtaining method and system and computer storage medium
CN120105442A (en) Secure encrypted storage method, device, computer equipment and readable storage medium
CN113553616A (en) A trusted data security service method, device, device and system
CN116957570A (en) Safety payment protection method and system based on artificial intelligence
KR20120004520U (en) Highly secure multifunctional authentication device
Makvandi Microcontroller-based Implementation of ParseKey+ for Limited Resources Embedded Applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200818

RJ01 Rejection of invention patent application after publication