[go: up one dir, main page]

TWI655558B - Key confidential data protection system - Google Patents

Key confidential data protection system Download PDF

Info

Publication number
TWI655558B
TWI655558B TW104140058A TW104140058A TWI655558B TW I655558 B TWI655558 B TW I655558B TW 104140058 A TW104140058 A TW 104140058A TW 104140058 A TW104140058 A TW 104140058A TW I655558 B TWI655558 B TW I655558B
Authority
TW
Taiwan
Prior art keywords
module
hardware password
password module
key
interface
Prior art date
Application number
TW104140058A
Other languages
Chinese (zh)
Other versions
TW201721495A (en
Inventor
吳錦松
張明信
張耿豪
Original Assignee
中華電信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中華電信股份有限公司 filed Critical 中華電信股份有限公司
Priority to TW104140058A priority Critical patent/TWI655558B/en
Publication of TW201721495A publication Critical patent/TW201721495A/en
Application granted granted Critical
Publication of TWI655558B publication Critical patent/TWI655558B/en

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

一種關鍵機密資料保護系統,主要是利用硬體密碼模組設備的機構破壞偵測功能當成第一層機密資料的防護,再藉由定位保護裝置與中央安全監控主機建構出第二層機密資料的防護,若硬體密碼模組設備受到入侵者以暴力將設備機構破壞或是搬移指定場所,本發明會立即執行清除關鍵機密資料的動作,以確保關鍵機密資料的安全,如果硬體密碼模組設備是在未經授權下被搬移指定場所,硬體密碼模組設備周遭的定位保護裝置就會立即通知中央安全監控主機,即時執行標準的安全操作程序。 A key confidential data protection system mainly utilizes the mechanism destruction detection function of the hardware password module device as the protection of the first layer of confidential data, and then constructs the second layer of confidential information by using the positioning protection device and the central security monitoring host. Protection, if the hardware password module device is violently destroyed or moved to a designated place by an intruder, the present invention immediately performs the action of clearing the key confidential information to ensure the security of the key confidential information, if the hardware password module The device is moved to the designated place without authorization. The location protection device around the hardware password module device immediately informs the central security monitoring host to immediately execute the standard security operation procedures.

Description

關鍵機密資料保護系統 Key confidential data protection system

本發明係有關於一種關鍵機密資料保護之技術領域,特別是指結合定位保護裝置與中央安全監控主機的安全保護架構所實現之關鍵機密資料保護系統。 The invention relates to a technical field of key confidential data protection, in particular to a key confidential data protection system realized by a security protection architecture combined with a positioning protection device and a central security monitoring host.

現在的硬體密碼模組設備之機密資料保護,只有提供機構破壞之入侵保護,當偵測到硬體密碼模組設備的機構正在被破壞時,就會立即啟動機密資料之清除機制,這種保護對於一般門禁森嚴的場所也許是足夠的,但是對於人員管理不是很周密的場所,或是對於機密資料安全要求非常高的機構,此硬體密碼模組設備具有的機構破壞保護功能就顯得有點不足。 The confidential data protection of the current hardware password module device only provides the intrusion protection of the organization destruction. When the mechanism detecting the hardware password module device is being destroyed, the confidential data clearing mechanism is immediately activated. Protection may be sufficient for general access control, but for personnel management is not very careful, or for organizations with very high security requirements for confidential information, the hardware damage protection function of this hardware password module device is a bit insufficient.

在下列先前的專利技術中有提及類似的概念:(1)台灣專利公開號501013,是使用機構與主電路板已經分離的偵測,來做為機密資料的保護機制。這種偵測保護方法是顯得薄弱了一些。(2)台灣專利公開號I450552,是使用感應開關來作為設備被破壞的偵測方法,若是發現非法破壞設備,就啟動機密資料的保護機制。這種感應開關方式包含了Micro Switch、Case繞線、光學Sensor、震動Sensor、近接開關及塗料保護之組合。雖然已經具備完善的入侵偵測能力,但也只是對於硬體密碼模組設備被破壞時,才會啟動機密資料的保護。並無法對於硬體密碼模組設備被搬移指定場所時,有保護的能力。(3)美國專利公開號 7945792,提出了一種當硬體密碼模組設備被入侵時,在設備的機構外觀處,提供了一個可以讓使用者用眼睛就可以察覺到設備已經被入侵的反應元件。雖然此方法可以讓使用者明白設備是否已經遭受入侵,但使用者不在設備附近時,是無法察覺設備已經被破壞了,而且更無法對於硬體密碼模組設備被搬移指定場所時,有保護的能力。 A similar concept is mentioned in the following prior patents: (1) Taiwan Patent Publication No. 501013, which is a separation mechanism between the use mechanism and the main circuit board, as a protection mechanism for confidential data. This method of detecting protection is a bit weaker. (2) Taiwan Patent Publication No. I450552 is a detection method that uses an inductive switch as a device to be destroyed. If an illegal destruction device is found, the protection mechanism of the confidential data is activated. This sensor switch includes a combination of Micro Switch, Case Winding, Optical Sensor, Vibration Sensor, Proximity Switch and Paint Protection. Although it has a complete intrusion detection capability, it only protects the confidential data when the hardware password module device is destroyed. It is not possible to protect the hardware password module device when it is moved to a designated location. (3) US Patent Publication No. 7945792, a response element is provided in the appearance of the device when the hardware cryptographic module device is invaded, providing a response element that allows the user to perceive the device from being invaded by the eye. Although this method can help the user to understand whether the device has been invaded, but the user is not aware of the device has been destroyed when the user is not near the device, and is even less protected when the hardware password module device is moved to the designated place. ability.

本發明鑑於上述3項專利提出的方法,第一個是只有提供簡單的 機構與主電路板已經分離的偵測,來做為機密資料的保護機制;第二個是只對於硬體密碼模組設備的機構被破壞時,才會啟動機密資料的保護機制。第三個是只對於硬體密碼模組設備的機構被破壞時,會提供可以由人眼知道設備已經被入侵的保護機制。發明人發現到這3種方法是無法滿足一個需求更高的機密資料保護場所,乃亟思加以改良創新,並經多年苦心孤詣潛心研究後,終於成功研發完成本件應用於關鍵機密資料保護系統。 The present invention is directed to the method proposed by the above three patents, the first one is only providing simple The detection of the separation of the organization and the main circuit board is used as a protection mechanism for confidential data; the second is that the protection mechanism of the confidential data is activated only when the mechanism of the hardware password module device is destroyed. The third is that when the mechanism of the hardware cryptographic module device is destroyed, a protection mechanism that can be known by the human eye that the device has been hacked is provided. The inventors found that these three methods can not meet a more demanding confidential data protection site, but they have improved and innovated, and after years of painstaking research, they finally succeeded in research and development of this application in key confidential data protection systems.

本發明之目的,在於增進設備的關鍵機密資料之保護。本發明是於硬體密碼模組設備周遭增加一些短距離的定位保護裝置,在正常使用情況下,定位保護裝置會在固定時間內傳送一筆資料給硬體密碼模組設備,以讓硬體密碼模組設備知道本設備仍在有效場所內,未遠離此場所,同時硬體密碼模組設備也可以接收到一組標準時間與場所位置資訊。並且硬體密碼模組設備也會在固定時間內傳送一筆資料給定位保護裝置,以讓定位保護裝置知道硬體密碼模組設備仍在有效場所內,若是發現硬體密碼模組設備已經離開指定的場所,就會啟動緊急信息給中央安全監控主機,執行標準的安全操作程序。藉由 本定位保護裝置與中央安全監控主機建構出的第二層防護,硬體密碼模組設備就可以具有更安全的機密資料之防護功能。 It is an object of the present invention to enhance the protection of critical confidential information of equipment. The invention is a positioning protection device for adding a short distance around the hardware cryptographic module device. Under normal use, the positioning protection device transmits a piece of data to the hardware cryptographic module device in a fixed time to make the hardware password. The module device knows that the device is still in an effective place, not far from the place, and the hardware password module device can also receive a set of standard time and location information. And the hardware password module device also transmits a piece of data to the positioning protection device within a fixed time, so that the positioning protection device knows that the hardware password module device is still in the effective place, and if the hardware password module device has been found to have left the designated device The location will initiate emergency information to the central security monitoring host to perform standard security procedures. By The second layer of protection is constructed by the positioning protection device and the central security monitoring host, and the hardware password module device can have a more secure protection function for confidential data.

達成上述發明目的之一種關鍵機密資料保護系統,是利用硬體密 碼模組設備的機構破壞偵測功能當成第一層機密資料的防護,再藉由定位保護裝置與中央安全監控主機建構出第二層機密資料的防護。第二層機密資料的防護,主要是於硬體密碼模組設備周遭增加一些短距離的定位保護裝置,在正常使用情況下,定位保護裝置會在固定時間內傳送一筆資料給硬體密碼模組設備,以讓硬體密碼模組設備知道本設備仍在有效場所內,未遠離此場所,同時硬體密碼模組設備也可以接收到一組標準時間與場所位置資訊。並且硬體密碼模組設備也會在固定時間內傳送一筆資料給定位保護裝置,以讓定位保護裝置知道硬體密碼模組設備仍在有效場所內,若是發現硬體密碼模組設備已經離開指定的場所,定位保護裝置就會啟動緊急信息給中央安全監控主機,執行標準的安全操作程序。如果定位保護裝置已經離開指定的場所或是故障,也會立即被中央安全監控主機發現到,中央安全監控主機就會執行標準的安全操作程序。硬體密碼模組設備與定位保護裝置之間的通信,是採用藍牙(Bluetooth)或是無線區域網路裝置(Wi-Fi)的當成無線的資料傳輸通道,再加上資料加密技術來確保通信資料不會被竊取。本發明包含: A key confidential data protection system that achieves the above object of the invention is to use hard body secrets The mechanism destruction detection function of the code module device acts as the protection of the first layer of confidential data, and then constructs the second layer of confidential data protection by the positioning protection device and the central security monitoring host. The protection of the second layer of confidential information is mainly to add some short-distance positioning protection devices around the hardware password module equipment. Under normal use, the positioning protection device will transmit a data to the hardware password module within a fixed time. The device allows the hardware password module device to know that the device is still in an effective place, not far from the place, and the hardware password module device can also receive a set of standard time and location information. And the hardware password module device also transmits a piece of data to the positioning protection device within a fixed time, so that the positioning protection device knows that the hardware password module device is still in the effective place, and if the hardware password module device has been found to have left the designated device The location protection device will activate emergency information to the central security monitoring host to perform standard security procedures. If the location protection device has left the designated location or is faulty, it will be immediately detected by the central security monitoring host, and the central security monitoring host will perform standard security operation procedures. The communication between the hardware password module device and the positioning protection device is a wireless data transmission channel using Bluetooth or a wireless local area network device (Wi-Fi), and data encryption technology is used to ensure communication. The information will not be stolen. The invention comprises:

1.硬體密碼模組設備:為提供系統執行簽章、認證、加密、機密資料管理功能,與接收從定位保護裝置送來的定位與時間資訊。並且每間隔一段時間,就會傳送本設備的代碼,以讓定位保護裝置知道本設備仍在指定的場所內。此設備內部包括:Wi-Fi與藍牙無線模組、有線網路介面、BNC介面、USB介面、Uart介面、VGA介面、Audio介面、讀卡機介面、CPU、精準校時模組、簽 章演算法模組、加解密演算法模組、大整數運算模組、亂數產生模組、金鑰儲存記憶體。 1. Hardware password module equipment: to provide the system to perform signature, authentication, encryption, confidential data management functions, and to receive positioning and time information sent from the positioning protection device. And at intervals, the device's code is transmitted to let the location protector know that the device is still in the designated location. The device includes: Wi-Fi and Bluetooth wireless module, wired network interface, BNC interface, USB interface, Uart interface, VGA interface, Audio interface, card reader interface, CPU, precision calibration module, signing Chapter algorithm module, encryption and decryption algorithm module, large integer operation module, random number generation module, key storage memory.

2.定位保護裝置:為提供硬體密碼模組設備定位與時間資訊,並且偵測硬體密碼模組設備是否仍在指定的場所。如果設備遠離指定的場所時,就會啟動緊急信息給中央安全監控主機,執行標準的安全操作程序。此設備內部包括:Wi-Fi與藍牙無線模組、Uart介面、讀卡機介面、GPS模組、簽章演算法模組、加解密演算法模組。 2. Positioning protection device: to provide hardware password module device positioning and time information, and to detect whether the hardware password module device is still in the designated place. If the device is away from the designated location, an emergency message is sent to the central security monitoring host to perform standard security procedures. The device includes: Wi-Fi and Bluetooth wireless module, Uart interface, card reader interface, GPS module, signature algorithm module, encryption and decryption algorithm module.

3.中央安全監控主機:為提供安全的防護系統。當收到定位保護裝置的緊急告知時,會立即執行標準的安全操作程序。 3. Central Security Monitoring Host: To provide a secure protection system. When an emergency notification of the position protection device is received, the standard safety operation procedure is executed immediately.

101‧‧‧中央安全監控主機 101‧‧‧Central Security Monitoring Host

102‧‧‧定位保護裝置 102‧‧‧ Positioning protection device

103‧‧‧硬體密碼模組設備 103‧‧‧ hardware password module equipment

104‧‧‧管理伺服器 104‧‧‧Management Server

201‧‧‧Wi-Fi與藍牙無線模組 201‧‧‧Wi-Fi and Bluetooth wireless modules

202‧‧‧有線網路介面 202‧‧‧Wired network interface

203‧‧‧BNC介面 203‧‧‧BNC interface

204‧‧‧USB介面 204‧‧‧USB interface

205‧‧‧Uart介面 205‧‧‧Uart interface

206‧‧‧VGA介面 206‧‧‧VGA interface

207‧‧‧Audio介面 207‧‧‧Audio interface

208‧‧‧讀卡機介面 208‧‧‧ card reader interface

209‧‧‧嵌入式CPU模組 209‧‧‧Embedded CPU module

210‧‧‧精準校時模組 210‧‧‧Precise timing module

211‧‧‧簽章演算法模組 211‧‧‧Signature Algorithm Module

212‧‧‧加解密演算法模組 212‧‧‧Addition and decryption algorithm module

213‧‧‧大整數運算模組 213‧‧‧Large integer arithmetic module

214‧‧‧真實亂數產生模組 214‧‧‧ Real random number generation module

215‧‧‧金鑰儲存記憶體 215‧‧‧Key storage memory

301‧‧‧Wi-Fi與藍牙無線模組 301‧‧ Wi-Fi and Bluetooth wireless modules

302‧‧‧Uart介面 302‧‧‧Uart interface

303‧‧‧讀卡機介面 303‧‧‧ card reader interface

304‧‧‧嵌入式CPU模組 304‧‧‧Embedded CPU Module

305‧‧‧GPS模組 305‧‧‧GPS module

306‧‧‧簽章演算法模組 306‧‧‧Signature Algorithm Module

307‧‧‧加解密演算法模組 307‧‧‧Crystal and Decryption Algorithm Module

圖1為本發明之關鍵機密資料保護系統應用示意圖;圖2為本發明之硬體密碼模組設備之硬體架構示意圖;圖3為本發明之定位保護裝置之硬體架構示意圖;圖4為本發明之定位保護裝置的開機流程示意圖;圖5為本發明之定位保護裝置A傳送信息到硬體密碼模組B的流程示意圖;圖6為本發明之硬體密碼模組B傳送信息到定位保護裝置A的流程示意圖;以及圖7為本發明之定位保護裝置A傳送信息到中央安全監控主機C的流程示意圖。 1 is a schematic diagram of the application of the key confidentiality data protection system of the present invention; FIG. 2 is a schematic diagram of the hardware architecture of the hardware password module device of the present invention; FIG. 3 is a schematic diagram of the hardware structure of the positioning protection device of the present invention; FIG. 5 is a schematic flowchart of the positioning protection device A of the present invention transmitting information to the hardware password module B; FIG. 6 is a schematic diagram of the hardware password module B transmitting information to the positioning according to the present invention; Schematic diagram of the protection device A; and FIG. 7 is a schematic flow chart of the positioning protection device A of the present invention transmitting information to the central security monitoring host C.

茲配合圖式將本發明較佳實施例詳細說明如下: 請參閱圖1所示,為關鍵機密資料保護系統應用示意圖,此示意圖說明了硬體密碼模組設備103、定位保護裝置102與中央安全監控主機101三者之間的運作關係。定位保護裝置102會在固定時間內傳送一筆資料給硬體密碼模組設備103,以讓硬體密碼模組設備103知道本設備仍在有效場所內,未遠離此場所,同時硬體密碼模組設備103也可以接收到一組標準時間與場所位置資訊。並且硬體密碼模組設備103也會在固定時間內傳送一筆資料給定位保護裝置102,以讓定位保護裝置102知道硬體密碼模組設備103仍在有效場所內,若是發現硬體密碼模組設備103已經離開指定的場所,定位保護裝置102就會啟動緊急信息給中央安全監控主機101,執行標準的安全操作程序(由系統維護者設定處理程序,例如通知相關人員與保全人員進行後續處理)。如果定位保護裝置102已經離開指定的場所或是故障,也會立即被中央安全監控主機101發現到,中央安全監控主機101就會執行標準的安全操作程序。硬體密碼模組設備103與定位保護裝置102之間的通信,是採用藍牙(Bluetooth)或是無線區域網路裝置(Wi-Fi)的當成無線的資料傳輸通道,再加上資料加密技術來確保通信資料不會被竊取。 The preferred embodiment of the present invention will be described in detail below with reference to the drawings: Please refer to FIG. 1 , which is a schematic diagram of the application of the key confidential data protection system. The schematic diagram illustrates the operational relationship between the hardware password module device 103 , the location protection device 102 and the central security monitoring host 101 . The location protection device 102 transmits a piece of data to the hardware password module device 103 within a fixed time period, so that the hardware password module device 103 knows that the device is still in an effective place, is not far away from the place, and the hardware password module Device 103 can also receive a set of standard time and location location information. And the hardware password module device 103 also transmits a piece of data to the location protection device 102 within a fixed time, so that the location protection device 102 knows that the hardware password module device 103 is still in an effective place, and if the hardware password module is found. The device 103 has left the designated location, and the location protection device 102 activates the emergency information to the central security monitoring host 101 to perform a standard security operation procedure (the system maintainer sets the processing procedure, for example, notifying the relevant personnel and the security personnel for subsequent processing) . If the location protection device 102 has left the designated location or is faulty, it is immediately discovered by the central security monitoring host 101, and the central security monitoring host 101 performs standard security operations. The communication between the hardware code module device 103 and the location protection device 102 is a wireless data transmission channel using Bluetooth or a wireless local area network device (Wi-Fi), plus data encryption technology. Make sure that the communication data is not stolen.

請參閱圖2所示,為硬體密碼模組設備之硬體架構示意圖,包含Wi-Fi與藍牙無線模組201、有線網路介面202、BNC(Bayonet Nut Connector)介面203、USB介面204、Uart(Universal Asynchronous Receiver/Transmitter_通用非同步收發傳輸器)介面205、VGA(Video Graphics Array_視訊圖形陣列)介面206、Audio(音頻)介面207、讀卡機介面208、嵌入式CPU模組209、精準校時模組210、簽章演算法模組211、加解密演算法模組212、大整數運算模組213、真實亂數產生模組214、金鑰儲存記憶體215。 Please refer to FIG. 2, which is a hardware architecture diagram of a hardware password module device, including a Wi-Fi and Bluetooth wireless module 201, a wired network interface 202, a BNC (Bayonet Nut Connector) interface 203, a USB interface 204, Uart (Universal Asynchronous Receiver/Transmitter) interface 205, VGA (Video Graphics Array) interface 206, Audio interface 207, card reader interface 208, embedded CPU module 209 The precision calibration module 210, the signature algorithm module 211, the encryption and decryption algorithm module 212, the large integer operation module 213, the real random number generation module 214, and the key storage memory 215.

請參閱圖3所示,為定位保護裝置之硬體架構示意圖,其中包括: Wi-Fi與藍牙無線模組301、Uart介面302、讀卡機介面303、嵌入式CPU模組304、GPS模組305、簽章演算法模組306、加解密演算法模組307。 Please refer to FIG. 3, which is a schematic diagram of a hardware structure of a positioning protection device, including: Wi-Fi and Bluetooth wireless module 301, Uart interface 302, card reader interface 303, embedded CPU module 304, GPS module 305, signature algorithm module 306, encryption and decryption algorithm module 307.

請參閱圖4所示,為定位保護裝置的開機流程示意圖,其中包括: 定位保護裝置傳送給硬體密碼模組設備的第一筆信號為「Client Hello」、加密演算法種類、簽章認證演算法種類、隨機亂數,此隨機亂數必須使用硬體密碼模組設備的公鑰來進行加密。硬體密碼模組設備回傳送給定位保護裝置的第一筆信號為「Server Hello」訊息與先前的1組隨機亂數,此隨機亂數必須使用定位保護裝置的公鑰來進行加密。定位保護裝置傳送給硬體密碼模組設備的第二筆信號為「Server Hello ACK」訊息與先前的1組隨機亂數,此隨機亂數必須使用硬體密碼模組設備的公鑰來進行加密。 Please refer to FIG. 4, which is a schematic diagram of the booting process of the positioning protection device, including: The first signal transmitted by the location protection device to the hardware password module device is "Client Hello", the type of encryption algorithm, the type of signature authentication algorithm, and the random number. The random number must use the hardware password module device. The public key is used for encryption. The first signal sent back to the location protection device by the hardware password module device is a "Server Hello" message and a previous random random number. The random number must be encrypted using the public key of the location protection device. The second signal transmitted by the location protection device to the hardware password module device is a "Server Hello ACK" message and a previous random random number. The random number must be encrypted using the public key of the hardware password module device. .

請參閱圖5所示,為定位保護裝置A傳送信息到硬體密碼模組B的 流程示意圖,其中:ENCK1(Data1)係為將信息(Data1),用金鑰(K1)來執行加密;PUKB(A代碼,K1)係為將A代碼與金鑰(K1),使用硬體密碼模組設備B的公鑰來進行加密。當硬體密碼模組設備B接收到信息時,會先使用密鑰解出金鑰(K1),再執行信息(Data1)的解密。最後就會將信息(Data1)執行封包拆解與分析,判斷是否是有效封包資料。如果是有效封包資料,就回送給定位保護裝置A一個信息ACK0;如果不是有效封包資料,就回送給定位保護裝置A一個信息ACK1。 Please refer to FIG. 5, which is a schematic diagram of the process of transmitting information to the hardware password module B for the positioning protection device A, wherein: ENC K1 (Data1) is to perform information (Data1), and performs encryption by using a key (K1); PUK B (A code, K1) encrypts the A code and the key (K1) using the public key of the hardware code module device B. When the hardware password module device B receives the information, it first uses the key to solve the key (K1), and then performs the decryption of the information (Data1). Finally, the information (Data1) is executed to disassemble and analyze the packet to determine whether it is valid packet data. If it is valid packet data, it will send back a message ACK0 to the location protection device A; if it is not valid packet data, it will send a message ACK1 to the location protection device A.

請參閱圖6所示,為硬體密碼模組B傳送信息到定位保護裝置A的 流程示意圖,其中:ENCK2(Data2)係為將信息(Data2),用金鑰(K2)來執行加密;PUKA(B代碼,K2)係為將B代碼與金鑰(K2),使用定位保護裝置A的公鑰來進行加密。當定位保護裝置A接收到信息時,會先使用密鑰解出金鑰(K2),再執行信息 (Data2)的解密。最後就會將信息(Data2)執行封包拆解與分析,判斷是否是有效封包資料。如果是有效封包資料,就回送給硬體密碼模組B一個信息ACK0;如果不是有效封包資料,就回送給硬體密碼模組B一個信息ACK1。 Please refer to FIG. 6 , which is a schematic diagram of the process of transmitting information to the location protection device A for the hardware password module B, where: ENC K2 (Data2) is to perform information (Data2) and perform encryption by using a key (K2); PUK A (B code, K2) encrypts the B code and the key (K2) using the public key of the positioning protection device A. When the location protection device A receives the information, it first uses the key to decrypt the key (K2), and then performs the decryption of the message (Data2). Finally, the information (Data2) will be disassembled and analyzed to determine whether it is valid packet data. If it is valid packet data, it will be sent back to the hardware password module B for a message ACK0; if it is not valid packet data, it will be sent back to the hardware password module B for a message ACK1.

請參閱圖7所示,為定位保護裝置A傳送信息到中央安全監控主機C的流程示意圖,其中:ENCK3(Alive0或Alive1)係為將信息(Alive0或Alive1),用金鑰(K3)來執行加密;PUKC(A代碼,K3)係為將A代碼與金鑰(K3),使用中央安全監控主機C的公鑰來進行加密。當中央安全監控主機C接收到信息時,會先使用密鑰解出金鑰(K3),再執行信息(Alive0或Alive1)的解密。最後就會將信息(Alive0或Alive1)執行封包拆解與分析,判斷是否是有效封包資料。如果是有效封包資料,就回送給定位保護裝置A一個信息ACK0;如果不是有效封包資料,就回送給定位保護裝置A一個信息ACK1。 Please refer to FIG. 7 , which is a schematic diagram of the process of transmitting information to the central security monitoring host C for the positioning protection device A, wherein: ENC K3 (Alive0 or Alive1) is the information (Alive0 or Alive1), using the key (K3). Encryption is performed; PUK C (A code, K3) is used to encrypt the A code and the key (K3) using the public key of the central security monitoring host C. When the central security monitoring host C receives the information, it will first use the key to decrypt the key (K3), and then perform the decryption of the information (Alive0 or Alive1). Finally, the information (Alive0 or Alive1) will be parsed and analyzed to determine whether it is valid packet data. If it is valid packet data, it will send back a message ACK0 to the location protection device A; if it is not valid packet data, it will send a message ACK1 to the location protection device A.

本發明之各單元實施方式分別敘述如下: The various unit embodiments of the present invention are described as follows:

1.硬體密碼模組設備103:功能:為提供系統執行簽章、認證、加密、機密資料管理功能,與接收從定位保護裝置102送來的定位與時間資訊。並且每間隔一段時間,就會傳送本設備的代碼,以讓定位保護裝置102知道本設備仍在指定的場所內。 1. Hardware cryptographic module device 103: Function: To perform the system performing signature, authentication, encryption, confidential data management functions, and receiving positioning and time information sent from the positioning protection device 102. And each time interval, the code of the device is transmitted to let the location protection device 102 know that the device is still in the designated location.

內容:本發明使用本設備中的Wi-Fi與藍牙無線模組,來與定位保護裝置102互相通信。 Content: The present invention uses the Wi-Fi and Bluetooth wireless modules in the device to communicate with the location protection device 102.

一開始在指定場所執行硬體密碼模組設備103裝機時,必須先將數個定位保護裝置102向硬體密碼模組設備103進行註冊,並且進行金鑰的 交換,讓彼此獲得簽章認證用的公開金鑰、數位憑證與加密資料用的密鑰,以讓兩設備進行信號傳輸時,可以擁有安全的通信,不會讓駭客有機會進行資料竊取與偽造。 When the hardware password module device 103 is installed at a specified location, the plurality of location protection devices 102 must first be registered with the hardware password module device 103, and the keys are keyed. Exchange, let each other obtain the public key for the signature authentication, the digital certificate and the key used to encrypt the data, so that when the two devices transmit signals, they can have secure communication, and will not allow the hacker to have the opportunity to steal data and counterfeit.

當裝機完成時,使用者就可以將數個定位保護裝置102,放置於離硬體密碼模組設備103不遠的任意位置,以進行機密資料的保護。 When the installation is completed, the user can place a plurality of positioning protection devices 102 at any position not far from the hardware password module device 103 to protect the confidential data.

2.定位保護裝置102:功能:為提供硬體密碼模組設備103定位與時間資訊,並且偵測硬體密碼模組設備103是否仍在指定的場所。如果設備遠離指定的場所時,就會啟動緊急信息給中央安全監控主機101,執行標準的安全操作程序。如果定位保護裝置102已經離開指定的場所或是故障,也會立即被中央安全監控主機101發現到,中央安全監控主機101就會執行標準的安全操作程序。 2. Positioning protection device 102: Function: to provide location and time information for the hardware password module device 103, and to detect whether the hardware password module device 103 is still at the designated location. If the device is away from the designated location, emergency information is sent to the central security monitoring host 101 to perform standard security procedures. If the location protection device 102 has left the designated location or is faulty, it is immediately discovered by the central security monitoring host 101, and the central security monitoring host 101 performs standard security operations.

內容:此裝置具有短距離無線通信的能力,與具有簽章認證、加解密的功能。並且此裝置可以接收GPS信號,以獲得位置與時間資訊。 Content: This device has the ability of short-range wireless communication, and has the functions of signature authentication, encryption and decryption. And the device can receive GPS signals to obtain location and time information.

3.中央安全監控主機101:功能:為提供安全的防護系統。當收到定位保護裝置102的緊急告知時,會立即執行標準的安全操作程序。 3. Central Security Monitoring Host 101: Function: To provide a secure protection system. When an emergency notification by the location protection device 102 is received, a standard security operation procedure is executed immediately.

內容:中央安全監控主機101是執行安全監控功能,具有系統被入侵時,通報上級機關與指定對象的能力,並且可以依照管理者事先的設定,來執行災難發生的相關處理。 Content: The central security monitoring host 101 performs the security monitoring function, and has the ability to notify the superior authority and the designated object when the system is invaded, and can perform the related processing of the disaster occurrence according to the administrator's prior setting.

4.安全的傳輸通信方法:功能:執行安全的資料信息傳輸。 4. Secure transmission and communication method: Function: Perform secure data transmission.

內容:本發明使用的安全傳輸通信協定流程如下:4.1在開機時,定位保護裝置102必須先向硬體密碼模組設備103執行安全連線。連線方法為:4.1.1首先定位保護裝置102必須傳送「Client Hello」訊息、要使用的加密演算法、簽章認證演算法與1組隨機亂數等資訊發送給硬體密碼模組設備103。此隨機亂數必須使用硬體密碼模組設備103的公鑰來進行加密。 Content: The secure transmission protocol used in the present invention is as follows: 4.1 At the time of power-on, the location protection device 102 must first perform a secure connection to the hardware password module device 103. The connection method is as follows: 4.1.1 First, the positioning protection device 102 must transmit a "Client Hello" message, an encryption algorithm to be used, a signature authentication algorithm, and a set of random random numbers to the hardware password module device 103. . This random random number must be encrypted using the public key of the hardware cryptographic module device 103.

4.1.2硬體密碼模組設備103收到「Client Hello」訊息、要使用的加密演算法、簽章認證演算法與1組隨機亂數等資訊後,會以本設備的私密金鑰執行隨機亂數的解密,最後再回傳「Server Hello」訊息與先前的1組隨機亂數值給定位保護裝置102。此隨機亂數必須使用定位保護裝置102的公鑰來進行加密。 4.1.2 After receiving the "Client Hello" message, the encryption algorithm to be used, the signature authentication algorithm and a set of random random numbers, etc., the hardware password module device 103 performs random operation with the private key of the device. The random number is decrypted, and finally the "Server Hello" message is sent back to the location protection device 102 with a previous random set of random values. This random random number must be encrypted using the public key of the location protection device 102.

4.1.3如果一段時間內,定位保護裝置102還未收到從硬體密碼模組設備103傳送過來的「Server Hello」與先前的1組隨機亂數值之回應訊息,就會重新傳送一次,直到硬體密碼模組設備103回應成功為止。 4.1.3 If the location protection device 102 has not received the response message of "Server Hello" transmitted from the hardware password module device 103 and the previous group of random random values for a period of time, it will be retransmitted once until The hardware password module device 103 responds successfully.

4.1.4當硬體密碼模組設備103回應成功時,定位保護裝置102會再發送「Server Hello ACK」信息與先前的1組隨機亂數值給硬體密碼模組設備103,用來通知硬體密碼模組設備103本裝置已經成功收到回應。此隨機亂數必須使用硬體密碼模組設備103的公鑰來進行加密。 4.1.4 When the hardware password module device 103 responds successfully, the location protection device 102 will resend the "Server Hello ACK" message and the previous set of random hash values to the hardware password module device 103 for notifying the hardware. The cryptographic module device 103 has successfully received a response from the device. This random random number must be encrypted using the public key of the hardware cryptographic module device 103.

4.2開機完成後,定位保護裝置102與硬體密碼模組設備103之間的通信,就會採用現在協商好的加密演算法與簽章認證演算法,來進行傳輸資料加密與簽章認證。 4.2 After the booting is completed, the communication between the positioning protection device 102 and the hardware password module device 103 will use the currently negotiated encryption algorithm and the signature authentication algorithm to perform transmission data encryption and signature authentication.

4.3定位保護裝置102與硬體密碼模組設備103會在每間隔一段時間後,互相傳送信息。 4.3 The location protection device 102 and the hardware password module device 103 will transmit information to each other after each interval.

整合上述硬體密碼模組設備103、定位保護裝置102與中央安全監控主機101,即可以建構出一個更安全的機密資料保護系統。由於三者之間的資料傳輸都是採用加密資料傳輸,所以資料是不會被第三者盜取利用;而且設備在接收加密資料之前,都有先執行傳送端的設備認證,若是認證成功才會繼續分析接收的加密資料,若是認證失敗就不會繼續分析接收的加密資料,所以第三者是無法偽造設備端的發送資料,以企圖盜取機密資料。 By integrating the hardware password module device 103, the location protection device 102 and the central security monitoring host 101, a more secure confidential data protection system can be constructed. Since the data transmission between the three is transmitted by encrypted data, the data will not be stolen by the third party; and the device will perform the device authentication of the transmitting end before receiving the encrypted data. Continue to analyze the received encrypted data. If the authentication fails, the received encrypted data will not be analyzed. Therefore, the third party cannot forge the sending data of the device to attempt to steal confidential information.

由上所述,本發明提出一種關鍵機密資料保護系統,利用硬體密碼模組設備103、定位保護裝置102與中央安全監控主機101三者之間的運作關係,來建構出更安全的機密資料防護能力。在正常使用情況下,硬體密碼模組設備103可以接收到從定位保護裝置102傳送過來的標準時間與場所位置資訊,以讓本設備知道仍在有效場所內。當硬體密碼模組設備103發現已經遠離有效場所時,就會自行執行關鍵機密資料的清除,以免機密資料外洩。然而當定位保護裝置102發現硬體密碼模組設備103已經遠離有效場所時,就會啟動緊急信息給中央安全監控主機101,執行標準的安全操作程序。 From the above, the present invention provides a key confidential data protection system, which utilizes the operational relationship between the hardware password module device 103, the location protection device 102 and the central security monitoring host 101 to construct a more secure confidential data. Protection ability. Under normal use, the hardware code module device 103 can receive the standard time and location information transmitted from the location protection device 102 to let the device know that it is still in an effective location. When the hardware password module device 103 finds that it has been away from the effective place, it will perform the clearing of the key confidential information to avoid leakage of confidential information. However, when the location protection device 102 finds that the hardware password module device 103 has moved away from the effective location, the emergency information is activated to the central security monitoring host 101 to perform a standard security operation procedure.

上列詳細說明係針對本發明之一可行實施例之具體說明,惟該實施例並非用以限制本發明之專利範圍,凡未脫離本發明技藝精神所為之等效實施或變更,均應包含於本案之專利範圍中。 The detailed description of the preferred embodiments of the present invention is intended to be limited to the scope of the invention, and is not intended to limit the scope of the invention. The patent scope of this case.

Claims (4)

一種關鍵機密資料保護系統,其主要包括:硬體密碼模組設備,用以定時傳送代碼至定位保護裝置,並提供關鍵機密資料保護系統執行簽章、認證、加密及機密資料管理;定位保護裝置,用以提供硬體密碼模組設備定位與時間資訊,並且偵測硬體密碼模組設備是否仍在指定的場所,若硬體密碼模組設備遠離指定的場所,即啟動緊急信息給中央安全監控主機;中央安全監控主機,係於收到定位保護裝置的緊急信息時,執行標準的安全操作程序,其中,該定位保護裝置以無線資料傳輸通道分別與該硬體密碼模組設備及該中央安全監控主機連結,以令該定位保護裝置作為該硬體密碼模組設備及該中央安全監控主機之間的訊號傳輸媒介,且其中,該標準的安全操作程序包括於該硬體密碼模組設備發現已遠離有效場所時,即自行執行關鍵機密資料的清除,以避免該機密資料外洩。 A key confidential data protection system, which mainly comprises: a hardware password module device for timing transmission of code to a positioning protection device, and providing a key confidential data protection system for performing signature, authentication, encryption and confidential data management; positioning protection device It is used to provide hardware password module device positioning and time information, and to detect whether the hardware password module device is still in the designated place. If the hardware password module device is away from the designated place, the emergency information is activated to the central security. Monitoring the host; the central security monitoring host performs a standard security operation procedure when receiving the emergency information of the positioning protection device, wherein the positioning protection device respectively uses the wireless data transmission channel with the hardware password module device and the central The security monitoring host is connected to enable the positioning protection device as a signal transmission medium between the hardware password module device and the central security monitoring host, and wherein the standard security operation program is included in the hardware password module device. When it is found that it is far away from the effective place, it will perform the clearing of the key confidential information by itself. Avoid the leakage of confidential information. 如請求項1所述之關鍵機密資料保護系統,其中硬體密碼模組設備包括Wi-Fi與藍牙無線模組、有線網路介面、BNC(Bayonet Nut Connector)介面、USB介面、Uart(Universal Asynchronous Receiver/Transmitter_通用非同步收發傳輸器)介面、VGA(Video Graphics Array_視訊圖形陣列)介面、Audio(音頻)介面、讀卡機介面、嵌入式CPU模組、精準校時模組、簽章演算法模組、加解密演算法模組、大整數運算模組、真實亂數產生模組及金鑰儲存記憶體。 The key confidential data protection system as claimed in claim 1, wherein the hardware password module device comprises a Wi-Fi and Bluetooth wireless module, a wired network interface, a BNC (Bayonet Nut Connector) interface, a USB interface, and a Uart (Universal Asynchronous). Receiver/Transmitter_Universal asynchronous transceiver interface, VGA (Video Graphics Array) interface, Audio interface, card reader interface, embedded CPU module, precision timing module, signature Algorithm module, encryption and decryption algorithm module, large integer operation module, real random number generation module and key storage memory. 如請求項1所述之關鍵機密資料保護系統,其中定位保護裝置包括Wi-Fi與藍牙無線模組、Uart介面、讀卡機介面、嵌入式CPU模組、GPS模組、簽章演算法模組及加解密演算法模組。 The key confidential data protection system as claimed in claim 1, wherein the positioning protection device comprises a Wi-Fi and Bluetooth wireless module, a Uart interface, a card reader interface, an embedded CPU module, a GPS module, and a signature algorithm. Group and encryption and decryption algorithm modules. 如請求項1所述之關鍵機密資料保護系統,其中硬體密碼模組設備與定位保護裝置之間,係採用藍牙(Bluetooth)或是無線區域網路裝置(Wi-Fi)的無線資料傳輸通道。 The key confidential data protection system according to claim 1, wherein the hardware password transmission device and the positioning protection device adopt a wireless data transmission channel of a Bluetooth or a wireless local area network device (Wi-Fi). .
TW104140058A 2015-12-01 2015-12-01 Key confidential data protection system TWI655558B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW104140058A TWI655558B (en) 2015-12-01 2015-12-01 Key confidential data protection system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW104140058A TWI655558B (en) 2015-12-01 2015-12-01 Key confidential data protection system

Publications (2)

Publication Number Publication Date
TW201721495A TW201721495A (en) 2017-06-16
TWI655558B true TWI655558B (en) 2019-04-01

Family

ID=59687445

Family Applications (1)

Application Number Title Priority Date Filing Date
TW104140058A TWI655558B (en) 2015-12-01 2015-12-01 Key confidential data protection system

Country Status (1)

Country Link
TW (1) TWI655558B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI857342B (en) * 2021-09-08 2024-10-01 新唐科技股份有限公司 Integrated circuit and electronic apparatus

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201346639A (en) * 2011-12-22 2013-11-16 Intel Corp Always-available embedded theft reaction subsystem
TWI470970B (en) * 2011-08-26 2015-01-21 Liang Tse Lin Monitoring system and operating method thereof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI470970B (en) * 2011-08-26 2015-01-21 Liang Tse Lin Monitoring system and operating method thereof
TW201346639A (en) * 2011-12-22 2013-11-16 Intel Corp Always-available embedded theft reaction subsystem

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI857342B (en) * 2021-09-08 2024-10-01 新唐科技股份有限公司 Integrated circuit and electronic apparatus
US12500147B2 (en) 2021-09-08 2025-12-16 Nuvoton Technology Corporation Integrated circuit (IC) and electronic apparatus

Also Published As

Publication number Publication date
TW201721495A (en) 2017-06-16

Similar Documents

Publication Publication Date Title
US10411898B2 (en) Method and device for providing a key for internet of things (IoT) communication
CN107438230B (en) Secure Wireless Ranging
JP5868990B2 (en) Satellite beam spot beam certification
US20160277933A1 (en) Secure Data Communication system between IoT smart devices and a Network gateway under Internet of Thing environment
CN102945526B (en) A kind of device and method for improving mobile equipment on-line safety of payment
US8302174B2 (en) System, device and method for secure provision of key credential information
WO2018050081A1 (en) Device identity authentication method and apparatus, electric device, and storage medium
CN106663162A (en) Securely pairing computing devices
CN105959648B (en) An encryption method, device and video surveillance system
US7689211B2 (en) Secure login method for establishing a wireless local area network connection, and wireless local area network system
US10805276B2 (en) Device and methods for safe control of vehicle equipment secured by encrypted channel
CN104796262B (en) Data ciphering method and terminal system
TWI655558B (en) Key confidential data protection system
US20250323899A1 (en) Method and apparatus for authenticating encrypted communication
CA2650163C (en) System and method for secure provision of key credential information
CN108270601B (en) Mobile terminal, alarm information acquisition, alarm information sending method and device
KR101754519B1 (en) Keyboard secure system and method for protecting data input via keyboard using one time key
KR102308248B1 (en) Encryption Gateway equipped with quantum encryption chip based a quantum random number and method of providing encryption communication service between IoT device using the same
CN102185697B (en) Solution of two-factor authentication security system
TW201717097A (en) Data encryption system
JP7735176B2 (en) Wireless transmission system and wireless transmission method
CN115119150B (en) Short message encryption and decryption method, device, equipment and storage medium
TWI567586B (en) Works transmission method and system
KR101426926B1 (en) Method for setting communication channel for wireless USB
KR101634785B1 (en) Apparatus and method for preventing MITM attack

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees