[go: up one dir, main page]

WO2017016272A1 - Procédé, appareil et système de traitement de données de ressources virtuelles - Google Patents

Procédé, appareil et système de traitement de données de ressources virtuelles Download PDF

Info

Publication number
WO2017016272A1
WO2017016272A1 PCT/CN2016/081565 CN2016081565W WO2017016272A1 WO 2017016272 A1 WO2017016272 A1 WO 2017016272A1 CN 2016081565 W CN2016081565 W CN 2016081565W WO 2017016272 A1 WO2017016272 A1 WO 2017016272A1
Authority
WO
WIPO (PCT)
Prior art keywords
challenge code
digital signature
virtual resource
server
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2016/081565
Other languages
English (en)
Chinese (zh)
Inventor
李建立
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Publication of WO2017016272A1 publication Critical patent/WO2017016272A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce

Definitions

  • the present invention belongs to the field of communications technologies, and in particular, to a method, device, and system for processing virtual resource data.
  • a partial key pair in the payment request is first digitally signed using the private key in the client digital certificate, and then the signed data is used as a The new field is submitted to the payment backend server along with other information in the payment request.
  • the background server decrypts the signature using the public key of the certificate. If the decryption is successful and the decrypted data is correct, it is considered correct by the user. Payment request. Since the private key of the client certificate is only available on the user's terminal device, it is difficult for others to fake the user's signature.
  • the user's signature encrypted by the asymmetric encryption algorithm needs to be decrypted in real time, and the efficiency of the asymmetric encryption algorithm is relatively low.
  • Public key encryption algorithm (RSA, RSA
  • the algorithm has an encryption and decryption speed equivalent to about 1/1000 of the symmetric encryption algorithm of the same encryption strength. Under this design, the pressure exerted by the certificate user on the background server is obviously greater than that of the non-certificate user, and the operation efficiency is relatively low.
  • the first aspect of the embodiments of the present invention provides:
  • a method for processing virtual resource data including:
  • a method for processing virtual resource data including:
  • the first digital signature is decrypted by the client by using a private key of the client certificate, and according to the decrypted first challenge code and the Field information is generated;
  • a processing device for virtual resource data comprising a processor, the processor is configured to:
  • a processing device for virtual resource data comprising a processor, the processor is configured to:
  • the first digital signature is decrypted by the client by using a private key of the client certificate, and according to the decrypted first challenge code and the Field information is generated;
  • a processing system for virtual resource data comprising a client and a server, wherein the client is a processing device for virtual resource data provided by the third aspect, and the server is a processing device for virtual resource data provided by the fourth aspect.
  • a storage medium having stored therein processor-executable instructions, wherein the processor-executable instructions are for causing the processor to:
  • the server generates a challenge code for the user by using the public key in the client certificate in advance; the user decrypts the challenge code by using the private key of the client certificate when requesting the virtual resource transfer; and then according to the challenge after decryption
  • the code and the field information related to the request generate a digital signature; the server confirms whether the virtual resource transfer request is legal by verifying the correctness of the digital signature generated by the client; since the attacker does not have the client's client certificate, the challenge of the public key cannot be encrypted.
  • the code is decrypted so it cannot mimic the user's signature.
  • the generated digital signature contains information related to the corresponding payment request, and the signature can only be used for the transaction, which ensures the security of the transaction; and, because the challenge code is set in advance, the server is brought to the server during the peak payment.
  • the load pressure increases the server's operating speed.
  • FIG. 1 is a schematic flowchart of a method for processing virtual resource data according to a first embodiment of the present invention
  • FIG. 2 is a schematic flowchart of a method for processing virtual resource data according to a second embodiment of the present invention
  • FIG. 3 is a schematic flowchart of a method for processing virtual resource data according to a third embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of a device for processing virtual resource data according to a fourth embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a device for processing virtual resource data according to a fifth embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a system for processing virtual resource data according to a sixth embodiment of the present invention.
  • the principles of the present invention operate using many other general purpose or special purpose computing, communication environments, or configurations.
  • Examples of well-known computing systems, environments, and configurations suitable for use with the present invention may include, but are not limited to, hand-held phones, personal computers, servers, multi-processor systems, microcomputer-based systems, mainframe computers, and A distributed computing environment, including any of the above systems or devices.
  • module as used herein may be taken to mean a software object that is executed on the computing system.
  • the different components, modules, engines, and services described herein can be considered as implementation objects on the computing system.
  • the apparatus and method described herein are preferably implemented in software, and may of course be implemented in hardware, all of which are within the scope of the present invention.
  • the order of the following embodiments is not limited by the embodiment number, that is, the non-optimal embodiment of the first embodiment may be set according to actual needs.
  • the first embodiment may be implemented as the second preferred embodiment.
  • the third embodiment is implemented as a first preferred embodiment, and the like, and the descriptions of the first, second, and the like are merely for convenience of expression.
  • FIG. 1 is a schematic flowchart of a method for processing virtual resource data according to a first embodiment of the present invention. The method includes:
  • step S101 a transfer request of virtual resource data is transmitted, and the transfer request carries field information related to the request.
  • the processing method of the virtual resource data can be run on a client, and the client can be a notebook computer or a tablet PC (Personal) Computers, mobile phones, and the like, which have a storage unit and are equipped with a microprocessor and have a computing capability, are not specifically limited in the present invention.
  • the client can be a notebook computer or a tablet PC (Personal) Computers, mobile phones, and the like, which have a storage unit and are equipped with a microprocessor and have a computing capability, are not specifically limited in the present invention.
  • the request for the transfer of the virtual resource data in the embodiment of the present invention may include a mobile payment process, a chargeback process, a transfer process, and the like, which are not specifically limited herein.
  • step S102 according to the transfer request, the first challenge code preset by the server is acquired, and the first challenge code is generated by encrypting the public key of the client certificate.
  • step S103 the private key of the client certificate is obtained, and the first challenge code is decrypted by using the private key of the client certificate.
  • step S104 a first digital signature is generated according to the decrypted first challenge code and the field information.
  • the step S102 to the step S104 may be specifically:
  • a challenge code also called a challenge password
  • a challenge code refers to a set of encrypted passwords generated following a handshake authentication protocol, which is used to ensure that the user's real password is not leaked during transmission.
  • the first challenge code in the embodiment of the present invention refers to a challenge code generated by the server after the public key of the client certificate is encrypted. It is easy to think that the “first” and “second” in this embodiment are only for distinguishing. The description does not constitute a limitation.
  • the client After obtaining the first challenge code of the server, the client decrypts the first challenge code by using a private key of the client certificate, and then generates a first digital signature according to the decrypted first challenge code and request related field information. Since the attacker does not have the client's client certificate, the first challenge code of the public key encryption cannot be decrypted, so the digital signature of the user cannot be imitated, and the transaction security is improved.
  • step S105 when it is determined that the first digital signature is consistent with the second digital signature in the server, then the virtual resource transfer is allowed to be allowed.
  • the server in the method for processing virtual resource data provided by the embodiment, the server generates a challenge code for the user by using the public key in the client certificate in advance; and the user decrypts the challenge code by using the private key of the client certificate when requesting the virtual resource transfer; Generating a digital signature according to the decrypted challenge code and the field information related to the request; the server confirms whether the virtual resource transfer request is legal by verifying the correctness of the digital signature generated by the client; since the attacker does not have the client's client certificate, The challenge code for public key encryption is decrypted, so the user's signature cannot be mimicked.
  • the generated digital signature contains information related to the corresponding payment request, and the signature can only be used for the transaction, which ensures the security of the transaction; and, because the challenge code is set in advance, the server is brought to the server during the peak payment.
  • the load pressure increases the server's operating speed.
  • FIG. 2 is a schematic flowchart diagram of a method for processing virtual resource data according to a second embodiment of the present invention.
  • the embodiment provides a method for processing virtual resource data corresponding to the first embodiment.
  • the method is based on running on a server, and the server receives a transfer request of the virtual resource sent by the client, and the virtual resource is The transfer request is processed; wherein the client may be a terminal computer having a storage unit and a microprocessor and having a computing capability, such as a notebook computer, a tablet PC, a mobile phone, etc.; the virtual resource data in the embodiment of the present invention
  • the transfer request may include a mobile payment process, a chargeback process, a transfer process, and the like, which are not specifically limited herein.
  • the method includes:
  • step S201 a transfer request of virtual resource data is received, and the transfer request carries field information related to the request.
  • step S202 according to the transfer request, a preset first challenge code is sent to the client, and the first challenge code is generated by encrypting the public key of the client certificate.
  • step S203 the first digital signature sent by the client is received, and the first digital signature is decrypted by the client by using a private key of the client certificate, and according to the decrypted first
  • the challenge code and the field information are generated.
  • the step S201 and the step S203 may be specifically:
  • the challenge code also called challenge password
  • the challenge code refers to a set of encrypted passwords generated according to the handshake authentication protocol, and is used to ensure that the user's real password is not leaked during the transmission process.
  • the first challenge code in the embodiment of the present invention refers to a challenge code generated by the server after being encrypted by using the public key of the client certificate.
  • the client After obtaining the first challenge code of the server, the client decrypts the first challenge code by using a private key of the client certificate, and then generates a first digital signature according to the decrypted first challenge code and request related field information. And sent to the server; because the attacker does not have the user's client certificate, the first challenge code of the public key encryption cannot be decrypted, so the digital signature of the user cannot be imitated, and the transaction security is improved.
  • step S204 when it is determined that the first digital signature is consistent with the second digital signature in the server, then the virtual resource transfer is allowed to be allowed.
  • the server in the method for processing virtual resource data provided by the embodiment, the server generates a challenge code for the user by using the public key in the client certificate in advance; and the user decrypts the challenge code by using the private key of the client certificate when requesting the virtual resource transfer; Generating a digital signature according to the decrypted challenge code and the field information related to the request; the server confirms whether the virtual resource transfer request is legal by verifying the correctness of the digital signature generated by the client; since the attacker does not have the client's client certificate, The challenge code for public key encryption is decrypted, so the user's signature cannot be mimicked.
  • the generated digital signature contains information related to the corresponding payment request, and the signature can only be used for the transaction, which ensures the security of the transaction; and, because the challenge code is set in advance, the server is brought to the server during the peak payment.
  • the load pressure increases the server's operating speed.
  • FIG. 3 is a schematic flowchart diagram of a method for processing virtual resource data according to a third embodiment of the present invention.
  • the method includes:
  • step S301 the server receives user information
  • step S302 the server generates a corresponding second challenge code according to the user information, where the second challenge code carries a corresponding challenge code plaintext and a challenge code ciphertext;
  • step S303 the server acquires a public key of the user client certificate indicated by the user information
  • step S304 the server encrypts the challenge code by using the public key of the client certificate, generates a first challenge code, and stores the challenge code plaintext and the challenge code ciphertext.
  • the step S301 to the step S304 may be specifically: the first challenge code preset in the server may be set before the virtual resource is transferred, and the first challenge code is generated after the server encrypts the public key of the client certificate.
  • the server performs processing according to the user information to generate a first challenge code, where the process includes: the server Acquiring, according to the second challenge code corresponding to the user information, a public key of the client certificate indicated by the user information, the server encrypting the second challenge code by using a public key of the client certificate, and generating First challenge code.
  • step S305 the client sends a transfer request of virtual resource data, where the transfer request carries field information related to the request;
  • the request for the transfer of the virtual resource data in the embodiment of the present invention may include a mobile payment process, a chargeback process, a transfer process, and the like, which are not specifically limited herein.
  • step S306 the server sends a preset first challenge code to the client according to the transfer request.
  • step S307 the client obtains the private key of the client certificate, and decrypts the first challenge code by using the private key of the client certificate;
  • step S308 the client generates a first digital signature according to the decrypted first challenge code and the field information.
  • the step S306 to the step S308 may be specifically:
  • the client generates a first digital signature by using a one-way hash algorithm according to the decrypted first challenge code and the order number field in the field information.
  • the client After obtaining the first challenge code of the server, the client decrypts the first challenge code by using a private key of the client certificate, and then generates a first digital signature according to the decrypted first challenge code and request related field information. And sending the first digital signature and the field information to the server; since the attacker does not have the user's client certificate, the first challenge code of the public key encryption cannot be decrypted, so the digital signature of the user cannot be simulated, and the transaction is improved. safety.
  • step S309 the server acquires the first digital signature and compares the first digital signature with a second digital signature in the server;
  • the same algorithm such as the one-way hash algorithm, may be used to generate the second digital signature according to the challenge code plaintext and the field information;
  • the server obtains the first digital signature generated by the client, compares the first digital signature with the second digital signature, obtains a comparison result, and sends the comparison result to the client.
  • the client receives the comparison result sent by the server, and the comparison result is generated by the server according to the challenge code plaintext and the field information to generate a second digital signature, and the first digital signature is The second digital signature is obtained by comparison.
  • step S310 when it is determined that the first digital signature is consistent with the second digital signature in the server, then the virtual resource transfer is allowed to be allowed.
  • the client when the client determines that the first digital signature is consistent with the second digital signature according to the comparison result, it indicates that the virtual resource transfer is allowed.
  • the virtual resource transfer specifically refers to the payment processing between the client and the server, where the server may be specifically a payment background server, and the client may be specifically a mobile phone;
  • the steps include:
  • Step S1 The client sends a payment request to the payment background server
  • Step S2 The payment background server receives the payment request, and returns a first challenge code encrypted by using a public key of the client certificate;
  • the payment background server detects the legality of the order, returns the first challenge code, and details of the order, supported payment methods, and the like.
  • Step S3 After receiving the first challenge code, the client pops up a payment confirmation interface for the user to confirm the correctness of the payment method and the order information.
  • Step S4 The client decrypts the first challenge code by using a private key in the client certificate, and then uses the MD5 algorithm to generate a signature field by using the MD5 algorithm in the decrypted first challenge code and the order number and the payment method selected by the user. Signstr (ie the first digital signature); then sends the SignStr along with the order number, payment method and other payment related information to the payment backend server.
  • Signstr ie the first digital signature
  • Step S5 the payment background server uses the same algorithm of the client to generate the signature field (ie, the second digital signature) using the same algorithm of the challenge code and the order number, and compares and verifies the signature field sent by the client, and if the signature verification is passed, Then, according to the payment success can be directly returned to the client, or the user is required to check the payment password and the SMS verification code before completing the payment.
  • the signature field ie, the second digital signature
  • the server in the method for processing virtual resource data provided by the embodiment, the server generates a challenge code for the user by using the public key in the client certificate in advance; and the user decrypts the challenge code by using the private key of the client certificate when requesting the virtual resource transfer; Generating a digital signature according to the decrypted challenge code and the field information related to the request; the server confirms whether the virtual resource transfer request is legal by verifying the correctness of the digital signature generated by the client; since the attacker does not have the client's client certificate, The challenge code for public key encryption is decrypted, so the user's signature cannot be mimicked.
  • the generated digital signature contains information related to the corresponding payment request, and the signature can only be used for the transaction, which ensures the security of the transaction; and, because the challenge code is set in advance, the server is brought to the server during the peak payment.
  • the load pressure increases the server's operating speed. Further, the business operation cost of the fast payment based on the client digital certificate is reduced.
  • the embodiment of the present invention further provides an apparatus for processing the virtual resource data.
  • the meaning of the noun is the same as the method for processing the virtual resource in the foregoing first embodiment.
  • FIG. 4 is a schematic structural diagram of a virtual resource data processing apparatus according to an embodiment of the present invention, where the virtual resource data processing apparatus may be run on a client, and the client may be a notebook computer.
  • the tablet PC, the mobile phone, and the like have a terminal unit having a storage unit and a microprocessor and having a computing capability, which is not specifically limited in the present invention.
  • the processing device of the virtual resource data of the present invention may include a first sending module 401, a first obtaining module 402, a decrypting module 403, a first generating module 404, and a first indicating module 405.
  • the first sending module 401 is configured to send a virtual resource data transfer request, where the transfer request carries field information related to the request; the first obtaining module 402 is configured to obtain a server pre-requisite according to the transfer request. a first challenge code, wherein the first challenge code is generated by using a public key of the client certificate;
  • the decryption module 403 is configured to obtain a private key of the client certificate, and decrypt the first challenge code by using a private key of the client certificate; the first generating module 404 is configured to perform, according to the decrypted The first challenge code and the field information generate a first digital signature; the first indication module 405 is configured to: when the first digital signature is determined to be consistent with the second digital signature in the server, Virtual resource transfer.
  • the first generating module 404 is specifically configured to: generate a first digital signature by using a one-way hash algorithm according to the decrypted first challenge code and the order number field in the field information.
  • the device may further include: a second sending module, configured to send the first digital signature and the field information to a server; and a first receiving module, configured to receive a comparison result sent by the server, The comparison result is generated by the server according to the challenge code plaintext and the field information, and the first digital signature is compared with the second digital signature; based on the first
  • the indicating module 405 is specifically configured to: when determining that the first digital signature is consistent with the second digital signature according to the comparison result, indicating that the virtual resource transfer is allowed.
  • the server generates the challenge code for the user by using the public key in the client certificate in advance; when the user requests the virtual resource transfer, the challenge code is decrypted by using the private key of the client certificate; Generating a digital signature according to the decrypted challenge code and the field information related to the request; the server confirms whether the virtual resource transfer request is legal by verifying the correctness of the digital signature generated by the client; since the attacker does not have the client's client certificate, The challenge code for public key encryption is decrypted, so the user's signature cannot be mimicked.
  • the generated digital signature contains information related to the corresponding payment request, and the signature can only be used for the transaction, which ensures the security of the transaction; and, because the challenge code is set in advance, the server is brought to the server during the peak payment.
  • the load pressure increases the server's operating speed.
  • FIG. 5 is a schematic structural diagram of a device for processing virtual resource data according to an embodiment of the present disclosure, where the meaning of a noun is the same as the method for processing a virtual resource in the second embodiment, and specific implementation details may be referred to. Description in the method embodiment.
  • the processing device of the virtual resource data includes a second receiving module 501, a third sending module 502, a third receiving module 503, and a second indicating module 504;
  • the second receiving module 501 is configured to receive a transfer request of the virtual resource data, where the transfer request carries the field information related to the request, and the third sending module 502 is configured to send the request to the client according to the transfer request.
  • the third receiving module 503 is configured to receive a first digital signature sent by the client, where the first digital signature is used by the client to decrypt the first challenge code by using a private key of the client certificate, and according to the Decoding the first challenge code and the field information generated; the second indication module 504, configured to: when the first digital signature is determined to be consistent with the second digital signature in the server, Virtual resource transfer.
  • the device may further include: a fourth receiving module, configured to receive user information; and a second generating module, configured to generate a corresponding second challenge code according to the user information, where the second challenge code carries Corresponding challenge code plaintext and challenge code ciphertext; a second obtaining module, configured to acquire a public key of the user client certificate indicated by the user information; and an encryption storage module, configured to use the public key pair of the client certificate
  • the challenge code is encrypted, a first challenge code is generated, and the challenge code plaintext and the challenge code ciphertext are stored.
  • the device may further include: a fifth receiving module, configured to receive the first digital signature and the field information sent by the client; and a third generating module, configured to use the challenge code to be a plaintext And generating, by the field information, a second digital signature; the comparing module is configured to compare the first digital signature with the second digital signature to obtain a comparison result; and the fourth sending module is configured to send the comparison result To the client.
  • a fifth receiving module configured to receive the first digital signature and the field information sent by the client
  • a third generating module configured to use the challenge code to be a plaintext And generating, by the field information, a second digital signature
  • the comparing module is configured to compare the first digital signature with the second digital signature to obtain a comparison result
  • the fourth sending module is configured to send the comparison result To the client.
  • the server generates the challenge code for the user by using the public key in the client certificate in advance; when the user requests the virtual resource transfer, the challenge code is decrypted by using the private key of the client certificate; Generating a digital signature according to the decrypted challenge code and the field information related to the request; the server confirms whether the virtual resource transfer request is legal by verifying the correctness of the digital signature generated by the client; since the attacker does not have the client's client certificate, The challenge code for public key encryption is decrypted, so the user's signature cannot be mimicked.
  • the generated digital signature contains information related to the corresponding payment request, and the signature can only be used for the transaction, which ensures the security of the transaction; and, because the challenge code is set in advance, the server is brought to the server during the peak payment.
  • the load pressure increases the server's operating speed.
  • FIG. 6 is a schematic structural diagram of a processing system of a virtual resource according to an embodiment of the present invention.
  • the processing system of the virtual resource includes: a server 601 and a client 602, where the client 602 may be specifically The processing device for virtual resource data according to the fourth embodiment, wherein the server 601 is a processing device for virtual resource data according to the fifth embodiment.
  • the client 602 is configured to send a virtual resource data transfer request, where the transfer request carries field information related to the request; and according to the transfer request, acquire a first challenge code preset by the server, where the first challenge code is The public key of the client certificate is encrypted and generated; the private key of the client certificate is obtained, and the first challenge code is decrypted by using the private key of the client certificate; according to the decrypted first challenge code and the The field information generates a first digital signature; when it is determined that the first digital signature is consistent with the second digital signature in the server, then indicating that the virtual resource transfer is allowed.
  • the server 601 is configured to receive a transfer request of the virtual resource data, where the transfer request carries the field information related to the request, and send, according to the transfer request, a preset first challenge code to the client, where the first challenge code is utilized. And generating, by the client, the first digital signature sent by the client, where the first digital signature is decrypted by the client by using the private key of the client certificate, and according to the The decrypted first challenge code and the field information are generated; when it is determined that the first digital signature is consistent with the second digital signature in the server, indicating that the virtual resource transfer is allowed.
  • the processing device of the virtual resource data provided by the embodiment of the present invention, for example, a computer, a tablet computer, a mobile phone with a touch function, and the like, the processing device of the virtual resource data and the processing of the virtual resource data in the above embodiment
  • the method belongs to the same concept, and any method provided in the embodiment of the method for processing the virtual resource data can be executed on the processing device of the virtual resource data, and the specific implementation process is described in the embodiment of the method for processing the virtual resource data. , will not repeat them here.
  • the processing method of the virtual resource data of the present invention a common tester in the art can understand all or part of the process for implementing the processing method of the virtual resource data in the embodiment of the present invention, which can be obtained by a computer program.
  • the computer program may be stored in a computer readable storage medium, such as in a memory of the terminal, and executed by at least one processor in the terminal, and may include, for example, during execution.
  • the storage medium may be a magnetic disk, an optical disk, a read only memory (ROM, Read) Only Memory), random access memory (RAM, Random Access Memory), etc.
  • each functional module may be integrated into one processing chip, or each module may exist physically separately, or two or more modules may be integrated into one module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • the integrated module if implemented in the form of a software functional module and sold or used as a standalone product, may also be stored in a computer readable storage medium, such as a read only memory, a magnetic disk or an optical disk, etc. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé de traitement de données de ressources virtuelles. Le procédé comprend les étapes consistant : à envoyer une demande de transfert de ressources virtuelles ; à acquérir un premier code de défi, qui est généré par des moyens de cryptage à l'aide d'une clé publique d'un certificat de client, et d'une clé privée du certificat de client, et à utiliser la clé privée pour décrypter le premier code de défi ; à générer une première signature numérique selon le premier code de défi décrypté ; et lorsque la première signature numérique concorde avec une seconde signature numérique dans un serveur, à autoriser le transfert de ressources virtuelles. L'invention concerne en outre un appareil et un système de traitement de données de ressources virtuelles.
PCT/CN2016/081565 2015-07-29 2016-05-10 Procédé, appareil et système de traitement de données de ressources virtuelles Ceased WO2017016272A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510455785.6A CN106411520B (zh) 2015-07-29 2015-07-29 一种虚拟资源数据的处理方法、装置及系统
CN201510455785.6 2015-07-29

Publications (1)

Publication Number Publication Date
WO2017016272A1 true WO2017016272A1 (fr) 2017-02-02

Family

ID=57884144

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/081565 Ceased WO2017016272A1 (fr) 2015-07-29 2016-05-10 Procédé, appareil et système de traitement de données de ressources virtuelles

Country Status (2)

Country Link
CN (1) CN106411520B (fr)
WO (1) WO2017016272A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113011945A (zh) * 2021-03-16 2021-06-22 深圳市微创云启科技有限公司 订单编号的生成方法、装置、终端设备和存储介质
CN114219484A (zh) * 2021-12-15 2022-03-22 广州品唯软件有限公司 一种支付系统接口管理方法及装置

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108596581B (zh) * 2017-12-04 2020-08-18 阿里巴巴集团控股有限公司 资源转移的验证方法、装置和电子支付验证方法、装置
CN111213147B (zh) 2019-07-02 2023-10-13 创新先进技术有限公司 用于基于区块链的交叉实体认证的系统和方法
CN111164594B (zh) 2019-07-02 2023-08-25 创新先进技术有限公司 用于将去中心化标识映射到真实实体的系统和方法
CN114006705B (zh) * 2021-12-28 2022-03-18 深圳市名竹科技有限公司 数字签名处理方法、装置、计算机设备和存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1477810A (zh) * 2003-06-12 2004-02-25 上海格尔软件股份有限公司 基于数字证书实现的动态口令认证方法
WO2004079985A1 (fr) * 2003-03-06 2004-09-16 Tim Italia S.P.A. Procede et progiciel pour l'authentification mutuelle dans un reseau de communications
CN1859097A (zh) * 2006-01-19 2006-11-08 华为技术有限公司 一种基于通用鉴权框架的认证方法及系统
CN101083556A (zh) * 2007-07-02 2007-12-05 蔡水平 一种按地域分层次无线信息发布搜索交流应用系统

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101222333B (zh) * 2007-12-24 2010-11-10 北京握奇数据系统有限公司 一种数据交易处理方法及设备
US20140359034A1 (en) * 2013-05-31 2014-12-04 David A. Hernandez Methods and Systems for Automatically Making Acts of Advocacy Based on Content in Electronic Information Streams
CN103532719B (zh) * 2013-10-22 2017-01-18 天地融科技股份有限公司 动态口令生成方法和系统、交易请求的处理方法和系统
CN104320261B (zh) * 2014-11-05 2018-06-15 北京大唐智能卡技术有限公司 金融智能卡上实现身份认证的方法、金融智能卡和终端

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004079985A1 (fr) * 2003-03-06 2004-09-16 Tim Italia S.P.A. Procede et progiciel pour l'authentification mutuelle dans un reseau de communications
CN1477810A (zh) * 2003-06-12 2004-02-25 上海格尔软件股份有限公司 基于数字证书实现的动态口令认证方法
CN1859097A (zh) * 2006-01-19 2006-11-08 华为技术有限公司 一种基于通用鉴权框架的认证方法及系统
CN101083556A (zh) * 2007-07-02 2007-12-05 蔡水平 一种按地域分层次无线信息发布搜索交流应用系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113011945A (zh) * 2021-03-16 2021-06-22 深圳市微创云启科技有限公司 订单编号的生成方法、装置、终端设备和存储介质
CN114219484A (zh) * 2021-12-15 2022-03-22 广州品唯软件有限公司 一种支付系统接口管理方法及装置

Also Published As

Publication number Publication date
CN106411520B (zh) 2020-08-04
CN106411520A (zh) 2017-02-15

Similar Documents

Publication Publication Date Title
US12381728B2 (en) Accessory assisted account recovery
WO2017016272A1 (fr) Procédé, appareil et système de traitement de données de ressources virtuelles
WO2020171538A1 (fr) Dispositif électronique et procédé de fourniture de service de signature numérique de chaîne de blocs utilisant ce dernier
WO2019127973A1 (fr) Procédé, système et dispositif d'authentification d'autorité pour référentiel de miroirs et support de stockage
US7987374B2 (en) Security chip
WO2020186775A1 (fr) Procédé, appareil et dispositif de fourniture de données de service, et support de stockage lisible par ordinateur
WO2016169410A1 (fr) Procédé et dispositif d'ouverture de session, serveur et système d'ouverture de session
WO2018133686A1 (fr) Procédé et dispositif de protection de mot de passe, et support de stockage
WO2018030707A1 (fr) Système et procédé d'authentification, et équipement d'utilisateur, serveur d'authentification, et serveur de service pour exécuter ledit procédé
WO2017135670A1 (fr) Procédé et serveur permettant de fournir un service de notaire pour un dossier et de vérifier un dossier enregistré par un service de notaire
WO2016206530A1 (fr) Procédé, appareil et système de paiement mobile hautement sécurisé
WO2019132272A1 (fr) Identifiant en tant que service basé sur une chaîne de blocs
WO2014063455A1 (fr) Procédé et système de messagerie instantanée
JP6671701B1 (ja) 演算装置、演算方法、演算プログラム、および演算システム
WO2025236608A1 (fr) Procédé de vérification d'informations et dispositif associé
WO2020253120A1 (fr) Procédé, système et dispositif d'enregistrement de page web, et support de stockage informatique
WO2020091525A1 (fr) Procédé de paiement à l'aide d'une authentification biométrique et dispositif électronique associé
WO2020231177A1 (fr) Dispositif électronique et procédé de réception d'un message de poussée mémorisé dans une chaîne de blocs
WO2020235733A1 (fr) Dispositif et procédé permettant d'authentifier un utilisateur et d'obtenir une signature d'utilisateur grâce à la biométrie de l'utilisateur
WO2016064041A1 (fr) Terminal d'utilisateur utilisant une valeur de hachage pour détecter si un programme d'application a été altéré et procédé de détection d'altération utilisant le terminal d'utilisateur
WO2012149717A1 (fr) Procédé, dispositif et système de gestion dynamique de licence basés sur une tcm ou une tpm
WO2019182377A1 (fr) Procédé, dispositif électronique et support d'enregistrement lisible par ordinateur permettant de générer des informations d'adresse utilisées pour une transaction de cryptomonnaie à base de chaîne de blocs
WO2020032351A1 (fr) Procédé permettant d'établir une identité numérique anonyme
WO2018053904A1 (fr) Procédé et terminal de traitement d'informations
CN114389860A (zh) 语音通信方法及其装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16829639

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16829639

Country of ref document: EP

Kind code of ref document: A1