The invention relates to a verification method and a verification system based on a biometric feature ID chain. The method includes: acquiring a biometric feature to be verified; comparing the biometric feature to be verified with a biometric feature template in an old biometric feature template region, and comparing the biometric feature to be verified with a biometric feature template in a current biometric feature template region, to respectively match at least two biometric feature IDs; generating a biometric feature ID chain on the basis of the at least two biometric feature IDs; and sending a user ID, a device ID and the biometric feature ID chain to a backend for identity verification. In the invention, a biometric feature ID chain containing the biometric feature history of a unified user terminal is generated when a biometric feature is re-entered at a local user terminal.
This application discloses a card management method, a user terminal, a server, a system and a storage medium. A security element of a user terminal stores a first type and a second type of universal card instance, a first matching universal card instance is configured for transaction verification of a binding card, the first matching universal card instance includes a first matching universal card identifier, and the first matching universal card identifier is a first type of universal card identifier or a second type of universal card identifier matching a card type of the binding card. The method includes: sending a card binding message to a server, wherein the card binding message includes a security element identifier and binding card authentication information, so that the server allocates a card transaction identifier for the binding card; receiving the card transaction identifier; storing the card transaction identifier to the security element.
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
3.
FULL BACKUP METHOD AND APPARATUS FOR DISTRIBUTED DATABASE SYSTEM, AND COMPUTER-READABLE STORAGE MEDIUM
The present invention provides a method and an apparatus for performing a full backup for a distributed database system, and a computer-readable storage medium. Said method comprises: acquiring full backup data of each data node in the distributed database system, with a full-backup time point corresponding to the full backup data being a time point; determining a trust divergence time point for the time point, where all transactions in prepared states prior to the trust divergence time point are enabled to be committed or rolled back before the time point; acquiring a first incremental log set of said each data node between the trust divergence time point and the time point; acquiring from the first incremental log set a pending transaction of said each data node; and replaying the pending transaction of said each data node on the full backup data of said each data node
G06F 11/14 - Détection ou correction d'erreur dans les données par redondance dans les opérations, p.ex. en utilisant différentes séquences d'opérations aboutissant au même résultat
G06F 16/27 - Réplication, distribution ou synchronisation de données entre bases de données ou dans un système de bases de données distribuées; Architectures de systèmes de bases de données distribuées à cet effet
4.
Numerical value ranking method and apparatus based on blockchain
A blockchain based numerical value ranking method includes: using, by a first participant, a public key of the first participant to encrypt a private value of the first participant to obtain an encrypted text of the first participant; obtaining encrypted texts of other participants, and generating a challenge value having a preset bit length; based on the challenge value and the private value of the first participant, and the encrypted texts and public keys of the other participants, determining mixed results of the first participant with respect to the other participants; and determining a numerical value ranking result between the first participant and a second participant based on the mixed result of the second participant with respect to the first participant.
H04L 9/00 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité
H04L 9/30 - Clé publique, c. à d. l'algorithme de chiffrement étant impossible à inverser par ordinateur et les clés de chiffrement des utilisateurs n'exigeant pas le secret
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
5.
DATA STORAGE METHOD, APPARATUS, DEVICE AND STORAGE MEDIUM
This application provides a data storage method which is applied to a data storage device and includes: acquiring a first user identification and first user data of a first user; determining, from at least two preset distributed hosts in different areas, a first identification distributed host corresponding to the first user identification and a first data distributed host corresponding to the first user data; sending the first user identification to the first identification distributed host, so that the first identification distributed host stores the first user identification, and generates and stores a first identity identification corresponding to the first user identification; receiving the first identity identification; and sending the first identity identification and the first user data to the first data distributed host, so that the first data distributed host stores them in an associated manner.
A card management method, a user terminal, a server, a card management system and a storage medium are provided. The method includes: sending a card binding message to a server, wherein the card binding message includes card authentication information of a card to be bound; receiving a card type of the card to be bound and dedicated card information for the card to be bound sent by the server, wherein the dedicated card information includes a card transaction identifier; loading the dedicated card information for the card to be bound onto a security element, wherein the dedicated card information for the card to be bound together with matching universal personalization data are useable to perform transaction verification of the card to be bound, and the matching universal personalization data is first-type universal personalization data or second-type universal personalization data that matches the card type of the card to be bound.
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06K 19/073 - Dispositions particulières pour les circuits, p.ex. pour protéger le code d'identification dans la mémoire
7.
METHOD FOR BINDING CARD, TERMINAL DEVICE, AUTHENTICATION SERVER AND STORAGE MEDIUM
Embodiments of the present application provide a method for binding card, a terminal device, an authentication server and a storage medium. The method is applicable to terminal device including security element, and includes: obtaining a user identifier for logging in target application by a user and a secure element identifier of the secure element; sending the user identifier to an authentication server, wherein the user identifier is for the authentication server to search at least one first card bound to the user identifier; receiving card information of at least one first card sent by the authentication server; and sending a binding request to a card issuing server corresponding to card information, wherein the binding request comprises the card information, the user identifier and the secure element identifier, and the binding request is for the card issuing server to bind card information to the user identifier and the secure element identifier.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06F 21/45 - Structures ou outils d’administration de l’authentification
8.
DATA REAL-TIME MONITORING METHOD AND APPARATUS BASED ON MACHINE LEARNING
Disclosed are a method and an apparatus for real-time data monitoring based on machine learning, the method including: training a multi-layer predictor on actual values of historical indicator data, each layer of the multi-layer predictor including a plurality of predictors of different types; outputting predicted values of future indicator data by inputting a future time period for prediction into the trained multi-layer predictor; calculating alarm thresholds from the predicted values of the future indicator data and historical prediction errors; and triggering an alarm when an actual value of the future indicator data exceeds the corresponding alarm threshold. The accuracy of the alarm thresholds can be improved, and the alarm thresholds can be well adapted to the constantly changing indicator data. There is no need to manually configure a fixed alarm threshold, the accuracy of the alarm can be ensured, and the number of missed and false alarms can be reduced.
A transaction method, a terminal device, a payment system, a merchant system, and a storage medium. The transaction method comprises: generating a payment request (101); sending the payment request in a rich media message format to a payment system (102); and receiving a payment processing result in a rich media message format from the payment system, wherein the payment processing result corresponds to the payment request (104). A user can make payment by sending and receiving rich media messages without needing to install multiple payment applications, thereby enabling convenient operation.
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
10.
METHOD, TERMINAL DEVICE, SERVER, SYSTEM AND STORAGE MEDIUM FOR ACTIVATING PAYMENT FUNCTIONS
The present application provides a method, terminal device, server, system and storage medium for activating payment functions. The method is applicable to a terminal device. The method includes receiving a first input from a user; generating a payment function activation request in response to the first input, the payment function activation request including a payment function identifier for indicating various payment functions that are instructed to be activated for a target resource card; sending, to a server, the payment function activation request; and receiving an activation reply message sent by the server, the activation reply message comprising a target payment identifier generated by the server according to the payment function identifier, the target payment identifier including payment identifiers of the target resource card under the various payment functions that are instructed to be activated for the target resource card.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
11.
PAYMENT METHOD, GATEWAY DEVICE, SERVER AND STORAGE MEDIUM
Embodiments of the present application provide a payment method, a gateway device, a server and a storage medium. The method is applied to the gateway device, and the method includes: obtaining target identification information and payment amount of a target IoT device connected to the gateway device, wherein the target identification information includes a first device identification of the target IoT device and/or a feature identification of a physical layer between the target IoT device and the gateway device; sending a first payment request to the server, wherein the first payment request includes the target identification information, a second device identification of the gateway device and the payment amount, and the first payment request is configured to instruct the server to search a target payment account associated with the target identification information and the second device identification, and to deduct from the target payment account according to the payment amount.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/30 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
A data transmission method includes: determining, by a regional access device, a message that needs to be transmitted includes M pieces of QoS information; and after the regional access device determines that a device identifier in a first piece of QoS information is consistent with a device identifier of the regional access device, updating a QoS value of the message that needs to be transmitted with a first QoS value in the first piece of QoS information, and forwarding the updated message that needs to be transmitted. The first piece of QoS information is any one of the M pieces of QoS information.
A transaction data processing method includes: determining one or more transaction key values and one or more transaction feature values of a to-be-processed transaction according to transaction information of the to-be-processed transaction; determining a rule union corresponding to the to-be-processed transaction according to the one or more transaction key values, the rule union including a plurality of to-be-matched rules; matching the one or more transaction feature values of the to-be-processed transaction sequentially with the plurality of to-be-matched rules in the rule union to obtain a rule matching result of the to-be-processed transaction; and performing a billing process of the to-be-processed transaction according to the rule matching result.
A payment code generation method and device, for use in solving the problem that additional information prompt cannot be performed due to less information in a payment code. The method comprises: receiving a payment code generation request sent by a terminal, the payment code generation request comprising a payment-related object identifier (301); obtaining payment information of a payment-related object and an affiliated feature identifier of the payment-related object according to the payment-related object identifier (302); determining affiliated information of the payment-related object according to the affiliated feature identifier of the payment-related object (303); and generating a payment code generation response according to the payment information and affiliated information of the payment-related object, and sending the payment code generation response to the terminal, such that the terminal generates a payment code according to the payment code generation response (304).
The present application discloses a method and an apparatus for migrating payment card, an electronic device, a server and a medium. The method for migrating payment card includes: receiving payment card migration operation after an account is logged in on the first electronic device; displaying, in response to payment card migration operation, at least one device identifier which is an identifier of a target electronic device on which the account had been logged in; receiving a first selecting operation for a target device identifier of the at least one device identifier; and sending, in response to the first selecting operation, the target device identifier to a server, to cause the server to migrate a payment card bound to a second electronic device to the first electronic device, wherein the second electronic device is an electronic device corresponding to the target device identifier of at least one target electronic device.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
16.
BLOCKCHAIN DATA ACCESS AUTHORIZATION METHOD, APPARATUS, AND DEVICE
A method for authorizing a blockchain data access on a blockchain platform includes: obtaining from a third-party institution a data access request containing a user ID of data access, a data scope, and a random number of a signature, which is generated by the third-party institution after receiving a random number sent by a client terminal and signing on the received random number; performing a verification on the random number of the signature and the data scope; and after the verification is passed, sending data ciphertext corresponding to the user ID to the third-party institution, such that the third-party institution decrypts the data ciphertext using a data secret key sent by the client terminal.
H04L 9/06 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p.ex. système DES
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
17.
MQTT PROTOCOL SIMULATION METHOD AND SIMULATION DEVICE
The simulation device is provided with a user space and a network adapter. The method comprises: a simulation device obtains a serialization command of a simulation test and configures the serialization command for a plurality of MQTT client instances, controls the plurality of MQTT client instances to package the serialization command by using a simulation protocol stack of a user space so as to obtain a simulation message, transmits the simulation message to a network adapter, and the network adapter sends said message to an MQTT server for simulation testing.
H04L 43/0811 - Surveillance ou test en fonction de métriques spécifiques, p.ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux en vérifiant la disponibilité en vérifiant la connectivité
18.
DATA PROCESSING METHOD, APPARATUS, DEVICE AND COMPUTER-READABLE STORAGE MEDIUM
The application discloses a data processing method, apparatus, device and medium. The data processing method includes: receiving target activation data and a target activation instruction sent by a target server, wherein the target activation data includes a payment token to be activated corresponding to a payment card account number which needs to be activated; updating, in response to the target activation instruction, a target payment token in target personalized data to be the payment token to be activated, wherein a transaction card type indicated by the target personalized data is same as a transaction card type indicated by the target activation instruction; and setting the updated target payment token to be in an activated state.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
19.
DATA SECURITY PROCESSING TERMINAL, SYSTEM AND METHOD
The application provides a data security processing terminal, system and method, and is related to a field of data processing. The data security processing terminal includes: an image acquisition device configured to acquire image data and transmit the image data to a Trust Execution Environment through a secure channel; an image acquisition driver operating in the Trust Execution Environment and configured to drive, in response to a drive instruction from a processor, the image acquisition device to acquire the image data; the processor operating in the Trust Execution Environment and configured to send the drive instruction to the image acquisition driver, obtain the image data, encrypt the image data using a stored first key to obtain image ciphertext data, and output the image ciphertext data. The technical solution of the present applicant can be used to ensure the security of image data.
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 16/583 - Recherche caractérisée par l’utilisation de métadonnées, p.ex. de métadonnées ne provenant pas du contenu ou de métadonnées générées manuellement utilisant des métadonnées provenant automatiquement du contenu
H04L 9/06 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p.ex. système DES
20.
Service invoking method, device, apparatus and medium
The application discloses a service invoking method, device, apparatus and medium. The service invoking method includes: receiving a first service request message sent by a service invoking end; determining, in response to the first service request message, header information of the first service request message; determining, under a condition that the header information includes a route identification, a target data center among a plurality of data centers according to the route identification; sending the first service request message to the target data center to enable the target data center to provide service for the service invoking end. Based on the embodiments of the application, efficiency of service invoking can be improved.
H04L 67/63 - Ordonnancement ou organisation du service des demandes d'application, p.ex. demandes de transmission de données d'application en utilisant l'analyse et l'optimisation des ressources réseau requises en acheminant une demande de service en fonction du contenu ou du contexte de la demande
H04L 67/1008 - Sélection du serveur pour la répartition de charge basée sur les paramètres des serveurs, p.ex. la mémoire disponible ou la charge de travail
21.
DATA ENCRYPTION AND DECRYPTION METHOD, DEVICE, STORAGE MEDIUM AND ENCRYPTED FILE
The application provides a data encryption and decryption method, device, storage medium, and encrypted file, and relates to the technical field of data processing. The method for data encryption includes: obtaining a first key, and performing an obfuscation operation on the first key and data to be encrypted to obtain obfuscation operation result data; obtaining a second key, and obtaining a first signature of the obfuscation operation result data according to the second key; obtaining a third key, and encrypting the first key, the data to be encrypted and the first signature using the third key to obtain a target ciphertext; obtaining a fourth key, and obtaining a second signature of the target ciphertext according to the fourth key; generating an encrypted file including the target ciphertext and the second signature. With the technical solutions of the application, security of data protection can be improved.
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04L 9/06 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p.ex. système DES
The application provides an image acquisition apparatus, a server, and encryption and decryption methods, and relates to the field of data processing. The image acquisition apparatus includes: an image acquisition device including an encryption processor and a data interface provided in the image acquisition device, wherein the encryption processor is configured to encrypt, by using a stored first key, image data acquired by the image acquisition device to obtain image ciphertext data; the data interface is configured to obtain the image ciphertext data and output the image ciphertext data to a terminal device. With the technical solution of the application, security of the image data can be ensured.
H04L 9/14 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité utilisant plusieurs clés ou algorithmes
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
The application provides a method for data reading and writing processing, data center, disaster recovery system and storage medium. The method includes receiving, by a first data center, a data reading request including a first user identification; determining, in response to the data reading request, whether a writing user identification set stored in the first data center includes the first user identification, the writing user identification set including user identifications corresponding to data writing requests; and under a condition that the writing user identification set includes the first user identification, forwarding the data reading request to a second data center, to read, in the second data center, data to be read as indicated by the data reading request, the second data center being configured to receive and process a data writing request sent by a user terminal or forwarded by the first data center.
G06F 11/14 - Détection ou correction d'erreur dans les données par redondance dans les opérations, p.ex. en utilisant différentes séquences d'opérations aboutissant au même résultat
G06F 16/27 - Réplication, distribution ou synchronisation de données entre bases de données ou dans un système de bases de données distribuées; Architectures de systèmes de bases de données distribuées à cet effet
24.
Method and device for control of blockchain data access based on smart contract
The present disclosure provides a method and a device for control of blockchain data access based on a smart contract. The method includes obtaining, by a blockchain node, an access operation request of an institution, the access operation request including a transaction identifier of a transaction to be accessed, according to the transaction identifier, determining a blockchain state corresponding to the transaction identifier, the blockchain state including a hash value of the transaction corresponding to a last time change of the blockchain state, according to the hash value of the transaction corresponding to the last time change in the blockchain state and an identifier of the institution, performing data access control on the institution, obtaining control result, and transmitting the control result to the institution.
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
25.
Method and device for communication between microservices
A method for communication between microservices, performed by a first host machine node, includes: obtaining a first microservice instance located on the first host machine node, determining a first microservice to which the first microservice instance belongs, and determining a list of triples corresponding to the first microservice according to the first microservice. The list of triples corresponding to the first microservice includes at least one triple, each triple of the at least one triple includes a visitor of the microservice, a visited party of the microservice, and an access port, and the visitor of the microservice of each triple included in the list of triples corresponding to the first microservice is the first microservice. The method also includes determining, by the first host machine node, an access policy of the first microservice instance according to the list of triples corresponding to the first microservice.
A data processing method, apparatus and system, for improving the security and accuracy in the data processing process. The method comprises: receiving target biometric information and verification password information of a target object sent by an acquisition institution server; recognizing, from registered biometric information of a plurality of objects, the registered biometric information matching the target biometric information; determining target account information of the target object according to the recognized registered biometric information; and sending a data processing request to a card issuing institution server corresponding to the target account information, the data processing request comprising the target account information and the verification password information, so that the card issuing institution server performs verification using the verification password information and performs data processing according to the target account information after the verification is passed.
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
The embodiments of the application disclose a payment method, apparatus, device, system and storage medium. In the method, a target graphic identifier through the first application app is identified to obtain the first address; wherein, the first app is one of multiple optional apps, and the optional apps comprise apps with payment functions and apps without payment functions; order confirmation information is sent to the first server based on the first page corresponding to the first address; the second address corresponding to an unified payment gateway fed back by the first server is received; a payment component to pay for the order based on the second page corresponding to the second address is called. A payment method, apparatus, device, system and storage medium in embodiments of the application can reduce interface cost, improve payment efficiency, and users can complete payment by scanning codes using any app.
The present invention relates to a method and a system for integrated payment. The method for integrated payment includes: receiving, from a user terminal, a first access request corresponding to payment information; generating redirection address information on the basis of the first access request; and transmitting the redirection address information to the user terminal; wherein the redirection address information comprises jump target information and order information corresponding to a transaction order to be paid. The system for integrated payment includes: a receiving unit configured to receive a first access request from a user terminal; a redirection address information generating unit configured to generate redirection address information on the basis of the first access request; and a transmitting unit configured to transmit the redirection address information to the user terminal; where the redirection address information generating unit is further configured to encapsulate order information and transaction amount information corresponding to a transaction order to be paid into the redirection address information.
A positioning method comprises acquiring positioning information of a 5G base station from a satellite, obtaining calibration information based on the positioning information, and broadcasting outwards the calibration information; acquiring initial positioning information of a user terminal from the satellite; accessing a nearest 5G base station in real time, monitoring and acquiring calibration information broadcasted by the nearest 5G base station; and calibrating the initial positioning information acquired in the initial positioning step according to the calibration information acquired in the monitoring step to obtain positioning result information. As described above, the positioning of centimeter level precision can be realized by utilizing the 5G base station, and there is no need to additionally establish a CORS base station and a data center, thereby the cost of precise positioning can be reduced.
G01S 5/02 - Localisation par coordination de plusieurs déterminations de direction ou de ligne de position; Localisation par coordination de plusieurs déterminations de distance utilisant les ondes radioélectriques
H04W 4/029 - Services de gestion ou de suivi basés sur la localisation
G01C 21/34 - Recherche d'itinéraire; Guidage en matière d'itinéraire
G01C 21/36 - Dispositions d'entrée/sortie pour des calculateurs embarqués
G01S 5/00 - Localisation par coordination de plusieurs déterminations de direction ou de ligne de position; Localisation par coordination de plusieurs déterminations de distance
H04W 4/02 - Services utilisant des informations de localisation
H04W 84/04 - Réseaux à grande échelle; Réseaux fortement hiérarchisés
The present disclosure provides a method and a device for transaction clearing. The method includes receiving first clearing requests transmitted by a quantity N of terminals, where N>1; according to the first clearing requests, acquiring transaction data of the quantity N of terminals from a database; initializing a cache queue, and loading the transaction data into the cache queue; reading the transaction data in the cache queue, and performing a clearing process on the transaction data; and writing a clearing result into the database and feeding back the terminals with an execution result of the first clearing requests.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 40/02 - Opérations bancaires, p.ex. calcul d'intérêts ou tenue de compte
The present disclosure provides a method and a device for data processing. The method includes acquiring at least two pathways of communication messages, where the at least two pathways of communication messages are messages intercepted in a bypass manner from messages transmitted by a service processing system to an external system; and the service processing system does not execute logic of record storage; processing the at least two pathways of communication messages, and determining communication messages to-be-stored from the at least two pathways of communication messages processed; and according to the at least two pathways of communication messages, storing the communication messages to-be-stored in a database.
H04L 69/16 - Implémentation ou adaptation du protocole Internet [IP], du protocole de contrôle de transmission [TCP] ou du protocole datagramme utilisateur [UDP]
H04L 69/22 - Analyse syntaxique ou évaluation d’en-têtes
32.
Payment information processing method, apparatus, device and computer readable storage medium
The present application discloses a payment information processing method, apparatus, device, and computer readable storage medium. The payment information processing method includes: obtaining an environment image collected by a mobile acquiring device, in response to an acquiring request sent by the mobile acquiring device; determining a payment environment confidence level of the mobile acquiring device according to the environment image, under a condition that the mobile acquiring device obtains payment card information; determining a payment information processing result according to the payment environment confidence level.
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06F 18/213 - Extraction de caractéristiques, p.ex. en transformant l'espace des caractéristiques; Synthétisations; Mappages, p.ex. procédés de sous-espace
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06Q 40/02 - Opérations bancaires, p.ex. calcul d'intérêts ou tenue de compte
33.
PAYMENT INFORMATION PROCESSING METHOD, APPARATUS, DEVICE AND COMPUTER READABLE STORAGE MEDIUM
The present application discloses a payment information processing method, apparatus, device, and computer readable storage medium. The payment information processing method includes: obtaining motion data of a mobile acquiring device, in response to an acquiring request sent by the mobile acquiring device; determining a motion feature of the mobile acquiring device according to the motion data, under a condition that the mobile acquiring device obtains payment card information; determining a payment information processing result according to the motion feature.
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/42 - Confirmation, p.ex. contrôle ou autorisation de paiement par le débiteur légal
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
34.
Interconnected region controller, interconnected region control method, and computer storage medium
The present disclosure provides a region interconnect (RI) controller including a region interconnect routing module configured when a tenant is created. The region interconnect routing module is configured to assign a first identifier to the tenant for identifying traffic of the tenant, in a core switching network, create a virtual routing forwarding instance for the tenant and bind the first identifier and the virtual routing forwarding instance, and to activate a dynamic routing protocol in the core switching network and bind a dynamic routing protocol instance to the virtual routing forwarding instance, where virtual routers corresponding to the tenant and distributed in a plurality of independent network partitions are associated with the region interconnect control method and a computer storage medium. The technical solution of the present disclosure achieves a direct intranet connection in a heterogeneous SDN network region.
A method for matching semantic text data with tags. The method includes: pre-processing multiple semantic text data to obtain original corpus data comprising multiple semantic independent members; determining the degree of association between any two of the multiple semantic independent members according to a reproduction relationship of the multiple semantic independent members in a natural text, determining a theme corresponding to the association according to the degree of association between any two, and thus determining a mapping probability relationship between the multiple semantic text data and the theme; selecting one of the multiple semantic independent members corresponding to the association as a tag of the theme, and mapping the multiple semantic text data to the tag according to the determined mapping probability relationship between the multiple semantic text data and the theme; and taking the determined mapping relationship between the multiple semantic text data and the tag as a supervision material, and matching the unmapped semantic text data with the tag according to the supervision material.
A non-contact communication method and a communication device are presented. The communication device includes a trusted execution environment (TEE). A first security application and a second security application are provided in a security element of the communication device. The first security application and an application in the trusted execution environment are communicationally connected by means of a first communication channel. The second security application and a near-field communication (NFC) module provided in the communication device are communicationally connected by means of a second communication channel. The first security application and the second security application are communicationally connected by means of a security channel. Using the non-contact communication method and the communication device, a security channel may be established between NFC and a TEE, which may enable NFC non-contact card reading for a TEE application.
G06Q 20/00 - Architectures, schémas ou protocoles de paiement
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
H04W 4/80 - Services utilisant la communication de courte portée, p.ex. la communication en champ proche, l'identification par radiofréquence ou la communication à faible consommation d’énergie
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
The invention relates to a data processing method and a system based on NFC tag. The method comprises: acquiring amount data; generating custom order number for identifying a transaction; issuing tag data application request based on original NFC tag data, acquired amount data and custom order number; generating updated NFC tag data based on tag data application request and saving custom order number, and setting payment state for custom order number to be the unpaid state; updating the NFC tag based on the updated NFC tag data to obtain an updated NFC tag, wherein the updated NFC tag includes amount data; and reading the updated NFC tag and completing payment processing based on updated NFC tag. According to embodiments of the invention, it does not require transaction amount to be input by the user's mobile phone terminal, but instead, transaction amount is obtained by tag receiving terminal through input device.
A feature processing method and device for a motion trajectory, and a computer storage medium. The method may have a client device acquiring a motion trajectory generated by a user behavior to obtain an ordered point set, and each trajectory point in the ordered point set may have a position element and a time element. The method may further use information in the position element and the time element to convert the motion trajectory into an image. Furthermore, by performing image processing on the image, the method may obtain one or more feature vectors in the motion trajectory.
G06K 9/00 - Méthodes ou dispositions pour la lecture ou la reconnaissance de caractères imprimés ou écrits ou pour la reconnaissance de formes, p.ex. d'empreintes digitales
G06T 7/246 - Analyse du mouvement utilisant des procédés basés sur les caractéristiques, p.ex. le suivi des coins ou des segments
G06T 7/90 - Détermination de caractéristiques de couleur
39.
Method for deploying a face sample library and method and apparatus for business processing based on face recognition
The present application relates to the field of data processing, and provides a method for deploying a face sample library, and a method and an apparatus for business processing based on face recognition. The method for deploying a face sample library, comprises: obtaining historical business information of users corresponding to face samples in a password face sample library under a condition that a number of face samples in the password face sample library is greater than or equal to a preset sample number threshold, wherein confidential business passwords of the users corresponding to the face samples in the same password face sample library are the same; dividing the password face sample library to obtain M levels of face sample sub-libraries according to the historical business information, where M is a positive integer. Use of the technical solution of the present application improves the accuracy of business processing using face recognition.
G06V 40/16 - Visages humains, p.ex. parties du visage, croquis ou expressions
G06F 16/58 - Recherche caractérisée par l’utilisation de métadonnées, p.ex. de métadonnées ne provenant pas du contenu ou de métadonnées générées manuellement
Embodiments of the present invention disclose an application management method for terminals, including: after receiving the application download request sent by the terminal, the application server sends the corresponding application installation package to the terminal. Then, the first verification message sent by the terminal is received, and the first verification message is generated by the terminal according to the content of the received application installation package. After determining that the first verification message is consistent with a stored second verification message, the application server sends an permit-to-install message to the terminal, so that the terminal installs the application according to the received application installation package. Because the application server determines the legitimacy of the application package, it does not need the terminal to verify by using the certificate, thereby reducing the certificate work management for the terminal and improving the efficiency of application installation.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p.ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
A method for creating a virtual machine and/or a container through a unified resource scheduling coordinator, a unified resource scheduling coordinator, a unified resource scheduling system and a computer storage medium. The method includes: receiving an instruction to create the virtual machine and/or the container, wherein the instruction comprises parameters of the virtual machine and/or the container; selecting a first computing node from physical nodes according to the parameters; transmitting the parameters and information of the first computing node to a virtual machine management module and/or a container management module depending on whether the virtual machine or the container is to be created; receiving resource allocation condition from the virtual machine management module and/or the container management module after creation of the virtual machine and/or the container; notifying the resource allocation condition to the container management module and/or the virtual machine management module after recording of resource change condition.
G06F 9/455 - Dispositions pour exécuter des programmes spécifiques Émulation; Interprétation; Simulation de logiciel, p.ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 9/50 - Allocation de ressources, p.ex. de l'unité centrale de traitement [UCT]
42.
Transaction savepoint management apparatus and method for distributed database
Proposed are a transaction savepoint management apparatus and method, which may involve: creating, based on a transaction initiation request from a user terminal, a transaction, wherein the transaction includes a plurality of operation instructions, and subsequently accessing at least one of a plurality of databases so as to sequentially execute the plurality of operation instructions according to a time sequence; and if the plurality of operation instructions includes global savepoint establishment instruction, creating and maintaining a global savepoint queue to coordinate the plurality of databases and implement an operation for global savepoints, and based on the global savepoints, triggering a database, involved in this transaction, from among the plurality of databases to establish local savepoints and record an association relationship between each of the local savepoints and the global savepoints. The apparatus and method disclosed in the present invention can be used for transaction savepoint management for a distributed database.
G06F 16/00 - Recherche d’informations; Structures de bases de données à cet effet; Structures de systèmes de fichiers à cet effet
G06F 16/27 - Réplication, distribution ou synchronisation de données entre bases de données ou dans un système de bases de données distribuées; Architectures de systèmes de bases de données distribuées à cet effet
43.
Blockchain consensus method, accounting node and node
A blockchain consensus method includes: an accounting node generating a block and broadcasting verification information of the accounting node to other accounting nodes among N accounting nodes; receiving and verifying acknowledgement information broadcast by the other accounting nodes; and adding the block to a blockchain when the received acknowledgement information satisfies a second set condition. The N accounting nodes are determined according to coin age information carried in election requests broadcast by M election nodes. The acknowledgement information broadcast by the other accounting nodes is generated and broadcast by a first accounting node when received preparation information of a second accounting node meets a first set condition; the preparation information of the second accounting node is generated and broadcast by the second accounting node when validating the verification information; and each of the first accounting node and the second accounting node is any one of the other accounting nodes.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 30/018 - Certification d’entreprises ou de produits
A fraudulent transaction detection method comprises: performing feature mapping processing on each of a plurality of transaction data to generate corresponding feature vectors; converting the feature vectors of a transaction to be detected into integrated feature vectors based on a first self-learning model; respectively converting the feature vectors respectively of at least one time sequence transaction into time sequence feature vectors based on a second self-learning model; combining the integrated feature vectors and each of the time sequence feature vectors corresponding to each of the time sequence transactions to form depth feature vectors; classifying the depth feature vectors based on a third self-learning model to determine whether the transaction to be detected is a normal transaction or a fraudulent transaction.
G06K 9/62 - Méthodes ou dispositions pour la reconnaissance utilisant des moyens électroniques
G06N 3/063 - Réalisation physique, c. à d. mise en œuvre matérielle de réseaux neuronaux, de neurones ou de parties de neurone utilisant des moyens électroniques
G06N 5/00 - Agencements informatiques utilisant des modèles fondés sur la connaissance
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
45.
Transaction processing method and system, and server
A transaction processing method and system, and a server. The method includes: after a first node obtains at least one statement corresponding to a first transaction, the first node may classify each statement, and send the at least one statement to at least one second node according to the type of each statement, respectively, so that the at least one second node generates an execution plan corresponding to the received statement according to the statement; then the first node may process the first transaction according to the received execution plan which corresponds to the at least one statement of the first transaction and is sent by the at least one second node. In this way, embodiments can process statements of multiple types at the same time, thereby effectively improving the processing efficiency of the system, reducing the operating burden of the system, and ensuring the transactionality of the system.
The present disclosure provides an identity recognition system for a terminal. The system includes: an obtaining device configured to obtain pre-stored biometric information corresponding to a user within a preset range of the terminal; a biometric library configured to maintain the obtained pre-stored biometric information; a collection device configured to collect first biometric information of the user; and a recognition device configured to recognize the first biometric information in the biometric library, and decide to enable or disable one or more functions or components of the terminal according to a recognition result. The present disclosure further provides an identity recognition method, a computer storage medium and a terminal.
G06F 21/32 - Authentification de l’utilisateur par données biométriques, p.ex. empreintes digitales, balayages de l’iris ou empreintes vocales
H04W 4/80 - Services utilisant la communication de courte portée, p.ex. la communication en champ proche, l'identification par radiofréquence ou la communication à faible consommation d’énergie
G06F 3/01 - Dispositions d'entrée ou dispositions d'entrée et de sortie combinées pour l'interaction entre l'utilisateur et le calculateur
G06V 40/20 - Mouvements ou comportement, p.ex. reconnaissance des gestes
G06V 40/50 - Traitement de données biométriques ou leur maintenance
The present disclosure relates to an SDN-based VPN traffic scheduling method and scheduling system. The method includes: configuring an SDN switching device to implement establishment of a communication link between a CE device and a PE device; performing VPN configuration on a controller; distributing, by the controller, a corresponding flow table to the SDN switching device, the flow table being used to translate a repeated address within a VPN to a non-conflict space address to distinguish different VPN traffic; configuring, by the controller, different traffic scheduling paths for the different VPN traffic according to a preset traffic scheduling strategy; and distributing, by the controller, the traffic scheduling paths to the PE device.
A standardisation method and apparatus for erroneous transactions: receiving an erroneous service invocation request sent by a client terminal, and converting the erroneous service invocation request into a standard format exchange message; on the basis of a preset certificate database, encrypting sensitive data areas in the exchange message to generate encrypted message areas; signing key fields in the exchange message to generate signed message areas; and, by means of a two-way authenticated secure communication link, sending the exchange message comprising the encrypted message areas and the signed message areas to a UnionPay erroneous transaction network. The embodiments provide a unified interface for interfacing client terminals to access a UnionPay erroneous transaction network; each UnionPay member institution only needs to invoke the interface assembly provided in the embodiments of the present invention to be able to interface with the UnionPay erroneous transaction network, improving development efficiency and operating stability.
A method, terminal and device for establishing security infrastructure, comprising: an intermediate service organization receives an organization secret key sent by a third-party service organization; the intermediate service organization encrypts the organization secret key by a first encryption means and sends the encrypted organization secret key to a security storage region of a terminal; the intermediate service organization receives a first terminal public key encrypted by the terminal using a second encryption means; and the intermediate service organization sends the first terminal public key obtained by decryption to the third-party service organization. The organization secret key of the third-party service organization may be sent to the terminal through the intermediate service organization, and the first terminal public key of the terminal may be sent to the third-party service organization, thus a universal security infrastructure and a technical frame work having good openness may be provided by the intermediate service organization.
The invention relates to a data processing method based on NFC tag. The method comprises: reading the NFC tag, the NFC tag comprising tag content and tag ID; generating an NFC tag payment request based on the tag content and tag ID; parsing the NFC tag payment request and obtaining an parsing reply to the NFC tag payment request; generating an order generation request based on the parsing reply, wherein the order generation request is for causing an order to be generated based on first account information, current transaction information and second account information; generating the order based on the order generation request; and payment step for performing payment based on the order. According to embodiments of the invention, the payment process can be simplified, also, there is no need to set the NFC-specific reading device in the embodiments of the invention, and the cost of merchants can be reduced.
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
51.
PROCESSING METHOD AND APPARATUS FOR FEE CALCULATION, AND VEHICLE PAYMENT SYSTEM
The present disclosure provides a fee calculation apparatus. The fee calculation apparatus includes: a first receiving unit configured to receive a unique identification of a vehicle; a transmission unit configured to send a first request to a vehicle payment system after completing a fee calculation, the first request including the unique identification of the vehicle; and a second receiving unit configured to receive a response to the first request from the vehicle payment system. The disclosure also provides a fee calculation method, a charging post including the fee calculation apparatus, a vehicle communicating with the fee calculation apparatus or the charging post, a vehicle payment system, a signaling transmission method and a computer storage medium for the vehicle payment system.
B60L 53/66 - Transfert de données entre les stations de charge et le véhicule
B60L 53/16 - Connecteurs, p.ex. fiches ou prises, spécialement adaptés pour recharger des véhicules électriques
G06Q 20/14 - Architectures de paiement spécialement adaptées aux systèmes de facturation
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
52.
Method, device, and computer apparatus for merging regions of HBase table
A method, a device, and a computer apparatus for merging regions of a HBase table are provided. The method includes acquiring attribute information of HDFS files corresponding to each region in a plurality of regions in the HBase table, where the attribute information of the HDFS files corresponding to one region includes storage space occupied by the files corresponding to the one region, and performing merging processing on every two adjacent regions in the plurality of regions at least according to the storage space occupied by the files corresponding to each region in the plurality of regions. Performing the merging based on the storage space occupied by the files corresponding to the regions in the embodiments of the present disclosure may be beneficial for improving the precision of merging two adjacent regions.
G06F 16/215 - Amélioration de la qualité des données; Nettoyage des données, p.ex. déduplication, suppression des entrées non valides ou correction des erreurs typographiques
The present disclosure relates to a smart contract-based data transfer method, comprising the steps of: a data source encrypting data to be transferred based on a first mechanism to form encrypted data, and sending the encrypted data to a smart contract terminal; the smart contract terminal decrypting the encrypted data based on a second mechanism corresponding to the first mechanism to form the decrypted data, and processing the decrypted data by using at least one logic unit to form the resulting data; and the smart contract terminal sending the resulting data to a data-related party; wherein the at least one logic unit executes an instruction set to implement a contract logic, and the instruction set is stored in a blockchain.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 9/06 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p.ex. système DES
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06K 9/62 - Méthodes ou dispositions pour la reconnaissance utilisant des moyens électroniques
54.
Inter-vehicle wireless payment method employing 5G communication network, and system for same
An inter-vehicle wireless payment method employing 5G communication network comprises a requesting vehicle sending a payment request to a base station; the base station retrieving vehicle information of a friend vehicle of the requesting vehicle based on the payment request; the base station encrypting request information with the vehicle information and broadcasting it; vehicles in coverage of the base station decoding broadcast information with respective vehicle information, and upon successful decoding, the friend vehicle as a responding vehicle acquiring the request information; the responding vehicle generating payment information based on the request information and sending it to the base station, the base station sending the payment information to a payment platform, and the payment platform returning a payment result to the responding vehicle; and the base station allocating a D2D communication channel to the requesting and responding vehicles, and the responding and requesting vehicles communicating via the D2D communication channel.
H04W 4/46 - Services spécialement adaptés à des environnements, à des situations ou à des fins spécifiques pour les véhicules, p.ex. communication véhicule-piétons pour la communication de véhicule à véhicule
H04W 4/70 - Services pour la communication de machine à machine ou la communication de type machine
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
In embodiments, a server receives an HTTP protocol-based access request sent by the client; when the server determines that the access request comprises a preset identifier and the current identifier value corresponding to the preset identifier matches any of historical identifier values in a historical identifier set stored in the server, the server determines a user seed from the historical identifier set according to the current identifier value, the historical identifier set comprising a corresponding relationship between historical identifier values and user seeds, the any of historical identifier values being generated by the server on the basis of a user seed and a random number corresponding to the historical identifier value, and the user seed being used for identifying a same user recognized by the server on the basis of the access request; the server tracks an access behavior of the user seed.
Embodiments of the present disclosure provide a method and apparatus for configuring a security carrier, including: adding a carrier batch field to a security carrier list, encoding, for each security carrier in the security carrier list, a plurality of pieces of batch feature information of the security carrier according to a preset encoding rule, so as to generate carrier batch information of each security carrier, and to add same to the security carrier list; and then, according to identifier information and the carrier batch information of each security carrier, configuring a supplementary security domain, a card application, an application installation package and an application provider that need to be preset for each security carrier. Since the carrier batch information contains a plurality of pieces of batch feature information of the security carrier, security carriers in the security carrier list can be effectively distinguished according to the identifier information and the carrier batch information of the security carriers, thus a plurality of preset items that need to be preset for a plurality of security carriers having the same carrier batch information can be configured, so as to improve configuration efficiency for the security carriers.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p.ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
57.
Open-source-license analyzing method and apparatus
Embodiments of the present disclosure relate to the field of computer technologies and, in particular, to an open-source-license analyzing method and apparatus, including: receiving a file-to-be-tested and a planning condition; detecting an open-source license involved in the file-to-be-tested; matching the detected open-source license with the planning condition to determine a first conflict between the detected open-source license and the planning condition; and generating a first risk assessment report based on the first conflict. The embodiments of the present disclosure are used to analyze and evaluate the risk of using open-source licenses.
Disclosed are a method and device for timeout monitoring, comprising: determining key information of a request message, the key information including a sending time of the request message; storing the key information to a first level cache; scanning the first level cache according to a set frequency, if the first level cache includes a first request message, storing the key information of the first request message into a second level cache, the first request message being a request message for which a reply message is not received; scanning the second level cache, and determining by a message log whether a reply message is received for a second request message in the second level cache, if not, the second request message times out, the second request message is a request message in which the difference value between a sending time and a current time is greater than a time-out threshold.
G06F 12/0897 - Mémoires cache caractérisées par leur organisation ou leur structure avec plusieurs niveaux de hiérarchie de mémoire cache
H04L 67/143 - Interruption ou inactivation de sessions, p.ex. fin de session contrôlée par un événement
H04L 67/62 - Ordonnancement ou organisation du service des demandes d'application, p.ex. demandes de transmission de données d'application en utilisant l'analyse et l'optimisation des ressources réseau requises en établissant un calendrier pour servir les requêtes
A statement parsing method for a database statement comprises: conducting lexical analysis on a database statement inputted into a database, to obtain an inputted word sequence; looking up a statement similarity table according to the inputted word sequence to determine whether there is an existing word sequence similar to the inputted word sequence in the statement similarity table; if yes, obtaining the parsed data corresponding to the existing word sequence from the statement similarity table; otherwise, parsing the inputted word sequence to obtain parsed data corresponding thereto, and storing the inputted word sequence and the corresponding parsed data in the statement similarity table; and executing the database statement inputted to the database based on the parsed data corresponding to the existing or inputted word sequence. The method can quickly parse a database statement and is favorable for improving the response speed and the working efficiency of a database.
G06F 16/27 - Réplication, distribution ou synchronisation de données entre bases de données ou dans un système de bases de données distribuées; Architectures de systèmes de bases de données distribuées à cet effet
A payment method and device are provided. The payment method includes: a server receives a passwordless payment request transmitted from a terminal, and receives a current neighboring apparatus identifier search-detected and reported by the terminal; the server performs, according to the current neighboring apparatus identifier, and a corresponding relationship of a preconfigured terminal and a neighboring apparatus identifier, risk evaluation on the terminal, to obtain an overall risk evaluation score; and the server determines, according to the overall risk evaluation score, a passwordless payment strategy corresponding to the passwordless payment request. The server performs the risk evaluation on the current surrounding environment of the terminal to obtain the overall risk evaluation score, and then determine, according to the overall risk evaluation score, security of the current surrounding environment of the terminal, and determine the corresponding passwordless payment strategy corresponding to the passwordless request.
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
61.
SDN-based packet mirroring method, and network traffic monitoring and management system
The present disclosure relates to a SDN-based method for mirroring packets, wherein a SDN controller is coupled to an upper layer application and at least one data switching exchange respectively, and the method including: a) the upper layer application sends a mirroring instruction to the SDN controller through a first northbound interface of the SDN controller; b) the SDN controller generates a second flow table based on the mirroring instruction and a first flow table sent by a first data switching exchange; wherein the first data switching exchange initiates transmission of the packets, the first flow table encapsulates the packets, and the second flow table includes at least an action command corresponding to the mirroring instruction; and c) a second data switching exchange extracts the packets from the second flow table, and mirrors the packets to the designated node based on the action command.
The invention provides a file transmitting method and system. The file transmitting method is used for a system comprising N network file systems, N file receiving and forwarding servers, N network access servers, N client servers and N backstage servers that are in a one-to-one correspondence with the network file systems, comprising: the backstage server sends a file transmitting request to the file receiving and forwarding server, the file transmitting request comprises information on the file sending party, the file destination party and the file to be transmitted; the file receiving and forwarding server verifies the legitimacy of the file transmitting request; if legitimate, a file is transmitted between the file sending party and the file destination party; otherwise, a response that prohibits the transmitting is generated and returned to the backstage server that initiated the request. With the invention, transmission of files can be realized.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
63.
Data processing system providing service continuity protection
The present invention relates to a data processing system for providing business continuity protection, comprising: a business center comprising a first data processing unit, a first pre-communication unit, and at least a first post-communication unit; a disaster recovery center comprising a second data processing unit, a second pre-communication unit, and at least a second post-communication unit; wherein the first pre-communication unit and the second pre-communication unit are communicatively coupled to the first post-communication unit respectively when the business center operates normally; the first pre-communication unit and the second pre-communication unit are communicatively coupled to the second post-communication unit respectively when the disaster recovery center operates in place of the business center. The data processing system can reliably switch between the business center and the disaster recovery center, thereby providing a complete protection for the business continuity.
G06F 11/20 - Détection ou correction d'erreur dans une donnée par redondance dans le matériel en utilisant un masquage actif du défaut, p.ex. en déconnectant les éléments défaillants ou en insérant des éléments de rechange
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 3/06 - Entrée numérique à partir de, ou sortie numérique vers des supports d'enregistrement
64.
Tee access control method and mobile terminal implementing same
The present invention relates to a method for access control of a multimedia system to a secure operating system and a mobile terminal for implementing the method. The method includes the steps of: initiating an application access request for selecting a trusted application from a client application of a multimedia system to a secure operating system; making a decision as to whether the client application is a malicious application, and if not, proceeding to a next step, if yes, returning Selection Failure to the client application and performing an interrupt handling; sending the application access request from the multimedia system to the secure system; and acquiring, at the secure operating system, the trusted application based on the application access request and returning the trusted application to the multimedia system. The malicious accesses initiated by a malicious application to a trusted application in a securing operating system can be prevented without switching between systems, and the problem that a trusted application cannot be accessed due to malicious access can be avoided.
Disclosed in the present invention are a vehicle-borne payment method and device, relating to the technical field of vehicle-borne security payment. The method includes: receiving a vehicle-borne payment request sent by a vehicle, the vehicle-borne payment request including vehicle identification information; according to the vehicle identification information, after the vehicle is determined as a registered vehicle, obtaining driving attribute data of the vehicle within the current time period, and a vehicle driving strategy of the vehicle; according to the driving attribute data in the current time period, and the vehicle driving strategy, determining a risk level corresponding to the vehicle-borne payment request; and sending the risk level to a transaction platform so that the transaction platform determines whether to make a payment according to the risk level. The vehicle driving strategy is, after the vehicle applies for registration, formed according to driving attribute data in a preset time period. In an embodiment of the present invention, it is ensured that even if a vehicle is stolen or used by others, the transaction platform determines whether to make the payment according to a risk level, thereby ensuring the security of vehicle-borne payment.
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G07C 5/02 - Enregistrement ou indication du temps de circulation, de fonctionnement, d'arrêt ou d'attente uniquement
G07C 5/08 - Enregistrement ou indication de données de marche autres que le temps de circulation, de fonctionnement, d'arrêt ou d'attente, avec ou sans enregistrement des temps de circulation, de fonctionnement, d'arrêt ou d'attente
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
66.
Resource file processing system and method based on blockchain structure
The present invention provides a resource file processing method based on a blockchain structure. The method includes a member node in a blockchain including at least one supervision node and at least one member node constructs a resource file registration request according to a user instruction, and sends the resource file registration request to one of the at least one supervision node. According to the resource file registration request from any member node, the at least one supervision node audits and registers a resource file indicated by the resource file registration request, and transmits the registration result back to the member node initiating the resource file registration request. The at least one member node performs an operation on a real physical resource associated with the registered resource file by performing data communication with another member node.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p.ex. par clés ou règles de contrôle de l’accès
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 16/14 - Systèmes de fichiers; Serveurs de fichiers - Détails de la recherche de fichiers basée sur les métadonnées des fichiers
H04L 9/06 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p.ex. système DES
A method of processing card number data and device including: determining, according to an expiration time corresponding to a card number, a table set corresponding to the card number, and including card number information corresponding to the card number into at least one card number storage table of the table set, wherein the table set comprises a plurality of card number storage tables, each table set corresponds to an expiration time, the expiration time corresponding to all card numbers in the table set is the same as the expiration time corresponding to the table set, and the card number information includes the card number and card number associated data; and after reaching an expiration time corresponding to a table set, performing a cleaning operation on all card number information in the table set. The provided method and device can increase cleaning and maintenance efficiency and reduce maintenance costs.
G06Q 20/30 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06F 16/00 - Recherche d’informations; Structures de bases de données à cet effet; Structures de systèmes de fichiers à cet effet
G06F 16/215 - Amélioration de la qualité des données; Nettoyage des données, p.ex. déduplication, suppression des entrées non valides ou correction des erreurs typographiques
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de banque à domicile
An eyeball tracking method and apparatus, and a device. The method comprises: acquiring a facial grey-scale image set to be detected (101); judging whether the contour of an eyeball iris is determined in an N-th frame facial grey-scale image in the facial grey-scale image set to be detected (102); if not, detecting an eyeball pupil in the N-th frame facial grey-scale image, and determining the central position of the eyeball pupil in the N-th frame facial grey-scale image (103); in the N-th frame facial grey-scale image, taking the central position of the eyeball pupil as a centre to determine a grey-scale image region corresponding to an eyeball window (104); and according to the grey-scale image region corresponding to the eyeball window, determining the contour of the eyeball iris in the N-th frame facial grey-scale image (105). By judging that the contour of an eyeball iris is not determined in a facial grey-scale image, the tracking of the contour of the eyeball iris can be automatically adjusted, and an eyeball pupil is positioned again. By means of the present invention, the accuracy rate of eyeball tracking is improved, and an eyeball can be automatically identified to detect the central position of an eyeball pupil.
G06T 7/246 - Analyse du mouvement utilisant des procédés basés sur les caractéristiques, p.ex. le suivi des coins ou des segments
G06K 9/00 - Méthodes ou dispositions pour la lecture ou la reconnaissance de caractères imprimés ou écrits ou pour la reconnaissance de formes, p.ex. d'empreintes digitales
G06T 7/62 - Analyse des attributs géométriques de la superficie, du périmètre, du diamètre ou du volume
G06T 7/73 - Détermination de la position ou de l'orientation des objets ou des caméras utilisant des procédés basés sur les caractéristiques
G06K 9/80 - Combinaison du prétraitement de l'image et de fonctions de reconnaissance
69.
Method and apparatus for identifying pupil in image
A method and device for identifying a pupil in an image is provided. The method comprises four steps including: A. image preprocessing, B. edge detecting, C. building connected graphs, and D. screening connected graph pairs.
G06F 3/01 - Dispositions d'entrée ou dispositions d'entrée et de sortie combinées pour l'interaction entre l'utilisateur et le calculateur
G06K 9/00 - Méthodes ou dispositions pour la lecture ou la reconnaissance de caractères imprimés ou écrits ou pour la reconnaissance de formes, p.ex. d'empreintes digitales
The invention provides communication method and apparatus based on NFC, and in particular, to communication method and apparatus based on NFC in a security element (SE), a communication method based on NFC in a smart terminal, a security element and a smart terminal. The invention proposes a new way of connection with the NFC device so that the TEE applications can have NFC ability.
H04W 4/80 - Services utilisant la communication de courte portée, p.ex. la communication en champ proche, l'identification par radiofréquence ou la communication à faible consommation d’énergie
H04B 5/00 - Systèmes de transmission à induction directe, p.ex. du type à boucle inductive
G06F 21/74 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information opérant en mode dual ou compartimenté, c. à d. avec au moins un mode sécurisé
H04W 4/60 - Services basés sur un abonnement qui utilisent des serveurs d’applications ou de supports d’enregistrement, p.ex. boîtes à outils d’application SIM
The invention relates to a mobile terminal having an offline trade notification function and a notification method that is implemented using the mobile terminal. The mobile terminal having an offline trade notification function comprises: a storage module for storing an offline trade application described below; a wireless communication module having a field inductor that is used for detecting surrounding radio frequency signals and for generating a control signal; a processing module which generates an interruption event when it receives the control signal; an application module which can read trade data of the offline trade application according to the notification from the processing module, calculate trade data variation of the offline trade application, and inform an input/output module described below of the trade data variation; and the input/output module for informing the user of the event of data variation.
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
G07G 1/12 - Caisses enregistreuses à commande électronique
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
The application provides a user interest data analysis and collection system which comprises: a session identification module, which is used for offline extracting log data and a merchandise purchase history record corresponding to the log data from a Web server, and for processing the log data, thereby generating a page browsing sequence reference set; a recommendation service controller which is used for collecting user's browsing record in real time; a log data pre-processing module which is used for, when predetermined conditions are satisfied, receiving the user's browsing log data in this session from the recommendation service controller, and for pre-processing the log data; and a match analysis module which is used for matching the pre-processed log data with the generated page browsing sequence reference set, and determining a set of merchandise that the user is potentially interested in, according to the matching result. The application also discloses a method of analyzing and collecting user interest data.
The invention discloses a method of dynamically controlling application function at the client, comprising: initiating an application program which merely contains framework function codes; loading a security module after initiating the application program, wherein the security module sends a request regarding scanning configuration file to a server; scanning the application environment of the client according to the configuration file received from the server, and sending the result of scanning to the server so as to generate a risk score; and receiving the function codes that are allowed to be loaded in the current application environment from the server, wherein the function codes are generated by the server based on the generated risk score. The invention also discloses a method of dynamically controlling application function at a server.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 21/56 - Détection ou gestion de programmes malveillants, p.ex. dispositions anti-virus
G06F 21/51 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade du chargement de l’application, p.ex. en acceptant, en rejetant, en démarrant ou en inhibant un logiciel exécutable en fonction de l’intégrité ou de la fiabilité de la source
The application discloses a load evaluation system for virtual machines in a cloud environment, comprising: a monitored data collecting module which is configured to collect monitored data from one or more virtual machines in a cloud data center; a monitored data processing module which is coupled with the monitored data collecting module and is configured to: perform aggregated grouping on the monitored data by using a first KMeans algorithm for each of the one or more virtual machines, each group having a center point coordinate, and calculate a performance characteristic of each virtual machine of the one or more virtual machines according to the grouping and the center point coordinates of individual groups, i.e., a first characteristic value; perform aggregated grouping on the one or more virtual machines using a second KMeans algorithm based on the first characteristic value of each virtual machine, thus determining the characteristic type and performance load value of each virtual machine of the one or more virtual machines. The application also discloses a load evaluation method for virtual machines in a cloud environment as well as a service node.
G06F 9/50 - Allocation de ressources, p.ex. de l'unité centrale de traitement [UCT]
G06F 9/455 - Dispositions pour exécuter des programmes spécifiques Émulation; Interprétation; Simulation de logiciel, p.ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 9/46 - Dispositions pour la multiprogrammation
75.
Anomaly recovery method for virtual machine in distributed environment
The invention proposes a virtual machine abnormity recovering method in distributed environment, comprising: running an independent computing assembly on each physical machine on which a virtual machine resides, wherein the computing assembly periodically reports the current running state of the corresponding physical machine to a state database; periodically polling the state database by a highly available controller so as to check the running state of all the physical machines in a physical machine group under the control of the highly available controller; and executing subsequent abnormity processing operation if the running state of only one physical machine in the physical machine group is abnormal so as to ensure that virtual machines on the physical machine whose running state is abnormal continues running normally. The virtual machine abnormity recovering method in distributed environment disclosed by the invention can accurately determine and efficiently handle faults of the physical machines in a distributed environment.
G06F 11/00 - Détection d'erreurs; Correction d'erreurs; Contrôle de fonctionnement
G06F 11/07 - Réaction à l'apparition d'un défaut, p.ex. tolérance de certains défauts
G06F 11/14 - Détection ou correction d'erreur dans les données par redondance dans les opérations, p.ex. en utilisant différentes séquences d'opérations aboutissant au même résultat
76.
Method for offline updating virtual machine images
The present invention proposes a method for offline upgrading virtual machine mirror images. The method comprises: an mirror image security server collecting virtual machine mirror images, and extracting and storing the information of the collected virtual machine mirror images; and the mirror image security server executing an upgrade operation of virtual machine mirror images in an offline way based on the information of the collected virtual machine mirror images. The method for offline upgrading virtual machine mirror images disclosed in the present invention has higher upgrade efficiency and is capable of upgrading the virtual machine mirror images in an offline way.
G06F 9/455 - Dispositions pour exécuter des programmes spécifiques Émulation; Interprétation; Simulation de logiciel, p.ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
77.
Secure network accessing method for POS terminal, and system thereof
The present invention relates to the method and the system for initializing secure network access for POS terminals. Said system comprises a terminal backend system and a POS terminal. The POS terminal is provided with: a security module, which was preloaded with a terminal default public key certificate, a private key file, and a CA public key certificate of the terminal backend system in the setting of leaving the factory; a transaction module, which is used for performing the acquiring operation with the following core trading module; and a parameter initializing module, which is used for implementing network access. The terminal backend system is provided with: a core trading module, which determines whether an acquiring transaction is able to be executed based on the transaction unique identifier sent from the POS terminal, and completes the acquiring operation with the above transaction module in the case that the acquiring transaction is able to be executed; and a terminal certificate issuing module, which is used for generating a terminal transaction certificate and returning said terminal transaction certificate to said POS terminal. According to the present invention, remotely and securely initializing network access for POS terminals can be achieved.
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
The present invention proposes a method for data mining, the method comprising: making statistics of the feature vectors of each target object according to the records in a target data set so as to constitute a rough data set, each of the feature vectors including the value of at least one attribute data of the target objects corresponding thereto; screening the feature vectors which correspond to all known the first type of target objects from the rough data set, and performing a filter operation onto the screened feature vectors to obtain samples; and building a regression model based on the samples, and then using the built regression model to determine whether each of all known the second type of target objects potentially belongs to the first type of target objects. The method for data mining disclosed in the present invention is capable of mining and classifying the target objects according to the comprehensive features of the target objects.
The invention relates to computer technology, and in particular, to a method for achieving remote updating of application programs in a distributed application environment as well as a terminal management system for realizing the method. In a method for achieving remote updating of application programs in an application environment, the application environment comprises a terminal manager, downloading nodes and terminals, wherein the terminals are communicatively coupled with the terminal manager and the downloading nodes via network, and the method comprises the following steps: when the issuing time point of updating data packets of application programs is reached, the terminal manager sends the updating data packets to a plurality of nodes synchronously; in response to an initiation of an interaction process between the terminal manager and one of the plurality of terminals, the terminal manager determines whether the terminal is an object for which a remote updating of application programs is executed; if the terminal is an object for which a remote updating of application programs is executed, the terminal manager designates at least one downloading node for this terminal, and sends an identifier of the updating data packets and the address of the designated downloading node to this terminal; and when the updating time point of application programs is reached, an application program updating operation is executed on the terminal that has successfully downloaded the updating data packets.
The invention provides a compliance detecting method of payment applications in a virtualized environment, and pertains to the field of security technology of payment applications. The detecting method is used for compliance detection for PCI DSS isolation demands. The detecting method can determine whether it is a compliance state by analyzing the current virtual machine domain and its connection from data stream, and can also determine whether it is a compliance state by analyzing the purity of network flow of virtual machines. The detecting method is suitable for a virtualized environment and makes the detection of compliance accurate in the virtualized environment, thus being advantageous for guaranteeing the security of payment applications.
G06F 21/50 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/53 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p.ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données par exécution dans un environnement restreint, p.ex. "boîte à sable" ou machine virtuelle sécurisée
G06F 9/455 - Dispositions pour exécuter des programmes spécifiques Émulation; Interprétation; Simulation de logiciel, p.ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de banque à domicile
H04L 12/26 - Dispositions de surveillance; Dispositions de test
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
H04M 15/00 - Dispositions de comptage, de contrôle de durée ou d'indication de durée
A device and method for supporting communication between various types of secure elements is provided. The device comprises a protocol converter, and the protocol converter comprises: a plurality of communication interfaces for correspondingly coupling with each type of secure element; and a management module coupled with each communication interface; wherein different types of secure elements follow different bottom level communication protocols, each communication interface is configured to follow the same bottom level communication protocol as the secure element it correspondingly couples with; the management module is configured to follow the same upper level communication protocol so as to realize a protocol conversion between any bottom level communication protocol and the upper level communication protocol, and the management module is used for dynamically establishing a connection channel for any two of the communication interfaces, thus realizing a corresponding communication between the secure elements of any two different types.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04W 4/80 - Services utilisant la communication de courte portée, p.ex. la communication en champ proche, l'identification par radiofréquence ou la communication à faible consommation d’énergie
The invention relates to communication technology, and in particular, to a method of establishing communication connection between a mobile device and a secure element as well as a mobile device for implementing the method. The method comprises the following steps: when the mobile device detects that there is a secure element which establishes a physical connection with it, the mobile device performs a secure authentication on the secure element; if the secure authentication passes, the mobile device determines whether there is configuration information inside it which is required for establishing the communication connection between the mobile device and the secure element; and if there is the required configuration information inside the mobile device, the mobile device uses the configuration information to establish the communication connection with the secure element; otherwise, the mobile device obtains required configuration information from the secure element to establish the communication connection with the secure element.
The invention discloses a method for using a shared apparatus in a device capable of running two operating systems, which includes using a first application in a first operating system to communicate with the share apparatus, and when the first operating system is switched to a second operating system, sending associated information on the shared apparatus to a second application in the second operating system so that the second application can use the associated information to communicate with the shared apparatus.
The invention provides a stateless virtual machine in a cloud computing environment as well as an application thereof, and pertains to the technical field of cloud computing. The stateless virtual machine is mapped into a storage device of a computer in the form of file and specifically comprises: an application data image file for storing an application; an operating system (OS) image file for storing an operating system; and an application middleware corresponding to the application; wherein a middleware core of the application middleware is placed in the OS image file, a middleware configuration of the application middleware is placed in the application data image file, and the middleware core and the middleware configuration are associated so as to realize that the middleware core specifies a corresponding middleware configuration. The virtual machine can realize a stateless condition even for an application in an application middleware environment, the flexibility is good, and the configuration manageability is strong.
G06F 9/455 - Dispositions pour exécuter des programmes spécifiques Émulation; Interprétation; Simulation de logiciel, p.ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
The invention discloses a security information interaction system, apparatus and method, the method comprising the following steps: establishing a first communication channel and a second communication channel between a security information interaction terminal and a security carrier; the security carrier actively sending a command to the security information interaction terminal via the first communication channel and the second communication channel so as to complete a corresponding security information interaction procedure. With the security information interaction system, apparatus and method disclosed by the invention, the security carrier can send a command to the security information interaction terminal flexibly and actively on its own, and thus greatly improving the efficiency of the security information interaction system.
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
H04W 4/80 - Services utilisant la communication de courte portée, p.ex. la communication en champ proche, l'identification par radiofréquence ou la communication à faible consommation d’énergie
86.
Offline pin authentication method and system for IC card
The present invention relates to an off-line PIN authentication and an off-line PIN authentication system. The method comprises: inputting an off-line PIN1 to a POS terminal, the POS terminal generating a dynamic challenge code, and transmitting the dynamic challenge code and the off-line PIN1 to a card application; the card application verifying the first off-line PIN1 and the second off-line PIN2 are consistent with each other or not; if consistent, a digital signature being made on the first off-line PIN1 and the second off-line PIN2 to return signature data and a success status code to the POS terminal; the POS terminal verifying the signature data in case of receiving the success status code, and starting the subsequent transaction procedure if the signature data is verified successfully. According to the present invention, it not only can realize the verification of the IC card to the off-line PIN, but also can realize the verification of the terminal to the off-line PIN. The method is implemented simply, is practical, safe and reliable.
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
The invention discloses a method for realizing virtual secure element (VSE), which comprises the following steps: a secure element manager (SEM) generates a request which comprises virtualized configuration information; and a virtual machine monitor in a hypervisor allocates an address space for the VSE according to the above request.
G06F 9/455 - Dispositions pour exécuter des programmes spécifiques Émulation; Interprétation; Simulation de logiciel, p.ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p.ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/53 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p.ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données par exécution dans un environnement restreint, p.ex. "boîte à sable" ou machine virtuelle sécurisée
The invention discloses a method and terminal device for continuously supplying power to external element. The method comprises the following steps: when a terminal device switches from a first operating system to a second operating system, a proxy external element application is generated in the second operating system so that the proxy external element application is associated with an external element; by means of this proxy external element application, the external element which is associated with the application in the first operating system before the above switch operation is continuously supplied with power after the above switch operation.
The invention relates to management of programs on a mobile device, and in particular, to a method for activating application programs on a mobile device, and a mobile device based on this method. The method for activating application programs on a mobile device according to an embodiment of the invention comprises the following steps: receiving an application request from a device which is located outside the mobile device; identifying a transmission protocol associated with the application request; and if there are a plurality of safety entities in the mobile device which support the transmission protocol and store application programs associated with the application request, activating an application program associated with the application request in a default safety entity.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/51 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade du chargement de l’application, p.ex. en acceptant, en rejetant, en démarrant ou en inhibant un logiciel exécutable en fonction de l’intégrité ou de la fiabilité de la source
The invention proposes a security information interaction system, apparatus and method based on security carrier's active command. The method comprises: an information interaction terminal, based on a user's command, establishes a security dialog channel between the information interaction terminal and a security carrier so as to perform a security information interaction process, wherein the user's command indicates a target application associated with the security information interaction process; and the security carrier activates the target application during the establishment of the security dialog channel and then executes the security information interaction process based on the security dialog channel. In the security information interaction system, apparatus and method based on security carrier active command disclosed in the invention, the security carrier can initiate an active command to the information interaction terminal.
The invention provides an apparatus used for security information interaction comprising a first system management device for providing an operational environment for routine applications and a second system management device for providing an operational environment in a safe mode for security applications so as to perform a security information interaction process. The apparatus used for security information interaction disclosed by the invention has a high safety and a wide applicability and is low in cost.
H04L 29/00 - Dispositions, appareils, circuits ou systèmes non couverts par un seul des groupes
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/74 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information opérant en mode dual ou compartimenté, c. à d. avec au moins un mode sécurisé
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
92.
Device, system and method for non-contact security information interaction
The present invention proposes the device, system and method used for the non-contact security information interaction. Said system used for the non-contact security information interaction comprises: a terminal for setting a parameter configuration in a non-contact IC card programmable read-write device, and initiating an information interaction with a server and said non-contact IC card programmable read-write device; and a non-contact IC card programmable read-write device for performing communication with a non-contact IC card and said terminal based on a predetermined parameter configuration in order to complete the security information interaction. The device, system and method used for the non-contact security information interaction disclosed in the present invention realize the support and selection for the multi-application on the non-contact IC card programmable read-write device, and can execute the on-line based application.
G07C 9/00 - Enregistrement de l’entrée ou de la sortie d'une entité isolée
G06K 17/00 - Méthodes ou dispositions pour faire travailler en coopération des équipements couverts par plusieurs des groupes principaux , p.ex. fichiers automatiques de cartes incluant les opérations de transport et de lecture
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
G07F 7/08 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
93.
Automatic health-check method and device for on-line system
The invention provides an automatic health check method for on-line system, comprising the following steps: receiving current status data of the on-line system from the on-line system; updating historical status statistical data based on the current status data, wherein the historical status statistical data is a statistical result for the status data of the on-line system until a previous moment from the moment when the on-line system starts to operate; transmitting the updated historical status statistical data to the on-line system; and the on-line system determining whether it is operating normally according to the updated historical status statistical data. In addition, the present invention correspondingly provides an automatic health check apparatus for on-line system. The method and apparatus according to the present invention can provide an effective and reliable health check mechanism for an on-line system such as bank POS transaction system.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
H04L 12/26 - Dispositions de surveillance; Dispositions de test
The invention provides a master MMC/SD apparatus for simultaneously supporting bulk storage and Ethernet communication, a slave MMC/SD apparatus for simultaneously supporting bulk storage and Ethernet communication, a system composed of these two apparatuses as well as a method of operating the system. The apparatuses, system and method which simultaneously support bulk storage and Ethernet communication and which are based on MMC/SD interface enable a master apparatus with MMC/SD interface to support network function while maintaining bulk storage function as well, thus greatly expanding applicable areas of such embedded terminal apparatus with the MMC/SD interface that has bulk storage function.
The present invention proposes an information interaction testing device and method based on the associated testing case automatic generation. The associated testing case generation module in said device may automatically generate the associated testing case files corresponding to all associated information interactions which can be triggered by said reference information interaction based on the reference information interaction and the predefined rules determined by the application type provided by the system under test. The information interaction testing device and method based on the associated testing case automatic generation disclosed in the present invention have the higher testing speed and the higher testing usability as well as are low-cost.
This disclosure presents an application model generation device and method based on hierarchy structure. A user may build an algorithm factor configuration instructions based on the actual application demands before implementing the application model, and update and/or modify one or more of the algorithm factors by means of the algorithm factor configuration instructions, and thus implementing flexible expansion for the application model. The application model generation device and method based on hierarchy structure as disclosed herein have flexible expandability, and the configuration efficiency is increased and the complexity in the configuration process is decreased duo to the implementation of the reusability of the algorithm factors, the meta-application algorithm units and the scenarios.
The present invention proposes a data storage system and method used for the security information interaction. Said data storage system used for the security information interaction comprises a security information storage device, an unlock password generating device and an unlock server. The data storage system and method used for the security information interaction disclosed in the present invention reduce the potential security risks due to the divulgement of unlock passwords, and reduce the complexity of the unlock process, as well as reduce the potential security risks existed in the generating and writing process of the unlock password on the whole.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p.ex. clés électroniques ou cartes à puce intelligentes
G06F 21/30 - Authentification, c. à d. détermination de l’identité ou de l’habilitation des responsables de la sécurité
G06F 21/78 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du stockage de données
A device for processing and storing data is disclosed, which comprises a primary controller, a primary memory, a security element (SE), and at least one universal port, wherein the device for processing and storing data further includes a first additional port, via which the security element (SE) can directly interacts with a second external device to complete the processing and access of the data. The security element (SE) in the device for processing and storing data disclosed herein can work independently without being effected by the condition whether the primary memory is performing the data read/write process, and supports the single wire protocol (SWP).
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06K 7/10 - Méthodes ou dispositions pour la lecture de supports d'enregistrement par radiation corpusculaire
G06K 19/077 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré - Détails de structure, p.ex. montage de circuits dans le support
The invention provides a user terminal and a payment system. The user terminal comprises an input device, a multi-channel selection switch, an application module, a processor, a password processing module, and a security IC chip containing information on user's ID and/or banking card therein, wherein the multi-channel selection switch is coupled with the input device, the password processing module and the processor, the password processing module is coupled with the processor, and the security IC chip is coupled with the password processing module; the application module controls the multi-channel selection switch via the processor so as to place the user terminal in a password input mode or in a normal input mode. The invention ensures the safety in entering the user's password in hardware configuration so that even when software system of the user terminal is not safe in itself, the safety of input password can be ensured.
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
100.
Internet based security information interaction apparatus and method
The present invention discloses a device and method for security information interaction. The device for security information interaction includes: an interface circuit, configured to connect the device for security information interaction to an internet terminal; an information input unit, configured to allow user to input security information; a secure encryption/decryption unit, configured to store and process the security information; an information reader, configured to read information data from an external information carrier; wherein the secure encryption/decryption unit processes the security information in connection with the information data, and complete a business function on the secure channel through the interaction with the security information processing server. The device and method for security information interaction disclosed in the present invention improves the flexibility and efficiency of the information processing system, enhances the security of the information processing system, and extending new applications of an external information carrier in an open network environment.
H04L 29/00 - Dispositions, appareils, circuits ou systèmes non couverts par un seul des groupes
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p.ex. clés électroniques ou cartes à puce intelligentes
G06F 21/72 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information dans les circuits de cryptographie
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p.ex. écrans ou moniteurs
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet