| In recent years, with a surge of information security issues both on an international level and in domestic spheres, our state departments which have high standard for information security are faced with increasingly serious threats to the safety of confidential intelligence and equipment. Traditional local secure lock device, such as safe, controlled access, and video surveillance, falls short to meet the demands of the state departments in terms of real-time monitor, security alert, immediate tracking, security log audit, etc. Meantime, with the rapid development of Internet of Things, traditionally embedded security devices are becoming more connected and intelligent.To meet such urgent demand for security and connectivity, professional security devices need to be safer and more reliable, equipped with logging and alarming capability, and connected to internet to allow identity verification locally and remotely. Moreover, new security devices need to upload to the server their own operations status, modification logs, video information, etc., to enable the server to monitor multiple devices in real time.The key to the research on the technology to monitor terminal system remotely in real time is to transfer data from terminal to server in a secure fashion. Therefore, the encryption of data in transfer is a critical part of this process. To ensure the security of the system and its capability to realize encrypted communication, this article designs and outlines a set of encrypted communication process, which allows the exchange of keys based on SM2 algorithm, the encryption of conversation based on SM4 algorithm, and the verification of data integrity based on SM3(SM2, SM3 and SM4 algorithm issued by State Department of Key).SM2 public-key cryptography is an ECC elloptic curve cryptography developed domestically. It is shorter, faster and more resources efficient compared to RSA algorithm, thus it is widely applied to upgrade and replace RSA. Similarly, SM3 and SM4 algorithm are also domestically developed and aim to replace international key algorithm that is currently widely used on market.Combining the knowledge and technology from internet, information, encryption, and fingerprint recognition, this article designs a set of terminal system for specialized security device that is minimized in size based on the platforms of embedded devices, SCM, sensor, etc. The design of the system includes the frame of the overall system, the software and the hardware of the motherboard module, lock control module, fingerprint recognition module, internet connection module, and touch display module.Additionally, through utilizing the basic big number library from OpenSSL open source algorithm, this article fulfills the key exchange agreement of the SM2 algorithm, and details a secure connection circuit that is compliant to SSL security agreement based on SM3 and SM4 key algorithm.Last but not the least, this article tests all the modules in the terminal system for the specialized security devices, including capability test on the communication encryption module, to ensure the stability and reliability of the system. |
PDF Full Text Request