| 摘要 |
Disclosed are a network security method and a network security system. The method comprises steps: a third-party server, an application server, a mobile terminal and a client host being started and running respective read-only software; an application IC card transmitting an input user password to the application server; the application server and the client host respectively starting data packet filtering; the mobile terminal executing encryption and decryption computations of encrypted Internet communication of the client host; the client host directly logging in the application server and transmitting a user command to the application server; the mobile terminal and/or the application IC card confirming the user command with the application server; and the mobile terminal and/or a third-party IC card generating a user command digital signature. The system comprises the application IC card, the mobile terminal, the client host, the application server, the third-party IC card and the third-party server. |
| 主权项 |
1. A network security method, comprising the following steps:
step A, a third-party server, an application server, a mobile terminal and a client host being respectively started and running respective system software and application software memorized in read-only mode; step B, an application IC card transmitting an input user password to the application server through the mobile terminal, while the mobile terminal allowing the mobile terminal to log in; step C, the application server and the client host respectively acquiring network parameters of each other through the mobile terminal, and starting data packet filtering based on own and mutual network parameters; step D, the application server transmitting a session secrete key of encrypted Internet communication with the client host to the mobile terminal, while the mobile terminal executing encryption and decryption computations of the encrypted Internet communication of the client host on the basis of the session secrete key; step E, the client host logging in the application server in a mode of without using a username and a user password and transmitting a user command to the application server, or transmits the user command to the application server in the status of not logging in the application server yet; step F, the mobile terminal and/or the application IC card confirming the user command with the application server; and, step G, the mobile terminal and/or a third-party IC card generating a user command digital signature. |
