1. Field of Invention
The present invention relates to a hardware secure system, and in particular to cooperation method and system of fixed and mobile hardware secure units as well as a computer device using the fixed hardware secure unit.
2. Description of Prior Art
Current computers and other devices are each provided with an internal secure chip to guarantee their own security. For the secure chip, a platform certificate is loaded for providing platform identification to the outside. When a computer or other device communicates with a third party device, the platform certificate inside the secure chip can provide the third party device with the identification of the computer or other device.
The existing hardware secure chip solution based on computer or other device can guarantee security for the platform. Unfortunately, since the secure chip is fixed on the PC or other device and difficult to move, the hardware secure chip solution based on computer or other device can only be implemented by a designated machine, causing inconvenience in mobile use by a user.
For the conventional USB Keys and smart cards, their certificates and keys are placed within their own secure chips, each of which acts as a black box for providing functions of identity authentication and cryptography to the outside. The USB Key and smart card are used as a user's ID in a typical online bank application. In the USB Key, there is a secure chip which requires authentication from a bank or a server. An electronic certificate issued by the service is loaded safely to the USB Key, and the electronic certificate contains a key used in signature. At the stage of connecting to the bank or the service, the USB Key user's identity must be verified by means of password or any other authentication practice like finger print, to gain the right to use the key. When the user submits to the server his or her data such as “transfer XX dollars to XX account”, the information must be signed with the electronic certificate of the USB Key, as an important evidence in confirming the user's operation. Meanwhile, the secure chip within the USB Key can also generate a user key. Data encrypted with the user key can be decrypted only with the key authorized by the user.
Two defects exist in the current solution of USB Key or smart card identifying a user.    1. The USB Key or smart card solution is responsible for only the user's identity other than security of the overall operating environment. Inherently, the solution cannot avoid or prevent a hacker program running in the computer from stealing the password of the USB Key or smart card. The user's identity cannot be secured after the USB Key or smart card is lost or the password is stolen.    2. The USB Key or smart card solution generally uses a password of several enterable characters to verify the user's identity. This is the weakest security factor in the overall secure system and susceptible to some violent attack.