CN104579674B - Terminal security module and its management method, vehicle toll management method and system - Google Patents
Terminal security module and its management method, vehicle toll management method and system Download PDFInfo
- Publication number
- CN104579674B CN104579674B CN201410391273.3A CN201410391273A CN104579674B CN 104579674 B CN104579674 B CN 104579674B CN 201410391273 A CN201410391273 A CN 201410391273A CN 104579674 B CN104579674 B CN 104579674B
- Authority
- CN
- China
- Prior art keywords
- key
- security module
- terminal security
- manager
- access times
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of terminal security module and its management method, vehicle toll management method and system, the management method of the terminal security module is followed the steps below when carrying out encryption and decryption using data key:Judge whether certified by the manager or PIN is verified;Certified by the manager or PIN verify when, change current application catalogue access right state value;Judge whether the state value of the access right of current application catalogue is greater than or equal to the threshold value of preset access right, wherein the threshold value of the access right is set when key creates;When more than or equal to the threshold value of preset access right, encryption and decryption is carried out using the data key.Implement technical scheme of the present invention, can eliminate safe hidden trouble.
Description
Technical field
The present invention relates to intelligent and safe management domain more particularly to a kind of terminal security module and its management method, vehicles
Charge management method and system.
Background technology
PSAM (Purchase Secure Access Module, terminal security module) be widely used in commercial POS machine,
In the equipment such as site terminal, direct-connected terminal, there is security control management function, be suitable for more application environments.
For example, being presently used in the parking lot in the place such as institutional settings, market, office building, residential quarters usually all by property
Independent parking system is runed, is charged to the vehicle in the parking lot that comes in and goes out, the intelligence that parking lot is generally held by user
Data between card and the transaction terminal of turning roadway terminal communicate realization charge, in order to ensure the accuracy of charge, based on intelligence
The Secure Transaction of card is ensured that subscriber card is needed when terminal is traded by being installed on transaction terminal by key code system
PSAM is authenticated.If being related to consuming, PSAM has relevant consumption key.Manager by manage PSAM key and
The key of user is to reach the control of certification and consumption.The safety of transaction by key safety.
Typical case of the another kind based on smart card, such as:Such as highway ETC (Electronic Toll
Collection, electronic toll collection) entrance and exit in track is separately installed with one and has PSAM.Only obtain
PSAM, subscriber card can just write access information when entering the tracks ETC, and could consume and withhold at outlet.Such as:Parking lot
Entrance needs to write access information to include temporal information, and the temporal information of entrance is read in outlet again, is provided by temporal information calculating
Body paying price.It practises fraud in order to prevent, entry time information may need encryption write-in parking card, after information is again decrypted in outlet
It uses.
PSMA can store key and file, need to use PSAM when operation is encrypted, have external system to pass through instruction
It sends be-encrypted data to be encrypted using the data key stored to PSAM, PSAM, and encrypted result is returned to outside
Portion's system.
But the management of PSAM is a problem.In the PSMA for supporting ISO7816 agreements, there is no making for regulation key
With permission, this present situation may cause following hidden danger:If attacker illegally obtains PSAM, this cannot be just limited from the background
The use of PSAM, as long as attacker understands the application flow of this PSAM, then it can appoint in the application range of this PSAM
Meaning uses.
Invention content
The technical problem to be solved in the present invention is, for the management of above-mentioned PSAM of the prior art, there are security risks
Defect provides a kind of terminal security module and its management method, vehicle toll management method and system, can eliminate safe hidden trouble.
The technical solution adopted by the present invention to solve the technical problems is:Construct a kind of manager of terminal security module
Method, the terminal security module are stored with key, when carrying out encryption and decryption using the data key, follow the steps below:
A. judge whether certified by the manager or PIN is verified;
B. certified by the manager or PIN verify when, change current application catalogue access right state value;
C. judge whether the state value of the access right of current application catalogue is greater than or equal to the threshold of preset access right
Value, wherein the threshold value of the access right is set when key creates;
D. when more than or equal to the threshold value of preset access right, encryption and decryption is carried out using the data key.
In the management method of terminal security module of the present invention, in the step A, judge whether to pass through management
The step of certification of device includes:
A1. terminal security module generate a random number, and the authentication key stored using itself to the random number into
Row is encrypted to generate the first encryption data, meanwhile, the random number is sent to manager by card reader;
A2. terminal security module receives the certification from manager by card reader and instructs, and includes in the certification instruction
The authentication key that manager is stored using itself random number is encrypted after the second encryption data;
A3. whether terminal security module first encryption data and the second encryption data are identical, if identical, really
Determine certified by the manager;If it is different, then determining not certified by the manager.
In the management method of terminal security module of the present invention, step B is specially:Certified by the manager
Or when PIN verifications, judge whether the key can be used under current state, when the key is available under current state, just change
The state value of the access right of current application catalogue.
In the management method of terminal security module of the present invention, judge whether the key can be used under current state
Specific method be:
Judge whether the access times of key are more than or equal to maximum access times, wherein the maximum access times exist
Key is set when creating;The access times are set to 0 in the terminal security module resets, and are using key logarithm every time
When according to carrying out encryption and decryption, access times are added 1;If not, it is determined that the key is available under current state;If so, determining
The key is unavailable under current state;
Alternatively,
Judge whether the remaining access times of key are less than or equal to 0, wherein the maximum access times are when key creates
Setting;The residue access times are set as the maximum access times in the terminal security module resets, and each
When carrying out encryption and decryption using data key, remaining access times are subtracted 1;If not, it is determined that the key can under current state
With;If so, determining that the key is unavailable under current state.
The present invention also constructs a kind of terminal security module, and the terminal security module is stored with key, the terminal security
Module includes:
Authentication unit or authentication unit, for when carrying out encryption and decryption using the data key, judging whether to pass through
The certification of manager or PIN verifications;
Change unit, for certified by the manager or PIN verify when, change current application catalogue access right
State value;
First judging unit, for judging it is default whether the state value of the access right of current application catalogue is greater than or equal to
Access right threshold value, wherein the threshold value of the access right is set when key creates;
Encryption/decryption element, for when more than or equal to the threshold value of preset access right, using the data key
Carry out encryption and decryption.
In terminal security module of the present invention, the authentication unit includes:
Random number generating subunit, for generating a random number;
The random number is encrypted to produce in random number encryption subelement, the authentication key for being stored using itself
Raw first encryption data;
Transmission sub-unit, for sending the random number to manager by card reader;
Receiving subelement is instructed for receiving the certification from manager by card reader, includes in the certification instruction
The authentication key that manager is stored using itself random number is encrypted after the second encryption data;
Comparing subunit, it is whether identical for first encryption data and the second encryption data, if so, determining
Certified by the manager;If not, it is determined that not certified by the manager.
In terminal security module of the present invention, the terminal security module further includes second judgment unit, is used for
Certified by the manager or PIN verify when, judge whether the key can be used under current state;
The modification unit be additionally operable under current state the key it is available when, change the right to use of current application catalogue
The state value of limit.
In terminal security module of the present invention, the second judgment unit is specifically used in recognizing by manager
When card or PIN are verified, judge whether the access times of key are more than or equal to maximum access times, wherein the maximum uses
Number is set when key creates;The access times are set to 0 in the terminal security module resets, and close using every time
When key carries out encryption and decryption to data, access times are added 1;If not, it is determined that the key is available under current state;If so,
Then determine that the key is unavailable under current state;
Alternatively,
The second judgment unit be specifically used for certified by the manager or PIN verify when, judge the residue of key
Whether access times are less than or equal to 0, wherein the maximum access times are set when key creates;The residue access times
It is set as the maximum access times in the terminal security module resets, and is being carried out plus is being solved using data key every time
When close, remaining access times are subtracted 1;If not, it is determined that the key is available under current state;If so, determining current state
Under the key it is unavailable.
The present invention also constructs a kind of vehicle toll management method, including:
In inlet, terminal security module is encrypted access information using above-described management method, and is written
Board units;
In exit, terminal security module is using above-described management method to encrypted transmitted by board units
Access information is decrypted;
Server calculates Parking Fee according to the access information after outlet information and decryption, and according to pre-stored vehicle-mounted
The correspondence of unit and user account deducts the Parking Fee from proper account.
The present invention also constructs a kind of vehicle toll management system, including server and the board units that are installed on vehicle,
The vehicle toll manages system:Be arranged inlet first terminal security module and be arranged the second of exit
Terminal security module, the first terminal security module and second terminal security module are respectively above-described terminal security mould
Block, moreover,
For access information to be encrypted, and the board units are written in the first terminal security module;
The second terminal security module, for being solved to the encrypted access information transmitted by the board units
It is close;
The server, for calculating Parking Fee according to the access information after outlet information and decryption, and according to advance
The board units of storage and the correspondence of user account, deduct the Parking Fee from proper account.
Implement technical scheme of the present invention, terminal security module when using key every time, it is necessary to first pass through manager
Certification or PIN verifications, only certification or PIN be verified, could to the state value of the access right of current application catalogue into
Row modification, moreover, when the state value of the access right of current application catalogue is greater than or equal to the threshold value of preset access right,
The data key could be used to carry out encryption and decryption.So even if attacker illegally obtains this terminal security module, due to
And then the state value of the access right of current application catalogue also can not just can not be changed certified by the manager or PIN verifications,
So attacker can not still use this terminal security module, to eliminate security risk.
Description of the drawings
Present invention will be further explained below with reference to the attached drawings and examples, in attached drawing:
Fig. 1 is the flow chart of the management method embodiment one of terminal security module of the present invention;
Fig. 2 is the flow chart of step A embodiments one in Fig. 1;
Fig. 3 is the flow chart of step B embodiment one in Fig. 1;
Fig. 4 is the flow chart of step B embodiment two in Fig. 1;
Fig. 5 is the logic chart of terminal security module embodiments one of the present invention;
Fig. 6 is the logic chart of authentication unit embodiment one in Fig. 5;
Fig. 7 is the logic chart of terminal security module embodiments two of the present invention;
Fig. 8 is the flow chart of vehicle toll management method embodiment one of the present invention;
Fig. 9 is the logic chart of vehicle toll management system embodiment one of the present invention.
Specific implementation mode
Fig. 1 is that the flow chart of the management method embodiment one of terminal security module of the present invention is said first in this embodiment
It is bright, key and file can be stored in terminal security module, for key, the COS (Chip of terminal security module
Operating System, COS chip operating system) in addition to categories such as purposes, version, algorithm mark, the key values of regulation key
Property outside, can also provide the access right of key, the access right of key is a numerical value, such as can be between 0-15 one
Number.
In the embodiment, the key attribute field structure and explanation of terminal security module are as shown in table 1:
| Data field | Key purposes | Key version | Algorithm identifies | Access right | Key value |
| Length (byte) | 1 | 1 | 1 | 1 | 8/16 |
Table 1
In addition, terminal security module is followed the steps below when using stored data key to carry out encryption and decryption:
A. judge whether certified by the manager or PIN is verified;
B. certified by the manager or PIN verify when, change current application catalogue access right state value, it is excellent
Selection of land according to authentication key or the succeeding state value of PIN key defineds, can change the shape of the access right of current application catalogue
State value, for example, the state value of modified access right is authentication key or the succeeding state value of PIN key defineds;
C. judge whether the state value of the access right of current application catalogue is greater than or equal to the threshold of preset access right
Value, wherein the threshold value of the access right is set when key creates;
D. when more than or equal to the threshold value of preset access right, encryption and decryption is carried out using the data key.
In step, in conjunction with Fig. 2, the step of judging whether certified by the manager, includes:
A1. terminal security module generate a random number, and the authentication key stored using itself to the random number into
Row is encrypted to generate the first encryption data, meanwhile, the random number is sent to manager by card reader;
A2. terminal security module receives the certification from manager by card reader and instructs, and includes in the certification instruction
The authentication key that manager is stored using itself random number is encrypted after the second encryption data;
A3. whether terminal security module first encryption data and the second encryption data are identical, if identical, really
Determine certified by the manager;If it is different, then determining not certified by the manager.
In addition, in step, judging whether that the method that the PIN by manager is verified can be:Since verification PIN is exactly
Verification user password contains so directly can be exactly to send an instruction to give terminal security module by manager in the instruction
User password, password are plaintexts, terminal security module be returned to it is correct or incorrect, if correctly, being considered as PIN verifications
Pass through;If incorrect, it is considered as PIN verifications and does not pass through.Only there are one steps for the process of PIN verifications, simpler, but due to
Password is plaintext, so less safe compared to the mode of certification.
In the embodiment above, before using key, terminal security module is all forced to must first go through recognizing for manager
Card or PIN verifications.But after the completion of certification or PIN verifications, in order to avoid terminal security module is in the case of no breakpoint
It uses always, also continues to judge whether key is available under current state, if the use for just changing current application catalogue can be used
The state value of permission.When judging whether key is available, the COS of terminal security module can also continue to increase by two categories of key
Property, the two attributes are access times and maximum access times, alternatively, the two attributes are remaining access times and most ambassador
Use number.
When increased two attributes of institute are access times and maximum access times, the key attribute of terminal security module
Field structure and explanation are as shown in table 2:
Table 2
Correspondingly, it may particularly include in conjunction with Fig. 3, step B:
B1. certified by the manager or PIN verify when, judge key access times whether be more than or equal to maximum
Access times, wherein the maximum access times are set when key creates;The access times are in the terminal security mould
It is set to 0 when block reset, and when carrying out encryption and decryption using data key every time, access times is added 1, if so, determination is worked as
The key is unavailable under preceding state, then prompts mistake;If not, it is determined that the key is available under current state, then holds
Row step B2;
B2. the state value of the access right of modification current application catalogue.
When increased two attributes of institute are remaining access times and maximum access times, the key category of terminal security module
Property field structure and explanation it is as shown in table 3:
Table 3
Correspondingly, it may particularly include in conjunction with Fig. 4, step B:
B3. certified by the manager or PIN verify when, judge key remaining access times whether be less than or equal to 0,
Wherein, the maximum access times are set when key creates;The residue access times are in the terminal security module resets
When be set as the maximum access times, and when carrying out encryption and decryption using data key every time, remaining access times are subtracted
1, if so, determining that the key is unavailable under current state, then prompts mistake;If not, it is determined that described under current state
Key is available, then executes the state value of the access right of step B4B4. modification current application catalogues.
Fig. 5 is the logic chart of terminal security module embodiments one of the present invention, the terminal security module of the embodiment include according to
Authentication unit 10 (or authentication unit 10 '), modification unit 20, the first judging unit 30 and the encryption/decryption element 40 of secondary connection,
In, authentication unit 10 is used to, when carrying out encryption and decryption using data key, judge whether certified by the manager;Verification is single
Member 10 ' is verified for when carrying out encryption and decryption using data key, judging whether by the PIN of manager.Change unit 20
For certified by the manager or PIN verify when, change current application catalogue access right state value;First judges
Unit 30 is used to judge whether the state value of the access right of current application catalogue to be greater than or equal to the threshold of preset access right
Value, wherein the threshold value of the access right is set when key creates;Encryption/decryption element 40 is used for more than or equal to preset
When the threshold value of access right, encryption and decryption is carried out using the data key.
Fig. 6 is the logic chart of authentication unit embodiment one in Fig. 5, and in this embodiment, authentication unit 10 specifically includes:With
Machine number generating subunit 11, random number encryption subelement 12, transmission sub-unit 13, receiving subelement 14 and comparing subunit 15.
Wherein, random number generating subunit 11 is for generating a random number;Random number encryption subelement 12 using itself for being stored
Authentication key the random number is encrypted to generate the first encryption data;Transmission sub-unit 13 be used for by card reader to
Manager sends the random number;Receiving subelement 14 is used to receive the certification from manager by card reader and instruct, described
The second encryption after the random number is encrypted comprising the authentication key that manager is stored using itself in certification instruction
Data;Whether comparing subunit 15 is identical for first encryption data and the second encryption data, if so, determining logical
Cross the certification of manager;If not, it is determined that not certified by the manager.
Fig. 7 is the logic chart of terminal security module embodiments two of the present invention, which compares embodiment shown in fig. 5
One, the only difference is that, further include having the second judgement between authentication unit 10 (or authentication unit 10 ') and modification unit 20
Unit 50, second judgment unit 50 be used for certified by the manager or PIN verify when, judge the key under current state
Whether can be used, modification unit 20 be additionally operable under current state the key it is available when, change the right to use of current application catalogue
The state value of limit.
In a kind of embodiment, second judgment unit 50 is used to, certified by the manager or when PIN is verified, judge key
Access times whether be more than or equal to maximum access times, wherein the maximum access times are set when key creates;Institute
It states access times to set to 0 in the terminal security module resets, and when carrying out encryption and decryption using data key every time, it will
Access times add 1 if not, it is determined that the key is available under current state;If so, determining the key under current state
It is unavailable.
In another embodiment, second judgment unit 50 be used for certified by the manager or PIN verify when, judge
Whether the remaining access times of key are less than or equal to 0, wherein the maximum access times are set when key creates;It is described surplus
Remaining access times are set as the maximum access times in the terminal security module resets, and are using key logarithm every time
When according to carrying out encryption and decryption, remaining access times are subtracted 1;If not, it is determined that the key is available under current state;If so, really
It is unavailable to determine the key under current state.
Preferably, when modification unit 30 is used for that the key to be available under current state, according to authentication key or PIN keys
The succeeding state value of defined changes the state value of the access right of current application catalogue.
Fig. 8 is the flow chart of vehicle toll management method embodiment one of the present invention, which can be directed to
Parking fee collective system can also be directed to expressway tol lcollection.The vehicle toll management method of the embodiment includes:
S1. in inlet, access information is encrypted in terminal security module, and board units are written.In this step,
It should be noted that it can also be expressway access that the entrance, which can be Entrance,.Access information includes entrance mark, enters
The mouth time.When vehicle passes through Entrance or expressway access, the terminal security module of inlet is read from external system
Taking mouth information, and access information being encrypted using the management method described in above example, and by encrypted entrance
Board units are written in information;
S2. in exit, the encrypted access information transmitted by board units is decrypted in terminal security module.
In the step, equally it should be noted that, which can be that parking exit can also be expressway exit.When vehicle passes through
When parking exit or expressway exit, encrypted access information can be sent to the terminal security in exit by board units
Module, then terminal security module encrypted access information is decrypted using the management method described in above example,
Like this, the access information of the vehicle is just obtained.In addition, the terminal security module also reads outlet information from external system;
S3. server calculates Parking Fee according to the access information after outlet information and decryption, and according to pre-stored
The correspondence of board units and user account deducts the Parking Fee from proper account.
Fig. 9 is the logic chart of vehicle toll management system embodiment one of the present invention, the vehicle toll management system of the embodiment
System includes:Be arranged inlet first terminal security module 100, be arranged exit second terminal security module 200, clothes
Business device 300, the board units 400 that are installed on vehicle.Wherein, first terminal security module 100 and second terminal security module
200 logical construction can refer to above-described embodiment, moreover, in this embodiment, first terminal security module 100 is used for entrance
Information is encrypted, and board units 400 are written;Second terminal security module 200 was used for adding transmitted by board units 400
Access information after close is decrypted;Server 300 is used to calculate parking fee according to the access information after outlet information and decryption
With, and according to the correspondence of pre-stored board units and user account, the Parking Fee is deducted from proper account.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, any made by repair
Change, equivalent replacement, improvement etc., should be included within scope of the presently claimed invention.
Claims (10)
1. a kind of management method of terminal security module, the terminal security module are stored with key, which is characterized in that using
When the data key carries out encryption and decryption, follow the steps below:
A. judge whether certified by the manager or PIN is verified;
B. certified by the manager or when PIN is verified, according to authentication key or the succeeding state value of PIN key defineds,
Change the state value of the access right of current application catalogue;
C. judge whether the state value of the access right of current application catalogue is greater than or equal to the threshold value of preset access right,
In, the threshold value of the access right is set when key creates;
D. when more than or equal to the threshold value of preset access right, encryption and decryption is carried out using the data key.
2. the management method of terminal security module according to claim 1, which is characterized in that in the step A, judge
Whether certified by the manager the step of include:
A1. terminal security module generates a random number, and the authentication key stored using itself adds the random number
It is close to generate the first encryption data, meanwhile, the random number is sent to manager by card reader;
A2. terminal security module receives the certification from manager by card reader and instructs, and includes management in the certification instruction
The authentication key that device is stored using itself random number is encrypted after the second encryption data;
A3. whether terminal security module first encryption data and the second encryption data are identical, if identical, it is determined that logical
Cross the certification of manager;If it is different, then determining not certified by the manager.
3. the management method of terminal security module according to claim 1, which is characterized in that step B is specially:Passing through
When the certification of manager or PIN are verified, also judge whether the key can be used under current state, the key under current state
When available, the state value of the access right of current application catalogue is just changed.
4. the management method of terminal security module according to claim 3, which is characterized in that judge described under current state
The whether available specific method of key is:
Judge whether the access times of key are more than or equal to maximum access times, wherein the maximum access times are in key
It is set when establishment;The access times are set to 0 in the terminal security module resets, and every time using data key into
When row encryption and decryption, access times are added 1;If not, it is determined that the key is available under current state;If so, determining current
The key is unavailable under state;
Alternatively,
Judge whether the remaining access times of key are less than or equal to 0, wherein the maximum access times are set when key creates
It is fixed;The residue access times are set as the maximum access times in the terminal security module resets, and make every time
When carrying out encryption and decryption with data key, remaining access times are subtracted 1;If not, it is determined that the key is available under current state;
If so, determining that the key is unavailable under current state.
5. a kind of terminal security module, the terminal security module is stored with key, which is characterized in that the terminal security module
Including:
Authentication unit or authentication unit, for when carrying out encryption and decryption using the data key, judging whether to pass through management
The certification of device or PIN verifications;
Unit is changed, for certified by the manager or when PIN is verified, according to authentication key or PIN key defineds
Succeeding state value changes the state value of the access right of current application catalogue;
First judging unit, for judging whether the state value of the access right of current application catalogue is greater than or equal to preset make
With the threshold value of permission, wherein the threshold value of the access right is set when key creates;
Encryption/decryption element, for when more than or equal to the threshold value of preset access right, being carried out using the data key
Encryption and decryption.
6. terminal security module according to claim 5, which is characterized in that the authentication unit includes:
Random number generating subunit, for generating a random number;
Random number encryption subelement, the authentication key for being stored using itself are encrypted the random number to generate
One encryption data;
Transmission sub-unit, for sending the random number to manager by card reader;
Receiving subelement is instructed for receiving the certification from manager by card reader, includes management in the certification instruction
The authentication key that device is stored using itself random number is encrypted after the second encryption data;
Comparing subunit, it is whether identical for first encryption data and the second encryption data, if so, determination passes through
The certification of manager;If not, it is determined that not certified by the manager.
7. terminal security module according to claim 5, which is characterized in that the terminal security module further includes second sentencing
Disconnected unit, for certified by the manager or when PIN is verified, judging whether the key can be used under current state;
The modification unit be additionally operable under current state the key it is available when, change the access right of current application catalogue
State value.
8. terminal security module according to claim 7, which is characterized in that the second judgment unit is for passing through pipe
When managing certification or the PIN verifications of device, judge whether the access times of key are more than or equal to maximum access times, wherein described
Maximum access times are set when key creates;The access times are set to 0 in the terminal security module resets, and every
When the secondary progress encryption and decryption using data key, access times are added 1;If not, it is determined that the key can under current state
With;If so, determining that the key is unavailable under current state;
Alternatively,
The second judgment unit, for certified by the manager or PIN verify when, judge the remaining access times of key
Whether 0 is less than or equal to, wherein the maximum access times are set when key creates;The residue access times are at the end
End security module is set as the maximum access times when resetting, and when carrying out encryption and decryption using data key every time, will
Remaining access times subtract 1;If not, it is determined that the key is available under current state;If so, determining described close under current state
Key is unavailable.
9. a kind of vehicle toll management method, which is characterized in that including:
In inlet, terminal security module adds access information using claim 1-4 any one of them management methods
It is close, and board units are written;
In exit, terminal security module is using claim 1-4 any one of them management methods to transmitted by board units
Encrypted access information be decrypted;
Server calculates Parking Fee according to the access information after outlet information and decryption, and according to pre-stored board units
With the correspondence of user account, the Parking Fee is deducted from proper account.
10. a kind of vehicle toll manages system, including server and the board units that are installed on vehicle, which is characterized in that institute
Stating vehicle toll management system further includes:Be arranged inlet first terminal security module and be arranged exit second eventually
Security module is held, the first terminal security module and second terminal security module are respectively described in claim any one of 5-8
Terminal security module, moreover,
For access information to be encrypted, and the board units are written in the first terminal security module;
The second terminal security module, for the encrypted access information transmitted by the board units to be decrypted;
The server, for calculating Parking Fee according to the access information after outlet information and decryption, and according to prestoring
Board units and user account correspondence, the Parking Fee is deducted from proper account.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410391273.3A CN104579674B (en) | 2014-08-08 | 2014-08-08 | Terminal security module and its management method, vehicle toll management method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410391273.3A CN104579674B (en) | 2014-08-08 | 2014-08-08 | Terminal security module and its management method, vehicle toll management method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104579674A CN104579674A (en) | 2015-04-29 |
| CN104579674B true CN104579674B (en) | 2018-07-20 |
Family
ID=53094955
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410391273.3A Active CN104579674B (en) | 2014-08-08 | 2014-08-08 | Terminal security module and its management method, vehicle toll management method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104579674B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1380630A (en) * | 2002-04-25 | 2002-11-20 | 深圳市深港产学研数码科技有限公司 | Non-stop charging method and system |
| CN102064944A (en) * | 2010-11-30 | 2011-05-18 | 北京飞天诚信科技有限公司 | Safety card issuing method as well as card issuing equipment and system |
| CN102081744A (en) * | 2009-11-30 | 2011-06-01 | 中兴通讯股份有限公司 | Path identification system and secure interaction method thereof |
| CN102255727A (en) * | 2011-06-23 | 2011-11-23 | 中国电力科学研究院 | Improved anti-attacking intelligent card authentication method based on user defined algorithm environment |
| CN102568097A (en) * | 2010-12-08 | 2012-07-11 | 邵通 | Method and system for improving safety of electronic wallets |
| CN103606223A (en) * | 2013-11-15 | 2014-02-26 | 深圳市捷顺科技实业股份有限公司 | Card authentication method and device |
| CN103914913A (en) * | 2012-12-28 | 2014-07-09 | 北京握奇数据系统有限公司 | Intelligent card application scene recognition method and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007069737A1 (en) * | 2005-12-15 | 2007-06-21 | Matsushita Electric Industrial Co., Ltd. | Network device verifying apparatus |
-
2014
- 2014-08-08 CN CN201410391273.3A patent/CN104579674B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1380630A (en) * | 2002-04-25 | 2002-11-20 | 深圳市深港产学研数码科技有限公司 | Non-stop charging method and system |
| CN102081744A (en) * | 2009-11-30 | 2011-06-01 | 中兴通讯股份有限公司 | Path identification system and secure interaction method thereof |
| CN102064944A (en) * | 2010-11-30 | 2011-05-18 | 北京飞天诚信科技有限公司 | Safety card issuing method as well as card issuing equipment and system |
| CN102568097A (en) * | 2010-12-08 | 2012-07-11 | 邵通 | Method and system for improving safety of electronic wallets |
| CN102255727A (en) * | 2011-06-23 | 2011-11-23 | 中国电力科学研究院 | Improved anti-attacking intelligent card authentication method based on user defined algorithm environment |
| CN103914913A (en) * | 2012-12-28 | 2014-07-09 | 北京握奇数据系统有限公司 | Intelligent card application scene recognition method and system |
| CN103606223A (en) * | 2013-11-15 | 2014-02-26 | 深圳市捷顺科技实业股份有限公司 | Card authentication method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104579674A (en) | 2015-04-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102081821B (en) | IC (integrated circuit) card paying system and method as well as multi-application IC card and payment terminal | |
| RU2537795C2 (en) | Trusted remote attestation agent (traa) | |
| US20200394657A1 (en) | Method and system for authenticating iot device using mobile device | |
| US20130246281A1 (en) | Service providing system and unit device | |
| CN107256484B (en) | Mobile payment authorization transfer method and payment system realized by using same | |
| CN105610871B (en) | A kind of vehicle input-output control system and control method based on semi-on-line key | |
| US7246375B1 (en) | Method for managing a secure terminal | |
| CN204990313U (en) | Disposition of equipment mandate device | |
| CN110378695A (en) | Bank card payment method, device, equipment and computer storage medium | |
| US20190325434A1 (en) | System and Method for Determining a Secured Resource Account Number | |
| US20160342979A1 (en) | Systems and methods for transaction authentication using dynamic wireless beacon devices | |
| CN104579675A (en) | Safety module, data reading-writing system for parking lot and safety setting method | |
| KR20190011620A (en) | Authentication System and Device for Unmanned Sales Kiosk | |
| CN104680364A (en) | Dynamic signature password device, network transaction system and network transaction method | |
| CN104579674B (en) | Terminal security module and its management method, vehicle toll management method and system | |
| CN104574535A (en) | PSAM (Purchase Secure Access Module) and management method and system thereof as well as vehicle charge management method and system | |
| CN106355404B (en) | Debit credit transaction system and method with security vulnerability protection mechanism | |
| CN105224851A (en) | Tax inspection method based on USBKEY | |
| WO2015162276A2 (en) | Secure token implementation | |
| CN110866069B (en) | Identity management metadata processing method and system based on block chain | |
| CN112630570A (en) | ETC (electronic toll Collection) equipment effectiveness detection method and device, electronic equipment and medium | |
| EP3035270A1 (en) | Card-based offline token generation | |
| CN105374075B (en) | PSAM, manager, management method and system, vehicle toll management system | |
| KR101902990B1 (en) | Pass card issue and operating system by using security module and method thereof | |
| CN104537298A (en) | Authorizing method and device based on micro-processor card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |