CN107766717B - Access control method, device and system - Google Patents
Access control method, device and system Download PDFInfo
- Publication number
- CN107766717B CN107766717B CN201610682386.8A CN201610682386A CN107766717B CN 107766717 B CN107766717 B CN 107766717B CN 201610682386 A CN201610682386 A CN 201610682386A CN 107766717 B CN107766717 B CN 107766717B
- Authority
- CN
- China
- Prior art keywords
- application program
- security chip
- access
- verification
- application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides an access control method, an access control device and an access control system, wherein the access control method comprises the following steps: acquiring a first verification parameter corresponding to a target object and a second verification parameter corresponding to a first application program, judging whether the first application program has the authority of accessing the target object by using the first verification parameter and the second verification parameter, allowing the first application program to access the target object when judging that the first application program has the authority of accessing the target object, and refusing the first application program to access the target object otherwise. The scheme of the invention can conveniently realize the authentication of the LPA existing in the form of the application program, and only when the application program LPA has the authority of accessing the target object, the application program LPA is allowed to access the target object, thereby realizing the safe communication.
Description
Technical Field
The present invention relates to the field of terminal technologies, and in particular, to an access control method, apparatus, and system.
Background
Generally, an Embedded Universal Integrated Circuit Card (eUICC) is Embedded in an electronic device, such as an automobile, a watch, a mobile phone, and the like, for use, and the eUICC needs to preset/dynamically download a Profile, and switch between profiles.
In the existing eUICC System architecture, referring to fig. 1, a device manufacturer integrates a Local Profile Assistant (LPA) function into an Operating System (OS) of an electronic device, so as to provide a Profile Operating interface for a user, and communicate a subscription management server and an eUICC, where the subscription management server is used for subscription management and data preparation. And the LPA communicates with the LPA server on the eUICC through a local interface to create, activate/deactivate, and delete Profile. The ISD-P is the existence mode of the Profile on the eUICC, and the profiles provided by different subscription management servers (SM-DP in fig. 1) correspond to different ISD-ps on the eUICC, and are mutually and safely isolated. It should be noted that, in fig. 1, the solid line represents the actual physical channel, and the dashed line connects two objects with data/instruction transmission.
However, the eUICC system architecture of the prior art has a problem that it is difficult to verify due to the integration of the LPA in the OS of the electronic device.
Disclosure of Invention
The invention aims to provide an access control method, device and system to solve the problem that the existing LPA is integrated in the OS of an electronic device and is difficult to verify.
In order to achieve the above object, the present invention provides an access control method, including:
acquiring a first verification parameter corresponding to a target object and a second verification parameter corresponding to a first application program;
judging whether the first application program has the authority of accessing the target object or not by using the first verification parameter and the second verification parameter;
and when the first application program is judged to have the authority of accessing the target object, allowing the first application program to access the target object, and if not, refusing the first application program to access the target object.
The present invention also provides an access control apparatus, the apparatus comprising:
the first acquisition module is used for acquiring a first verification parameter corresponding to the target object and a second verification parameter corresponding to the first application program;
the judging module is used for judging whether the first application program has the authority of accessing the target object by utilizing the first verification parameter and the second verification parameter;
and the control module is used for allowing the first application program to access the target object when the first application program is judged to have the authority of accessing the target object, and otherwise, refusing the first application program to access the target object.
The invention also provides an access control method, which comprises the following steps:
acquiring a verification parameter acquisition request sent by electronic equipment;
acquiring a first verification parameter corresponding to the security chip;
and sending the first authentication parameter to the electronic equipment through an authentication parameter acquisition request response, so that the electronic equipment can judge whether a first application program has the authority of accessing the security chip by using the first authentication parameter and a second authentication parameter corresponding to the first application program when detecting that the first application program requests to access the security chip, and allow the first application program to access the security chip when the first application program has the authority of accessing the security chip, otherwise, refusing the first application program to access the security chip.
The present invention also provides an access control apparatus, the apparatus comprising:
the third acquisition module is used for acquiring a verification parameter acquisition request sent by the electronic equipment;
the fourth obtaining module is used for obtaining a first verification parameter corresponding to the security chip;
the first sending module is used for sending the first authentication parameter to the electronic equipment through an authentication parameter acquisition request response, so that the electronic equipment can judge whether a first application program has the authority of accessing the security chip by using the first authentication parameter and a second authentication parameter corresponding to the first application program when detecting that the first application program requests to access the security chip, and allow the first application program to access the security chip when the first application program has the authority of accessing the security chip, otherwise, the first application program is refused to access the security chip.
The invention also provides an access control system, which comprises electronic equipment and a security chip;
the electronic equipment is used for detecting whether an application program requests to access the security chip, acquiring a first authentication parameter corresponding to the security chip and a second authentication parameter corresponding to the first application program when detecting that the first application program requests to access the security chip, judging whether the first application program has the authority of accessing the security chip by using the first authentication parameter and the second authentication parameter, allowing the first application program to access the security chip when judging that the first application program has the authority of accessing the security chip, and otherwise refusing the first application program to access the security chip;
the security chip is used for acquiring a verification parameter acquisition request sent by the electronic equipment, acquiring a first verification parameter corresponding to the security chip, and sending the first verification parameter to the electronic equipment through a verification parameter acquisition request response.
Through the technical scheme, the invention has the beneficial effects that:
the access control method can conveniently realize the authentication of the LPA existing in the form of the application program through the verification and judgment, and allows the application program LPA to access the target object only when the application program LPA has the right to access the target object, thereby realizing the safe communication.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
Fig. 1 shows a schematic diagram of a conventional eUICC system architecture.
Fig. 2 shows a flow chart of an access control method according to an embodiment of the invention.
Fig. 3 shows a schematic diagram of an existing GSMA certificate architecture.
Fig. 4 is a schematic configuration diagram of an access control device according to an embodiment of the present invention.
Fig. 5 shows a flow chart of another access control method according to an embodiment of the invention.
Fig. 6 is a schematic structural diagram of another access control device according to an embodiment of the present invention.
Fig. 7 is a schematic structural diagram of an access control system according to an embodiment of the present invention.
Fig. 8 is a schematic diagram of an eUICC system architecture according to an embodiment of the present invention.
Fig. 9 shows an authentication flow diagram of an MNO LPA according to an embodiment of the present invention.
Fig. 10 is a schematic diagram of another eUICC system architecture according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
First, in the embodiment of the present invention, the LPA exists in the form of an application program, and is respectively connected to the subscription management server and the security chip, so that the LPA can be effectively separated from the OS of the electronic device, the application program LPA can be conveniently and individually upgraded, and the LPA can be authenticated.
For the LPA existing in the form of an application program, an embodiment of the present invention provides an access control method, as shown in fig. 2, where the method includes:
step 201: acquiring a first verification parameter corresponding to a target object and a second verification parameter corresponding to a first application program;
step 202: judging whether the first application program has the authority of accessing the target object or not by using the first verification parameter and the second verification parameter;
step 203: and when the first application program is judged to have the authority of accessing the target object, allowing the first application program to access the target object, and if not, refusing the first application program to access the target object.
Thus, the access control method of the embodiment of the invention can conveniently realize the authentication of the LPA existing in the form of the application program through the verification and judgment, and only when the application program LPA has the right to access the target object, the application program LPA is allowed to access the target object, thereby realizing the secure communication.
In the specific embodiment of the present invention, the LPA is used as a "middleware" for connecting the subscription management server and the security chip, and both the subscription management server and the security chip can verify the LPA and the security chip, so in the specific embodiment of the present invention, the target object may be the security chip or the subscription management server, and the subscription management server corresponds to an operator and is used for subscription management and data preparation.
In the embodiment of the present invention, the security chip is specifically an embedded universal integrated circuit card eUICC, and the first application program is specifically a connection subscription management server and the eUICC, and is used to configure and manage the application program.
In this embodiment of the present invention, when the target object is a security chip, the method is used for an electronic device installed with an LPA existing in an application program, and before the step 201, the method further includes:
and detecting whether an application program requests to access the security chip.
And the step 201 specifically comprises: when it is detected that the first application program requests to access the security chip, a first verification parameter corresponding to the security chip and a second verification parameter corresponding to the first application program are obtained.
Furthermore, an application programming interface API for interacting with the security chip is provided in the electronic device.
The step of detecting whether an application program requests to access the security chip specifically comprises: detecting the calling condition of the API, and determining whether an application program requests to access the security chip; namely, when an application program requests to call the API, the application program is determined to request to access the security chip.
The step 203 specifically includes: and when the first application program is judged to have the authority of accessing the security chip, allowing the first application program to call the API to access the security chip, and if not, refusing the first application program to call the API to access the security chip.
In this embodiment of the present invention, the first verification parameter is specifically a root certificate stored in the security chip in advance, and the second verification parameter is a certificate to be verified provided by the first application program.
Referring to fig. 3, in the existing GSMA certificate architecture, a root certificate of a certificate issuing authority (CI) is CI Cert, CI issues a certificate EUM Cert to a card provider (eUICC manager, EUM for short), and simultaneously issues a certificate SM-DP + Cert to an operator SM-DP + and EUM issues a certificate eUICC Cert to the eUICC. If the eUICC exchanges commands with SM-DP + through the LPA, it needs to exchange respective certificates through the LPA first.
In the embodiment of the present invention, in order to implement authentication of the LPA, a root certificate CI Cert is preset in the security chip, and the CI Cert is used to issue a certificate LPA Cert corresponding to the application program LPA, so as to verify the application program LPA.
That is, under normal conditions, the second authentication parameter, i.e., the certificate to be authenticated provided by the first application program, is issued by a root certificate stored in the security chip in advance.
And the root certificate pre-stored in the security chip is mainly provided by the security chip in the starting process of the electronic equipment or when the security chip receives an authentication parameter acquisition request.
The step of determining whether the first application has the right to access the target object by using the first verification parameter and the second verification parameter specifically includes:
verifying whether the certificate to be verified is a certificate signed by the root certificate;
when the certificate to be verified is the certificate signed by the root certificate, verifying the integrity of the first application program by using the certificate to be verified;
and when the first application program is verified to be complete, determining that the first application program has the authority of accessing the security chip, otherwise, determining that the first application program does not have the authority of accessing the security chip.
In this embodiment of the present invention, when the target object is a subscription management server, the access control method may be used for the subscription management server, and the first application is a corresponding application LPA, so as to implement authentication of the subscription management server on the corresponding application LPA.
Specifically, when the target object is a subscription management server, the access control method further includes:
acquiring a third verification parameter sent by the security chip;
and verifying the security chip according to the third verification parameter.
Therefore, the validity verification of the signing management server on the security chip can be realized.
Further, the second authentication parameter is sent to the subscription management server by the secure chip along with the third authentication parameter, and the secure chip obtains the second authentication parameter from the first application. In this way, the second verification parameter and the third verification parameter are transmitted together, so that the subscription management server can verify the application program LPA together when verifying the security chip, thereby simplifying the operation flow.
It should be noted that, when the secure chip sends the verification parameter to the subscription management server, in order to ensure that the verification parameter is not tampered in the transmission process, the secure chip may sign the information including the verification parameter, so as to ensure the accuracy of the verification parameter.
Referring to fig. 4, an embodiment of the present invention further provides an access control apparatus, which corresponds to the access control method shown in fig. 2, and includes:
a first obtaining module 41, configured to obtain a first verification parameter corresponding to the target object and a second verification parameter corresponding to the first application;
a determining module 42, configured to determine whether the first application has the right to access the target object by using the first verification parameter and the second verification parameter;
a control module 43, configured to allow the first application program to access the target object when it is determined that the first application program has the right to access the target object, and otherwise, deny the first application program from accessing the target object.
In this way, the access control device according to the embodiment of the present invention can conveniently implement authentication of the LPA existing in the form of the application program through verification and judgment, and only when the application program LPA has the right to access the target object, the application program LPA is allowed to access the target object, thereby implementing secure communication.
Wherein, when the target object is a security chip, the apparatus further comprises:
the detection module is used for detecting whether an application program requests to access the security chip;
the first obtaining module is specifically configured to: when it is detected that the first application program requests to access the security chip, a first verification parameter corresponding to the security chip and a second verification parameter corresponding to the first application program are obtained.
In the embodiment of the invention, the device can be used for electronic equipment, and an application programming interface API for interacting with the security chip is arranged in the electronic equipment.
The detection module is specifically configured to: and detecting the calling condition of the API, and determining whether an application program requests to access the security chip.
The control module is specifically configured to: and when the first application program is judged to have the authority of accessing the security chip, allowing the first application program to call the API to access the security chip, and if not, refusing the first application program to call the API to access the security chip.
The first verification parameter is a root certificate stored in the security chip in advance, and the second verification parameter is a certificate to be verified provided by the first application program.
The root certificate pre-stored in the security chip is provided by the security chip during the starting process of the electronic equipment or when an authentication parameter acquisition request is received.
In an embodiment of the present invention, the determining module specifically includes:
a first verification unit configured to verify whether the certificate to be verified is a certificate signed by the root certificate;
a second verification unit, configured to verify integrity of the first application program by using the certificate to be verified when the certificate to be verified is a certificate signed by the root certificate;
and the determining unit is used for determining that the first application program has the authority to access the security chip when the first application program is verified to be complete, and otherwise, determining that the first application program does not have the authority to access the security chip.
Specifically, the security chip is an embedded universal integrated circuit card, and the first application program is an application program for connecting a subscription management server and the embedded universal integrated circuit card and for configuring management.
In this embodiment of the present invention, when the target object is a subscription management server, the apparatus further includes:
the second acquisition module is used for acquiring a third verification parameter sent by the security chip;
the verification module is used for verifying the security chip according to the third verification parameter;
wherein the second authentication parameter is sent to the subscription management server by the secure chip along with the third authentication parameter, and the secure chip obtains the second authentication parameter from the first application.
Referring to fig. 5, an embodiment of the present invention further provides an access control method applied to a secure chip, where the method includes:
step 501: acquiring a verification parameter acquisition request sent by electronic equipment;
step 502: acquiring a first verification parameter corresponding to the security chip;
step 503: and sending the first authentication parameter to the electronic equipment through an authentication parameter acquisition request response, so that the electronic equipment can judge whether a first application program has the authority of accessing the security chip by using the first authentication parameter and a second authentication parameter corresponding to the first application program when detecting that the first application program requests to access the security chip, and allow the first application program to access the security chip when the first application program has the authority of accessing the security chip, otherwise, refusing the first application program to access the security chip.
Thus, the access control method of the embodiment of the invention can conveniently realize the authentication of the LPA existing in the form of the application program through the verification and judgment, and only when the application program LPA has the authority of accessing the security chip, the application program LPA is allowed to access the security chip, so that the secure communication is realized.
Specifically, the security chip is an embedded universal integrated circuit card, and the first application program is an application program for connecting a subscription management server and the embedded universal integrated circuit card and for configuring management.
Further, in the embodiment of the present invention, the method further includes:
receiving the second verification parameter sent by the electronic equipment;
and sending the second verification parameters and third verification parameters used for verifying the embedded universal integrated circuit card to the signing management server, so that the signing management server can verify the first application program by using the second verification parameters and verify the embedded universal integrated circuit card by using the third verification parameters.
Therefore, the verification of the signing management server on the security chip and the application program LPA can be realized at the same time, and the operation flow is simplified.
The first verification parameter is a root certificate stored in the security chip in advance, and the second verification parameter is a certificate to be verified provided by the first application program.
Referring to fig. 6, an embodiment of the present invention further provides an access control apparatus, corresponding to the access control method shown in fig. 5, where the apparatus includes:
a third obtaining module 61, configured to obtain an authentication parameter obtaining request sent by the electronic device;
a fourth obtaining module 62, configured to obtain a first verification parameter corresponding to the secure chip;
a first sending module 63, configured to send the first authentication parameter to the electronic device through an authentication parameter acquisition request response, so that the electronic device can, when detecting that a first application requests to access the secure chip, determine, by using the first authentication parameter and a second authentication parameter corresponding to the first application, whether the first application has an authority to access the secure chip, and when the first application has the authority to access the secure chip, allow the first application to access the secure chip, otherwise, deny the first application from accessing the secure chip.
Specifically, the security chip is an embedded universal integrated circuit card, and the first application program is an application program for connecting a subscription management server and the embedded universal integrated circuit card and for configuring management.
In the embodiment of the present invention, the apparatus further includes:
the receiving module is used for receiving the second verification parameters sent by the electronic equipment;
and the second sending module is used for sending the second verification parameters and third verification parameters used for verifying the embedded universal integrated circuit card to the signing management server, so that the signing management server can verify the first application program by using the second verification parameters and verify the embedded universal integrated circuit card by using the third verification parameters.
The first verification parameter is a root certificate stored in the security chip in advance, and the second verification parameter is a certificate to be verified provided by the first application program.
Referring to fig. 7, an embodiment of the present invention further provides an access control system, where the system includes an electronic device 71 and a security chip 72;
the electronic device 71 is configured to detect whether an application requests to access the secure chip 72, obtain a first authentication parameter corresponding to the secure chip 72 and a second authentication parameter corresponding to the first application when detecting that the first application requests to access the secure chip 72, determine whether the first application has an authority to access the secure chip 72 by using the first authentication parameter and the second authentication parameter, allow the first application to access the secure chip 72 when determining that the first application has the authority to access the secure chip 72, and deny the first application from accessing the secure chip 72 if not;
the security chip 72 is configured to obtain an authentication parameter obtaining request sent by the electronic device, obtain a first authentication parameter corresponding to the security chip 72, and send the first authentication parameter to the electronic device 71 through an authentication parameter obtaining request response.
Thus, the access control system of the embodiment of the invention can conveniently realize the authentication of the LPA existing in the form of the application program through the verification and judgment, and only when the application program LPA has the authority of accessing the security chip, the application program LPA is allowed to access the security chip, so that the secure communication is realized.
Next, referring to fig. 8, the eUICC system architecture of the present invention is described by a specific example.
Specifically, in fig. 8, the LPA may include two types, as follows:
a first LPA integrated into an OS of an electronic device, such as a second LPA;
a second type of LPA, in the form of an application separate from the OS of the electronic device, such as a first LPA, a carrier LPA (mno LPA), and a third party LPA;
all the LPAs are used for connecting the subscription management server SM-DP and the eUICC, except that the LPA of the second type may interact with the eUICC by calling an application programming interface API, and the specific interaction process is implemented by means of an access control executor aconforcer.
And the eUICC is provided with an LPA service and an access control application program AC Applet, and the AC Applet is stored with verification parameters in advance and used for authentication of the application program LPA. It should be noted that, in fig. 8, the solid line represents the actual physical channel, and the dashed line connects two objects having data/instruction transmission requirements.
Based on the eUICC system architecture shown in fig. 8, referring to fig. 9, an authentication process for MNO LPA is described as follows:
step 901: the AC Enforcer selects an AC Applet; generally, an AC Applet must be selected before the AC Enforcer communicates with the AC Applet;
step 902: the AC Applet returns a selection response;
step 903: the AC Enforcer sends a verification parameter acquisition request to the AC Applet;
step 904: the AC Applet returns CI Cert;
step 905: the AC Enforcer sends an authentication parameter acquisition request to the MNO LPA;
step 906: the MNO LPA returns a signature certificate LPA Cert;
step 907: the AC Enforcer utilizes the CI Cert to verify the LPA Cert, and if the LPA Cert fails to be verified, the MNO LPA cannot call an API (application program interface) for accessing the eUICC;
step 908: if the LPA Cert passes the verification, the AC Enforcer utilizes the LPA Cert to verify the integrity of the MNO LPA, if the verification is successful, the MNO LPA can normally call and access the API interface of the eUICC, otherwise, the MNO LPA cannot call.
In the flow defined by the existing GSMA specification, the subscription management server does not authenticate the LPA, considers that the LPA is provided by the equipment provider, and only a legal LPA party can access the eUICC to authenticate the eUICC. However, in the present invention, the LPA exists in the form of an application, the security is low, and there is a risk that only authenticating the eUICC may occur.
For example, in the eUICC system architecture shown in fig. 10, MNO LPA1 and MNO LPA2 are respectively application LPAs provided by operator 1 and operator 2, and similarly have the right to access the eUICC, and subscription manager server SM-DP + 1 corresponds to operator 1, so that SM-DP + 1 does not want MNO LPA2 to obtain the Profile generated by it.
Therefore, in order to improve the validity of the application LPA accessing the subscription management server, the subscription management server may authenticate the corresponding application LPA.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.
Claims (25)
1. An access control method, characterized in that the method comprises:
acquiring a first verification parameter corresponding to a target object and a second verification parameter corresponding to a first application program;
judging whether the first application program has the authority of accessing the target object or not by using the first verification parameter and the second verification parameter;
when the first application program is judged to have the authority of accessing the target object, allowing the first application program to access the target object, and if not, refusing the first application program to access the target object;
the first application program is a local configuration file assistant (LPA) in the form of an application program, and the LPA is respectively connected with a subscription management server and a security chip; the target object is the security chip or the signing management server.
2. The method according to claim 1, wherein the target object is a security chip, and before the step of obtaining the first verification parameter corresponding to the target object and the second verification parameter corresponding to the first application, the method further comprises:
detecting whether an application program requests to access the security chip;
the step of obtaining the first verification parameter corresponding to the target object and the second verification parameter corresponding to the first application program specifically includes:
when it is detected that the first application program requests to access the security chip, a first verification parameter corresponding to the security chip and a second verification parameter corresponding to the first application program are obtained.
3. The method according to claim 2, wherein the method is applied to an electronic device, and an application programming interface for interacting with the security chip is arranged in the electronic device;
the step of detecting whether an application program requests to access the security chip specifically comprises: detecting the calling condition of the application programming interface, and determining whether an application program requests to access the security chip;
the step of allowing the first application program to access the target object when the first application program is judged to have the authority of accessing the target object, and the step of denying the first application program to access the target object if the first application program is judged not to have the authority of accessing the target object specifically comprises the following steps:
and when the first application program is judged to have the authority of accessing the security chip, allowing the first application program to call the application programming interface to access the security chip, and if not, refusing the first application program to call the application programming interface to access the security chip.
4. The method according to claim 2, wherein the first authentication parameter is a root certificate pre-stored in the secure chip, and the second authentication parameter is a certificate to be authenticated provided by the first application.
5. The method according to claim 4, wherein the root certificate pre-stored in the secure chip is provided by the secure chip during a boot process of the electronic device or when an authentication parameter acquisition request is received.
6. The method according to claim 5, wherein the step of determining whether the first application has the right to access the target object by using the first authentication parameter and the second authentication parameter specifically comprises:
verifying whether the certificate to be verified is a certificate signed by the root certificate;
when the certificate to be verified is the certificate signed by the root certificate, verifying the integrity of the first application program by using the certificate to be verified;
and when the first application program is verified to be complete, determining that the first application program has the authority of accessing the security chip, otherwise, determining that the first application program does not have the authority of accessing the security chip.
7. The method according to any one of claims 2 to 6, wherein the secure chip is an embedded universal integrated circuit card, and the first application is a connection contract management server and the embedded universal integrated circuit card for configuring and managing the application.
8. The method of claim 1, wherein the target object is a subscription management server, the method further comprising:
acquiring a third verification parameter sent by the security chip;
verifying the security chip according to the third verification parameter;
wherein the second authentication parameter is sent to the subscription management server by the secure chip along with the third authentication parameter, and the secure chip obtains the second authentication parameter from the first application.
9. An access control apparatus, characterized in that the apparatus comprises:
the first acquisition module is used for acquiring a first verification parameter corresponding to the target object and a second verification parameter corresponding to the first application program;
the judging module is used for judging whether the first application program has the authority of accessing the target object by utilizing the first verification parameter and the second verification parameter;
the control module is used for allowing the first application program to access the target object when the first application program is judged to have the authority of accessing the target object, and otherwise, refusing the first application program to access the target object;
the first application program is an LPA (low power application) in the form of an application program, and the LPA is respectively connected with a signing management server and a security chip; the target object is the security chip or the signing management server.
10. The apparatus of claim 9, wherein the target object is a secure chip, the apparatus further comprising:
the detection module is used for detecting whether an application program requests to access the security chip;
the first obtaining module is specifically configured to: when it is detected that the first application program requests to access the security chip, a first verification parameter corresponding to the security chip and a second verification parameter corresponding to the first application program are obtained.
11. The apparatus according to claim 10, wherein the apparatus is used for an electronic device, and an application programming interface for interacting with the security chip is provided in the electronic device;
the detection module is specifically configured to: detecting the calling condition of the application programming interface, and determining whether an application program requests to access the security chip;
the control module is specifically configured to: and when the first application program is judged to have the authority of accessing the security chip, allowing the first application program to call the application programming interface to access the security chip, and if not, refusing the first application program to call the application programming interface to access the security chip.
12. The apparatus according to claim 10, wherein the first authentication parameter is a root certificate pre-stored in the security chip, and the second authentication parameter is a certificate to be authenticated provided by the first application.
13. The apparatus according to claim 12, wherein the root certificate pre-stored in the secure chip is provided by the secure chip during a boot process of an electronic device or when an authentication parameter acquisition request is received.
14. The apparatus according to claim 13, wherein the determining module specifically includes:
a first verification unit configured to verify whether the certificate to be verified is a certificate signed by the root certificate;
a second verification unit, configured to verify integrity of the first application program by using the certificate to be verified when the certificate to be verified is a certificate signed by the root certificate;
and the determining unit is used for determining that the first application program has the authority to access the security chip when the first application program is verified to be complete, and otherwise, determining that the first application program does not have the authority to access the security chip.
15. The apparatus according to any one of claims 10-14, wherein the security chip is an embedded universal integrated circuit card, and the first application is a connection contract management server and the embedded universal integrated circuit card for configuring an application for management.
16. The apparatus of claim 9, wherein the target object is a subscription management server, the apparatus further comprising:
the second acquisition module is used for acquiring a third verification parameter sent by the security chip;
the verification module is used for verifying the security chip according to the third verification parameter;
wherein the second authentication parameter is sent to the subscription management server by the secure chip along with the third authentication parameter, and the secure chip obtains the second authentication parameter from the first application.
17. An access control method, characterized in that the method comprises:
acquiring a verification parameter acquisition request sent by electronic equipment;
acquiring a first verification parameter corresponding to the security chip;
sending the first authentication parameter to the electronic equipment through an authentication parameter acquisition request response, so that the electronic equipment can judge whether a first application program has the authority to access the security chip by using the first authentication parameter and a second authentication parameter corresponding to the first application program when detecting that the first application program requests to access the security chip, and allow the first application program to access the security chip when the first application program has the authority to access the security chip, otherwise, refusing the first application program to access the security chip;
the first application program is an LPA in the form of an application program, and the LPA is respectively connected with a subscription management server and a security chip.
18. The method of claim 17, wherein the security chip is an embedded universal integrated circuit card, and the first application is a connection contract management server and the embedded universal integrated circuit card for configuring managed applications.
19. The method of claim 18, further comprising:
receiving the second verification parameter sent by the electronic equipment;
and sending the second verification parameters and third verification parameters used for verifying the embedded universal integrated circuit card to the signing management server, so that the signing management server can verify the first application program by using the second verification parameters and verify the embedded universal integrated circuit card by using the third verification parameters.
20. The method according to claim 17, wherein the first authentication parameter is a root certificate pre-stored in the security chip, and the second authentication parameter is a certificate to be authenticated provided by the first application.
21. An access control apparatus, characterized in that the apparatus comprises:
the third acquisition module is used for acquiring a verification parameter acquisition request sent by the electronic equipment;
the fourth obtaining module is used for obtaining a first verification parameter corresponding to the security chip;
a first sending module, configured to send a first authentication parameter to the electronic device through an authentication parameter acquisition request response, so that when detecting that a first application requests to access the secure chip, the electronic device can determine, by using the first authentication parameter and a second authentication parameter corresponding to the first application, whether the first application has an authority to access the secure chip, and when the first application has the authority to access the secure chip, allow the first application to access the secure chip, otherwise deny the first application from accessing the secure chip;
the first application program is an LPA in the form of an application program, and the LPA is respectively connected with a subscription management server and a security chip.
22. The apparatus of claim 21, wherein the security chip is an embedded universal integrated circuit card, and the first application is a connection contract management server and the embedded universal integrated circuit card for configuring managed applications.
23. The apparatus of claim 22, further comprising:
the receiving module is used for receiving the second verification parameters sent by the electronic equipment;
and the second sending module is used for sending the second verification parameters and third verification parameters used for verifying the embedded universal integrated circuit card to the signing management server, so that the signing management server can verify the first application program by using the second verification parameters and verify the embedded universal integrated circuit card by using the third verification parameters.
24. The access control device according to claim 21, wherein the first authentication parameter is a root certificate pre-stored in the security chip, and the second authentication parameter is a certificate to be authenticated provided by the first application.
25. An access control system, characterized in that the system comprises an electronic device and a security chip;
the electronic equipment is used for detecting whether an application program requests to access the security chip, acquiring a first authentication parameter corresponding to the security chip and a second authentication parameter corresponding to the first application program when detecting that the first application program requests to access the security chip, judging whether the first application program has the authority of accessing the security chip by using the first authentication parameter and the second authentication parameter, allowing the first application program to access the security chip when judging that the first application program has the authority of accessing the security chip, and otherwise refusing the first application program to access the security chip;
the security chip is used for acquiring a verification parameter acquisition request sent by the electronic equipment, acquiring a first verification parameter corresponding to the security chip, and sending the first verification parameter to the electronic equipment through a verification parameter acquisition request response;
the first application program is an LPA in the form of an application program, and the LPA is respectively connected with a subscription management server and a security chip.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610682386.8A CN107766717B (en) | 2016-08-17 | 2016-08-17 | Access control method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610682386.8A CN107766717B (en) | 2016-08-17 | 2016-08-17 | Access control method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107766717A CN107766717A (en) | 2018-03-06 |
| CN107766717B true CN107766717B (en) | 2020-04-14 |
Family
ID=61261390
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610682386.8A Active CN107766717B (en) | 2016-08-17 | 2016-08-17 | Access control method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107766717B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112733133B (en) * | 2019-10-14 | 2024-04-19 | 中国移动通信有限公司研究院 | Access control method, device and storage medium for embedded universal integrated circuit card |
| CN113746777B (en) * | 2020-05-27 | 2023-01-06 | 华为技术有限公司 | Method for safely accessing data and electronic equipment |
| CN113867826A (en) * | 2020-06-11 | 2021-12-31 | 深圳市文鼎创数据科技有限公司 | Extended package access control method and device, Java smart card and storage medium |
| US11537705B2 (en) * | 2020-10-27 | 2022-12-27 | Dell Products L.P. | Device access control system |
| CN113132990B (en) * | 2021-04-19 | 2022-09-16 | 东信和平科技股份有限公司 | Profile remote subscription method based on eSIM |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102118749A (en) * | 2009-12-30 | 2011-07-06 | 比亚迪股份有限公司 | Network access control device for mobile terminal and mobile terminal equipment |
| CN102625309A (en) * | 2012-01-18 | 2012-08-01 | 中兴通讯股份有限公司 | Access control method and device |
| CN104008352A (en) * | 2013-08-22 | 2014-08-27 | 中华电信股份有限公司 | Protection system and method with smart card device |
| CN104769983A (en) * | 2012-09-12 | 2015-07-08 | 苹果公司 | Methods and apparatus for managing data within a secure element |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| ATE527616T1 (en) * | 2004-12-23 | 2011-10-15 | Sap Ag | REVERSE DERIVATION OF ACCESS CONTROLS |
-
2016
- 2016-08-17 CN CN201610682386.8A patent/CN107766717B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102118749A (en) * | 2009-12-30 | 2011-07-06 | 比亚迪股份有限公司 | Network access control device for mobile terminal and mobile terminal equipment |
| CN102625309A (en) * | 2012-01-18 | 2012-08-01 | 中兴通讯股份有限公司 | Access control method and device |
| CN104769983A (en) * | 2012-09-12 | 2015-07-08 | 苹果公司 | Methods and apparatus for managing data within a secure element |
| CN104008352A (en) * | 2013-08-22 | 2014-08-27 | 中华电信股份有限公司 | Protection system and method with smart card device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107766717A (en) | 2018-03-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107766717B (en) | Access control method, device and system | |
| US10425818B2 (en) | Enforcing service policies in embedded UICCs | |
| US11349831B2 (en) | Technique for downloading a network access profile | |
| EP3485663B1 (en) | Remote provision of a subscriber entity | |
| CN104052775B (en) | Right management method, device and the system of a kind of cloud platform service | |
| US7594108B2 (en) | Operator root certificates | |
| EP3253020A1 (en) | A method and an apparatus for publishing assertions in a distributed database of a mobile telecommunication network | |
| WO2015081545A1 (en) | Security control method for euicc, and euicc | |
| US11057195B2 (en) | Method and system for providing security for the first time a mobile device makes contact with a device | |
| GB2454792A (en) | Controlling user access to multiple domains on a terminal using a removable storage means | |
| CN109196891B (en) | Method, terminal and server for managing subscription data set | |
| KR20190106739A (en) | Elevator service request and offline authentication of the elevator service request | |
| KR20160121775A (en) | THIRD PARTY'S SECURITY AUTHENTICATION SYSTEM BETWEEN MOBILE DEVICE AND IoT DEVICES AND METHOD THEREOF | |
| CN103874065A (en) | Method and device for judging user position abnormity | |
| CN105263193A (en) | WIFI connection method and system for mobile terminal | |
| CN105681258A (en) | Session method and session device based on third-party server | |
| CN104348616A (en) | Method for visiting terminal security component, device thereof and system thereof | |
| CN109561413B (en) | Bluetooth authentication and authorization method and system of BLE equipment | |
| CN110474945B (en) | Data downloading and managing method and terminal | |
| CN106576239B (en) | Method and device for managing content in security unit | |
| KR101119874B1 (en) | System and method for share certificate with a devices | |
| CN104469772A (en) | Website equipment authentication method and device and authentication system | |
| US11698994B2 (en) | Method for a first start-up operation of a secure element which is not fully customized | |
| CN106599619A (en) | Verification method and device | |
| CN107005409B (en) | Introduction of identity into secure element |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |