Embodiment
On smart card, create the applied business safety of files in order to improve, the embodiment of the invention provides the file creating method of the applied business on a kind of smart card, in this method, utilization is carried out application that initialized entity writes to smart card and is created applied business that key sends the outside and create instruction and authenticate, and just allows to create in smart card the applied business file when success; Otherwise refusal is created the applied business file in smart card.
Referring to Fig. 1, the applied business file creating method on the smart card that the embodiment of the invention provides specifically may further comprise the steps:
Step 10: receive the applied business that carries ciphertext and create instruction, described ciphertext is for creating the data message that obtains after related data is encrypted to using service scripts;
Step 11: read the application of preserving in the smart card and create key, utilize this application to create key described ciphertext is decrypted; It is by described smart card is carried out the key that initialized entity writes that key is created in described application;
Step 12: as if the successful decryption to described ciphertext, then the applied business document creation related data of utilizing deciphering to obtain is carried out the applied business file creation operation in described smart card; Otherwise refusal is carried out the applied business file creation operation in smart card.
In the step 11, can be when smart card be carried out initialization, will use and create key and write smart card by carrying out initialized entity, smart card is preserved the application that writes and is created key.Certainly, also can will use the establishment key and write smart card, and in smart card, preserve and use when creating key, and could utilize this application to create key and create the applied business file on other opportunitys.
Preferable, between step 10 and step 11, can the instruction summary info of using in the service creation instruction be authenticated, so that have only legal entity just can on intelligent cards, create the applied business file, and then stop unauthorized access, specific as follows:
At first, read applied business and create the instruction summary info that carries in the instruction, this instruction summary info is that the entity that sends applied business establishment instruction utilizes random number according to the data summarization computational algorithm, and the applied business that calculates is created the summary info of instruction; Here, the data summarization computational algorithm comprises ISO9797-1 algorithm, MD5 algorithm etc.Employed random number when the entity of transmission applied business establishment instruction can obtain the computations summary info by the following method: the transmission applied business is created the entity that instructs and is got the random number instruction to the smart card transmission; After smart card receives and gets the random number instruction, generate random number and this random number is returned to the entity that sends applied business establishment instruction, smart card is in inner this random number of preserving of card simultaneously.
Then, utilize the random number of preserving in data summarization computational algorithm and the smart card, the instruction summary info is authenticated; Concrete, utilize the random number of preserving in data summarization computational algorithm and the smart card, the summary info of computing application service creation instruction, then the summary info that calculates and applied business being created the summary info that carries in the instruction compares, if both unanimities, then determine authentication success to the instruction summary info, otherwise, this authentification failure.
After to instruction summary info authentication success, execution in step 11 again, promptly utilize the application of reading to create key ciphertext is decrypted.
Preferable, between step 11 and step 12, can the data that obtain after the deciphering be authenticated, specific as follows: as to judge whether the applied business document creation related data that deciphering obtains meets predefined applied business document creation rule; If then the applied business document creation related data that obtains according to deciphering is carried out applied business document creation associative operation in smart card, otherwise refusal is carried out applied business document creation associative operation in smart card.
Here, applied business document creation related data comprise any with create the relevant data of applied business file, for example, need be master data information of the storage size of applied business file allocation to be created, the applied business file to be created that need write etc.
Judge whether the applied business document creation related data that deciphering obtains meets predefined applied business document creation rule, can be judge comprise in the applied business document creation related data need be the storage size of applied business file allocation to be created, whether be not more than the free memory in the current smart card, if, then applied business document creation related data meets predefined applied business document creation rule, otherwise applied business document creation related data does not meet predefined applied business document creation rule.Again for example, judge the applied business file data form that comprises in the applied business document creation related data, whether meet the data layout that smart card is supported, if, then applied business document creation related data meets predefined applied business document creation rule, otherwise applied business document creation related data does not meet predefined applied business document creation rule.
In the step 12, in smart card, carry out after the applied business file creation operation, can manage attended operation the applied business file of having created, specific as follows:
At first, the transmission applied business is created the entity that instructs and write the applied business managing keys in smart card;
Then, receive the outside applied business supervisory instruction of sending of carrying ciphertext, the data message of this ciphertext for obtaining after application service management related data is encrypted;
Then, read the applied business managing keys of preserving in the smart card, utilize this applied business managing keys that the ciphertext of using in the service scripts supervisory instruction is decrypted; The ciphertext of using in the service management instruction is decrypted;
At last, when successful decryption, the applied business managing related data that utilizes deciphering to obtain is carried out the applied business management associative operation of this applied business supervisory instruction correspondence in smart card; Otherwise refusal is carried out applied business management associative operation in smart card.
Here, the management maintenance operation that the applied business file of having created is carried out can be that this applied business file is locked, and promptly forbids any operation to this applied business file.The corresponding applied business supervisory instruction of this management maintenance operation is: the locking application instruction; Corresponding applied business managing keys is: use the locking key; Corresponding applied business managing related data is: the identification information of applied business file; Corresponding applied business management associative operation is: the described applied business file in the smart card is locked;
The management maintenance operation that the applied business file of having created is carried out can also be that locked applied business file is carried out release, promptly removes the lock operation to this applied business file.The corresponding applied business supervisory instruction of this management maintenance operation is: the release application instruction; Corresponding applied business managing keys is: use Personal Unlocking Key; Corresponding applied business managing related data is: the identification information of applied business file; Corresponding applied business management associative operation is: locked described applied business file in the smart card is carried out release;
The management maintenance operation that the applied business file of having created is carried out can also be this applied business file of deletion in smart card.The corresponding applied business supervisory instruction of this management maintenance operation is: the deletion application instruction; Corresponding applied business managing keys is: use the deletion key; Corresponding applied business managing related data is: the identification information of applied business file; Corresponding applied business management associative operation is: the described applied business file in the smart card is deleted;
The management maintenance operation that the applied business file of having created is carried out can also be that the data of this applied business file are carried out read-write operation.The corresponding applied business supervisory instruction of this management maintenance operation is: the application data read write command; Corresponding with the service management key is: use master control key; Corresponding applied business managing related data is: the address information of data to be read or data to be written; Corresponding applied business management associative operation is: read the applied business file data of described address information correspondence or write described data to be written to smart card from smart card;
The management maintenance operation that the applied business file of having created is carried out can also be the key of preserving in the deletion smart card.The corresponding applied business supervisory instruction of this management maintenance operation is: the key delete instruction; Corresponding applied business managing keys is: the deletion key; Corresponding applied business managing related data is: key to be deleted; Corresponding applied business management associative operation is: deletion key described to be deleted in smart card;
The management maintenance operation that the applied business file of having created is carried out can also be to revise the key of preserving in the smart card.The corresponding applied business supervisory instruction of this management maintenance operation is: the key modify instruction; Corresponding applied business managing keys is: revise key; Corresponding applied business managing related data is: wait to revise key and new key; Corresponding applied business management associative operation is: the key described to be revised in the smart card is revised as described new key.
Among the present invention, after smart card was carried out initialization, this smart card is carried out initialized entity can also itself manage attended operation to the smart card card, specific as follows:
At first, smart card is carried out initialized entity and in smart card, write the card management key;
Then, receive the outside card management instruction of carrying ciphertext of sending, the data message of this ciphertext for obtaining after the card management related data is encrypted;
Then, read the card management key of preserving in the smart card, utilize this card management key that the ciphertext in the card management instruction is decrypted;
At last, if successful decryption, then the card management related data of utilizing deciphering to obtain is carried out the corresponding card management associative operation of this card management instruction in smart card; Otherwise refusal is execute card management associative operation in smart card.
Here, the management maintenance operation that the smart card card is carried out itself can be that smart card is locked, and promptly forbids any operation to smart card.Corresponding card management instruction is: the instruction of locking card; Corresponding card management key is: card locking key; Corresponding card management related data is empty; Corresponding card management associative operation is: smart card is locked;
The management maintenance operation that the smart card card is carried out itself can also be that locked smart card is carried out release, promptly removes the locking to smart card.The corresponding card management instruction of this management maintenance operation is: the card unlock command; Corresponding card management key is the card Personal Unlocking Key; Corresponding card management related data is empty; Corresponding card management associative operation is: the described smart card that has locked is carried out release;
The management maintenance operation that the smart card card is carried out itself can also be that the applied business file in the smart card is locked, and promptly forbids any operation to this applied business file.The corresponding card management instruction of this management maintenance operation is: the locking application instruction; Corresponding card management key is: use the locking key; Corresponding card management related data is: the identification information of applied business file; Corresponding card management associative operation is: the described applied business file in the smart card is locked;
The management maintenance operation that the smart card card is carried out itself can also be that locked applied business file in the smart card is carried out release, promptly removes the lock operation to this applied business file.The corresponding card management instruction of this management maintenance operation is: the release application instruction; Corresponding card management key is: use Personal Unlocking Key; Corresponding card management related data is: the identification information of applied business file; Corresponding card management associative operation is: locked described applied business file in the smart card is carried out release;
The management maintenance operation that the smart card card is carried out itself can also be the key of preserving in the deletion smart card.The corresponding card management instruction of this management maintenance operation is: the key delete instruction; Corresponding card management key is: the deletion key; Corresponding card management related data is: key to be deleted; Corresponding card management associative operation is: deletion key described to be deleted in smart card;
The management maintenance operation that the smart card card is carried out itself can also be to revise the key of preserving in the smart card.The corresponding card management instruction of this management maintenance operation is: the key modify instruction; Corresponding card management key is: revise key; Corresponding card management related data is: wait to revise key and new key; Corresponding card management associative operation is: the key described to be revised in the smart card is revised as described new key.
In the step 12, the applied business file creation operation is meant and creates the relevant any operation of applied business file in smart card, this operation be included in the smart card for applied business file allocation storage space, set up this applied business file use the file storage structure, write applied business file master data information etc.
Preferable, for the purpose of secret key safety, step 11 is behind the successful decryption to ciphertext, and the entity that sends applied business establishment instruction can be revised applied business establishment key.Concrete, the entity that sends applied business establishment instruction sends to use to smart card creates the key modify instruction, after smart card receives this application establishment key modify instruction, create the key modify instruction according to this application the application establishment key of preserving in the smart card is made amendment, for example will use the establishment key and be revised as the new key of carrying in the application establishment key modify instruction.
Among the present invention, smart card is carried out initialized entity can be identical or different with the entity that sends applied business establishment instruction.At the entity that smart card is carried out initialized entity and transmission applied business establishment instruction not simultaneously, among the present invention these two entities have been distributed different smart card management maintenance authorities, avoided existing smart card operation to safeguard that authority concentrates on card issuer one side, and causing the classified papers of applied business and data to be easy to be revealed, security is subjected to the problem of very big threat.
Below the present invention is specifically described:
The preconditions that coexist as the single deck tape-recorder sheet of using are that these application operation entities must have relevant agreement more.If certain is used the attempt of operation entity the application of oneself is installed, must obtain the permission of this hair fastener entity on the card of certain hair fastener issuing entity.This permission form can be various, most crucial is hair fastener entity in to certain operation entity permission, the applied business establishment key that need provide this applications to run entity-specific.Use the operation entity this key is authenticated, come authentication, prove that this card is the card after the hair fastener issuing entity, and be not subjected to other attacks the hair fastener entity with this.
Below in conjunction with each figure whole mechanism is described.For convenience of description, special as follows to following glossary explanation:
The hair fastener entity: the entity of distribution intelligent cards, its safety to card is responsible, and guarantees the independent safety of each applied business file.
Use the operation entity: on card, set up the applied business file, and the applied business file of setting up is managed maintenance.
Applied business is created key: be the key that uses when creating the applied business file on smart card.
Master control key: be divided into the card master control key and use master control key.The card master control key is used for intelligent cards is carried out initialization.Using master control key is used for carrying out initialization to using service scripts.
In the realization of smart card operating system (COS), must guarantee the secret and the safety of the applied business file of each operation entity.Therefore, the power to each side in the system limits and controls.
The all power that has comprised the hair fastener entity in the table 1:
Power |
The control key type |
Explanation |
The locking card |
01 |
Effective under MF. |
The release card |
02 |
Effective under MF. |
Locking is used |
03 |
Effective under MF.Back application operator is used in locking can not release. |
Release is used |
04 |
Effective under MF. |
The initialization card |
05 (card master control key) |
Effective under MF.The mode that adopts the card master control key to carry out external authentication.When there not being when application in the card, can wipe card.Under MF, set up basic card EF file and key file, do not use but do not allow to set up.Can in the key file under the MF, add various keys, comprise and set up the key of using, the key of locking card, the key of release card, the key that locking is used, the key that release is used. |
The deletion card key |
|
Effective under MF.Type and ID according to key have authenticated this |
|
|
Just can delete this key behind the key. |
Revise card key |
|
Effective under MF.According to the type and the ID of key, just can revise this key after having authenticated this key. |
Table 1
Wherein, card issuer is not created the power of applied business file and deletion applied business file.If certain hair fastener entity is again to use the operation entity, then this hair fastener entity can remove to create the applied business file according to the relevant power of using the operation entity.All power are all controlled by key, are realized by different instructions.When key authentication is incorrect, do not carry out corresponding instruction.But each key all has number of attempt, to avoid attempting attack.
The hair fastener entity has the power of locking card, and operator does not have this authority.The power of locking card shows the power that the hair fastener entity has pair card to abrogate.Whether this power is limited should use the cooperation agreement decision of operation entities by hair fastener entity and other.
The power that the hair fastener entity has pair card to carry out release, the operation entity does not have this power.Because have only the hair fastener entity that the power of locking card is arranged, therefore, the hair fastener entity also has the power of release card.
The power that the hair fastener entity has the application on pair card to lock, this is the administration authority of hair fastener entity necessity.Because in the operation process, be to face the user by the hair fastener entity, if the applied business file of non-hair fastener entity operation goes wrong, the hair fastener entity can in time lock this applied business file of makeing mistakes, and with collaborative the dealing with problems of this application operation entity.The operation entity can't release by the entity locked applied business file of hair fastener, the release of this applied business file must be by the hair fastener entity handles.
The hair fastener entity has the power that its previous applied business file that locks is carried out release.If certain applied business file is entity locked by hair fastener, then the operation entity of this applied business file does not have the power of this application of release.
The hair fastener entity has pair card to carry out initialized power, and he can set up the basic document under the MF, does not allow to set up the applied business file.Set up the applied business file if desired, then need to authenticate the power that it sets up the applied business file.When initialization, the hair fastener entity can be set up key file at this, except the card management key, also has applied business to create key in this key file.These applied business are created key and are used when creating the applied business file by using the operation entity.
The hair fastener entity has the deletion key and revises the power of key.The realization of this power is controlled by key itself.
Using the operation entity has the application to oneself to control power completely.Listed all power of using the operation entity in the table 2:
Power |
The control key type |
Explanation |
Locking is used |
|
Effective under current application.Other operators of back are used in locking can not release, and card issuer can not release.Key Tpe is determined by operator. |
Release is used |
|
Effective under current application.Key Tpe is determined by operator. |
Deletion is used |
|
Effective under current application.Key Tpe is determined by operator. |
Create and use |
06 |
Effective under MF.This key is write by card issuer in the key file under the MF.After operator carries out external authentication to this key, on card, set up the application of oneself. |
Power |
The control key type |
Explanation |
Application is operated |
07 (application master control key) |
Effective under current application.When being applied as sky, can set up file arbitrarily, and reading and writing of files.When application is not sky, need successfully carry out external authentication to master control key, then could reading and writing of files. |
The deletion card key |
|
Effective under MF.When authenticated wait to delete key after, just can successfully delete this key. |
Revise card key |
|
Effective under MF.According to the type and the ID of key, just can revise this key after having authenticated this key. |
Table 2
Wherein, use the operation entity power of creating the applied business file is arranged.This power is provided by the hair fastener entity.The hair fastener entity writes some applied business and creates key behind the initialization card in the key file under the MF, and these applied business is created key notify specific application operation entity in a kind of mode of secret.Use the operation entity and on the initialized card of hair fastener entity, set up the applied business file of oneself.
The operation entity has the power that oneself applied business file is locked, and this locking can only be runed entity by this and carried out release.Other use the operation entity does not have this power, and the hair fastener entity does not have this power yet.
The operation entity has the power that the own previous applied business file that locks is carried out release.Other use the operation entity does not have this power.
Using the operation entity has file and confidential data under the own application is controlled power completely, comprises reading and writing, change etc.Other use the operation entity does not have this power.This power is controlled by using master control key.
Use the power that the operation entity does not carry out any operation to other application.
For guaranteeing to use the safety of operation entity, the hair fastener entity does not have the power of deletion to the applied business file on the card.The deletion of applied business file must be deleted by the application operation entity of correspondence.
The hair fastener entity is not to using the power that the entity locked applied business file of operation carries out release.Application operation entity locks its applied business file and shows that its discovery external world attacks its application, at this moment must lock this applied business file, with confidential data and the file leakage of avoiding the applied business file.
Here relate to a risk problem.If the hair fastener entity can be deleted certain application or carry out release to using the entity locked application of operation, then it can utilize this point to come this application is attacked.
Such as, the hair fastener entity can be set up the applied business file of a forgery on card, be used for this application operation entity is attacked.The applied business file is to identify by the sign of applied business file (AID), and the hair fastener entity can be forged this AID, attempts the various keys under this applied business file then, and this application operation entity can't stop this attack.Because when using the operation entity this applied business file is locked, the hair fastener entity can be to this applied business file unlock or deletion, thereby can this attack of repeated attempt.Therefore, in COS, if the locking implementer of applied business file is for using the operation entity, then its release must be undertaken by using the operation entity.If the locking implementer of this applied business file is the hair fastener entity, then the release of applied business file must be undertaken by the hair fastener entity.When application operation entity is found attack is arranged, it locks using service scripts, at this moment have only him can carry out release to this applied business file by oneself, can effectively prevent to attack, this confidential data and file that has guaranteed the applied business file on the card can not revealed.
Power control by above can prevent the unauthorized access of hair fastener entity to other applied business files on the card, thereby guarantees the secret and the safety of the applied business file data of each operation entity.
Below in conjunction with accompanying drawing 2 flow process that realizes following power is described.These power comprise: the card locking, and locking is used in the card release, uses release, and the deletion key is revised key.
Step S01: terminal sends to intelligent cards and gets the random number instruction.
Step S02: intelligent cards generates random number, and this random number is carried in the random number response returns to terminal, and in inner this random number of preserving of intelligent cards.
Step S03: terminal is according to the power that will exercise, determine the instruction type of transmission, and adopt corresponding key, particular data is encrypted obtained ciphertext, and the random number of using intelligent cards to return, calculate the instruction summary info of the corresponding instruction of determining of instruction type.
Step S04: terminal sends the instruction of carrying instruction summary info and ciphertext to intelligent cards.
Step S05: after intelligent cards receives instruction, determine that according to the instruction type of this instruction terminal wants the power type of exercise of a power.
Step S06: smart card is searched the key of the power type correspondence of determining of preserving in the card.
Step S07: determine whether key is effective, but judge promptly whether the number of attempt of this key is 0; If, then return error code, withdraw from this flow process; If not, then arrive next step.
Step S08: according to the random number of preserving in the intelligent cards instruction summary info in the instruction is authenticated, if authentication success then arrives next step; Otherwise, but the number of attempt of key is subtracted 1, and return error code, withdraw from this flow process.
Step S09: the ciphertext in the instruction is decrypted, obtains the plaintext of particular data.Levy expressly recognizing.
Step S10: after the plaintext authentication success, the associative operation that execution command is corresponding.
Step S11: after instruction runs succeeded or fails, return corresponding status code, be somebody's turn to do the executing state of instruction with the notice terminal to terminal.
Different instructions is distinguished according to the P1P2 sign indicating number.Because the effect difference of each instruction, its particular data are also different, and following description is arranged in table 3:
Instruction |
P1 |
P2 |
Particular data |
Remarks |
The card locking |
FF |
01 |
Empty |
|
The card release |
FF |
02 |
Empty |
|
Use locking |
FF/00 |
03 |
Applied business file AID |
In current catalogue, search corresponding key.The FF sign is a card issuer, and 00 sign is used operator. |
Use release |
FF/00 |
04 |
Applied business file AID |
In current catalogue, search corresponding key.The FF sign is a card issuer, and 00 sign is used operator. |
Instruction |
??P1 |
??P2 |
Particular data |
Remarks |
The deletion key |
??XX |
??YY |
Key itself |
XX is a Key Tpe, and YY is a key ID, and XX is not FF and 00 |
Revise close |
??XX |
??YY |
Key+Xinmi City itself |
XX is a Key Tpe, and YY is a key ID, and XX is not FF |
Key |
|
|
Key |
With 00 |
The hair fastener entity is carrying out initialization, is using operation entity set-up applied business file and when using service scripts and operate to intelligent cards, need carry out external authentication, its key is respectively the card master control key, and applied business is created key and used master control key.
Below in conjunction with Fig. 3 and Fig. 4 the state variation of intelligent cards and the state variation of applied business file are described.
As shown in Figure 3, when the hair fastener entity when card is produced entity and is obtained card, card mode is a no initializtion.At this moment, have only card to produce key file and card master control key that entity is provided with in the card.At this moment, the hair fastener entity can carry out initialization to card.After initialization was finished, card entered normal condition.When hair fastener entity success card is locked, card enters locked state.Under blocked state, the success of hair fastener entity card is carried out release the time, card enters normal condition.
When the locked state of card, can not carry out any instruction relevant with application, can only the relevant instruction of execute card release.
As shown in Figure 4, after the hair fastener entity is finished initialization to card, use this moment and also do not exist.Use the operation entity and create key, carry out initialization using service scripts according to the applied business that the hair fastener entity provides.After the applied business file was set up, the applied business file entered normal condition.When the application entity success when using service scripts and lock, the applied business file enters the entity locked state of operation that is employed, after this, use the success of operation entity to after using service scripts and carrying out release, the applied business file enters normal condition.Equally, the applied business file entered by the entity locked state of hair fastener after the hair fastener entity locked successfully to the application service scripts, and the hair fastener entity enters normal condition to applied business file after using the service scripts release.
Below in conjunction with Fig. 5 A and Fig. 5 B the hair fastener process is described.
Shown in Fig. 5 A, the hair fastener process of hair fastener entity is as follows.
Step S11: hair fastener entity authentication card is produced the card master control key that entity writes, if authentification failure then withdraws from this flow process; Otherwise, to next step;
Step S12: wipe card, set up basic file structure, and in the cryptograph files under the MF, write applied business establishment key.
At this moment, hair fastener entity hair fastener success.
If certain uses the operation entity and the hair fastener entity has cooperation, then the hair fastener entity provides an applied business to create key and runs entity to this, and the card that the hair fastener entity has successfully been issued is offered this application operation entity.
It is as follows to use operation entity hair fastener process.
Step S21: the applied business that authentication hair fastener entity provides is created key, if authentification failure then withdraws from the hair fastener flow process; Otherwise, to next step;
Step S22: revise applied business and create key, this is for the sake of security.After the modification, the hair fastener entity will can not be known the value of this applied business establishment key.
Step S23: the file structure of creating the applied business file.
Step S24: the key that the hair fastener entity provides under the deletion MF.This is for the sake of security, prevents to be attacked.
So far, use the success of operation entity hair fastener.
Like this, as long as the hair fastener entity provides applied business to create key, each operation entity just can be set up the applied business file of oneself independently, is no longer dependent on the hair fastener entity.Except this operation entity, other each side all can't be applied any file and confidential data in the service scripts.Can increase the mutual trust between each operation entity like this.
Referring to Fig. 6, the embodiment of the invention also provides a kind of smart card, and this smart card comprises:
Key is preserved unit 60, is used to store by this smart card being carried out the application establishment key that initialized entity writes;
Use and create command reception unit 61, be used to receive the applied business that carries ciphertext and create instruction, described ciphertext is for creating the data message that obtains after related data is encrypted to using service scripts;
Ciphertext authentication ' unit 62 is used to read described application and creates key, utilizes this application to create key described ciphertext is decrypted;
Use creating unit 63, be used for during to the successful decryption of described ciphertext, in described smart card, creating the applied business file according to the applied business document creation related data that deciphering obtains in described instruction authentication ' unit; When described instruction authentication ' unit was failed to the deciphering of described ciphertext, refusal was created the applied business file in smart card.
This smart card also comprises:
Instruction authentication ' unit 64 is used for reading described applied business and creates the instruction summary info that instruction is carried, and this instruction summary info is to utilize random number to create the summary info that instructs according to the described applied business that the data summarization computational algorithm calculates; Utilize the random number of preserving in data summarization computational algorithm and the described smart card that described instruction summary info is authenticated;
Described ciphertext authentication ' unit 62 is used for:
, utilize this application to create key described ciphertext is decrypted during in described instruction authentication ' unit the authentication success of described instruction summary info.
This smart card also comprises:
Plaintext authentication unit 65 is used to judge whether the applied business document creation related data that described deciphering obtains meets predefined applied business document creation rule;
Described application creating unit 63 is used for:
When the applied business document creation related data that obtains in the described deciphering of described plaintext authentication unit judges met described applied business document creation rule, the applied business document creation related data of utilizing deciphering to obtain was created the applied business file in described smart card.
This smart card also comprises:
Application management unit 66 is used to receive the applied business supervisory instruction of carrying ciphertext, the data message of described ciphertext for obtaining after application service management related data is encrypted; Read the described applied business of the transmission of preserving in the described smart card and create the applied business managing keys that the entity of instruction writes, utilize this applied business managing keys that the ciphertext in the described applied business supervisory instruction is decrypted; If successful decryption, then the applied business managing related data that utilizes deciphering to obtain is carried out the applied business management associative operation of described applied business supervisory instruction correspondence in described smart card; Otherwise refusal is carried out applied business management associative operation in smart card.
Described applied business supervisory instruction is: the locking application instruction; Described applied business managing keys is: use the locking key; Described applied business managing related data is: the identification information of applied business file; Described applied business management associative operation is: the described applied business file in the described smart card is locked; Perhaps,
Described applied business supervisory instruction is: the release application instruction; Described applied business managing keys is: use Personal Unlocking Key; Described applied business managing related data is: the identification information of applied business file; Described applied business management associative operation is: locked described applied business file in the described smart card is carried out release; Perhaps,
Described applied business supervisory instruction is: the deletion application instruction; Described applied business managing keys is: use the deletion key; Described applied business managing related data is: the identification information of applied business file; Described applied business management associative operation is: the described applied business file in the described smart card is deleted; Perhaps,
Described applied business supervisory instruction is: the application data read write command; Described applied business managing keys is: use master control key; Described applied business managing related data is: the address information of data to be read or data to be written; Described applied business management associative operation is: read the applied business file data of described address information correspondence or write described data to be written to described smart card from described smart card; Perhaps,
Described applied business supervisory instruction is: the key delete instruction; Described applied business managing keys is: the deletion key; Described applied business managing related data is: key to be deleted; Described applied business management associative operation is: deletion key described to be deleted in described smart card; Perhaps,
Described applied business supervisory instruction is: the key modify instruction; Described applied business managing keys is: revise key; Described applied business managing related data is: wait to revise key and new key; Described applied business management associative operation is: the key described to be revised in the described smart card is revised as described new key.
This smart card also comprises:
Card management unit 67 is used to receive the card management instruction of carrying ciphertext, the data message of described ciphertext for obtaining after the card management related data is encrypted; Read preserve in the smart card described smart card is carried out the card management key that initialized entity writes, utilize this card management key that the ciphertext in the described card management instruction is decrypted; If successful decryption, then the card management related data of utilizing deciphering to obtain is carried out the corresponding card management associative operation of described card management instruction in described smart card; Otherwise refusal is execute card management associative operation in smart card.
Described card management instruction is: the instruction of locking card; Described card management key is: card locking key; Described card management related data is empty; Described card management associative operation is: described smart card is locked; Perhaps,
Described card management instruction is: the card unlock command; Described card management key is the card Personal Unlocking Key; Described card management related data is empty; Described card management associative operation is: the described smart card that has locked is carried out release; Perhaps,
Described card management instruction is: the locking application instruction; Described card management key is: use the locking key; Described card management related data is: the identification information of applied business file; Described card management associative operation is: the described applied business file in the described smart card is locked; Perhaps,
Described card management instruction is: the release application instruction; Described card management key is: use Personal Unlocking Key; Described card management related data is: the identification information of applied business file; Described card management associative operation is: locked described applied business file in the described smart card is carried out release; Perhaps,
Described card management instruction is: the key delete instruction; Described card management key is: the deletion key; Described card management related data is: key to be deleted; Described card management associative operation is: deletion key described to be deleted in described smart card; Perhaps,
Described card management instruction is: the key modify instruction; Described card management key is: revise key; Described card management related data is: wait to revise key and new key; Described card management associative operation is: the key described to be revised in the described smart card is revised as described new key.
This smart card also comprises:
Key is revised unit 68, be used to receive send described applied business and create application that the entity of instruction sends and create the key modify instruction after, described key is preserved the application of preserving the unit creates key and make amendment.
Need to prove that among the present invention smart card being carried out initialized entity can be hair fastener entity (card issuer), the entity that sends applied business establishment instruction can be to use operation entity (using operator).And the application among the present invention is created key and can promptly all be preserved one at each applied business file to be created in smart card and use the establishment key for a plurality of.
To sum up, beneficial effect of the present invention comprises:
In the scheme that the embodiment of the invention provides, carry the applied business establishment instruction of ciphertext in reception after, read preserve in the smart card create key by this smart card being carried out the application that initialized entity writes, utilizing this application to create key is decrypted the ciphertext of using in the service creation instruction, if successful decryption is then carried out the applied business file creation operation in smart card; Otherwise refusal is carried out the applied business file creation operation in smart card.As seen, create key to using the legal authentication of service creation instruction carrying out by utilizing the application of preserving in the smart card, and ability is created the applied business file in smart card when authentication is passed through, refusal is created the applied business file during authentification failure in smart card, can stop illegal entity in smart card, to create the applied business file, in smart card, create the applied business safety of files thereby improve effectively.
Simultaneously, among the present invention for smart card being carried out initialized entity and in smart card, creating the entity of applied business file, the equilibrium of having carried out smart card management maintenance power distributes, make that smart card is carried out initialized entity has different management maintenance authorities with the entity of creating the applied business file in smart card to smart card, avoided existing smart card operation to safeguard that authority concentrates on card issuer one side, and causing the classified papers of applied business file and data to be easy to be revealed, security is subjected to the problem of very big threat.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.