CN101950342A - Device and method for managing access control permission of integrated circuit card - Google Patents
Device and method for managing access control permission of integrated circuit card Download PDFInfo
- Publication number
- CN101950342A CN101950342A CN2010102905452A CN201010290545A CN101950342A CN 101950342 A CN101950342 A CN 101950342A CN 2010102905452 A CN2010102905452 A CN 2010102905452A CN 201010290545 A CN201010290545 A CN 201010290545A CN 101950342 A CN101950342 A CN 101950342A
- Authority
- CN
- China
- Prior art keywords
- integrated circuit
- circuit card
- safe condition
- authentication
- write equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a device for managing the access control permission of an integrated circuit card. The device comprises an authentication verification module (10), a safe sate assignment module (20), a safe state registering module (30), and a control module (40), wherein the authentication verification module (10) is used for identifying external read-write equipment and /or verifying the access validity of a user; the safe sate assignment module (20) is used for assigning the safe state of the catalogue of the integrated circuit card to be the corresponding safe state of the external read-write equipment which passed authentication or the user who passed the verification; the safe state registering module (30) is used for registering the safe state assigned by the safe sate assignment module (20); and the control module (40) is used for intersecting the safe state and the safety attribute of the file under the catalogue and determining the operation allowed to be performed on the file according to an intersection result. The invention also provides a method for managing the access control permission of the integrated circuit card for realizing the flexible and complete access control permission of the integrated circuit card.
Description
Technical field
The present invention relates to a kind of management devices and method of access control right, be meant a kind of management devices and method of integrated circuit card control authority especially.
Background technology
Smart card is called IC-card (Integrated Circuit Card), i.e. integrated circuit card again.Integrated central processing unit, storer and chip operating system (COS, ChipOperating System) constituted a complete computer system in some IC-card, have independently data processing function, so security strengthens greatly.COS is based upon on the hardware such as central processing unit, storer, is managing chip resource and the safe and secret operating system of realization.Its major function is: control IC-card and extraneous message exchange, and the storer in the management IC-card, and in the inner processing of finishing various command of card.
Because IC-card generally stores important information, therefore a cover is complete, access control right is absolutely necessary for IC-card flexibly.
Summary of the invention
In view of this, fundamental purpose of the present invention is to provide a kind of management devices and method of integrated circuit card access control right, to realize that integrated circuit card has flexible, complete access control right.
The management devices of a kind of integrated circuit card access control right provided by the invention comprises:
Safe condition designated module 20, the safe condition that is used to specify the integrated circuit card catalogue are by the exterior read-write equipment of authentication or by the pairing safe condition of the user of verification;
Safe condition is deposited module 30, is used to deposit the safe condition by 20 appointments of safe condition designated module;
The present invention also provides a kind of management method of integrated circuit card access control right, comprises step:
A, authentication exterior read-write equipment and/or verified users;
The safe condition of B, appointment integrated circuit card catalogue is by the exterior read-write equipment of authentication or by the pairing safe condition of the user of verification;
C, deposit described integrated circuit be stuck in obtained under the current application, by the safe condition of step B appointment;
D, according to the common factor of the security attribute of file under the set of above-mentioned directory security state and this catalogue, determine to allow the operation carried out for this document.
Said method is characterized in that, described steps A comprises following substep:
Whether A1, judgement authentication exterior read-write equipment and/or verified users are passed through: if enter described step B after then authentication check error count number of times being resetted; Otherwise, enter steps A 2;
A2, judge whether the multiplicity of this authentication or verification reaches stipulated number: if then lock integrated circuit card and finish; Otherwise, return steps A.
Said method is characterized in that, the step of described authentication exterior read-write equipment comprises:
Exterior read-write equipment sends to integrated circuit card after use specifies key with described random number encryption then and carries out the external authentication order to one group of random number of integrated circuit card application;
Whether the random number after integrated circuit card uses the external authentication key with described encryption is decrypted, and then the result is compared with its previous random number that produces, confirm that exterior read-write equipment authenticates and pass through according to whether comparative result is consistent.
Said method is characterized in that, the step of described verified users comprises:
Integrated circuit card receives user's PIN (Personal Identification Number), and this PIN (Personal Identification Number) and the PIN (Personal Identification Number) of being stored are compared, and whether whether the consistent user's of affirmation verification is passed through according to comparative result.
Said method is characterized in that, the set of the described directory security state of step D comprises the upper limit value and lower limit value of the level of security byte of described exterior read-write equipment appointment key.
Said method is characterized in that, the security attribute of the described file of step D is the set that comprises the upper limit value and lower limit value of described file security level interval.
As seen from the above, the present invention can make integrated circuit card have flexible, complete access control right.
Description of drawings
Fig. 1 is the hierarchical chart of common integrated circuit card file system;
Fig. 2 is the management devices structural drawing of integrated circuit card access control right of the present invention;
Fig. 3 is the method flow diagram of integrated circuit card access control right of the present invention.
Embodiment
Be example with integrated circuit card (IC-card) below, introduce the management devices of a kind of integrated circuit card access control right provided by the invention in conjunction with Fig. 1-Fig. 3 in detail.
For the ease of understanding the safe access control mechanism of chip operating system (COS, Chip Operating System), at first introduce the file system of COS.File system is the basic module of COS, and it is responsible for organizing, manage, safeguarding all data of IC-card stored.The hierarchical structure of COS file system comprises master control file (MF, Master File), private file (DF, Dedicated File) and basic document (EF, Elementary File) as shown in Figure 1.
The master control file is the root of whole file system, and it is unique and necessary the existence in IC-card.The master control file build on IC-card personalization process (IC-card individualized be according to the needs of using to the operation that IC-card carried out, for example, create and use needed file structure etc.) in, in the whole life of IC-card, exist always and remain valid.The master control file comprises information such as document control parameter and file security attribute.
Private file is a kind of file (can be considered catalogue) of setting up at different application under the master control file, and it has stored the total data and the secure data relevant with application operating of different application.By the foundation operation of the security attribute control of setting up file under the master control file to private file.Under private file, can set up child-DF or set up basic document.Each private file is separate and non-interfering.The operation that data under the private file are carried out is subjected to the control of the security mechanism of current C OS.
Basic document are used to store various data and the management information relevant with application, and it is positioned under described master control file or the private file.On memory contents, basic document can be divided into two classes: inner basic document and work basic document.Wherein:
Inner basic document mainly comprise and are used for User Recognition and the private data (PIN (Personal Identification Number), key etc.) relevant with data encryption, and IC-card utilizes these data to carry out the safety management of application data.Can only set up inner basic document under each master control file and private file, the content of inner basic document can not be read and write, but can use special instruction to write and revise.PKI file in its key file can be read and write by binary order, and private key file can only be made amendment by binary order.
The work basic document have comprised the applied real data of IC-card, when having the certain operations authority of work basic document (read, modification etc.), can operate its content.The quantity and the size of work basic document are subjected to the restriction in the space that master control file or private file had.
The definition of basic document head is referring to table 1.
Table 1 basic document head
Below the present invention is described in detail.As shown in Figure 2, the management devices of a kind of integrated circuit card operating system access control authority provided by the invention comprises authentication check module 10, and the safe condition rank is assert module 20, and safe condition is deposited module 30 and control module 40.Wherein:
When exterior read-write equipment need be visited integrated circuit card, the legitimacy of the external portion of integrated circuit calorie requirement read-write equipment authenticated.Specific implementation is to use symmetric encipherment algorithm (3DES, SSF33 etc.) that a random number is carried out cryptographic calculation simultaneously by exterior read-write equipment and integrated circuit card, judge the consistance of both sides' operation result then or pass through a side to random number encryption, the opposing party is decrypted the purpose that reaches authentication.
When the user need operate integrated circuit card, the integrated circuit calorie requirement carried out verification to this user's legitimacy, to reduce the possibility of being falsely used by the disabled user.Specific implementation is to show its PIN (Personal Identification Number) by the user to integrated circuit card, by integrated circuit card with this PIN (Personal Identification Number) with leave the judgement of comparing of its inner PIN (Personal Identification Number) in, and then reach the purpose of verification.
The safe condition that safe condition designated module 20 is used to specify integrated circuit card is by the exterior read-write equipment of authentication or by the pairing safe condition of the user of verification.
In general, from the master control catalogue (DDF) of integrated circuit card to current application catalogue (ADF), each TOC level (for example all has 16 kinds of safe conditions, state 0, state 1...... state 15), different safe conditions is corresponding with different exterior read-write equipments or user's (specifying key or PIN (Personal Identification Number)).After described exterior read-write equipment or user were by authentication or verification, the safe condition rank assert that module 10 can be that integrated circuit card is specified and this exterior read-write equipment or the corresponding safe condition of user.Described safe condition comprises global safety state and local safe condition, and the global safety state is the safe condition that all TOC levels all have under the whole master control catalogue; The secure topical state is the safe condition that a certain TOC level had.
The safe condition of integrated circuit card can be represented with set, hereinafter will describe in detail to it.
Safe condition deposit module 30 be used to deposit described integrated circuit be stuck in obtained under the current application, by the safe condition of safe condition designated module 20 appointments.
16 kinds of safe conditions of this of a certain catalogue can be in obtained set or not obtained set.After a certain catalogue obtains a kind of safe condition, so until before leaving this catalogue, this catalogue all can keep this safe condition constant, so this safe condition can never obtained set enter obtained set, and deposits module 30 by safe condition and deposit.
The security attribute of file is called access rights again, is meant the set to the particular safety state of file operation definition.Generally appointment when setting up this document is described by a safe condition interval.For example, the read right of describing a file is that (X≤Y), the safe condition that the expression read operation need obtain belong to set { X, Y}, (X≤Y) to XY.
Suppose, the safe condition set of a certain its upper directory of file is { M, (M≤N), the safe condition of this document is readable to N}, is expressed as { X1, Y1} (X≤Y), if { result of Y1} is not empty for M, N}{X1, be readable by authentication or the exterior read-write equipment of verification or user for the access rights of this document then, control module 40 allows exterior read-write equipment or user that this document is carried out read operation thus; Otherwise control module 40 does not allow exterior read-write equipment or user that this document is carried out read operation thus.
Introduce the management method of a kind of integrated circuit card operating system access control authority provided by the invention in detail below in conjunction with Fig. 3.
Step 100: authentication check.
Authentication is when exterior read-write equipment need be visited integrated circuit card, and the legitimacy of the external portion of integrated circuit calorie requirement read-write equipment authenticates.Verification is meant the checking of integrated circuit card to its holder (user) legitimacy.Comprise following substep:
Step 101-102: judge whether above-mentioned authentication check is passed through: if, then will authenticate/the check errors counter reset is that maximum wrong the permission enters step 200 behind the number of times; Otherwise, enter step 103.
Step 103-105: will authenticate/value of check errors counter subtracts 1 back and judges whether the number of attempt of authentication check reaches the upper limit of authentication/check errors counter: if then integrated circuit card automatically locks; Otherwise, return step 100 and continue authentication check.
In the present embodiment, can judge whether above-mentioned authentication is passed through according to following explanation: exterior read-write equipment can use GET CHALLENGE order (obtaining the random number order) to one group of random number of integrated circuit card application, use then in the data field that is placed on EXTERNAL AUTHENTICATION order (external authentication order) after specifying key (symmetric key) with described random number encryption (if use the 3DES algorithm, then get 8 byte random numbers, or mend 4Byte 0x00 after getting 4 byte random numbers), then integrated circuit card is carried out the external authentication order.Integrated circuit card uses the external authentication key that described external authentication order data territory is decrypted, then data field decrypted result and its previous random number that produces are compared, if the consistent exterior read-write equipment authentication success of representing, the authentication error counter reset enters step 200 for maximum wrong the permission behind the number of times; If the inconsistent words of data, expression exterior read-write equipment authentification failure, the value of authentication error counter subtracts 1, prescribes a time limit when the number of attempt that authenticates reaches going up of authentication error counter, and integrated circuit card can automatically lock.
In the present embodiment, can judge whether above-mentioned verification is passed through according to following explanation: the user shows its PIN (Personal Identification Number) to integrated circuit card, by integrated circuit card the correctness of this PIN (Personal Identification Number) is judged.If correctly user's verification pass through, the check errors counter reset is the maximum wrong number of times that allows; If incorrect, then the value of user's check errors counter subtracts 1, and when the number of attempt of user's verification reaches going up in limited time of check errors counter, integrated circuit card can automatically lock.
Step 200: the safe condition of specifying the integrated circuit card catalogue is by the exterior read-write equipment of authentication or by the pairing safe condition of the user of verification.
In general, can set in advance certain safe condition for exterior read-write equipment and/or user that can a certain integrated circuit card catalogue of legal use, when this exterior read-write equipment and/or user by after the authentication and/or verification of integrated circuit card, this integrated circuit card catalogue has the above-mentioned safe condition that sets in advance for this exterior read-write equipment and/or user.Include 8 level of security bytes (SSB) in above-mentioned appointment key/PIN (Personal Identification Number), the lower limit (0~15) in the high 4 bit representation level of security intervals of SSB, the upper limit (0~15) in the low 4 bit representation level of security intervals of SSB.Suppose that it is " MN " that a certain exterior read-write equipment is specified the SSB value of key, the expression authentication success maybe can obtain the safe condition in the M-N interval.Described safe condition is divided into global safety state and local safe condition.The global safety state is effective at current DF or the whole duration of work of MF, is resetted again or selects new DF up to integrated circuit card.The secure topical state only in a concrete application (can set up a plurality of EF under this application) down effectively.For example, it is readable that the safe condition that a certain exterior read-write equipment can legal use integrated circuit card A catalogue is set, be specially: the M-N interval that the SSB value of this exterior read-write equipment appointment key can be set is a secure topical state, promptly only at integrated circuit card A go up certain/a little catalogues, this exterior read-write equipment is by after authenticating, this/catalogues have readable safe condition for this exterior read-write equipment a bit, and this/change of the safe condition of catalogues can not have influence on the safe condition of its upper directory a bit; The M-N interval that the SSB value of this exterior read-write equipment appointment key also can be set is a global safety state, promptly at all catalogues on the integrated circuit card A, this exterior read-write equipment is by after authenticating, and all catalogues on the integrated circuit card A have readable safe condition for this exterior read-write equipment.
In addition, exterior read-write equipment/user can be defined as the operation of catalogue and not have any access rights, that is, exterior read-write equipment/user's SSB value bound is arranged to M>N.
Step 300: deposit described integrated circuit be stuck in obtained under the current application, by the safe condition of step 200 appointment.
Be specially: when a certain catalogue of exterior read-write equipment/user capture, this catalogue obtains a kind of safe condition, so until before leaving this catalogue, this catalogue all can keep this safe condition constant, therefore this safe condition can never obtained set enter obtained set, and deposits module 30 by safe condition and deposit.A certain catalogue can represent with set for the safe condition that one exterior read-write equipment/user obtains, for example, the level of security of this directory security state correspondence interval be lower limit M to upper limit N, then be expressed as the set form and be { M, N}, (M≤N).
Step 400:, determine to allow the operation carried out for this document according to the common factor of the security attribute of file under the set of the safe condition of above-mentioned catalogue and this catalogue.
The security attribute of file is called access rights again, is meant the set of exterior read-write equipment/user to the particular safety state of file operation definition, and generally appointment when setting up this document also can be described by a level of security interval with catalogue is the same.For example, the read right of describing a file is XY (level of security interval be for lower limit X≤level of security is interval upper limit Y), and the safe condition that the expression read operation need obtain belongs to set { X, Y}, (X≤Y).In addition, exterior read-write equipment/user can be defined as the operation of file and not have any access rights, that is, exterior read-write equipment/user is arranged to X>Y to the security attribute of file.
With the safe condition set of the upper directory of described file { M, N}, (set { X, the Y} of M≤N) and the safe condition of described file, (X≤Y) asks friendship, i.e. { M, N} ∩ { X, Y} is not empty if ask the result after the friendship, then allows exterior read-write equipment/user that this document is carried out readable behaviour; Otherwise forbid that exterior read-write equipment/user is to the readable behaviour of the execution of this document.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (7)
1. the management devices of an integrated circuit card access control right is characterized in that, comprising:
Authentication check module (10) is used to authenticate the visit legitimacy of exterior read-write equipment and/or verified users;
Safe condition designated module (20), the safe condition that is used to specify the integrated circuit card catalogue are by the exterior read-write equipment of authentication or by the pairing safe condition of the user of verification;
Safe condition is deposited module (30), is used to deposit the safe condition by safe condition designated module (20) appointment;
Control module (40) is used for the security attribute of file under described safe condition and this catalogue is intersected, according to intersecting the operation that the result determines that permission is carried out described file.
2. the management method of an integrated circuit card access control right is characterized in that, comprises step:
A, authentication exterior read-write equipment and/or verified users;
The safe condition of B, appointment integrated circuit card catalogue is by the exterior read-write equipment of authentication or by the pairing safe condition of the user of verification;
C, deposit described integrated circuit be stuck in obtained under the current application, by the safe condition of step B appointment;
D, according to the common factor of the security attribute of file under the set of above-mentioned directory security state and this catalogue, determine to allow the operation carried out for this document.
3. method according to claim 2 is characterized in that, described steps A comprises following substep:
Whether A1, judgement authentication exterior read-write equipment and/or verified users are passed through: if enter described step B after then authentication check error count number of times being resetted; Otherwise, enter steps A 2;
A2, judge whether the multiplicity of this authentication or verification reaches stipulated number: if then lock integrated circuit card and finish; Otherwise, return steps A.
4. according to claim 2 or 3 described methods, it is characterized in that the step of described authentication exterior read-write equipment comprises:
Exterior read-write equipment sends to integrated circuit card after use specifies key with described random number encryption then and carries out the external authentication order to one group of random number of integrated circuit card application;
Whether the random number after integrated circuit card uses the external authentication key with described encryption is decrypted, and then the result is compared with its previous random number that produces, confirm that exterior read-write equipment authenticates and pass through according to whether comparative result is consistent.
5. according to claim 2 or 3 described methods, it is characterized in that the step of described verified users comprises:
Integrated circuit card receives user's PIN (Personal Identification Number), and this PIN (Personal Identification Number) and the PIN (Personal Identification Number) of being stored are compared, and whether whether the consistent user's of affirmation verification is passed through according to comparative result.
6. method according to claim 2 is characterized in that, the set of the described directory security state of step D comprises the upper limit value and lower limit value of the level of security byte of described exterior read-write equipment appointment key.
7. method according to claim 2 is characterized in that, the security attribute of the described file of step D is the set that comprises the upper limit value and lower limit value of described file security level interval.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102905452A CN101950342B (en) | 2010-09-20 | 2010-09-20 | Device and method for managing access control permission of integrated circuit card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102905452A CN101950342B (en) | 2010-09-20 | 2010-09-20 | Device and method for managing access control permission of integrated circuit card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101950342A true CN101950342A (en) | 2011-01-19 |
| CN101950342B CN101950342B (en) | 2013-03-13 |
Family
ID=43453841
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102905452A Active CN101950342B (en) | 2010-09-20 | 2010-09-20 | Device and method for managing access control permission of integrated circuit card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101950342B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102663473A (en) * | 2012-04-25 | 2012-09-12 | 山东神思电子技术股份有限公司 | Method for realizing chip operating system (COS) safety mechanism of intelligent card |
| CN102881085A (en) * | 2012-08-23 | 2013-01-16 | 北京京源水仪器仪表有限公司 | Integrated circuit (IC) card module security authentication method for intelligent water meter |
| CN105346256A (en) * | 2015-11-09 | 2016-02-24 | 杭州旗捷科技有限公司 | Printer chip, ink box and storage allocation method for printer chip |
| CN105897426A (en) * | 2016-03-31 | 2016-08-24 | 成都银事达信息技术有限公司 | Student IC card information access method based on Internet |
| CN108376227A (en) * | 2017-12-29 | 2018-08-07 | 北京智芯微电子科技有限公司 | A kind of file access method and its system of safety chip |
| CN108537067A (en) * | 2018-02-28 | 2018-09-14 | 北京智芯微电子科技有限公司 | Safety protection of chip method and system |
| CN110321725A (en) * | 2019-07-12 | 2019-10-11 | 中孚信息股份有限公司 | A kind of method and device for preventing from distorting system data and clock |
| CN110717202A (en) * | 2018-07-13 | 2020-01-21 | 力旺电子股份有限公司 | Integrated circuit and function locking and unlocking method for integrated circuit |
| CN111881440A (en) * | 2020-07-31 | 2020-11-03 | 珠海优特物联科技有限公司 | Authority management method and integrated circuit card |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006095281A1 (en) * | 2005-03-08 | 2006-09-14 | Nxp B.V. | Arrangement for and method of protecting a data processing device against e[lectro] m[agnetic] radiation attacks |
| CN101739593A (en) * | 2009-12-07 | 2010-06-16 | 佛山市安讯智能科技有限公司 | Safety certification method of medium access control codes of integrated circuit cards |
-
2010
- 2010-09-20 CN CN2010102905452A patent/CN101950342B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006095281A1 (en) * | 2005-03-08 | 2006-09-14 | Nxp B.V. | Arrangement for and method of protecting a data processing device against e[lectro] m[agnetic] radiation attacks |
| CN101739593A (en) * | 2009-12-07 | 2010-06-16 | 佛山市安讯智能科技有限公司 | Safety certification method of medium access control codes of integrated circuit cards |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102663473A (en) * | 2012-04-25 | 2012-09-12 | 山东神思电子技术股份有限公司 | Method for realizing chip operating system (COS) safety mechanism of intelligent card |
| CN102663473B (en) * | 2012-04-25 | 2014-10-08 | 山东神思电子技术股份有限公司 | Method for realizing chip operating system (COS) safety mechanism of intelligent card |
| CN102881085A (en) * | 2012-08-23 | 2013-01-16 | 北京京源水仪器仪表有限公司 | Integrated circuit (IC) card module security authentication method for intelligent water meter |
| CN102881085B (en) * | 2012-08-23 | 2015-07-22 | 北京京源水仪器仪表有限公司 | Integrated circuit (IC) card module security authentication method for intelligent water meter |
| CN105346256B (en) * | 2015-11-09 | 2017-03-22 | 杭州旗捷科技有限公司 | Printer chip, ink box and storage allocation method for printer chip |
| CN105346256A (en) * | 2015-11-09 | 2016-02-24 | 杭州旗捷科技有限公司 | Printer chip, ink box and storage allocation method for printer chip |
| CN105897426A (en) * | 2016-03-31 | 2016-08-24 | 成都银事达信息技术有限公司 | Student IC card information access method based on Internet |
| CN108376227A (en) * | 2017-12-29 | 2018-08-07 | 北京智芯微电子科技有限公司 | A kind of file access method and its system of safety chip |
| CN108376227B (en) * | 2017-12-29 | 2021-07-20 | 北京智芯微电子科技有限公司 | File access method and system of security chip |
| CN108537067A (en) * | 2018-02-28 | 2018-09-14 | 北京智芯微电子科技有限公司 | Safety protection of chip method and system |
| CN110717202A (en) * | 2018-07-13 | 2020-01-21 | 力旺电子股份有限公司 | Integrated circuit and function locking and unlocking method for integrated circuit |
| CN110717202B (en) * | 2018-07-13 | 2023-09-15 | 力旺电子股份有限公司 | Integrated circuit and function locking and unlocking method for integrated circuit |
| CN110321725A (en) * | 2019-07-12 | 2019-10-11 | 中孚信息股份有限公司 | A kind of method and device for preventing from distorting system data and clock |
| CN111881440A (en) * | 2020-07-31 | 2020-11-03 | 珠海优特物联科技有限公司 | Authority management method and integrated circuit card |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101950342B (en) | 2013-03-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101950342B (en) | Device and method for managing access control permission of integrated circuit card | |
| US11664997B2 (en) | Authentication in ubiquitous environment | |
| EP1571525B1 (en) | A method, a hardware token, and a computer program for authentication | |
| CN101018127B (en) | Remote access system, gateway, client device, program, and storage medium | |
| US6296191B1 (en) | Storing data objects in a smart card memory | |
| JP4598857B2 (en) | IC card and access control method thereof | |
| CN101127111A (en) | Internet bank U disc KEY ciphering, authentication device and method | |
| CN100446021C (en) | Method of realizing intelligence cryptographic key set of fingerprint for multiple users to use | |
| US7246375B1 (en) | Method for managing a secure terminal | |
| CN106161442A (en) | A kind of system control user login method | |
| KR20120112598A (en) | Implementing method, system of universal card system and smart card | |
| CN102881085A (en) | Integrated circuit (IC) card module security authentication method for intelligent water meter | |
| CN105871840A (en) | Certificate management method and system | |
| Lambrinoudakis | Smart card technology for deploying a secure information management framework | |
| EP3125464A1 (en) | Blocking service for a certificate created using an id token | |
| EP3186741B1 (en) | Access protection for external data in the non-volatile memory of a token | |
| KR100946677B1 (en) | Data strorage system using secure card master and its storage method thereof | |
| KR20050079951A (en) | Authetification system using public certification with smart card that includes i.c chip | |
| CN110233723A (en) | A kind of secondary key management method and safety chip | |
| RU2285948C1 (en) | Method for providing safe user access to oracle databases | |
| Jain et al. | Smart Card Application for Attendance Management System | |
| Autor et al. | Specification of the Security Target TCOS Residence Permit Card Version 1.0 Release 1/SLE78CLX1440P Version: 1.0. 1/20110816 | |
| O’Connor | Industry group says e-passport clone poses little risk | |
| Holý et al. | Contactless smart card Mifare DESFire EV1—multi-application platform | |
| RU106974U1 (en) | SOFTWARE AND HARDWARE COMPLEX OF INFORMATION PROTECTION IN IT-SYSTEMS |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Device and method for managing access control permission of integrated circuit card Effective date of registration: 20131203 Granted publication date: 20130313 Pledgee: Bank of China Limited by Share Ltd Beijing Century Fortune Central Branch Pledgor: Beijing Haitai Fangyuan High Technology Co., Ltd. Registration number: 2013990000923 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20150127 Granted publication date: 20130313 Pledgee: Bank of China Limited by Share Ltd Beijing Century Fortune Central Branch Pledgor: Beijing Haitai Fangyuan High Technology Co., Ltd. Registration number: 2013990000923 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Device and method for managing access control permission of integrated circuit card Effective date of registration: 20150128 Granted publication date: 20130313 Pledgee: Bank of China Limited by Share Ltd Beijing Century Fortune Central Branch Pledgor: Beijing Haitai Fangyuan High Technology Co., Ltd. Registration number: 2015990000074 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model | ||
| C56 | Change in the name or address of the patentee | ||
| CP03 | Change of name, title or address |
Address after: 100094, Beijing, Haidian District, West Road, No. 8, Zhongguancun Software Park, building 9, international software building E, one floor, two layers Patentee after: BEIJING HAITAI FANGYUAN HIGH TECHNOLOGY CO., LTD. Address before: 100085, Beijing, Haidian District on the road No. 22, science and technology complex on the eastern 4 floor Patentee before: Beijing Haitai Fangyuan High Technology Co., Ltd. |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20160512 Granted publication date: 20130313 Pledgee: Bank of China Limited by Share Ltd Beijing Century Fortune Central Branch Pledgor: Beijing Haitai Fangyuan High Technology Co., Ltd. Registration number: 2015990000074 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model |