CN102612026B - Be applicable to smart card and the method for controlling security thereof of specialized mobile radio demand - Google Patents
Be applicable to smart card and the method for controlling security thereof of specialized mobile radio demand Download PDFInfo
- Publication number
- CN102612026B CN102612026B CN201110427610.6A CN201110427610A CN102612026B CN 102612026 B CN102612026 B CN 102612026B CN 201110427610 A CN201110427610 A CN 201110427610A CN 102612026 B CN102612026 B CN 102612026B
- Authority
- CN
- China
- Prior art keywords
- storage area
- smart card
- authentication
- algorithm
- identifying
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Telephonic Communication Services (AREA)
- Telephone Function (AREA)
Abstract
The invention provides a kind of method of controlling security and the system that are applicable to the smart card of specialized mobile radio demand.In the process, storage area in smart card is divided into the first storage area and the second storage area, wherein the first storage area stores operator preset authentication arithmetic and identifying algorithm before this smart card of distribution, uses under being general mode in operator scheme; Second storage area stores operator user-defined authentication arithmetic and/or identifying algorithm after this smart card of distribution, wherein said smart card: obtain the operator scheme that user will use; When operator scheme is general mode, in authentication or identifying procedure, perform authentication arithmetic or identifying algorithm that in the first storage area, operator is preset; And, when operator scheme is custom model, in authentication or identifying procedure, start authentication arithmetic or identifying algorithm that virtual machine program performs the second storage area storage.
Description
Technical field
The present invention relates to moving communicating field, particularly relate to a kind of method of controlling security and smart card of smart card.
Background technology
Smart card is the key safety equipment in 2G/3G mobile communications network.Important security role is carry in whole Security of Mobile Communication Network system.Be mainly reflected in following several respects: the safe storage of user data; Participate in mobile communications network authentication; Validated user means of identification is provided; Security service interface is provided.
Along with the development of the communication technology, normal domestic mobile communication technology is gradually improved.Meanwhile, the high secure private mobile communication demand being applicable to specific area is also arisen at the historic moment.Such as, military mobile communication, police mobile communication, City Emergency Linkage Control System special mobile network etc.
In specialized mobile radio field, have higher requirement for safety, network, terminal, smart card need specific customization mostly.Specific to smart card, possible new demand for security comprises: can support on the same card that civilian and special two overlap security system; Support the safe storage of special personal data; Support special network authentication algorithm; Support special validated user recognition methods; Abundanter security service interface is provided.
With regard to current used traditional smart card, it cannot meet above demand.
Summary of the invention
The invention provides a set of smart card and the method for controlling security thereof that are applicable to specialized mobile radio demand, to support civilian, special two kinds of demands, realize data isolation and safe storage, civilian/dedicated network authentication arithmetic and user identification arithmetic can be carried, the security service interface enriched can be supported.
For solving the problems of the technologies described above, the invention provides following technical scheme:
A kind of method of controlling security being applicable to the smart card of specialized mobile radio demand, storage area in smart card is divided into the first storage area and the second storage area, wherein the first storage area stores operator preset authentication arithmetic and identifying algorithm before this smart card of distribution, uses under being general mode in operator scheme; Second storage area stores operator user-defined authentication arithmetic and/or identifying algorithm after this smart card of distribution, wherein said smart card:
Obtain the operator scheme that user will use;
When operator scheme is general mode, in authentication or identifying procedure, perform authentication arithmetic or identifying algorithm that in the first storage area, operator is preset; And, when operator scheme is custom model, in authentication or identifying procedure, start authentication arithmetic or identifying algorithm that virtual machine program performs the second storage area storage.
Preferably, described method also has following features: get after the authentication arithmetic that described second storage area stores and/or identifying algorithm are connected with external data terminal by card reader.
Preferably, described method also has following features: described acquisition, in order to before the authentication arithmetic that uses under being custom model in operator scheme and/or identifying algorithm, also comprises:
Write-protect process is carried out to described first storage area.
Preferably, described method also has following features: described method also comprises:
If receive the service request of information security, then adopt the security algorithm prestored in smart card, the service of information security is externally provided.
Preferably, described method also has following features: the service of described information security comprises at least one in encryption, deciphering, signature and sign test.
A kind of smart card being applicable to specialized mobile radio demand, comprise processor and memory, the storage area of described memory is divided into the first storage area and the second storage area, wherein the first storage area stores operator preset authentication arithmetic and identifying algorithm before this smart card of distribution, uses under being general mode in operator scheme; Second storage area stores operator user-defined authentication arithmetic and/or identifying algorithm after this smart card of distribution; Wherein said processor comprises:
Download module, for from the self-defining authentication arithmetic of outside download user and/or identifying algorithm, and is saved in the second storage area;
Virtual machine module, for performing authentication arithmetic in the second storage area and/or identifying algorithm;
Pattern acquiring module, for obtaining the operator scheme that user will use;
Processing module, for when operator scheme is general mode, performs authentication arithmetic or identifying algorithm that in the first storage area, operator is preset in authentication or identifying procedure; And, when operator scheme is custom model, in authentication or identifying procedure, start authentication arithmetic or identifying algorithm that virtual machine program performs the second storage area storage.
Preferably, described smart card also has following features: described first storage area is the storage area carrying out write-protect operation.
Preferably, described smart card also has following features:
Described download module is also for applying from the self-defining security algorithm of outside download user;
Described smart card also comprises:
Security service module, for when receiving the service request of information security, adopting the security algorithm application in smart card, externally providing the service of information security.
Preferably, described smart card also has following features: the service of the information security that described security service module provides comprises at least one in encryption, deciphering, signature and sign test.
Compared with prior art, the smart card that the embodiment of the present invention provides and control method thereof not only carry network authentication algorithm and the user identification arithmetic of new customization, preserve legacy network authentication arithmetic and the user identification arithmetic of normal smart cards simultaneously, can for user flexibility configuration.
Accompanying drawing explanation
The schematic flow sheet being applicable to the method for controlling security embodiment of the smart card of specialized mobile radio demand that Fig. 1 provides for the embodiment of the present invention;
The schematic diagram of the menu setecting mode that Fig. 2 provides for the embodiment of the present invention;
The structural representation being applicable to the smart card of specialized mobile radio demand that Fig. 3 provides for the embodiment of the present invention;
The configuration diagram of the smart card that Fig. 4 provides for the embodiment of the present invention.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly, the present invention is described in further detail below in conjunction with the accompanying drawings and the specific embodiments.It should be noted that, when not conflicting, the embodiment in the application and the feature in embodiment can combination in any mutually.
The schematic flow sheet being applicable to the method for controlling security embodiment of the smart card of specialized mobile radio demand that Fig. 1 provides for the embodiment of the present invention.In embodiment of the method shown in Fig. 1, the storage area in smart card logically can support that multiple secure storage section is for storing different authentication arithmetics and/or identifying algorithm.Distinguish according to the opportunity disposing authentication arithmetic and/or identifying algorithm, the first storage area and the second storage area can be divided into, wherein the first storage area stores operator preset authentication arithmetic and identifying algorithm before this smart card of distribution, uses under being general mode in operator scheme; Second storage area store distribution this smart card after user-defined authentication arithmetic and/or identifying algorithm, use under being custom model in operator scheme; Wherein said smart card:
The operator scheme that step 101, acquisition user will use;
Step 102, when operator scheme is general mode, in authentication or identifying procedure, perform authentication arithmetic or identifying algorithm that in the first storage area, operator is preset;
Step 103, when operator scheme is custom model, start in authentication or identifying procedure virtual machine program perform second storage area store authentication arithmetic or identifying algorithm.
It should be noted that, user can only define new authentication arithmetic, does not define new identifying algorithm, namely, under custom model, smart card uses the authentication arithmetic stored in the second storage area to carry out authentication, uses the identifying algorithm of the first storage area to carry out certification, certainly, vice versa.
Relative, if operator scheme is general mode, then flow processing conventionally.
Certainly, in order to ensure that the data of the first storage area after this smart card of distribution can not be destroyed, before writing new content to smart card, write-protect process is carried out to described first storage area.
The authentication arithmetic stored for described second storage area and/or identifying algorithm, got after can being connected, also can be obtained by web download by card reader with external data terminal.
Specifically, obtain the operator scheme that user will use, STK menu setecting mode can be adopted to realize.The schematic diagram of the menu setecting mode that Fig. 2 provides for the embodiment of the present invention.By obtaining user to the selection result of menu, specify user's operator scheme to be selected.
As seen from the above, said method can support network authentication algorithm and the user authentication algorithm of customization, and the network authentication algorithm of this customization and user identification arithmetic can be developed by user security department, the mechanism of algorithm is transparent to card provider, accordingly, smartcard provider should provide the deployment of the new authentication arithmetic of a set of corresponding security system support and user identification arithmetic, safe storage, activation, use, upgrade; In addition, the algorithm of new customization and traditional algorithm are also deposited, can flexible configuration, specifically, under this security control system, this smart card not only carries network authentication algorithm and the user identification arithmetic of new customization, preserves legacy network authentication arithmetic and the user identification arithmetic of normal smart cards simultaneously, can for user flexibility configuration.Under this security control system, special intelligent card should be able to provide a set of customizable security service, and this security service should be able to according to terminal, the concrete instruction demand customization of POS, amendment.
Below embodiment of the method provided by the invention is described further:
The smart card that the present invention realizes presets network authentication algorithm and the user authentication algorithm of normal smart cards, the identical function with normal smart cards can be realized, meanwhile, under the support of JavaCard virtual machine, multiple JavaCard application can be carried and realize the peculiar function of special intelligent card.The network authentication algorithm of one class application for customizing under realizing Private Mobile Communication Network network, the user identification arithmetic of one class application for customizing under realizing Private Mobile Communication Network network, one class application externally provides security service, and a class application is for configuring card mode of operation.
The structural representation being applicable to the smart card of specialized mobile radio demand that Fig. 3 provides for the embodiment of the present invention.Smart card shown in Fig. 3 comprises processor 31 and memory 32, the storage area of wherein said memory 32 is divided into the first storage area and the second storage area, wherein the first storage area store operator distribution this smart card before preset authentication arithmetic and identifying algorithm, use under being general mode in operator scheme; Second storage area stores operator user-defined authentication arithmetic and/or identifying algorithm after this smart card of distribution; Wherein said processor comprises:
Download module 311, is connected with memory, for from the self-defining authentication arithmetic of outside download user and/or identifying algorithm, and is saved in the second storage area;
Virtual machine module 312, for performing authentication arithmetic in the second storage area and/or identifying algorithm;
Pattern acquiring module 313, for obtaining the operator scheme that user will use;
Processing module 314, is connected with pattern acquiring module 313 with described virtual machine module 312, for when operator scheme is general mode, performs authentication arithmetic or identifying algorithm that in the first storage area, operator is preset in authentication or identifying procedure; And, when operator scheme is custom model, in authentication or identifying procedure, start authentication arithmetic or identifying algorithm that virtual machine program performs the second storage area storage.
Preferably, described first storage area is the storage area carrying out write-protect operation.
The configuration diagram of the smart card that Fig. 4 provides for the embodiment of the present invention.As seen from Figure 4, the mode of operation of the smart card that the present invention realizes has two kinds, i.e. general mode and custom model.The security mechanism adopted under two kinds of patterns is different with the security parameter of use.Wherein, in the normal mode, card calls network authentication algorithm and the user authentication algorithm of normal smart cards, and externally performance is consistent with normal smart cards.Under custom model, card calls network authentication algorithm and the user authentication algorithm of customization, externally can provide security service simultaneously, realize the specific safety demand of specific industry.
Communication terminal interface can adopt STK menu setecting mode.After user have selected concrete pattern, record current operation mode by a mark in card, such as, 0 is general mode, and 1 is custom model.
The network authentication method of smart card that just the present invention realizes below is described:
The authentication arithmetic logic of preset normal smart cards on smart card.In the card issuing stage, write normal smart cards individual authorization data.In addition, the authentication arithmetic that customizes under can supporting dedicated communications network of smart card.This authentication arithmetic can be designed and developed by user security department, and to card, provider is transparent.After card issuing, by user oneself, the authentication arithmetic of customization can be downloaded on card.
Smart card receives user-selected operator scheme, if user's selection is general mode, then, under card is in general mode, receives the authentication instruction that terminal is sent, and card operating system will perform the authorizing procedure of current conventional mobile communications network; On the contrary, then under intelligent cards is in custom model, receive the authentication instruction that terminal is sent, card operating system will perform the authorizing procedure of customization, comprises and uses the network authentication algorithm of customization to process etc.
In the present invention, customize authentication arithmetic support and adopt JavaCard technological development.Input/output interface, writing personalized incoming interface, the algorithm realization of user security department definition authentication arithmetic, issue authentication arithmetic with the form of JavaApplet.By the standard download of GlobalPlatform on card.
And the user authen method of the smart card that the present invention realizes is described:
The user authentication logic of preset normal smart cards on smart card.In the card issuing stage, write normal smart cards personal authentication data are as PIN code.The user authentication algorithm that smart card customizes under can supporting dedicated communications network.This user authentication algorithm can be designed and developed by user security department, and to card, provider is transparent.After card issuing, by user oneself, the user authentication algorithm of customization can be downloaded on card.
Smart card receives user-selected operator scheme, if what user selected is general mode, then under card is in general mode, receive the cryptographic check instruction that terminal is sent, card operating system will perform the user authentication flow process of current conventional mobile communications network; On the contrary, under card is in custom model, receive the certification that terminal is sent, card operating system will perform the user authentication flow process of customization.
In the present invention, the user authentication algorithm support of customization adopts JavaCard technological development.Input/output interface, writing personalized incoming interface, the algorithm realization of user security department definition user authentication algorithm, with the user authentication algorithm of the form publishing of customized of JavaApplet.By the standard download of GlobalPlatform on card.
Preferably, described download module is also for applying from the self-defining security algorithm of outside download user;
Described smart card also comprises:
Security service module, for when receiving the service request of information security, adopting the security algorithm application in smart card, externally providing the service of information security.
Wherein, the service of information security that described security service module provides comprises at least one in encryption, deciphering, signature and sign test.
Specifically, on the smart card realized in the present invention, also supporting a class private security application, for providing security service for outside, adopting JavaCard technological development.In this type of application, by call DES in card 3DES AES RSA the security algorithm such as RCC, the security services such as encryption, deciphering, signature, sign test are externally provided.External security service interface provides in the mode of APDU instruction, and the definition of security service interface can according to the demand custom-modification of terminal.
In sum, compared with prior art, the smart card that the embodiment of the present invention provides and control method thereof not only carry network authentication algorithm and the user identification arithmetic of new customization, preserve legacy network authentication arithmetic and the user identification arithmetic of normal smart cards simultaneously, can for user flexibility configuration.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; change can be expected easily or replace, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range described in claim.
Claims (7)
1. one kind is applicable to the method for controlling security of the smart card of specialized mobile radio demand, it is characterized in that, storage area in smart card is divided into the first storage area and the second storage area, wherein the first storage area stores operator preset authentication arithmetic and identifying algorithm before this smart card of distribution, uses under being general mode in operator scheme; Second storage area stores operator user-defined authentication arithmetic and/or identifying algorithm after this smart card of distribution; Write-protect process is carried out to described first storage area; Wherein said smart card:
Obtain the operator scheme that user will use;
When operator scheme is general mode, in authentication or identifying procedure, perform authentication arithmetic or identifying algorithm that in the first storage area, operator is preset; And, when operator scheme is custom model, in authentication or identifying procedure, start authentication arithmetic or identifying algorithm that virtual machine program performs the second storage area storage.
2. method according to claim 1, is characterized in that, gets after the authentication arithmetic that described second storage area stores and/or identifying algorithm are connected with external data terminal by card reader.
3. method according to claim 1, is characterized in that, described method also comprises:
If receive the service request of information security, then adopt the security algorithm prestored in smart card, the service of information security is externally provided.
4. method according to claim 3, is characterized in that, the service of described information security comprises at least one in encryption, deciphering, signature and sign test.
5. one kind is applicable to the smart card of specialized mobile radio demand, comprise processor and memory, it is characterized in that, the storage area of described memory is divided into the first storage area and the second storage area, wherein the first storage area stores operator preset authentication arithmetic and identifying algorithm before this smart card of distribution, uses under being general mode in operator scheme; Second storage area stores operator user-defined authentication arithmetic and/or identifying algorithm after this smart card of distribution; Described first storage area is the storage area carrying out write-protect operation; Wherein said processor comprises:
Download module, for from the self-defining authentication arithmetic of outside download user and/or identifying algorithm, and is saved in the second storage area;
Virtual machine module, for performing authentication arithmetic in the second storage area and/or identifying algorithm;
Pattern acquiring module, for obtaining the operator scheme that user will use;
Processing module, for when operator scheme is general mode, performs authentication arithmetic or identifying algorithm that in the first storage area, operator is preset in authentication or identifying procedure; And, when operator scheme is custom model, in authentication or identifying procedure, start authentication arithmetic or identifying algorithm that virtual machine program performs the second storage area storage.
6. smart card according to claim 5, is characterized in that:
Described download module is also for applying from the self-defining security algorithm of outside download user;
Described smart card also comprises:
Security service module, for when receiving the service request of information security, adopting the security algorithm application in smart card, externally providing the service of information security.
7. smart card according to claim 6, is characterized in that, the service of the information security that described security service module provides comprises at least one in encryption, deciphering, signature and sign test.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110427610.6A CN102612026B (en) | 2011-12-19 | 2011-12-19 | Be applicable to smart card and the method for controlling security thereof of specialized mobile radio demand |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110427610.6A CN102612026B (en) | 2011-12-19 | 2011-12-19 | Be applicable to smart card and the method for controlling security thereof of specialized mobile radio demand |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102612026A CN102612026A (en) | 2012-07-25 |
| CN102612026B true CN102612026B (en) | 2016-02-17 |
Family
ID=46529126
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110427610.6A Active CN102612026B (en) | 2011-12-19 | 2011-12-19 | Be applicable to smart card and the method for controlling security thereof of specialized mobile radio demand |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102612026B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103106090B (en) * | 2013-01-31 | 2015-10-28 | 北京大唐智能卡技术有限公司 | The installation method of a kind of smart card and application thereof |
| FR3037685B1 (en) * | 2015-06-22 | 2018-11-02 | Idemia France | IMPROVED SELECTION METHOD AND SYSTEM FOR APPLICATION IN SECURE ELEMENT FROM RECEIVED MESSAGE |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2904126Y (en) * | 2006-01-26 | 2007-05-23 | 快忆科技股份有限公司 | Improved micromemory device structure |
| CN102056172A (en) * | 2011-01-04 | 2011-05-11 | 大唐微电子技术有限公司 | Smart card and authentication method thereof |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1118026C (en) * | 2000-12-28 | 2003-08-13 | 大唐电信科技股份有限公司微电子分公司 | More logic partitions in one physical storage and IC cards with different purposes |
-
2011
- 2011-12-19 CN CN201110427610.6A patent/CN102612026B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2904126Y (en) * | 2006-01-26 | 2007-05-23 | 快忆科技股份有限公司 | Improved micromemory device structure |
| CN102056172A (en) * | 2011-01-04 | 2011-05-11 | 大唐微电子技术有限公司 | Smart card and authentication method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102612026A (en) | 2012-07-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10129233B2 (en) | Method, device and system for network-based remote control over contactless secure storages | |
| CN101422058B (en) | Method of securing access to a proximity communication module in a mobile terminal | |
| JP5738844B2 (en) | Payment terminals that use mobile communication devices such as mobile phones, automatic account settlement transaction methods | |
| EP2048594A1 (en) | Method for communication, communication device and secure processor | |
| CN105391840A (en) | automatic purposed-application creation | |
| AU2023263571A1 (en) | Digital transaction apparatus, system, and method with a virtual companion card | |
| US9158598B2 (en) | Apparatus, method, program and system for processing information utilizing a multi-platform capable of managing a plurality of applications | |
| CN103886455A (en) | Digital wallet device for virtual wallet | |
| EP3408816A1 (en) | Apparatus and method for emulating transactional infrastructure with a digital transaction processing unit (dtpu) | |
| MX2010014374A (en) | Method of accessing applications in a secure mobile environment. | |
| CN103366140A (en) | Card writing method and card writing device based on NFC (Near Field Communication) | |
| KR101389468B1 (en) | Method for issuing mobile credit card in portable terminal using credit card and credit card for the same | |
| CN101739756B (en) | Method for generating secrete key of smart card | |
| CN202444629U (en) | System for carrying out card operation by using mobile terminal | |
| CN102711101A (en) | Method and system for realizing distribution of smart cards | |
| CN102411742A (en) | Mobile terminal | |
| EP2048591B1 (en) | Method for communication, communication device and secure processor | |
| CN102630083A (en) | System for using mobile terminal to carry out card operation and method thereof | |
| CA3146018A1 (en) | System and method enabling mobile near-field communication to update display on a payment card | |
| CN103544114B (en) | Based on many M1 card control system and the control method thereof of single CPU card | |
| EP2663106B1 (en) | Secure near field communication solutions and circuits | |
| CN102612026B (en) | Be applicable to smart card and the method for controlling security thereof of specialized mobile radio demand | |
| CN103179547A (en) | System and method for binding cell phone numbers and subscriber identity module (SIM) supplementary cards | |
| CN102999839A (en) | Cloud platform and virtual SE (security element) based electronic currency security payment system and cloud platform and virtual SE based electronic currency security payment method | |
| CN103379190B (en) | Running gear, transaction system and method for transmitting signals |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20120725 Assignee: BEIJING DATANG SMART CARD TECHNOLOGY CO.,LTD. Assignor: DATANG MICROELECTRONICS TECHNOLOGY Co.,Ltd. Contract record no.: 2016110000008 Denomination of invention: Intelligent card applicable to special mobile communication requirements and security control method thereof Granted publication date: 20160217 License type: Common License Record date: 20160422 |
|
| LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201120 Address after: 12 / F, North building, Zhongke resource building, Haidian District, Beijing 100190 Patentee after: Huiyi finance leasing (Tianjin) Co.,Ltd. Address before: 100094 No. 6 Yongjia North Road, Beijing, Haidian District Patentee before: DATANG MICROELECTRONICS TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220624 Address after: 100094 No. 6 Yongjia North Road, Beijing, Haidian District Patentee after: DATANG MICROELECTRONICS TECHNOLOGY Co.,Ltd. Address before: 100190 12 / F, North building, Zhongke resource building, Haidian District, Beijing Patentee before: Huiyi finance leasing (Tianjin) Co.,Ltd. |