CN104092546A - Method for generating safety domain on intelligent card - Google Patents
Method for generating safety domain on intelligent card Download PDFInfo
- Publication number
- CN104092546A CN104092546A CN201410306820.3A CN201410306820A CN104092546A CN 104092546 A CN104092546 A CN 104092546A CN 201410306820 A CN201410306820 A CN 201410306820A CN 104092546 A CN104092546 A CN 104092546A
- Authority
- CN
- China
- Prior art keywords
- application
- ballot paper
- file
- registered
- return
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method for generating a safety domain on an intelligent card and belongs to the technical field of information safety. The method includes the steps that a received application registering instruction is analyzed, the ID of an application to be registered, vote information ciphertext and the application ID of a vote attribution application are obtained, the vote information ciphertext is transmitted to a vote checking interface of the vote attribution application, a vote identifier and vote permission information are obtained from data returned by the vote checking interface, the type of a vote is judged according to the vote identifier, if the vote is in the affirmative, the current vote count is updated, when the vote count reaches a preset vote number, the ID of the application to be registered is added in an application registry in the card, an application object corresponding to the ID of the application to be registered is built in the card, and then one safety domain is successfully registered in the card; if the vote is a negative vote, the vote count is not updated, and operation returns to the original state to wait for a receiving terminal to issue an instruction . Due to the method, application management safety of the card is improved, and safety of information in the card is guaranteed.
Description
Technical field
The invention belongs to field of information security technology, relate in particular to the generation method of security domain on a kind of smart card.
Background technology
A security domain on smart card represents the set of an application, the application in this set by same card outside entity control or have.Security domain is mainly used in application management, in the processes such as application download, deletion, is responsible for providing the safety control function such as secure communication, authentication.
At present, the security domain on smart card have main security domain and auxiliary security territory point, main security domain is to represent on the compulsory card of card publisher on smart card, auxiliary security territory is to represent on the optional card that adds on smart card of card publisher or application provider.The process of the management of the security domain on existing smart card comprises: under the control of main security domain, realize the management such as establishment, deletion to all application below auxiliary security territory and auxiliary security territory on smart card, the administration authority of main security domain is higher than auxiliary security territory.
Inventor finds the generation method of the security domain that prior art provides, at least there are the following problems: for all application below all auxiliary security territory and auxiliary security territory (as applied in security domain application and non-security territory alleged in the present invention), can be controlled by main security domain, can cause like this authority of main security domain high especially, directly determine the generation of other security domain application or the application of non-security territory, can bring potential safety hazard to the management that blocks upper information like this.
Summary of the invention
The defect existing for solving the generation method of security domain of the prior art, the present invention proposes a kind of generation method of new security domain, the authority of all security domains is all equality, only oneself application of management under the authority of oneself, the management of all cannot going beyond one's commission of other any security domains.
The technical solution used in the present invention is: a kind of generation method of security domain on smart card, comprising:
Step S1: smart card is connected with terminal, sets up escape way;
Step S2: smart card waits for that receiving terminal sends order;
In the time that smart card receives order that terminal issues for application log-in command, resolve described application log-in command and obtain file ID and application ID to be registered, application registry in index card, judge whether to exist described application ID to be registered, be generate the application log-in command response data that comprises registration failure information and return to terminal, then return to execution step S2; Otherwise learn to be registeredly while being applied as security domain application according to described file ID, A is to step F for execution step;
Steps A: resolve described application log-in command and obtain the application ID of ballot paper information ciphertext and the application of ballot paper ownership, and find ballot paper counter and the ballot paper source list corresponding with described application ID to be registered in card;
Step B: the application ID that whether has the application of described ballot paper ownership in the ballot paper source list corresponding with described application ID to be registered that judgement is found, generate the application log-in command response data that comprises registration failure information and return to terminal, then return to execution step S2, otherwise execution step C;
Step C: find the application of ballot paper ownership according to the application ID of described ballot paper ownership application, described ballot paper information ciphertext is passed to the ticket checking interface of described ballot paper ownership application, and obtain the return data of ticket checking interface;
Step D: obtain ballot paper identifier and ballot paper authority information from described return data, judge ballot paper type according to described ballot paper identifier, if affirmative vote performs step E, if negative vote increases the application ID of described ballot paper ownership application in the registration table of described ballot paper source, the application log-in command response data that generation comprises registration failure information also returns to terminal, then returns to execution step S2;
Step e: the count value of upgrading described ballot paper counter, in described ballot paper source list, increase the application ID of described ballot paper ownership application, judge whether the count value after upgrading reaches preset value, to perform step F, otherwise generate the application log-in command response data that comprises current count value and return to terminal, then returning to execution step S2;
Step F: increase described application ID to be registered in described application registry, and create application corresponding to described application ID to be registered in card, empty ballot paper source list, by ballot paper counter O reset; Judge according to described ballot paper authority information whether security domain application to be registered has ballot paper power, ballot paper attribute that described application comprises to be set for there being ballot paper power, the application log-in command response data that generation comprises the information of succeeding in registration also returns to terminal, then returns to execution step S2; Otherwise ballot paper attribute that described application comprises is set for without ballot paper power, generates the application log-in command response data that comprises the information of succeeding in registration and also return to terminal, then return to execution step S2.
Describedly learn and to be registered be applied as security domain application and be specially according to described file ID, in card, find the application file corresponding with it according to described file ID, in the content of application file, inquire about application file category information, judge according to application file category information whether files classes have inherited SecurityDomain class, be to learn that application to be registered is security domain application, otherwise application to be registered is non-security domain application.
In described steps A, also comprise: in index card, whether have ballot paper counter and the ballot paper source list corresponding with described application ID to be registered, in card, to have found ballot paper counter and the ballot paper source list corresponding with described application ID to be registered, execution step B; Otherwise in card, create ballot paper counter and ballot paper source list that described application ID to be registered is corresponding, execution step C.
In described ballot paper information ciphertext, include application ID, ballot paper identifier, the term of validity of ballot paper, the ballot paper authority information of security domain application to be registered.
Also comprise before described step D, judge whether that according to the return data of ticket checking interface ticket checking passes through, be to perform step D, otherwise generate the application log-in command response data that comprises registration failure information and return to terminal, then return to execution step S2.Described ticket checking interface is for using the ballot paper PKI of preserving in advance described ballot paper information ciphertext to be decrypted to the application ID, ballot paper identifier, the term of validity of ballot paper, the ballot paper authority information that obtain security domain application to be registered, for verifying the term of validity of ballot paper, and generating ticket checking result, application ID, ballot paper authority information and the ballot paper identifier of the security domain application to be registered obtaining according to ticket checking result, deciphering form return data.The described return data according to ticket checking interface judges whether that ticket checking is by being specially: judging whether described return data meets pre-conditioned, be that ticket checking is passed through, otherwise ticket checking is not passed through; Described pre-conditioned for the ticket checking result comprising in described return data be successfully and the application ID of the security domain application described to be registered that comprises in described return data and smart card to resolve the application ID described to be registered that described application log-in command obtains consistent.
The order that the terminal that described smart card receives issues is APDU order, and described smart card is according to second of described APDU order and the type of the 3rd byte judgement order.
Described method also comprises, in the time that smart card receives order that terminal issues for application log-in command, learn according to the file ID comprising in described application log-in command to be registered while being applied as the application of non-security territory, execution step a and step b;
Step a: resolve described application log-in command and obtain signature file and application ID to be registered, whether legal according to described signature file checking application source, to perform step b, otherwise generate the application log-in command response data that comprises registration failure information and return to terminal, then return to execution step S2;
Step b: increase described application ID to be registered in application registry, and create application corresponding to described application ID to be registered in card; The file identification state that the application file that described application ID to be registered is corresponding is set is login state, generates the application log-in command response data that comprises the information of succeeding in registration and returns to terminal, then returns to execution step S2.
In the time that smart card receives order that terminal issues and moves back log-in command for application, c is to step e for execution step;
Step c: resolve described application and move back log-in command and obtain application ID and file ID, retrieve application registration table, judge whether to exist the described application ID getting, to perform step d, comprise the application of moving back registration failure information and move back log-in command response data and return to terminal otherwise generate, then return to execution step S2;
Steps d: the type of moving back the application of registration according to the described file ID judgement of obtaining, if security domain application performs step e, if the described application ID obtaining is deleted in the application of non-security territory in application registry, in card, delete the application corresponding with described application ID, the file identification state that the application file that described application ID is corresponding is set is not registered state, generation comprises the application of moving back the information of succeeding in registration moves back log-in command response data and returns to terminal, then returns to execution step S2;
Step e: judging under the security domain of the application ownership that described application ID is corresponding, whether have other application, is to generate to comprise the application of moving back registration failure information and move back log-in command response data and return to terminal, then returns to execution step S2; Otherwise in application registry, delete described application ID, delete the application corresponding with described application ID in card, generation comprises the application of moving back the information of succeeding in registration moves back log-in command response data and returns to terminal, then returns and performs step S2.
Be application file while creating order when smart card receives order that terminal issues, create order and read application installation kit from described application file, from described application installation kit, resolve and obtain file to be downloaded ID and document control parameter information; System registry in index card, judges whether to have the file ID consistent with described file to be downloaded ID, is to generate to comprise create the application file establishment command response data of failure information and return to terminal, then returns to execution step S2; Otherwise in card, create application file according to described document control parameter information, add to described file to be downloaded ID as the file ID of the application file creating in the interior system registry of card, and giving the application file creating, file identification state is set is not registered state, generation comprises the application file that creates successful information and creates command response data and return to terminal, then returns to execution step S2.
In the time that smart card receives order that terminal issues and is application file delete command, execution step f and step g;
Step f: resolve described application file delete command and obtain file ID, system registry in index card, judges whether to exist described file ID, is to perform step g, comprise the application file delete command response data of deleting failure information and return to terminal otherwise generate, then perform step S2;
Step g: whether the file identification state that judges the application file that the described file ID that obtains is corresponding is not registered state, in card, in system registry, to delete described file ID, and delete the application file that described file ID is corresponding, generation comprises the application file delete command response data of deleting successful information and returns to terminal, then return to execution step S2, comprise the application file delete command response data of deleting failure information and return to terminal otherwise generate, then return and perform step S2.
The beneficial effect that the present invention reaches is: the problem of effectively having controlled the management of going beyond one's commission between all security domains on smart card, eliminate the mechanism that main security domain is superuser, use method provided by the invention to improve the fail safe of card application management, ensured the above safety of information of card.
Brief description of the drawings
Fig. 1 is the generation method flow diagram of security domain on a kind of smart card of providing of embodiment 1;
Fig. 2 is the generation method flow diagram of security domain on a kind of smart card of providing of embodiment 2.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing, embodiment of the present invention is described in further detail.The process of its registered secure domain application on card of mentioning in following examples is equal to the generation method of the security domain on the alleged card of the present invention, and the non-security territory application of mentioning in embodiment is equal to the application under the security domain on card.
Embodiment 1
The generation method of security domain on a kind of smart card that the present embodiment proposes, as shown in Figure 1, comprising:
Step S1: smart card is connected with terminal, sets up escape way;
Step S2: smart card is waited for the order that receiving terminal sends, in the time receiving application log-in command, resolve command is obtained file ID and application ID to be registered;
Concrete, the example that is registered as with security domain on smart card in the present embodiment is introduced, and when smart card receives other orders of terminal transmission, the corresponding operating of execution is referring to the description of the embodiment of the present invention 2.
Step S3: the application registry in smart card index card, judge whether to exist described application ID to be registered, be to perform step S18, otherwise execution step S4;
Step S4: smart card is learnt security domain when application of being applied as to be registered according to described file ID, resolves described order and obtains the application ID of ballot paper information ciphertext and the application of ballot paper ownership;
Concrete, smart card finds the application file corresponding with it according to file ID in card, in the content of application file, inquire about application file category information, judge according to application file category information whether files classes have inherited SecurityDomain class, be that the application that will register is security domain application, otherwise the application that will register is non-security domain application.In the present embodiment, be introduced with the example that is registered as of security domain application.
Step S5: whether having ballot paper counter and the ballot paper source list corresponding with described application ID to be registered in smart card index card, is to perform step S6, otherwise execution step S7;
Step S6: whether having the application ID of described ballot paper ownership application in the ballot paper source list that smart card judgement is described and application ID to be registered is corresponding, is to perform step S18, otherwise execution step S8;
Concrete, if there is the application ID of described ballot paper ownership application in ballot paper source list, show to have obtained the ballot paper of this ballot paper ownership application, generate the registration failure information that shows repeated obtain, execution step S18.Described ballot paper ownership is applied as the registered security domain application that has ballot paper power in card.
Step S7: smart card creates ballot paper counter and the ballot paper source list that described application ID to be registered is corresponding in card;
Step S8: smart card finds the application of ballot paper ownership according to the application ID of described ballot paper ownership application, the ticket checking interface of described ballot paper information ciphertext being passed to the application of described ballot paper ownership obtains ballot paper identifier and ballot paper authority information from the return data of described ticket checking interface;
Concrete, described ticket checking interface is for using the ballot paper PKI of preserving in advance described ballot paper information ciphertext to be decrypted to the application ID, ballot paper identifier, the term of validity of ballot paper, the ballot paper authority information that obtain security domain application to be registered, for verifying the term of validity of ballot paper, and generating ticket checking result, application ID, ballot paper authority information and the ballot paper identifier of the security domain application to be registered obtaining according to ticket checking result, deciphering form return data.The term of validity of described checking ballot paper is specially checking and deciphers whether the term of validity of the ballot paper getting is the time limit of making an appointment, and is that the ticket checking result generating is successfully, otherwise the ticket checking result generating is unsuccessfully.
This step also comprises: judge whether that according to the return data of ticket checking interface ticket checking passes through, from the return data of described ticket checking interface, to obtain ballot paper identifier and ballot paper authority information, execution step S9, otherwise generate the application log-in command response data that comprises registration failure information and return to terminal, then returning to execution step S2.
The above-mentioned return data according to ticket checking interface judges whether that ticket checking is by being specially: judging whether described return data meets pre-conditioned, be that ticket checking is passed through, otherwise ticket checking is not passed through; Described pre-conditioned for the ticket checking result comprising in described return data be successfully and the application ID of the security domain application described to be registered that comprises in described return data and smart card to resolve the application ID described to be registered that described application log-in command obtains consistent.
Step S9: judge ballot paper type according to ballot paper identifier, if affirmative vote performs step S10, if negative vote performs step S17;
Step S10: upgrade the count value of ballot paper counter, increase the application ID of described ballot paper ownership application in ballot paper source list, then perform step S11;
Concrete, described ballot paper counter is for recording the poll of agreeing with getting.
Step S11: judging whether current count value reaches preset value, is to perform step S12, otherwise execution step S19;
Concrete, described preset value is the poll of agreeing with of should getting of making an appointment.
Step S12: increase described application ID to be registered in application registry, and create application corresponding to described application ID to be registered in card, empty ballot paper source list, by ballot paper counter O reset;
Step S13: judge according to ballot paper authority information whether security domain application to be registered has ballot paper power, is to perform step S14, otherwise execution step S15;
Step S14: ballot paper attribute that described application comprises is set for there being ballot paper power, then performs step S16;
Step S15: ballot paper attribute that described application comprises is set for without ballot paper power, then performs step S16;
Step S16: generate the application log-in command response data that comprises the information of succeeding in registration and return to terminal, then return to step S2.
Step S17: the count value of upgrading ballot paper counter;
Step S18: generate the application log-in command response data that comprises registration failure information and return to terminal, then return to step S2.
Step S19: generate the application log-in command response data that comprises current count value and return to terminal, then return to step S2.
Embodiment 2
The management of security domain on smart card, comprises that application file creates, application is registered, registration is moved back in application and application file is deleted.Carrying out before applicating maintenance operation, first needing smart card and the outer entity of card is that terminal is carried out two-way authentication, consults security component, and application and terminal are set up escape way.After these processes successfully finish, smart card enters applicating maintenance state by applying running status, thereby can receive and process applicating maintenance order and realize the management of security domain, the present embodiment has been introduced application file establishment, application registration, application around the generative process of the upper security domain of card and has been moved back the contents such as registration and application file deletion.
The generation method flow of the security domain on a kind of smart card providing for the present embodiment 2 below, as shown in Figure 2:
Step 101: smart card is connected with terminal, sets up escape way;
Preferably, between smart card and terminal, set up escape way by bidirectional identity authentication, adopt terminal certificate and card certificate mutually to verify, set up escape way.
In the present embodiment, taking smart card as operating main body, after setting up escape way with terminal, smart card starts the various applicating maintenance orders that receive and processing terminal sends, and returns to the corresponding command response data to terminal.
Step 102: smart card is waited for the order that receiving terminal issues;
Concrete, described order is APDU instruction.
Step 103: the type to the order receiving judges, if application file creates order and performs step 104-109, if application log-in command performs step 110-135, if application is moved back log-in command and is performed step 136-145, if application file delete command performs step 146-152;
Concrete, according to second in the APDU instruction receiving and the 3rd byte, ins byte and P1 byte are judged command type.
Preferred: it is 80 E8 00 00 XX that application file creates order, application log-in command is 80 E6 0000 XX, and it is 80 E4 00 00 XX that log-in command is moved back in application, and application file delete command is 80 E4 80 00XX, and " XX " is wherein data field data.
Step 104: read application installation kit from order, resolve and obtain file to be downloaded ID and document control parameter information from application installation kit;
This step is specially: from the APDU order receiving, read application installation kit (NEF file), obtain document control parameter information (FCP) and file to be downloaded ID from NEF file.
Step 105: the system registry in index card, judge whether to deposit the file ID consistent with described file to be downloaded ID, be to perform step 108, otherwise execution step 106;
Step 106: create application file according to described document control parameter information in card, using described file to be downloaded ID, in the file ID of application file creating adds card in system registry, and file identification state to be set to the application file of establishment be not registered state;
Concrete, in card, create application file according to the FCP obtaining from application installation kit.
Step 107: generate and comprise the application file establishment command response data that create successful information, then perform step 109;
For example, it is 90 00 that the application file that this step generates creates command response data.
Step 108: generate and comprise the application file establishment command response data that create failure information, then perform step 109;
For example, it is 00 00 that the application file that this step generates creates command response data.
Step 109: return to application file to terminal and create command response data, then return to step 102;
Step 110: resolve command is obtained file ID and application ID to be registered;
For example, the described application log-in command that smart card receives is
80 e6 0c 00 52 08 a0 00 00 00 62 32 22 14 09 a0 00 00 00 62 32 22 1,401 30 e7 38 01 be 30 c9 de 84 f8 c5 ef 45 cc ec 20 56 6d 30 a2 08 42 6,018 28 04 eb 1f 1d 69 c3 86 2e 7c 00 94 1f 96 94 af 41 dd cd 40 06 59 f6db 01 08 a0 00 00 00 62 32 22 14 01, the length that obtains file ID according to the 6th byte is 8 bytes, so the file ID that resolve command gets is a0 00 00 00 62 32 22 14.
Step 111: the application registry in index card, judge whether to exist described application ID to be registered, be to perform step 127, otherwise execution step 112;
Step 112: judge the type of the application that will register according to file ID, if security domain application performs step 113, if the application of non-security territory performs step 129;
Concrete, in card, find the application file corresponding with it according to file ID, in the content of application file, inquire about application file category information, judge according to application file category information whether files classes have inherited SecurityDomain class, be that the application that will register is security domain application, otherwise the application that will register is non-security domain application.
Step 113: resolve command obtains the application ID of ballot paper information ciphertext and the application of ballot paper ownership;
Concrete, in described ballot paper information ciphertext, be surrounded by application ID, the ballot paper type of security domain application to be registered, the term of validity, the ballot paper authority information etc. of ballot paper.
For example, the application log-in command that smart card receives is 80 e6 0c 00 52 08 a0 00 00 00 6,232 22 14 09 a0 00 00 00 62 32 22 14 01 30 e7 38 01 be 30 c9 de 84 f8 c5ef 45 cc ec 20 56 6d 30 a2 08 42 60 18 28 04 eb 1f 1d 69 c3 86 2e 7c 0094 1f 96 94 af 41 dd cd 40 06 59 f6 db 01 08 a0 00 00 00 62 32 22 14 01, obtaining ballot paper information ciphertext length according to the 25th byte of order is 30 bytes, its value is e7 38 01 be 30c9 de 84 f8 c5 ef 45 cc ec 20 56 6d 30 a2 08 42 60 18 28 04 eb 1f 1d 6,9c3 86 2e 7c 00 94 1f 96 94 af 41 dd cd 40 06 59 f6 db 01, after ballot paper information ciphertext is the length of the application ID of ballot paper ownership application, be that length is 8 bytes, its value is a0 00 0,000 62 32 22 14 01.
Step 114: judging the application ID that whether has the application of described ballot paper ownership in the ballot paper source list in card, is to perform step 127, otherwise execution step 115;
Preferably, before step 114, also comprise: in smart card index card, whether have ballot paper counter and the ballot paper source list corresponding with described application ID to be registered, to perform step 114, otherwise in card, create counter and ballot paper source list that described application ID to be registered is corresponding, execution step 115.
Step 115: find the application of ballot paper ownership according to the application ID of ballot paper ownership application, ballot paper information ciphertext is passed to the ticket checking interface of described ballot paper ownership application;
Concrete, be a0 00 00 00 62 32 22 14 01 according to the application ID of ballot paper ownership application, find the application corresponding with it, and find the verifyVotes ticket checking interface of this application correspondence, ballot paper information exchange is crossed to parameter and passed to the ticket checking power function of verifyVotes.
Described ticket checking power function is for using in advance the ballot paper PKI preserved to obtain application ID, the ballot paper identifier of security domain application to be registered, the term of validity, the ballot paper authority information etc. of ballot paper to described ballot paper decrypts information, for verifying the term of validity of ballot paper and the application ID of security domain to be registered application, and generate ticket checking result, generate return data according to ticket checking result, ballot paper identifier and ballot paper authority information.
The term of validity of described checking ballot paper is specially checking and deciphers whether the term of validity of the ballot paper getting is the time limit of making an appointment, and be that the ticket checking result generating is ticket checking success, otherwise the ticket checking result generating is ticket checking failure; Whether the application ID to be registered getting during the application ID that the application ID of described checking security domain to be registered application is specially the security domain application to be registered that checking deciphering gets orders with step 110 is consistent, be that the ticket checking result generating is ticket checking success, otherwise the ticket checking result generating is ticket checking failure.
Step 116: judging whether that according to the return data of ticket checking interface ticket checking passes through, is to perform step 117, otherwise execution step 127;
Concrete, judge whether that according to the ticket checking result comprising in return data ticket checking passes through, be to perform step 117, otherwise execution step 127.
Step 117: obtain ballot paper identifier and ballot paper authority information from described return data;
Step 118: judge ballot paper type according to ballot paper identifier, if affirmative vote performs step 119, if negative vote performs step 120;
Step 119: the count value of ballot paper counter is added to 1, increase the application ID of described ballot paper ownership application in ballot paper source list, then perform step 121;
Step 120: increase the application ID of described ballot paper ownership application in ballot paper source list, then perform step 127;
Step 121: judge whether current count value reaches preset value, is to perform step 122, otherwise execution step 128;
Concrete, if current count value reaches preset value, agree ticket and meet default poll, execution step 122, otherwise do not meet execution step 128.
Step 122: increase described application ID to be registered in application registry, and create application corresponding to described application ID to be registered in card, empty ballot paper source list, by ballot paper counter O reset;
Concrete, the content of described application includes ballot paper attribute.
Step 123: judge according to ballot paper authority information whether security domain application to be registered has ballot paper power, is to perform step 124, otherwise execution step 125;
Step 124: ballot paper attribute that described application comprises is set for there being ballot paper power, then performs step 126;
Step 125: ballot paper attribute that described application comprises is set for without ballot paper power, then performs step 126;
Step 126: generate the application log-in command response data that comprises the information of succeeding in registration, then perform step 135;
Step 127: generate the application log-in command response data that comprises registration failure information, then perform step 135;
Step 128: generate the application log-in command response data that comprises current count value, then perform step 135;
Step 129: resolve command is obtained signature file;
Step 130: whether legal according to signature file checking application source, be to perform step 131, otherwise execution step 134;
Step 131: increase described application ID to be registered in application registry, and create application corresponding to described application ID to be registered in card;
Concrete, this step also comprises the application ID that the security domain application that application to be registered belongs to is set.
Step 132: the file identification state that the application file that described application ID to be registered is corresponding is set is login state;
Step 133: generate the application log-in command response data that comprises the information of succeeding in registration, then perform step 135;
Step 134: generate the application log-in command response data that comprises registration failure information, then perform step 135;
Step 135: return to application log-in command response data to terminal, then return to step 102;
Step 136: resolve command is obtained application ID;
Step 137: retrieve application registration table, judge whether to exist described application ID, be to perform step 138, otherwise execution step 144;
Step 138: resolve command is obtained file ID, according to file ID, the type of the application of registration is moved back in judgement, if security domain application performs step 139, if the application of non-security territory performs step 141;
Concrete, in card, find the application file corresponding with it according to file ID, in the content of application file, inquire about application file category information, judge according to application file category information whether files classes have inherited SecurityDomain class, be that the application of moving back registration is security domain application, otherwise the application of moving back registration is non-security domain application.
Step 139: judging under the security domain of the application ownership that described application ID is corresponding, whether have other application, is to perform step 144, otherwise execution step 140;
Concrete, find the application corresponding with it according to described application ID, the ID of the security domain application belonging to according to this application set in step 131 finds corresponding security domain application, by searching the attribute of the lower all application of this security domain application, judge whether to belong to other application under this security domain application, can not move back registration if having, execution step 144, if without moving back registration, execution step 140.
Step 140: delete described application ID in application registry, delete the application corresponding with described application ID in card, then perform step 143;
Step 141: delete described application ID in application registry, delete the application corresponding with described application ID in card;
Step 142: the file identification state that the application file that described application ID is corresponding is set is not registered state;
Step 143: generate and comprise the application log-in command response data of moving back the information of succeeding in registration, then perform step 145;
Step 144: generate and comprise the application log-in command response data of moving back registration failure information, then perform step 145;
Step 145: return to application to terminal and move back log-in command response data, then return to step 102;
Step 146: resolve command is obtained file ID;
Step 147: system registry in index card, judge whether to exist described file ID, be to perform step 148, otherwise execution step 151;
Step 148: whether the file identification state that judges the application file that described file ID is corresponding is not registered state, is to perform step 149, otherwise execution step 151;
Step 149: delete described file ID in system registry in card, and delete the application file that described file ID is corresponding;
Step 150: generate and comprise the application file delete command response data of deleting successful information, then perform step 152;
Step 151: generate and comprise the application file delete command response data of deleting failure information, then perform step 152;
Step 152: return to application file delete command response data to terminal, then return to step 102.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited to this, any be familiar with those skilled in the art the present invention disclose technical scope in; can expect easily changing or replacing, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should described be as the criterion with the protection range of claim.
Claims (12)
1. a generation method for security domain on smart card, is characterized in that, described method comprises:
Step S1: smart card is connected with terminal, sets up escape way;
Step S2: smart card waits for that receiving terminal sends order;
In the time that smart card receives order that terminal issues for application log-in command, resolve described application log-in command and obtain file ID and application ID to be registered, application registry in index card, judge whether to exist described application ID to be registered, be generate the application log-in command response data that comprises registration failure information and return to terminal, then return to execution step S2; Otherwise learn the registration of carrying out the application of non-security territory while being applied as the application of non-security territory to be registered according to described file ID, learn to be registeredly while being applied as security domain application according to described file ID, A is to step F for execution step;
Steps A: resolve described application log-in command and obtain the application ID of ballot paper information ciphertext and the application of ballot paper ownership, and find ballot paper counter and the ballot paper source list corresponding with described application ID to be registered in card;
Step B: the application ID that whether has the application of described ballot paper ownership in the ballot paper source list corresponding with described application ID to be registered that judgement is found, generate the application log-in command response data that comprises registration failure information and return to terminal, then return to execution step S2, otherwise execution step C;
Step C: find the application of ballot paper ownership according to the application ID of described ballot paper ownership application, described ballot paper information ciphertext is passed to the ticket checking interface of described ballot paper ownership application, and obtain the return data of ticket checking interface;
Step D: obtain ballot paper identifier and ballot paper authority information from described return data, judge ballot paper type according to described ballot paper identifier, if affirmative vote performs step E, if negative vote increases the application ID of described ballot paper ownership application in the registration table of described ballot paper source, the application log-in command response data that generation comprises registration failure information also returns to terminal, then returns to execution step S2;
Step e: the count value of upgrading described ballot paper counter, in described ballot paper source list, increase the application ID of described ballot paper ownership application, judge whether the count value after upgrading reaches preset value, to perform step F, otherwise generate the application log-in command response data that comprises current count value and return to terminal, then returning to execution step S2;
Step F: increase described application ID to be registered in described application registry, and create application corresponding to described application ID to be registered in card, empty ballot paper source list, by ballot paper counter O reset; Judge according to described ballot paper authority information whether security domain application to be registered has ballot paper power, ballot paper attribute that described application comprises to be set for there being ballot paper power, the application log-in command response data that generation comprises the information of succeeding in registration also returns to terminal, then returns to execution step S2; Otherwise ballot paper attribute that described application comprises is set for without ballot paper power, generates the application log-in command response data that comprises the information of succeeding in registration and also return to terminal, then return to execution step S2.
2. the generation method of security domain on smart card as claimed in claim 1, it is characterized in that: describedly learn and to be registered be applied as security domain application and be specially according to described file ID, in card, find the application file corresponding with it according to described file ID, in the content of application file, inquire about application file category information, judge according to application file category information whether files classes have inherited SecurityDomain class, be to learn that application to be registered is security domain application, otherwise application to be registered is non-security domain application.
3. the generation method of security domain on smart card as claimed in claim 1, it is characterized in that: in described steps A, also comprise: in index card, whether have ballot paper counter and the ballot paper source list corresponding with described application ID to be registered, in card, to have found ballot paper counter and the ballot paper source list corresponding with described application ID to be registered, execution step B; Otherwise in card, create ballot paper counter and ballot paper source list that described application ID to be registered is corresponding, execution step C.
4. the generation method of security domain on smart card as claimed in claim 1, is characterized in that: the application ID, ballot paper identifier, the term of validity of ballot paper, the ballot paper authority information that in described ballot paper information ciphertext, include security domain application to be registered.
5. the generation method of security domain on smart card as claimed in claim 1, it is characterized in that: before described step D, also comprise, judge whether that according to the return data of ticket checking interface ticket checking passes through, to perform step D, otherwise generate the application log-in command response data that comprises registration failure information and return to terminal, then returning to execution step S2.
6. the generation method of security domain on smart card as claimed in claim 5, it is characterized in that: described ticket checking interface is for using the ballot paper PKI of preserving in advance described ballot paper information ciphertext to be decrypted to the application ID, ballot paper identifier, the term of validity of ballot paper, the ballot paper authority information that obtain security domain application to be registered, for verifying the term of validity of ballot paper, and generating ticket checking result, application ID, ballot paper authority information and the ballot paper identifier of the security domain application to be registered obtaining according to ticket checking result, deciphering form return data.
7. the generation method of security domain on smart card as claimed in claim 6, it is characterized in that: the described return data according to ticket checking interface judges whether that ticket checking is by being specially: judge whether described return data meets pre-conditioned, be that ticket checking is passed through, otherwise ticket checking is not passed through; Described pre-conditioned for the ticket checking result comprising in described return data be successfully and the application ID of the security domain application described to be registered that comprises in described return data and smart card to resolve the application ID described to be registered that described application log-in command obtains consistent.
8. the generation method of security domain on smart card as claimed in claim 1, is characterized in that: the order that the terminal that described smart card receives issues is APDU order, and described smart card is according to second of described APDU order and the type of the 3rd byte judgement order.
9. the generation method of security domain on smart card as claimed in claim 1, it is characterized in that: described method also comprises, describedly learn the registration of carrying out the application of non-security territory while being applied as the application of non-security territory to be registered according to the file ID comprising in described application log-in command, comprise execution step a and step b;
Step a: resolve described application log-in command and obtain signature file and application ID to be registered, whether legal according to described signature file checking application source, to perform step b, otherwise generate the application log-in command response data that comprises registration failure information and return to terminal, then return to execution step S2;
Step b: increase described application ID to be registered in application registry, and create application corresponding to described application ID to be registered in card; The file identification state that the application file that described application ID to be registered is corresponding is set is login state, generates the application log-in command response data that comprises the information of succeeding in registration and returns to terminal, then returns to execution step S2.
10. the generation method of security domain on smart card as claimed in claim 1, is characterized in that: described method also comprises, in the time that smart card receives order that terminal issues and moves back log-in command for application, c is to step e for execution step;
Step c: resolve described application and move back log-in command and obtain application ID and file ID, retrieve application registration table, judge whether to exist the described application ID getting, to perform step d, comprise the application of moving back registration failure information and move back log-in command response data and return to terminal otherwise generate, then return to execution step S2;
Steps d: the type of moving back the application of registration according to the described file ID judgement of obtaining, if security domain application performs step e, if the described application ID obtaining is deleted in the application of non-security territory in application registry, in card, delete the application corresponding with described application ID, the file identification state that the application file that described application ID is corresponding is set is not registered state, generation comprises the application of moving back the information of succeeding in registration moves back log-in command response data and returns to terminal, then returns to execution step S2;
Step e: judging under the security domain of the application ownership that described application ID is corresponding, whether have other application, is to generate to comprise the application of moving back registration failure information and move back log-in command response data and return to terminal, then returns to execution step S2; Otherwise in application registry, delete described application ID, delete the application corresponding with described application ID in card, generation comprises the application of moving back the information of succeeding in registration moves back log-in command response data and returns to terminal, then returns and performs step S2.
11. generation methods of security domain on smart card as claimed in claim 1, it is characterized in that: described method also comprises, be that application file is while creating order when smart card receives order that terminal issues, create order and read application installation kit from described application file, from described application installation kit, resolve and obtain file to be downloaded ID and document control parameter information; System registry in index card, judges whether to have the file ID consistent with described file to be downloaded ID, is to generate to comprise create the application file establishment command response data of failure information and return to terminal, then returns to execution step S2; Otherwise in card, create application file according to described document control parameter information, add to described file to be downloaded ID as the file ID of the application file creating in the interior system registry of card, and giving the application file creating, file identification state is set is not registered state, generation comprises the application file that creates successful information and creates command response data and return to terminal, then returns to execution step S2.
12. generation methods of security domain on smart card as claimed in claim 11, is characterized in that: described method also comprises, in the time that smart card receives order that terminal issues and is application file delete command, and execution step f and step g;
Step f: resolve described application file delete command and obtain file ID, system registry in index card, judges whether to exist described file ID, is to perform step g, comprise the application file delete command response data of deleting failure information and return to terminal otherwise generate, then perform step S2;
Step g: whether the file identification state that judges the application file that the described file ID that obtains is corresponding is not registered state, in card, in system registry, to delete described file ID, and delete the application file that described file ID is corresponding, generation comprises the application file delete command response data of deleting successful information and returns to terminal, then return to execution step S2, comprise the application file delete command response data of deleting failure information and return to terminal otherwise generate, then return and perform step S2.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410306820.3A CN104092546B (en) | 2014-06-30 | 2014-06-30 | The generation method of security domain on smart card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410306820.3A CN104092546B (en) | 2014-06-30 | 2014-06-30 | The generation method of security domain on smart card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104092546A true CN104092546A (en) | 2014-10-08 |
| CN104092546B CN104092546B (en) | 2017-07-14 |
Family
ID=51640228
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410306820.3A Active CN104092546B (en) | 2014-06-30 | 2014-06-30 | The generation method of security domain on smart card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104092546B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102025710A (en) * | 2009-09-11 | 2011-04-20 | 中国银联股份有限公司 | Multi-application intelligent card and intelligent card multi-application management system and method |
| CN102801705A (en) * | 2012-06-25 | 2012-11-28 | 飞天诚信科技股份有限公司 | Realization method for security domain on java card |
| CN103218560A (en) * | 2013-04-25 | 2013-07-24 | 飞天诚信科技股份有限公司 | Method of realizing card data management |
| CN103473093A (en) * | 2013-09-05 | 2013-12-25 | 飞天诚信科技股份有限公司 | Method of managing applications in card |
-
2014
- 2014-06-30 CN CN201410306820.3A patent/CN104092546B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102025710A (en) * | 2009-09-11 | 2011-04-20 | 中国银联股份有限公司 | Multi-application intelligent card and intelligent card multi-application management system and method |
| CN102801705A (en) * | 2012-06-25 | 2012-11-28 | 飞天诚信科技股份有限公司 | Realization method for security domain on java card |
| CN103218560A (en) * | 2013-04-25 | 2013-07-24 | 飞天诚信科技股份有限公司 | Method of realizing card data management |
| CN103473093A (en) * | 2013-09-05 | 2013-12-25 | 飞天诚信科技股份有限公司 | Method of managing applications in card |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104092546B (en) | 2017-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10691793B2 (en) | Performance of distributed system functions using a trusted execution environment | |
| US10158615B2 (en) | Location-enforced data management in complex multi-region computing | |
| EP2988470B1 (en) | Automatic purposed-application creation | |
| US10587415B2 (en) | Systems and methods for controlling email access | |
| EP3178221B1 (en) | Device identification in service authorization | |
| US9124582B2 (en) | Mobile security fob | |
| CN103685267B (en) | Data access method and device | |
| US20180145940A1 (en) | Systems and methods for controlling email access | |
| EP3337219B1 (en) | Carrier configuration processing method, device and system, and computer storage medium | |
| US8832785B2 (en) | Systems and methods for controlling email access | |
| US20210152545A1 (en) | Systems and methods for authenticating device through iot cloud using hardware security module | |
| EP2692157B1 (en) | Method and apparatus for updating a data storage medium application | |
| DE102016200382A1 (en) | A method of verifying a security rating of a first device using a digital certificate, first and second devices, and a certificate issuing device | |
| CN105049546B (en) | A kind of Dynamic Host Configuration Protocol server is the method and device of client distribution IP address | |
| CN105612731A (en) | Roaming internet-accessible application state across trusted and untrusted platforms | |
| DE102014204589A1 (en) | PROCESS AND APPARATUS FOR APPROVING FOR TRANSFERRING SAFE DATA | |
| CN103442012A (en) | Method and device for realizing subscription information transfer between devices of Internet of things | |
| CN111212027A (en) | Network security verification method and device based on enterprise browser | |
| CN111090616B (en) | File management method, corresponding device, equipment and storage medium | |
| DE102012016164A1 (en) | Security element and method for installing data in the security element | |
| CN106878252A (en) | Foundation is exempted from the method for close login relation, removes the method and its device of account | |
| CN103049693B (en) | Method, Apparatus and system that a kind of application program uses | |
| CN104092546A (en) | Method for generating safety domain on intelligent card | |
| CN115564438A (en) | Block chain-based digital resource processing method, device, equipment and storage medium | |
| EP3975015B1 (en) | Applet package sending method and device and computer readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |