CN105208558B - Realize method, mobile phone terminal, platform and the system of mobile phone card application secure accessing - Google Patents
Realize method, mobile phone terminal, platform and the system of mobile phone card application secure accessing Download PDFInfo
- Publication number
- CN105208558B CN105208558B CN201410277808.4A CN201410277808A CN105208558B CN 105208558 B CN105208558 B CN 105208558B CN 201410277808 A CN201410277808 A CN 201410277808A CN 105208558 B CN105208558 B CN 105208558B
- Authority
- CN
- China
- Prior art keywords
- mobile phone
- request
- aid
- access
- card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses method, mobile phone terminal, platform and the systems of realizing mobile phone card application secure accessing.The platform includes: receiving unit, the AID request that the security middleware for receiving mobile phone terminal is sent;Judging result for judging whether the AID request is the request for allowing to access, and is returned to the security middleware of the mobile phone terminal by judging unit.If it is the request for allowing to access, then mobile phone terminal allows the security domain of card applications client access mobile phone card.Otherwise, the security domain of mobile phone card cannot be accessed.This improves the safeties of mobile phone card application access.
Description
Technical field
The present invention relates to communication and mobile Internet field, more particularly to realize mobile phone card application secure accessing method,
Mobile phone terminal, platform and system.
Background technique
The Open Mobile API that SIM Alliance is proposed can be used to make NFC-SWP (Single Wire
Protocol, single thread agreement) mobile phone various applications clients access mobile phone in a variety of different SE (such as SWP-SIM card
With embedded SE).
As the card issuer of SWP-SIM card, active control access control rule is needed, to guarantee the safety of SE.SWP-
Other card applications of SIM card can directly obtain corresponding after the rule match that the corresponding client of mobile phone passes through ACE
The access mandate of SWP-SIM card application.
In rule match process, mobile phone operating system is responsible for obtaining client digital certificate, once operating system occurs
The security breaches of problem, certificate acquisition will be present, and the important information of user may be by security threat.
When multiple applications clients send AID (AccessID, access ID) request rule match simultaneously, due to ACE with
The number of channels of SIM Access API is limited, may cause the AC efficiency reduction that card issuer blocks application.
Summary of the invention
The technical problem to be solved by the present invention is to improve the safety of mobile phone card application access.
According to an aspect of the present invention, a kind of mobile phone terminal for realizing mobile phone card application secure accessing is proposed, comprising:
Card applications client, for sending access ID (AID) request to security middleware;
Security middleware, for AID request to be sent to platform, being judged whether it is by the platform allows access
The AID is requested to encapsulate, and be transmitted to access and connect by request if it is, receiving the AID request of card applications client
Mouthful, otherwise, do not forward;
Access interface for AID request to be transmitted to AC controller, and receives the matching that the AC controller returns
As a result, allowing the safety of the card applications client access mobile phone card if matching result shows to receive the AID request
Otherwise domain cannot access the security domain of mobile phone card;
AC controller, is requested for receiving the AID, obtains the card applications client certificate from mobile phone operating system,
Rule match is carried out, and returns to matching result to the access interface.
Further, AID request is encrypted, is encapsulated by the security middleware, and is transmitted to the access interface;
The AC controller receives the AID request from the access interface, and requests the AID to carry out rule
Match, wherein the rule is encryption rule.
Further, the AC controller checks the update mark in the file system of mobile phone card, if the update indicates
Show there is more new content, then obtains updated rule, and rule match is carried out according to updated rule;If the update
Mark shows without more new content, then carries out rule match according to previously stored rule.
According to an aspect of the present invention, a kind of platform for realizing mobile phone card application secure accessing is proposed, comprising:
Receiving unit, the AID request that the security middleware for receiving mobile phone terminal is sent;
Judging result for judging whether the AID request is the request for allowing to access, and is returned to institute by judging unit
State the security middleware of mobile phone terminal;
Wherein, the security middleware of the mobile phone terminal decides whether that the AID is forwarded to request according to the judging result.
Further, issuance unit, for issuing matching rule to mobile phone card;
Wherein, the matching rule of the mobile phone card sends the AC controller of the mobile phone terminal to, by the AC controller
Rule match is carried out according to the rule.
According to an aspect of the present invention, a kind of system for realizing mobile phone card application secure accessing, including any of the above-described institute are proposed
State mobile phone terminal and any of the above-described platform.
According to an aspect of the present invention, a kind of method for realizing mobile phone card application secure accessing is proposed, comprising:
The card applications client of mobile phone terminal sends AID request to the security middleware of mobile phone terminal;
AID request is sent to platform by the security middleware, and being judged whether it is by the platform allows access
The AID is requested to encapsulate, and be transmitted to access and connect by request if it is, receiving the AID request of card applications client
Mouthful, otherwise, do not forward;
AID request is transmitted to the AC controller of mobile phone terminal by the access interface of mobile phone terminal;
The AC controller receives the AID request, obtains the card applications client certificate from mobile phone operating system, into
Line discipline matching, and matching result is returned to the access interface, if matching result shows to receive the AID request, permit
Perhaps otherwise the security domain of the described card applications client access mobile phone card cannot access the security domain of mobile phone card.
Further, AID request is encrypted, is encapsulated by the security middleware, and is transmitted to the access interface;
The AC controller receives the AID request from the access interface, and requests the AID to carry out rule
Match, wherein the rule is encryption rule.
Further, the AC controller checks the update mark in the file system of mobile phone card, if the update indicates
Show there is more new content, then obtains updated rule, and rule match is carried out according to updated rule;If the update
Mark shows without more new content, then carries out rule match according to previously stored rule.
According to an aspect of the present invention, a kind of method for realizing mobile phone card application secure accessing is proposed, comprising:
The AID request that the security middleware that platform receives mobile phone terminal is sent;
The platform judges whether the AID request is the request for allowing to access, and judging result is returned to the hand
The security middleware of machine terminal;
Wherein, the security middleware of the mobile phone terminal decides whether that the AID is forwarded to request according to the judging result.
In the present invention, AID request is transmitted to platform by security middleware, and platform judges whether AID request is to allow to visit
The request asked, if it is the request for allowing to access, then mobile phone terminal allows the security domain of card applications client access mobile phone card.It is no
Then, the security domain of mobile phone card cannot be accessed.It is not to be requested directly in response to the AID and card applications client is allowed to access mobile phone card.
This improves the safeties of mobile phone card application access.
By referring to the drawings to the detailed description of exemplary embodiment of the present invention, other feature of the invention and its
Advantage will become apparent.
Detailed description of the invention
The attached drawing for constituting part of specification describes the embodiment of the present invention, and together with the description for solving
Release the principle of the present invention.
The present invention can be more clearly understood according to following detailed description referring to attached drawing, in which:
Fig. 1 is a kind of structure chart of system for realizing mobile phone card application secure accessing.
Fig. 2 is a kind of structure chart of mobile phone terminal for realizing mobile phone card application secure accessing.
Fig. 3 is a kind of structure chart of platform for realizing mobile phone card application secure accessing.
Fig. 4 is a kind of structure chart of the embodiment of system for realizing mobile phone card application secure accessing.
Fig. 5 is a kind of method flow schematic diagram for realizing mobile phone card application secure accessing.
Fig. 6 is a kind of method flow schematic diagram for realizing mobile phone card application secure accessing.
Specific embodiment
Carry out the various exemplary embodiments of detailed description of the present invention now with reference to attached drawing.It should also be noted that unless in addition having
Body explanation, the unlimited system of component and the positioned opposite of step, numerical expression and the numerical value otherwise illustrated in these embodiments is originally
The range of invention.
Simultaneously, it should be appreciated that for ease of description, the size of various pieces shown in attached drawing is not according to reality
Proportionate relationship draw.
Be to the description only actually of at least one exemplary embodiment below it is illustrative, never as to the present invention
And its application or any restrictions used.
Technology, method and apparatus known to person of ordinary skill in the relevant may be not discussed in detail, but suitable
In the case of, the technology, method and apparatus should be considered as authorizing part of specification.
It is shown here and discuss all examples in, any occurrence should be construed as merely illustratively, without
It is as limitation.Therefore, the other examples of exemplary embodiment can have different values.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined in a attached drawing, then in subsequent attached drawing does not need that it is further discussed.
Present invention seek to address that operating system security breaches that may be present in NFC mobile phone, are answered so as to cause SWP-SIM card
With the security hidden trouble of the access control to SE, by being added in safety between cell phone client and SIM Access API
Between part, realize the safety that mobile phone card application access is improved to the multi-stage protection of the secure access of SE in SWP-SIM.
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with specific embodiment, and reference
Attached drawing, the present invention is described in more detail.
Fig. 1 is a kind of structure chart of system for realizing mobile phone card application secure accessing.The system include mobile phone terminal 110 with
And platform 120.Wherein, platform 120 is network side platform, e.g. TSM platform.The system includes e.g. NFC mobile phone and TSM
Platform, be related to NFC mobile phone UICC (Universal Integrated Circuit Card) or UIM (subscriber identification module) card application client software with
The secure access technology of TSM platform can be used for the business realizing system of NFC mobile phone wallet.
Mobile phone terminal 110 installs at least one card applications client, and the AID request of the card applications client is transmitted to platform
120, judge whether AID request is the request for allowing to access through platform 120, if it is, allowing the card applications client
Mobile phone card is accessed, for example, the security domain of SWP-SIM card.
In this embodiment, it first passes through platform 120 to judge AID request, is not to request and permit directly in response to the AID
Perhaps card applications client accesses mobile phone card.This improves the safeties of mobile phone card application access.Including improving to user information
Safety assurance, especially guarantee user sensitive information safe transmission.
In addition, AID request is judged by platform, also matching rule is managed and is issued by platform, etc..
It embodies and embodies operator to the control ability of card space.Transaction data etc. can also be thus controlled, to the usage behavior of user
It is for statistical analysis, to control mobile phone card, card applications client etc..
Below in conjunction with the drawings and specific embodiments, the present invention will be further described.
Fig. 2 is a kind of structure chart of mobile phone terminal for realizing mobile phone card application secure accessing.The mobile phone terminal 110 includes card
Applications client 210, security middleware 220, access interface 230 and AC controller 240.
Card applications client 210 is used to send access ID (AID) request to security middleware 220.
Security middleware 220 is used to AID request being sent to platform, and the request for allowing to access is judged whether it is by platform.
If it is, receiving the AID request of card applications client, AID is requested to encapsulate by security middleware, and is transmitted to access interface,
Such as otherwise SIM Access API is not forwarded.
Access interface 230 is used to AID request being transmitted to AC controller 240, and receives that the AC controller returns
With as a result, allowing the safety of the card applications client access mobile phone card if matching result shows to receive the AID request
Otherwise domain cannot access the security domain of mobile phone card.
AC controller 240 obtains card applications client card for receiving the AID request, from mobile phone operating system (OS)
Book carries out rule match, and returns to matching result to access interface, which is, for example, to receive AID request or refusal
AID request.If receiving AID request, card applications client accesses the security domain of mobile phone card by access interface.Otherwise, no
The security domain of mobile phone card can be accessed.
Wherein, rule match operation is the normal process of secure access access control, it then follows international standard Global
Platform。
In this embodiment, AID request is transmitted to platform by security middleware, and platform judges whether AID request is fair
Perhaps the request accessed, if it is the request for allowing to access, then mobile phone terminal allows the safety of card applications client access mobile phone card
Domain.Otherwise, the security domain of mobile phone card cannot be accessed.This improves the safeties of mobile phone card application access.
Further, since AID request is issued platform by security middleware, and according to the rule after the result progress of platform return
Then match.Wherein, security middleware or platform can request multiple AID to carry out queuing control.Therefore, even if having multiple
Card applications client sends AID request simultaneously, will not be limited due to the number of channels of ACE and SIM Access API, may
The AC efficiency that caused card issuer blocks application reduces.
In an alternative embodiment of the invention, if platform judgement is the request for allowing to access, by security middleware to this
AID request is encrypted, and is transmitted to access interface, for example, SIMAccess API.The AC controller connects from described
The mouth reception AID request, and the AID is requested to carry out rule match, wherein it is described regular for encryption rule.Wherein plus
Hash or other algorithms may be selected in close algorithm, can be managed by platform (such as TSM platform) or cloud, real by two-way http protocol
It is existing.Therefore, by carrying out cryptographic operation for the request for allowing to access, safety is further improved.
In an alternative embodiment of the invention, AC controller checks in the file system of mobile phone card (such as SWP-SIM card)
Mark is updated, if updating mark shows there is more new content, obtains updated rule, and carry out according to updated rule
Rule match.If updating mark to show without more new content, rule match is carried out according to previously stored rule.Wherein,
Rule includes the rule of unencryption and the rule of encryption.File system mentioned here is, for example, PKCS#15 file system.
Fig. 3 is a kind of structure chart of platform for realizing mobile phone card application secure accessing.The platform 120 includes receiving unit
310 and judging unit 320.
The AID request that the security middleware that receiving unit 310 is used to receive mobile phone terminal is sent.
Judging unit 320 is used to judge whether the AID request to be the request for allowing to access, and judging result is returned to
The security middleware of the mobile phone terminal.
Wherein, the security middleware of the mobile phone terminal decides whether that the AID is forwarded to request according to the judging result.
In this embodiment, platform judges whether the AID request that mobile phone terminal is sent is the request for allowing to access, if it is
Allow the request accessed, then mobile phone terminal allows the security domain of card applications client access mobile phone card.Otherwise, mobile phone cannot be accessed
The security domain of card.This improves the safeties of mobile phone card application access.
Further, since AID request is issued platform by security middleware, and according to the rule after the result progress of platform return
Then match.Wherein, security middleware or platform can request multiple AID to carry out queuing control.Therefore, even if having multiple
Card applications client sends AID request simultaneously, will not be limited due to the number of channels of ACE and SIM Access API, may
The AC efficiency that caused card issuer blocks application reduces.
In an alternative embodiment of the invention, platform further includes issuance unit 230, for issuing matching rule to mobile phone card.
Wherein, the matching rule of the mobile phone card sends the AC controller of the mobile phone terminal to, as the AC controller according to
Rule carries out rule match.
Fig. 4 is a kind of structure chart of the embodiment of system for realizing mobile phone card application secure accessing.
Card applications client sends AID request to security middleware.
AID request is sent to TSM platform by security middleware, the request for allowing to access is judged whether it is by TSM platform, such as
Fruit is the AID request for then receiving card applications client, and AID is requested to encapsulate by security middleware, and is transmitted to SIM Access
Otherwise API is not forwarded.
AID request is transmitted to AC controller by SIM Access API.
AC controller obtains card applications client certificate from mobile phone operating system (OS).AC controller checks SWP-SIM card
PKCS#15 file system in update mark, if update mark show there is more new content, obtain updated rule,
And rule match is carried out according to updated rule.If updating mark to show without more new content, according to previously stored
Rule carries out rule match.
AC controller returns to matching result to SIM Access API, which is to receive AID request or refusal
AID request.If receiving AID request, card applications client passes through the safety of SIM Access API Access SWP-SIM card
Domain.Otherwise, the security domain of SWP-SIM card cannot be accessed.
In the embodiment, AID request is transmitted to TSM platform by security middleware, and whether TSM platform judges AID request
To allow the request accessed, if it is the request for allowing to access, then mobile phone terminal allows card applications client to access SWP-SIM card
Security domain.Otherwise, the security domain of SWP-SIM card cannot be accessed.It is not to be requested directly in response to the AID and allow card application client
End access SWP-SIM card.This improves the safeties of SWP-SIM card application access.
Fig. 5 is a kind of method flow schematic diagram for realizing mobile phone card application secure accessing.Method includes the following steps:
AID request is sent to the security middleware of mobile phone terminal in the card applications client of step 510, mobile phone terminal.
In step 520, AID request is sent to platform, is judged whether it is by the platform by the security middleware
The request accessed is allowed otherwise, not forward if so, thening follow the steps 530.
In step 530, receives the AID request of card applications client, the AID is requested to encapsulate, and be transmitted to and connect
Incoming interface.
In step 540, AID request is transmitted to the AC controller of mobile phone terminal by the access interface of mobile phone terminal.
In step 550, the AC controller receives the AID request, obtains the card application visitor from mobile phone operating system
Family end certificate carries out rule match, and returns to matching result to the access interface.If matching result shows described in receiving
AID request then allows the security domain of the card applications client access mobile phone card otherwise cannot access the security domain of mobile phone card.
Wherein, the matching rule that AC controller receiving platform issues, and rule match is carried out according to the rule.
In this embodiment, AID request is transmitted to platform by security middleware, and platform judges whether AID request is fair
Perhaps the request accessed, if it is the request for allowing to access, then mobile phone terminal allows the safety of card applications client access mobile phone card
Domain.Otherwise, the security domain of mobile phone card cannot be accessed.This improves the safeties of mobile phone card application access.
Further, since AID request is issued platform by security middleware, and according to the rule after the result progress of platform return
Then match.Wherein, security middleware or platform can request multiple AID to carry out queuing control.Therefore, even if having multiple
Card applications client sends AID request simultaneously, will not be limited due to the number of channels of ACE and SIM Access API, may
The AC efficiency that caused card issuer blocks application reduces.
In an alternative embodiment of the invention, if platform judgement is the request for allowing to access,
Include following operation in step 530:
The AID request for receiving card applications client encrypts AID request by security middleware, is encapsulated, and
It is transmitted to access interface.
Include following operation in step 550:
The AC controller receives the AID request, obtains the card applications client certificate from mobile phone operating system, right
The AID request carries out rule match, wherein the rule is encryption rule, and returns to matching result to the access interface.
Wherein hash or other algorithms may be selected in Encryption Algorithm, can be managed by platform (such as TSM platform) or cloud, pass through two-way HTTP
Protocol realization.
In this embodiment, by carrying out cryptographic operation for the request for allowing to access, safety is further improved.
In an alternative embodiment of the invention, the operation of rule match is carried out in step 550 are as follows:
AC controller checks the update mark in the file system of mobile phone card (such as SWP-SIM card), if updating mark
Show there is more new content, then obtains updated rule, and rule match is carried out according to updated rule.If updating mark
Show without more new content, then rule match is carried out according to previously stored rule.Wherein, rule include unencryption rule and
The rule of encryption.File system mentioned here is, for example, PKCS#15 file system.
Fig. 6 is a kind of method flow schematic diagram for realizing mobile phone card application secure accessing.Method includes the following steps:
In step 610, the AID that the security middleware that platform receives mobile phone terminal is sent is requested.
In step 620, the platform judges whether the AID request is the request for allowing to access, and judging result is returned
Back to the security middleware of the mobile phone terminal.
Wherein, the security middleware of the mobile phone terminal decides whether that the AID is forwarded to request according to the judging result.
In this embodiment, platform judges whether the AID request that mobile phone terminal is sent is the request for allowing to access, if it is
Allow the request accessed, then mobile phone terminal allows the security domain of card applications client access mobile phone card.Otherwise, mobile phone cannot be accessed
The security domain of card.This improves the safeties of mobile phone card application access.
Further, since AID request is issued platform by security middleware, and according to the rule after the result progress of platform return
Then match.Wherein, security middleware or platform can request multiple AID to carry out queuing control.Therefore, even if having multiple
Card applications client sends AID request simultaneously, will not be limited due to the number of channels of ACE and SIM Access API, may
The AC efficiency that caused card issuer blocks application reduces.
So far, the present invention is described in detail.In order to avoid covering design of the invention, it is public that this field institute is not described
The some details known.Those skilled in the art as described above, completely it can be appreciated how implementing technology disclosed herein
Scheme.
Method and device of the invention may be achieved in many ways.For example, can by software, hardware, firmware or
Person's software, hardware, firmware any combination realize method and device of the invention.The step of for the method it is above-mentioned
Sequence is merely to be illustrated, and the step of method of the invention is not limited to sequence described in detail above, unless with other sides
Formula illustrates.In addition, in some embodiments, the present invention can be also embodied as recording program in the recording medium, these
Program includes for realizing machine readable instructions according to the method for the present invention.Thus, the present invention also covers storage for executing
The recording medium of program according to the method for the present invention.
Although some specific embodiments of the invention are described in detail by example, the skill of this field
Art personnel it should be understood that above example merely to being illustrated, the range being not intended to be limiting of the invention.The skill of this field
Art personnel are it should be understood that can without departing from the scope and spirit of the present invention modify to above embodiments.This hair
Bright range is defined by the following claims.
Claims (10)
1. a kind of mobile phone terminal for realizing mobile phone card application secure accessing characterized by comprising
Card applications client, for sending access ID (AID) request to security middleware;
Security middleware, for AID request to be sent to platform, being judged whether it is by the platform allows what is accessed to ask
It asks, if it is, receiving the AID request of card applications client, the AID is requested to encapsulate, and be transmitted to access interface,
Otherwise, it does not forward;
Access interface for AID request to be transmitted to AC controller, and receives the matching knot that the AC controller returns
Fruit allows the security domain of the card applications client access mobile phone card if matching result shows to receive the AID request,
Otherwise, the security domain of mobile phone card cannot be accessed;
AC controller obtains the card applications client certificate from mobile phone operating system, carries out for receiving the AID request
Rule match, and matching result is returned to the access interface.
2. realizing the mobile phone terminal of mobile phone card application secure accessing according to claim 1 characterized by comprising
AID request is encrypted, is encapsulated by the security middleware, and is transmitted to the access interface;
The AC controller receives the AID request from the access interface, and requests the AID to carry out rule match,
In, the rule is encryption rule.
3. realizing the mobile phone terminal of mobile phone card application secure accessing according to claim 1 characterized by comprising
The AC controller checks the update mark in the file system of mobile phone card, if the update mark shows have in update
Hold, then obtains updated rule, and rule match is carried out according to updated rule;If the update mark shows do not have
More new content then carries out rule match according to previously stored rule.
4. a kind of platform for realizing mobile phone card application secure accessing characterized by comprising
Receiving unit, AID request that the security middleware for receiving mobile phone terminal is sent, from card applications client;
Judging result for judging whether the AID request is the request for allowing to access, and is returned to the hand by judging unit
The security middleware of machine terminal;
Wherein, the security middleware of the mobile phone terminal decides whether that the AID is forwarded to request according to the judging result, packet
It includes: in the case where AID request is the request for allowing to access, receiving the AID request of card applications client, it will be described
AID request encapsulation, and it is transmitted to access interface, AID request is transmitted to AC controller by access interface;In the AID
In the case that request is not the request for allowing to access, the AID is not forwarded to request.
5. realizing the platform of mobile phone card application secure accessing according to claim 4, which is characterized in that further include:
Issuance unit, for issuing matching rule to mobile phone card;
Wherein, the matching rule of the mobile phone card sends the AC controller of the mobile phone terminal to, by the AC controller according to
The rule carries out rule match.
6. a kind of system for realizing mobile phone card application secure accessing, which is characterized in that including any hand of claims 1 to 3
Machine terminal and any platform of claim 4 to 5.
7. a kind of method for realizing mobile phone card application secure accessing characterized by comprising
The card applications client of mobile phone terminal sends AID request to the security middleware of mobile phone terminal;
AID request is sent to platform by the security middleware, and the request for allowing to access is judged whether it is by the platform,
If it is, receiving the AID request of card applications client, the AID is requested to encapsulate, and be transmitted to access interface, it is no
Then, it does not forward;
AID request is transmitted to the AC controller of mobile phone terminal by the access interface of mobile phone terminal;
The AC controller receives the AID request, obtains the card applications client certificate from mobile phone operating system, is advised
It then matches, and returns to matching result to the access interface, if matching result shows to receive the AID request, allow institute
Otherwise the security domain for stating card applications client access mobile phone card cannot access the security domain of mobile phone card.
8. realizing the method for mobile phone card application secure accessing according to claim 7 characterized by comprising
AID request is encrypted, is encapsulated by the security middleware, and is transmitted to the access interface;
The AC controller receives the AID request from the access interface, and requests the AID to carry out rule match,
In, the rule is encryption rule.
9. realizing the method for mobile phone card application secure accessing according to claim 7 characterized by comprising
The AC controller checks the update mark in the file system of mobile phone card, if the update mark shows have in update
Hold, then obtains updated rule, and rule match is carried out according to updated rule;If the update mark shows do not have
More new content then carries out rule match according to previously stored rule.
10. a kind of method for realizing mobile phone card application secure accessing characterized by comprising
AID request that the security middleware that platform receives mobile phone terminal is sent, from card applications client;
The platform judges whether the AID request is the request for allowing to access, and judging result is returned to the mobile phone end
The security middleware at end;
Wherein, the security middleware of the mobile phone terminal decides whether that the AID is forwarded to request according to the judging result, packet
It includes: in the case where AID request is the request for allowing to access, receiving the AID request of card applications client, it will be described
AID request encapsulation, and it is transmitted to access interface, AID request is transmitted to AC controller by access interface;In the AID
In the case that request is not the request for allowing to access, the AID is not forwarded to request.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410277808.4A CN105208558B (en) | 2014-06-20 | 2014-06-20 | Realize method, mobile phone terminal, platform and the system of mobile phone card application secure accessing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410277808.4A CN105208558B (en) | 2014-06-20 | 2014-06-20 | Realize method, mobile phone terminal, platform and the system of mobile phone card application secure accessing |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105208558A CN105208558A (en) | 2015-12-30 |
CN105208558B true CN105208558B (en) | 2019-06-11 |
Family
ID=54955917
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410277808.4A Active CN105208558B (en) | 2014-06-20 | 2014-06-20 | Realize method, mobile phone terminal, platform and the system of mobile phone card application secure accessing |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105208558B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103108323A (en) * | 2011-11-11 | 2013-05-15 | 中兴通讯股份有限公司 | Safety operation execution system and execution method |
WO2013100419A1 (en) * | 2011-12-30 | 2013-07-04 | 에스케이씨앤씨 주식회사 | System and method for controlling applet access |
CN103559523A (en) * | 2013-11-15 | 2014-02-05 | 武汉天喻信息产业股份有限公司 | Contactless read-write equipment and method achieved on basis of SWP SE |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101826275B1 (en) * | 2011-11-01 | 2018-02-06 | 구글 엘엘씨 | Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements |
-
2014
- 2014-06-20 CN CN201410277808.4A patent/CN105208558B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103108323A (en) * | 2011-11-11 | 2013-05-15 | 中兴通讯股份有限公司 | Safety operation execution system and execution method |
WO2013100419A1 (en) * | 2011-12-30 | 2013-07-04 | 에스케이씨앤씨 주식회사 | System and method for controlling applet access |
CN103559523A (en) * | 2013-11-15 | 2014-02-05 | 武汉天喻信息产业股份有限公司 | Contactless read-write equipment and method achieved on basis of SWP SE |
Also Published As
Publication number | Publication date |
---|---|
CN105208558A (en) | 2015-12-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2021203184B2 (en) | Transaction messaging | |
CN109150835B (en) | Cloud data access method, device, equipment and computer readable storage medium | |
CN104852925B (en) | Mobile intelligent terminal anti-data-leakage secure storage, backup method | |
CN104322001B (en) | The Transport Layer Security flow control identified using service name | |
CN105446713B (en) | Method for secure storing and equipment | |
JP2022524709A (en) | Second element of customer support calls Systems and methods for authentication | |
US9313257B2 (en) | Method for starting a client program | |
RU2683853C1 (en) | Method for improving gprs key, sgsn device, user device, hlr / hss and gprs system | |
JP2023508317A (en) | contactless card personal identification system | |
KR20180048655A (en) | Method and apparatus for updating verification information | |
CN106789841A (en) | Method for processing business, terminal, server and system | |
CN109412812A (en) | Data safe processing system, method, apparatus and storage medium | |
CN109831311A (en) | A kind of server validation method, system, user terminal and readable storage medium storing program for executing | |
CN110099031A (en) | A kind of service calling method, device and micro services platform | |
CN109729000B (en) | Instant messaging method and device | |
WO2019134494A1 (en) | Verification information processing method, communication device, service platform, and storage medium | |
CN109146468A (en) | A kind of backup and restoration methods of the logical card of number | |
CN107872315B (en) | Data processing method and intelligent terminal | |
CN109218334A (en) | Data processing method, device, access control equipment, certificate server and system | |
CN108604280B (en) | Transaction method, transaction information processing method, transaction terminal and server | |
CN108701200B (en) | Improved memory system | |
EP3021516A1 (en) | Method and server for providing transaction keys | |
WO2014107060A1 (en) | Apparatus for securing mobile data and method therefor | |
CN104994498B (en) | The method and system that a kind of terminal applies are interacted with mobile phone card application | |
CN108234125A (en) | For the system and method for authentication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |