CN105303377B - A kind of key of slave security domain of intelligent card update method and electronic fare payment system - Google Patents

A kind of key of slave security domain of intelligent card update method and electronic fare payment system Download PDF

Info

Publication number
CN105303377B
CN105303377B CN201510655668.4A CN201510655668A CN105303377B CN 105303377 B CN105303377 B CN 105303377B CN 201510655668 A CN201510655668 A CN 201510655668A CN 105303377 B CN105303377 B CN 105303377B
Authority
CN
China
Prior art keywords
security domain
card
application provider
platform
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201510655668.4A
Other languages
Chinese (zh)
Other versions
CN105303377A (en
Inventor
余万涛
马景旺
贾倩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201510655668.4A priority Critical patent/CN105303377B/en
Publication of CN105303377A publication Critical patent/CN105303377A/en
Application granted granted Critical
Publication of CN105303377B publication Critical patent/CN105303377B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/086Access security using security domains

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Software Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention provides a kind of key of slave security domain of intelligent card update method and electronic fare payment systems.Key of slave security domain of intelligent card update method includes: that user triggers application downloading application, submits application downloading application to application provider's management platform;Application provider manages platform and manages platform submission from security domain request to create information to card publisher;Card publisher manages platform and manages platform and application provider's service terminal to the main security domain transmission of smart card from security domain initial key via application provider, and the main security domain of smart card is initialized with from security domain initial key from security domain;Card publisher, which manages platform, to hand to application provider's management platform from the control of security domain, and application provider manages the initial key that platform updates slave security domain of intelligent card.The present invention, which is realized, is sent to slave security domain of intelligent card from security domain key for new by secured communication channel, to update from security domain key.

Description

A kind of key of slave security domain of intelligent card update method and electronic fare payment system
This case is the divisional application of patent application 200810177014.5, and the applying date of original application is November 10 in 2008 Day, application No. is 200810177014.5, invention and created name is that a kind of key of slave security domain of intelligent card updates distribution method, is System and mobile terminal.
Technical field
The present invention relates to the mobile terminal electricity based on NFC (Near Field Communication, near-field communication technology) Sub- payment technology is particularly related to a kind of key of slave security domain of intelligent card update method and electronic fare payment system.
Background technique
Near-field communication technology (Near Field Communication, NFC) is operate on a kind of low coverage of 13.56MHz From wireless communication technique, it is evolved by RFID technique and interconnection technique fusion.The mobile communication terminals such as mobile phone integrate NFC technique Afterwards, non-contact IC card can be simulated, the related application for e-payment.Realize that the program needs on mobile communication terminal Increase NFC analog front-end chip and NFC antenna in terminal, and uses the smart card for supporting e-payment.
IC card especially non-contact IC card passes through the development of more than ten years, has been widely used in public transport, gate inhibition, small amount The fields such as e-payment.At the same time, mobile phone undergoes rapid development in more than 20 years, is substantially achieved in resident universal, gives people Work and life bring very big convenience.The function of mobile phone is stronger and stronger, and exists and integrate more multi-functional trend.By hand Machine and non-contact IC card technique combine, and mobile phone is applied to e-payment field, and the use scope of meeting further expansion mobile phone is given It is convenient that people's lives are brought, and there is wide application prospects.
To realize the mobile electronic payment based on NFC technique, needs to establish electronic payment of mobile terminal system, be by this System realizes the management to the electronic payment of mobile terminal based on NFC, comprising: the distribution of smart card, the downloading of e-payment application, Installation and individualized, the safety etc. applied using the relevant technologies and management strategy realization e-payment.
It is (complete that the business framework of electronic payment of mobile terminal system based on NFC technique generallys use Global Platform Ball platform) specification more application frameworks, under the frame, support Global Platform specification smart card refer to meeting Global Platform Card Specification V2.1.1/V2.2 (global platform calliper model version 2 .1.1/2.2, GP2.1.1 or GP2.2) specification IC chip or smart card, from physical form can be SIM/USIM card, i.e., client identification mould Block (Subscriber Identity Model)/UMTS Subscriber identification module (UMTS Subscriber Identity Module UMTS), pluggable intelligent memory card or integrated IC chip on mobile terminals.
If the electronic payment of mobile terminal system based on near-field communication (NFC) technology supports GP2.1.1 specification, safety logical Road agreement needs support SCP02 (based on symmetric key), if the electronic payment of mobile terminal system based on near-field communication technology GP2.2 specification, exit passageway agreement is supported to need support SCP02 (based on symmetric key) and SCP10 (based on unsymmetrical key), Card issuing quotient, application provider can select according to security strategy demand.
Under normal circumstances, the mobile terminal short distance electronic fare payment system based on NFC is mainly managed by card issuing quotient flat There is the mobile terminal of e-payment application function smart card to form for platform, application provider's management platform and support, in the system There may be multiple application providers to manage platform.
Multiple applications can be installed on the smart card for supporting Global Platform specification, in order to realize e-payment The safety of application, smart card are separated into several independent security domains, with guarantee the mutual isolation of multiple applications and Independence, each application provider manage respective security domain and application, using data etc..
Security domain is that the outer entity of card includes the representative of card publisher and application provider on card, they include for supporting The key of the running of exit passageway agreement and smart card Content Management.Security domain includes main security domain and from security domain etc..Main peace Universe is represented on the compulsory card of card publisher on smart cards.It is card publisher or application provider in intelligence from security domain Additional on card can card selection previous generation's table.
The key of security domain is generated, distributes and updated to be responsible for by the card publisher or application provider that manage the security domain, It ensure that application and data from different application supplier can coexist on the same card.The key of security domain includes master Security domain key, from security domain initial key and from security domain key.Main security domain key and from security domain initial key by card Distributor management platform generates, and manages platform or application provider's pipe from security domain key by managing from the card publisher of security domain Platform generates.
Before e-payment application is downloaded and installed into smart card, need on smart cards for the application first create from Security domain.The creation of slave security domain of intelligent card is to manage platform by card publisher to complete.After smart card issuance, creation intelligence When card is from security domain, platform must be managed by card publisher from security domain initial key and be imported on smart card by secure way Slave security domain.
After the completion of security domain creation, in downloading e-payment in application, needing to be updated to from security domain initial key E-payment using key, that is, be updated to e-payment using slave security domain key.Institute is applied in e-payment When the slave security domain key used has certain life cycle, it is necessary to be completed before terminating from security domain key life cycle From the update of security domain key.Additionally, it is also possible to due to security reason need force update e-payment using slave peace Universe key.From security domain key as confidential data, need to take reliable and safe method will in key updating process Related key imported into slave security domain of intelligent card, is distributed with realizing from the security update of security domain key.
The specific reality of used the update distribution procedure and System Network Architecture from security domain key of e-payment application Existing mode is related.In order to realize the security management of smart card and downloading, the installation etc. of e-payment application, smart card need with Card publisher manages platform and application provider's management platform establishes communication.Smart card can be flat by service terminal and management Platform establishes communication.Service terminal is can be to the equipment that smart card is written and read, such as the POS machine being connected with computer.Make In the case where with service terminal, the case where for symmetric key, the security update point of key of slave security domain of intelligent card how is realized Hair is the problem that electronic payment of mobile terminal needs to solve.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of key of slave security domain of intelligent card update method and electronics branch The system of paying realizes the security update from security domain key using service terminal.
In order to solve the above-mentioned technical problems, the present invention provides a kind of key of slave security domain of intelligent card update methods, are based on Electronic payment of mobile terminal system realizes that the electronic payment of mobile terminal system includes having the intelligence of e-payment application function Energy card, application provider's service terminal, application provider's management platform and card publisher manage platform, and the smart card is directly logical Application provider's service terminal and the application provider management platform is crossed connect, application provider's management platform and The card publisher manages platform and passes through private line access, the slave security domain of application provider's management platform management smart card; The described method includes:
User triggers application downloading application, and Xiang Suoshu application provider manages platform and submits application downloading application;
The application provider manages platform and manages platform submission from security domain request to create information to the card publisher;
The card publisher manages platform and manages platform and application provider's service terminal to intelligence via application provider Block main security domain to send from security domain initial key, the main security domain of smart card is initialized with described from security domain initial key From security domain;
The card publisher manages platform will hand to application provider's management platform, institute from the control of security domain State the initial key that application provider's management platform updates slave security domain of intelligent card.
In order to solve the above-mentioned technical problem, the present invention also provides a kind of electronic fare payment systems, including with e-payment Smart card, application provider's service terminal, application provider's management platform and the card publisher of application function manage platform, described Smart card directly passes through application provider's service terminal and the application provider management platform and connect, the application offer Quotient manages platform and the card publisher manages platform by private line access, and the application provider manages platform management smart card Slave security domain;Wherein,
The application provider manages platform, for receiving the application downloading application of user's submission, Xiang Suoshu card publisher Platform is managed to submit from security domain request to create information;It is also used to update the initial key of slave security domain of intelligent card;
The card publisher manages platform, for via application provider manage platform and application provider's service terminal to The main security domain of smart card is sent from security domain initial key;The application will be handed to from the control of security domain by, which being also used to, provides Quotient manages platform;
The smart card manages the slave security domain initial key that platform is sent, initialization for receiving the card publisher From security domain.
Key of slave security domain of intelligent card update method proposed by the present invention and electronic fare payment system, can solve in hair fastener Afterwards, for symmetric key the case where, generates new from security domain key and logical by secure communication when user downloads and updates The new slave security domain key is sent to slave security domain of intelligent card by road, to update from security domain key.
Detailed description of the invention
Fig. 1 is the electronic payment of mobile terminal system architecture schematic diagram the present invention is based on near-field communication technology;
Fig. 2 is for the slave security domain of card publisher's management, and the present invention is based on the slave security domains of card publisher's service terminal Initial key updates distribution flow schematic diagram;
Fig. 3 is for the slave security domain of application provider's management, and the present invention is based on the slave peaces of application provider's service terminal Universe initial key updates distribution flow schematic diagram;
Fig. 4 is slave security domain of the present invention for card publisher's management, since key expires or force base caused by updating Distribution flow schematic diagram is updated in the slave security domain key of card publisher's service terminal;
Fig. 5 is slave security domain of the present invention for application provider's management, since key is expired or forced caused by updating Slave security domain key based on application provider's service terminal updates distribution flow schematic diagram.
Specific embodiment
To make the purpose of the present invention, technical solution and advantage are more clearly understood, and develop simultaneously preferred embodiments referring to the drawings, The present invention is described in more detail.
The present invention is based on being described for electronic payment of mobile terminal system architecture shown in FIG. 1, but it is not limited to Fig. 1 institute Show electronic payment of mobile terminal system architecture.
Fig. 1 shows electronic payment of mobile terminal system of the present invention, including application provider's management platform, card publisher's pipe Platform, application provider's service terminal, card publisher's service terminal, mobile terminal and smart card, smart card are mounted on movement In terminal, which can also not include mobile terminal, and smart card is an autonomous device at this time.Application provider manage platform and Card publisher manages platform and is referred to as management platform, and application provider's service terminal and card publisher's service terminal are referred to as business Terminal.
The smart card supports Global Platform Card Specification V2.1.1/V2.2 specification;Have The smart card of e-payment application function can directly be distinguished by card publisher's service terminal and application provider's service terminal Platform is managed with card publisher or application provider's management platform is connect.When the smart card installation with e-payment application function When on mobile terminals, mobile terminal can be sent out with card respectively by card publisher's service terminal or application provider's service terminal It does business and manages platform and application provider management platform and connect, for being carried out mutually with the management platform of management slave security domain of intelligent card Certification, and receive the slave security domain key of the management platform distribution, updates from security domain key, the mutual verification process and It is realized from security domain key distribution by application provider's service terminal or card publisher's service terminal.
Card publisher's service terminal manages platform management by card publisher, and smart card passes through mobile terminal and card publisher Service terminal directly manages Platform communication by card publisher's service terminal and card publisher;
Application provider's service terminal manages platform management by application provider, and smart card passes through mobile terminal and application Provider's service terminal directly manages Platform communication by application provider's service terminal and application provider;
Card publisher manages platform, is responsible for the distribution and management of smart card, resource and life cycle to smart card, close Key, certificate are managed, and are responsible for from the creation of security domain, and with other security domain interactive application datas, including creation from Security domain is mutually authenticated and is established interim conversation key, and generation from security domain initial key and newly with the smart card Slave security domain key.For specific implementation, it may include card management system, application management system that card publisher, which manages platform, System, key management system, certificate management system, application provider's management system etc., wherein certificate management system is non-right in support Claim to use in the case where key, certificate management system is connected with card issuing quotient certification authority (CA) system;
Application provider manages platform, is responsible for the offer and management function of e-payment application, provides various businesses application, And safety management is carried out from security domain to corresponding on smart card, key, certificate, data are applied from security domain to described Etc. being controlled, the functions such as safety downloading, the installation of application are provided.It is mutually authenticated and is established including with the smart card Interim conversation key, and generate new slave security domain key.For specific implementation, application provider's management platform be can wrap Application management system, key management system, certificate management system are included, wherein certificate management system is in the feelings for supporting unsymmetrical key It is used under condition, certificate management system is connected with certification authority, application provider (CA) system.
Card publisher, which manages platform and application provider's management platform, can provide electronics branch by respective service terminal It pays related service: participating in processing e-payment subscriber information management, participate in the creation and key distribution, e-payment from security domain Downloading and the e-payment application of application it is individualized etc..Application provider manage platform and card publisher manage platform it Between can be communicated by safe lane (such as private line access).
Below in conjunction with being described for electronic payment of mobile terminal system architecture shown in FIG. 1, but it is not limited to shown in Fig. 1 Electronic payment of mobile terminal system architecture updates distribution method to key of slave security domain of intelligent card of the present invention and is illustrated:
Two kinds are related generally to from the key updating of security domain:
One, user downloads e-payment in application, needing the slave security domain of intelligent card with the e-payment association Initial key be updated to from security domain key.
Step s1, card publisher manage platform and create slave security domain of intelligent card.
Card publisher manages platform and can be created on smart cards according to related application information is downloaded with application from safety Domain, downloading related application information with application may include smart card ICCID information, application identities and application provider's identity letter Breath etc..This application information is sent to card publisher by card publisher's service terminal by user and manages platform, or is led to by user It crosses application provider's service terminal and is sent to application provider's management platform, application provider's management platform is then forwarded to card distribution Quotient manages platform, or manages platform to card publisher according to the application information from application provider's management platform and submit from peace Universe request to create.
Step s2 takes different initial key update methods according to the management platform difference of the slave security domain of intelligent card.
After the completion of slave security domain of intelligent card creation, if be managed from security domain by application provider's management platform, block Distributor management platform will (should include slave security domain of intelligent card mark letter from security domain essential information from security domain essential information Breath) and initial key be sent to application provider's management platform, to manage being handed to from the control of security domain from safety The application provider in domain manages platform, and then application provider's management platform updates the initial key from security domain;
If slave security domain of intelligent card manages platform by card publisher and is managed, platform is managed for tool by card publisher The e-payment application of body downloading updates the initial key from security domain.
When being updated, comprise the following steps:
Step s201 manages the card publisher from security domain and manages platform or application provider's management platform according to intelligence Card starts card publisher and manages platform or application provider's management platform and smart card from peace from information such as security domain initial keys Universe mutually authenticates and establishes secure communication channel.The slave security domain of intelligent card of platform management is managed for card publisher, it is described Mutual verification process is managed in the card publisher via card publisher's service terminal and is completed between platform and the smart card. For the slave security domain of intelligent card of application provider's management platform management, the mutual verification process is via application provider's industry Business terminal is managed in the application provider and is completed between platform and the smart card.After completing mutually certification, the card publisher Interim conversation key is established between management platform or application provider management platform and the slave security domain of intelligent card, this faces When session key can follow Global Platform Card Specification V2.1.1/V2.2 specification establish, can also To be established by other methods;The interim conversation key manages platform or application provider's management platform and intelligence for card publisher It can block from the communication encryption between security domain.
Step s202, the card publisher manages platform or application provider management platform generates new slave security domain Key manages platform by the card publisher or the application provider manages the peace established between platform and the smart card Card publisher is managed the new slave security domain key of platform or application provider's management platform generation via card by full communication channel Publisher's service terminal or application provider's service terminal imported into the slave security domain of intelligent card, complete from security domain key Security update distribution.
Two, since key expires or forces to update the slave security domain key carried out and update to distribute
It is currently used specified with one from security domain key when being applied with the associated e-payment of slave security domain of intelligent card When life cycle, it is necessary to which the card publisher by managing the slave security domain of intelligent card manages platform or application provider's management platform exists The life cycle of currently used slave security domain key currently used is updated this before terminating from security domain key;
When needing to update the associated e-payment of slave security domain of intelligent card using currently used from peace due to security reason When universe key, platform can be managed by the card publisher for managing the slave security domain of intelligent card or application provider manages platform pair This is currently used to carry out pressure update from security domain key.
Specific update method includes:
When expiring from security domain key or forcing to update from security domain key due to security reason, according to currently making From security domain key, starts card publisher and manage the mutual of platform or application provider's management platform and slave security domain of intelligent card It authenticates and establishes secure communication channel.For the slave security domain of card publisher's management, the mutual verification process is via card publisher Service terminal is managed in the card publisher and is completed between platform and the smart card.For the slave safety of application provider's management Domain, the mutual verification process can manage platform and described in the application provider via application provider's service terminal It is completed between smart card.
After completing mutually certification, the card publisher manages platform or application provider management platform and the smart card From interim conversation key is established between security domain, which can follow Global Platform Card Specification V2.1.1/V2.2 specification is established, and can also be established by other methods.The interim conversation key is for blocking Communication encryption between distributor management platform or application provider's management platform and slave security domain of intelligent card.
The card publisher manages platform or application provider management platform generates new slave security domain key, passes through The card publisher manages the secure communication established between platform or application provider management platform and the smart card and believes Card publisher is managed the new slave security domain key that platform or application provider's management platform generate and issued via the card by road Quotient's service terminal or application provider's service terminal imported into the slave security domain of intelligent card, complete the safety from security domain key Update distribution.
Key of slave security domain of intelligent card update method of the present invention is further illustrated below by example, wherein Fig. 2, Fig. 3 are related to And distribute from the update of security domain initial key, Fig. 4, Fig. 5 are related to because key expires or force caused by updating from safety The update of domain key is distributed.
Fig. 2 be it is according to the present invention, for card publisher's management slave security domain based on card publisher's service terminal Distribution flow schematic diagram is updated from security domain initial key.As shown in Fig. 2, for card publisher's management based on card publisher's industry The slave security domain initial key of business terminal updates distribution flow step
Step 201: card publisher manages platform according to from security domain initial key, via card publisher's service terminal to intelligence It can block and send SELECT command message, select from security domain;
Step 202: smart card manages platform to card publisher via card publisher's service terminal and SELECT order is submitted to ring Answer message;
Step 203: card publisher manages platform and establishes safety via card publisher's service terminal and slave security domain of intelligent card Communication channel, for example establish SCP02 safe lane;
The method for establishing secure communication channel are as follows: card publisher manages to be recognized each other between platform and slave security domain of intelligent card Card carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can be with It follows Global Platform Card Specification V2.1.1/V2.2 specification to establish, other methods can also be passed through It establishes;The mutual verification process manages platform and the smart card from peace in the card publisher via card publisher's service terminal It is completed between universe.
Step 204: card publisher manages platform and generates new slave security domain key;
Step 205: card publisher manages platform by PUTKEY order, via card publisher's service terminal to smart card from Security domain sends new slave security domain key;
Step 206: slave security domain of intelligent card receives new after security domain key, completes to from security domain initial key Update operation;
Step 207: slave security domain of intelligent card manages platform to card publisher via card publisher's service terminal and sends PUTKEY command response terminates to the renewal process from security domain initial key.
Before above-mentioned steps 201, platform also is managed comprising card publisher, smart card is established according to user's application downloading application From security domain, and issue the step of initial key of slave security domain of intelligent card is to from slave security domain of intelligent card.
Fig. 3 be it is according to the present invention, for application provider's management slave security domain it is whole based on application provider business The slave security domain initial key at end updates distribution flow schematic diagram.As shown in figure 3, for the slave security domain of application provider's management Slave security domain initial key based on application provider's service terminal update distribution flow step and include:
Step 301: user passes through application provider's service terminal client-side program or card-programm triggering application downloading Shen Please, and to application provider's management platform application downloading application is submitted, includes smartcard identification information using downloading application (ICCID) etc.;
Step 302: application provider manages platform and submits to card publisher's management platform from security domain request to create information, It include application provider's identity information (ASP-ID) and smartcard identification information (ICCID) etc. in request message;
Step 303: card publisher manages platform validation should be from security domain request to create information, and determines whether that this is asked It asks.Card publisher manages platform and judges whether to manage platform creation by application provider from security domain.
If card publisher manage platform according in the request to create information smartcard identification information and application provider The judgements such as identity do not need creation from security domain, then terminate from security domain creation process and otherwise continue to execute subsequent step;
Step 304: card publisher manages platform via application provider's management platform, application provider's service terminal to intelligence It can block and send SELECT command message, select main security domain;
Step 305: smart card manages platform via application provider's service terminal and application provider and manages to card publisher Platform submits SELECT command response message;
Step 306: card publisher manages platform and the main security domain of smart card and manages platform and application via application provider Provider's service terminal establishes secure communication channel, such as establishes SCP02 safe lane;
The method for establishing secure communication channel are as follows: card publisher manages to be recognized each other between platform and the main security domain of smart card Card carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can be with It follows Global Platform Card Specification V2.1.1/V2.2 specification to establish, other methods can also be passed through It establishes;The mutual verification process is managed via application provider's management platform, application provider's service terminal in the card publisher It is completed between platform and the main security domain of the smart card.
Step 307: card publisher manage platform via application provider manage platform and application provider's service terminal to Smart card sends INSTALL order;
Step 308: smart card manages platform via application provider's service terminal and application provider and manages to card publisher Platform submits INSTALL command response;
Step 309: card publisher manages platform and generates from security domain initial key;
Step 310: card publisher manages platform by PUTKEY order, manages platform via application provider and application mentions It is sent to the main security domain of smart card from security domain initial key for quotient's service terminal;
Step 311: the main security domain of smart card receives after security domain initial key, initial with the slave security domain received Cipher key initialization is from security domain;
Step 312: the main security domain of smart card manages platform to card via application provider's service terminal and application provider Distributor management platform sends PUTKEY command response;
Step 313: card publisher manage platform to application provider management platform return from security domain essential information and from Security domain initial key;
It wherein, should include slave security domain of intelligent card identification information from security domain essential information.
Step 314: application provider's management platform is added in the database from security domain relevant information;
Step 315: application provider manages platform and sends SELECT life to smart card via application provider's service terminal Message is enabled, is selected from security domain;
Step 316: smart card is submitted via application provider's service terminal to application provider's key management system SELECT command response;
Step 317: application provider manages platform and establishes via application provider's service terminal and slave security domain of intelligent card Secure communication channel such as establishes SCP02 safe lane;
The method for establishing secure communication channel are as follows: application provider manages and carries out mutually between platform and slave security domain of intelligent card Certification carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can It is established with following Global Platform Card Specification V2.1.1/V2.2 specification, other sides can also be passed through Method is established;The mutual verification process manages platform and the intelligence in the application provider via application provider's service terminal Card is completed between security domain.
Step 318: application provider manages platform and generates new slave security domain key;
Step 319: application provider manages platform by PUTKEY order, via application provider's service terminal to intelligence Block and sends new slave security domain key from security domain;
Step 320: slave security domain of intelligent card receives new after security domain key, completes to from security domain initial key Update operation;
Step 321: slave security domain of intelligent card is sent via application provider's service terminal to application provider's management platform PUTKEY command response terminates from security domain key distribution procedure.
Fig. 4 be it is according to the present invention, for card publisher management slave security domain, due to key expire or force update draw The slave security domain key based on card publisher's service terminal risen updates distribution flow schematic diagram.As shown in figure 4, for card distribution The slave security domain of quotient's management, since key expires or force the slave security domain based on card publisher's service terminal caused by updating close Key updates distribution flow step
Step 401, card publisher manage platform and send SELECT order report to smart card via card publisher's service terminal Text is selected from security domain;
Step 402, smart card manage platform to card publisher via card publisher's service terminal and SELECT order are submitted to ring It answers;
Step 403, card publisher manage platform and establish safety via card publisher's service terminal and slave security domain of intelligent card Communication channel such as establishes SCP02 safe lane;
The method for establishing secure communication channel are as follows: card publisher manages to be recognized each other between platform and slave security domain of intelligent card Card carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can be with It follows Global Platform Card Specification V2.1.1/V2.2 specification to establish, other methods can also be passed through It establishes;The mutual verification process manages platform and the smart card from peace in the card publisher via card publisher's service terminal It is completed between universe.
Step 404, card publisher manage platform and generate new slave security domain key;
Step 405, card publisher manage platform by PUTKEY order, via card publisher's service terminal to smart card from Security domain sends new slave security domain key;
Step 406, slave security domain of intelligent card receive newly after security domain key, complete key of slave security domain of intelligent card Update operation;
Step 407, slave security domain of intelligent card manage platform to card publisher via card publisher's service terminal and send PUTKEY command response terminates from security domain key renewal process.
Fig. 5 be it is according to the present invention, for application provider management slave security domain, due to key expire or force update The caused slave security domain key based on application provider's service terminal updates distribution flow schematic diagram.As shown in figure 5, for answering With provider manage slave security domain, due to key expire or force update caused by based on application provider's service terminal from Security domain key updates distribution flow step
Step 501, application provider's management platform send SELECT life to smart card via application provider's service terminal Message is enabled, is selected from security domain;
Step 502, smart card submit SELECT life to application provider's management platform via application provider's service terminal Enable response;
Step 503, application provider's management platform are established via application provider's service terminal and slave security domain of intelligent card SCP02 safe lane;
The method for establishing secure communication channel are as follows: application provider manages and carries out mutually between platform and slave security domain of intelligent card Certification carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can It is established with following Global Platform Card Specification V2.1.1/V2.2 specification, other sides can also be passed through Method is established;The mutual verification process manages platform and the intelligence in the application provider via application provider's service terminal Card is completed between security domain.
Step 504, application provider's management platform generate new slave security domain key;
Step 505, application provider's management platform are by PUTKEY order, the slave security domain key of carrying newly in order, New slave security domain key is sent to slave security domain of intelligent card via application provider's service terminal;
Step 506, slave security domain of intelligent card receive newly after security domain key, complete to grasp from the update of security domain key Make;
Step 507, slave security domain of intelligent card are sent via application provider's service terminal to application provider's management platform PUTKEY command response terminates from security domain key renewal process.
Key of slave security domain of intelligent card update method, system and mobile terminal of the present invention, can solve for symmetric key The case where, platform is managed through card publisher's service terminal or application provider's management platform through application provider by card publisher Service terminal will import safely slave security domain of intelligent card from security domain key, realize the security update of key of slave security domain of intelligent card Distribution.
The invention may also have other embodiments, without deviating from the spirit and substance of the present invention, is familiar with this The technical staff in field makes various corresponding changes and modifications in accordance with the present invention, and these corresponding changes and modifications are all answered It falls within the protection scope of the appended claims of the present invention.

Claims (10)

1. a kind of key of slave security domain of intelligent card update method, which is characterized in that it is realized based on electronic payment of mobile terminal system, The electronic payment of mobile terminal system include the smart card with e-payment application function, application provider's service terminal, Application provider manages platform and card publisher manages platform, and the smart card directly passes through application provider's service terminal It manages platform with the application provider to connect, application provider's management platform manages platform with the card publisher and passes through Private line access, the slave security domain of application provider's management platform management smart card;The described method includes:
User triggers application downloading application, and Xiang Suoshu application provider manages platform and submits application downloading application;
The application provider manages platform and manages platform submission from security domain request to create information to the card publisher;
The card publisher manages platform and the main security domain of smart card and manages platform and application offer via the application provider Quotient's service terminal establishes secure communication channel, and the card publisher manages platform and mentions via application provider's management platform and application It is sent to the main security domain of smart card from security domain initial key for quotient's service terminal, the main security domain of smart card is with described from peace Universe initial key is initialized from security domain;
The card publisher manages platform will hand to application provider's management platform from the control of security domain, described to answer The initial key of slave security domain of intelligent card is updated with provider's management platform.
2. the method as described in claim 1, which is characterized in that wherein, the card publisher manages platform and provides via application Quotient manages platform and application provider's service terminal and sends to the main security domain of smart card from security domain initial key, the smart card Main security domain is initialized from security domain initial key from security domain with described, is specifically included:
The card publisher manages platform and sends INSTALL order to smart card by the secure communication channel;
The smart card manages platform to card publisher by the secure communication channel and submits INSTALL command response;
The card publisher manages platform and generates from security domain initial key;
The card publisher manages platform and utilizes PUTKEY order, is sent out by the secure communication channel to the main security domain of smart card It send described from security domain initial key;
The main security domain of the smart card is described from the initialization of security domain initial key from security domain with what is received;
The main security domain of smart card manages platform to card publisher by the secure communication channel and sends PUTKEY order sound It answers.
3. the method as described in claim 1, which is characterized in that wherein, the card publisher manages platform and the main peace of smart card Universe manages platform via the application provider and application provider's service terminal establishes secure communication channel, specifically includes:
The card publisher manages platform and manages platform and application provider's service terminal to intelligence via the application provider Card sends SELECT command message, selects main security domain;
The smart card manages platform via application provider's service terminal and application provider and puts down to card publisher's management Platform submits SELECT command response message;
The card publisher manages platform and the main security domain of smart card and manages platform and application offer via the application provider Quotient's service terminal establishes secure communication channel;It is described to establish secure communication channel specifically: the card publisher manage platform with It is mutually authenticated, is carried out after mutually authenticating, it is established that the special meeting for communication encryption between the two between the main security domain of smart card Talk about key.
4. the method as described in claim 1, which is characterized in that wherein, the card publisher manages platform will be from security domain Control hands to application provider's management platform, and application provider's management platform is updated from the initial close of security domain Key specifically includes:
The card publisher manages platform and sends to application provider's management platform from security domain essential information and at the beginning of the security domain Beginning key;
Application provider's management platform adds described from security domain relevant information in the database;
Application provider's management platform sends SELECT order report to smart card via application provider's service terminal Text is selected from security domain;
The smart card submits SELECT command response to application provider via application provider's service terminal;
Application provider's management platform and slave security domain of intelligent card establish secure communication channel, by the new slave safety of generation Domain key is sent to slave security domain of intelligent card by the secure communication channel, and the slave security domain of intelligent card is completed to from safety The update of domain initial key operates.
5. method as claimed in claim 4, which is characterized in that wherein, application provider management platform and smart card from Security domain establishes secure communication channel, and the new slave security domain key of generation is sent to intelligence by the secure communication channel Card from security domain, complete to operate to from the update of security domain initial key by the slave security domain of intelligent card, specifically includes:
Application provider's management platform establishes safety via application provider's service terminal and slave security domain of intelligent card Communication channel;It is described to establish secure communication channel specifically: application provider management platform and slave security domain of intelligent card it Between mutually authenticated, carry out mutually authenticate after, it is established that the interim conversation key for communication encryption between the two;
Application provider's management platform generates new slave security domain key;
Application provider management platform utilizes PUTKEY order, by the secure communication channel to slave security domain of intelligent card Send new slave security domain key;
The slave security domain of intelligent card receive it is new after security domain key, complete to from the update of security domain initial key grasp Make;
The slave security domain of intelligent card manages platform to application provider by the secure communication channel and sends PUTKEY order Response.
6. a kind of electronic fare payment system, which is characterized in that including the smart card with e-payment application function, application provider Service terminal, application provider's management platform and card publisher manage platform, and the smart card is directly provided by the application Quotient's service terminal is connect with application provider management platform, and application provider's management platform and the card publisher manage Platform passes through private line access, the slave security domain of application provider's management platform management smart card;Wherein,
The application provider manages platform, for receiving the application downloading application of user's submission, Xiang Suoshu card publisher management Platform is submitted from security domain request to create information;It is also used to update the initial key of slave security domain of intelligent card;
The card publisher manages platform, for managing platform and application via the application provider with the main security domain of smart card Provider's service terminal establishes secure communication channel;It is also used to manage platform via application provider and application provider's business is whole It holds to the main security domain of smart card and sends from security domain initial key;It is also used to that the application will be handed to from the control of security domain Provider manages platform;
The smart card manages the slave security domain initial key that platform is sent for receiving the card publisher, initializes from peace Universe.
7. system as claimed in claim 6, it is characterised in that:
The card publisher manages platform, for sending INSTALL order to smart card by the secure communication channel;Also use In generating from security domain initial key, using PUTKEY order, sent out by the secure communication channel to the main security domain of smart card It send described from security domain initial key;
The smart card submits INSTALL command response for managing platform to card publisher by the secure communication channel; It is also used to described from the initialization of security domain initial key from security domain with what is received;It is also used to through the secure communication channel Platform, which is managed, to card publisher sends PUTKEY command response.
8. system as claimed in claim 6, it is characterised in that:
The card publisher manages platform, for via the application provider manage platform and application provider's service terminal to Smart card sends SELECT command message, selects main security domain;It is also used to provide with the main security domain of smart card via the application Quotient manages platform and application provider's service terminal establishes secure communication channel;It is described to establish secure communication channel specifically: institute Both it states and is mutually authenticated between card publisher's management platform and the main security domain of smart card, carried out after mutually authenticating, it is established that for Between communication encryption interim conversation key;
The smart card is managed for managing platform via application provider's service terminal and application provider to card publisher Platform submits SELECT command response message.
9. system as claimed in claim 6, it is characterised in that:
The card publisher manages platform, for sending to application provider's management platform from security domain essential information and from safety Domain initial key;
The application provider manages platform, described from security domain relevant information for addition in the database;Be also used to via Application provider's service terminal sends SELECT command message to smart card, selects from security domain;It is also used to and smart card Secure communication channel is established from security domain, the new slave security domain key of generation is sent to intelligence by the secure communication channel It can block from security domain;
The smart card, for submitting SELECT command response to application provider via application provider's service terminal; It is also used to complete the update operation to initial key of slave security domain of intelligent card.
10. system as claimed in claim 7, it is characterised in that:
The application provider manages platform, for establishing via application provider's service terminal and slave security domain of intelligent card Secure communication channel;It is described to establish secure communication channel specifically: the application provider manages platform and smart card from safety It is mutually authenticated, is carried out after mutually authenticating, it is established that the interim conversation key for communication encryption between the two between domain;It is also used to New slave security domain key is generated, using PUTKEY order, is sent by the secure communication channel to slave security domain of intelligent card New slave security domain key;
The smart card, it is new after security domain key for receiving, it completes to operate to from the update of security domain initial key; It is also used to manage platform to application provider by the secure communication channel and sends PUTKEY command response.
CN201510655668.4A 2008-11-10 2008-11-10 A kind of key of slave security domain of intelligent card update method and electronic fare payment system Expired - Fee Related CN105303377B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510655668.4A CN105303377B (en) 2008-11-10 2008-11-10 A kind of key of slave security domain of intelligent card update method and electronic fare payment system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200810177014A CN101742479A (en) 2008-11-10 2008-11-10 Method and system for updating and distributing smart card secondary security domain keys and mobile terminal
CN201510655668.4A CN105303377B (en) 2008-11-10 2008-11-10 A kind of key of slave security domain of intelligent card update method and electronic fare payment system

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN200810177014A Division CN101742479A (en) 2008-11-10 2008-11-10 Method and system for updating and distributing smart card secondary security domain keys and mobile terminal

Publications (2)

Publication Number Publication Date
CN105303377A CN105303377A (en) 2016-02-03
CN105303377B true CN105303377B (en) 2019-10-29

Family

ID=42152479

Family Applications (2)

Application Number Title Priority Date Filing Date
CN200810177014A Pending CN101742479A (en) 2008-11-10 2008-11-10 Method and system for updating and distributing smart card secondary security domain keys and mobile terminal
CN201510655668.4A Expired - Fee Related CN105303377B (en) 2008-11-10 2008-11-10 A kind of key of slave security domain of intelligent card update method and electronic fare payment system

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN200810177014A Pending CN101742479A (en) 2008-11-10 2008-11-10 Method and system for updating and distributing smart card secondary security domain keys and mobile terminal

Country Status (2)

Country Link
CN (2) CN101742479A (en)
WO (1) WO2010051716A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017143885A1 (en) * 2016-02-25 2017-08-31 华为技术有限公司 Application processing method and apparatus for embedded universal integrated circuit card
CN112491558A (en) * 2020-11-26 2021-03-12 湖南中育至诚数字科技有限公司 Data writing method, system and storage medium of multi-application chip card
CN113490210B (en) * 2021-06-17 2023-03-24 中国联合网络通信集团有限公司 Method and system for establishing auxiliary security domain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007052116A1 (en) * 2005-11-02 2007-05-10 Nokia Corporation Method and apparatus for initializing a secure element in a wireless terminal .
CN101083792A (en) * 2007-06-27 2007-12-05 浙江省电信有限公司 PHS non-contact card small amount payment system for public transport system
CN101164086A (en) * 2005-03-07 2008-04-16 诺基亚公司 Methods, system and mobile device capable of enabling credit card personalization using a wireless network
CN101295394A (en) * 2007-04-23 2008-10-29 美国通宝科技有限公司 Method and device for providing e-commerce and m-commerce

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2347684A1 (en) * 1998-10-27 2000-05-04 Visa International Service Association Delegated management of smart card applications
US20040123152A1 (en) * 2002-12-18 2004-06-24 Eric Le Saint Uniform framework for security tokens
KR100437513B1 (en) * 2004-02-09 2004-07-03 주식회사 하이스마텍 Smart card for containing plural Issuer Security Domain and Method for installing plural Issuer Security Domain in a smart card
KR100562255B1 (en) * 2004-09-21 2006-03-22 에스케이 텔레콤주식회사 Method for initializing key of security domain
CN101073098A (en) * 2004-12-07 2007-11-14 皇家飞利浦电子股份有限公司 System and method for application management on multi-application smart cards
US8522014B2 (en) * 2006-03-15 2013-08-27 Actividentity Method and system for storing a key in a remote security module
CN101370248B (en) * 2007-08-15 2011-12-07 中国移动通信集团公司 Cryptographic key updating method, third party server and system for activating third party application
CN101374153B (en) * 2007-08-23 2012-02-29 中国移动通信集团公司 Method for activating a third party application safely, a third party server, terminal and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101164086A (en) * 2005-03-07 2008-04-16 诺基亚公司 Methods, system and mobile device capable of enabling credit card personalization using a wireless network
WO2007052116A1 (en) * 2005-11-02 2007-05-10 Nokia Corporation Method and apparatus for initializing a secure element in a wireless terminal .
CN101295394A (en) * 2007-04-23 2008-10-29 美国通宝科技有限公司 Method and device for providing e-commerce and m-commerce
CN101083792A (en) * 2007-06-27 2007-12-05 浙江省电信有限公司 PHS non-contact card small amount payment system for public transport system

Also Published As

Publication number Publication date
CN105303377A (en) 2016-02-03
WO2010051716A1 (en) 2010-05-14
CN101742479A (en) 2010-06-16

Similar Documents

Publication Publication Date Title
CN101729502B (en) Method and system for distributing key
CN101742480B (en) Method and system for distributing initial key of slave security domain of intelligent card and mobile terminal
CN101729493B (en) Method and system for distributing key
CN101809977B (en) Updating mobile devices with additional elements
CN105991287B (en) A kind of generation of signed data and finger print identifying requesting method and device
CN101729244B (en) Method and system for distributing key
CN101729503B (en) Method and system for distributing key
CN101414909A (en) System, method and mobile communication terminal for verifying network application user identification
CN105913234A (en) Methods, Systems, And Computer Readable Media For Over The Air (Ota) Provisioning Of Soft Cards On Devices With Wireless Communications Capabilities
CN104467923B (en) Method, equipment and system that equipment is interacted
CN102469081B (en) Method, equipment and system for operating smart card
CN101742478B (en) Method and system for updating and distributing key of slave security domain of intelligent card and mobile terminal
CN103262590A (en) System and method for provisioning over the air of confidential information on mobile communicative devices with non-UICC secure elements
WO2010096991A1 (en) An application downloading system and method
CN101742481B (en) Method and system for distributing secondary security domain initial keys of smart card and mobile terminal
CN102932788A (en) Mobile phone-based identity identification and near-field payment method
CN105850155A (en) System and method for managing application data of contactless card applications
CN108734005B (en) Security/identity authentication method, mobile equipment and storage device
GB2396707A (en) Authenticating transactions over a telecommunications network
CN105743651B (en) The card in chip secure domain is using method, apparatus and application terminal
CN105303377B (en) A kind of key of slave security domain of intelligent card update method and electronic fare payment system
CN101729246A (en) Method and system for distributing key
CN106327183A (en) Data exchange system and method for onsite transaction processing
CN105160531B (en) Transaction data processing method and processing device
CN115175183B (en) Authentication method and authentication device based on 5G message

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20191029

Termination date: 20201110

CF01 Termination of patent right due to non-payment of annual fee