CN105303377B - A kind of key of slave security domain of intelligent card update method and electronic fare payment system - Google Patents
A kind of key of slave security domain of intelligent card update method and electronic fare payment system Download PDFInfo
- Publication number
- CN105303377B CN105303377B CN201510655668.4A CN201510655668A CN105303377B CN 105303377 B CN105303377 B CN 105303377B CN 201510655668 A CN201510655668 A CN 201510655668A CN 105303377 B CN105303377 B CN 105303377B
- Authority
- CN
- China
- Prior art keywords
- security domain
- card
- application provider
- platform
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/086—Access security using security domains
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Software Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention provides a kind of key of slave security domain of intelligent card update method and electronic fare payment systems.Key of slave security domain of intelligent card update method includes: that user triggers application downloading application, submits application downloading application to application provider's management platform;Application provider manages platform and manages platform submission from security domain request to create information to card publisher;Card publisher manages platform and manages platform and application provider's service terminal to the main security domain transmission of smart card from security domain initial key via application provider, and the main security domain of smart card is initialized with from security domain initial key from security domain;Card publisher, which manages platform, to hand to application provider's management platform from the control of security domain, and application provider manages the initial key that platform updates slave security domain of intelligent card.The present invention, which is realized, is sent to slave security domain of intelligent card from security domain key for new by secured communication channel, to update from security domain key.
Description
This case is the divisional application of patent application 200810177014.5, and the applying date of original application is November 10 in 2008
Day, application No. is 200810177014.5, invention and created name is that a kind of key of slave security domain of intelligent card updates distribution method, is
System and mobile terminal.
Technical field
The present invention relates to the mobile terminal electricity based on NFC (Near Field Communication, near-field communication technology)
Sub- payment technology is particularly related to a kind of key of slave security domain of intelligent card update method and electronic fare payment system.
Background technique
Near-field communication technology (Near Field Communication, NFC) is operate on a kind of low coverage of 13.56MHz
From wireless communication technique, it is evolved by RFID technique and interconnection technique fusion.The mobile communication terminals such as mobile phone integrate NFC technique
Afterwards, non-contact IC card can be simulated, the related application for e-payment.Realize that the program needs on mobile communication terminal
Increase NFC analog front-end chip and NFC antenna in terminal, and uses the smart card for supporting e-payment.
IC card especially non-contact IC card passes through the development of more than ten years, has been widely used in public transport, gate inhibition, small amount
The fields such as e-payment.At the same time, mobile phone undergoes rapid development in more than 20 years, is substantially achieved in resident universal, gives people
Work and life bring very big convenience.The function of mobile phone is stronger and stronger, and exists and integrate more multi-functional trend.By hand
Machine and non-contact IC card technique combine, and mobile phone is applied to e-payment field, and the use scope of meeting further expansion mobile phone is given
It is convenient that people's lives are brought, and there is wide application prospects.
To realize the mobile electronic payment based on NFC technique, needs to establish electronic payment of mobile terminal system, be by this
System realizes the management to the electronic payment of mobile terminal based on NFC, comprising: the distribution of smart card, the downloading of e-payment application,
Installation and individualized, the safety etc. applied using the relevant technologies and management strategy realization e-payment.
It is (complete that the business framework of electronic payment of mobile terminal system based on NFC technique generallys use Global Platform
Ball platform) specification more application frameworks, under the frame, support Global Platform specification smart card refer to meeting
Global Platform Card Specification V2.1.1/V2.2 (global platform calliper model version 2 .1.1/2.2,
GP2.1.1 or GP2.2) specification IC chip or smart card, from physical form can be SIM/USIM card, i.e., client identification mould
Block (Subscriber Identity Model)/UMTS Subscriber identification module (UMTS Subscriber
Identity Module UMTS), pluggable intelligent memory card or integrated IC chip on mobile terminals.
If the electronic payment of mobile terminal system based on near-field communication (NFC) technology supports GP2.1.1 specification, safety logical
Road agreement needs support SCP02 (based on symmetric key), if the electronic payment of mobile terminal system based on near-field communication technology
GP2.2 specification, exit passageway agreement is supported to need support SCP02 (based on symmetric key) and SCP10 (based on unsymmetrical key),
Card issuing quotient, application provider can select according to security strategy demand.
Under normal circumstances, the mobile terminal short distance electronic fare payment system based on NFC is mainly managed by card issuing quotient flat
There is the mobile terminal of e-payment application function smart card to form for platform, application provider's management platform and support, in the system
There may be multiple application providers to manage platform.
Multiple applications can be installed on the smart card for supporting Global Platform specification, in order to realize e-payment
The safety of application, smart card are separated into several independent security domains, with guarantee the mutual isolation of multiple applications and
Independence, each application provider manage respective security domain and application, using data etc..
Security domain is that the outer entity of card includes the representative of card publisher and application provider on card, they include for supporting
The key of the running of exit passageway agreement and smart card Content Management.Security domain includes main security domain and from security domain etc..Main peace
Universe is represented on the compulsory card of card publisher on smart cards.It is card publisher or application provider in intelligence from security domain
Additional on card can card selection previous generation's table.
The key of security domain is generated, distributes and updated to be responsible for by the card publisher or application provider that manage the security domain,
It ensure that application and data from different application supplier can coexist on the same card.The key of security domain includes master
Security domain key, from security domain initial key and from security domain key.Main security domain key and from security domain initial key by card
Distributor management platform generates, and manages platform or application provider's pipe from security domain key by managing from the card publisher of security domain
Platform generates.
Before e-payment application is downloaded and installed into smart card, need on smart cards for the application first create from
Security domain.The creation of slave security domain of intelligent card is to manage platform by card publisher to complete.After smart card issuance, creation intelligence
When card is from security domain, platform must be managed by card publisher from security domain initial key and be imported on smart card by secure way
Slave security domain.
After the completion of security domain creation, in downloading e-payment in application, needing to be updated to from security domain initial key
E-payment using key, that is, be updated to e-payment using slave security domain key.Institute is applied in e-payment
When the slave security domain key used has certain life cycle, it is necessary to be completed before terminating from security domain key life cycle
From the update of security domain key.Additionally, it is also possible to due to security reason need force update e-payment using slave peace
Universe key.From security domain key as confidential data, need to take reliable and safe method will in key updating process
Related key imported into slave security domain of intelligent card, is distributed with realizing from the security update of security domain key.
The specific reality of used the update distribution procedure and System Network Architecture from security domain key of e-payment application
Existing mode is related.In order to realize the security management of smart card and downloading, the installation etc. of e-payment application, smart card need with
Card publisher manages platform and application provider's management platform establishes communication.Smart card can be flat by service terminal and management
Platform establishes communication.Service terminal is can be to the equipment that smart card is written and read, such as the POS machine being connected with computer.Make
In the case where with service terminal, the case where for symmetric key, the security update point of key of slave security domain of intelligent card how is realized
Hair is the problem that electronic payment of mobile terminal needs to solve.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of key of slave security domain of intelligent card update method and electronics branch
The system of paying realizes the security update from security domain key using service terminal.
In order to solve the above-mentioned technical problems, the present invention provides a kind of key of slave security domain of intelligent card update methods, are based on
Electronic payment of mobile terminal system realizes that the electronic payment of mobile terminal system includes having the intelligence of e-payment application function
Energy card, application provider's service terminal, application provider's management platform and card publisher manage platform, and the smart card is directly logical
Application provider's service terminal and the application provider management platform is crossed connect, application provider's management platform and
The card publisher manages platform and passes through private line access, the slave security domain of application provider's management platform management smart card;
The described method includes:
User triggers application downloading application, and Xiang Suoshu application provider manages platform and submits application downloading application;
The application provider manages platform and manages platform submission from security domain request to create information to the card publisher;
The card publisher manages platform and manages platform and application provider's service terminal to intelligence via application provider
Block main security domain to send from security domain initial key, the main security domain of smart card is initialized with described from security domain initial key
From security domain;
The card publisher manages platform will hand to application provider's management platform, institute from the control of security domain
State the initial key that application provider's management platform updates slave security domain of intelligent card.
In order to solve the above-mentioned technical problem, the present invention also provides a kind of electronic fare payment systems, including with e-payment
Smart card, application provider's service terminal, application provider's management platform and the card publisher of application function manage platform, described
Smart card directly passes through application provider's service terminal and the application provider management platform and connect, the application offer
Quotient manages platform and the card publisher manages platform by private line access, and the application provider manages platform management smart card
Slave security domain;Wherein,
The application provider manages platform, for receiving the application downloading application of user's submission, Xiang Suoshu card publisher
Platform is managed to submit from security domain request to create information;It is also used to update the initial key of slave security domain of intelligent card;
The card publisher manages platform, for via application provider manage platform and application provider's service terminal to
The main security domain of smart card is sent from security domain initial key;The application will be handed to from the control of security domain by, which being also used to, provides
Quotient manages platform;
The smart card manages the slave security domain initial key that platform is sent, initialization for receiving the card publisher
From security domain.
Key of slave security domain of intelligent card update method proposed by the present invention and electronic fare payment system, can solve in hair fastener
Afterwards, for symmetric key the case where, generates new from security domain key and logical by secure communication when user downloads and updates
The new slave security domain key is sent to slave security domain of intelligent card by road, to update from security domain key.
Detailed description of the invention
Fig. 1 is the electronic payment of mobile terminal system architecture schematic diagram the present invention is based on near-field communication technology;
Fig. 2 is for the slave security domain of card publisher's management, and the present invention is based on the slave security domains of card publisher's service terminal
Initial key updates distribution flow schematic diagram;
Fig. 3 is for the slave security domain of application provider's management, and the present invention is based on the slave peaces of application provider's service terminal
Universe initial key updates distribution flow schematic diagram;
Fig. 4 is slave security domain of the present invention for card publisher's management, since key expires or force base caused by updating
Distribution flow schematic diagram is updated in the slave security domain key of card publisher's service terminal;
Fig. 5 is slave security domain of the present invention for application provider's management, since key is expired or forced caused by updating
Slave security domain key based on application provider's service terminal updates distribution flow schematic diagram.
Specific embodiment
To make the purpose of the present invention, technical solution and advantage are more clearly understood, and develop simultaneously preferred embodiments referring to the drawings,
The present invention is described in more detail.
The present invention is based on being described for electronic payment of mobile terminal system architecture shown in FIG. 1, but it is not limited to Fig. 1 institute
Show electronic payment of mobile terminal system architecture.
Fig. 1 shows electronic payment of mobile terminal system of the present invention, including application provider's management platform, card publisher's pipe
Platform, application provider's service terminal, card publisher's service terminal, mobile terminal and smart card, smart card are mounted on movement
In terminal, which can also not include mobile terminal, and smart card is an autonomous device at this time.Application provider manage platform and
Card publisher manages platform and is referred to as management platform, and application provider's service terminal and card publisher's service terminal are referred to as business
Terminal.
The smart card supports Global Platform Card Specification V2.1.1/V2.2 specification;Have
The smart card of e-payment application function can directly be distinguished by card publisher's service terminal and application provider's service terminal
Platform is managed with card publisher or application provider's management platform is connect.When the smart card installation with e-payment application function
When on mobile terminals, mobile terminal can be sent out with card respectively by card publisher's service terminal or application provider's service terminal
It does business and manages platform and application provider management platform and connect, for being carried out mutually with the management platform of management slave security domain of intelligent card
Certification, and receive the slave security domain key of the management platform distribution, updates from security domain key, the mutual verification process and
It is realized from security domain key distribution by application provider's service terminal or card publisher's service terminal.
Card publisher's service terminal manages platform management by card publisher, and smart card passes through mobile terminal and card publisher
Service terminal directly manages Platform communication by card publisher's service terminal and card publisher;
Application provider's service terminal manages platform management by application provider, and smart card passes through mobile terminal and application
Provider's service terminal directly manages Platform communication by application provider's service terminal and application provider;
Card publisher manages platform, is responsible for the distribution and management of smart card, resource and life cycle to smart card, close
Key, certificate are managed, and are responsible for from the creation of security domain, and with other security domain interactive application datas, including creation from
Security domain is mutually authenticated and is established interim conversation key, and generation from security domain initial key and newly with the smart card
Slave security domain key.For specific implementation, it may include card management system, application management system that card publisher, which manages platform,
System, key management system, certificate management system, application provider's management system etc., wherein certificate management system is non-right in support
Claim to use in the case where key, certificate management system is connected with card issuing quotient certification authority (CA) system;
Application provider manages platform, is responsible for the offer and management function of e-payment application, provides various businesses application,
And safety management is carried out from security domain to corresponding on smart card, key, certificate, data are applied from security domain to described
Etc. being controlled, the functions such as safety downloading, the installation of application are provided.It is mutually authenticated and is established including with the smart card
Interim conversation key, and generate new slave security domain key.For specific implementation, application provider's management platform be can wrap
Application management system, key management system, certificate management system are included, wherein certificate management system is in the feelings for supporting unsymmetrical key
It is used under condition, certificate management system is connected with certification authority, application provider (CA) system.
Card publisher, which manages platform and application provider's management platform, can provide electronics branch by respective service terminal
It pays related service: participating in processing e-payment subscriber information management, participate in the creation and key distribution, e-payment from security domain
Downloading and the e-payment application of application it is individualized etc..Application provider manage platform and card publisher manage platform it
Between can be communicated by safe lane (such as private line access).
Below in conjunction with being described for electronic payment of mobile terminal system architecture shown in FIG. 1, but it is not limited to shown in Fig. 1
Electronic payment of mobile terminal system architecture updates distribution method to key of slave security domain of intelligent card of the present invention and is illustrated:
Two kinds are related generally to from the key updating of security domain:
One, user downloads e-payment in application, needing the slave security domain of intelligent card with the e-payment association
Initial key be updated to from security domain key.
Step s1, card publisher manage platform and create slave security domain of intelligent card.
Card publisher manages platform and can be created on smart cards according to related application information is downloaded with application from safety
Domain, downloading related application information with application may include smart card ICCID information, application identities and application provider's identity letter
Breath etc..This application information is sent to card publisher by card publisher's service terminal by user and manages platform, or is led to by user
It crosses application provider's service terminal and is sent to application provider's management platform, application provider's management platform is then forwarded to card distribution
Quotient manages platform, or manages platform to card publisher according to the application information from application provider's management platform and submit from peace
Universe request to create.
Step s2 takes different initial key update methods according to the management platform difference of the slave security domain of intelligent card.
After the completion of slave security domain of intelligent card creation, if be managed from security domain by application provider's management platform, block
Distributor management platform will (should include slave security domain of intelligent card mark letter from security domain essential information from security domain essential information
Breath) and initial key be sent to application provider's management platform, to manage being handed to from the control of security domain from safety
The application provider in domain manages platform, and then application provider's management platform updates the initial key from security domain;
If slave security domain of intelligent card manages platform by card publisher and is managed, platform is managed for tool by card publisher
The e-payment application of body downloading updates the initial key from security domain.
When being updated, comprise the following steps:
Step s201 manages the card publisher from security domain and manages platform or application provider's management platform according to intelligence
Card starts card publisher and manages platform or application provider's management platform and smart card from peace from information such as security domain initial keys
Universe mutually authenticates and establishes secure communication channel.The slave security domain of intelligent card of platform management is managed for card publisher, it is described
Mutual verification process is managed in the card publisher via card publisher's service terminal and is completed between platform and the smart card.
For the slave security domain of intelligent card of application provider's management platform management, the mutual verification process is via application provider's industry
Business terminal is managed in the application provider and is completed between platform and the smart card.After completing mutually certification, the card publisher
Interim conversation key is established between management platform or application provider management platform and the slave security domain of intelligent card, this faces
When session key can follow Global Platform Card Specification V2.1.1/V2.2 specification establish, can also
To be established by other methods;The interim conversation key manages platform or application provider's management platform and intelligence for card publisher
It can block from the communication encryption between security domain.
Step s202, the card publisher manages platform or application provider management platform generates new slave security domain
Key manages platform by the card publisher or the application provider manages the peace established between platform and the smart card
Card publisher is managed the new slave security domain key of platform or application provider's management platform generation via card by full communication channel
Publisher's service terminal or application provider's service terminal imported into the slave security domain of intelligent card, complete from security domain key
Security update distribution.
Two, since key expires or forces to update the slave security domain key carried out and update to distribute
It is currently used specified with one from security domain key when being applied with the associated e-payment of slave security domain of intelligent card
When life cycle, it is necessary to which the card publisher by managing the slave security domain of intelligent card manages platform or application provider's management platform exists
The life cycle of currently used slave security domain key currently used is updated this before terminating from security domain key;
When needing to update the associated e-payment of slave security domain of intelligent card using currently used from peace due to security reason
When universe key, platform can be managed by the card publisher for managing the slave security domain of intelligent card or application provider manages platform pair
This is currently used to carry out pressure update from security domain key.
Specific update method includes:
When expiring from security domain key or forcing to update from security domain key due to security reason, according to currently making
From security domain key, starts card publisher and manage the mutual of platform or application provider's management platform and slave security domain of intelligent card
It authenticates and establishes secure communication channel.For the slave security domain of card publisher's management, the mutual verification process is via card publisher
Service terminal is managed in the card publisher and is completed between platform and the smart card.For the slave safety of application provider's management
Domain, the mutual verification process can manage platform and described in the application provider via application provider's service terminal
It is completed between smart card.
After completing mutually certification, the card publisher manages platform or application provider management platform and the smart card
From interim conversation key is established between security domain, which can follow Global Platform Card
Specification V2.1.1/V2.2 specification is established, and can also be established by other methods.The interim conversation key is for blocking
Communication encryption between distributor management platform or application provider's management platform and slave security domain of intelligent card.
The card publisher manages platform or application provider management platform generates new slave security domain key, passes through
The card publisher manages the secure communication established between platform or application provider management platform and the smart card and believes
Card publisher is managed the new slave security domain key that platform or application provider's management platform generate and issued via the card by road
Quotient's service terminal or application provider's service terminal imported into the slave security domain of intelligent card, complete the safety from security domain key
Update distribution.
Key of slave security domain of intelligent card update method of the present invention is further illustrated below by example, wherein Fig. 2, Fig. 3 are related to
And distribute from the update of security domain initial key, Fig. 4, Fig. 5 are related to because key expires or force caused by updating from safety
The update of domain key is distributed.
Fig. 2 be it is according to the present invention, for card publisher's management slave security domain based on card publisher's service terminal
Distribution flow schematic diagram is updated from security domain initial key.As shown in Fig. 2, for card publisher's management based on card publisher's industry
The slave security domain initial key of business terminal updates distribution flow step
Step 201: card publisher manages platform according to from security domain initial key, via card publisher's service terminal to intelligence
It can block and send SELECT command message, select from security domain;
Step 202: smart card manages platform to card publisher via card publisher's service terminal and SELECT order is submitted to ring
Answer message;
Step 203: card publisher manages platform and establishes safety via card publisher's service terminal and slave security domain of intelligent card
Communication channel, for example establish SCP02 safe lane;
The method for establishing secure communication channel are as follows: card publisher manages to be recognized each other between platform and slave security domain of intelligent card
Card carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can be with
It follows Global Platform Card Specification V2.1.1/V2.2 specification to establish, other methods can also be passed through
It establishes;The mutual verification process manages platform and the smart card from peace in the card publisher via card publisher's service terminal
It is completed between universe.
Step 204: card publisher manages platform and generates new slave security domain key;
Step 205: card publisher manages platform by PUTKEY order, via card publisher's service terminal to smart card from
Security domain sends new slave security domain key;
Step 206: slave security domain of intelligent card receives new after security domain key, completes to from security domain initial key
Update operation;
Step 207: slave security domain of intelligent card manages platform to card publisher via card publisher's service terminal and sends
PUTKEY command response terminates to the renewal process from security domain initial key.
Before above-mentioned steps 201, platform also is managed comprising card publisher, smart card is established according to user's application downloading application
From security domain, and issue the step of initial key of slave security domain of intelligent card is to from slave security domain of intelligent card.
Fig. 3 be it is according to the present invention, for application provider's management slave security domain it is whole based on application provider business
The slave security domain initial key at end updates distribution flow schematic diagram.As shown in figure 3, for the slave security domain of application provider's management
Slave security domain initial key based on application provider's service terminal update distribution flow step and include:
Step 301: user passes through application provider's service terminal client-side program or card-programm triggering application downloading Shen
Please, and to application provider's management platform application downloading application is submitted, includes smartcard identification information using downloading application
(ICCID) etc.;
Step 302: application provider manages platform and submits to card publisher's management platform from security domain request to create information,
It include application provider's identity information (ASP-ID) and smartcard identification information (ICCID) etc. in request message;
Step 303: card publisher manages platform validation should be from security domain request to create information, and determines whether that this is asked
It asks.Card publisher manages platform and judges whether to manage platform creation by application provider from security domain.
If card publisher manage platform according in the request to create information smartcard identification information and application provider
The judgements such as identity do not need creation from security domain, then terminate from security domain creation process and otherwise continue to execute subsequent step;
Step 304: card publisher manages platform via application provider's management platform, application provider's service terminal to intelligence
It can block and send SELECT command message, select main security domain;
Step 305: smart card manages platform via application provider's service terminal and application provider and manages to card publisher
Platform submits SELECT command response message;
Step 306: card publisher manages platform and the main security domain of smart card and manages platform and application via application provider
Provider's service terminal establishes secure communication channel, such as establishes SCP02 safe lane;
The method for establishing secure communication channel are as follows: card publisher manages to be recognized each other between platform and the main security domain of smart card
Card carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can be with
It follows Global Platform Card Specification V2.1.1/V2.2 specification to establish, other methods can also be passed through
It establishes;The mutual verification process is managed via application provider's management platform, application provider's service terminal in the card publisher
It is completed between platform and the main security domain of the smart card.
Step 307: card publisher manage platform via application provider manage platform and application provider's service terminal to
Smart card sends INSTALL order;
Step 308: smart card manages platform via application provider's service terminal and application provider and manages to card publisher
Platform submits INSTALL command response;
Step 309: card publisher manages platform and generates from security domain initial key;
Step 310: card publisher manages platform by PUTKEY order, manages platform via application provider and application mentions
It is sent to the main security domain of smart card from security domain initial key for quotient's service terminal;
Step 311: the main security domain of smart card receives after security domain initial key, initial with the slave security domain received
Cipher key initialization is from security domain;
Step 312: the main security domain of smart card manages platform to card via application provider's service terminal and application provider
Distributor management platform sends PUTKEY command response;
Step 313: card publisher manage platform to application provider management platform return from security domain essential information and from
Security domain initial key;
It wherein, should include slave security domain of intelligent card identification information from security domain essential information.
Step 314: application provider's management platform is added in the database from security domain relevant information;
Step 315: application provider manages platform and sends SELECT life to smart card via application provider's service terminal
Message is enabled, is selected from security domain;
Step 316: smart card is submitted via application provider's service terminal to application provider's key management system
SELECT command response;
Step 317: application provider manages platform and establishes via application provider's service terminal and slave security domain of intelligent card
Secure communication channel such as establishes SCP02 safe lane;
The method for establishing secure communication channel are as follows: application provider manages and carries out mutually between platform and slave security domain of intelligent card
Certification carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can
It is established with following Global Platform Card Specification V2.1.1/V2.2 specification, other sides can also be passed through
Method is established;The mutual verification process manages platform and the intelligence in the application provider via application provider's service terminal
Card is completed between security domain.
Step 318: application provider manages platform and generates new slave security domain key;
Step 319: application provider manages platform by PUTKEY order, via application provider's service terminal to intelligence
Block and sends new slave security domain key from security domain;
Step 320: slave security domain of intelligent card receives new after security domain key, completes to from security domain initial key
Update operation;
Step 321: slave security domain of intelligent card is sent via application provider's service terminal to application provider's management platform
PUTKEY command response terminates from security domain key distribution procedure.
Fig. 4 be it is according to the present invention, for card publisher management slave security domain, due to key expire or force update draw
The slave security domain key based on card publisher's service terminal risen updates distribution flow schematic diagram.As shown in figure 4, for card distribution
The slave security domain of quotient's management, since key expires or force the slave security domain based on card publisher's service terminal caused by updating close
Key updates distribution flow step
Step 401, card publisher manage platform and send SELECT order report to smart card via card publisher's service terminal
Text is selected from security domain;
Step 402, smart card manage platform to card publisher via card publisher's service terminal and SELECT order are submitted to ring
It answers;
Step 403, card publisher manage platform and establish safety via card publisher's service terminal and slave security domain of intelligent card
Communication channel such as establishes SCP02 safe lane;
The method for establishing secure communication channel are as follows: card publisher manages to be recognized each other between platform and slave security domain of intelligent card
Card carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can be with
It follows Global Platform Card Specification V2.1.1/V2.2 specification to establish, other methods can also be passed through
It establishes;The mutual verification process manages platform and the smart card from peace in the card publisher via card publisher's service terminal
It is completed between universe.
Step 404, card publisher manage platform and generate new slave security domain key;
Step 405, card publisher manage platform by PUTKEY order, via card publisher's service terminal to smart card from
Security domain sends new slave security domain key;
Step 406, slave security domain of intelligent card receive newly after security domain key, complete key of slave security domain of intelligent card
Update operation;
Step 407, slave security domain of intelligent card manage platform to card publisher via card publisher's service terminal and send
PUTKEY command response terminates from security domain key renewal process.
Fig. 5 be it is according to the present invention, for application provider management slave security domain, due to key expire or force update
The caused slave security domain key based on application provider's service terminal updates distribution flow schematic diagram.As shown in figure 5, for answering
With provider manage slave security domain, due to key expire or force update caused by based on application provider's service terminal from
Security domain key updates distribution flow step
Step 501, application provider's management platform send SELECT life to smart card via application provider's service terminal
Message is enabled, is selected from security domain;
Step 502, smart card submit SELECT life to application provider's management platform via application provider's service terminal
Enable response;
Step 503, application provider's management platform are established via application provider's service terminal and slave security domain of intelligent card
SCP02 safe lane;
The method for establishing secure communication channel are as follows: application provider manages and carries out mutually between platform and slave security domain of intelligent card
Certification carries out after mutually authenticating, it is established that interim conversation key, for communication encryption between the two, which can
It is established with following Global Platform Card Specification V2.1.1/V2.2 specification, other sides can also be passed through
Method is established;The mutual verification process manages platform and the intelligence in the application provider via application provider's service terminal
Card is completed between security domain.
Step 504, application provider's management platform generate new slave security domain key;
Step 505, application provider's management platform are by PUTKEY order, the slave security domain key of carrying newly in order,
New slave security domain key is sent to slave security domain of intelligent card via application provider's service terminal;
Step 506, slave security domain of intelligent card receive newly after security domain key, complete to grasp from the update of security domain key
Make;
Step 507, slave security domain of intelligent card are sent via application provider's service terminal to application provider's management platform
PUTKEY command response terminates from security domain key renewal process.
Key of slave security domain of intelligent card update method, system and mobile terminal of the present invention, can solve for symmetric key
The case where, platform is managed through card publisher's service terminal or application provider's management platform through application provider by card publisher
Service terminal will import safely slave security domain of intelligent card from security domain key, realize the security update of key of slave security domain of intelligent card
Distribution.
The invention may also have other embodiments, without deviating from the spirit and substance of the present invention, is familiar with this
The technical staff in field makes various corresponding changes and modifications in accordance with the present invention, and these corresponding changes and modifications are all answered
It falls within the protection scope of the appended claims of the present invention.
Claims (10)
1. a kind of key of slave security domain of intelligent card update method, which is characterized in that it is realized based on electronic payment of mobile terminal system,
The electronic payment of mobile terminal system include the smart card with e-payment application function, application provider's service terminal,
Application provider manages platform and card publisher manages platform, and the smart card directly passes through application provider's service terminal
It manages platform with the application provider to connect, application provider's management platform manages platform with the card publisher and passes through
Private line access, the slave security domain of application provider's management platform management smart card;The described method includes:
User triggers application downloading application, and Xiang Suoshu application provider manages platform and submits application downloading application;
The application provider manages platform and manages platform submission from security domain request to create information to the card publisher;
The card publisher manages platform and the main security domain of smart card and manages platform and application offer via the application provider
Quotient's service terminal establishes secure communication channel, and the card publisher manages platform and mentions via application provider's management platform and application
It is sent to the main security domain of smart card from security domain initial key for quotient's service terminal, the main security domain of smart card is with described from peace
Universe initial key is initialized from security domain;
The card publisher manages platform will hand to application provider's management platform from the control of security domain, described to answer
The initial key of slave security domain of intelligent card is updated with provider's management platform.
2. the method as described in claim 1, which is characterized in that wherein, the card publisher manages platform and provides via application
Quotient manages platform and application provider's service terminal and sends to the main security domain of smart card from security domain initial key, the smart card
Main security domain is initialized from security domain initial key from security domain with described, is specifically included:
The card publisher manages platform and sends INSTALL order to smart card by the secure communication channel;
The smart card manages platform to card publisher by the secure communication channel and submits INSTALL command response;
The card publisher manages platform and generates from security domain initial key;
The card publisher manages platform and utilizes PUTKEY order, is sent out by the secure communication channel to the main security domain of smart card
It send described from security domain initial key;
The main security domain of the smart card is described from the initialization of security domain initial key from security domain with what is received;
The main security domain of smart card manages platform to card publisher by the secure communication channel and sends PUTKEY order sound
It answers.
3. the method as described in claim 1, which is characterized in that wherein, the card publisher manages platform and the main peace of smart card
Universe manages platform via the application provider and application provider's service terminal establishes secure communication channel, specifically includes:
The card publisher manages platform and manages platform and application provider's service terminal to intelligence via the application provider
Card sends SELECT command message, selects main security domain;
The smart card manages platform via application provider's service terminal and application provider and puts down to card publisher's management
Platform submits SELECT command response message;
The card publisher manages platform and the main security domain of smart card and manages platform and application offer via the application provider
Quotient's service terminal establishes secure communication channel;It is described to establish secure communication channel specifically: the card publisher manage platform with
It is mutually authenticated, is carried out after mutually authenticating, it is established that the special meeting for communication encryption between the two between the main security domain of smart card
Talk about key.
4. the method as described in claim 1, which is characterized in that wherein, the card publisher manages platform will be from security domain
Control hands to application provider's management platform, and application provider's management platform is updated from the initial close of security domain
Key specifically includes:
The card publisher manages platform and sends to application provider's management platform from security domain essential information and at the beginning of the security domain
Beginning key;
Application provider's management platform adds described from security domain relevant information in the database;
Application provider's management platform sends SELECT order report to smart card via application provider's service terminal
Text is selected from security domain;
The smart card submits SELECT command response to application provider via application provider's service terminal;
Application provider's management platform and slave security domain of intelligent card establish secure communication channel, by the new slave safety of generation
Domain key is sent to slave security domain of intelligent card by the secure communication channel, and the slave security domain of intelligent card is completed to from safety
The update of domain initial key operates.
5. method as claimed in claim 4, which is characterized in that wherein, application provider management platform and smart card from
Security domain establishes secure communication channel, and the new slave security domain key of generation is sent to intelligence by the secure communication channel
Card from security domain, complete to operate to from the update of security domain initial key by the slave security domain of intelligent card, specifically includes:
Application provider's management platform establishes safety via application provider's service terminal and slave security domain of intelligent card
Communication channel;It is described to establish secure communication channel specifically: application provider management platform and slave security domain of intelligent card it
Between mutually authenticated, carry out mutually authenticate after, it is established that the interim conversation key for communication encryption between the two;
Application provider's management platform generates new slave security domain key;
Application provider management platform utilizes PUTKEY order, by the secure communication channel to slave security domain of intelligent card
Send new slave security domain key;
The slave security domain of intelligent card receive it is new after security domain key, complete to from the update of security domain initial key grasp
Make;
The slave security domain of intelligent card manages platform to application provider by the secure communication channel and sends PUTKEY order
Response.
6. a kind of electronic fare payment system, which is characterized in that including the smart card with e-payment application function, application provider
Service terminal, application provider's management platform and card publisher manage platform, and the smart card is directly provided by the application
Quotient's service terminal is connect with application provider management platform, and application provider's management platform and the card publisher manage
Platform passes through private line access, the slave security domain of application provider's management platform management smart card;Wherein,
The application provider manages platform, for receiving the application downloading application of user's submission, Xiang Suoshu card publisher management
Platform is submitted from security domain request to create information;It is also used to update the initial key of slave security domain of intelligent card;
The card publisher manages platform, for managing platform and application via the application provider with the main security domain of smart card
Provider's service terminal establishes secure communication channel;It is also used to manage platform via application provider and application provider's business is whole
It holds to the main security domain of smart card and sends from security domain initial key;It is also used to that the application will be handed to from the control of security domain
Provider manages platform;
The smart card manages the slave security domain initial key that platform is sent for receiving the card publisher, initializes from peace
Universe.
7. system as claimed in claim 6, it is characterised in that:
The card publisher manages platform, for sending INSTALL order to smart card by the secure communication channel;Also use
In generating from security domain initial key, using PUTKEY order, sent out by the secure communication channel to the main security domain of smart card
It send described from security domain initial key;
The smart card submits INSTALL command response for managing platform to card publisher by the secure communication channel;
It is also used to described from the initialization of security domain initial key from security domain with what is received;It is also used to through the secure communication channel
Platform, which is managed, to card publisher sends PUTKEY command response.
8. system as claimed in claim 6, it is characterised in that:
The card publisher manages platform, for via the application provider manage platform and application provider's service terminal to
Smart card sends SELECT command message, selects main security domain;It is also used to provide with the main security domain of smart card via the application
Quotient manages platform and application provider's service terminal establishes secure communication channel;It is described to establish secure communication channel specifically: institute
Both it states and is mutually authenticated between card publisher's management platform and the main security domain of smart card, carried out after mutually authenticating, it is established that for
Between communication encryption interim conversation key;
The smart card is managed for managing platform via application provider's service terminal and application provider to card publisher
Platform submits SELECT command response message.
9. system as claimed in claim 6, it is characterised in that:
The card publisher manages platform, for sending to application provider's management platform from security domain essential information and from safety
Domain initial key;
The application provider manages platform, described from security domain relevant information for addition in the database;Be also used to via
Application provider's service terminal sends SELECT command message to smart card, selects from security domain;It is also used to and smart card
Secure communication channel is established from security domain, the new slave security domain key of generation is sent to intelligence by the secure communication channel
It can block from security domain;
The smart card, for submitting SELECT command response to application provider via application provider's service terminal;
It is also used to complete the update operation to initial key of slave security domain of intelligent card.
10. system as claimed in claim 7, it is characterised in that:
The application provider manages platform, for establishing via application provider's service terminal and slave security domain of intelligent card
Secure communication channel;It is described to establish secure communication channel specifically: the application provider manages platform and smart card from safety
It is mutually authenticated, is carried out after mutually authenticating, it is established that the interim conversation key for communication encryption between the two between domain;It is also used to
New slave security domain key is generated, using PUTKEY order, is sent by the secure communication channel to slave security domain of intelligent card
New slave security domain key;
The smart card, it is new after security domain key for receiving, it completes to operate to from the update of security domain initial key;
It is also used to manage platform to application provider by the secure communication channel and sends PUTKEY command response.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510655668.4A CN105303377B (en) | 2008-11-10 | 2008-11-10 | A kind of key of slave security domain of intelligent card update method and electronic fare payment system |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200810177014A CN101742479A (en) | 2008-11-10 | 2008-11-10 | Method and system for updating and distributing smart card secondary security domain keys and mobile terminal |
CN201510655668.4A CN105303377B (en) | 2008-11-10 | 2008-11-10 | A kind of key of slave security domain of intelligent card update method and electronic fare payment system |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200810177014A Division CN101742479A (en) | 2008-11-10 | 2008-11-10 | Method and system for updating and distributing smart card secondary security domain keys and mobile terminal |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105303377A CN105303377A (en) | 2016-02-03 |
CN105303377B true CN105303377B (en) | 2019-10-29 |
Family
ID=42152479
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200810177014A Pending CN101742479A (en) | 2008-11-10 | 2008-11-10 | Method and system for updating and distributing smart card secondary security domain keys and mobile terminal |
CN201510655668.4A Expired - Fee Related CN105303377B (en) | 2008-11-10 | 2008-11-10 | A kind of key of slave security domain of intelligent card update method and electronic fare payment system |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200810177014A Pending CN101742479A (en) | 2008-11-10 | 2008-11-10 | Method and system for updating and distributing smart card secondary security domain keys and mobile terminal |
Country Status (2)
Country | Link |
---|---|
CN (2) | CN101742479A (en) |
WO (1) | WO2010051716A1 (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017143885A1 (en) * | 2016-02-25 | 2017-08-31 | 华为技术有限公司 | Application processing method and apparatus for embedded universal integrated circuit card |
CN112491558A (en) * | 2020-11-26 | 2021-03-12 | 湖南中育至诚数字科技有限公司 | Data writing method, system and storage medium of multi-application chip card |
CN113490210B (en) * | 2021-06-17 | 2023-03-24 | 中国联合网络通信集团有限公司 | Method and system for establishing auxiliary security domain |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2007052116A1 (en) * | 2005-11-02 | 2007-05-10 | Nokia Corporation | Method and apparatus for initializing a secure element in a wireless terminal . |
CN101083792A (en) * | 2007-06-27 | 2007-12-05 | 浙江省电信有限公司 | PHS non-contact card small amount payment system for public transport system |
CN101164086A (en) * | 2005-03-07 | 2008-04-16 | 诺基亚公司 | Methods, system and mobile device capable of enabling credit card personalization using a wireless network |
CN101295394A (en) * | 2007-04-23 | 2008-10-29 | 美国通宝科技有限公司 | Method and device for providing e-commerce and m-commerce |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2347684A1 (en) * | 1998-10-27 | 2000-05-04 | Visa International Service Association | Delegated management of smart card applications |
US20040123152A1 (en) * | 2002-12-18 | 2004-06-24 | Eric Le Saint | Uniform framework for security tokens |
KR100437513B1 (en) * | 2004-02-09 | 2004-07-03 | 주식회사 하이스마텍 | Smart card for containing plural Issuer Security Domain and Method for installing plural Issuer Security Domain in a smart card |
KR100562255B1 (en) * | 2004-09-21 | 2006-03-22 | 에스케이 텔레콤주식회사 | Method for initializing key of security domain |
CN101073098A (en) * | 2004-12-07 | 2007-11-14 | 皇家飞利浦电子股份有限公司 | System and method for application management on multi-application smart cards |
US8522014B2 (en) * | 2006-03-15 | 2013-08-27 | Actividentity | Method and system for storing a key in a remote security module |
CN101370248B (en) * | 2007-08-15 | 2011-12-07 | 中国移动通信集团公司 | Cryptographic key updating method, third party server and system for activating third party application |
CN101374153B (en) * | 2007-08-23 | 2012-02-29 | 中国移动通信集团公司 | Method for activating a third party application safely, a third party server, terminal and system |
-
2008
- 2008-11-10 CN CN200810177014A patent/CN101742479A/en active Pending
- 2008-11-10 CN CN201510655668.4A patent/CN105303377B/en not_active Expired - Fee Related
-
2009
- 2009-08-25 WO PCT/CN2009/073492 patent/WO2010051716A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101164086A (en) * | 2005-03-07 | 2008-04-16 | 诺基亚公司 | Methods, system and mobile device capable of enabling credit card personalization using a wireless network |
WO2007052116A1 (en) * | 2005-11-02 | 2007-05-10 | Nokia Corporation | Method and apparatus for initializing a secure element in a wireless terminal . |
CN101295394A (en) * | 2007-04-23 | 2008-10-29 | 美国通宝科技有限公司 | Method and device for providing e-commerce and m-commerce |
CN101083792A (en) * | 2007-06-27 | 2007-12-05 | 浙江省电信有限公司 | PHS non-contact card small amount payment system for public transport system |
Also Published As
Publication number | Publication date |
---|---|
CN105303377A (en) | 2016-02-03 |
WO2010051716A1 (en) | 2010-05-14 |
CN101742479A (en) | 2010-06-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101729502B (en) | Method and system for distributing key | |
CN101742480B (en) | Method and system for distributing initial key of slave security domain of intelligent card and mobile terminal | |
CN101729493B (en) | Method and system for distributing key | |
CN101809977B (en) | Updating mobile devices with additional elements | |
CN105991287B (en) | A kind of generation of signed data and finger print identifying requesting method and device | |
CN101729244B (en) | Method and system for distributing key | |
CN101729503B (en) | Method and system for distributing key | |
CN101414909A (en) | System, method and mobile communication terminal for verifying network application user identification | |
CN105913234A (en) | Methods, Systems, And Computer Readable Media For Over The Air (Ota) Provisioning Of Soft Cards On Devices With Wireless Communications Capabilities | |
CN104467923B (en) | Method, equipment and system that equipment is interacted | |
CN102469081B (en) | Method, equipment and system for operating smart card | |
CN101742478B (en) | Method and system for updating and distributing key of slave security domain of intelligent card and mobile terminal | |
CN103262590A (en) | System and method for provisioning over the air of confidential information on mobile communicative devices with non-UICC secure elements | |
WO2010096991A1 (en) | An application downloading system and method | |
CN101742481B (en) | Method and system for distributing secondary security domain initial keys of smart card and mobile terminal | |
CN102932788A (en) | Mobile phone-based identity identification and near-field payment method | |
CN105850155A (en) | System and method for managing application data of contactless card applications | |
CN108734005B (en) | Security/identity authentication method, mobile equipment and storage device | |
GB2396707A (en) | Authenticating transactions over a telecommunications network | |
CN105743651B (en) | The card in chip secure domain is using method, apparatus and application terminal | |
CN105303377B (en) | A kind of key of slave security domain of intelligent card update method and electronic fare payment system | |
CN101729246A (en) | Method and system for distributing key | |
CN106327183A (en) | Data exchange system and method for onsite transaction processing | |
CN105160531B (en) | Transaction data processing method and processing device | |
CN115175183B (en) | Authentication method and authentication device based on 5G message |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20191029 Termination date: 20201110 |
|
CF01 | Termination of patent right due to non-payment of annual fee |