CN105592033A - Trusted service management system and method - Google Patents
Trusted service management system and method Download PDFInfo
- Publication number
- CN105592033A CN105592033A CN201410843731.2A CN201410843731A CN105592033A CN 105592033 A CN105592033 A CN 105592033A CN 201410843731 A CN201410843731 A CN 201410843731A CN 105592033 A CN105592033 A CN 105592033A
- Authority
- CN
- China
- Prior art keywords
- individualized
- service provider
- methods
- file
- mode
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a trusted service management system. The system comprises a judgment unit which is used for judging the personalization mode of a service provider to which an application belongs when a security carrier initiates application personalization, a first execution unit which is used for acquiring an APDU command from a database and sending the APDU command to the security carrier to execute a personalization operation when the personalization mode is a DP file mode, and a second execution unit which is used for sending an online message to the service provider and receiving a reply to the online message from the service provider so as to forward the reply to the security carrier to execute a personalization operation when the personalization mode is an APD command mode. The invention further provides a method executed by the trusted service management system.
Description
Technical field
The present invention relates to credible Service Management (TSM) system and method.
Background technology
Active computer does not possess by TSM platform carries out personalized function, member mechanismAt hair fastener, open in the process of card, card personalization, can only select traditional hair fastener mode, nothingMethod is according to the pattern that self need to select DP file mode or APDU instruction set; Also meanwhile,Cannot be according to the safe class that self need to select to need; In addition, existing individualized technology onlySupport that PBOC2.0 application is individualized, do not possess the function that many versions CAP bag is supported, alsoTherefore, do not support the rear individualized newly spy of the PBOC3.0 such as the close algorithm of expanded application and state that opensProperty.
Summary of the invention
In order to address the above problem, according to the application aspect, provide one to convinceBusiness management system, described system comprises: judging unit, for initiating application at safety barrierWhen peopleization, the individualized pattern of the service provider under judgement application; The first performance element,For in the time that described individualized pattern is DP file mode, from database, obtains APDU and refer toOrder, and described APDU instruction is sent to described safety barrier to carry out individualized operation;And second performance element, in the time that described individualized pattern is APDU instruction mode, toDescribed service provider sends online message, and receives described online from described service providerIndividualized operation is carried out in replying to be transmitted to described safety barrier of message.
Said system also can comprise: resolution unit, and for receiving from described service providerThe DP document analysis that comprises personal data becomes APDU instruction, and is persisted to described dataStorehouse.
In said system, comprise by described service provider straight to replying of described online messageThat delivers a child carries out individualized instruction set.
Said system also can comprise: control module, and for by described the first performance element also controllingTo carry out current operation by described the second performance element.
In said system, the paired financial PBOC application different editions of described system configurationCAP carries out individualized.
In said system, in the time that user opens expanded application, described system configuration becomes to serviceProvider send expanded application open online message, and by described service provider to described expansionApplication is opened replying of online message and is transmitted to safety barrier execution individualized operation, so that open-mindedExpanded application, wherein, opens replying of online message to described expanded application and comprises by described clothesWhat business provider directly generated carries out " expanded application is open-minded " rear individualized instruction set.
Said system also can comprise: NFS, comprises that one or more and service providesThe catalogue that business is corresponding, described catalogue is used for for the personalized service provider of DP patternPass DP file.
Said system also can comprise: scanning element, and for termly NFS being carried outScan task.
Said system also can comprise: two or more are credible Service Management main frame, and for according to pre-The scheduling strategy dispatch deal DP file concomitantly first arranging.
In said system, described two or more credible Service Management host configuration become according to answeringJudge whether by this host schedules DP with node serial number, task flowing water and document time stampDocument analysis task.
In said system, described the second performance element is configured to before the described online message of transmissionSend the request of dynamic key.
Said system also can comprise: encryption equipment, described encryption equipment is for receiving from service providerTransmission security key TK, decrypts dynamic key according to described transmission security key TK, and according to instituteState dynamic key sensitive data is encrypted to operation.
In said system, described dynamic key comprises KEK key and MAC key.
In said system, described resolution unit is configured to the analysis mode pair of putting in storage according in batchesDP file is resolved, and wherein, the described analysis mode of warehouse-in in batches comprises the steps:A) upper limit of the personal data quantity of pre-defined each batch; B) calculate all individualizingBatch quantity that data loading is required; And c) resolve personal data: every crowd of individual in batchesChange after Data Analysis completes and be persisted to database, then the parsing of carrying out next batch is with lastingChange, resolve and persistence until the personal data of all batches all completes.
Said system also can comprise: notification unit, and for the concrete instruction of notification service providerExecution result.
According to another aspect of the application, provide a kind of credible service management system to carry outMethod, described method comprises: in the time that safety barrier initiation application is individualized, under judgement applicationService provider's individualized pattern; In the time that described individualized pattern is DP file mode,From database, obtain APDU instruction, and described APDU instruction is sent to described safetyCarrier is to carry out individualized operation; And be APDU instruction mode in described individualized patternTime, send online message to described service provider, and receive institute from described service providerState replying to be transmitted to described safety barrier of online message and carry out individualized operation.
Brief description of the drawings
After having read the specific embodiment of the present invention with reference to accompanying drawing, those skilled in the artWill become apparent various aspects of the present invention. Those skilled in the art are to be understood thatBe: these accompanying drawings are only for coordinating detailed description of the invention that technical scheme of the present invention is described, andNot be intended to protection scope of the present invention to be construed as limiting.
Fig. 1 is according to the method flow diagram of the application embodiment, individualized model selection;
Fig. 2 is according to individualizing and open expansion after the application embodiment, a PBOC3.0The schematic diagram of application;
Fig. 3 is according to the stream of the application embodiment, TSM system multi-machine Scheduling strategyCheng Tu;
Fig. 4 is according to the application embodiment, NFS system architecture schematic diagram;
Fig. 5 is according to the application embodiment, comprises static transmission security key pattern and movingThe individualized schematic flow sheet of state transmission security key pattern;
Fig. 6 is according to the flow chart of the application embodiment, DP file fragmentation warehouse-in.
Detailed description of the invention
What introduce below is some in multiple possibility embodiment of the present invention, aims to provide thisThe basic understanding of invention, is not intended to confirm key of the present invention or conclusive key element or restrictionClaimed scope. Easily understand, according to technical scheme of the present invention, do not changing thisUnder bright connotation, other that one of ordinary skill in the art can propose mutually to replaceImplementation. Therefore detailed description of the invention, and accompanying drawing are only to technical side of the present inventionThe exemplary illustration of case, and should not be considered as of the present invention all or be considered as the technology of the present inventionThe restriction of scheme or restriction.
The hair fastener mode that card sending mechanism is traditional is used the DP file mode under line, same userMultiple bank cards are opened to the flow process that card (and individualized) need to be longer. In order to reach instant hair fastenerWith the target of card Content Management, TSM system has been built by Unionpay. TSM is TrustedThe abbreviation of ServiceManagement, the application's TSM is based on " the many application of a card "A set of complete " aerial hair fastener " and application management system that technology is set up. Put down by TSMPlatform, card sending mechanism can be safely, efficiently by multiple financial smart card Information personalizations to mobile phone orOn IC-card, both facilitate user to carry, use, be convenient to again self hair fastener and management.
According to the application's credible Service Management (TSM) system, it can comprise following several masterThe operating process of wanting: 1, individualized instruction is obtained; 2, individualized instruction secure is resolved; 3,Individualized instruction execution and execution result notice.
Individualized instruction is obtained, and the application's TSM is supporting traditional off line DP fileWhen pattern, guiding industry each side is transitioned into and uses online APDU instruction mode. Meanwhile,The application's TSM had both supported the individualized instruction of PBOC2.0 version, also supported PBOC3.0The individualized instruction of version, and can expand to as required the more individualized instruction of highest version.
To the security solution of individualized instruction, the application's TSM adopts the mode of multi-machine SchedulingEnsure high availability. In addition, for realizing distributed file management, introduced NFS network literary compositionPart system is to manage individualized command file. In addition, to the member mechanism of all accesses, provide,Maltilevel security mechanism, guarantees confidentiality and the reliability of individualized instruction. For security solution instituteMust individualize instruction, the application's TSM adopts the segmentation mode of warehouse-in in batches, reduction systemLoad, ensures system even running and high availability thereof.
To completing the individualized instruction of execution, the application's TSM will notify the individual of member mechanismChange instruction execution result, for synchronous both sides' business information.
Fig. 1 is according to the method flow diagram of the application embodiment, individualized model selection.By the application's TSM system, service provider (SP) can realize two kinds of individualized processingPattern: DP file mode and APDU instruction mode.
DP file mode, SP is by the personal data document (DP file) generatingSend to the application's TSM system. In a DP file, may comprise some parts individualizesData. The timing scan task of TSM system is uploaded DP literary composition according to the time sweep SP of configurationThe catalogue of part, is persisted to database after resolving to APDU instruction. Initiating at safety barrier shouldWhen individualized, the individualized pattern of SP under TSM system judgement application, DP ifFile mode, obtains APDU instruction from database, sends to safety barrier to carry out individualizedOperation;
Initiate application when individualized at safety barrier, under TSM system judgement application SPPeopleization pattern, APDU instruction mode if, TSM system sends online message to SP,Directly generate executable individualized instruction set and be assembled into online message by SP and reply to this ShenTSM system please, carries out individualized behaviour by the application's TSM system forwards to safety barrierDo.
TSM system is supported above-mentioned two kinds of individualized patterns simultaneously,, configures by amendment meanwhileParameter can be switched at any time between these two kinds of patterns.
According to the application embodiment, provide a kind of credible Service Management (TSM) to beSystem, it comprises: judging unit, while individualizing for initiating application at safety barrier, judgement shouldBy affiliated service provider's individualized pattern; The first performance element, for described individualWhen change pattern is DP file mode, from database, obtain APDU instruction, and described in inciting somebody to actionAPDU instruction sends to described safety barrier to carry out individualized operation; And second carry outUnit, in the time that described individualized pattern is APDU instruction mode, provides to described serviceBusiness sends online message, and from described service provider receive to described online message reply withJust be transmitted to described safety barrier and carry out individualized operation.
It is pointed out that above-mentioned judging unit, the first performance element and the second performance elementCan adopt the mode of hardware, software or software and hardware combining to realize.
According to the application embodiment, the application's credible service management system can be to financeThe CAP bag of PBOC application different editions is carried out individualized. Compatible CAP bag version at presentComprise PBOC2.0 and PBOC3.0, support two-way compatibility (upward-compatible, double simultaneously downwardsHold). According to the difference of configuration parameter, the SP of trust TSM system management applications can be according to needThe application characteristic of wanting, selects the PBOCCAP of different editions to wrap. To selecting PBOC3.0The SP of CAP bag, TSM system provides the support to the close algorithm of state and expanded application.
As shown in Figure 2, when user opens expanded application, TSM sends expanded application to SP and opensCommunications and liaison machine message, directly generates executable " expanded application is open-minded " rear individualized finger by SPOrder collects and is assembled into online message replys the TSM system to the application, by TSM system forwardsIndividualized operation after carrying out to safety barrier, opens expanded application.
In one embodiment, to using the personalized SP of DP pattern, TSM system providesDP file is uploaded for SP in NFS (NFS) path of specifying, network knotStructure as shown in Figure 4.
In one embodiment, to selecting the personalized DP of DP pattern, TSM system is at NFSThe specific path of middle distribution for SP upload DP file (dynamic key pattern if, simultaneouslyNeed upload dynamic key cryptograph files). When initiating application at cell-phone customer terminal, user downloads applicationTime, TSM system forwards application message to SP, and SP generates executable individualized instruction setAnd (the download application that can comprise multiple users in a DP file is right to be assembled into DP fileThe individualized instruction set of answering), then uploaded in NFS by SP.
When SP uses SFTP mode to sign in to NFS, only possess the corresponding DP file of access and depositPut the authority in path. As shown in Figure 4, two TSM applied host machines can be as the local literary composition of accessPart is equally accessed the file in NFS. Complete after DP document analysis, DP file will be turnedDeposit another path in NFS, retain as historical data.
In one embodiment, if need the more TSM applied host machines of expansion, also can lead toCross host configuration access NFS.
In one embodiment, TSM system can comprise NFS. Network file systemSystem further comprises one or more catalogues corresponding with service provider, and described catalogue is for supplyingUse the personalized service provider of DP pattern to upload DP file.
Due to the use of NFS system, introduce the concurrent processing of many TSM main frames sameThe problem of DP file. For such problem, the application's TSM system is used configurableScheduling strategy is evaded this problem. Scheduling strategy judges as shown in Figure 3.
In conjunction with Fig. 3 and Fig. 4, the scanning element in TSM system is regularly carried out scanning to NFSTask. In the time scanning DP file to be resolved, TSM main frame is according to pre-configured scheduling(comprise that the scheduling strategy such as application node numbering, task flowing water, document time stamp judges complies with strategyAccording to) judge whether by this host schedules DP document analysis task. If take turns to this host schedulesParsing task continues to carry out; Otherwise skip this DP file, continue under scan N FS otherDP file, until all untreated DP files are all processed in NFS. Like this canAvoid the concurrent operations of many TSM main frames to same DP file, reduce database and produce dirtyThe potential risk of data, has improved TSM application reliability.
Fig. 5 has specifically illustrated according to the application embodiment, has included the choosing of safe key pattern inThe complete individualized flow process of selecting.
In one embodiment, the following two kinds of cipher key mode of TSM system support: static transmissionCipher key mode and dynamic transmission cipher key mode. In one embodiment, transmission security key KEKGenerated by SP with MAC key, pass to TSM system with the transmission means of safety.
1) static transmission security key pattern
Before transmitting DP file or APDU instruction set, SP is by static transmission security key KEKPass to hardware encipher machine with MAC key through formal (under line) cipher key change flow process,TSM at every turn to carrier application carry out the transmission security key KEK that calls when individualized in encryption equipment andMAC key carries out sensitive data to every batch data and turns encryption and MAC verification operation.
2) dynamic transmission cipher key mode
SP, in each transmission DP file, generates a dynamic set of KEK and MACKey passes to TSM system in the mode of ciphertext together with DP file. Transmitting individualBefore changing data, SP is by formal the transmission security key TK process of protection KEK and MAC keyCipher key change flow process pass to encryption equipment. When the each hair fastener of TSM, call the biography in encryption equipmentDefeated cipher key T K solves KEK and MAC key, more every batch data is carried out to sensitive data turnsEncrypt and MAC verification operation, this operation must be completed by encryption equipment, must not derive KEKPlaintext with MAC key.
If the individualized pattern of SP is APDU pattern, TSM obtains APDU in transmissionBefore the online message of instruction set, need to first send the online message that obtains dynamic key, trigger SPGenerate a dynamic set of KEK and MAC key, reply to Unionpay in the mode of ciphertext.
In one embodiment, in DP file, may comprise many parts of personal datas. ConsiderThe robustness of TSM system, the resolution unit in system is to comprising the DP of personal data in batchesFile adopts the analysis mode of warehouse-in in batches, pre-defines the individualized number of each batch that is:The upper limit of data bulk, while resolving DP file, calculate all personal datas wherein quantity andBatch relation after personal data is put in storage in batches, computing formula is as follows:
Personal data batch quantity=personal data quantity/every batch of personal data quantityThe upper limit.
Fig. 6 specifically illustrates the flow chart of DP file fragmentation warehouse-in. Starting to resolve DP fileTime, TSM calculates the required batch quantity of all personal datas warehouse-in, starts subsequently pointCriticize and resolve personal data, after every batch of personal data is parsed, be persisted to database,Carry out again parsing and the persistence of next batch, until the personal data of all batches all completesResolve and persistence. By using the analysis mode of segmentation warehouse-in, can greatly strengthen TSM systemThe robustness of system. This has been avoided too much because of personal data in DP file on the one hand, causes carryingHand over to cause when db transaction and connect abnormal, internal memory and overflow. On the other hand, multiple by being divided intoIssued transaction batch data, has avoided resolving and putting in storage unsuccessfully because of certain a personal data, causesAll individualized instructions are all resolved and are put in storage unsuccessfully.
In one embodiment, complete after individualized instruction execution, TSM system will be informedThe instruction execution result that SP is concrete. In one embodiment, if instruction carry out unsuccessfully, TSMTo inform that SP instruction carries out failed reason simultaneously, impel SP amendment personal data, ensureFollow-up business smooth and easy. In one embodiment, if resolve this in individualized instruction secureIn sub-process, make mistakes, will inform the information such as the particular location that SP makes mistakes.
Hold intelligiblely, the TSM system in the application can realize in several ways,Include but not limited to the combination of software, hardware and software and hardware. By this Shen is providedCompatible off-line file pattern please and personalized TSM system and the side of online-order patternMethod, has realized the individualized instruction of the version such as PBOC2.0 and PBOC3.0 is resolved and heldWhen row, support. The feature of the application's TSM system and method is the many of Highly ScalableThe individualized instruction support of version and NFS, configurable multi-machine Scheduling strategy, Gao KeThe maltilevel security mechanism of leaning on and high available segmentation warehouse-in in batches. By these features, can saveThe system resource of TSM, the even running of guarantee system when in the face of Large Volume Data, and reallyProtect when personal data is resolved, carried out and be not tampered.
To sum up, the application's technical scheme provides a kind of compatible off-line file pattern and online fingerThe personalized TSM system and method that makes pattern, this system and method mainly has the following advantages:1) flexible configuration, the one that SP can two kinds of individualized modes of choice for use, if needed,Also can be switched at any time another kind of individualized mode and not need to restart application; 2) multimachine is adjustedDegree, laterally dilatation, to the mainframe cluster of required scale, ensures the high availability of service; 3)Large data sectional warehouse-in in batches, guarantees data integrity; 4) security mechanism is complete, adopts movingState, in conjunction with static security mechanism, ensures data confidentiality.
Above, describe the specific embodiment of the present invention with reference to the accompanying drawings. But, this areaIn those of ordinary skill can understand, in situation without departing from the spirit and scope of the present inventionUnder, can also do various changes and replacement to the specific embodiment of the present invention. These change andReplace and all drop in the claims in the present invention book limited range.
Claims (30)
1. a credible service management system, is characterized in that, described system comprises:
Judging unit, while individualizing for initiating application at safety barrier, under judgement applicationService provider's individualized pattern;
The first performance element, in the time that described individualized pattern is DP file mode, from numberAccording to obtaining APDU instruction in storehouse, and described APDU instruction is sent to described safety barrierTo carry out individualized operation; And
The second performance element, in the time that described individualized pattern is APDU instruction mode, toDescribed service provider sends online message, and receives described online from described service providerIndividualized operation is carried out in replying to be transmitted to described safety barrier of message.
2. the system as claimed in claim 1, also comprises:
Resolution unit, for by the personal data that comprises receiving from described service providerDP document analysis becomes APDU instruction, and is persisted to described database.
3. the system as claimed in claim 1, wherein, comprises replying of described online messageBy the individualized instruction set of carrying out of the direct generation of described service provider.
4. the system as claimed in claim 1, also comprises:
Control module, for controlling by described the first performance element or by described the second fill orderUnit carries out current operation.
5. the system as claimed in claim 1, wherein, the paired financial PBOC of described system configurationThe CAP of application different editions carries out individualized.
6. system as claimed in claim 5, wherein, in the time that user opens expanded application, instituteState system configuration and become to send expanded application to service provider and open online message, and by described clothesBusiness provider opens replying of online message to described expanded application and is transmitted to safety barrier executionIndividualized operation, to open expanded application, wherein, opens online report to described expanded applicationReplying of literary composition comprises carry out " expanded application is open-minded " directly being generated by described service providerRear individualized instruction set.
7. the system as claimed in claim 1, also comprises:
NFS, comprises one or more catalogues corresponding with service provider, described inCatalogue is for uploading DP file for the personalized service provider of DP pattern.
8. the system as described in claim 1 or 7, also comprises:
Scanning element, for carrying out scan task to NFS termly.
9. the system as claimed in claim 1, also comprises:
Two or more are credible Service Management main frame, for according to the scheduling strategy setting in advance alsoSend out ground dispatch deal DP file.
10. system as claimed in claim 9, wherein, described two or more can telecommunications servicesManagement host is configured to judge according to application node numbering, task flowing water and document time stampWhether by this host schedules DP document analysis task.
11. the system as claimed in claim 1, wherein, described the second performance element is configured toBefore the described online message of transmission, send the request of dynamic key.
12. the system as claimed in claim 1, also comprise:
Encryption equipment, described encryption equipment is used for receiving transmission security key TK from service provider, according toDescribed transmission security key TK decrypts dynamic key, and according to described dynamic key to responsive numberAccording to being encrypted operation.
13. systems as claimed in claim 12, wherein, described dynamic key comprises KEKKey and MAC key.
14. systems as claimed in claim 2, wherein, described resolution unit be configured to according toThe analysis mode of warehouse-in is resolved DP file in batches, wherein, and the described solution of warehouse-in in batchesThe mode of analysing comprises the steps:
A) upper limit of the personal data quantity of pre-defined each batch;
B) calculate the required batch quantity of all personal data warehouse-ins; And
C) resolve personal data: after every batch of personal data is parsed, be persisted in batchesDatabase, then carry out parsing and the persistence of next batch, until the individualized number of all batchesResolve and persistence according to all completing.
15. the system as claimed in claim 1, also comprise:
Notification unit, for the concrete instruction execution result of notification service provider.
16. 1 kinds of methods that credible service management system is carried out, is characterized in that described methodComprise:
Initiate application when individualized at safety barrier, the service provider under judgement applicationPeopleization pattern;
In the time that described individualized pattern is DP file mode, from database, obtains APDU and refer toOrder, and described APDU instruction is sent to described safety barrier to carry out individualized operation;And
In the time that described individualized pattern is APDU instruction mode, send to described service providerOnline message, and receive replying to forward described online message from described service providerCarry out individualized operation to described safety barrier.
17. methods as claimed in claim 16, also comprise:
The DP document analysis that comprises personal data receiving from described service provider is becomeAPDU instruction, and be persisted to described database.
18. methods as claimed in claim 16, wherein, to the response packet of described online messageDraw together the individualized instruction set of carrying out directly being generated by described service provider.
19. methods as claimed in claim 16, also comprise:
By amendment configuration parameter, between DP file mode and APDU instruction mode, carry outSwitch.
20. methods as claimed in claim 16, also comprise: financial PBOC is applied notCAP bag with version is carried out individualized.
21. methods as claimed in claim 20, wherein, in the time that user opens expanded application,Send expanded application to service provider and open online message, and by described service provider to instituteState expanded application open replying of online message be transmitted to safety barrier carry out individualized operation, withJust open expanded application, wherein, to described expanded application open replying of online message comprise byWhat described service provider directly generated carries out " expanded application is open-minded " rear individualized instruction set.
22. methods as claimed in claim 16, also comprise:
Provide the NFS of appointment on the personalized service provider of DP patternPass DP file.
23. methods as claimed in claim 16, also comprise:
Termly NFS is carried out to scan task.
24. methods as claimed in claim 16, also comprise:
According to the scheduling strategy setting in advance dispatch deal DP file concomitantly.
25. methods as claimed in claim 24, wherein, the scheduling strategy setting in advance comprisesApplication node numbering, task flowing water and document time stamp.
26. methods as claimed in claim 16, wherein, before the described online message of transmission,First send the request of dynamic key.
27. methods as claimed in claim 16, also comprise:
Receive transmission security key TK from service provider, decrypt according to described transmission security key TKDynamic key, and according to described dynamic key, sensitive data is encrypted to operation.
28. methods as claimed in claim 27, wherein, described dynamic key comprises KEKKey and MAC key.
29. methods as claimed in claim 17, wherein, according to the analysis mode of putting in storage in batchesDP file is resolved, and wherein, the described analysis mode of warehouse-in in batches comprises the steps:
A) upper limit of the personal data quantity of pre-defined each batch;
B) calculate the required batch quantity of all personal data warehouse-ins; And
C) resolve personal data: after every batch of personal data is parsed, be persisted in batchesDatabase, then carry out parsing and the persistence of next batch, until the individualized number of all batchesResolve and persistence according to all completing.
30. methods as claimed in claim 16, also comprise:
The instruction execution result that notification service provider is concrete.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410843731.2A CN105592033B (en) | 2014-12-30 | 2014-12-30 | trusted service management system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410843731.2A CN105592033B (en) | 2014-12-30 | 2014-12-30 | trusted service management system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105592033A true CN105592033A (en) | 2016-05-18 |
| CN105592033B CN105592033B (en) | 2018-12-25 |
Family
ID=55931251
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410843731.2A Active CN105592033B (en) | 2014-12-30 | 2014-12-30 | trusted service management system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105592033B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108718238A (en) * | 2018-05-11 | 2018-10-30 | 北京握奇智能科技有限公司 | A kind of method and system of universal personal |
| CN113347620A (en) * | 2021-08-05 | 2021-09-03 | 深圳市深圳通有限公司 | Method, device, equipment and storage medium for compatibility of multi-version application air card issuing |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040162932A1 (en) * | 2003-02-06 | 2004-08-19 | Renesas Technology Corp. | Memory device |
| CN1759376A (en) * | 2003-01-16 | 2006-04-12 | 太阳微系统公司 | Ordering program data for loading on a device |
| CN1954345A (en) * | 2004-05-28 | 2007-04-25 | 国际商业机器公司 | Smart card data transaction system and method for providing storage and transmission security |
| US20130067216A1 (en) * | 2011-09-14 | 2013-03-14 | Colin Tanner | In-market personalization of payment devices |
| CN103530775A (en) * | 2012-09-28 | 2014-01-22 | 深圳市家富通汇科技有限公司 | Method and system for providing controllable trusted service manager |
-
2014
- 2014-12-30 CN CN201410843731.2A patent/CN105592033B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1759376A (en) * | 2003-01-16 | 2006-04-12 | 太阳微系统公司 | Ordering program data for loading on a device |
| US20040162932A1 (en) * | 2003-02-06 | 2004-08-19 | Renesas Technology Corp. | Memory device |
| CN1954345A (en) * | 2004-05-28 | 2007-04-25 | 国际商业机器公司 | Smart card data transaction system and method for providing storage and transmission security |
| US20130067216A1 (en) * | 2011-09-14 | 2013-03-14 | Colin Tanner | In-market personalization of payment devices |
| CN103530775A (en) * | 2012-09-28 | 2014-01-22 | 深圳市家富通汇科技有限公司 | Method and system for providing controllable trusted service manager |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108718238A (en) * | 2018-05-11 | 2018-10-30 | 北京握奇智能科技有限公司 | A kind of method and system of universal personal |
| CN108718238B (en) * | 2018-05-11 | 2023-04-18 | 北京握奇智能科技有限公司 | Universal personalization method and system |
| CN113347620A (en) * | 2021-08-05 | 2021-09-03 | 深圳市深圳通有限公司 | Method, device, equipment and storage medium for compatibility of multi-version application air card issuing |
| CN113347620B (en) * | 2021-08-05 | 2021-11-12 | 深圳市深圳通有限公司 | Method, device, equipment and storage medium for compatibility of multi-version application air card issuing |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105592033B (en) | 2018-12-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2988470B1 (en) | Automatic purposed-application creation | |
| US9880830B2 (en) | On-board applet migration | |
| CN104917807B (en) | Resource transfers methods, devices and systems | |
| EP4081921B1 (en) | Contactless card personal identification system | |
| CN108282467B (en) | Application method and system of digital certificate | |
| CN104580406A (en) | Method and device for synchronizing login status | |
| CN104199654A (en) | Open platform calling method and device | |
| US20140310606A1 (en) | Method and device for providing plugin in contact list | |
| US11621849B2 (en) | Call center web-based authentication using a contactless card | |
| CN104199657A (en) | Call method and device for open platform | |
| CN109255246A (en) | Interface parameters encryption method, device, computer equipment and storage medium | |
| CN108469962B (en) | Mobile terminal based on mobile phone shield and mobile phone shield management method | |
| Ahmad et al. | Enhancing the security of mobile applications by using TEE and (U) SIM | |
| CN105187410A (en) | Application self-upgrading method and system | |
| CN106162505A (en) | Soft SIM communication means, device and terminal | |
| CN108062713B (en) | Annuity data file obtaining method and device, computer equipment and storage medium | |
| EP3021516A1 (en) | Method and server for providing transaction keys | |
| CN105592033A (en) | Trusted service management system and method | |
| CN110717128B (en) | Method, device, terminal and storage medium for processing in-application webpage | |
| CN109743338A (en) | A kind of verification method logged in automatically, system, server and readable storage medium storing program for executing | |
| CN102547661B (en) | Method and device for establishing communication between Android system and telecommunications smart card | |
| CN106685931B (en) | Smart card application management method and system, terminal and smart card | |
| CN106534112B (en) | Tax control key and communication protocol management method thereof | |
| CN111132042B (en) | Short message concurrent control method and device, storage medium and processor | |
| CN114339630B (en) | Method and device for protecting short message |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |