CN106130730A - The data sharing method of a kind of smart card and smart card - Google Patents
The data sharing method of a kind of smart card and smart card Download PDFInfo
- Publication number
- CN106130730A CN106130730A CN201610453975.9A CN201610453975A CN106130730A CN 106130730 A CN106130730 A CN 106130730A CN 201610453975 A CN201610453975 A CN 201610453975A CN 106130730 A CN106130730 A CN 106130730A
- Authority
- CN
- China
- Prior art keywords
- application
- smart card
- key
- key information
- data area
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
Abstract
nullThe present embodiments relate to technical field of intelligent card,Particularly relate to data sharing method and the smart card of a kind of smart card,Including: receive first application access request for smart card sharing data area,This access request is carried the access key of the first application,Smart card is preset with the authority information corresponding to the key information of each application and each application,The access key of the first application is verified by the key information according to default each application,If being verified,Then according to the authority that the first application is corresponding, sharing data area is operated,Can be seen that,Each application can hold respective key,The key that each application is held is not limited by other application,The most each application can be held the key of self and remove accessing shared data,Thus realize different application and sharing data area is had different access rights,Therefore, it is possible to improve the safety sharing data.
Description
Technical field
The present embodiments relate to technical field of intelligent card, particularly relate to data sharing method and the intelligence of a kind of smart card
Card.
Background technology
At present, smart card techniques reaches its maturity, and smart card can carry all kinds of different application, such as: traffic application,
The application of financial application, social security, medical applications etc..By the universal smart card carrying multiple application, it is possible to greatly convenient use
The life at family.
Along with increasing of smart card carrying application, face the multiple application on smart card and need to share the problem of data, when
Before, on smart card, many Application share data typically use the following two kinds mode:
Mode one: expanded application, expanded application uses an application and depends on the mode of another application, i.e. answers main
Share data and key with middle establishment, and key is informed to another application side.
Mode two: shared key, shared key uses in advance in outside key and the shared data of creating of application, and
Key synchronization is given the application side needing to share.
For aforesaid way one, key safeguards that Fang Zhu applies, but can not arbitrarily safeguard, as logical in needed during security key change
Know other application sides.
For aforesaid way two, owing to have shared key, operand has been enjoyed in the application that main application obtains key with other
According to equal authority, it is impossible to segmentation authority.
Therefore, above two mode is owing to cannot be finely divided authority to the key of application, thus have impact on shared data
Safety.
Summary of the invention
The embodiment of the present invention provides data sharing method and the smart card of a kind of smart card, in order to improve the peace of shared data
Quan Xing.
The embodiment of the present invention provides the data sharing method of a kind of smart card, including:
Receive first and apply the access request for smart card sharing data area, described access request is carried described first
The access key of application, is preset with the authority information corresponding to the key information of each application and each application in described smart card,
Any one that described first application is described each application;
The access key of described first application is verified by the key information according to described default each application, if checking
Pass through, then according to the authority that described first application is corresponding, described sharing data area is operated.
It is also preferred that the left preset the key information of each application in the following manner in described smart card and respectively apply corresponding
Authority information:
In the described smart card personalization stage, described sharing data area is set, and for described smart card needing access institute
State sharing data area each application key information and authority information are set;
The key information of each application in described smart card is distributed to corresponding each application.
It is also preferred that the left for described smart card needs access described sharing data area each application key information and power are set
Limit information, including:
The key information of each application arranged sharing data area stores;
Shared data attribute file is set in described smart card, described shared data attribute file stores permission and visits
Ask storage address and the authority information of the key information of each application of described sharing data area.
It is also preferred that the left
Described sharing data area is arranged under the public directory of described smart card;
The key information of described each application is stored in secure storage areas.
It is also preferred that the left also include:
Receive the key amendment request of described first application, the amendment request of described key carries described first application
Key information and new key information;
The amendment request of described key is verified by the key information according to described first application, if being verified, then will
The described new key information carried in the amendment request of described key is corresponding as the first application described in described sharing data area
Key information.
It is also preferred that the left for described smart card needs access described sharing data area each application authority information is set, bag
Include:
Arranging access limit for the first application in described smart card, described first application is that the master in described smart card should
With;
For the application in addition to described first application in described smart card, read right is set.
The embodiment of the present invention also provides for a kind of smart card, including:
Presetting module, is used for presetting the authority corresponding to the key information of each application and each application in described smart card
Information;
Receiver module, for receiving first application access request for smart card sharing data area, described access request
In carry the access key of described first application, described first application is any one of described each application;
Authentication module, for entering the access key of described first application according to the key information of described default each application
Row checking, if being verified, then operates described sharing data area according to the authority that described first application is corresponding.
It is also preferred that the left described presetting module, specifically for:
In the described smart card personalization stage, described sharing data area is set, and for described smart card needing access institute
State sharing data area each application key information and authority information are set;
The key information of each application in described smart card is distributed to corresponding each application.
It is also preferred that the left described presetting module, specifically for:
The key information of each application arranged sharing data area stores;
Shared data attribute file is set in described smart card altogether, described shared data attribute file stores permission
Access storage address and the authority information of the key information of each application of described sharing data area.
It is also preferred that the left
Described sharing data area is under the public directory of described smart card;
The key information of described each application is stored in secure storage areas.
It is also preferred that the left described receiver module, it is additionally operable to:
Receive the key amendment request of described first application, the amendment request of described key carries described first application
Key information and new key information;
Described authentication module, is additionally operable to the key information according to described first application and tests the amendment request of described key
Card, if being verified, then using the described new key information carried in the amendment request of described key as in described sharing data area
Key information corresponding to described first application.
It is also preferred that the left described presetting module, specifically for:
Arranging access limit for the first application in described smart card, described first application is that the master in described smart card should
With;
For the application in addition to described first application in described smart card, read right is set.
The data sharing method of a kind of smart card that above-described embodiment provides and smart card, including: receive the first application pin
Access request to smart card sharing data area, carries the access key of the first application in this access request, preset in smart card
There is the authority information corresponding to the key information of each application and each application, according to the key information of default each application to first
The access key of application is verified, if being verified, then grasps sharing data area according to the authority that the first application is corresponding
Make, it can be seen that each application can hold respective key, and the key that each application is held is not limited by other application, i.e.
Each application can be held the key of self and remove accessing shared data, thus realizes different application and sharing data area is had difference
Access rights, therefore, it is possible to improve share data safety.
Accompanying drawing explanation
For the technical scheme being illustrated more clearly that in the embodiment of the present invention, in embodiment being described below required for make
Accompanying drawing briefly introduce.
The data sharing method flow chart of a kind of smart card that Fig. 1 provides for the embodiment of the present invention;
The method flow diagram of the first application amendment key of a kind of smart card that Fig. 2 provides for the embodiment of the present invention;
The smart card that Fig. 3 provides for the embodiment of the present invention is in the access request receiving traffic application accessing shared data district
Rear performed flow chart;
The smart card that Fig. 4 provides for the embodiment of the present invention is in the access request receiving financial application accessing shared data district
Rear performed flow chart;
The structural representation of a kind of smart card that Fig. 5 provides for the embodiment of the present invention.
Detailed description of the invention
In order to make the purpose of the present invention, technical scheme and beneficial effect clearer, below in conjunction with accompanying drawing and enforcement
Example, is further elaborated to the present invention.Should be appreciated that specific embodiment described herein is only in order to explain this
Bright, it is not intended to limit the present invention.
Fig. 1 illustrates the data sharing method flow chart of a kind of smart card that the embodiment of the present invention provides, such as Fig. 1
Shown in, the method comprises the steps that
S101, receive the first application for the access request of smart card sharing data area, this access request carries the
The access key of one application, is preset with the authority letter corresponding to the key information of each application and each application in described smart card
Breath, the first application is any one application in each application.
The access key of the first application is verified by S102, key information according to each application preset in smart card.
S103, judgement verify whether to pass through, if being verified, then go to step S104, otherwise terminate flow process.
S104, according to first application corresponding to authority sharing data area is operated.
In above-mentioned steps S101, first shared data control information can be set by the smart card personalization stage
(share data control information is called for short SDI), shared data control information can arrange sharing data area
Position, and the protection attribute sharing file in sharing data area is set, then for needing accessing shared data in smart card
Each application in district arranges key information and authority information, is finally distributed to accordingly by the key information of each application in smart card
Each application, it is achieved preset key information and the authority information of each application of each application within a smart card.Wherein, set to increase
Put the motility of sharing data area, sharing data area can be arranged under the public application catalogue of smart card, it is possible to will be altogether
Enjoy under the root that data field is arranged on smart card, i.e. the position of sharing data area is unrestricted.Concrete, share Data Control
The form that arranges of information can be as shown in form one.
Form one
According to the shared data control information in form one, create two parts of shared data in sharing data area and be respectively altogether
Enjoying data A and shared data B, the shared data attribute file ID sharing data A corresponding is ATTR_A, shares data A corresponding
Shared Data Position is LOC_A, and the shared data content encryption factor sharing data A corresponding is CKEY_A;Share data B corresponding
Shared data attribute file ID be ATTR_B, sharing shared Data Position corresponding to data B is LOC_B, shares data B corresponding
Shared data content encryption the factor be CKEY_B.
When the first application sends access request to sharing data area, shared data attribute file ID need to be carried, and according to
Share data attribute file ID shared file is conducted interviews.
It should be noted that for the safety increasing sharing data area, share data when creating in sharing data area
Time, smart card it be also possible to use check code and verifies it, if being verified, then can create in sharing data area and share data, no
The most do not have and create the authority sharing data in sharing data area.Wherein, the storage position of check code can be as shown in form one.
Additionally, for the space saving sharing data area, i.e. in order to improve the utilization rate of sharing data area, when at shared number
After having created shared data according to district, it be also possible to use stop bits mark and sharing data area is marked, depositing of stop bits mark
Storage space is put can be as shown in form one.
It should be noted that for the safety increasing sharing data area, when first applies before accessing shared data district,
Smart card can verify the correctness of shared data control information and shared data attribute file, prevents from illegally being distorted, if checking
Pass through, then can continue executing with follow-up verification operation, no authentication failed, then direct denied access.
In above-mentioned steps S102, except according to the visit to the first application of the key information of each application preset in smart card
Outside asking that key is verified, also the key information of the identification information of each application and each application can be combined and the first application is recognized
Card.
The when of it addition, write data in sharing data area or read data from sharing data area, it be also possible to use shared
The data sharing the shared data content encryption factor pair write corresponding to Data Identification in data field are encrypted or to reading
Data be decrypted.
After each application needing accessing shared data district in for smart card arranges key information and authority information, also may be used
The key information of each application is stored.Wherein, in order to increase the motility of key information storage, key information can be stored
Under the public application catalogue of smart card, it is possible to key information is stored under the root of smart card, i.e. key information
Storage position unrestricted.
Preferably, each application needing accessing shared data district in for smart card arrange key information and authority information it
After, the key information of each application can be stored in the secure storage areas of smart card.
Preferably, (share data attribution is called for short also can to arrange shared data attribute file within a smart card
SAT), in shared data attribute file, storage allows index and the authority letter of each application key information in accessing shared data district
Breath.Wherein, in order to increase the safety of key, shared data attribute file can be stored in the secure storage areas of smart card.
First priority assignation applied, when presetting the authority information of the first application, can be " reading " authority, also by smart card
Can be " writing " authority by the first priority assignation applied, can be also " read-write " authority by the priority assignation of the first application, due to the
One application is any one application in smart card, can be that each application arranges different authorities.
Concrete, if the priority assignation that first applies is set to " reading " authority, represent that the first application can only be to sharing
The data stored in data field can perform read operation and can not perform write operation;If the priority assignation applied first is arranged
During for " writing " authority, represent that the first application can only can carry out write operation to the data stored in sharing data area and can not hold
Row read operation;If the priority assignation that first applies is set to " read-write " authority, represent that the first application is in sharing data area
The data stored both can perform read operation can also perform write operation.
Concrete, sharing the data attribute file storage form in the secure storage areas of smart card can be as shown in form two.
Form two
In form two, share key information and the authority information storing two application in data attribute file, respectively
Key information and authority information, the key information of application 2 and authority information for application 1.Wherein, flag bit pair is being read in application 1
The authority answered is "Yes", and applying 1 is "Yes" writing authority corresponding to flag bit, and the access cipher key index applying 1 correspondence is KEY_
1;Application 2 is "Yes" in the authority reading flag bit corresponding, and applying 1 is "No" writing authority corresponding to flag bit, applies 2 correspondences
Access cipher key index is KEY_2.
At form two, the state in the cipher key access time limit of application also can be set, when the shape by the cipher key access time limit of application
Time state is set to "No", representing that data in sharing data area can be conducted interviews by application, otherwise application can not be to shared data
District conducts interviews.
It should be noted that for the safety increasing shared data attribute file, share when creating in secure storage areas
The when of data attribute file, smart card it be also possible to use check code and verifies it, if being verified, then can create in secure storage areas
Build shared data attribute file, the most do not have and create the authority sharing data attribute file in secure storage areas.Wherein, verification
The storage position of code can be as shown in form two.
Additionally, for the space saving secure storage areas, i.e. in order to improve the utilization rate of secure storage areas, when depositing in safety
After storage area has created shared data attribute file, it be also possible to use stop bits mark and secure storage areas is marked, stop bits
The storage position of mark can be as shown in form two.
Preferably, the key that each application also can be held by each application is safeguarded, such as amendment application itself
Key, the flow process of each application amendment key in smart card, can be found in Fig. 2.
Fig. 2 illustrates the method stream of the first application amendment key of a kind of smart card that the embodiment of the present invention provides
Cheng Tu, as in figure 2 it is shown, the method flow process comprises the steps that
S201, the key amendment request of reception the first application, the amendment of this key carries the key of the first application in asking
Information and new key information.
S202, according to first application key information to key amendment request verify.
S203, judgement verify whether to pass through, if being verified, then go to step S204, otherwise terminate flow process.
S204, using the new key information carried in key amendment request as corresponding to the first application in sharing data area
Key information.
Below by a specific example, above-mentioned method flow is carried out detailed explanation.
In this example, it is assumed that there are two application to be respectively financial application and traffic application in smart card, traffic application needs
Site information to be write in shared data A of smart card sharing data area, financial application needs from smart card sharing data area
Shared data A in reader station dot information to carry out follow-up operation of deducting fees, then can be first by the individualized stage of smart card
First arranging shared data A in the sharing data area of smart card, shared data A arranged in the sharing data area of smart card are used for depositing
Site information in storage traffic application.
The storage organization sharing data A in the sharing data area of smart card can be as shown in form three.
Form three
Share data ID | Share data attribute file ID | Share Data Position | Share the data content encryption factor |
Share data A | ATTR_A | LOC_A | CKEY_A |
In form three, creating a data of sharing in the sharing data area of smart card is to share data A, and shares number
The shared data attribute file ID corresponding according to A is ATTR_A, and the shared Data Position sharing data A corresponding is LOC_A, shares number
It is CKEY_A according to the shared data content encryption factor corresponding for A.
Then key key1 is set to the key of financial application, key key2 is set to the key of traffic application, and
And key key1 is sent to financial application, key key2 is sent to traffic application.
Continue to assume to apply traffic in the key key1 corresponding to financial application in sharing data area and sharing data area
Corresponding key key2 is stored in the secure storage areas of smart card, and key corresponding to financial application in sharing data area
The index of key1 is Add1, and in sharing data area, the index of key key2 corresponding to traffic application is Add2.
It is further assumed that arrange shared data attribute file in intelligent card, therefore, depositing of data attribute file is shared
Storage form can be as shown in form four.
Form four
Application ID | Read flag bit | Write flag bit | Key is the most expired | Access cipher key index |
Financial application ID1 | It is | No | No | Add1 |
Traffic application ID2 | No | Write | No | Add2 |
In form four, financial application ID1 is "Yes" in the authority reading flag bit corresponding, and financial application ID1 is writing flag bit
Corresponding authority is "No", and access cipher key index corresponding to financial application ID1 is Add1;Traffic application ID2 is reading flag bit pair
The authority answered is "No", and traffic application ID2 is "Yes" writing authority corresponding to flag bit, and access corresponding for traffic application ID2 is close
Key index is Add2.
Continue to assume that Current traffic applies the site information needing to write in sharing data area for " Long Yanglu enters, Zhangjiang
High-tech goes out ", then the flow process that smart card is performed after the access request receiving traffic application accessing shared data district, can be found in
Fig. 3.
S301, traffic application send access request, carry key key2, the mark of traffic application in this access request
ID2 and shared data attribute file ID are ATTR_A.
S302, after the access request receiving traffic application accessing shared data district, search share data attribute file
According to mark ID2 storing traffic application in shared data attribute file, mark ID2 of middle storage traffic application, determines that traffic should
Cipher key address Add2 with corresponding key key2.
S303, basis are shared cipher key address Add2 corresponding to traffic application of storage in data attribute file and are read traffic
Key key2 corresponding to application.
S304, according to the key key2 corresponding to traffic application, the traffic access request that sent of application is verified,
It is key key2 owing to the access request that traffic application is sent carrying key information, is therefore verified, goes to step
S305。
S305, traffic application are that ATTR_A is to shared data according to the shared data attribute file ID carried in access request
District shares data A execution write operation, i.e. traffic application be written to site information " Long Yanglu enters, and Zhangjiang high-tech goes out " share number
According in the shared Data Position LOC_A corresponding to A, and use and share shared data content encryption factor CKEY_ that data A are corresponding
The data of write are encrypted by A.
On the basis of above-mentioned hypothesis, financial application is reading the website that traffic application is write from sharing data area
The flow process of information " Long Yanglu enters, and Zhangjiang high-tech goes out ", can be found in Fig. 4.
S401, financial application send access request, carry the mark of key key1, financial application in this access request
ID1 and shared data attribute file ID are ATTR_A.
S402, after the access request receiving financial application accessing shared data district, search share data attribute file
According to mark ID1 storing financial application in shared data attribute file, mark ID1 of middle storage financial application, determines that finance should
Cipher key address Add1 with corresponding key key1.
S403, basis are shared cipher key address Add1 corresponding to financial application of storage in data attribute file and are read finance
Key key1 corresponding to application.
S404, the access request sent financial application according to the key key1 corresponding to financial application are verified,
It is key key1 owing to the access request that financial application is sent being carried key information, is therefore verified, goes to step
S405。
S405, financial application are that ATTR_A is to shared data according to the shared data attribute file ID carried in access request
District shares data A execution read operation, i.e. financial application read from the shared Data Position LOC_A corresponding to shared data A
To site information " Long Yanglu enters, and Zhangjiang high-tech goes out ", and the shared data content using shared data A corresponding encrypts the factor
The data of write are decrypted by CKEY_A.
Smart card is detained by S406, financial application according to the site information " Long Yanglu enters, and Zhangjiang high-tech goes out " read
Take operation.
It should be noted that can arrange multiple sharing data area in smart card, each sharing data area all can be by many
Individual application accesses.
According to the above it can be seen that each application can hold respective key, the key that each application is held is not
Being limited by other application, the most each application can be held the key of self and remove accessing shared data, thus can realize different application
Shared data are had different access rights, and the authority respectively applied is each independent, therefore, it is possible to share the safety of data
Property.Further, since respective key is safeguarded in each application in smart card voluntarily, each application in smart card more flexibly with
Independent, therefore can also reduce the coupling between each application.
Based on same idea, the embodiment of the present invention provides a kind of smart card, the smart card that Fig. 5 provides for the embodiment of the present invention
The structural representation of 500, as it is shown in figure 5, smart card 500 comprises the steps that
Presetting module 501, is used for presetting in described smart card corresponding to the key information of each application and each application
Authority information;
Receiver module 502, for receiving first application access request for smart card sharing data area, described access please
The access key of described first application is carried, any one that described first application is described each application in asking;
Authentication module 503, for close to the access of described first application according to the key information of described default each application
Key is verified, if being verified, then operates described sharing data area according to the authority that described first application is corresponding.
It is also preferred that the left presetting module 501, specifically for:
In the described smart card personalization stage, described sharing data area is set, and for described smart card needing access institute
State sharing data area each application key information and authority information are set;
The key information of each application in described smart card is distributed to corresponding each application.
It is also preferred that the left presetting module 501, specifically for:
The key information of each application arranged sharing data area stores;
Shared data attribute file is set in described smart card, described shared data attribute file stores permission and visits
Ask storage address and the authority information of the key information of each application of described sharing data area.
It is also preferred that the left
Described sharing data area is arranged under the public directory of described smart card;
The key information of described each application is stored in secure storage areas.
It is also preferred that the left receiver module 502, it is additionally operable to:
Receive the key amendment request of described first application, the amendment request of described key carries described first application
Key information and new key information;
Authentication module 503, is additionally operable to the key information according to described first application and tests the amendment request of described key
Card, if being verified, then using the described new key information carried in the amendment request of described key as in described sharing data area
Key information corresponding to described first application.
It is also preferred that the left presetting module 501, specifically for:
Arranging access limit for the first application in described smart card, described first application is that the master in described smart card should
With;
For the application in addition to described first application in described smart card, read right is set.
From the above, it is seen that the data sharing method of a kind of smart card of embodiment of the present invention offer and intelligence
Blocking, each application can hold respective key, and the key that each application is held is not limited by other application, and the most each application can
Remove accessing shared data holding the key of self, thus different application can be realized shared data are had different access rights
Limit, and the authority respectively applied is each independent, therefore, it is possible to share the safety of data.Further, since each in smart card
Respective key is safeguarded in application voluntarily, and each application in smart card is more flexibly with independent, and therefore can also reduce each should
Coupling between with.
Those skilled in the art are it should be appreciated that embodiments of the invention can be provided as method or computer program.
Therefore, the embodiment in terms of the present invention can use complete hardware embodiment, complete software implementation or combine software and hardware
Form.And, the present invention can use can be with depositing at one or more computers wherein including computer usable program code
The shape of the upper computer program implemented of storage media (including but not limited to disk memory, CD-ROM, optical memory etc.)
Formula.
The present invention is with reference to method, equipment (system) and the flow process of computer program according to embodiments of the present invention
Figure and/or block diagram describe.It should be understood that can the most first-class by computer program instructions flowchart and/or block diagram
Flow process in journey and/or square frame and flow chart and/or block diagram and/or the combination of square frame.These computer programs can be provided
Instruction arrives the processor of general purpose computer, special-purpose computer, Embedded Processor or other programmable data processing device to produce
A raw machine so that the instruction performed by the processor of computer or other programmable data processing device is produced for real
The device of the function specified in one flow process of flow chart or multiple flow process and/or one square frame of block diagram or multiple square frame now.
These computer program instructions may be alternatively stored in and computer or other programmable data processing device can be guided with spy
Determine in the computer-readable memory that mode works so that the instruction being stored in this computer-readable memory produces and includes referring to
Make the manufacture of device, this command device realize at one flow process of flow chart or multiple flow process and/or one square frame of block diagram or
The function specified in multiple square frames.
These computer program instructions also can be loaded in computer or other programmable data processing device so that at meter
Perform sequence of operations step on calculation machine or other programmable devices to produce computer implemented process, thus at computer or
The instruction performed on other programmable devices provides for realizing at one flow process of flow chart or multiple flow process and/or block diagram one
The step of the function specified in individual square frame or multiple square frame.
Although preferred embodiments of the present invention have been described, but those skilled in the art once know basic creation
Property concept, then can make other change and amendment to these embodiments.So, claims are intended to be construed to include excellent
Select embodiment and fall into all changes and the amendment of the scope of the invention.
Obviously, those skilled in the art can carry out various change and the modification essence without deviating from the present invention to the present invention
God and scope.So, if these amendments of the present invention and modification belong to the scope of the claims in the present invention and equivalent technologies thereof
Within, then the present invention is also intended to comprise these change and modification.
Claims (12)
1. the data sharing method of a smart card, it is characterised in that including:
Receive first application access request for smart card sharing data area, described access request is carried described first application
Access key, described smart card is preset with the authority information corresponding to the key information of each application and each application, described
Any one that first application is described each application;
The access key of described first application is verified, if checking is logical by the key information according to described default each application
Cross, then according to the authority that described first application is corresponding, described sharing data area is operated.
2. the method for claim 1, it is characterised in that preset each application in the following manner in described smart card
Authority information corresponding to key information and each application:
In the described smart card personalization stage, described sharing data area is set, and described common for described smart card needing access
Enjoy data field each application key information and authority information are set;
The key information of each application in described smart card is distributed to corresponding each application.
3. method as claimed in claim 2, it is characterised in that for needing in described smart card to access described sharing data area
Each application key information and authority information are set, including:
The key information of each application arranged sharing data area stores;
Shared data attribute file is set in described smart card, described shared data attribute file stores permission and accesses institute
State storage address and the authority information of the key information of each application of sharing data area.
4. method as claimed in claim 3, it is characterised in that
Described sharing data area is arranged under the public directory of described smart card;
The key information of described each application is stored in secure storage areas.
5. the method as described in any one of Claims 1-4, it is characterised in that also include:
Receive the key amendment request of described first application, the amendment request of described key carries the key of described first application
Information and new key information;
The amendment request of described key is verified, if being verified, then by described by the key information according to described first application
Close as corresponding to the first application described in described sharing data area of the described new key information carried in key amendment request
Key information.
6. method as claimed in claim 5, it is characterised in that for needing in described smart card to access described sharing data area
Each application authority information is set, including:
Arranging access limit for the first application in described smart card, described first application is the main application in described smart card;
For the application in addition to described first application in described smart card, read right is set.
7. a smart card, it is characterised in that including:
Presetting module, is used for presetting the authority letter corresponding to the key information of each application and each application in described smart card
Breath;
Receiver module, applies the access request for smart card sharing data area for receiving first, takes in described access request
With the access key of described first application, any one that described first application is described each application;
Authentication module, for testing the access key of described first application according to the key information of described default each application
Card, if being verified, then operates described sharing data area according to the authority that described first application is corresponding.
8. smart card as claimed in claim 7, it is characterised in that described presetting module, specifically for:
In the described smart card personalization stage, described sharing data area is set, and described common for described smart card needing access
Enjoy data field each application key information and authority information are set;
The key information of each application in described smart card is distributed to corresponding each application.
9. smart card as claimed in claim 8, it is characterised in that described presetting module, specifically for:
The key information of each application arranged sharing data area stores;
Shared data attribute file is set in described smart card, described shared data attribute file stores permission and accesses institute
State storage address and the authority information of the key information of each application of sharing data area.
10. smart card as claimed in claim 9, it is characterised in that
Described sharing data area is arranged under the public directory of described smart card;
The key information of described each application is stored in secure storage areas.
11. smart cards as described in any one of claim 7 to 10, it is characterised in that described receiver module, are additionally operable to:
Receive the key amendment request of described first application, the amendment request of described key carries the key of described first application
Information and new key information;
Described authentication module, is additionally operable to the key information according to described first application and verifies the amendment request of described key,
If being verified, then the described new key information carried in the amendment of described key being asked is as described in described sharing data area
Key information corresponding to first application.
12. smart cards as claimed in claim 11, it is characterised in that described presetting module, specifically for:
Arranging access limit for the first application in described smart card, described first application is the main application in described smart card;
For the application in addition to described first application in described smart card, read right is set.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610453975.9A CN106130730A (en) | 2016-06-21 | 2016-06-21 | The data sharing method of a kind of smart card and smart card |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610453975.9A CN106130730A (en) | 2016-06-21 | 2016-06-21 | The data sharing method of a kind of smart card and smart card |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106130730A true CN106130730A (en) | 2016-11-16 |
Family
ID=57471115
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610453975.9A Pending CN106130730A (en) | 2016-06-21 | 2016-06-21 | The data sharing method of a kind of smart card and smart card |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106130730A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106789074A (en) * | 2016-12-27 | 2017-05-31 | 广州智慧城市发展研究院 | The application identity verification method and checking system of a kind of Java card |
CN106970978A (en) * | 2017-03-28 | 2017-07-21 | 联想(北京)有限公司 | Data sharing method and device |
CN107679394A (en) * | 2017-06-25 | 2018-02-09 | 平安科技(深圳)有限公司 | Using log-in control method, service terminal and computer-readable recording medium |
CN107886006A (en) * | 2017-11-28 | 2018-04-06 | 北京博晨技术有限公司 | Data manipulation method, device and electronic equipment |
WO2018161253A1 (en) * | 2017-03-07 | 2018-09-13 | 深圳市欸阿技术有限公司 | Data sharing system and method |
CN109450620A (en) * | 2018-10-12 | 2019-03-08 | 阿里巴巴集团控股有限公司 | The method and mobile terminal of security application are shared in a kind of mobile terminal |
CN117113445A (en) * | 2023-09-01 | 2023-11-24 | 江苏航运职业技术学院 | Information sharing method for smart card data terminal system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101231768A (en) * | 2008-01-25 | 2008-07-30 | 北京深思洛克数据保护中心 | Multi-application intelligent card and method for realizing intelligent card multi application |
CN102291717A (en) * | 2011-08-15 | 2011-12-21 | 宇龙计算机通信科技(深圳)有限公司 | Data protection method and terminal |
CN102306170A (en) * | 2011-08-23 | 2012-01-04 | 北京握奇数据系统有限公司 | Methods and devices for storing and processing public information of intelligent card |
CN102880897A (en) * | 2011-07-14 | 2013-01-16 | 中国移动通信集团公司 | Application data sharing method of smart card and smart card |
CN103164731A (en) * | 2011-12-12 | 2013-06-19 | 国民技术股份有限公司 | Data card access control method and data card |
-
2016
- 2016-06-21 CN CN201610453975.9A patent/CN106130730A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101231768A (en) * | 2008-01-25 | 2008-07-30 | 北京深思洛克数据保护中心 | Multi-application intelligent card and method for realizing intelligent card multi application |
CN102880897A (en) * | 2011-07-14 | 2013-01-16 | 中国移动通信集团公司 | Application data sharing method of smart card and smart card |
CN102291717A (en) * | 2011-08-15 | 2011-12-21 | 宇龙计算机通信科技(深圳)有限公司 | Data protection method and terminal |
CN102306170A (en) * | 2011-08-23 | 2012-01-04 | 北京握奇数据系统有限公司 | Methods and devices for storing and processing public information of intelligent card |
CN103164731A (en) * | 2011-12-12 | 2013-06-19 | 国民技术股份有限公司 | Data card access control method and data card |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106789074A (en) * | 2016-12-27 | 2017-05-31 | 广州智慧城市发展研究院 | The application identity verification method and checking system of a kind of Java card |
CN106789074B (en) * | 2016-12-27 | 2020-08-25 | 广州智慧城市发展研究院 | Application identity verification method and verification system of Java card |
WO2018161253A1 (en) * | 2017-03-07 | 2018-09-13 | 深圳市欸阿技术有限公司 | Data sharing system and method |
CN106970978A (en) * | 2017-03-28 | 2017-07-21 | 联想(北京)有限公司 | Data sharing method and device |
CN107679394A (en) * | 2017-06-25 | 2018-02-09 | 平安科技(深圳)有限公司 | Using log-in control method, service terminal and computer-readable recording medium |
CN107886006A (en) * | 2017-11-28 | 2018-04-06 | 北京博晨技术有限公司 | Data manipulation method, device and electronic equipment |
CN107886006B (en) * | 2017-11-28 | 2020-06-02 | 北京博晨技术有限公司 | Data operation method and device and electronic equipment |
CN109450620A (en) * | 2018-10-12 | 2019-03-08 | 阿里巴巴集团控股有限公司 | The method and mobile terminal of security application are shared in a kind of mobile terminal |
CN117113445A (en) * | 2023-09-01 | 2023-11-24 | 江苏航运职业技术学院 | Information sharing method for smart card data terminal system |
CN117113445B (en) * | 2023-09-01 | 2024-02-09 | 江苏航运职业技术学院 | Information sharing method for smart card data terminal system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106130730A (en) | The data sharing method of a kind of smart card and smart card | |
CN101490689B (en) | Content control system and method using certificate chains | |
CN102084373B (en) | Backing up digital content that is stored in a secured storage device | |
CN110266659B (en) | Data processing method and equipment | |
CN101819612B (en) | Versatile content control with partitioning | |
US7636844B2 (en) | Method and system to provide a trusted channel within a computer system for a SIM device | |
CN101120355B (en) | System for creating control structure for versatile content control | |
CN104380652A (en) | Multi-issuer secure element partition architecture for NFC enabled devices | |
CN106067205B (en) | A kind of gate inhibition's method for authenticating and device | |
CN102906755A (en) | Content control method using certificate revocation lists | |
KR20070108157A (en) | Memory system with versatile content control | |
CN101276432B (en) | Memory card and method for realizing digital content protection | |
JP6591495B2 (en) | Mobile device with built-in access control function | |
CN106384042B (en) | A kind of electronic equipment and security system | |
CN113704775B (en) | Service processing method and related device based on distributed digital identity | |
KR20120112598A (en) | Implementing method, system of universal card system and smart card | |
KR20090052321A (en) | Content control system and method using versatile control structure | |
CN106296177A (en) | Data processing method based on bank's Mobile solution and equipment | |
KR20210134798A (en) | Security Monitoring Using Blockchain | |
CN111586065A (en) | Data authorization method based on block chain | |
CN105282117A (en) | Access control method and device | |
CN107092838A (en) | A kind of safety access control method of hard disk and a kind of hard disk | |
CN102184143A (en) | Data protection method, device and system for storage device | |
KR20090026357A (en) | Content control system and method using certificate chains | |
CN103051593B (en) | A kind of method and system of ferrying data safely |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161116 |
|
RJ01 | Rejection of invention patent application after publication |