CN106254323A - The exchange method of a kind of TA and SE, TA, SE and TSM platform - Google Patents

The exchange method of a kind of TA and SE, TA, SE and TSM platform Download PDF

Info

Publication number
CN106254323A
CN106254323A CN201610603214.7A CN201610603214A CN106254323A CN 106254323 A CN106254323 A CN 106254323A CN 201610603214 A CN201610603214 A CN 201610603214A CN 106254323 A CN106254323 A CN 106254323A
Authority
CN
China
Prior art keywords
module
sensitive data
data
apdu instruction
apdu
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610603214.7A
Other languages
Chinese (zh)
Inventor
刘春桥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hengbao Co Ltd
Original Assignee
Hengbao Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hengbao Co Ltd filed Critical Hengbao Co Ltd
Priority to CN201610603214.7A priority Critical patent/CN106254323A/en
Publication of CN106254323A publication Critical patent/CN106254323A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses the exchange method of a kind of TA and SE, TA, SE and TSM platform, relate to communication technical field, for improving the safety during full terminal SIM shield is processed.This exchange method includes: TA will be stored in the sensitive data in TEE and is compiled into an APDU instruction;The APDU instruction received is resolved by SE;SE processes resolving the sensitive data obtained;Sensitive data after processing is encrypted by SE;Sensitive data after encryption is compiled into the 2nd APDU instruction by SE;The 2nd APDU instruction received is resolved by TA;Sensitive data after the encryption to receiving of the TSM platform resolves.The present invention is for the process to full terminal SIM shield.

Description

The exchange method of a kind of TA and SE, TA, SE and TSM platform
Technical field
The present invention relates to communication technical field, particularly relate to the exchange method of a kind of TA and SE, TA, SE and TSM platform.
Background technology
The development of mobile communication technology brings the fast development of mobile terminal technology, and mobile terminal of the prior art sets Standby provide powerful and REE (Rich Execution Environment, rich perform environment) flexibly, but the most also cause moving Dynamic terminal unit is easily subject to security threat, it is proposed to this end that TEE (Trusted Execution Environment, credible Perform environment) technical solution.Specifically, TEE ensure that and carries out the storage of sensitive data, place in believable environment Reason and protection, and be that TA (Trusted Application, trusted application) provides safe execution environment.
At present, during full terminal SIM shield is processed, typically come by the data interaction between TA and TEE Realize.Owing to TEE has oneself independent software and hardware resource, and externally provide security service interface, the storage of sensitive data Carry out the most in this environment, it is thus possible to ensure the safety of sensitive data to a certain extent with processing.But, due to TEE Do not possess tamper-resistant mechanism, therefore, above-mentioned during full terminal SIM shield is processed, however it remains the biggest safety Risk.
Summary of the invention
It is an object of the invention to provide the exchange method of a kind of TA and SE, TA, SE and TSM platform, for improving entirely Terminal SIM shield process during safety.
For reaching above-mentioned purpose, the exchange method of a kind of TA with SE provided by the present invention adopts the following technical scheme that
The exchange method of a kind of TA Yu SE, this exchange method includes: order data is sent in mobile terminal by TSM platform TA;Described TA performs described order data, will be stored in the sensitive data in TEE and is compiled into an APDU instruction;Described TA A described APDU is instructed the SE being sent in mobile terminal;The APDU instruction received is resolved by described SE, Obtain described sensitive data;Described SE processes resolving the sensitive data obtained;Described SE is to the sensitive data after processing It is encrypted;Sensitive data after encryption is compiled into the 2nd APDU instruction by described SE;Described SE is by described 2nd APDU instruction It is transferred to described TA;The 2nd APDU instruction received is resolved by described TA, obtains the sensitive data after described encryption;Institute State TA and the sensitive data after described encryption is transmitted back to described TSM platform;Sensitivity after the encryption to receiving of the described TSM platform Data resolve, and obtain the sensitive data after SE processes.
Include additionally, present invention also offers a kind of TA, this TA: the first receiver module, for receiving what TSM platform sent Order data;The execution module being connected with described first receiver module, is used for performing described order data;With described execution module The first collector connected, is compiled into an APDU instruction for the sensitive data that will be stored in TEE;Compile with described first Translate the first sending module that module connects, for a described APDU is instructed the SE being sent in mobile terminal, in order to described The APDU instruction received is resolved by SE, obtains described sensitive data, to resolving at the sensitive data obtained Reason, is encrypted the sensitive data after processing, and the sensitive data after encryption is compiled into the 2nd APDU instruction, by described second APDU instruction is transferred to described TA;The second receiver module being connected with described SE, is used for receiving described 2nd APDU instruction;With institute State the first parsing module that the second receiver module connects, solve for the 2nd APDU instruction that the second receiver module is received Analysis, obtains the sensitive data after described encryption;The loopback module being connected with described first parsing module, for resolving mould by first Sensitive data after the described encryption that block obtains is transmitted back to described TSM platform.
Include additionally, present invention also offers a kind of SE, this SE: the 3rd receiver module, for receiving the first of TA transmission APDU instructs, and a described APDU instruction performs, for described TA, the order data that TSM platform sends, and will be stored in TEE is quick Sense data compilation is generated;The second parsing module being connected with described 3rd receiver module, for receiving the 3rd receiver module To the oneth APDU instruction resolve, obtain described sensitive data;The processing module being connected with described second parsing module, uses Process in described second parsing module is resolved the sensitive data obtained;The encrypting module being connected with described processing module, Sensitive data after processing described processing module is encrypted;The second collector being connected with described encrypting module, Sensitive data after being encrypted by described encrypting module is compiled into the 2nd APDU instruction;It is connected with described second collector Transport module, for being transferred to described TA by described APDU instruction.
Additionally, present invention also offers a kind of TSM platform, this TSM platform includes: the 4th receiver module, for receive to The data communications requests that described TSM platform sends;The judge module being connected with described 4th receiver module, is used for judging described number Authority levels according to communication request;The order data generation module being connected with described judge module, for judging at judge module Go out the authority levels of described data communications requests when being trusted mandate, generate order data;Mould is generated with described order data The second sending module that block connects, for the TA sent to mobile terminal by described order data.
Owing to the exchange method of TA Yu SE provided by the present invention includes above step, therefore, first, TSM platform is permissible The TA being sent in mobile terminal by order data, TA perform this order data, and the sensitive data that will be stored in TEE is compiled into Oneth APDU instruction, then the APDU instruction that the SE, a SE APDU instruction being sent in mobile terminal is to receiving Resolving, obtain described sensitive data, the sensitive data then obtained parsing processes, the sensitive data after reprocessing It is encrypted, then the sensitive data after encryption is compiled into the 2nd APDU instruction, the 2nd APDU instruction is transferred to TA, TA The 2nd APDU instruction to receiving resolves again, obtains the sensitive data after SE encrypts, then by the sensitivity after encryption Data are transmitted back to TSM platform, and the sensitive data after the encryption to receiving of the TSM platform resolves, and obtain after SE processes Sensitive data.Owing to SE possesses tamper-resistant mechanism, therefore, the sensitive data after SE processes can not be usurped by illegal program Change, thus improve the safety during full terminal SIM shield is processed.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, embodiment will be described below The accompanying drawing used required in is briefly described, it should be apparent that, the accompanying drawing in describing below is only some of the present invention Embodiment, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to attached according to these Figure obtains other accompanying drawing.
Fig. 1 is the flow chart one of the exchange method of TA Yu SE in the embodiment of the present invention;
Fig. 2 is the workflow diagram of the TSM platform in the embodiment of the present invention;
Fig. 3 is the flow chart setting up escape way between SE and TA in the embodiment of the present invention;
Fig. 4 is the module diagram of the TA in the embodiment of the present invention;
Fig. 5 is the module diagram of the SE in the embodiment of the present invention;
Fig. 6 is the module diagram of the transport module in the embodiment of the present invention;
Fig. 7 is the module diagram of the TSM platform in the embodiment of the present invention.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Describe, it is clear that described embodiment is a part of embodiment of the present invention rather than whole embodiments wholely.Based on this Embodiment in bright, the every other enforcement that those of ordinary skill in the art are obtained under not making creative work premise Example, broadly falls into the scope of protection of the invention.
Embodiments provide the exchange method of a kind of TA Yu SE, as it is shown in figure 1, this exchange method includes:
Order data is sent to by step S1, TSM (Trusted Service Manager, trusted service manages) platform TA in mobile terminal;
Wherein, TSM platform is " aerial hair fastener " and the application of the complete set set up based on " one card for multiple uses application " technology Management system.Such as, user has industrial and commercial bank, agricultural bank, middle row and the bank card of Construction Bank respectively, if the user while different market shopping is paid Need to use the bank card of different bank during money, then user is accomplished by carrying with this four bank cards, cumbersome.For solving Certainly this problem, TSM platform can fictionalize these four cards on the ME (mobile terminal, such as, mobile phone) of user to be come, and user is purchasing Mobile-phone payment is directly used during thing payment, very convenient.
TA is to operate in the application in TEE, its primary processor that can access mobile terminal and the repertoire of internal memory, and Hardware isolated technology can protect TA not affected by user's application of the master operating system environment being arranged on mobile terminal.
Step S2, TA perform order data, will be stored in the sensitive data in TEE and are compiled into an APDU (Application Protocol Data Unit, Application Protocol Data Unit) instructs;
Oneth APDU is instructed the SE (Secure Element, safety element) being sent in mobile terminal by step S3, TA;
Wherein, SE is one piece of independent chip in mobile terminal, and it by the encipherment protection of hardware-level, possesses counter usurping Change mechanism so that the information in SE cannot be cracked.Specifically, SE can be integrated in replaceable medium (such as, SIM), Then this replaceable medium is inserted in mobile terminal.
The APDU instruction received is resolved by step S4, SE, obtains sensitive data;
Step S5, SE process resolving the sensitive data obtained;
Such as, the sensitive data that parsing is obtained by SE is saved in relevant data field.
Sensitive data after processing is encrypted by step S6, SE;
Such as, SE can carry out public key encryption or random number encryption to the sensitive data after processing.
Sensitive data after encryption is compiled into the 2nd APDU instruction by step S7, SE;
2nd APDU instruction is transferred to TA by step S8, SE;
Specifically, this step specifically may include that step S801, TA send acquisition and order to SE;Step S802, SE root According to obtaining order by the 2nd APDU instruction transmission to TA.Exemplarily, above-mentioned acquisition order can be " GET RESPONSE ".
The 2nd APDU instruction received is resolved by step S9, TA, the sensitive data after being encrypted;
Sensitive data after encryption is transmitted back to TSM platform by step S10, TA;
Sensitive data after step S11, the encryption to receiving of the TSM platform resolves, obtain through SE process after quick Sense data.
It should be noted that in above-mentioned steps S4, SE is to implementing that the APDU instruction received resolves Mode can refer to prior art, the most no longer repeats.Similarly, step S5 to the process in step S11, encrypt, transmit Can also refer to prior art with the specific implementation resolved, the most no longer repeat.
Alternatively, as in figure 2 it is shown, TA order data being sent in mobile terminal at above-mentioned steps S1, TSM platform it Before, the exchange method that the embodiment of the present invention is provided can also include: step S11, to TSM platform send data communications requests; Step S12, TSM platform judge the authority levels of data communications requests;If data communications requests judged by step S13 TSM platform Authority levels be trusted mandate, then TSM platform is according to data communications requests, generates order data;If TSM platform is judged The authority levels of data communications requests is trustless mandate, then this data communications requests refused by TSM platform, terminates the present invention real Execute the flow process of the exchange method that example is provided.
Additionally, be more above-mentioned 2nd APDU instruction to be transmitted to TA from SE, as it is shown on figure 3, above-mentioned steps S8, 2nd APDU instruction is transferred to TA and specifically may include that step S81, SE use the method for two-way authentication and TA to set up safety by SE Passage;2nd APDU instruction is transferred to TA by escape way by step S82, SE.Exemplarily, the method for two-way authentication is One in SCP02, SCP10 and SSL.It should be noted that the concrete methods of realizing of SCP02, SCP10 and SSL refers to existing There is technology, the most no longer repeat.
Additionally, the embodiment of the present invention additionally provides a kind of TA, as shown in Figure 4, this TA includes: the first receiver module 1, is used for Receive the order data that TSM platform sends;The execution module 2 being connected with the first receiver module, is used for performing order data;With hold The first collector 3 that row module 2 connects, is compiled into an APDU instruction for the sensitive data that will be stored in TEE;With The first sending module 4 that one collector 3 connects, for instructing the SE5 being sent in mobile terminal by an APDU, in order to The APDU instruction received is resolved by SE5, obtains sensitive data, processes resolving the sensitive data obtained, Sensitive data after processing is encrypted, the sensitive data after encryption is compiled into the 2nd APDU instruction, the 2nd APDU is referred to Order is transferred to TA;The second receiver module 6 being connected with SE5, for receiving the 2nd APDU instruction;It is connected with the second receiver module 6 The first parsing module 7, for the second receiver module 6 is received the 2nd APDU instruction resolve, after being encrypted Sensitive data;The loopback module 8 being connected with the first parsing module 7, the sensitivity after the encryption that the first parsing module 7 is obtained Data are transmitted back to TSM platform.
Additionally, the embodiment of the present invention additionally provides a kind of SE, as it is shown in figure 5, this SE includes: the 3rd receiver module 9, it is used for Receiving the APDU instruction that TA sends, an APDU instruction performs, for TA, the order data that TSM platform sends, will be stored in Sensitive data compiling in TEE is generated;The second parsing module 10 being connected with the 3rd receiver module 9, for receiving the 3rd The APDU instruction that module 9 receives resolves, and obtains sensitive data;The processing module being connected with the second parsing module 10 11, process for the second parsing module 10 is resolved the sensitive data obtained;The encrypting module being connected with processing module 11 12, the sensitive data after processing processing module 11 is encrypted;The second collector 13 being connected with encrypting module 12, Sensitive data after being encrypted by encrypting module is compiled into the 2nd APDU instruction;The transmission mould being connected with the second collector 13 Block 14, for being transferred to TA by APDU instruction.
Alternatively, as shown in Figure 6, transport module 14 may include that the authentication ' unit being connected with the second collector 13 141, for using the method for two-way authentication and TA to set up escape way;The transmission unit 142 being connected with authentication ' unit 141, uses In by escape way, the 2nd APDU instruction being transferred to TA.
Alternatively, security module can be public-key encryption module or random number encryption module.
Additionally, the embodiment of the present invention additionally provides a kind of TSM platform, as it is shown in fig. 7, this TSM platform includes: the 4th receives Module 15, for receiving the data communications requests sent to TSM platform;The judge module 16 being connected with the 4th receiver module 15, For judging the authority levels of data communications requests;The order data generation module 17 being connected with judge module 15, for sentencing Disconnected module is judged when the authority levels of data communications requests is trusted mandate, generates order data;Generate with order data The second sending module 18 that module 17 connects, for the TA sent to mobile terminal by order data.
The exchange method of TA Yu SE provided due to the embodiment of the present invention includes above step, and therefore, first, TSM puts down TA, TA that order data can be sent in mobile terminal by platform perform this order data, will be stored in the sensitive data in TEE It is compiled into an APDU instruction, then an APDU is instructed the SE, SE being sent in mobile terminal first to receiving APDU instruction resolves, and obtains described sensitive data, and the sensitive data then obtained parsing processes, after reprocessing Sensitive data is encrypted, and then the sensitive data after encryption is compiled into the 2nd APDU instruction, the 2nd APDU instruction is passed It is defeated by TA, TA the 2nd APDU instruction again to receiving to resolve, obtains the sensitive data after SE encrypts, then will encryption After sensitive data be transmitted back to TSM platform, the sensitive data after the encryption to receiving of the TSM platform resolves, and obtains through SE Sensitive data after process.Owing to SE possesses tamper-resistant mechanism, therefore, the sensitive data after SE processes can not be by illegal journey Sequence is distorted, thus improves the safety of the process to full terminal SIM shield.
The above, the only detailed description of the invention of the present invention, but protection scope of the present invention is not limited thereto, and any Those familiar with the art, in the technical scope that the invention discloses, can readily occur in change or replace, should contain Cover within protection scope of the present invention.Therefore, protection scope of the present invention should be with described scope of the claims Accurate.

Claims (10)

1. the exchange method of TA Yu SE, it is characterised in that described exchange method includes:
The TA that order data is sent in mobile terminal by TSM platform;
Described TA performs described order data, will be stored in the sensitive data in TEE and is compiled into an APDU instruction;
A described APDU is instructed the SE being sent in mobile terminal by described TA;
The APDU instruction received is resolved by described SE, obtains described sensitive data;
Described SE processes resolving the sensitive data obtained;
Sensitive data after processing is encrypted by described SE;
Sensitive data after encryption is compiled into the 2nd APDU instruction by described SE;
Described 2nd APDU instruction is transferred to described TA by described SE;
The 2nd APDU instruction received is resolved by described TA, obtains the sensitive data after described encryption;
Sensitive data after described encryption is transmitted back to described TSM platform by described TA;
Sensitive data after the encryption to receiving of the described TSM platform resolves, and obtains the sensitive data after SE processes.
The exchange method of TA Yu SE the most according to claim 1, it is characterised in that described SE is to the sensitive data after processing The step being encrypted specifically includes:
Described SE carries out public key encryption or random number encryption to the sensitive data after processing.
The exchange method of TA Yu SE the most according to claim 1, it is characterised in that order data is sent at TSM platform Before the step of the TA in mobile terminal, described exchange method also includes:
Data communications requests is sent to described TSM platform;
Described TSM platform judges the authority levels of described data communications requests;
If described TSM platform judges that the authority levels of described data communications requests is trusted mandate, then TSM platform is according to institute State data communications requests, generate described order data.
The exchange method of TA Yu SE the most according to claim 1, it is characterised in that described SE is by described 2nd APDU instruction The step being transferred to described TA specifically includes:
Described SE uses the method for two-way authentication and described TA to set up escape way;
2nd APDU instruction is transferred to described TA by described escape way by described SE.
The exchange method of TA Yu SE the most according to claim 1, it is characterised in that described SE is by described 2nd APDU instruction The step being transferred to described TA specifically includes:
Described TA sends and obtains order extremely described SE;
Described SE obtains order by described 2nd APDU instruction transmission to described TA according to described.
6. a TA, it is characterised in that including:
First receiver module, for receiving the order data that TSM platform sends;
The execution module being connected with described first receiver module, is used for performing described order data;
The first collector being connected with described execution module, is compiled into first for the sensitive data that will be stored in TEE APDU instructs;
The first sending module being connected with described first collector, for being sent to mobile terminal by a described APDU instruction In SE, in order to the APDU instruction received is resolved by described SE, obtains described sensitive data, obtains resolving Sensitive data processes, and is encrypted the sensitive data after processing, and the sensitive data after encryption is compiled into the 2nd APDU Instruction, is transferred to described TA by described 2nd APDU instruction;
The second receiver module being connected with described SE, is used for receiving described 2nd APDU instruction;
The first parsing module being connected with described second receiver module, refers to for the 2nd APDU receiving the second receiver module Order resolves, and obtains the sensitive data after described encryption;
The loopback module being connected with described first parsing module, the sensitivity after the described encryption that the first parsing module is obtained Data are transmitted back to described TSM platform.
7. a SE, it is characterised in that including:
3rd receiver module, for receiving the APDU instruction that TA sends, a described APDU instruction performs TSM for described TA The order data that platform sends, will be stored in the compiling of the sensitive data in TEE and is generated;
The second parsing module being connected with described 3rd receiver module, refers to for the APDU receiving the 3rd receiver module Order resolves, and obtains described sensitive data;
The processing module being connected with described second parsing module, for resolving, to described second parsing module, the sensitive data obtained Process;
The encrypting module being connected with described processing module, the sensitive data after processing described processing module is encrypted;
The second collector being connected with described encrypting module, the sensitive data after being encrypted by described encrypting module is compiled into 2nd APDU instruction;
The transport module being connected with described second collector, for being transferred to described TA by described APDU instruction.
SE the most according to claim 7, it is characterised in that described transport module includes:
The authentication ' unit being connected with described second collector, leads to for using the method for two-way authentication to set up safety with described TA Road;
The transmission unit being connected with described authentication ' unit, for being transferred to described by described escape way by the 2nd APDU instruction TA。
SE the most according to claim 7, it is characterised in that described encrypting module is public-key encryption module or random number adds Close module.
10. a TSM platform, it is characterised in that including:
4th receiver module, for receiving the data communications requests sent to described TSM platform;
The judge module being connected with described 4th receiver module, for judging the authority levels of described data communications requests;
The order data generation module being connected with described judge module, for judging described data communications requests at judge module Authority levels when being trusted mandate, generate order data;
The second sending module being connected with described order data generation module, for sending described order data to mobile terminal In TA.
CN201610603214.7A 2016-07-27 2016-07-27 The exchange method of a kind of TA and SE, TA, SE and TSM platform Pending CN106254323A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610603214.7A CN106254323A (en) 2016-07-27 2016-07-27 The exchange method of a kind of TA and SE, TA, SE and TSM platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610603214.7A CN106254323A (en) 2016-07-27 2016-07-27 The exchange method of a kind of TA and SE, TA, SE and TSM platform

Publications (1)

Publication Number Publication Date
CN106254323A true CN106254323A (en) 2016-12-21

Family

ID=57603982

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610603214.7A Pending CN106254323A (en) 2016-07-27 2016-07-27 The exchange method of a kind of TA and SE, TA, SE and TSM platform

Country Status (1)

Country Link
CN (1) CN106254323A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107274283A (en) * 2017-05-31 2017-10-20 中国银联股份有限公司 A kind of aerial hair fastener method and device
CN107679858A (en) * 2017-10-24 2018-02-09 恒宝股份有限公司 Mobile terminal and method of mobile payment
CN108537535A (en) * 2018-03-27 2018-09-14 江苏恒宝智能系统技术有限公司 Mobile terminal based on cellphone shield and cellphone shield management method
CN108768963A (en) * 2018-05-11 2018-11-06 北京握奇智能科技有限公司 The communication means and system of trusted application and safety element
CN108985756A (en) * 2017-06-05 2018-12-11 华为技术有限公司 SE application processing method, user terminal and server
CN109872148A (en) * 2017-12-01 2019-06-11 北京握奇智能科技有限公司 Trust data processing method, device and mobile terminal based on TUI
CN110326266A (en) * 2017-09-18 2019-10-11 华为技术有限公司 A kind of method and device of data processing
WO2019205108A1 (en) * 2018-04-27 2019-10-31 华为技术有限公司 Constructing common trusted application for a plurality of applications
CN112702731A (en) * 2020-12-18 2021-04-23 深圳市广和通无线股份有限公司 SIM card information transmission method and device, computer equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101753520A (en) * 2008-11-28 2010-06-23 爱思开电讯投资(中国)有限公司 Method for providing encrypting and deciphering service for external equipment application by utilizing intelligent card
CN104166914A (en) * 2014-08-20 2014-11-26 武汉天喻信息产业股份有限公司 Secure system and method based on secure element and applied to host card emulation technology
CN104184892A (en) * 2014-08-12 2014-12-03 桂林微网半导体有限责任公司 Mobile terminal intelligent card based data transmission method and mobile terminal
CN104636666A (en) * 2013-11-07 2015-05-20 中国移动通信集团公司 Method and safety device for safely processing information of mobile terminal
CN105590379A (en) * 2015-08-31 2016-05-18 中国银联股份有限公司 POS terminal and method executed therein

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101753520A (en) * 2008-11-28 2010-06-23 爱思开电讯投资(中国)有限公司 Method for providing encrypting and deciphering service for external equipment application by utilizing intelligent card
CN104636666A (en) * 2013-11-07 2015-05-20 中国移动通信集团公司 Method and safety device for safely processing information of mobile terminal
CN104184892A (en) * 2014-08-12 2014-12-03 桂林微网半导体有限责任公司 Mobile terminal intelligent card based data transmission method and mobile terminal
CN104166914A (en) * 2014-08-20 2014-11-26 武汉天喻信息产业股份有限公司 Secure system and method based on secure element and applied to host card emulation technology
CN105590379A (en) * 2015-08-31 2016-05-18 中国银联股份有限公司 POS terminal and method executed therein

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107274283B (en) * 2017-05-31 2020-09-08 中国银联股份有限公司 Over-the-air card issuing method and device
CN107274283A (en) * 2017-05-31 2017-10-20 中国银联股份有限公司 A kind of aerial hair fastener method and device
US10977021B2 (en) 2017-06-05 2021-04-13 Huawei Technologies Co., Ltd. SE applet processing method, terminal, and server
CN108985756B (en) * 2017-06-05 2022-11-22 华为技术有限公司 SE application processing method, user terminal and server
CN108985756A (en) * 2017-06-05 2018-12-11 华为技术有限公司 SE application processing method, user terminal and server
WO2018223831A1 (en) * 2017-06-05 2018-12-13 华为技术有限公司 Se application processing method, user terminal, and server
CN110326266A (en) * 2017-09-18 2019-10-11 华为技术有限公司 A kind of method and device of data processing
US11552807B2 (en) 2017-09-18 2023-01-10 Huawei Technologies Co., Ltd. Data processing method and apparatus
CN107679858A (en) * 2017-10-24 2018-02-09 恒宝股份有限公司 Mobile terminal and method of mobile payment
CN109872148B (en) * 2017-12-01 2021-06-29 北京握奇智能科技有限公司 Trusted data processing method and device based on TUI and mobile terminal
CN109872148A (en) * 2017-12-01 2019-06-11 北京握奇智能科技有限公司 Trust data processing method, device and mobile terminal based on TUI
CN108537535B (en) * 2018-03-27 2020-02-18 恒宝股份有限公司 Mobile terminal based on mobile phone shield and mobile phone shield management method
CN108537535A (en) * 2018-03-27 2018-09-14 江苏恒宝智能系统技术有限公司 Mobile terminal based on cellphone shield and cellphone shield management method
WO2019205108A1 (en) * 2018-04-27 2019-10-31 华为技术有限公司 Constructing common trusted application for a plurality of applications
US11734416B2 (en) 2018-04-27 2023-08-22 Huawei Technologies Co., Ltd. Construct general trusted application for a plurality of applications
CN108768963A (en) * 2018-05-11 2018-11-06 北京握奇智能科技有限公司 The communication means and system of trusted application and safety element
CN108768963B (en) * 2018-05-11 2021-02-02 北京握奇智能科技有限公司 Communication method and system of trusted application and secure element
CN112702731A (en) * 2020-12-18 2021-04-23 深圳市广和通无线股份有限公司 SIM card information transmission method and device, computer equipment and storage medium
CN112702731B (en) * 2020-12-18 2023-03-10 深圳市广和通无线股份有限公司 SIM card information transmission method and device, computer equipment and storage medium

Similar Documents

Publication Publication Date Title
CN106254323A (en) The exchange method of a kind of TA and SE, TA, SE and TSM platform
CN104899506B (en) Security system implementation method based on virtual secure element in credible performing environment
CN109992949B (en) Equipment authentication method, over-the-air card writing method and equipment authentication device
CN107925567A (en) For optimizing the systems, devices and methods of symmetric key cache using the ticket that service provider's issue is checked by certificate status
CN105701423B (en) Date storage method and device applied to high in the clouds payment transaction
CN104462949B (en) The call method and device of a kind of plug-in unit
EP3050335A1 (en) Systems and methods for nfc access control in a secure element centric nfc architecture
CN103415017A (en) Method, device and mobile terminal of virtual SIM card
CN103095457A (en) Login and verification method for application program
CN103942678A (en) Mobile payment system and method based on trusted execution environment
CN104270250A (en) WiFi Internet surfing connecting authentication method and system based on asymmetric full-process encryption
CN105635168A (en) Off-line transaction device and security key using method thereof
CN104104650B (en) data file access method and terminal device
CN105743651B (en) The card in chip secure domain is using method, apparatus and application terminal
CN104853354A (en) Bluetooth authentication method and system thereof
EP3048553B1 (en) Method for distributing applets, and entities for distributing applets
Dang et al. Pricing data tampering in automated fare collection with NFC-equipped smartphones
CN114040411B (en) Equipment binding method and device, electronic equipment and storage medium
CN109495885A (en) Authentication method, mobile terminal, management system and Bluetooth IC
EP2993856B1 (en) Establishment of communication connection between mobile device and secure element
WO2014107060A1 (en) Apparatus for securing mobile data and method therefor
CN107769917A (en) A kind of credible platform and method for wireless terminal
CN105678542A (en) Payment business interaction method, payment terminal and payment cloud terminal
CN110636491A (en) Service-oriented trusted execution module and communication method
CN110457959B (en) Information transmission method and device based on Trust application

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20161221