CN107066894A - A kind of multifunction intelligent key equipment and its method for executing operating instructions and device - Google Patents
A kind of multifunction intelligent key equipment and its method for executing operating instructions and device Download PDFInfo
- Publication number
- CN107066894A CN107066894A CN201710138730.1A CN201710138730A CN107066894A CN 107066894 A CN107066894 A CN 107066894A CN 201710138730 A CN201710138730 A CN 201710138730A CN 107066894 A CN107066894 A CN 107066894A
- Authority
- CN
- China
- Prior art keywords
- application
- selection
- application data
- control module
- operational control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Facsimiles In General (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of multifunction intelligent key equipment and its method for executing operating instructions and device, this method includes:The application identities of the application of input instruction selection are obtained, whether the application for judging selection is mounted application, if so, then obtaining the environmental information of the application of selection by Hardware drive module;When Hardware drive module receives the operational order of outside input every time, perform:Step 1, whether in instruction list, be, perform step 2 if judging operational order, no, performs step 5;Step 2, judge to perform whether operational order needs to be authorized, be, then perform step 3, it is no, perform step 4;Step 3, user's input authentication information is pointed out, and the authentication information inputted to user is authenticated, and in certification in the case of, performs step 4, it is no, perform step 5;Step 4, the application for operational order being sent into selection is performed;Step 5, operational control module returns to the configured information of application operation failure.
Description
Technical field
The present invention relates to a kind of electronic technology field, more particularly to a kind of multifunction intelligent key equipment and its operational order
Perform method and apparatus.
Background technology
Intelligent card read/write device is the intermediate equipment for connecting smart card and main frame, and its core technology is that complexity is realized in MCU
Intelligent card interface agreement and USB interface agreement, exchanged with the transparent data completed between smart card and main frame.
Intelligent code key is a kind of hardware device of USB interface (commonly referred to as USB Key), its built-in intelligence the core of the card
Piece, can store the key and digital certificate of user, the certification using built-in cryptographic algorithms' implementation to user identity.Again simultaneously
Encryption and decryption processing, digital signature and checking can be achieved to sign, and storage important safety information.
Intellective IC card is safety product of the CPU package that will be designed by special safety in standard size card.In card
Portion's data and key are protected by built-in smart card operating system, and outside can not possibly cross COS control directly in card
Data or key operated.
Dynamic token (OTP Token) is the electronic product that a kind of portable hand-held dynamic password is calculated and produced.It is de-
Machine is used, or is connected with computer.Exempt the hidden danger that static password is intercepted, guesses, attacks and cracked.Can be according to the time
(Time), event (Event), the factor such as challenge/response (Challenge/Response) produces dynamic password.
At present, OTP, intellective IC card and intelligent code key etc., have been used successfully each row in commercial cipher
Industry application field, they respectively have merits and demerits, and by these functions, integrated on one device (equipment is properly termed as multi-functional
Intelligent cipher key equipment), by more hardware cost under saving, while carrying and using more to facilitate.In a particular application,
Because the integrated function of multifunction intelligent key equipment is higher to security requirement, how to ensure multifunction intelligent key equipment
Each upper application and the safety of application data, are the problem of multifunction intelligent key equipment need most solution.
The content of the invention
Present invention seek to address that above-mentioned technical problem.
It is a primary object of the present invention to provide a kind of method for executing operating instructions of multifunction intelligent key equipment.
Another object of the present invention is to provide a kind of operational order performs device of multifunction intelligent key equipment.
A further object of the present invention is to provide a kind of multifunction intelligent key equipment.
To reach above-mentioned purpose, what technical scheme was specifically realized in:
One aspect of the present invention provides a kind of method for executing operating instructions of multifunction intelligent key equipment, including:Hardware
Drive module receives the input instruction for selecting application, and the input instruction is sent into operational control module;The behaviour
Make the application identities that control module obtains the application of the input instruction selection;The operational control module is according to the application mark
Know and judge whether the application of the selection is one in the mounted multiple applications of the multifunction intelligent key equipment;True
It is described in the case that the application of the fixed selection is one in the mounted multiple applications of the multifunction intelligent key equipment
Operational control module is according to the application identities, and the environment that the application of the selection is obtained by the Hardware drive module is believed
Breath, wherein, the environmental information includes:The application allows the instruction list and authority information performed;Obtaining the choosing
After the environmental information for the application selected, when the Hardware drive module receives the operational order of outside input every time, perform
Following steps:Step 1, the operational control module gets the operational order of the outside input, judges the operational order
Whether in the instruction list, if it is, performing step 2, otherwise, step 5 is performed;Step 2, according in the environmental information
The authority information, judge to perform whether the operational order needs to be authorized, if it is, execution step 3, otherwise,
Perform step 4;Step 3, user's input authentication information is pointed out, and the authentication information inputted to user is authenticated, it is logical in certification
In the case of crossing, step 4 is performed, in certification in the case of, step 5 is performed;Step 4, the operational order is sent out
The application for giving the selection is performed;Step 5, the operational control module returns to the configured information of application operation failure.
Alternatively, the environmental information also includes:Physical store for recording the application for being pre-assigned to the selection
The spatial information in space;After step 4, methods described also includes:The operational control module receives answering for the selection
Application data request is transferred used in what is sent when performing the operational order, wherein, described transfer carries in application data request
The identification information of the application data of request call;The operational control module judges described adjust according to the identification information
The application data whether application data belongs under the file system of the application of the selection;The operational control module according to
Whether the physical storage address for the application data called described in the spatial information judgement, which belongs to, is pre-assigned to the selection
The amount of physical memory of application;It is determined that answering under the file system for the application that the application data called belongs to the selection
The physics for belonging to the application for being pre-assigned to the selection with the physical storage address of data, and the application data called is deposited
In the case of storing up space, the application data called described in the operational control module calls, and by the application data called
Return to the application of the selection.
Alternatively, before the application data called described in the operational control module calls, methods described also includes:It is described
Authority information described in operational control module polls, judges whether the application of the selection has and transfers the application data called
Authority, in the case of it is determined that the application of the selection has the authority for transferring the application data called, execution is transferred
The operation of the application data called.
Alternatively, the operational control module is according to the identification information, judge described in the application data called whether belong to
Application data under the file system of the application of the selection, including:The operational control module by the application identities and
The identification information is sent to the Hardware drive module;The Hardware drive module is judged corresponding with the application identities
The application data corresponding with the identification information whether is found under file system, and lookup result is notified into the operational control
Module;Whether the application data that the operational control module is called according to judging the lookup result belongs to the choosing
Application data under the file system for the application selected.
Alternatively, after the application identities for the application that the operational control module obtains selection, methods described also includes:Institute
Operational control module is stated by the Hardware drive module, obtain under file system corresponding with the application identities all answers
With data, and all application datas are loaded into internal memory;The operational control module judges according to the identification information
Application data under the file system for the application whether application data called belongs to the selection, including:The operation
Control module judge in the internal memory whether there is the application data corresponding with the identification information, if, it is determined that it is described
The application data that the application data called belongs under the file system of the application of the selection, otherwise, it determines it is described call should
Application data under the file system for the application that the selection is not belonging to data.
Alternatively, before the application for the operational order being sent into the selection is performed, methods described also includes:It is described
Operational control module judge the application identities that are carried in the operational order whether the application identities one with the application of the selection
Cause, in the case of consistent, perform the step of application that the operational order is sent into the selection is performed.
Another aspect of the present invention provides a kind of operational order performs device of multifunction intelligent key equipment, including:Firmly
Part drive module, for receiving the input instruction for selecting application, operational control module is sent to by the input instruction;
The operational control module, the application identities of the application for obtaining the input instruction selection, sentences according to the application identities
Whether the application of the selection of breaking is one in the mounted multiple applications of the multifunction intelligent key equipment, and it is determined that
In the case that the application of the selection is one in the mounted multiple applications of the multifunction intelligent key equipment, according to institute
Application identities are stated, the environmental information of the application of the selection is obtained by the Hardware drive module, wherein, the environmental information
Including:The application allows the instruction list and authority information performed;The Hardware drive module, is additionally operable to receive outside defeated
The operational order entered, the operational control module is sent to by the operational order;The operational control module, is additionally operable to:Obtain
The operational order of the outside input is got, the operational order is judged whether in the instruction list, referred in the operation
Order is in the case of the instruction list, the authority information in the environmental information, judges that performing the operation refers to
Whether order needs to be authorized, it is determined that performing in the case that the operational order needs to be authorized, prompting user, which inputs, to be recognized
Information is demonstrate,proved, and the authentication information inputted to user is authenticated, and in certification in the case of, the operational order is sent to
The application of the selection is performed, and it is determined that perform in the case that the operational order need not obtain mandate, the operation is referred to
The application that order is sent to the selection is performed;And in operational order not in the case of the instruction list, or, to
The authentication information of family input is authenticated in the case of, returns to the configured information of application operation failure.
Alternatively, the environmental information also includes:Physical store for recording the application for being pre-assigned to the selection
The spatial information in space;The operational control module is additionally operable to:Receive applying for the selection and perform the operational order
When send transfer application data request, wherein, described transfer in application data request carries the application number of request call
According to identification information;According to the identification information, whether the application data called described in judgement belongs to the application of the selection
Application data under file system;Whether the physical storage address for the application data called according to judging the spatial information
Belong to the amount of physical memory for the application for being pre-assigned to the selection;It is determined that the application data called belongs to the choosing
Application data under the file system for the application selected, and the physical storage address of the application data called belongs to and allocates in advance
In the case of amount of physical memory to the application of the selection, transfer the application data called, and called described
Application data returns to the application of the selection.
Alternatively, the operational control module is additionally operable to:Before the application data called is transferred, the power is inquired about
Limit information, whether have the authority of transferring the application data called, it is determined that the selection if judging the application of the selection
Application there is the authority for transferring the application data called in the case of, perform the behaviour for transferring the application data called
Make.
Alternatively, whether the operational control module specifically for judging the application data called in the following manner
Application data under the file system for the application for belonging to the selection:The application identities and the identification information are sent to institute
State Hardware drive module;The application data called according to judging the lookup result that the Hardware drive module is returned is
Application data under the file system of the no application for belonging to the selection;The Hardware drive module is additionally operable to:Judge with institute
State and the application data corresponding with the identification information whether is found under the corresponding file system of application identities, and by lookup result
Notify the operational control module.
Alternatively, the operational control module is additionally operable to:After the application identities for the application for obtaining selection, by described hard
Part drive module, obtains all application datas under corresponding with application identities file system, and by all applications
Data are loaded into internal memory;The operational control module is specifically for judging the application data called in the following manner
Application data under the file system of the no application for belonging to the selection:Judge to whether there is in the internal memory and believe with the mark
Corresponding application data is ceased, if, it is determined that the application data called belongs to the file system of the application of the selection
Under application data, otherwise, it determines under the file system for the application that the application data called is not belonging to the selection should
Use data
Alternatively, the operational control module is additionally operable to:Held in the application that the operational order is sent to the selection
Before row, judge whether the application identities carried in the operational order are consistent with the application identities of the application of the selection,
In the case of consistent, the operation that the application that the operational order is sent into the selection is performed is performed.
Another aspect of the invention provides a kind of multifunction intelligent key equipment, it is characterised in that including above-mentioned many work(
The operational order performs device of energy intelligent cipher key equipment.
As seen from the above technical solution provided by the invention, in the technical scheme that the present invention is provided, intelligent key
Equipment, which is provided, applies selection function, and user input instruction selection can be currently needed for the application used, intelligence according to actual needs
Key devices obtain the environmental information of the application of selection, subsequently received in the case of it is determined that having installed the application of selection
After operational order, safety certification is carried out according to the information recorded in environmental information, just will operation in safety certification after
Instruction is sent to corresponding application and performed, so as to ensure that the safety of application program, it is to avoid due to multifunction intelligent key equipment
On the application program safety problem illegally being called and caused.
Brief description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, being used required in being described below to embodiment
Accompanying drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for this
For the those of ordinary skill in field, on the premise of not paying creative work, other can also be obtained according to these accompanying drawings
Accompanying drawing.
Fig. 1 is a kind of knot of the operational order performs device for multifunction intelligent key equipment that the embodiment of the present invention 1 is provided
Structure schematic diagram;
Fig. 2 is the operational order performs device for another multifunction intelligent key equipment that the embodiment of the present invention 1 is provided
Structural representation;
Fig. 3 is a kind of structural representation for multifunction intelligent key equipment that the embodiment of the present invention 2 is provided;
Fig. 4 is a kind of stream of the method for executing operating instructions for multifunction intelligent key equipment that the embodiment of the present invention 3 is provided
Cheng Tu.
Embodiment
With reference to the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Ground is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.Based on this
The embodiment of invention, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made
Example, belongs to protection scope of the present invention.
In the description of the invention, it is to be understood that term " " center ", " longitudinal direction ", " transverse direction ", " on ", " under ",
The orientation or position relationship of the instruction such as "front", "rear", "left", "right", " vertical ", " level ", " top ", " bottom ", " interior ", " outer " are
Based on orientation shown in the drawings or position relationship, it is for only for ease of the description present invention and simplifies description, rather than indicate or dark
Specific orientation must be had, with specific azimuth configuration and operation by showing the device or element of meaning, therefore it is not intended that right
The limitation of the present invention.In addition, term " first ", " second " are only used for describing purpose, and it is not intended that indicating or implying and be relative
Importance or quantity or position.
In the description of the invention, it is necessary to illustrate, unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " should be interpreted broadly, for example, it may be being fixedly connected or being detachably connected, or be integrally connected;Can
To be mechanical connection or electrical connection;Can be joined directly together, can also be indirectly connected to by intermediary, Ke Yishi
The connection of two element internals.For the ordinary skill in the art, with concrete condition above-mentioned term can be understood at this
Concrete meaning in invention.
The embodiment of the present invention is described in further detail below in conjunction with accompanying drawing.
Embodiment 1
Present embodiments provide a kind of operational order performs device of multifunction intelligent key equipment.The device can be located at
In multifunction intelligent key equipment, the operational order that multifunction intelligent key equipment is received is performed.
A kind of structural representation of the operational order performs device for multifunction intelligent key equipment that Fig. 1 provides for the present embodiment
Figure, as shown in figure 1, the operational order performs device for the multifunction intelligent key equipment that the present embodiment is provided mainly includes:Hardware
Drive module 10 and operational control module 20.
Each function mould of the operational order performs device of the multifunction intelligent key equipment provided below the present embodiment
The function of block and interacting is illustrated.
In the present embodiment, Hardware drive module 10, will be described defeated for receiving the input instruction for selecting application
Enter instruction and be sent to operational control module 20;Operational control module 20, for obtaining answering for the application that the input instruction is selected
With mark, whether the application that the selection is judged according to the application identities is that the multifunction intelligent key equipment is mounted
One in multiple applications, and it is determined that the selection application for the multifunction intelligent key equipment it is mounted it is multiple should
In the case of one in, according to the application identities, the application of the selection is obtained by the Hardware drive module 10
Environmental information, wherein, the environmental information includes:The application allows the instruction list and authority information performed;It is described
Hardware drive module 10, is additionally operable to receive the operational order of outside input, the operational order is sent into the operational control
Module 20;The operational control module 20, is additionally operable to:The operational order of the outside input is got, judges that the operation refers to
Whether order is in the instruction list, in the operational order in the case of the instruction list, according to the environmental information
In the authority information, judge to perform whether the operational order needs to be authorized, it is determined that performing the operational order
Need in the case of being authorized, point out user's input authentication information, and the authentication information inputted to user is authenticated, and is being recognized
In the case that card passes through, the application that the operational order is sent into the selection is performed, it is determined that performing the operational order
In the case of mandate need not being obtained, the application that the operational order is sent into the selection is performed;And in operational order
Not in the case of the instruction list, or, it is authenticated to the authentication information that user inputs in the case of,
Return to the configured information of application operation failure.
In the said equipment that the present embodiment is provided, multiple applications can be installed, for example, realizing the OTP of OTP functions in advance
Using, realize that the intelligent code key application of intelligent code key function is applied and realized to the IC-card of intellective IC card function, use
Family input instruction selection can be currently needed for the application that uses according to actual needs, and Hardware drive module 10 refers to receiving input
After order, input instruction is distributed into operational control module 20, operational control module 20 is it is determined that local installed answering for the selection
In the case of, the environmental information of the application of the selection is obtained by Hardware drive module 10, in subsequently received operational order
Afterwards, safety certification is carried out according to the information recorded in environmental information, in safety certification after, just sent operational order
Performed to corresponding application, so as to ensure that the safety that application program is performed, it is to avoid due on multifunction intelligent key equipment
The safety problem that application program is illegally called and caused.
In the present embodiment, the environmental information of the application of selection can be loaded into internal memory by operational control module 20,
When receiving the input instruction for exiting the application currently selected or selection new opplication, internal memory is emptied, to improve the processing speed of program
Degree.
In specific implementation process, external interface can be set in Hardware drive module 10, including but not limited to hardware is defeated
Entrance (for example, keyboard), wired external communication interface (for example, USB interface etc.) or wireless external communication interface are (for example, blue
Tooth etc.), user or external equipment can input the input instruction or operational order for selecting application by external interface.
In the present embodiment, in hardware layer, for each local mounted application, the ring of the application can be stored respectively
Environment information, operational control module 20, can by Hardware drive module 10 in the case of it is determined that locally having installed the application of selection
The corresponding environmental information of application to read selection.
In an optional embodiment of the present embodiment, the authority information in environmental information can record corresponding application
The authority obtained is needed when performing some operational orders, for example, it is necessary to obtain before the operational order for reading key is performed
PIN code certification;In addition, authority information can also record whether corresponding application has permission some operational orders of execution, for example, intelligence
Energy IC-card is applied without authority for reading signature key etc..
In an optional embodiment of the present embodiment, the environmental information can also include:Divide in advance for recording
The spatial information of the amount of physical memory of the application selected described in dispensing;The operational control module 20 can be also used for:Receive
Apply what is sent when performing the operational order to transfer application data request to the selection, wherein, it is described to transfer application
The identification information of the application data of request call is carried in request of data;According to the identification information, called described in judgement
The application data application that whether belongs to the selection file system under application data;Institute is judged according to the spatial information
Whether the physical storage address for stating the application data called belongs to the amount of physical memory for the application for being pre-assigned to the selection;
It is determined that application data under the file system for the application that the application data called belongs to the selection, and described call
In the case that the physical storage address of application data belongs to the amount of physical memory for the application for being pre-assigned to the selection, transfer
The application data called, and the application data called is returned to the application of the selection.
I.e. in above-mentioned optional embodiment, selection apply perform operational order when, it is necessary to call bottom store
Application data, then operational control module 20 receiving selection application send transfer application data request when, in order to ensure
The safety of application data, operational control module 20 performs two judgements and operated, and one judges that operation is to judge to ask that transfers to answer
With data whether be selection application file system under application data, another judge operation be judge request transfer should
With the physical storage addresses of data whether be the application for being pre-assigned to selection amount of physical memory, only judge behaviour at two
The judgement of work is that the application data that the application of selection is asked just is transferred in the case of being, and the application data is sent to
The application of selection, so as to ensure the safety of application data, it is to avoid transfer application data across application, for example, performing IC-card application
When, call signature private key of intelligent code key etc..
In above-mentioned optional embodiment, alternatively, the operational control module 20 specifically can be used for by with lower section
Application data under the file system for the application whether application data called described in formula judgement belongs to the selection:Described it will answer
The Hardware drive module 10 is sent to the identification information of mark and the application data of request call;According to the hardware driving
Whether the application data called described in the lookup result judgement that module 10 is returned belongs to the file system of the application of the selection
Application data under system;The Hardware drive module 10 can be also used for:Judge in file system corresponding with the application identities
The application data corresponding with the identification information whether is found under system, and lookup result is notified into the operational control module
20.I.e. in the optional embodiment, operational control module 20 is by the identification information of application identities and the application data of request call
Hardware drive module 10 is sent to, Hardware drive module 10 in application identities respective file system with searching the application data
Identification information, if found, illustrates that the application data of request call belongs to the file system of the application, otherwise, then illustrates
The application data of request call is not belonging to the file system of the application.In this way, hardware driving mould can directly be passed through
Block 10 is judged, without all application datas under the file system of the application currently selected are loaded into internal memory in advance, is subtracted
Few other additional processing.
In an optional embodiment of the embodiment of the present invention, the operational control module 20 can be also used for:Obtain
After the application identities of the application of selection, by the Hardware drive module 10, file corresponding with the application identities is obtained
All application datas under system, and all application datas are loaded into internal memory;It is described in the optional embodiment
Operational control module 20 specifically for judging whether the application data called belongs to answering for the selection in the following manner
Application data under file system:Judge to whether there is the application data corresponding with the identification information in the internal memory,
If, it is determined that the application data under the file system for the application that the application data called belongs to the selection, otherwise,
It is determined that the application data under the file system for the application that the application data called is not belonging to the selection.I.e. in the optional reality
Apply in mode, operational control module 20 is after the application identities of application of selection are got, by Hardware drive module 10, will
All application datas under the corresponding file system of application identities are loaded into internal memory, before some application data is transferred, root
According to the identification information for the application data for asking to transfer, all applications under the file system of the application loaded in internal memory are searched
With the presence or absence of the application data for asking to transfer in data, if it is present explanation asks the application data transferred to belong to choosing
Application data under the corresponding file system of application selected, otherwise, illustrates to ask the application data transferred to be not belonging to selection
Using the application data under corresponding file system.By the optional embodiment, operational control module 20 can be in advance by choosing
All application datas under the corresponding file system of application selected are loaded into internal memory, so as to receive every time to that should select
All without calling application data by Hardware drive module after the operational order of application, it can improve and judge to ask that transfers to answer
Judgement speed under the corresponding file system of application for whether belonging to selection with data, improves the execution efficiency of operational order.
In above-mentioned optional embodiment, operational control module 20 after the application identities of application of selection are got,
By Hardware drive module 10, all application datas under the corresponding file system of application identities are loaded into the situation in internal memory
Under, operational control module 20 transfer it is described call application data when, can be obtained directly from internal memory described in call answer
With data, so as to improve the speed for calling application data.
In above-mentioned optional embodiment, alternatively, the spatial information in environmental information is in record in advance to be corresponding
Application distribution amount of physical memory when, a range of physical addresses can be recorded, can also a record start physical address with
And be the size using the amount of physical memory of distribution, specific the present embodiment is not construed as limiting.
In above-mentioned optional embodiment, the tune of each application data can also be recorded in the authority information in environmental information
Weighting is limited, therefore, alternatively, and the operational control module 20 can be also used for before the application data called is transferred,
The authority information of the application of the selection is inquired about, judges whether the application of the selection has and transfers the application data called
Authority, in the case of it is determined that the application of the selection has the authority for transferring the application data called, execution is transferred
The operation of the application data called.By the optional embodiment, application data can be avoided illegally to be called, it is ensured that should
With the safety of data.
In an optional embodiment of the embodiment of the present invention, in order to avoid during the application of selection is performed,
The operational order of other application is performed by mistake, for example, after user selects the OTP applications of multifunction intelligent key equipment, it is outside
Card reader sends Card Reader request to multifunction intelligent key equipment, and in the present embodiment, the operational control module 20 can be with
For:Before the application that the operational order is sent to the selection is performed, judge that what is carried in the operational order answers
It is consistent with the application identities of the application (for example, the application OTP currently selected) of the selection with identifying whether, in consistent situation
Under, perform the operation that the application that the operational order is sent into the selection is performed.Pass through the optional embodiment, Ke Yibao
Multifunction intelligent key equipment is demonstrate,proved after user selectes an application, the behaviour of the other application outside the application will not be performed again
Instruct, it is to avoid multifunction intelligent key equipment is redirected between multiple application programs and caused dangerous using what is performed.
In a particular application, operational control module 20 can be real by the operational control layer in multifunction intelligent key equipment
It is existing, and Hardware drive module 10 can be realized by the layer of the hardware driving in multi-functional key devices, hardware driving layer is by right
External tapping is communicated with outside, also, hardware driving layer can directly access the storage of multifunction intelligent key equipment bottom
Equipment.
In an optional embodiment of the embodiment of the present invention, hardware driving layer in can with integrated scheduling layer function,
By multiple association coordinated managements in multifunction intelligent key equipment and call, so that specification flow.Or, in this implementation
In another optional embodiment of example, as shown in Fig. 2 dispatch layer can also be provided separately with hardware driving layer.Shown in Fig. 2
Structure in, external interface receives the application selection instruction (step 1) of outside input, and hardware driving layer refers to this using selection
Order is sent to dispatch layer (step 2), and this is dispatched to operational control layer (step 3), operational control by dispatch layer using selection instruction
Layer is it is determined that this is applied (present embodiment assumes that having installed three in multifunction intelligent key equipment using selection instruction is selected
Individual application, i.e., using 1, using 2 and apply 3, selected application for apply 2) for local mounted application in the case of, lead to
The environmental information (step 4) of the selected application of hardware driving layer reading bottom storage is crossed, after this, is connect in external interface
When receiving operational order (step 5), the operational order is sent to dispatch layer (step 6) by hardware driving layer, and dispatch layer grasps this
Operational control layer (step 7) is sent to as instruction, operational control layer judges the behaviour according to the environmental information of the current application of reading
Instruct whether in the instruction list of environmental information, if it is, determining whether to perform whether the operational order needs to obtain
Authorize, if not in instruction list, returning to the configured information with operation failure.If it is determined that performing the operation needs acquisition
Authorize, then point out user's input authentication information, and the authentication information inputted to user is authenticated, situation about passing through in certification
Under, operational order is sent to the application (step 8) of selection, if certification does not pass through, the instruction of application operation failure is returned to
Information;If it is determined that performing the operation need not be authorized, then the operational order is directly sent to the application (step of selection
8).The application of selection is received after the operational order, performs corresponding operation, during corresponding operation is performed, such as
Fruit needs to call application data, then application sends the call request (step 9) of application data, operational control layer to operational control layer
After the call request for receiving application data, judge whether the physical storage address for the application data that application request is called is dividing
Whether the amount of physical memory of the dispensing application and the application data of institute's request call are being sentenced under the file system of the application
Disconnected result is that in the case of being, operational control layer sends application data call request (step 10), hardware to hardware driving layer
Driving layer reads the application data of request call from the file system of the application, and the application data is returned into operational control
The application data is returned to application (step 12) by layer (step 11), operational control layer.
The operational order performs device of the multifunction intelligent key equipment provided by the present embodiment, can be in same intelligence
Multiple applications are realized on key devices, and each application can be isolated so that the proprietary instruction in each application can only be in the application
In effectively, and the application data respectively applied can only be by the application call, it is to avoid the security breaches between many applications, improves multi-functional
The security of intelligent cipher key equipment.
Embodiment 2
Present embodiments provide a kind of multifunction intelligent key equipment.
The structural representation for a kind of multifunction intelligent key equipment that Fig. 3 provides for the present embodiment, as shown in figure 3, this reality
Applying the multi-functional key devices of example offer mainly includes the operational order execution of the multifunction intelligent key equipment described in embodiment 1
Device, the function of the device specifically may refer to the description of embodiment 1, will not be repeated here.
As shown in figure 3, in an optional embodiment of the present embodiment, the multifunction intelligent key equipment can also be wrapped
Include:The parts such as memory 30, display unit 40, power supply 50 and input block 60.It will be understood by those skilled in the art that Fig. 3
In the multifunction intelligent key equipment structure that shows do not constitute restriction to multifunction intelligent key equipment, can include than figure
Show more or less parts, either combine some parts or different parts arrangement.
Each component parts of multifunction intelligent key equipment is simply introduced with reference to Fig. 3:
Memory 30 can be used for storage software program and data, can mainly include storing program area and storage data field,
Wherein, the application program that storing program area can be needed for storage program area, each function of multifunction intelligent key equipment is (such as
OTP, intellective IC card, card reader etc.) etc.;Storage data field can store in multifunction intelligent key equipment each apply journey
Application data (such as voice data, phone directory etc.) that sequence is created etc..
Input block 60 can be used for the numeral or character information for receiving input, and produce and multifunction intelligent key equipment
User set and function control it is relevant key signals input.Specifically, input block 60 may include contact panel 61 and
Other input equipments 62.Contact panel 61, also referred to as touch-screen, collect touch operation of the user on or near it (such as
User uses the behaviour of any suitable object or annex on contact panel 61 or near contact panel 61 such as finger, stylus
Make), and corresponding attachment means are driven according to formula set in advance.Except contact panel 61, input block 60 can also be wrapped
Include other input equipments 62.Specifically, other input equipments 62 can include but is not limited to physical keyboard, function key (such as sound
Measure control button, switch key etc.), trace ball, mouse, the one or more in action bars etc..
Display unit 40 can be used for the information and multifunctional intellectual for showing the information inputted by user or being supplied to user
The various menus of key devices.Display unit 40 may include display panel 41, optionally, can use liquid crystal display
(Liquid Crystal Display, LCD), Organic Light Emitting Diode (Organic Light-Emitting Diode,
) etc. OLED form configures display panel 41.Further, contact panel 61 can cover display panel 41 as multifunctional intellectual
The external interface of key devices.Although in figure 3, contact panel 61 is to come real as two independent parts with display panel 41
The input of existing multifunction intelligent key equipment and output function, but in some embodiments it is possible to by contact panel 61 with showing
Show the input that is integrated and realizing multifunction intelligent key equipment of panel 41 and output function.
Multifunction intelligent key equipment can also include the power supply 50 (such as battery) powered to all parts.
Although not shown, multifunction intelligent key equipment can also include camera, bluetooth module etc., no longer go to live in the household of one's in-laws on getting married herein
State.
Embodiment 3
A kind of method for executing operating instructions of multifunction intelligent key equipment is present embodiments provided, this method can pass through
Multi-functional intelligence described in the operational order performs device or embodiment 2 of multifunction intelligent key equipment described in above-described embodiment 1
Can key devices realize.Mainly provide the method for executing operating instructions of multifunction intelligent key equipment to the present embodiment below
Flow is illustrated, and other related contents may refer to the description of embodiment 1 or 2.
A kind of flow chart of the method for executing operating instructions for multifunction intelligent key equipment that Fig. 4 provides for the present embodiment,
As shown in figure 4, this method mainly may comprise steps of:
Step S401, Hardware drive module receives the input instruction for selecting application, and the input instruction is sent
Give operational control module;
Step S402, the operational control module obtains the application identities of the application of the input instruction selection;
Step S403, the operational control module according to the application identities judge the selection application whether be described in
One in the mounted multiple applications of multifunction intelligent key equipment;
Step S404, it is determined that the application of the selection is the mounted multiple applications of the multifunction intelligent key equipment
In one in the case of, the operational control module passes through the Hardware drive module and obtains institute according to the application identities
The environmental information of the application of selection is stated, wherein, the environmental information includes:The application allows instruction list and the power performed
Limit information;
After the environmental information of application of the selection is obtained, received every time in the Hardware drive module outside defeated
During the operational order entered, subsequent step S405 to step S409 is performed, i.e., receives outside every time in the Hardware drive module
During the operational order of input, circulation performs step S405 to step S409.
Step S405, the operational control module gets the operational order of the outside input, judges that the operation refers to
Whether order is in the instruction list, if it is, performing step S406, otherwise, performs step S409;
Step S406, the authority information in the environmental information judges to perform whether the operational order needs
Authorized, if it is, performing step S407, otherwise, perform step S408;
Step 407, user's input authentication information is pointed out, and the authentication information inputted to user is authenticated, it is logical in certification
In the case of crossing, step S408 is performed, in certification in the case of, step S409 is performed;
Step S408, the application that the operational order is sent into the selection is performed;
Step S409, the operational control module returns to the configured information of application operation failure.
In the above method that the present embodiment is provided, user input instruction selection can be currently needed for making according to actual needs
Input instruction is distributed to operational control module, operational control by application, Hardware drive module after input instruction is received
Module obtains the environment letter of the application of selection by Hardware drive module in the case of it is determined that locally having installed the application of selection
Breath, after subsequently received operational order, safety certification is carried out according to the information recorded in environmental information, logical in safety certification
After crossing, operational order is just sent to corresponding application and performed, so as to ensure that the safety of application program, it is to avoid due to many work(
The safety problem that application program on energy intelligent cipher key equipment is illegally called and caused.
In the present embodiment, the environmental information of the application of selection can be loaded into internal memory by operational control module, connect
When receiving the input instruction for exiting the application currently selected or selection new opplication, internal memory is emptied, to improve the processing speed of program.
In specific implementation process, external interface can be set in Hardware drive module, including but not limited to hardware is inputted
Mouth (for example, keyboard), wired external communication interface (for example, USB interface etc.) or wireless external communication interface are (for example, bluetooth
Deng), user or external equipment can input the input instruction or operational order for selecting application by external interface.
In the present embodiment, in hardware layer, for each local mounted application, the application can be stored respectively in advance
Environmental information, operational control module it is determined that it is local the application of selection has been installed in the case of, can by Hardware drive module
The corresponding environmental information of application to read selection.
In an optional embodiment of the embodiment of the present invention, the environmental information also includes:Divide in advance for recording
The spatial information of the amount of physical memory of the application selected described in dispensing;After step S408, methods described also includes:It is described
Operational control module receive the selection apply perform the operational order when send transfer application data request, its
In, it is described to transfer the identification information that the application data of request call is carried in application data request;The operational control mould
Root tuber according to the identification information, judge described in the application that whether belongs to the selection of the application data called file system under
Application data;The physical storage address for the application data that the operational control module is called according to judging the spatial information
Whether the amount of physical memory of the application that is pre-assigned to the selection is belonged to;It is determined that the application data called belongs to institute
Application data under the file system for the application for stating selection, and the physical storage address of the application data called belongs to advance
In the case of the amount of physical memory for the application for distributing to the selection, the application called described in the operational control module calls
Data, and the application data called is returned to the application of the selection.
I.e. in above-mentioned optional embodiment, selection apply perform operational order when, it is necessary to call bottom store
Application data, then operational control module receiving selection application send transfer application data request when, in order to ensure should
With the safety of data, operational control module performs two and judges operation, and one judges that operation is the application for judging to ask to transfer
Data whether be selection application file system under application data, another judges that operation is to judge that asks to transfer answers
With the physical storage addresses of data whether be the application for being pre-assigned to selection amount of physical memory, only judge behaviour at two
The judgement of work is that the application data that the application of selection is asked just is transferred in the case of being, and the application data is sent to
The application of selection, so as to ensure the safety of application data, it is to avoid transfer application data across application.
In above-mentioned optional embodiment, alternatively, the operational control module judges described according to the identification information
The application data whether application data called belongs under the file system of the application of the selection, can include:The operation
The application identities and the identification information are sent to the Hardware drive module by control module;The Hardware drive module is sentenced
Break and the application data corresponding with the identification information whether is found under file system corresponding with the application identities, and will
Lookup result notifies the operational control module;The institute that the operational control module is called according to judging the lookup result
State the application data under the file system for the application whether application data belongs to the selection.I.e. in the optional embodiment, behaviour
Make control module and the identification information of application identities and application data is sent to Hardware drive module, Hardware drive module is with answering
The identification information of the application data is searched with mark respective file system, if found, illustrates answering for institute's request call
Belong to the file system of the application with data, otherwise, then illustrate that the application data of institute's request call is not belonging to the file of the application
System.In this way, directly it can be judged by Hardware drive module, without in advance by the application currently selected
All application datas under file system are loaded into internal memory, reduce other additional processing.
In an optional embodiment of the embodiment of the present invention, the operational control module obtains answering for the application of selection
After mark, methods described also includes:The operational control module is obtained and the application by the Hardware drive module
All application datas under corresponding file system are identified, and all application datas are loaded into internal memory;The operation
Control module according to the identification information, judge described in the application data called whether belong to the selection application file system
Application data under system, including:The operational control module is judged in the internal memory with the presence or absence of corresponding with the identification information
Application data, if, it is determined that under the file system for the application that the application data called belongs to the selection should
With data, otherwise, it determines the application data under the file system for the application that the application data called is not belonging to the selection.
I.e. in the optional embodiment, operational control module is driven after the application identities of application of selection are got by hardware
Dynamic model block, all application datas under the corresponding file system of application identities are loaded into internal memory, number is applied transferring some
According to before, according to the identification information for the application data for asking to transfer, under the file system for searching the application loaded in internal memory
All application datas in the presence or absence of the application data transferred is asked, if it is present illustrating the application for asking to transfer
The application data that data belong under the corresponding file system of application of selection, otherwise, illustrates to ask the application data transferred not
The application data belonged under the corresponding file system of application of selection.By the optional embodiment, operational control module can be with
All application datas under the corresponding file system of the application of selection are loaded into internal memory in advance, so as to receive correspondence every time
All it can improve judgement without calling application data by Hardware drive module after the operational order of the application of the selection and be asked
The judgement the speed whether application data transferred belongs under the corresponding file system of application of selection, improves the execution of operational order
Efficiency.
In above-mentioned optional embodiment, operational control module is led to after the application identities of application of selection are got
Hardware drive module is crossed, in the case that all application datas under the corresponding file system of application identities are loaded into internal memory,
Operational control module transfer it is described call application data when, can be obtained directly from internal memory described in the application number that calls
According to so as to improve the speed for calling application data.
In above-mentioned optional embodiment, alternatively, the spatial information in environmental information is in record in advance to be corresponding
Application distribution amount of physical memory when, a range of physical addresses can be recorded, can also a record start physical address with
And be the size using the amount of physical memory of distribution, specific the present embodiment is not construed as limiting.
In above-mentioned optional embodiment, the tune of each application data can also be recorded in the authority information in environmental information
Weighting is limited, and therefore, alternatively, before the application data called described in the operational control module calls, methods described may be used also
With including:Authority information described in the operational control module polls, judges whether the application of the selection has and transfers the tune
The authority of application data, it is determined that the application of the selection has a case that the authority for transferring the application data called
Under, perform the operation for transferring the application data called.By the optional embodiment, application data can be avoided illegal
Call, it is ensured that the safety of application data.
In an optional embodiment of the embodiment of the present invention, in order to avoid during the application of selection is performed,
The operational order of other application is performed by mistake, for example, after user selects the OTP applications of multifunction intelligent key equipment, it is outside
Card reader sends Card Reader request to multifunction intelligent key equipment, in the present embodiment, the operational order is sent to described
Before the application of selection is performed, methods described can also include:The operational control module judges to carry in the operational order
Application identities it is whether consistent with the application identities of the application of the selection, in the case of consistent, perform and refer to the operation
The step of application that order is sent to the selection is performed.Pass through the optional embodiment, it is ensured that multifunction intelligent key is set
After an application is selected in user, the operational order of the other application outside the application will not be performed again, it is to avoid multi-functional
Intelligent cipher key equipment is redirected between multiple application programs and caused dangerous using what is performed.
The method for executing operating instructions of the multifunction intelligent key equipment provided by the present embodiment, can be in same intelligence
Multiple applications are realized on key devices, and each application can be isolated so that the proprietary instruction in each application can only be in the application
In effectively, and the application data respectively applied can only be by the application call, it is to avoid the security breaches between many applications, improves multi-functional
The security of intelligent cipher key equipment.
Any process described otherwise above or method description are construed as in flow chart or herein, represent to include
Module, fragment or the portion of the code of one or more executable instructions for the step of realizing specific logical function or process
Point, and the scope of the preferred embodiment of the present invention includes other realization, wherein can not be by shown or discussion suitable
Sequence, including according to involved function by it is basic simultaneously in the way of or in the opposite order, carry out perform function, this should be of the invention
Embodiment person of ordinary skill in the field understood.
It should be appreciated that each several part of the present invention can be realized with hardware, software, firmware or combinations thereof.Above-mentioned
In embodiment, the software that multiple steps or method can in memory and by suitable instruction execution system be performed with storage
Or firmware is realized.If, and in another embodiment, can be with well known in the art for example, realized with hardware
Any one of row technology or their combination are realized:With the logic gates for realizing logic function to data-signal
Discrete logic, the application specific integrated circuit with suitable combinational logic gate circuit, programmable gate array (PGA), scene
Programmable gate array (FPGA) etc..
Those skilled in the art are appreciated that to realize all or part of step that above-described embodiment method is carried
Rapid to can be by program to instruct the hardware of correlation to complete, described program can be stored in a kind of computer-readable storage medium
In matter, the program upon execution, including one or a combination set of the step of embodiment of the method.
In addition, each functional unit in each embodiment of the invention can be integrated in a processing module, can also
That unit is individually physically present, can also two or more units be integrated in a module.Above-mentioned integrated mould
Block can both be realized in the form of hardware, it would however also be possible to employ the form of software function module is realized.The integrated module is such as
Fruit is realized using in the form of software function module and as independent production marketing or in use, can also be stored in a computer
In read/write memory medium.
Storage medium mentioned above can be read-only storage, disk or CD etc..
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means to combine specific features, structure, material or the spy that the embodiment or example are described
Point is contained at least one embodiment of the present invention or example.In this manual, to the schematic representation of above-mentioned term not
Necessarily refer to identical embodiment or example.Moreover, specific features, structure, material or the feature of description can be any
One or more embodiments or example in combine in an appropriate manner.
Although embodiments of the invention have been shown and described above, it is to be understood that above-described embodiment is example
Property, it is impossible to limitation of the present invention is interpreted as, one of ordinary skill in the art is not departing from the principle and objective of the present invention
In the case of above-described embodiment can be changed within the scope of the invention, change, replace and modification.The scope of the present invention
By appended claims and its equivalent limit.
Claims (13)
1. a kind of method for executing operating instructions of multifunction intelligent key equipment, it is characterised in that including:
Hardware drive module receives the input instruction for selecting application, and the input instruction is sent into operational control mould
Block;
The operational control module obtains the application identities of the application of the input instruction selection;
The operational control module judges whether the application of the selection is that the multifunctional intellectual is close according to the application identities
One in the mounted multiple applications of key equipment;
It is determined that the selection application be the mounted multiple applications of the multifunction intelligent key equipment in the feelings of one
Under condition, the operational control module obtains the application of the selection by the Hardware drive module according to the application identities
Environmental information, wherein, the environmental information includes:The application allows the instruction list and authority information performed;
After the environmental information of application of the selection is obtained, outside input is received every time in the Hardware drive module
During operational order, following steps are performed:
Step 1, the operational control module gets the operational order of the outside input, judge the operational order whether
In the instruction list, if it is, performing step 2, otherwise, step 5 is performed;
Step 2, the authority information in the environmental information, judges to perform whether the operational order needs to be awarded
Power, if it is, performing step 3, otherwise, performs step 4;
Step 3, user's input authentication information is pointed out, and the authentication information inputted to user is authenticated, the feelings passed through in certification
Under condition, step 4 is performed, in certification in the case of, step 5 is performed;
Step 4, the application for the operational order being sent into the selection is performed;
Step 5, the operational control module returns to the configured information of application operation failure.
2. according to the method described in claim 1, it is characterised in that
The environmental information also includes:For the space letter for the amount of physical memory for recording the application for being pre-assigned to the selection
Breath;
After step 4, methods described also includes:
What the operational control module received the selection applies what is sent when performing the operational order to transfer and apply number
According to request, wherein, it is described to transfer the identification information that the application data of request call is carried in application data request;
The operational control module according to the identification information, judge described in the application data called whether belong to the selection
Application data under the file system of application;
Whether the physical storage address for the application data that the operational control module is called according to judging the spatial information
Belong to the amount of physical memory for the application for being pre-assigned to the selection;
It is determined that application data under the file system for the application that the application data called belongs to the selection, and described adjust
In the case that the physical storage address of application data belongs to the amount of physical memory for the application for being pre-assigned to the selection,
The application data called described in the operational control module calls, and the application data called is returned into the selection
Using.
3. method according to claim 2, it is characterised in that the application number called described in the operational control module calls
According to before, methods described also includes:
Authority information described in the operational control module polls, judges whether the application of the selection has and transfers described call
The authority of application data, in the case of it is determined that the application of the selection has the authority for transferring the application data called,
Perform the operation for transferring the application data called.
4. method according to claim 2, it is characterised in that the operational control module is sentenced according to the identification information
Application data under the file system for the application whether disconnected application data called belongs to the selection, including:
The application identities and the identification information are sent to the Hardware drive module by the operational control module;
The Hardware drive module judges whether found under file system corresponding with the application identities and the mark
The corresponding application data of information, and lookup result is notified into the operational control module;
Whether the application data that the operational control module is called according to judging the lookup result belongs to the choosing
Application data under the file system for the application selected.
5. method according to claim 2, it is characterised in that
After the application identities for the application that the operational control module obtains selection, methods described also includes:The operational control
Module obtains all application datas under file system corresponding with the application identities by the Hardware drive module, and
All application datas are loaded into internal memory;
The operational control module according to the identification information, judge described in the application data called whether belong to the selection
Application data under the file system of application, including:The operational control module judge in the internal memory whether there is with it is described
Application data corresponding to identification information, if, it is determined that the application data called belongs to the text of the application of the selection
Application data under part system, otherwise, it determines the application data called is not belonging to the file system of the application of the selection
Under application data.
6. the method according to any one of claim 1 to 5, it is characterised in that the operational order is sent to the choosing
Before the application selected is performed, methods described also includes:The operational control module judges the application carried in the operational order
Identify whether consistent with the application identities of the application of the selection, in the case of consistent, execution sends the operational order
The step of application to the selection is performed.
7. a kind of operational order performs device of multifunction intelligent key equipment, it is characterised in that including:
Hardware drive module, for receiving the input instruction for selecting application, operation control is sent to by the input instruction
Molding block;
The operational control module, the application identities of the application for obtaining the input instruction selection, according to the application mark
Know and judge whether the application of the selection is one in the mounted multiple applications of the multifunction intelligent key equipment, and
In the case of determining that the application of the selection is one in the mounted multiple applications of the multifunction intelligent key equipment, root
According to the application identities, the environmental information of the application of the selection is obtained by the Hardware drive module, wherein, the environment
Information includes:The application allows the instruction list and authority information performed;
The Hardware drive module, is additionally operable to receive the operational order of outside input, the operational order is sent into the behaviour
Make control module;
The operational control module, is additionally operable to:The operational order of the outside input is got, whether the operational order is judged
In the instruction list, in the operational order in the case of the instruction list, the institute in the environmental information
Authority information is stated, judges to perform whether the operational order needs to be authorized, it is determined that performing the operational order needs to obtain
In the case of must authorizing, user's input authentication information is pointed out, and the authentication information inputted to user is authenticated, and is passed through in certification
In the case of, the application that the operational order is sent into the selection is performed, and is not needed it is determined that performing the operational order
In the case of being authorized, the application that the operational order is sent into the selection is performed;And in operational order not in institute
In the case of stating instruction list, or, it is authenticated to the authentication information that user inputs in the case of, returning should
With the configured information of operation failure.
8. device according to claim 7, it is characterised in that
The environmental information also includes:For the space letter for the amount of physical memory for recording the application for being pre-assigned to the selection
Breath;
The operational control module is additionally operable to:Receive the selection applies what is sent when performing the operational order to transfer
Application data is asked, wherein, it is described to transfer the identification information that the application data of request call is carried in application data request;
According to the identification information, answering under the file system for the application whether application data called described in judgement belongs to the selection
Use data;Whether the physical storage address for the application data called according to judging the spatial information, which belongs to, is pre-assigned to
The amount of physical memory of the application of the selection;It is determined that the application data called belongs to the file of the application of the selection
Application data under system, and the application data called physical storage address belong to be pre-assigned to the selection should
In the case of amount of physical memory, the application data called is transferred, and the application data called is returned to
The application of the selection.
9. device according to claim 8, it is characterised in that
The operational control module is additionally operable to:Before the application data called is transferred, the authority information is inquired about, is judged
Whether the application of the selection has the authority for transferring the application data called, it is determined that the application of the selection has tune
In the case of the authority for taking the application data called, the operation for transferring the application data called is performed.
10. device according to claim 8, it is characterised in that
The operational control module specifically for judging whether the application data called belongs to the choosing in the following manner
Application data under the file system for the application selected:The application identities and the identification information are sent to the hardware driving
Module;Described in whether the application data called according to judging the lookup result that the Hardware drive module is returned belongs to
Application data under the file system of the application of selection;
The Hardware drive module is additionally operable to:Judge whether found under file system corresponding with the application identities and institute
Application data corresponding to identification information is stated, and lookup result is notified into the operational control module.
11. device according to claim 8, it is characterised in that
The operational control module is additionally operable to:After the application identities for the application for obtaining selection, by the Hardware drive module,
All application datas under corresponding with application identities file system are obtained, and all application datas are loaded into interior
In depositing;
The operational control module specifically for judging whether the application data called belongs to the choosing in the following manner
Application data under the file system for the application selected:Judge to whether there is the application corresponding with the identification information in the internal memory
Data, if, it is determined that the application data under the file system for the application that the application data called belongs to the selection,
Otherwise, it determines the application data under the file system for the application that the application data called is not belonging to the selection.
12. the device according to any one of claim 7 to 11, it is characterised in that
The operational control module is additionally operable to:Before the application that the operational order is sent to the selection is performed, judge
Whether the application identities carried in the operational order are consistent with the application identities of the application of the selection, in consistent situation
Under, perform the operation that the application that the operational order is sent into the selection is performed.
13. a kind of multifunction intelligent key equipment, it is characterised in that including any one of claim 7 to 12 described device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710138730.1A CN107066894B (en) | 2017-03-09 | 2017-03-09 | Multifunctional intelligent secret key equipment and operation instruction execution method and device thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710138730.1A CN107066894B (en) | 2017-03-09 | 2017-03-09 | Multifunctional intelligent secret key equipment and operation instruction execution method and device thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107066894A true CN107066894A (en) | 2017-08-18 |
CN107066894B CN107066894B (en) | 2019-12-10 |
Family
ID=59622528
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710138730.1A Active CN107066894B (en) | 2017-03-09 | 2017-03-09 | Multifunctional intelligent secret key equipment and operation instruction execution method and device thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107066894B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109586902A (en) * | 2018-12-10 | 2019-04-05 | 飞天诚信科技股份有限公司 | A kind of intelligent cipher key equipment and its working method |
CN109800561A (en) * | 2018-12-29 | 2019-05-24 | 360企业安全技术(珠海)有限公司 | Drive authority control method, client, system and storage medium |
CN109831304A (en) * | 2018-12-26 | 2019-05-31 | 北京握奇智能科技有限公司 | A kind of more application methods and system of ID authentication device |
CN111124522A (en) * | 2020-04-01 | 2020-05-08 | 广东戴维利科技有限公司 | Method and system for mixing microkernel and macrokernel |
CN112543454A (en) * | 2020-11-30 | 2021-03-23 | 亚信科技(成都)有限公司 | Authentication method and equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102222390A (en) * | 2011-06-30 | 2011-10-19 | 飞天诚信科技股份有限公司 | Multifunctional intelligent key device and working method thereof |
CN102542323A (en) * | 2010-11-16 | 2012-07-04 | 北京中电华大电子设计有限责任公司 | Multifunctional visual intelligent card |
CN103297243A (en) * | 2013-06-14 | 2013-09-11 | 飞天诚信科技股份有限公司 | Working method of multi-functional intelligent secret key device |
CN105376059A (en) * | 2014-08-15 | 2016-03-02 | 中国电信股份有限公司 | Method and system for performing application signature based on electronic key |
CN106022095A (en) * | 2016-01-21 | 2016-10-12 | 李明 | Safety device, safety control method and identity card card-reading terminal |
-
2017
- 2017-03-09 CN CN201710138730.1A patent/CN107066894B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102542323A (en) * | 2010-11-16 | 2012-07-04 | 北京中电华大电子设计有限责任公司 | Multifunctional visual intelligent card |
CN102222390A (en) * | 2011-06-30 | 2011-10-19 | 飞天诚信科技股份有限公司 | Multifunctional intelligent key device and working method thereof |
CN103297243A (en) * | 2013-06-14 | 2013-09-11 | 飞天诚信科技股份有限公司 | Working method of multi-functional intelligent secret key device |
CN105376059A (en) * | 2014-08-15 | 2016-03-02 | 中国电信股份有限公司 | Method and system for performing application signature based on electronic key |
CN106022095A (en) * | 2016-01-21 | 2016-10-12 | 李明 | Safety device, safety control method and identity card card-reading terminal |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109586902A (en) * | 2018-12-10 | 2019-04-05 | 飞天诚信科技股份有限公司 | A kind of intelligent cipher key equipment and its working method |
CN109586902B (en) * | 2018-12-10 | 2021-07-20 | 飞天诚信科技股份有限公司 | Intelligent key equipment and working method thereof |
CN109831304A (en) * | 2018-12-26 | 2019-05-31 | 北京握奇智能科技有限公司 | A kind of more application methods and system of ID authentication device |
CN109831304B (en) * | 2018-12-26 | 2024-04-02 | 北京握奇智能科技有限公司 | Multi-application method and system of identity authentication equipment |
CN109800561A (en) * | 2018-12-29 | 2019-05-24 | 360企业安全技术(珠海)有限公司 | Drive authority control method, client, system and storage medium |
CN111124522A (en) * | 2020-04-01 | 2020-05-08 | 广东戴维利科技有限公司 | Method and system for mixing microkernel and macrokernel |
CN112543454A (en) * | 2020-11-30 | 2021-03-23 | 亚信科技(成都)有限公司 | Authentication method and equipment |
CN112543454B (en) * | 2020-11-30 | 2022-11-15 | 亚信科技(成都)有限公司 | Authentication method and equipment |
Also Published As
Publication number | Publication date |
---|---|
CN107066894B (en) | 2019-12-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107066894A (en) | A kind of multifunction intelligent key equipment and its method for executing operating instructions and device | |
CN107818258A (en) | Indirect certification | |
CN101447010B (en) | Login system and method for logging in | |
CN106487747B (en) | User identification method, system, device and processing method, device | |
CN104798078B (en) | Calculate the transformation between the access state of device | |
AU2014327030B2 (en) | Scrambling passcode entry interface | |
CN107526953A (en) | Support the electronic installation and its operating method of finger print identifying function | |
CN107852599A (en) | Use the selective matching of the wireless device of shared key | |
US8601552B1 (en) | Personal identification pairs | |
CN107944332A (en) | Fingerprint recognition card and the method for operating fingerprint recognition card | |
CN106537403A (en) | System for accessing data from multiple devices | |
CN106104563A (en) | The technology of network security is provided by the account just opened on time | |
CN106797383A (en) | Security context management in multi-tenant environment | |
CN108563942A (en) | Utilize the certification of two level ratifier | |
CN106652109A (en) | Intelligent lock control method, device and lock management server | |
CN105956431B (en) | A kind of application protection processing method and mobile terminal | |
CN103310169A (en) | SD (Secure Digital) card data protection method and protection system thereof | |
CN105701420B (en) | A kind of management method and terminal of user data | |
CN106354399A (en) | Method, device, and electronic device for assignment of application permission | |
CN105337974A (en) | Account authorization method, account login method, account authorization device and client end | |
CN109643473A (en) | A kind of method, apparatus and system of identity legitimacy verifying | |
CN106327206A (en) | Genuine product certification means and system | |
CN103793644B (en) | Information safety devices realize method, information safety devices and the system of many applications | |
CN105956436A (en) | Permission control method of application program, and terminal | |
CN105791139A (en) | Routing device, network access method and device of communication terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |