CN109302289B - SE space management method and device - Google Patents

SE space management method and device Download PDF

Info

Publication number
CN109302289B
CN109302289B CN201710607881.7A CN201710607881A CN109302289B CN 109302289 B CN109302289 B CN 109302289B CN 201710607881 A CN201710607881 A CN 201710607881A CN 109302289 B CN109302289 B CN 109302289B
Authority
CN
China
Prior art keywords
application program
logic data
main
application
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710607881.7A
Other languages
Chinese (zh)
Other versions
CN109302289A (en
Inventor
王青
李亚强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Communications Ltd Research Institute filed Critical China Mobile Communications Group Co Ltd
Priority to CN201710607881.7A priority Critical patent/CN109302289B/en
Publication of CN109302289A publication Critical patent/CN109302289A/en
Application granted granted Critical
Publication of CN109302289B publication Critical patent/CN109302289B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Stored Programmes (AREA)

Abstract

The invention relates to a computer technology, in particular to a method and a device for managing SE space, which are used for realizing the rationalization application of SE space resources. The method comprises the following steps: during downloading, storing personalized data of the application program to a main card with an NFC function, storing logic data of part of the application program to the main card based on a first preset condition, storing logic data of other application programs to an auxiliary card, periodically detecting the use condition of the application program during the use process of the subsequent application program, and adjusting the storage position of the logic data of the part of the application program in real time by combining a second preset condition. Therefore, SE spaces on the main card and the auxiliary card are reasonably utilized, the embarrassment that the SE spaces are insufficient when a user downloads a plurality of application programs is relieved, more choices are provided for the user to download the application programs, the user cannot feel when the user uses the application programs as much as possible, and the user experience is guaranteed.

Description

SE space management method and device
Technical Field
The present invention relates to computer technologies, and in particular, to a method and an apparatus for SE space management.
Background
With the development of mobile internet and the transformation of consumption habits of mobile phone netizens, mobile payment has entered a high-speed development period. Compared with the traditional payment, the mobile payment has the advantages of simple and convenient operation, quick transaction, good safety and the like, and is more and more accepted by people.
Near Field Communication (NFC) payment refers to payment completed by mobile phones and other handheld devices by adopting the NFC technology, and is a new mobile payment method. The NFC-SWP scheme, which is dominated by telecom operators and financial institutions, has also been supported by more mobile phone terminal manufacturers, banks, and third party payment institutions.
In the prior art, a Trusted Service Manager (TSM) is used as a Trusted Service management platform, is a core of an NFC mobile payment Service, and provides a Secure Element (SE) operation and management function such as application downloading/deletion for a user.
The working system architecture diagram of the TSM is shown in fig. 1, wherein the main functional units include:
SE provider TSM (i.e. SEI TSM): support simultaneous access to multiple Service Providers (SPs) and SP TSMs.
The SEI TSM is responsible for access control to the SE and provides card content management for other functional units.
Service provider tsm (sp tsm): the system can be used as an aggregator to support the access of a plurality of SPs and is a third-party platform with public trust.
The SP TSM accesses the SEI TSM and performs card content management under the entrusting authorization of the SEI TSM.
Service Provider (SP): some mechanism for providing NFC services to users.
The SP can complete service deployment and life cycle management through the SP TSM to which the SP has access. In a simple mode, the SP can also directly access the SEI TSM, submit the application to the SEI TSM, and complete card content management by the SEI TSM.
Mobile network operator: providing Over-the-Air Technology (OTA) Technology capability for access to a mobile network environment.
Security Element (SE): the SE may have a variety of forms-including a SIM card (often used as a security module by mobile operators), a chip embedded in a handset, and a microSD card directly connected to an NFC wireless chip, etc.
At present, in an NFC-SWP scheme generally adopted by an operator, only one-machine-one-card application management mode is supported, that is, for the same user, a TSM can only manage one NFC-SIM card at the same time. When a user uses the NFC-SIM card, the user needs to complete registration in the TSM, and binds the mobile phone number with the SEID information of the NFC-SIM card. After that, the operations such as application downloading can be performed through the TSM.
When the application is downloaded, a user firstly initiates an application program downloading request through a matched terminal, and after receiving the downloading request, the TSM performs application program downloading qualification check (performs user identity verification, SE space examination, application AC rule examination and the like), and establishes an end-to-end secure channel with the SE through security domain key protection. And then, sequentially sending the application program installation and personalization instructions to the SE, and finishing the application program installation and application program personalization processing by the SE.
For example, a structure diagram of a network supporting the NFC-SWP scheme is shown in fig. 2.
However, in the prior art, the SWP-SIM card provides the user with only 300K total space for storing applications, and the space occupied by one application is about 40K on average. At present, more than 180 applications are available for downloading on the TSM, and a user is likely to need to download and use multiple applications (e.g., applications of multiple bank cards, urban public transportation applications, enterprise all-purpose card applications, etc.) at the same time, which is very easy to cause a situation of insufficient card space. At this time, if the user needs to download a new application program, the user can only replace the available space by deleting part of the installed application program, and then download the new application program. This approach is cumbersome and can bring a very bad experience to the user, and the user repeatedly downloads/deletes applications, which also results in waste of TSM platform management resources and communication resources.
Therefore, how to expand and reasonably utilize SE space resources in the SWP-SIM card and provide sufficient SE usage space for the user is a problem to be solved urgently in the NFC-SWP technical scheme.
Disclosure of Invention
The embodiment of the invention provides a SE space management method and device, which are used for realizing reasonable application of SE space resources.
The embodiment of the invention provides the following specific technical scheme:
a Secure Element (SE) space management method comprises the following steps:
in the downloading process of the application program, the terminal stores the personalized data of the application program in the main SE, stores the logic data of the application program meeting the first preset condition in the main SE, and stores the logic data of the application program not meeting the first preset condition in the auxiliary SE;
and in the application program using process, the terminal detects the using condition of each application program according to a set period, and adjusts the storage position of the logic data of part of the application programs according to the detection result and the combination of a second preset condition.
Optionally, the first preset condition at least includes any one or any combination of the following rules:
if the logic data of the application program is sharable data, storing the logic data of the application program in a main SE, wherein the main SE is an element for bearing the NFC function;
if the following rules are set for a specified type of application: only one application is allowed to be activated for the same type of application at the same time; storing the logic data of the activated application program in the specified type in a main SE, and storing the logic data of other application programs in the specified type in a sub SE;
and comparing the size of the logic data of the application program with a first set threshold, if the size of the logic data of the application program is smaller than the first set threshold, storing the logic data of the application program in the main card, and if the size of the logic data of the application program is larger than or equal to the first set threshold, storing the logic data of the application program in the auxiliary card.
Optionally, the first set threshold is a fixed threshold set by a manager according to experience, or,
the first set threshold is a dynamically changing threshold set based on the total main card capacity and the remaining main card capacity.
Optionally, further comprising:
in the process of using the first preset condition, if at least two rules contained in the first preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; alternatively, the first and second electrodes may be,
and informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
Optionally, the second preset condition at least includes one or any combination of the following rules
Screening N application programs with the highest use frequency of set duration according to the use condition of each application program, storing logic data of the N application programs in a main SE, and storing logic data of other application programs in a secondary card;
if the logic data of the application program is sharable data, the logic data of the application program is stored in a main SE, and the main SE is an element bearing an NFC function, such as an NFC-SIM card.
In practice, some logic data may share several sets of personalization data and thus be packaged into different applications, and therefore, for logic data that needs to be shared, may be stored in the master SE.
If the logic data of the application program is sharable data, storing the logic data of the application program in a main SE, wherein the main SE is an element for bearing the NFC function;
the following rules are set for a given type of application: only one application is allowed to be activated for the same type of application at the same time; storing the logic data of the activated application program in the specified type in a main SE, and storing the logic data of other application programs in the specified type in a sub SE;
and comparing the size of the logic data of the application program with a second set threshold, if the size of the logic data of the application program is smaller than the second set threshold, storing the logic data of the application program in the main card, and if the size of the logic data of the application program is larger than or equal to the second set threshold, storing the logic data of the application program in the auxiliary card.
Optionally, the second set threshold is a fixed threshold set by a manager according to experience, or,
the second set threshold is a dynamically changing threshold set based on the total main card capacity and the remaining main card capacity.
Optionally, further comprising:
in the process of using the second preset condition, if at least two rules contained in the second preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; alternatively, the first and second electrodes may be,
and informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
Optionally, further comprising:
after each detection is finished, counting the occupation ratio of the application program with the adjusted storage position of the logic data;
if the occupation ratio is determined to be higher than a first threshold value, shortening the cycle duration according to a first set step length;
and if the ratio is determined to be lower than the second threshold value, prolonging the period duration according to a second set step length.
Optionally, further comprising: a
Receiving a calling instruction of a first application program, wherein the personalized data of the first application program is stored in a main SE, and the logic data is stored in a secondary SE;
caching the logic data of the first application program stored in the auxiliary card in a main SE;
and calling the personalization data of the first application program from the main SE to complete a verification process, and calling the logic data of the first application program from the main SE to execute the calling instruction.
A Secure Element (SE) space management apparatus, comprising:
the storage unit is used for storing the personalized data of the application program in the main SE by the terminal in the downloading process of the application program, storing the logic data of the application program meeting the first preset condition in the main SE, and storing the logic data of the application program not meeting the first preset condition in the auxiliary SE;
and the adjusting unit is used for detecting the use condition of each application program according to a set period by the terminal in the use process of the application program and adjusting the storage position of the logic data of part of the application programs according to the detection result and the combination of a second preset condition.
Optionally, the first preset condition at least includes any one or any combination of the following rules:
if the logic data of the application program is sharable data, storing the logic data of the application program in a main SE, wherein the main SE is an element for bearing the NFC function;
if the following rules are set for a specified type of application: only one application is allowed to be activated for the same type of application at the same time; storing the logic data of the activated application program in the specified type in a main SE, and storing the logic data of other application programs in the specified type in a sub SE;
and comparing the size of the logic data of the application program with a first set threshold, if the size of the logic data of the application program is smaller than the first set threshold, storing the logic data of the application program in the main card, and if the size of the logic data of the application program is larger than or equal to the first set threshold, storing the logic data of the application program in the auxiliary card.
Optionally, the first set threshold is a fixed threshold set by a manager according to experience, or,
the first set threshold is a dynamically changing threshold set based on the total main card capacity and the remaining main card capacity.
Optionally, the storage unit is further configured to:
in the process of using the first preset condition, if at least two rules contained in the first preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; alternatively, the first and second electrodes may be,
and informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
Optionally, the second preset condition at least includes one or any combination of the following rules
Screening N application programs with the highest use frequency of set duration according to the use condition of each application program, storing logic data of the N application programs in a main SE, and storing logic data of other application programs in a secondary card;
if the logic data of the application program is sharable data, the logic data of the application program is stored in a main SE, and the main SE is an element bearing an NFC function, such as an NFC-SIM card.
In practice, some logic data may share several sets of personalization data and thus be packaged into different applications, and therefore, for logic data that needs to be shared, may be stored in the master SE.
If the logic data of the application program is sharable data, storing the logic data of the application program in a main SE, wherein the main SE is an element for bearing the NFC function;
the following rules are set for a given type of application: only one application is allowed to be activated for the same type of application at the same time; storing the logic data of the activated application program in the specified type in a main SE, and storing the logic data of other application programs in the specified type in a sub SE;
and comparing the size of the logic data of the application program with a second set threshold, if the size of the logic data of the application program is smaller than the second set threshold, storing the logic data of the application program in the main card, and if the size of the logic data of the application program is larger than or equal to the second set threshold, storing the logic data of the application program in the auxiliary card.
Optionally, the second set threshold is a fixed threshold set by a manager according to experience, or,
the second set threshold is a dynamically changing threshold set based on the total main card capacity and the remaining main card capacity.
Optionally, the adjusting unit is further configured to:
in the process of using the second preset condition, if at least two rules contained in the second preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; alternatively, the first and second electrodes may be,
and informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
Optionally, the adjusting unit is further configured to:
after each detection is finished, counting the occupation ratio of the application program with the adjusted storage position of the logic data;
if the occupation ratio is determined to be higher than a first threshold value, shortening the cycle duration according to a first set step length;
and if the ratio is determined to be lower than the second threshold value, prolonging the period duration according to a second set step length.
Further comprising:
the processing unit is used for receiving a calling instruction of a first application program, wherein personalized data of the first application program is stored in a main SE, and logic data is stored in a secondary SE; caching the logic data of the first application program stored in the auxiliary card in a main SE; and calling the personalization data of the first application program from the main SE to complete a verification process, and calling the logic data of the first application program from the main SE to execute the calling instruction.
A storage medium storing a program for implementing secure element, SE, space management, which when executed by a processor performs the steps of:
in the downloading process of the application program, the terminal stores the personalized data of the application program in the main SE, stores the logic data of the application program meeting the first preset condition in the main SE, and stores the logic data of the application program not meeting the first preset condition in the auxiliary SE;
and in the application program using process, the terminal detects the using condition of each application program according to a set period, and adjusts the storage position of the logic data of part of the application programs according to the detection result and the combination of a second preset condition.
A communications apparatus comprising one or more processors; and
one or more computer-readable media having instructions stored thereon that, when executed by the one or more processors, cause the apparatus to perform the method of any of the above.
The invention has the following beneficial effects:
in the embodiment of the invention, personalized data of an application program is stored in a main card with an NFC function, logic data of a part of application program is stored in the main card based on a first preset condition, logic data of other application programs are stored in an auxiliary card, meanwhile, in the use process of the subsequent application program, the use condition of the application program is periodically detected, and the storage position of the logic data of the part of application program is adjusted in real time by combining a second preset condition. Therefore, distributed storage of the SE space is realized, the SE space on the main card and the secondary card is reasonably utilized, the embarrassment that the SE space is insufficient when a user downloads a plurality of application programs is relieved, more choices are provided for the user to download the application programs, no perception is provided when the user uses the application programs as much as possible, and the user experience is ensured; furthermore, the possibility that the user deletes/downloads the application program for many times can be reduced, and platform resources and network resources are saved, so that the system performance is effectively improved. And is convenient for expansion.
Drawings
FIG. 1 is a diagram of a TSM operating system in the prior art;
fig. 2 is a schematic diagram of a networking structure supporting an NFC-SWP scheme in the prior art;
FIG. 3 is a system architecture diagram according to an embodiment of the present invention;
FIG. 4 is a flowchart illustrating the SE space management performed by the terminal according to the embodiment of the present invention;
FIG. 5 is a flowchart illustrating application download according to an embodiment of the present invention;
FIG. 6 is a flow chart illustrating application usage in accordance with an embodiment of the present invention;
fig. 7 is a schematic diagram of a terminal function structure according to an embodiment of the present invention.
Detailed Description
In order to realize reasonable application of SE space resources, the invention provides a SE space management method based on distributed storage, which stores logic data (Applet) and personalized data of an application program separately, stores the personalized data with small occupied space and high safety requirement in SE1(NFC-SIM card), and stores the Applet with larger occupied space in other SE media, thereby relieving the problem of insufficient SE space when a user downloads card application by using the NFC-SIM card.
Preferred embodiments of the present invention will be described in further detail below with reference to the accompanying drawings.
Referring to fig. 3, in the embodiment of the present invention, the system architecture mainly includes three parts: TSM, terminal and card.
The TSM serves as a card issuer trusted service management platform and is mainly responsible for uniformly managing user and SE resources, completing application verification and release, and providing operations such as application program downloading, personalization processing and the like for the user.
The terminal, in the embodiment of the invention, is added with an SE management module, and the main functions of the SE management module are as follows:
first, the function is detected. The method is particularly used for detecting and reading SE information in all card slots of the terminal and recording the SE information.
The SE information includes: SE type (whether NFC-SWP card or not), NFC unique identification code (SEID), available memory size, issuer information, downloaded SE application information, and the like, wherein the downloaded SE application information includes at least an application name, an application type, an application size, a usage frequency, whether it is a shared Applet or not, an Applet storage location, a personalized data storage location.
Next, a distributed storage rule is stored, and when an application program is downloaded, based on the distributed storage rule, whether the application program is stored in SE1 or SE2 is selected.
And thirdly, performing data synchronization in the operation process of the application program.
When the application program is used, matching is carried out on the Applet and the personalized data of the application program so as to complete the operation of using the application program and the like.
Finally, the Applet and the personalization data of the application are stored separately.
When the application program is called for operation and use, the Applet needs to be cached to complete the operation flow of the application program. The application may be cached in the OS layer of the terminal, i.e. may be temporarily stored in SE 2; it may also be temporarily stored in SE1 of the NFC-SIM card.
The card is divided into a main card (recorded as SE1) and a secondary card (recorded as SE2), wherein the main card SE1 is an NFC-SIM card (located in an SE1 card slot), and the secondary card SE2 can be an NFC-SIM card or other SE card types (such as an NFC-SD card).
In the embodiment of the present invention, the distributed storage rule may be set based on the following principle: when application downloading and installation are performed, the distributed storage for SE1 and SE2 may be performed according to preset application storage rules. Assuming that SE1 is an NFC-SIM card (primary card) and SE2 is an SD card (secondary card), in order to make reasonable use of the storage space of SE1, an Applet to be applied in part, and personalization data of all applications can be stored in SE 1; the SE2 stores applets for all the remaining applications. Specific distributed storage rules will be described in the following embodiments.
Based on the system architecture, referring to fig. 4, in the embodiment of the present invention, a specific manner for a terminal to manage an SE space is as follows:
step 400: in the downloading process of the application program, the terminal stores the personalized data of the application program in the main SE, stores the logic data (namely, Applet) of the application program meeting the first preset condition in the main SE, and stores the logic data of the application program not meeting the first preset condition in the auxiliary SE.
Specifically, in the embodiment of the present invention, the first preset condition at least includes any one or any combination of the following rules:
a) if the logic data of the application program is sharable data, storing the logic data of the application program in a main SE (namely SE1), wherein the main SE is an element bearing an NFC function, such as an NFC-SIM card;
in practice, some logic data may share several sets of personalization data and thus be packaged into different applications, and therefore, it is necessary that the logic data to be shared may be stored in the SE 1.
b) If the following rules are set for a specified type of application: only one application is allowed to be activated for the same type of application at the same time; the activated application program logic data in the specified type is stored in the main SE, and the logic data of other application programs in the specified type is stored in the sub SE.
Specifically, in the embodiment of the present invention, distributed storage may also be performed according to the type of the application program. Alternatively, only one application of the same type of applications may be allowed to be activated at a time (for example, a financial type application, and only one application may be activated at a time) in the partial type of applications, and thus, the activated application of the partial type of applications may be stored in SE1, and the other applications may be stored in SE 2.
c) The logical data size of the application program is compared with a first set threshold, and if the logical data size of the application program is smaller than the first set threshold, the logical data of the application program is stored in SE1, and if the logical data size of the application program is greater than or equal to a second set threshold, the logical data of the application program is stored in SE 2.
Specifically, the first setting threshold may be set in a static manner or may be set in a dynamic manner.
1) Static mode.
Usually the available space of SE1 (e.g. SE of an NFC-SIM card) is approximately 300Kb, whereas logical data typically has a size of 40 Kb), so that a fixed threshold value, e.g. 20Kb, can be set empirically by the administrator.
2) A dynamic mode.
And setting a dynamically-changed threshold value based on the total capacity of the main card and the residual capacity of the main card, wherein the value of the threshold value is positively correlated with the ratio of the total capacity of the main card to the first set parameter, positively correlated with the ratio of the residual capacity of the main card to the second set parameter, and positively correlated with the third set parameter.
For example, the threshold value generation formula is:
max (Min ((SE1 total capacity/a), (SE1 remaining capacity/b)), c), where a is a first preset parameter, b is a second preset parameter, c is a third preset parameter, optionally, a has a value range of [5, 15], b has a value range of [2, 4], and c has a value range of [15Kb, 25Kb ]
As can be seen from the above formula, since the value of the SE1 remaining capacity/b dynamically changes as the number of downloaded applications increases, the magnitude comparison relationship between (SE1 total capacity/a), (SE1 remaining capacity/b), and c also changes, and therefore, the value of the first set threshold set by the above formula gradually decreases as the number of downloaded applications increases, so that the SE space can be more reasonably planned.
Further, in the process of using the first preset condition, if at least two rules included in the second preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; or informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
Step 410: and in the application program using process, the terminal detects the using condition of each application program according to a set period, and adjusts the storage position of the logic data of part of the application programs according to the detection result and the combination of a second preset condition.
Specifically, in the embodiment of the present invention, the second preset condition at least includes any one or any combination of the following rules:
A) according to the use condition of each application program, screening out N application programs with the highest use frequency in a set time length (such as monthly, weekly and the like), wherein N is a preset parameter. Then, the logic data of the N application programs are stored in the main SE, and the logic data of other application programs are stored in the auxiliary card.
Since the usage habit of the application program of the user changes with time, the terminal needs to transfer the logic data of the application program with high usage frequency into SE1 and the logic data of the application program with low usage frequency into SE2 periodically.
Of course, the dump is for the application program whose current storage location does not meet the second preset condition, and if the application program whose use frequency is high is currently in SE1, the storage location is maintained.
B) If the logic data of the application program is sharable data, the logic data of the application program is stored in a main SE, and the main SE is an element bearing an NFC function, such as an NFC-SIM card.
In practice, some logic data may share several sets of personalization data and thus be packaged into different applications, and therefore, it is necessary that the logic data to be shared may be stored in the SE 1.
C) If the following rules are set for a specified type of application: only one application is allowed to be activated for the same type of application at the same time; the activated application program logic data in the specified type is stored in the main SE, and the logic data of other application programs in the specified type is stored in the sub SE.
Specifically, in the embodiment of the present invention, distributed storage may also be performed according to the type of the application program. Alternatively, only one application of the same type of applications may be allowed to be activated at a time (for example, a financial type application, and only one application may be activated at a time) in the partial type of applications, and thus, the activated application of the partial type of applications may be stored in SE1, and the other applications may be stored in SE 2.
D) And comparing the logic data size of the application program with a first set threshold, if the logic data size of the application program is smaller than the first set threshold, storing the logic data of the application program in the main SE, and if the logic data size of the application program is larger than or equal to a second set threshold, storing the logic data of the application program in the auxiliary SE.
The value of the second set threshold may be the same as or different from the value of the first set threshold mentioned in the rule c), and the value may be flexibly set by the administrator according to different requirements of the application program downloading process and the application program using process, which is not described herein again.
Specifically, the second setting threshold may be set in a static manner or in a dynamic manner.
1) Static mode.
Usually the available space of SE1 (e.g. SE of an NFC-SIM card) is approximately 300Kb, whereas logical data typically has a size of 40 Kb), so that a fixed threshold value, e.g. 20Kb, can be set empirically by the administrator.
2) A dynamic mode.
And setting a dynamically-changed threshold value based on the total capacity of the main card and the residual capacity of the main card, wherein the value of the threshold value is positively correlated with the ratio of the total capacity of the main card of SE1 to the first set parameter, positively correlated with the ratio of the residual capacity of the main card to the second set parameter, and positively correlated with the third set parameter.
For example, the threshold value generation formula is:
max (Min ((SE1 total capacity/a), (SE1 remaining capacity/b)), c), where a is a first preset parameter, b is a second preset parameter, c is a third preset parameter, optionally, a has a value range of [5, 15], b has a value range of [2, 4], and c has a value range of [15Kb, 25Kb ]
As can be seen from the above formula, since the value of the SE1 remaining capacity/b dynamically changes as the number of downloaded applications increases, the magnitude comparison relationship between (SE1 total capacity/a), (SE1 remaining capacity/b), and c also changes, and therefore, the value of the second set threshold set by the above formula gradually decreases as the number of downloaded applications increases, so that the SE space can be more reasonably planned.
In the process of using the second preset condition, if at least two rules contained in the second preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; alternatively, the first and second electrodes may be,
and informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
In the above embodiment, optionally, the detection period of the use condition of the application program is generally set to 30 days to 90 days, so that the user experience is better.
After each detection period is finished, the terminal readjusts the layout of the logic data of the application programs in the main card and the auxiliary card based on the detection result. Further, the occupation ratio of the application program with the adjusted storage position of the logic data is counted, when the occupation ratio is determined to be higher than a first threshold value, the cycle duration is shortened according to a first set step length, and when the occupation ratio is determined to be lower than a second threshold value, the cycle duration is prolonged according to a second set step length; optionally, a value range of the first threshold is [ 10%, 40% ], a value range of the second threshold is [ 5%, 20% ], the first threshold is greater than the second threshold, and the first setting step and the second setting step may be the same or different, and both the value ranges thereof are [ 10%, 50% ].
Further, in the embodiment of the present invention, for the case that the logic data and the personalization data of the application are both stored in the same SE, the operation may be performed in the existing manner, but for the case that the logic data and the personalization data of the application are stored in different SEs, a corresponding application download flow and usage flow need to be designed.
Of course, in the above embodiment, only SE1 is taken as a main card and SE2 is taken as an auxiliary card, but in practical application, SE1 and SE2 may both be taken as main cards or auxiliary cards, and only a card with an NFC function needs to be taken as a main card, that is, SE2 may also be taken as a main card and SE1 as an auxiliary card.
Referring to fig. 5, in the embodiment of the present invention, assuming that the logic data of the application program should be stored in SE1 and the personalization data should be stored in SE2 according to the application storage rule, the detailed flow of downloading the application program is as follows:
step 501; and the user triggers an application program downloading process through the terminal.
Step 502: the terminal initiates an application program downloading request to the TSM.
Specifically, the application program download request carries information including an application program name and an application program AID.
Step 503: the TSM performs application screening, determines whether the application is downloadable, and returns application information.
Specifically, the application information includes an application type, an application size, whether to share an Applet, and the like. ) (ii) a
Step 504: and the terminal sends an application program downloading initialization request to the SE management module.
Step 505: the SE management module carries out downloading initialization of the application program, executes application storage rules, selects and confirms relevant information of SE2 for storing the logic data of the application program;
step 506: and the SE management module returns an application program downloading initialization response.
The application program download initialization response at least comprises the following steps: identification of SE2 (SEID), size of available space, availability or not, etc.
Step 507: and the terminal requests the TSM to download the application program.
The request sent by the terminal at least comprises: identification (SEID) of SE2, size of available space, etc.
Step 508: the TSM performs an application download qualification check.
Specifically, the TSM needs to determine whether the space size of SE2 meets the application download requirements, whether a security domain has been established, whether AC rules have been downloaded, and so on.
Step 509: the TSM generates application download and installation instructions.
Step 510: and the TSM issues the application downloading and installation instruction to the terminal.
Step 511: the terminal forwards the application download and installation instructions to SE 2.
Step 512: after the SE2 executes the application download and install instruction, the execution result is returned.
Step 513: and the terminal feeds back the execution result of downloading and installation to the TSM.
Step 514: and the TSM records the execution results of the downloading and installation of the application program and returns an application program downloading response.
Step 515: the terminal triggers the application personalization initialization procedure.
Step 516: the terminal sends an application personalization initialization request to the SE management module.
517: the SE management module performs application personalization initialization, selecting and identifying the area storing user personalization data as SE 1.
Step 518: the SE management module returns an application personalization initialization response.
The application program personalized initialization response at least comprises the following steps: identification of SE1, available space, etc.
Step 519: the terminal requests application personalization from the TSM.
Step 520: the TSM performs an application personalization qualification check to determine if the security domain key of SE1 has been updated.
Step 521: and the TSM issues a security domain key updating instruction to the terminal.
Step 522: the terminal forwards the security domain key update instruction to SE 1.
Step 523: SE1 executes the security domain rekeying instruction and returns the execution result.
Step 524: the terminal forwards the execution result of the key update result to the TSM.
Step 525: the TSM generates application personalization instructions.
Step 526: the TSM issues application personalization instructions.
Step 527: the terminal forwards the application personalization instructions to SE 1.
Step 528: SE1 executes the application personalization instructions and returns the execution results.
Step 529: the terminal forwards the application personalization instructions to the TSM.
Step 530: the TSM records the application personalization result and returns an application personalization response.
In the above embodiment, the terminal downloads the application's logic data (Applet) to SE1, and then downloads the application's personalization data to SE2, and the security domain key update is performed to protect the data security of the personalization data from TSM to SE 2.
Referring to fig. 6, in the embodiment of the present invention, assuming that the logic data of the application program is stored in SE2 and the personalization data is to be stored in SE1, the detailed flow of using the application program is as follows:
step 601: the user places the terminal with the NFC function on the POS terminal, and the POS terminal sends an application program selection instruction to an SE management module on the terminal.
The application selection instruction at least includes AID information (assumed to be AID1) of the application.
Step 602: the terminal executes the SE initialization procedure.
Specifically, the terminal determines the SE location where the logic data and the personalization data of the application corresponding to the AID1 are located, and the detection result shows that the logic data is located in the SE 2.
Step 603: the terminal sends an SE initialization command including at least AID information of the application 1 that has been selected for use to the SE 2.
Step 604: SE2 synchronizes application 1's logical data into SE 1's cache.
Step 605: after the SE1 installs the logical data of application 1, an application synchronization completion response is returned to SE 2.
Step 606: the SE2 returns a SE initialization complete response to the terminal.
Step 607: and the terminal returns an application program selection instruction response to the POS terminal.
Step 608: after the POS terminal selects the application program 1, an application program initialization instruction is sent to the terminal to request to read the logic data of the application program 1.
According to the logic data of the application 1, the POS terminal can know the functions that the application 1 has and which support needs to be provided.
Step 609: the terminal forwards the application initialization instruction to SE 1.
Step 610: the SE1 returns an application initialization command response to the terminal.
Step 611: and the terminal returns an application initialization instruction response to the POS terminal.
Step 612: the POS terminal sends a Generate application Cryptogram (generation AC) instruction to the terminal to obtain an authorization Request Cryptogram (ARQC) Cryptogram generated by the application program 1 and the balance of the bank card corresponding to the application program 1.
Step 613: the terminal forwards the Generate AC instruction into SE 1.
After step 607, the logic data of application 1 and the personalization data are stored together in SE1, so that, in step 612, the terminal can complete the reception and execution of the instruction by reading the logic data of application 1, and the terminal can complete the ciphertext check and the bank card balance inquiry, etc. by reading the personalization data of application 1.
Step 614: application 1 in SE1 deducts funds based on the GenerateAC command.
Step 615: the SE1 returns a Generate AC command response to the terminal.
The generation AC command response contains at least the processing decisions (approval offline, rejection offline, application for online authorization) of the application 1 for this transaction.
Step 616: the terminal Generate AC command response is forwarded to the POS terminal.
Based on the above embodiments, referring to fig. 7, in an embodiment of the present invention, an SE management module in a terminal at least includes a storage unit 70 and an adjusting unit 71, wherein,
the storage unit 70 is used for storing the personalized data of the application program in the main SE by the terminal in the downloading process of the application program, storing the logic data of the application program meeting the first preset condition in the main SE, and storing the logic data of the application program not meeting the first preset condition in the auxiliary SE;
and the adjusting unit 71 is configured to, during the application program using process, detect the use status of each application program according to a set period by the terminal, and adjust the storage location of the logic data of the partial application program according to the detection result and by combining with a second preset condition.
Optionally, the first preset condition at least includes any one or any combination of the following rules:
if the logic data of the application program is sharable data, storing the logic data of the application program in a main SE, wherein the main SE is an element for bearing the NFC function;
if the following rules are set for a specified type of application: only one application is allowed to be activated for the same type of application at the same time; storing the logic data of the activated application program in the specified type in a main SE, and storing the logic data of other application programs in the specified type in a sub SE;
and comparing the size of the logic data of the application program with a first set threshold, if the size of the logic data of the application program is smaller than the first set threshold, storing the logic data of the application program in the main card, and if the size of the logic data of the application program is larger than or equal to the first set threshold, storing the logic data of the application program in the auxiliary card.
Optionally, the first set threshold is a fixed threshold set by a manager according to experience, or,
the first set threshold is a dynamically changing threshold set based on the total main card capacity and the remaining main card capacity.
Optionally, the storage unit 70 is further configured to:
in the process of using the first preset condition, if at least two rules contained in the first preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; alternatively, the first and second electrodes may be,
and informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
Optionally, the second preset condition at least includes one or any combination of the following rules
Screening N application programs with the highest use frequency of set duration according to the use condition of each application program, storing logic data of the N application programs in a main SE, and storing logic data of other application programs in a secondary card;
if the logic data of the application program is sharable data, the logic data of the application program is stored in a main SE, and the main SE is an element bearing an NFC function, such as an NFC-SIM card.
In practice, some logic data may share several sets of personalization data and thus be packaged into different applications, and therefore, for logic data that needs to be shared, may be stored in the master SE.
If the logic data of the application program is sharable data, storing the logic data of the application program in a main SE, wherein the main SE is an element for bearing the NFC function;
the following rules are set for a given type of application: only one application is allowed to be activated for the same type of application at the same time; storing the logic data of the activated application program in the specified type in a main SE, and storing the logic data of other application programs in the specified type in a sub SE;
and comparing the size of the logic data of the application program with a second set threshold, if the size of the logic data of the application program is smaller than the second set threshold, storing the logic data of the application program in the main card, and if the size of the logic data of the application program is larger than or equal to the second set threshold, storing the logic data of the application program in the auxiliary card.
Optionally, the second set threshold is a fixed threshold set by a manager according to experience, or,
the second set threshold is a dynamically changing threshold set based on the total main card capacity and the remaining main card capacity.
Optionally, the adjusting unit 71 is further configured to:
in the process of using the second preset condition, if at least two rules contained in the second preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; alternatively, the first and second electrodes may be,
and informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
Optionally, the adjusting unit 71 is further configured to:
after each detection is finished, counting the occupation ratio of the application program with the adjusted storage position of the logic data;
if the occupation ratio is determined to be higher than a first threshold value, shortening the cycle duration according to a first set step length;
and if the ratio is determined to be lower than the second threshold value, prolonging the period duration according to a second set step length.
Further comprising:
the processing unit 72 is configured to receive a call instruction of a first application program, where personalized data of the first application program is stored in a primary SE, and logical data is stored in a secondary SE; caching the logic data of the first application program stored in the auxiliary card in a main SE; and calling the personalization data of the first application program from the main SE to complete a verification process, and calling the logic data of the first application program from the main SE to execute the calling instruction.
A storage medium storing a program for implementing secure element, SE, space management, which when executed by a processor performs the steps of:
in the downloading process of the application program, the terminal stores the personalized data of the application program in the main SE, stores the logic data of the application program meeting the first preset condition in the main SE, and stores the logic data of the application program not meeting the first preset condition in the auxiliary SE;
and in the application program using process, the terminal detects the using condition of each application program according to a set period, and adjusts the storage position of the logic data of part of the application programs according to the detection result and the combination of a second preset condition.
A communications apparatus comprising one or more processors; and
one or more computer-readable media having instructions stored thereon that, when executed by the one or more processors, cause the apparatus to perform the method of any of the above.
In summary, in the embodiment of the present invention, during the downloading process, it is proposed to store personalized data of an application program to a main card having an NFC function, store logic data of a part of the application program to the main card based on a first preset condition, and store logic data of other application programs to a secondary card, and meanwhile, during a subsequent application program use process, periodically detect a use status of the application program, and adjust a storage location of the logic data of the part of the application program in real time in combination with a second preset condition. Therefore, distributed storage of the SE space is realized, the SE space on the main card and the secondary card is reasonably utilized, the embarrassment that the SE space is insufficient when a user downloads a plurality of application programs is relieved, more choices are provided for the user to download the application programs, no perception is provided when the user uses the application programs as much as possible, and the user experience is ensured; furthermore, the possibility that the user deletes/downloads the application program for many times can be reduced, and platform resources and network resources are saved, so that the system performance is effectively improved. And is convenient for expansion.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made in the embodiments of the present invention without departing from the spirit or scope of the embodiments of the invention. Thus, if such modifications and variations of the embodiments of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to encompass such modifications and variations.

Claims (12)

1. A Secure Element (SE) space management method is characterized by comprising the following steps:
in the downloading process of the application program, the terminal stores the personalized data of the application program in the main SE, stores the logic data of the application program meeting the first preset condition in the main SE, and stores the logic data of the application program not meeting the first preset condition in the auxiliary SE;
and in the application program using process, the terminal detects the using condition of each application program according to a set period, and adjusts the storage position of the logic data of part of the application programs according to the detection result and the combination of a second preset condition.
2. The method according to claim 1, wherein the first preset condition comprises at least any one or any combination of the following rules:
if the logic data of the application program is sharable data, storing the logic data of the application program in a main SE, wherein the main SE is an element for bearing the NFC function;
if the following rules are set for a specified type of application: only one application is allowed to be activated for the same type of application at the same time; storing the logic data of the activated application program in the specified type in a main SE, and storing the logic data of other application programs in the specified type in a sub SE;
and comparing the size of the logic data of the application program with a first set threshold, if the size of the logic data of the application program is smaller than the first set threshold, storing the logic data of the application program in the main card, and if the size of the logic data of the application program is larger than or equal to the first set threshold, storing the logic data of the application program in the auxiliary card.
3. The method of claim 2, wherein the first set threshold is a fixed threshold set empirically by a manager, or,
the first set threshold is a dynamically changing threshold set based on the total main card capacity and the remaining main card capacity.
4. The method of claim 2, further comprising:
in the process of using the first preset condition, if at least two rules contained in the first preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; alternatively, the first and second electrodes may be,
and informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
5. The method according to claim 1, wherein the second preset condition includes at least one or any combination of the following rules:
screening N application programs with the highest use frequency of set duration according to the use condition of each application program, storing logic data of the N application programs in a main SE, and storing logic data of other application programs in a secondary card;
if the logic data of the application program is sharable data, storing the logic data of the application program in a main SE, wherein the main SE is an element bearing an NFC function;
if the logic data of the application program is sharable data, storing the logic data of the application program in a main SE, wherein the main SE is an element for bearing the NFC function;
for the application programs of the specified types, if only one application program is allowed to be activated in the same time, storing the logic data of the activated application program in the specified types in the main SE, and storing the logic data of other application programs in the specified types in the auxiliary SE;
comparing the logic data size of the application program with a second set threshold, if the logic data size of the application program is smaller than the second set threshold, storing the logic data of the application program in a main card, and if the logic data size of the application program is larger than or equal to the second set threshold, storing the logic data of the application program in a secondary card.
6. The method of claim 5, wherein the second set threshold is a fixed threshold set empirically by a manager, or,
the second set threshold is a dynamically changing threshold set based on the total main card capacity and the remaining main card capacity.
7. The method of claim 5, further comprising:
in the process of using the second preset condition, if at least two rules contained in the second preset condition conflict, executing a rule with the highest priority in the at least two rules according to the priority set corresponding to each rule; alternatively, the first and second electrodes may be,
and informing the user of the at least two rules, and executing the corresponding rules according to the user instruction.
8. The method of claim 5, further comprising:
after each detection is finished, counting the occupation ratio of the application program with the adjusted storage position of the logic data;
if the occupation ratio is determined to be higher than a first threshold value, shortening the cycle duration according to a first set step length;
and if the ratio is determined to be lower than the second threshold value, prolonging the period duration according to a second set step length.
9. The method of any one of claims 1-8, further comprising: a
Receiving a calling instruction of a first application program, wherein the personalized data of the first application program is stored in a main SE, and the logic data is stored in a secondary SE;
caching the logic data of the first application program stored in the auxiliary card in a main SE;
and calling the personalization data of the first application program from the main SE to complete a verification process, and calling the logic data of the first application program from the main SE to execute the calling instruction.
10. A Secure Element (SE) space management apparatus, comprising:
the storage unit is used for storing the personalized data of the application program in the main SE by the terminal in the downloading process of the application program, storing the logic data of the application program meeting the first preset condition in the main SE, and storing the logic data of the application program not meeting the first preset condition in the auxiliary SE;
and the adjusting unit is used for detecting the use condition of each application program according to a set period by the terminal in the use process of the application program and adjusting the storage position of the logic data of part of the application programs according to the detection result and the combination of a second preset condition.
11. A storage medium storing a program for implementing secure element SE space management, the program, when executed by a processor, performing the steps of:
in the downloading process of the application program, the terminal stores the personalized data of the application program in the main SE, stores the logic data of the application program meeting the first preset condition in the main SE, and stores the logic data of the application program not meeting the first preset condition in the auxiliary SE;
and in the application program using process, the terminal detects the using condition of each application program according to a set period, and adjusts the storage position of the logic data of part of the application programs according to the detection result and the combination of a second preset condition.
12. A communications apparatus comprising one or more processors; and
one or more computer-readable media having instructions stored thereon that, when executed by the one or more processors, cause the apparatus to perform the method of any of claims 1-8.
CN201710607881.7A 2017-07-24 2017-07-24 SE space management method and device Active CN109302289B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710607881.7A CN109302289B (en) 2017-07-24 2017-07-24 SE space management method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710607881.7A CN109302289B (en) 2017-07-24 2017-07-24 SE space management method and device

Publications (2)

Publication Number Publication Date
CN109302289A CN109302289A (en) 2019-02-01
CN109302289B true CN109302289B (en) 2021-07-30

Family

ID=65167035

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710607881.7A Active CN109302289B (en) 2017-07-24 2017-07-24 SE space management method and device

Country Status (1)

Country Link
CN (1) CN109302289B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102057386A (en) * 2008-06-06 2011-05-11 电子湾有限公司 Trusted service manager (TSM) architectures and methods
CN102411742A (en) * 2011-12-27 2012-04-11 大唐微电子技术有限公司 Mobile terminal
CN103138790A (en) * 2011-11-23 2013-06-05 捷讯研究有限公司 Mobile communications device providing secure element data wiping features and related methods
US8875228B2 (en) * 2011-11-01 2014-10-28 Jvl Ventures, Llc Systems, methods, and computer program products for managing secure elements
CN104571930A (en) * 2013-10-10 2015-04-29 中国移动通信集团公司 Management method and management system of security domain storage spaces as well as multi-application open platform device
CN106557372A (en) * 2015-09-30 2017-04-05 中国移动通信集团公司 A kind of method of Application share, device and terminal
CN106888448A (en) * 2015-12-15 2017-06-23 中国移动通信集团公司 Using method for down loading, safety element and terminal
US10613849B2 (en) * 2016-09-23 2020-04-07 Visa International Service Association Update migration system and method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8447699B2 (en) * 2009-10-13 2013-05-21 Qualcomm Incorporated Global secure service provider directory

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102057386A (en) * 2008-06-06 2011-05-11 电子湾有限公司 Trusted service manager (TSM) architectures and methods
US8875228B2 (en) * 2011-11-01 2014-10-28 Jvl Ventures, Llc Systems, methods, and computer program products for managing secure elements
CN103138790A (en) * 2011-11-23 2013-06-05 捷讯研究有限公司 Mobile communications device providing secure element data wiping features and related methods
CN102411742A (en) * 2011-12-27 2012-04-11 大唐微电子技术有限公司 Mobile terminal
CN104571930A (en) * 2013-10-10 2015-04-29 中国移动通信集团公司 Management method and management system of security domain storage spaces as well as multi-application open platform device
CN106557372A (en) * 2015-09-30 2017-04-05 中国移动通信集团公司 A kind of method of Application share, device and terminal
CN106888448A (en) * 2015-12-15 2017-06-23 中国移动通信集团公司 Using method for down loading, safety element and terminal
US10613849B2 (en) * 2016-09-23 2020-04-07 Visa International Service Association Update migration system and method

Also Published As

Publication number Publication date
CN109302289A (en) 2019-02-01

Similar Documents

Publication Publication Date Title
US6961587B1 (en) Storage media
US10205833B2 (en) Graphical user interface and method for mobile device activation
US10645573B2 (en) Postponed carrier configuration
KR101463586B1 (en) Local trusted services manager for a contactless smart card
JP5607273B2 (en) Writing application data to the secure element
CN103155612B (en) Use key trusteeship service that user is selected between security service provider
US9208483B2 (en) Sharing or reselling NFC applications among mobile communications devices
EP1441553B1 (en) Method and system of remotely controlling a portable terminal by inserting a storage medium
US20130262302A1 (en) Systems, methods, and computer program products for provisioning payment accounts into mobile wallets and managing events
US20130311383A1 (en) Global secure service provider directory
EP1942698A1 (en) Method and system for mobile device activation
WO2003096723A1 (en) Method and system of replacing smart card
CN101909277A (en) System and method for realizing real-name management and terminals
JP2015533236A (en) System, method and computer program product for managing data reinstallation
JP2013081051A (en) Information processing device, communication system, and information processing method
JP2017005735A (en) Radio communication apparatus, radio communication method, and program
CN104462893A (en) Method and device for managing multiple SE modules
US11503456B1 (en) Maintaining electronic subscriber identity module (eSIM) profiles across multiple mobile network operators (MNOs)
CN107273147A (en) A kind of many SE management method and device
CN109076126A (en) Permission update method and terminal device
CN109302289B (en) SE space management method and device
CN107679871A (en) List management method, device, system and computer-readable recording medium
CN108021967A (en) Replicate the method, apparatus and computer-readable recording medium of smart card
EP1303153B1 (en) Apparatus and method for selecting software modules in a mobile terminal
KR20160134419A (en) Method for changing the subscriber identification information of terminal using smart card including multiple subscriber identification information, terminal and computer program thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant