CN115497206A - Method and system for copying encrypted access control card and storage medium - Google Patents

Method and system for copying encrypted access control card and storage medium Download PDF

Info

Publication number
CN115497206A
CN115497206A CN202210939645.6A CN202210939645A CN115497206A CN 115497206 A CN115497206 A CN 115497206A CN 202210939645 A CN202210939645 A CN 202210939645A CN 115497206 A CN115497206 A CN 115497206A
Authority
CN
China
Prior art keywords
sector
card
access control
data
copying
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210939645.6A
Other languages
Chinese (zh)
Other versions
CN115497206B (en
Inventor
李玲
周向涛
费林深
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eastcompeace Technology Co Ltd
Original Assignee
Eastcompeace Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eastcompeace Technology Co Ltd filed Critical Eastcompeace Technology Co Ltd
Priority to CN202210939645.6A priority Critical patent/CN115497206B/en
Publication of CN115497206A publication Critical patent/CN115497206A/en
Application granted granted Critical
Publication of CN115497206B publication Critical patent/CN115497206B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method, a system and a storage medium for copying an encrypted access control card, and relates to the technical field of mobile communication. The method for copying the encrypted access card comprises the following steps: acquiring a first identifier of an entity access control card; acquiring a second identifier of a community, and sending the first identifier and the second identifier to a TSM platform, so that the TSM platform selects a corresponding community cloud platform according to the second identifier, sends the first identifier to the community cloud platform, and receives a sector key acquired by the community cloud platform according to the first identifier; receiving a sector key sent by a TSM platform, and reading sector data of an entity access control card according to the sector key; and generating a data writing command according to the sector data, and sending the data writing command to the SIM card so that the SIM card acquires the sector data to realize the copying of the entity access control card. According to the method for copying the encrypted access card, the encrypted access card can be copied, so that a user can open the door through the mobile terminal.

Description

Method and system for copying encrypted access control card and storage medium
Technical Field
The invention relates to the technical field of mobile communication, in particular to a method and a system for copying an encrypted access control card and a storage medium.
Background
The logical encryption card is also called as a Mifare One card (M1 card), manages data by taking a sector as a unit, each sector is divided into 4 data blocks, each data block occupies 16 bytes, the 0 th block to the 2 th block of each sector are used for storing data, and the 3 rd block is a key control byte block and is used for storing sector keys KeyA and KeyB. According to the ISO14443 standard, the Mifare sector supports command operations such as read and write, but before the operation, auth verification (authentication) needs to be performed by using keys KeyA and KeyB, and the operation can be performed after the Auth verification is passed.
At present, most of access control card products use the Mifare One technology, the market share is very large, if the emerging mobile phone door opening business is widely applied, firstly, the simulation copy of the access control cards is realized, and the user can open the door by using the mobile phone instead of the entity access control card. At present, a mobile phone supporting an NFC (Near Field Communication) function can copy an unencrypted access card, however, when the access card with a non-default sector key and encrypted sector data is encountered, most of the mobile phones prompt that "the copy of the access card is not supported temporarily", which brings inconvenience to mobile phone users, and cannot use the mobile phone to replace the access card to open the door.
Disclosure of Invention
The present invention is directed to solving at least one of the problems of the prior art. Therefore, the invention provides a method, a system and a storage medium for copying an encrypted access control card, which can realize the copying of the encrypted access control card.
On one hand, the method for copying the encrypted access control card comprises the following steps:
acquiring a first identifier of an entity access control card;
acquiring a second identifier of a community, and sending the first identifier and the second identifier to a TSM (time series messaging) platform, so that the TSM platform selects a corresponding community cloud platform according to the second identifier, sends the first identifier to the community cloud platform, and receives a sector key acquired by the community cloud platform according to the first identifier;
receiving the sector key sent by the TSM platform, and reading the sector data of the entity access control card according to the sector key;
and generating a data writing command according to the sector data, and sending the data writing command to an SIM card so that the SIM card acquires the sector data to realize the copying of the entity access control card.
According to some embodiments of the invention, the data write command comprises a sector block number, a sector access key, and the sector data.
According to some embodiments of the present invention, the SIM card comprises a card operating system, a Mifare application, and a Mifare logical encryption zone; the generating a data write-in command according to the sector data, and sending the data write-in command to an SIM card to enable the SIM card to acquire the sector data, so as to implement the copying of the entity access control card, specifically includes:
communicating with the Mifare application through an SIM card access channel;
sending a command of obtaining a random number to the Mifare application, and receiving the random number returned by the Mifare application according to the command of obtaining the random number;
generating the data writing command according to the random number and the sector data, and sending the data writing command to the Mifare application;
after the data write-in command is verified by the Mifare application, the sector block number, the sector access key and the sector data are obtained;
the Mifare application sends the sector block number, the sector access key and the sector data to the card operating system;
and after the card operating system verifies the sector access key, writing the sector data into the Mifare logical encryption area according to the sector block number to realize the copying of the entity access control card.
According to some embodiments of the present invention, the obtaining the first identifier of the entity access control card specifically includes:
reading the entity access control card through an NFC technology to obtain the first identification of the entity access control card, wherein the first identification is the UID of the entity access control card.
According to some embodiments of the present invention, the receiving the sector key sent by the TSM platform, and reading the sector data of the entity access card according to the sector key specifically includes:
receiving the sector key sent by the TSM platform;
the identity of the entity access control card is verified according to the sector key;
and after the verification is successful, executing a reading operation to obtain the sector data of the entity access control card.
According to some embodiments of the invention, the TSM platform and the community cloud platform communicate with each other using a peer-to-peer secure encryption communication technique.
According to some embodiments of the invention, further comprising the steps of:
establishing communication with an entrance guard terminal;
the SIM card receives an identity authentication command sent by the access control terminal and reads the sector data after the authentication is passed;
and the SIM card sends the sector data to an access control terminal so that the access control terminal executes door opening operation according to the sector data.
On the other hand, the system for copying the encrypted access card according to the embodiment of the invention comprises:
a physical access card;
the mobile terminal is used for acquiring a first identifier of the entity access control card, acquiring a second identifier of a community, and sending the first identifier and the second identifier to the TSM platform;
the TSM platform is used for selecting a corresponding community cloud platform according to the second identification and sending the first identification to the community cloud platform;
the community cloud platform is used for acquiring a sector key according to the first identifier and sending the sector key to the TSM platform; the TSM platform is also used for sending the sector key to the mobile terminal; the mobile terminal is also used for reading sector data of the entity access control card according to the sector key, generating a data writing command according to the sector data, and sending the data writing command to an SIM card;
and the SIM card is used for acquiring the sector data according to the data writing command and realizing the copying of the entity access control card.
According to some embodiments of the present invention, the mobile terminal further includes an access control terminal, and the access control terminal is configured to send an authentication command to the SIM card, obtain the sector data sent by the SIM card after the authentication is passed, and execute a door opening operation according to the sector data.
On the other hand, according to the storage medium of the embodiment of the present invention, the storage medium stores computer-executable instructions for causing a computer to execute the method for copying the encrypted access card.
The method, the system and the storage medium for copying the encrypted access control card provided by the invention at least have the following beneficial effects: after the mobile terminal reads the first identification of the entity access control card, the first identification and the second identification of the community selected by the user are sent to the TSM platform together, the TSM platform selects a corresponding community cloud platform according to the second identification of the community, the first identification is sent to the community cloud platform, after the community cloud platform finds the sector key of the corresponding entity access control card according to the first identification, the sector key is returned to the mobile terminal through the TSM platform, the mobile terminal reads the sector data of the entity access control card according to the sector key, the sector data is written into the SIM card, the duplication of the entity access control card is realized, the technical problem of duplicating the encrypted access control card is solved, the user can open the door through the mobile terminal, and the operation of the user is facilitated.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a schematic diagram of a system architecture for copying an encrypted access card according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a SIM card according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating steps of a method for copying an encrypted access card according to an embodiment of the present invention;
fig. 4 is a schematic flow chart illustrating reading of sector data of a physical access control card according to an embodiment of the present invention;
FIG. 5 is a schematic flow chart illustrating a process of writing sector data of a physical access control card according to an embodiment of the present invention;
fig. 6 is a schematic flow chart illustrating opening of an access control through a mobile terminal according to an embodiment of the present invention;
reference numerals are as follows:
the system comprises an entity access control card 100, a mobile terminal 200, an SIM card 300, a TSM platform 400, a community cloud platform 500 and an access control terminal 600.
Detailed Description
Reference will now be made in detail to the present preferred embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like reference numerals refer to like elements throughout.
In the description of the present invention, unless otherwise specifically limited, terms such as set, installation, connection and the like should be understood in a broad sense, and those skilled in the art can reasonably determine the specific meanings of the above terms in the present invention by combining the specific contents of the technical solutions.
Interpretation of terms:
mifare: a series of non-contact smart cards owned by NXP Semiconductors and registered trademarks of the proximity card technology, mifare includes a series of non-contact smart card proprietary solutions that follow ISO/IEC 14443-A specification and utilize radio frequency identification (frequency is 13.56 MHz);
NFC: near Field Communication, near Field Communication;
SIM: subscriber Identity Module, user Identity Module;
COS: card Operation System, card operating System;
API: application Programming Interface, application program Interface;
and (3) Applet: applets, in the form including but not limited to Java applications or Native applications;
java Card: the technology mainly enables a smart card or a device close to the smart card to execute a small Java Applet in a safety protection mode, and the technology is also widely applied to SIM cards and debit cards;
java Applet: an applet written in the Java language;
native Card: the machine card;
native Applet: a native applet;
UID: user Identification, user identity certificate;
and (4) TSM: a Trusted Service Manager, trusted Service management platform;
APDU: an application protocol data unit;
android OS: android Operating System, android Operating System.
At present, most of access control card products use the Mifare One technology, the market share is very large, if the emerging mobile phone door opening business is widely applied, firstly, the simulation copy of the access control cards is realized, and the user can open the door by using the mobile phone instead of the entity access control card. At present, the cell-phone that supports the NFC function has been realized duplicating the encrypted entrance guard card of non-, however, when meetting the non-default value of sector key, sector data is by the encrypted entrance guard card, most then indicate "do not support the duplication of this type of entrance guard card temporarily", bring inconvenience for the cell-phone user, can't use the cell-phone to replace the entrance guard card and open the door.
In order to solve the technical problems, the invention provides a method and a system for copying an encrypted access card, wherein the method utilizes the NFC card reading technology, the SIM card access technology, the logic encryption card reading and writing technology of a mobile phone operating system and the multi-application expansion capability of an SIM card, and builds a system capable of copying the encrypted access card to the SIM card, thereby realizing the copying of the encrypted access card, enabling a user to open a door through a mobile phone and facilitating the operation of the user.
As shown in fig. 1, the system for copying an encrypted access control card according to the embodiment of the present invention includes an entity access control card 100, a mobile terminal 200 (including a client), a SIM card 300, a TSM platform 400, and a community cloud platform 500.
The SIM card 300 is disposed on the mobile terminal 200, and the mobile terminal 200 supports reading the physical access control card 100 through the NFC technology and supports accessing the SIM card 300 through the SIM card access technology. The mobile terminal 200 is responsible for communicating with the TSM platform 400 and acquiring Mifare authentication data; performing NFC communication with the physical access control card 100, and reading full sector data of the physical access control card 100; communicating with the SIM card 300, the full sector data of the physical access control card 100 is written into the SIM card 300.
The TSM platform 400 is used as an air card-issuing multi-application management platform of the "one-card multi-application" technology, and is responsible for communicating with the mobile terminal 200 and responding to a service request of the mobile terminal 200. The community cloud platform 500 is a service platform of the access control service, and is responsible for providing security authorization management between an access control card and an access control system. And a point-to-point secure encryption communication technology is adopted between the TSM platform and the community cloud platform for data protection.
As shown in fig. 2, the SIM Card 300 includes a Card Operating System (COS), a Mifare application (Applet) and a Mifare logical encryption area. The COS provides an API for accessing the Mifare logical encryption area, the Mifare application performs APDU instruction interaction with the mobile terminal 200, and the API provided by the COS is used to write the full-sector data of the entity access control card 100 into the Mifare logical encryption area. The Mifare application exists in the SIM card 300 of the embedded platform, and the structure of the SIM card 300 supports multi-application extension, so the Mifare application can be customized for a scene of copying the access control card; applications can be categorized as Applet applications or Native applications depending on whether the embedded platform is a Java Card or Native Card. The Applet application can be downloaded to the SIM card 300 through the TSM platform 400, and the Native application needs to be preset in the SIM card 300. The Mifare application implements a two-layer security mechanism, one is that the interaction with the mobile terminal 200 needs to ensure the security of the message and the sector data, and national encryption and international symmetric algorithms such as SM4, 3DES, AES, etc. can be adopted; and secondly, for the safe access to the Mifare sector, the safe storage of Mifare keys Key A and Key B and the operation of the Mifare access Key need to be realized, and the safe data and the Key are stored in the application safe EEPROM and cannot be directly acquired to the outside.
Based on the above system for copying the encrypted access control card, the embodiment of the invention provides a method for copying the encrypted access control card, as shown in fig. 3, the method comprises the following steps:
step S100: acquiring a first identifier of the entity access card 100;
step S200: acquiring a second identifier of a community, and sending the first identifier and the second identifier to the TSM platform 400, so that the TSM platform 400 selects the corresponding community cloud platform 500 according to the second identifier, sends the first identifier to the community cloud platform 500, and receives a sector key acquired by the community cloud platform 500 according to the first identifier;
step S300: receiving a sector key sent by the TSM platform 400, and reading sector data of the entity access card 100 according to the sector key;
step S400: and generating a data write-in command according to the sector data, and sending the data write-in command to the SIM card 300, so that the SIM card 300 acquires the sector data to realize the copy of the physical access control card 100.
As shown in fig. 4, the step S100 specifically includes: the physical access control card 100 is read through the NFC technology to obtain a first identifier of the physical access control card 100, where the first identifier is the UID of the physical access control card 100. More specifically, the mobile terminal 200 reads the physical access control card 100 using the NFC card reader mode of the Android OS, thereby acquiring the unique code UID of the physical access control card 100.
As shown in fig. 4, the step S200 includes: the mobile terminal 200 acquires an ID (i.e., a second identifier) of a corresponding community according to the selection of the user, and transmits the UID and the community ID to the TSM platform 400; the TSM platform 400 selects a corresponding community cloud platform 500 according to the community ID, and sends the UID to the community cloud platform 500, and the community cloud platform 500 finds the security authorization information (i.e., the sector key) of the corresponding entity access card 100 according to the UID, and returns the sector key to the TSM platform 400.
The step S300 specifically includes the following steps:
step S301: receiving a sector key sent by the TSM platform 400;
step S302: the identity of the entity access control card 100 is verified according to the sector key;
step S303: after the verification is successful, a read operation is performed to obtain sector data of the physical access control card 100.
As shown in fig. 4, the TSM platform 400 issues a sector key to the mobile terminal 200, and after the mobile terminal 200 performs authentication on the physical access control card 100 by using the sector key, the mobile terminal performs a read operation to obtain all sector data of the physical access control card 100.
After reading the sector data of the physical access control card 100, the sector data needs to be written into the SIM card 300, so as to complete the copying of the physical access control card 100. The step S400 further includes the following steps:
step S401: communicating with the Mifare application through an SIM card access channel;
step S402: sending a command of obtaining a random number to the Mifare application, and receiving the random number returned by the Mifare application according to the command of obtaining the random number;
step S403: generating a data write-in command according to the random number and the sector data, and sending the data write-in command to the Mifare application;
step S404: after the Mifare application verifies the data write-in command, a sector block number, a sector access key and sector data are obtained;
step S405: the Mifare application sends the sector block number, the sector access key and the sector data to the card operating system;
step S406: after the card operating system verifies the sector access key, sector data is written into the Mifare logical encryption area according to the sector block number, so that the entity access control card 100 is copied.
More specifically, as shown in fig. 5, the Mobile terminal 200 opens the SIM card access channel, and may use an Android library (if it is an iOS system, it may be replaced by bluetooth technology) such as Open Mobile, OMA, or telephonyManager to establish a channel with the Mifare application; the mobile terminal 200 selects the Mifare application and sends a command to acquire a random number; the Mifare application returns a random number to the mobile terminal 200, the random number participates in security protection of subsequent command messages, the security protection can adopt a national cipher or international symmetric algorithm, and data encryption protection is performed on the command messages and sector data by using a message MAC and sensitive data encryption technology; the mobile terminal 200 generates a session key and a data block assembling write command by using a random number, and sends the data write command to the Mifare application, where one of the messages of the data write command is shown in table 1:
description of the preferred embodiment Length (byte)
Effective data length 1
Block No. 1 1
Access key 1 (password) 8
Data written to a data block 16
Block number N 1
Access key N (password) 8
Data written to a data block 16
Stuffing data 8000…
TABLE 1
It can be seen that the data write command should contain a sector Block number (i.e. a sector Block number), a sector access key (password), and sector data, and the generation of the sector access key should comply with relevant provisions in ISO14443 protocol, and these sensitive data are protected by encryption with a security-protected algorithm key.
The Mifare application completes the safety check of the command message by using a safety mechanism and obtains Mifare sector data to be written, a sector access key and a sector block number; the Mifare application calls an API provided by the SIM card 300 for accessing Mifare, and transfers Mifare sector data, a sector access key, and a sector block number to the card operating system; the card operating system verifies the validity of the sector access key, and after the verification is passed, all the Mifare sector data are written into the Mifare logical encryption area, so that the entity access control card 100 is copied.
In some embodiments of the present invention, the method for copying the encrypted access card further includes a step of opening the access by using the mobile terminal 200, where the step specifically includes:
step S500: establishing communication with the gatekeeper terminal 600;
step S600: the SIM card 300 receives an authentication command sent by the access control terminal 600, and reads the sector data after the authentication is passed;
step S700: the SIM card 300 transmits the sector data to the access terminal 600 so that the access terminal 600 performs a door opening operation according to the sector data.
Specifically, as shown in fig. 6, the mobile terminal 200 is not close to the field, and establishes communication of ISO14443 protocol with the access terminal 600; the access control terminal 600 sends an authentication command to the SIM card 300, and reads Mifare sector data after passing the verification; the SIM card 300 returns the sector data to the access control terminal 600, and the access control read head determines whether the sector data meets the door opening condition, if so, the access control controller is driven to open the door, so that the door is opened through the mobile terminal 200.
According to the method for copying the encrypted access control card, the encrypted access control card is copied, the user experience of opening the door of a user by using a mobile phone is improved, the sector data of the encrypted access control card is copied by utilizing the NFC card reading technology, the SIM card access technology, the logic encryption card reading and writing technology and the multi-application expansion capability of the SIM card of a mobile phone operating system, and the sector data are written into the Mifare sector of the SIM card, and a safety protection mechanism is provided.
On the other hand, in some embodiments of the present invention, a system for copying an encrypted access control card is further provided, where the system includes the physical access control card 100, the mobile terminal 200, the SIM card 300, the TSM platform 400, and the community cloud platform 500, and the system may be configured to implement steps S100 to S400 of the above method for copying an encrypted access control card, so as to copy the encrypted access control card.
In some embodiments of the present invention, the system for copying an encrypted access control card further includes an access control terminal 600, and the system may be configured to implement steps S100 to S700 of the method for copying an encrypted access control card, so as to copy the encrypted access control card, and may open a door by using the mobile terminal 200.
In another aspect, in some embodiments of the present invention, a storage medium is further provided, where the storage medium stores computer-executable instructions for causing a computer to perform the above method for copying an encrypted access control card.
Although specific embodiments have been described herein, those of ordinary skill in the art will recognize that many other modifications or alternative embodiments are equally within the scope of this disclosure. For example, any of the functions and/or processing capabilities described in connection with a particular device or component may be performed by any other device or component. In addition, while various exemplary implementations and architectures have been described in accordance with embodiments of the present disclosure, those of ordinary skill in the art will recognize that many other modifications to the exemplary implementations and architectures described herein are also within the scope of the present disclosure.
Certain aspects of the present disclosure are described above with reference to block diagrams and flowchart illustrations of systems, methods, systems, and/or computer program products according to example embodiments. It will be understood that one or more blocks of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, respectively, can be implemented by executing computer-executable program instructions. Also, according to some embodiments, some blocks of the block diagrams and flow diagrams may not necessarily be performed in the order shown, or may not necessarily be performed in their entirety. In addition, additional components and/or operations beyond those shown in block diagrams and flow diagrams may be present in certain embodiments.
Accordingly, blocks of the block diagrams and flowchart illustrations support combinations of means for performing the specified functions, combinations of elements or steps for performing the specified functions and program instruction means for performing the specified functions. It will also be understood that each block of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, can be implemented by special purpose hardware-based computer systems that perform the specified functions, elements or steps, or combinations of special purpose hardware and computer instructions.
Program modules, applications, etc. described herein may include one or more software components, including, for example, software objects, methods, data structures, etc. Each such software component may include computer-executable instructions that, in response to execution, cause at least a portion of the functionality described herein (e.g., one or more operations of the illustrative methods described herein) to be performed.
The software components may be encoded in any of a variety of programming languages. An illustrative programming language may be a low-level programming language, such as assembly language associated with a particular hardware architecture and/or operating system platform. Software components that include assembly language instructions may need to be translated by an assembler program into executable machine code prior to execution by a hardware architecture and/or platform. Another exemplary programming language may be a higher level programming language, which may be portable across a variety of architectures. Software components that include higher level programming languages may need to be converted to an intermediate representation by an interpreter or compiler before execution. Other examples of programming languages include, but are not limited to, a macro language, a shell or command language, a job control language, a scripting language, a database query or search language, or a report writing language. In one or more exemplary embodiments, a software component containing instructions of one of the above programming language examples may be executed directly by an operating system or other software component without first being converted to another form.
The software components may be stored as files or other data storage constructs. Software components of similar types or related functionality may be stored together, such as in a particular directory, folder, or library. Software components may be static (e.g., preset or fixed) or dynamic (e.g., created or modified at execution time).
The embodiments of the present invention have been described in detail with reference to the drawings, but the present invention is not limited to the embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.

Claims (10)

1. A method for copying an encrypted access card is characterized by comprising the following steps:
acquiring a first identifier of an entity access control card;
acquiring a second identification of a community, and sending the first identification and the second identification to a TSM (trusted service manager) platform, so that the TSM platform selects a corresponding community cloud platform according to the second identification, sends the first identification to the community cloud platform, and receives a sector key acquired by the community cloud platform according to the first identification;
receiving the sector key sent by the TSM platform, and reading the sector data of the entity access control card according to the sector key;
and generating a data writing command according to the sector data, and sending the data writing command to an SIM card so that the SIM card acquires the sector data to realize the copying of the entity access control card.
2. The method for copying an encrypted access card according to claim 1, wherein the data write command comprises a sector block number, a sector access key, and the sector data.
3. The method for copying the encrypted access control card according to claim 2, wherein the SIM card comprises a card operating system, a Mifare application and a Mifare logical encryption area; the generating a data write-in command according to the sector data, and sending the data write-in command to an SIM card to enable the SIM card to acquire the sector data, so as to implement the copying of the entity access control card, specifically includes:
communicating with the Mifare application through an SIM card access channel;
sending a command of obtaining a random number to the Mifare application, and receiving the random number returned by the Mifare application according to the command of obtaining the random number;
generating the data writing command according to the random number and the sector data, and sending the data writing command to the Mifare application;
after the data write-in command is verified by the Mifare application, the sector block number, the sector access key and the sector data are obtained;
the Mifare application sends the sector block number, the sector access key and the sector data to the card operating system;
and after the card operating system verifies the sector access key, writing the sector data into the Mifare logical encryption area according to the sector block number to realize the copying of the entity access control card.
4. The method for copying the encrypted access card according to claim 1, wherein the obtaining the first identifier of the entity access card specifically comprises:
reading the entity access control card through an NFC technology to obtain the first identification of the entity access control card, wherein the first identification is the UID of the entity access control card.
5. The method for copying an encrypted access card according to claim 1, wherein the receiving the sector key sent by the TSM platform and reading the sector data of the physical access card according to the sector key specifically comprises:
receiving the sector key sent by the TSM platform;
the identity of the entity access control card is verified according to the sector key;
and after the verification is successful, executing a reading operation to obtain the sector data of the entity access control card.
6. The method for copying the encrypted access control card according to claim 1, wherein the TSM platform and the community cloud platform are communicated by using a point-to-point secure encrypted communication technology.
7. The method for copying the encrypted access card according to claim 1, further comprising the steps of:
establishing communication with the access terminal;
the SIM card receives an identity authentication command sent by the access control terminal and reads the sector data after the authentication is passed;
and the SIM card sends the sector data to an access control terminal so that the access control terminal executes door opening operation according to the sector data.
8. A system for copying an encrypted access card, comprising:
a physical access card;
the mobile terminal is used for acquiring a first identifier of the entity access control card, acquiring a second identifier of a community, and sending the first identifier and the second identifier to the TSM platform;
the TSM platform is used for selecting a corresponding community cloud platform according to the second identification and sending the first identification to the community cloud platform;
the community cloud platform is used for acquiring a sector key according to the first identifier and sending the sector key to the TSM platform; the TSM platform is also used for sending the sector key to the mobile terminal; the mobile terminal is also used for reading sector data of the entity access control card according to the sector key, generating a data writing command according to the sector data, and sending the data writing command to an SIM card;
and the SIM card is used for acquiring the sector data according to the data writing command and realizing the copying of the entity access control card.
9. The system for copying the encrypted access card according to claim 8, further comprising an access terminal, wherein the access terminal is configured to send an authentication command to the SIM card, obtain the sector data sent by the SIM card after the authentication is passed, and execute a door opening operation according to the sector data.
10. A storage medium storing computer-executable instructions for causing a computer to perform the method of copying a cryptographic access card of any one of claims 1 to 7.
CN202210939645.6A 2022-08-05 2022-08-05 Method and system for copying encrypted access control card and storage medium Active CN115497206B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210939645.6A CN115497206B (en) 2022-08-05 2022-08-05 Method and system for copying encrypted access control card and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210939645.6A CN115497206B (en) 2022-08-05 2022-08-05 Method and system for copying encrypted access control card and storage medium

Publications (2)

Publication Number Publication Date
CN115497206A true CN115497206A (en) 2022-12-20
CN115497206B CN115497206B (en) 2024-04-12

Family

ID=84466112

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210939645.6A Active CN115497206B (en) 2022-08-05 2022-08-05 Method and system for copying encrypted access control card and storage medium

Country Status (1)

Country Link
CN (1) CN115497206B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009141764A2 (en) * 2008-05-19 2009-11-26 Nxp B.V. Nfc mobile communication device and nfc reader
CN203386254U (en) * 2013-03-27 2014-01-08 天津光电安辰信息技术有限公司 NFC (Near Field Communication) technology-based high-safety access control system
CN107945324A (en) * 2017-11-14 2018-04-20 广东安居宝数码科技股份有限公司 Card writing method, card reading method and the device of access control system
CN109858578A (en) * 2018-04-20 2019-06-07 深圳如一探索科技有限公司 The method and apparatus of wearable device duplication access card
CN110086609A (en) * 2019-03-27 2019-08-02 华为技术有限公司 The method and electronic equipment of data safety backup and security recovery
CN114172544A (en) * 2021-10-20 2022-03-11 荣耀终端有限公司 Method for copying smart card and electronic equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009141764A2 (en) * 2008-05-19 2009-11-26 Nxp B.V. Nfc mobile communication device and nfc reader
CN203386254U (en) * 2013-03-27 2014-01-08 天津光电安辰信息技术有限公司 NFC (Near Field Communication) technology-based high-safety access control system
CN107945324A (en) * 2017-11-14 2018-04-20 广东安居宝数码科技股份有限公司 Card writing method, card reading method and the device of access control system
CN109858578A (en) * 2018-04-20 2019-06-07 深圳如一探索科技有限公司 The method and apparatus of wearable device duplication access card
CN110086609A (en) * 2019-03-27 2019-08-02 华为技术有限公司 The method and electronic equipment of data safety backup and security recovery
CN114172544A (en) * 2021-10-20 2022-03-11 荣耀终端有限公司 Method for copying smart card and electronic equipment

Also Published As

Publication number Publication date
CN115497206B (en) 2024-04-12

Similar Documents

Publication Publication Date Title
US9628981B2 (en) Method for changing MNO in embedded SIM on basis of special privilege, and embedded SIM and recording medium therefore
US8646059B1 (en) Wallet application for interacting with a secure element application without a trusted server for authentication
US11638148B2 (en) Client device authentication using contactless legacy magnetic stripe data
EP2741548A2 (en) Method for changing mno in embedded sim on basis of dynamic key generation and embedded sim and recording medium therefor
US20100291896A1 (en) Method, system and trusted service manager for securely transmitting an application to a mobile phone
CN105678192A (en) Smart card based secret key application method and application apparatus
CN111586671B (en) Embedded user identification card configuration method and device, communication equipment and storage medium
CN111404706B (en) Application downloading method, secure element, client device and service management device
CN101866411B (en) Security certification and encryption method and system of multi-application noncontact-type CPU card
US20230252451A1 (en) Contactless card with multiple rotating security keys
US11405782B2 (en) Methods and systems for securing and utilizing a personal data store on a mobile device
KR20130006257A (en) Method for managing key of embedded sim, embedded sim and recording medium for the same
CN210627203U (en) UICC device with safe storage function
CN117121007A (en) Authenticated messaging session authenticated by contactless card
CN112100113A (en) Smart card, card working method and terminal
CN115497206B (en) Method and system for copying encrypted access control card and storage medium
CN113704773B (en) Relay protection safety chip operating system and communication method thereof
EP2831802B1 (en) Field revisions for a personal security device
KR20170010341A (en) Method for Processing Certification by using Secure Operating System
KR101866031B1 (en) Method for Providing Server type One Time Password by using Secure Operating System
CN112100695A (en) UICC device with secure storage function and instruction response method thereof
JP2023046168A (en) Ic card, ic chip, and method of recording authentication result
KR20170095797A (en) Method for Processing Certification by using Secure Operating System

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant