CN117670348A

CN117670348A - Subway payment equipment terminal operating system based on embedded architecture

Info

Publication number: CN117670348A
Application number: CN202410117780.1A
Authority: CN
Inventors: 马怀清; 彭伟; 范婧雅
Original assignee: Shenzhen Metro Group Co ltd
Current assignee: Shenzhen Metro Group Co ltd
Priority date: 2024-01-29
Filing date: 2024-01-29
Publication date: 2024-03-08

Abstract

The invention discloses a subway payment equipment terminal operating system based on an embedded architecture, which comprises: the trusted measurement module is used for measuring key components of the operating system constructed based on the embedded architecture; the transaction safety module is used for providing transaction safety service for the operating system; and the payment function integration module is used for integrating various payment functions on the operating system. By combining the characteristics of an embedded operating system and the requirements of a subway payment equipment terminal, aiming at the safety problem of the whole system, an embedded multi-domain isolation technology is adopted to divide the system into a safety domain and a common domain, and the business related to a payment function part is moved to the safety domain for processing, wherein the safety domain only communicates with the common domain through a special protocol. The platform adopts trusted measurement aiming at binary systems of a boot, a security domain system, a common domain kernel, a ramdisk and special service software, and ensures that files are not tampered, thereby ensuring the security of the service.

Description

Subway payment equipment terminal operating system based on embedded architecture

Technical Field

The invention relates to the technical field of payment, in particular to a subway payment equipment terminal operating system based on an embedded architecture.

Background

At present, along with the rapid development of urban rail transit, subways become one of the main traffic modes for people to travel. In order to improve the efficiency and convenience of the subway system, intelligent payment equipment terminals are commonly introduced by each subway operator. Most payment equipment terminals at present are not connected to a system in the subway industry, and data cannot be acquired and analyzed in real time. In addition, most of the payment systems at present adopt encryption schemes, the security of the system is not protected, and once a hacker invades the system, the transaction security cannot be ensured.

Disclosure of Invention

The present invention aims to solve, at least to some extent, one of the technical problems in the above-described technology. Therefore, the invention aims to provide an operation system of a subway payment equipment terminal based on an embedded architecture, which combines the characteristics of the embedded operation system and the requirements of the subway payment equipment terminal, and aims at the safety problem of the whole system, an embedded multi-domain isolation technology is adopted to divide the system into a safety domain and a common domain, the business related to a payment function part is moved into the safety domain for processing, and the safety domain only communicates with the common domain through a special protocol. The platform adopts trusted measurement aiming at binary systems of a boot, a security domain system, a common domain kernel, a ramdisk and special service software, and ensures that files are not tampered, thereby ensuring the security of the service. So as to improve the safety, performance, stability and user experience of the payment equipment terminal.

To achieve the above objective, an embodiment of the present invention provides a subway payment device terminal operating system based on an embedded architecture, including:

the trusted measurement module is used for measuring key components of the operating system constructed based on the embedded architecture;

the transaction safety module is used for providing transaction safety service for the operating system;

and the payment function integration module is used for integrating various payment functions on the operating system.

According to some embodiments of the invention, it further comprises:

the interface optimization module is used for optimizing the interface design and simplifying the operation flow of a user;

the clipping module is used for clipping the kernel of the operating system and removing the driver with the importance lower than a preset threshold value;

the personalized customization module is used for providing personalized customization functions;

and the data sharing module is used for being connected with the subway operation management system, acquiring related operation data and information in real time and sending the operation data and information to the user terminal.

According to some embodiments of the present invention, a method for a trusted metrics module to measure key components of an operating system built based on an embedded architecture includes:

step one: the trusted root measures the bootstrap program, the bootstrap program is executed if the measurement is successful, and the operation is stopped if the measurement is failed;

step two: the bootstrap program measures the kernels of the security domain system and the common domain, and jumps to kernel execution if the measurement is successful, and stops running if the measurement is failed;

step three: the kernel measures the ramdisk, and jumps to the ramdisk for execution if the measurement is successful, and stops running if the measurement is failed;

step four: and (5) the ramdisk measures the payment business software, starts the payment software if the measurement is successful, and stops running if the measurement is failed.

According to some embodiments of the invention, a transaction security module includes:

the hardware isolation module is used for dividing the hardware into a security domain and a common domain, wherein a system of the security domain operates in an EL3 layer, the common domain operates in an EL0 layer and an EL1 layer, and the space of the security domain and the space of the common domain are isolated from physical addresses, so that the common domain cannot access the space of the security domain;

the security communication protocol module is used for enabling a special communication protocol to be adopted between the security domain and the common domain and enabling the payment equipment and the operating system to be in a security communication protocol;

the payment data encryption module is used for receiving the payment data sent by the acquisition module, judging, determining payment sensitive data, putting the processing of the payment sensitive data into a security domain, and carrying out encryption processing on the payment sensitive data;

the safety authentication mechanism module is used for carrying out identity authentication and payment password verification on the user, and the authorized user passing verification can carry out payment operation.

According to some embodiments of the invention, the payment function integration module comprises:

the NFC payment module is used for supporting a near field communication NFC technology;

the two-dimensional code payment module is used for supporting a code scanning payment technology;

the bank card payment module is used for supporting a bank card payment function;

and the multi-mode payment module is used for supporting the switching and mixed use of multiple payment modes.

According to some embodiments of the invention, the payment data encryption module comprises:

the storage module stores a judgment database which containsA plurality of data, each data including payment data transmitted by the acquisition moduleThe value of the individual index(s),stripe dataThe values of the individual indices form a matrix of judgment informationJudging the information matrixComprisesColumn ofLines, while respectively acquiring theThe type value of the stripe data forms a type vectorThe type vectorContaining a first type value and a second type value;

a learning module for:

build a 2 rowsColumn learning matrixThe values of the learning matrix are allIs the reciprocal of (2):

performing first learning on the judgment database by using the learning matrix to obtain an error value;

wherein,to learn matrixSubstituting the independent variable into an error value obtained by an error function;to judge information matrixIs the first of (2)A value;is thatIs the first of (2)A value;is a type vectorCorresponding firstThe type value of the stripe data, when determined to be a first type value,otherwise；For learning matrixIs the first of (2)Row of linesThe value of the column is used to determine,；

for learning matrixProceeding withSub-negative feedback adjustment;

wherein,to learn matrixThe value after the 1 st negative feedback adjustment is carried out,to learn matrixCarry out the first stepSecond negative feedback adjusted firstRow of linesThe value of the column is used to determine,to learn matrixCarry out the first stepSecond negative feedback adjusted firstRow of linesThe value of the column is used to determine,to be used inSubstitution of the independent variable into the error functionThe value after the deviation is calculated,to learn matrixCarry out the first stepThe value after the sub-negative feedback adjustment,，；

acquiring payment data sent by a module, and judging the probability that the payment data respectively correspond to a first type value and a second type value;

wherein,to pay for the probability that the data corresponds to the first type value,probability of corresponding the second type value for the payment data;the first payment data sent to the acquisition moduleThe value of the individual index(s),to learn matrixProceeding withThe matrix after the sub-negative feedback adjustment is transposed,；

if it isAnd judging that the payment data corresponds to the second type value, otherwise, judging that the payment data corresponds to the first type value.

According to some embodiments of the present invention, the root of trust measures the bootstrap program, the bootstrap program is executed if the measurement is successful, and the operation is stopped if the measurement is failed, including:

determining a metric dimension for evaluating the bootstrap program according to the metric request;

counting the change data of each dimension included in the measurement dimension, and judging whether the change data is consistent with preset change data or not;

when the change data is consistent with the preset change data, the measurement is successful, and the bootstrap program is executed; otherwise, the measurement fails and the operation is stopped.

According to some embodiments of the invention, the metric dimension includes a project management dimension, a demand management dimension, and a development management dimension.

According to some embodiments of the invention, the payment data encryption module encrypts payment sensitive data, including: the payment sensitive data is encrypted based on SHA-1 algorithm or MD5 algorithm.

According to some embodiments of the invention, the system further comprises a running log generation module, which is used for acquiring the running data of the operating system, generating a running log according to the running data and storing the running log.

The invention provides a subway payment equipment terminal operating system based on an embedded architecture, which can realize the following steps:

1. and (3) improving payment efficiency: the optimization of the operating system and the integration of the payment function can accelerate the payment speed, improve the payment efficiency and accuracy, reduce the queuing waiting time of the payment equipment terminal and improve the operation efficiency of the subway payment system.

2. User experience improvement: through optimization of interface design and simplification of user operation, operation convenience and interaction experience of a user are improved, satisfaction degree and use feeling of the user are improved, and trust degree and loyalty of the user to a subway payment system are improved.

3. Payment security guarantee: through security measures such as credibility measurement, security domain and common domain isolation, system encryption, security communication protocol, security authentication mechanism, tamper-proof technology and the like, the security of payment transaction is ensured, risks of payment information leakage and hacking attack are reduced, and the trust degree of a user on a payment system is improved.

4. Data analysis and decision support: by acquiring and analyzing real-time data, a subway management department can acquire accurate operation data, perform data analysis and decision support, provide scientific basis for subway operation management and improve the whole operation effect of a subway system.

Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and drawings.

The technical scheme of the invention is further described in detail through the drawings and the embodiments.

Drawings

The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:

fig. 1 is a block diagram of a subway payment apparatus terminal operating system based on an embedded architecture according to one embodiment of the present invention;

FIG. 2 is a flow chart of measuring critical components according to one embodiment of the invention.

Detailed Description

The preferred embodiments of the present invention will be described below with reference to the accompanying drawings, it being understood that the preferred embodiments described herein are for illustration and explanation of the present invention only, and are not intended to limit the present invention.

As shown in fig. 1, to achieve the above objective, an embodiment of the present invention provides a subway payment device terminal operating system based on an embedded architecture, including:

The technical scheme has the working principle and beneficial effects that: the trusted measurement module measures key components of the operating system constructed based on the embedded architecture; in order to improve the efficiency, other components are not measured, so that the safety of the system is ensured, the key components are not tampered, and the overall performance of the system is not influenced. Unlike common trusted metrics, common systems can metric every file, which greatly increases the load on the system, while the present invention only metrics critical files, but not other components of the system. Thus, key data is prevented from being tampered, and colleagues ensure the high efficiency of the system. The transaction security module provides transaction security services for the operating system; the common payment terminal equipment runs all services on an operating system, and can easily acquire the wanted information once a hacker successfully invades the system. The invention divides the business of the system into two parts, operates the core operation of the payment related business in the security domain, and operates other business in the common domain, and a hacker cannot invade the security domain. On the embedded operating system, various payment functions are integrated to meet the requirements of the subway payment equipment terminal.

According to some embodiments of the invention, it further comprises:

The technical scheme has the working principle and beneficial effects that: and (3) interface design optimization: through careful interface design, the user operation flow is simplified, the complexity of user operation is reduced, and the operation efficiency and convenience of the user are improved. Fast response: removing a driver with importance lower than a preset threshold value through cutting of the kernel; meanwhile, the service of the system is simplified, the system is reduced to below 1G, so that the response time and interaction instantaneity of the system are improved, the user is ensured to finish payment operation in the shortest time, and the requirement of the user on quick payment is met. Personalized customization: the invention provides personalized customization functions, so that the user can set according to the own requirements and preference, and the participation feeling and satisfaction of the user are increased. Providing real-time data: through the connection with the subway operation management system, relevant operation data and information can be obtained in real time, accurate subway operation information and payment record inquiry are provided for users, and the participation feeling and the trust degree of the users are enhanced.

As shown in fig. 2, according to some embodiments of the present invention, a method for a trusted metrics module to measure key components of an operating system built based on an embedded architecture includes:

Based on measuring the key components in sequence, the measuring result and the measuring process are convenient to accurately determine, and the measuring speed is improved.

The technical scheme has the working principle and beneficial effects that: 1. hardware isolation: the system of the security domain is operated in the EL3 layer, the common domain is operated in the EL0 and EL1 layers, and the space of the security domain and the space of the common domain are isolated from physical addresses, so that the security of the security domain and the common domain is ensured. The normal domain cannot access the space of the security domain.

Secure communication protocol: and a special communication protocol is adopted between the security domain and the common domain, so that the efficiency is ensured. The equipment and the background adopt a safe communication protocol, so that the communication process between the payment equipment and the background server is ensured to be safe and reliable. Encryption of payment data: and processing the payment sensitive data into a security domain, and encrypting the sensitive data in the payment process to prevent data leakage and hacking. Security authentication mechanism: and carrying out identity authentication and payment password verification on the user, so as to ensure that only the authorized user can carry out payment operation. The payment device and the operating system adopt secure communication protocols including HTTP, TCP/IP, UDP and other standard protocols. The special communication protocol is adopted between the security domain and the common domain, and the existing communication protocol is adaptively modified based on the sizes and the positions of the security domain and the common domain, so that the protocol which is most suitable for the security domain and the common domain is obtained. Four layers of EL0, EL1, EL2 and EL3 are arranged on hardware, the abnormal levels represented by the different layers are different (the abnormal level of armv8 is exemplified), the abnormal level of EL3 is the highest, the abnormal level of EL0 is the lowest, and EL3 refers to the bottom firmware layer, namely the safety layer; EL2 is a virtualization layer for executing a virtualization program; EL1 is a kernel layer for running Linux kernel; EL0 is the application layer execution layer.

The technical scheme has the working principle and beneficial effects that: NFC payment: and a Near Field Communication (NFC) technology is supported, so that a user can pay rapidly through equipment such as a mobile phone and the like, and the convenience of user payment is improved. Two-dimensional code payment: and the code scanning payment is supported, and a user can realize the payment operation by scanning the two-dimensional code, so that the payment flow is simplified. And (3) payment by a bank card: the bank card payment function is supported, and the user can complete payment operation by inserting the bank card and performing password verification. Multimode payment: the method supports switching and mixed use of multiple payment modes, and provides more flexible and various payment options.

a learning module for:

for learning matrixProceeding withSub-negative feedback adjustment;

The technical scheme has the working principle and beneficial effects that: the values of the s indexes are the characteristic values of each piece of corresponding data, and the s indexes comprise the data size, the data type, the generation object of the data and the like. The type vector is data indicating whether the data is payment sensitive. The first type value is 0 (denoted as non-sensitive payment data) and the second type value is 1 (denoted as sensitive payment data). Based on the learning module, a 2-line is constructedColumn learning matrixThe values of the learning matrix are allIs the reciprocal of (2): performing first learning on the judgment database by using the learning matrix to obtainAn error value; for learning matrixProceeding withSub-negative feedback adjustment is carried out to obtain an accurate learning matrix, and the probability that the payment data respectively correspond to the first type value and the second type value is judged based on the accurate learning matrix; if so, judging that the payment data corresponds to the second type value, otherwise, judging that the payment data corresponds to the first type value. And whether the payment data is sensitive payment data is conveniently and accurately judged.

The technical scheme has the working principle and beneficial effects that: determining a metric dimension for evaluating the bootstrap program according to the metric request; counting the change data of each dimension included in the measurement dimension, and judging whether the change data is consistent with preset change data or not; the preset change data is preset change data of each dimension. When the change data is consistent with the preset change data, the measurement is successful, and the bootstrap program is executed; otherwise, the measurement fails and the operation is stopped. And the method is convenient for accurately judging whether the measurement is successful.

Project management dimensions, including time dimensions: the time dimension relates to time planning, progress control and time management of the project. The method comprises the steps of starting and stopping time, stage milestones, task scheduling, progress tracking and the like of the project, and the project is ensured to be scheduled. Range dimension: the scope dimension relates to the explicit definition and management of project objectives and deliverables. Including demand analysis, range planning, demand change control, etc., to ensure that the project delivery meets the expected range. Cost dimension: the cost dimension relates to budget and cost control of an item. Including budgeting, cost estimation, cost tracking, and cost management, ensures that the project is completed within an acceptable cost range. Mass dimension: the quality dimension relates to quality requirements and quality management of the project. Including quality scheduling, quality control, quality assurance, and quality improvement, ensures that the outcome of the project delivery meets quality standards and user requirements. Risk dimension: the risk dimension relates to risk identification, assessment and management of items. Including risk management planning, risk analysis, risk management and risk control to reduce the impact of project risk on project objectives. Resource dimension: the resource dimension relates to various resource management required by the project, including human resources, material resources, equipment resources and the like. The resource dimension focuses on the reasonable allocation and utilization of project resources to support the smooth development of projects.

Demand management dimension, including demand acquisition: demand acquisition refers to identifying, understanding, and collecting the relevant demands of an item. Demand analysis and planning: demand analysis and planning refers to the analysis and arrangement of collected demands to determine the priority, stability and availability of the demands. In this process, a demand management plan needs to be formulated, and a flow and a method for demand change control need to be determined. Demand tracking and change control: the requirement tracking and changing control means that the requirement is tracked and managed to change in the project execution process. This includes tracking of demand, evaluation and processing of change requests to ensure that the demand for project delivery is consistent with the expectations of stakeholders. And (5) demand verification and acceptance: demand verification and acceptance refers to the confirmation of whether the project delivery outcome meets the needs and expectations of stakeholders. This includes formulating acceptance criteria and acceptance specifications in conjunction with stakeholders, evaluating and verifying project delivery results, and performing acceptance control. Demand communication and sharing: demand communication and sharing refers to communication and sharing of demand information with project team members and stakeholders effectively. This includes ensuring accurate communication and understanding of the needs using appropriate communication tools and techniques. Demand management tools and techniques: the demand management tools and techniques refer to software tools and techniques for supporting demand management. This includes demand management systems, demand tracking tools, prototyping tools, etc. to improve the efficiency and quality of demand management.

Developing management dimensions, including: development methodology: development methodology refers to development methods and procedures employed in the software development process. Such as waterfall models, agile developments, devOps, etc. Proper development methodology is selected to help to standardize the development process and improve development efficiency and quality. And (3) demand management: demand management plays a vital role in the development process. The system comprises links of demand collection, demand analysis, demand confirmation and the like, so as to ensure that developers understand and meet the demands of users. Project planning and organization: project planning refers to the detailed planning and organization of projects during the project initiation phase. It includes planning in terms of project scope, progress, resources and costs, and specifies goals and milestones for project development. Team collaboration and communication: team collaboration and communication are important in development management. Team members need to work closely together, together solving the problem and pushing the project forward. The effective communication mechanism can reduce communication errors and conflicts. Quality management: quality management plays a decisive role in the development project. It encompasses various quality control techniques and methods to ensure that the quality of the product meets customer expectations. Risk management: risk management is the identification, assessment, and management of various potential risks during development. It helps to discover and solve problems in advance to reduce the risk and delay of projects. Tools and techniques: in development management, development efficiency and quality can be improved using appropriate tools and techniques. Such as version control systems, automated test tools, project management software, and the like.

By the technical scheme, the subway payment equipment terminal operating system based on the embedded architecture has higher safety, higher performance, more stable operation and better user experience. The operation system can be widely applied to subway payment systems in various cities, provides quick, safe and convenient payment service, and greatly improves the operation efficiency and passenger satisfaction of the subway system. And (3) improving payment efficiency: the optimization of the operating system and the integration of the payment function can accelerate the payment speed, improve the payment efficiency and accuracy, reduce the queuing waiting time of the payment equipment terminal and improve the operation efficiency of the subway payment system. User experience improvement: through optimization of interface design and simplification of user operation, operation convenience and interaction experience of a user are improved, satisfaction degree and use feeling of the user are improved, and trust degree and loyalty of the user to a subway payment system are improved. Payment security guarantee: through security measures such as credibility measurement, security domain and common domain isolation, system encryption, security communication protocol, security authentication mechanism, tamper-proof technology and the like, the security of payment transaction is ensured, risks of payment information leakage and hacking attack are reduced, and the trust degree of a user on a payment system is improved. Data analysis and decision support: by acquiring and analyzing real-time data, a subway management department can acquire accurate operation data, perform data analysis and decision support, provide scientific basis for subway operation management and improve the whole operation effect of a subway system.

It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims

1. An embedded architecture-based subway payment equipment terminal operating system is characterized by comprising:

2. The embedded architecture-based subway payment device terminal operating system of claim 1, further comprising:

3. The embedded architecture-based subway payment equipment terminal operating system of claim 1, wherein the method for measuring key components of the operating system constructed based on the embedded architecture by the trusted measurement module comprises the following steps:

4. The embedded architecture-based subway payment equipment terminal operating system as set forth in claim 1, wherein the transaction security module includes:

5. The embedded architecture-based subway payment device terminal operating system of claim 1, wherein the payment function integration module comprises:

6. The embedded architecture-based subway payment device terminal operating system of claim 4, wherein the payment data encryption module comprises:

the storage module stores a judgment database for judgingThe database containsData each containing payment data transmitted by the acquisition module>The value of the index>Stripe data and->The values of the individual indices form a judgment information matrix>Judging the information matrix->Contains->Column->Lines, while respectively acquiring the ++>The type value of the bar data, forming a type vector +.>Said type vector->Containing a first type value and a second type value;

a learning module for:

build a 2 rowsOf columnsLearning matrix->The values of the learning matrix are +.>Is the reciprocal of (2):

wherein,to learn matrix->Substituting the independent variable into an error value obtained by an error function; />For judging information matrix->Is>A value; />Is->Is>A value; />Is a type vector +.>Corresponding->The type value of the bar data, when determined as the first type value, < >>Otherwise->；/>For learning matrix->Is>Go->The value of the column is used to determine,；

for learning matrixGo->Sub-negative feedback adjustment;

wherein,for learning matrix->The value after 1 st negative feedback adjustment, is->To learn matrixCarry out->Second negative feedback adjusted +.>Go->Column value, +.>For learning matrix->Carry out->Second negative feedback adjusted +.>Go->Column value, +.>To->Substitution of the independent variable into the error function>Value after bias is calculated, < >>For learning matrix->Carry out->The value after the sub-negative feedback adjustment,，/>；

wherein,probability of corresponding the first type value for the payment data,/->Probability of corresponding the second type value for the payment data;the +.>The value of the index>For learning matrix->Go->Matrix transposition after sub-negative feedback adjustment, +.>；

7. The embedded architecture-based subway payment equipment terminal operating system as set forth in claim 3, wherein the root of trust measures the bootstrap program, the bootstrap program is executed if the measurement is successful, the operation is stopped if the measurement is failed, and the method includes:

8. The metro payment device terminal operating system based on embedded architecture of claim 7, wherein the metric dimension comprises a project management dimension, a demand management dimension and a development management dimension.

9. The metro payment device terminal operating system based on embedded architecture as claimed in claim 4, wherein the payment data encryption module encrypts the payment sensitive data, comprising: the payment sensitive data is encrypted based on SHA-1 algorithm or MD5 algorithm.

10. The metro payment device terminal operating system based on the embedded architecture of claim 1, further comprising a running log generating module, configured to obtain running data of the operating system, generate a running log according to the running data, and store the running log.