TWI632506B - System and method for dynamically loading an application - Google Patents

System and method for dynamically loading an application Download PDF

Info

Publication number
TWI632506B
TWI632506B TW105135983A TW105135983A TWI632506B TW I632506 B TWI632506 B TW I632506B TW 105135983 A TW105135983 A TW 105135983A TW 105135983 A TW105135983 A TW 105135983A TW I632506 B TWI632506 B TW I632506B
Authority
TW
Taiwan
Prior art keywords
application
terminal device
management platform
service management
wearable smart
Prior art date
Application number
TW105135983A
Other languages
Chinese (zh)
Other versions
TW201719396A (en
Inventor
王根平
Original Assignee
國民技術股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 國民技術股份有限公司 filed Critical 國民技術股份有限公司
Publication of TW201719396A publication Critical patent/TW201719396A/en
Application granted granted Critical
Publication of TWI632506B publication Critical patent/TWI632506B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Abstract

本發明提供了動態載入應用的系統和方法。該系統包括:穿戴式智慧設備;終端設備,用於為穿戴式智慧設備下載應用;以及信任服務管理平台,通過網路與終端設備連接,信任服務管理平台用於為終端設備提供所述應用。通過本發明的技術方案,能夠為低端硬體配置的穿戴式智慧設備實現應用的動態載入和安全管理。 The present invention provides systems and methods for dynamically loading applications. The system includes: a wearable smart device; a terminal device for downloading an application for the wearable smart device; and a trust service management platform connected to the terminal device through the network, and the trusted service management platform is configured to provide the application for the terminal device. With the technical solution of the present invention, dynamic loading and security management of an application can be implemented for a wearable smart device configured with a low-end hardware.

Description

動態載入應用的系統和方法 System and method for dynamically loading an application

本發明係關於穿戴式智慧設備,更具體地,關於用於穿戴式智慧設備的動態載入應用的系統和方法。 The present invention relates to wearable smart devices, and more particularly to systems and methods for dynamic loading applications for wearable smart devices.

穿戴式智慧設備(諸如智慧手錶、智慧手環等)可用於健康監測、運動檢測、位置定位、電話通訊、公共交通卡、支付認證等用途,因此穿戴式設備越來越受到人們的喜愛。隨著穿戴式智慧設備的應用範圍越來越廣,需支持的應用越來越多,並且每個領域的應用都在日新月異的變化著,因此應用即時下載、動態更新的需求變得越來越急迫。此外,應用的安全性,特別是支付金融相關領域的動態下載的管道和管理的安全性必須得到保障。 Wearable devices (such as smart watches, smart bracelets, etc.) can be used for health monitoring, motion detection, location location, telephone communication, public transportation cards, payment authentication, etc., so wearable devices are more and more popular. As the range of applications of wearable smart devices becomes wider and wider, more and more applications need to be supported, and applications in each field are changing with each passing day, the demand for instant download and dynamic update is becoming more and more demanding. urgent. In addition, the security of the application, especially the security of the pipeline and management of dynamic downloading in the financial related field must be guaranteed.

目前,穿戴式智慧設備現有的應用載入模式有兩種。一種如Apple Watch一樣,其帶有小型的操作系統,可以通過其APP store(應用商店)來下載應用,然而這種模式對硬體設備和系統要求較高,並且應用管理的安全性得不到保障。另一種是出廠的時候就已經載入完成(例如小米手環等),因此不能再動態新增應用,從而這種模式限制了產品的應用範圍,使得產品功能有限。 Currently, there are two application loading modes for wearable smart devices. One like the Apple Watch, which has a small operating system that can be downloaded through its APP store. However, this mode has higher requirements for hardware devices and systems, and application management security is not available. Guarantee. The other one is already loaded at the time of shipment (for example, Xiaomi bracelet, etc.), so it is no longer possible to dynamically add applications, so this mode limits the scope of application of the product, making the product limited.

因此,對於低端硬體配置的穿戴式智慧設備,需要一種能夠解決即時動態載入應用和安全應用管理的問題的技 術。 Therefore, for a wearable smart device with a low-end hardware configuration, there is a need for a technology that can solve the problems of instant streaming applications and secure application management. Surgery.

本發明提出了可動態載入應用的系統和方法,能夠針對於低端硬體配置的穿戴式智慧設備實現應用的動態載入和安全管理。 The invention provides a system and method for dynamically loading an application, which can implement dynamic loading and security management of an application for a wearable smart device with a low-end hardware configuration.

根據本發明的一個方面,提供了一種動態載入應用的系統,包括:穿戴式智慧設備;終端設備,用於為穿戴式智慧設備下載應用;以及信任服務管理平台,通過網路與終端設備連接,信任服務管理平台用於為終端設備提供應用。 According to an aspect of the present invention, a system for dynamically loading an application includes: a wearable smart device; a terminal device for downloading an application for the wearable smart device; and a trusted service management platform connected to the terminal device through the network The trust service management platform is used to provide applications for terminal devices.

較佳地,穿戴式智慧設備通過藍牙、WiFi(Wireless Fidelity,無線保真)、ZigBee(紫蜂)、USB(Universal Serial Bus,通用串列匯流排)或ISO 7816(標準協議)通道與終端設備進行通訊。 Preferably, the wearable smart device passes through Bluetooth, WiFi (Wireless Fidelity), ZigBee, USB (Universal Serial Bus) or ISO 7816 (standard protocol) channel and terminal device Communicate.

此外,穿戴式智慧設備包括:通訊模組,用於與終端設備進行通訊;儲存模組,用於儲存由終端設備下載的應用;以及安全模組,用於完成信任服務管理平台對穿戴式智慧設備的認證操作。 In addition, the wearable smart device includes: a communication module for communicating with the terminal device; a storage module for storing the application downloaded by the terminal device; and a security module for completing the trust service management platform for the wearable wisdom The authentication operation of the device.

此外,信任服務管理平台包括:應用發行管理裝置,用於管理應用供應商、審核應用供應商提供的應用,並向使用者提供應用相關服務;以及安全模組管理裝置,用於控制和管理信任服務管理平台中的應用資料的安全。 In addition, the trust service management platform includes: an application release management device for managing an application provider, reviewing an application provided by an application provider, and providing an application-related service to the user; and a security module management device for controlling and managing the trust The security of the application materials in the service management platform.

根據本發明的另一方面,提供了一種動態載入應用的方法,包括:穿戴式智慧設備與終端設備建立連接;終端 設備向信任服務管理平台發送下載應用的請求;信任服務管理平台對穿戴式智慧設備進行驗證;以及在認證通過的情況下,終端設備從信任服務管理平台下載應用。 According to another aspect of the present invention, a method for dynamically loading an application includes: establishing a connection between a wearable smart device and a terminal device; The device sends a request for downloading the application to the trusted service management platform; the trusted service management platform verifies the wearable smart device; and in the case that the authentication passes, the terminal device downloads the application from the trusted service management platform.

較佳地,穿戴式智慧設備與所述終端設備建立連接包括:終端設備向穿戴式智慧設備發送連接請求;以及穿戴式智慧設備答覆連接請求來與終端設備建立連接,其中穿戴式智慧設備通過藍牙、WiFi(Wireless Fidelity,無線保真)、ZigBee(紫蜂)、USB(Universal Serial Bus,通用串列匯流排)或ISO 7816(標準協議)通道與終端設備進行通訊。 Preferably, the connection between the wearable smart device and the terminal device comprises: the terminal device sends a connection request to the wearable smart device; and the wearable smart device answers the connection request to establish a connection with the terminal device, wherein the wearable smart device passes the Bluetooth device. , WiFi (Wireless Fidelity), ZigBee (ZiBee), USB (Universal Serial Bus) or ISO 7816 (standard protocol) channel to communicate with the terminal device.

較佳地,信任服務管理平台對穿戴式智慧設備進行驗證包括:信任服務管理平台向終端設備發送安全認證請求;終端設備將安全認證請求發送給穿戴式智慧設備;穿戴式智慧設備處理認證請求並向終端設備提供認證資訊;終端設備將認證資訊發送給信任服務管理平台;信任服務管理平台處理認證資訊並向終端設備反饋認證結果;以及在認證通過的情況下,在信任服務管理平台和終端設備之間建立下載通道。 Preferably, the trusted service management platform performs verification on the wearable smart device, including: the trusted service management platform sends a security authentication request to the terminal device; the terminal device sends the security authentication request to the wearable smart device; and the wearable smart device processes the authentication request and Providing authentication information to the terminal device; the terminal device sends the authentication information to the trusted service management platform; the trusted service management platform processes the authentication information and feeds back the authentication result to the terminal device; and in the case of the authentication, the trusted service management platform and the terminal device Establish a download channel between them.

較佳地,認證資訊包括各信任服務管理平台的安全域密鑰、個人身份認證資訊、設備安全資訊、設備儲存資源資訊。 Preferably, the authentication information includes a security domain key, personal identity authentication information, device security information, and device storage resource information of each trust service management platform.

較佳地,終端設備從信任服務管理平台下載應用包括:終端設備向信任服務管理平台發送下載應用標誌;信任服務管理平台向終端設備發送應用資料;以及終端設備 將所述應用資料發送供給穿戴式智慧設備。 Preferably, the terminal device downloads the application from the trust service management platform, including: the terminal device sends a download application identifier to the trust service management platform; the trust service management platform sends the application data to the terminal device; and the terminal device The application data is sent to the wearable smart device.

此外,在行動終端將應用資料發送給穿戴式智慧設備之後,該方法還包括:穿戴式智慧設備接收應用資料;以及穿戴式智慧設備向終端設備和信任服務管理平台回傳應用載入的結果。 In addition, after the mobile terminal sends the application data to the wearable smart device, the method further includes: the wearable smart device receives the application data; and the wearable smart device returns the result of the application loading to the terminal device and the trusted service management platform.

如上所述,本發明通過終端設備為穿戴式智慧設備下載應用,能夠針對於低端硬體配置的穿戴式智慧設備實現應用的動態載入和安全管理。 As described above, the present invention downloads an application for a wearable smart device through a terminal device, and can implement dynamic loading and security management of the application for a wearable smart device configured with a low-end hardware.

10‧‧‧動態載入應用系統 10‧‧‧Dynamic loading application system

12‧‧‧穿戴式智慧設備 12‧‧‧Wearing smart devices

14‧‧‧終端設備 14‧‧‧ Terminal equipment

16‧‧‧信任服務管理平台 16‧‧‧Trust Service Management Platform

S30-S36‧‧‧步驟 S30-S36‧‧‧Steps

圖1是根據本發明的動態載入應用的系統的方塊圖。 1 is a block diagram of a system for dynamically loading an application in accordance with the present invention.

圖2是根據本發明的以智慧手環和手機為例的動態載入應用的系統的示意圖。 2 is a schematic diagram of a system for dynamically loading an application using a smart bracelet and a mobile phone as an example in accordance with the present invention.

圖3是根據本發明的動態載入應用的方法的流程圖。 3 is a flow chart of a method of dynamically loading an application in accordance with the present invention.

圖4是詳細示出根據本發明實施例的動態載入應用的方法的流程圖。 4 is a flow chart showing in detail a method of dynamically loading an application in accordance with an embodiment of the present invention.

以下結合隨隨附圖式式詳細描述本發明。 The invention will be described in detail below with reference to the accompanying drawings.

圖1是根據本發明的動態載入應用的系統的方塊圖。圖2是根據本發明的以智慧手環和手機為例的動態載入應用的系統的示意圖。 1 is a block diagram of a system for dynamically loading an application in accordance with the present invention. 2 is a schematic diagram of a system for dynamically loading an application using a smart bracelet and a mobile phone as an example in accordance with the present invention.

如圖1所示,本發明的動態載入應用系統10包括:穿戴式智慧設備12;終端設備14,用於為穿戴式智慧設備12下載應用;以及信任服務管理平台16,通過網路與終端設備14連接,TSM(Trusted Service Management,信任服 務管理平台)16用於為終端設備14提供應用。 As shown in FIG. 1, the dynamic loading application system 10 of the present invention includes: a wearable smart device 12; a terminal device 14 for downloading an application for the wearable smart device 12; and a trusted service management platform 16, through the network and the terminal Device 14 is connected, TSM (Trusted Service Management, Trust Service) The management platform 16 is used to provide an application to the terminal device 14.

本文所說的穿戴式智慧設備可以通過無線通道(諸如藍牙、WiFi、ZigBee通道等)和有線通道(諸如USB、ISO 7816通道等)與終端設備進行通訊。但所屬技術領域中具有通常知識者應該明白,可應用於本發明的系統和方法的任何通道方式均包括在本發明的範圍內。 The wearable smart device described in this article can communicate with terminal devices through wireless channels (such as Bluetooth, WiFi, ZigBee channels, etc.) and wired channels (such as USB, ISO 7816 channels, etc.). However, it should be understood by those of ordinary skill in the art that any channel means applicable to the systems and methods of the present invention are included within the scope of the present invention.

此外,本文所說的終端設備可以為手機、平板電腦、台式電腦、筆記本電腦等終端設備但不限於此,可應用於本發明的系統和方法的任何終端設備均包括在本發明的範圍內。 Furthermore, the terminal device referred to herein may be a terminal device such as a mobile phone, a tablet computer, a desktop computer, a notebook computer, or the like, but is not limited thereto, and any terminal device applicable to the system and method of the present invention is included in the scope of the present invention.

此外,本文所說的穿戴式智慧設備可以為智慧手錶、智慧手環、多功能java卡片等但不限於此,任何可應用於本發明的穿戴式智慧設備均包括在本發明的範圍內。 In addition, the wearable smart device referred to herein may be a smart watch, a smart bracelet, a multifunctional java card, etc., but is not limited thereto, and any wearable smart device applicable to the present invention is included in the scope of the present invention.

如圖2所示,將智慧手環作為穿戴式智慧設備以及將手機作為終端設備示出了本發明的系統。在這種情況下,TSM可以通過網路傳輸應用給行動終端,行動終端再把應用通過藍牙或WiFi或ZigBee等通訊通道下載到智慧手環。 As shown in FIG. 2, the smart bracelet is used as a wearable smart device and the mobile phone is used as a terminal device to illustrate the system of the present invention. In this case, the TSM can transmit the application to the mobile terminal through the network, and the mobile terminal downloads the application to the smart bracelet through a communication channel such as Bluetooth or WiFi or ZigBee.

具體來說,如所屬技術領域中具有通常知識者所知的,穿戴式智慧設備(如智慧手錶/手環,多功能java卡片)的內部程序架構從下到上為:晶片處理器、java虛擬機、java API介面和java應用,其中java應用就是本發明中所提到的動態載入的應用。此外,穿戴式智慧設備在硬體結構上除了主控晶片之外,還具有與主控晶片相連的通訊模組、儲存模組、電源模組,其中電源模組給其他模組供電。 主控模組的頻率可低至幾十MHz即可運行該套架構;通訊模組可以與終端設備進行連接通訊,並且可以使用藍牙、WiFi(Wireless Fidelity,無線保真)、ZigBee(紫蜂)、USB(Universal Serial Bus,通用串列匯流排)或ISO 7816(標準協議)等通訊方式;儲存模組中儲存有儲存程式、應用、認證資訊等,其空間在1MByte以內就可實現虛擬機等程式和多個應用的儲存管理。此外,該穿戴式智慧設備還包括安全模組,用於完成信任服務管理平台對穿戴式智慧設備的認證操作,例如在下載應用時接收來自TSM平台的認證請求,處理該認證請求並提供認證資訊。 Specifically, as is known to those of ordinary skill in the art, the internal program architecture of wearable smart devices (such as smart watches/bracelets, multi-function java cards) is from bottom to top: wafer processor, java virtual Machine, java API interface and java application, wherein the java application is the dynamic loading application mentioned in the present invention. In addition, the wearable smart device has a communication module, a storage module, and a power module connected to the main control chip in addition to the main control chip, wherein the power module supplies power to other modules. The frequency of the main control module can be as low as tens of MHz to run the architecture; the communication module can communicate with the terminal device, and can use Bluetooth, WiFi (Wireless Fidelity), ZigBee (Zigbee) , USB (Universal Serial Bus) or ISO 7816 (standard protocol) communication methods; storage modules store storage programs, applications, authentication information, etc., the space can be virtual machine within 1MByte Program and storage management for multiple applications. In addition, the wearable smart device further includes a security module, configured to complete an authentication operation of the wearable smart device by the trusted service management platform, for example, receiving an authentication request from the TSM platform when downloading the application, processing the authentication request, and providing the authentication information. .

終端設備(例如手機、PAD等行動終端,或者台式電腦、筆記本電腦等非行動終端)作為人機互動的界面管理和通訊的中間樞紐,對下可以與穿戴式智慧設備進行通訊,對上可以與TSM平台進行通訊,並且還可以帶有應用控制管理APP來作為人際互動界面的管理。 Terminal devices (such as mobile phones, mobile terminals such as PADs, or non-mobile terminals such as desktop computers and notebook computers) serve as intermediate hubs for interface management and communication between human-machine interactions, and can communicate with wearable smart devices. The TSM platform communicates and can also be managed with an application control management application as an interactive interface.

TSM平台提供了是各類服務商與使用者直接的安全橋樑,並且包括:應用發行管理裝置,用於管理應用供應商、審核應用供應商提供的應用,並向使用者提供應用相關服務;以及安全模組管理裝置,用於控制和管理信任服務管理平台中的應用資料的安全。 The TSM platform provides a direct security bridge between various service providers and users, and includes: application release management devices for managing application providers, reviewing applications provided by application providers, and providing application-related services to users; A security module management device for controlling and managing the security of application data in the trust service management platform.

具體地,應用發行管理裝置作為第三方管理平台,主要提供受理業務平台的接入,對應用供應商進行註冊、審核和配置管理,同時負責審核應用供應商提供的應用的合法性、安全性和規範性,提供應用及安全域的管理與發行, 並且還向使用者提供註冊、註銷、退網、以及應用資料的查詢、備份、掛失、補辦等職責。 Specifically, the application release management device is used as a third-party management platform, mainly provides access to the service platform, registers, audits, and configures the application provider, and is responsible for reviewing the legality, security, and application of the application provided by the application provider. Normative, providing management and distribution of applications and security domains, It also provides users with the functions of registration, cancellation, withdrawal, and application data query, backup, loss reporting, and replacement.

安全模組管理裝置具有以下功能:控制和管理安全應用的主控密鑰;通過空中下載等技術方式在安全模組中載入、安裝、或刪除應用資料和配套的帳戶資料;以及對安全模組應用資訊進行統一管理,包括資料資訊管理、安全通道管理以及安全應用管理等。 The security module management device has the following functions: controlling and managing the master key of the security application; loading, installing, or deleting the application data and supporting account data in the security module by means of over-the-air downloading; and the security mode Group application information for unified management, including data information management, secure channel management, and secure application management.

基於上述架構,本發明提出的方法是:終端設備與穿戴式智慧終端在建立連接之後,終端設備的應用管理程序APP發出下載應用的請求,穿戴式智慧終端發送認證資料通過終端設備給到TSM平台,TSM平台獲取認證資訊並在認證成功後給終端設備下載應用授權,終端設備發送下載應用的標誌給TSM平台,TSM平台根據應用標誌給終端設備下傳對應的應用,然後終端設備再把應用下載到穿戴式智慧終端中。 Based on the above architecture, the method proposed by the present invention is: after the terminal device establishes a connection with the wearable smart terminal, the application management program APP of the terminal device issues a request for downloading the application, and the wearable smart terminal sends the authentication data to the TSM platform through the terminal device. The TSM platform obtains the authentication information and downloads the application authorization to the terminal device after the authentication succeeds. The terminal device sends the logo of the downloaded application to the TSM platform, and the TSM platform transmits the corresponding application to the terminal device according to the application identifier, and then the terminal device downloads the application again. Go to the wearable smart terminal.

以下結合圖3和圖4詳細描述本發明的方法。 The method of the present invention is described in detail below in conjunction with FIGS. 3 and 4.

圖3是根據本發明的動態載入應用的方法的流程圖。 3 is a flow chart of a method of dynamically loading an application in accordance with the present invention.

如圖3所示,根據本發明的動態載入應用方法包括:步驟S30,穿戴式智慧設備與終端設備建立連接;S32,終端設備向信任服務管理平台發送下載應用的請求;S34,信任服務管理平台對穿戴式智慧設備進行驗證;以及S36,在認證通過的情況下,終端設備從信任服務管理平台下載應用。 As shown in FIG. 3, the dynamic loading application method according to the present invention includes: step S30, the wearable smart device establishes a connection with the terminal device; S32, the terminal device sends a request for downloading the application to the trusted service management platform; S34, trust service management The platform verifies the wearable smart device; and S36, in the case that the authentication is passed, the terminal device downloads the application from the trusted service management platform.

具體地,穿戴式智慧設備與終端設備建立連接包括: 終端設備向穿戴式智慧設備發送連接請求;以及穿戴式智慧設備答覆連接請求來與終端設備建立連接,其中穿戴式智慧設備通過藍牙、WiFi(Wireless Fidelity,無線保真)、ZigBee(紫蜂)、USB(Universal Serial Bus,通用串列匯流排)或ISO 7816(標準協議)等通道與終端設備進行通訊。 Specifically, establishing a connection between the wearable smart device and the terminal device includes: The terminal device sends a connection request to the wearable smart device; and the wearable smart device answers the connection request to establish a connection with the terminal device, wherein the wearable smart device passes through Bluetooth, WiFi (Wireless Fidelity), ZigBee (Zibeee), Channels such as USB (Universal Serial Bus) or ISO 7816 (Standard Protocol) communicate with terminal devices.

此外,信任服務管理平台對穿戴式智慧設備進行驗證包括:信任服務管理平台向終端設備發送安全認證請求;終端設備將安全認證請求發送給穿戴式智慧設備;穿戴式智慧設備處理認證請求並向終端設備提供認證資訊;終端設備將認證資訊發送給信任服務管理平台;信任服務管理平台處理認證資訊並向終端設備反饋認證結果;以及在認證通過的情況下,在信任服務管理平台和終端設備之間建立下載通道。其中,穿戴式智慧設備處理認證請求包括對認證請求進行解密、確定TSM平台需要哪些認證資訊等,這對於所屬技術領域中具有通常知識者來說是普通常識,因此不再進行詳細描述。 In addition, the trusted service management platform performs verification on the wearable smart device, including: the trusted service management platform sends a security authentication request to the terminal device; the terminal device sends the security authentication request to the wearable smart device; and the wearable smart device processes the authentication request and sends the authentication request to the terminal. The device provides authentication information; the terminal device sends the authentication information to the trusted service management platform; the trusted service management platform processes the authentication information and feeds back the authentication result to the terminal device; and, in the case of the authentication pass, between the trusted service management platform and the terminal device Create a download channel. The processing of the authentication request by the wearable smart device includes decrypting the authentication request, determining which authentication information is required by the TSM platform, etc., which is common knowledge for those having ordinary knowledge in the technical field, and therefore will not be described in detail.

應該注意,這裏所說的認證資訊包括各信任服務管理平台的安全域密鑰、個人身份認證資訊、設備安全資訊、設備儲存資源資訊等,這些認證資訊都是預先儲存在穿戴式智慧設備中的。 It should be noted that the authentication information mentioned here includes the security domain key of each trust service management platform, personal identity authentication information, device security information, device storage resource information, etc., and the authentication information is pre-stored in the wearable smart device. .

具體地,終端設備從信任服務管理平台下載應用包括:終端設備向信任服務管理平台發送下載應用標誌;信任服務管理平台向終端設備發送應用資料;以及終端設備 將應用資料發送供給穿戴式智慧設備。 Specifically, the terminal device downloading the application from the trust service management platform includes: the terminal device sends a download application flag to the trust service management platform; the trust service management platform sends the application data to the terminal device; and the terminal device Send application data to wearable smart devices.

此外,在行動終端將應用資料發送給穿戴式智慧設備之後,該方法還包括:穿戴式智慧設備接收應用資料;以及穿戴式智慧設備向終端設備和信任服務管理平台回傳應用載入的結果。此外,穿戴式智慧設備在接收到應用資料之後還需要儲存和處理應用資料,這裏所說的處理包括對應用資料進行解密、將其儲存在相關地址處等處理,這對於所屬技術領域中具有通常知識者來說是普通常識的,因此不再進行詳細描述。 In addition, after the mobile terminal sends the application data to the wearable smart device, the method further includes: the wearable smart device receives the application data; and the wearable smart device returns the result of the application loading to the terminal device and the trusted service management platform. In addition, the wearable smart device needs to store and process the application data after receiving the application data, and the processing referred to herein includes processing the application data, storing it at the relevant address, etc., which is generally used in the technical field. It is common knowledge for the knowledge person, so it will not be described in detail.

圖4是詳細示出根據本發明實施例的動態載入應用的方法的流程圖,包括以下步驟:第一步:終端設備與穿戴式智慧設備建立連接;第二步:終端設備的應用管理程序APP向TSM發出下載應用的請求,TSM在接收到請求後,發送對穿戴式智慧設備的安全認證請求;第三步:通過終端設備透通傳輸,穿戴式智慧設備接收該認證請求並處理認證請求,然後發送相關的認證資訊給TSM;第四步:TSM認證穿戴式智慧設備的合法性、安全性,並將結果反饋給終端設備,如果認證通過,則完成整個下載通道建立;第五步:終端設備發送對應於所下載應用的下載應用標誌給TSM平台,TSM回應下載應用請求來找到相關應用資料,並將相關應用資料調出發送給終端設備; 第六步:終端設備將資料傳給穿戴式智慧設備,穿戴式智慧設備接收、儲存並處理相關的應用。 4 is a flow chart showing in detail a method for dynamically loading an application according to an embodiment of the present invention, including the following steps: First, the terminal device establishes a connection with the wearable smart device; and second step: the application management program of the terminal device The APP sends a request for downloading the application to the TSM, and after receiving the request, the TSM sends a security authentication request for the wearable smart device; the third step: transparently transmitting the device through the terminal device, and the wearable smart device receives the authentication request and processes the authentication request. And then send the relevant authentication information to the TSM; the fourth step: TSM authenticates the legality and security of the wearable smart device, and feeds the result back to the terminal device. If the authentication passes, the entire download channel is established; the fifth step: The terminal device sends a download application identifier corresponding to the downloaded application to the TSM platform, and the TSM responds to the download application request to find the related application data, and sends the relevant application data to the terminal device; Step 6: The terminal device transmits the data to the wearable smart device, and the wearable smart device receives, stores, and processes the related application.

此外,在第六步之後可以增加回傳回應資訊,即穿戴式智慧設備發送應用載入的結果給終端設備和TSM。 In addition, after the sixth step, the feedback information can be added, that is, the wearable smart device sends the result of the application loading to the terminal device and the TSM.

此外,除了需要對穿戴式智慧設備進行安全認證之外,還需要對終端設備和TSM之間的下載通道進行認證,這可以通過現有技術中任何可應用的方式來實現,這裏不再進行贅述。 In addition, in addition to the security authentication of the wearable smart device, the download channel between the terminal device and the TSM needs to be authenticated, which can be implemented in any applicable manner in the prior art, and details are not described herein.

此外,第三步中發送的認證資訊可以包含各TSM安全域密鑰、個人身份認證資訊、設備安全資訊、設備儲存資源資訊等資訊。並且,對於不同內容的認證可以重複第二步和第三步,使得每次驗證不一樣的內容。 In addition, the authentication information sent in the third step may include information such as each TSM security domain key, personal identity authentication information, device security information, and device storage resource information. Also, the second step and the third step can be repeated for authentication of different contents, so that different contents are verified each time.

如上所述,本發明通過使用終端設備為穿戴式智慧設備下載應用,能夠針對於低端硬體配置的穿戴式智慧設備實現應用的動態載入和安全管理。 As described above, the present invention can implement dynamic loading and security management of an application for a wearable smart device configured with a low-end hardware by downloading an application for the wearable smart device by using the terminal device.

需要說明的是,以上參照隨附圖式所描述的各個實施例僅用以說明本發明而非限制本發明的範圍,本技術領域中具有通常知識者應當理解,在不脫離本發明的精神和範圍的前提下對本發明進行的修改或者等同替換,均應涵蓋在本發明的範圍之內。此外,除上下文另有所指外,以單數形式出現的詞包括複數形式,反之亦然。另外,除非特別說明,那麽任何實施例的全部或一部分可結合任何其它實施例的全部或一部分來使用。 It should be noted that the various embodiments described above with reference to the accompanying drawings are only to illustrate the invention and not to limit the scope of the invention, and those of ordinary skill in the art should understand without departing from the spirit of the invention. Modifications or equivalent substitutions of the invention are intended to be included within the scope of the invention. In addition, unless the context indicates otherwise, words in the singular include plural and vice versa. In addition, all or a portion of any embodiment can be used in combination with all or a portion of any other embodiment, unless otherwise stated.

Claims (8)

一種動態載入應用的系統,包括:穿戴式智慧設備;終端設備,用於為該穿戴式智慧設備下載應用;以及信任服務管理平台,通過網路與該終端設備連接,該信任服務管理平台用於對該穿戴式智慧設備進行驗證並為該終端設備提供該應用;其中該信任服務管理平台對該穿戴式智慧設備進行驗證包括:該信任服務管理平台向該終端設備發送安全認證請求;該終端設備將該安全認證請求發送給該穿戴式智慧設備;該穿戴式智慧設備處理該安全認證請求並向該終端設備提供認證資訊;該終端設備將該認證資訊發送給該信任服務管理平台;該信任服務管理平台處理該認證資訊並向該終端設備反饋認證結果;其中,該終端設備從該信任服務管理平台下載所述該信任服務管理平台所提供之該應用中,係包括有:由該終端設備向該信任服務管理平台發送一下載應用標誌; 再由該信任服務管理平台向該終端設備發送一應用資料;以及最後由該終端設備將該應用資料發送供給該穿戴式智慧設備中,使該穿戴式智慧設備即時動態取得該信任服務管理平台所提供之該應用。 A system for dynamically loading an application, comprising: a wearable smart device; a terminal device for downloading an application for the wearable smart device; and a trust service management platform connected to the terminal device through a network, the trusted service management platform Verifying the wearable smart device and providing the application to the terminal device; wherein the trusted service management platform authenticating the wearable smart device includes: the trusted service management platform sending a secure authentication request to the terminal device; the terminal The device sends the security authentication request to the wearable smart device; the wearable smart device processes the security authentication request and provides authentication information to the terminal device; the terminal device sends the authentication information to the trusted service management platform; the trust The service management platform processes the authentication information and feeds back the authentication result to the terminal device. The terminal device downloads the application provided by the trust service management platform from the trusted service management platform, and includes: the terminal device Send a download to the trust service management platform Signs; And sending, by the trusted service management platform, an application data to the terminal device; and finally, the terminal device sends the application data to the wearable smart device, so that the wearable smart device dynamically obtains the trust service management platform The application is provided. 如請求項1所記載的動態載入應用的系統,其中該穿戴式智慧設備通過藍牙、WiFi、ZigBee、USB或ISO 7816通道與該終端設備進行通訊。 The system for dynamically loading an application as recited in claim 1, wherein the wearable smart device communicates with the terminal device via a Bluetooth, WiFi, ZigBee, USB, or ISO 7816 channel. 如請求項1所記載的動態載入應用的系統,其中該穿戴式智慧設備包括:通訊模組,用於與該終端設備進行通訊;儲存模組,用於儲存由該終端設備下載的該應用;以及安全模組,用於完成該信任服務管理平台對該穿戴式智慧設備的認證操作。 The system for dynamically loading an application as described in claim 1, wherein the wearable smart device comprises: a communication module for communicating with the terminal device; and a storage module for storing the application downloaded by the terminal device And a security module, configured to complete the authentication operation of the wearable smart device by the trust service management platform. 如請求項1所記載的動態載入應用的系統,其中該信任服務管理平台包括:應用發行管理裝置,用於管理應用供應商、審核該應用供應商提供的應用,並向使用者提供應用相關服務;以及安全模組管理裝置,用於控制和管理該信任服務管理平台中的應用資料的安全。 The system for dynamically loading an application as described in claim 1, wherein the trusted service management platform comprises: an application release management device, configured to manage an application provider, review an application provided by the application provider, and provide an application related to the user. a service; and a security module management device for controlling and managing the security of the application data in the trust service management platform. 一種動態載入應用的方法,係應用於穿戴式智慧設備、終端設備與信任服務管理平台,該動態載入應用的方法包括:該穿戴式智慧設備與該終端設備建立連接;該終端設備向該信任服務管理平台發送下載應用的請求;該信任服務管理平台對該穿戴式智慧設備進行驗證,其包括:該信任服務管理平台向該終端設備發送安全認證請求;該終端設備將該安全認證請求發送給該穿戴式智慧設備;該穿戴式智慧設備處理該安全認證請求並向該終端設備提供認證資訊;該終端設備將該認證資訊發送給該信任服務管理平台;該信任服務管理平台處理該認證資訊並向該終端設備反饋認證結果;以及在認證通過的情況下,該終端設備從該信任服務管理平台下載應用;其中,該終端設備從該信任服務管理平台下載所述該信任服務管理平台所提供之該應用中,係包括有: 由該終端設備向該信任服務管理平台發送一下載應用標誌;再由該信任服務管理平台向該終端設備發送一應用資料;以及最後由該終端設備將該應用資料發送供給該穿戴式智慧設備中,使該穿戴式智慧設備即時動態取得該信任服務管理平台所提供之該應用。 A method for dynamically loading an application is applied to a wearable smart device, a terminal device, and a trusted service management platform, and the method for dynamically loading an application includes: the wearable smart device establishes a connection with the terminal device; The trusted service management platform sends a request for downloading the application; the trusted service management platform verifies the wearable smart device, and the method includes: the trusted service management platform sends a security authentication request to the terminal device; the terminal device sends the security authentication request Giving the wearable smart device; the wearable smart device processes the secure authentication request and provides authentication information to the terminal device; the terminal device sends the authentication information to the trusted service management platform; the trusted service management platform processes the authentication information And feeding back the authentication result to the terminal device; and in the case that the authentication is passed, the terminal device downloads the application from the trusted service management platform; wherein the terminal device downloads the trusted service management platform from the trusted service management platform to provide the In this application, the system includes: Sending, by the terminal device, a download application identifier to the trusted service management platform; and then the trusted service management platform sends an application data to the terminal device; and finally, the terminal device sends the application data to the wearable smart device. And enabling the wearable smart device to dynamically obtain the application provided by the trust service management platform. 如請求項5所記載的動態載入應用的方法,其中該穿戴式智慧設備與該終端設備建立連接包括:該終端設備向該穿戴式智慧設備發送連接請求;以及該穿戴式智慧設備答覆該連接請求來與該終端設備建立連接;其中,該穿戴式智慧設備通過藍牙、WiFi、ZigBee、USB或ISO 7816通道與該終端設備進行通訊。 The method of dynamically loading an application as described in claim 5, wherein the establishing, by the wearable smart device, the connection with the terminal device comprises: the terminal device sending a connection request to the wearable smart device; and the wearable smart device answering the connection Requesting to establish a connection with the terminal device; wherein the wearable smart device communicates with the terminal device via Bluetooth, WiFi, ZigBee, USB or ISO 7816 channel. 如請求項5所記載的動態載入應用的方法,其中該認證資訊包括各信任服務管理平台的安全域密鑰、個人身份認證資訊、設備安全資訊、設備儲存資源資訊。 The method for dynamically loading an application as described in claim 5, wherein the authentication information includes a security domain key, personal identity authentication information, device security information, and device storage resource information of each trust service management platform. 如請求項5所記載的動態載入應用的方法,其中在該行動終端將該應用資料發送給該穿戴式智慧設備之後,還包括:該穿戴式智慧設備接收該應用資料;以及 該穿戴式智慧設備向該終端設備和該信任服務管理平台回傳應用載入的結果。 The method of dynamically loading an application as described in claim 5, wherein after the mobile terminal sends the application data to the wearable smart device, the method further includes: the wearable smart device receiving the application data; The wearable smart device returns the result of the application loading to the terminal device and the trusted service management platform.
TW105135983A 2015-11-12 2016-11-04 System and method for dynamically loading an application TWI632506B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510770378.4A CN106709317A (en) 2015-11-12 2015-11-12 Application dynamic loading system and method
??201510770378.4 2015-11-12

Publications (2)

Publication Number Publication Date
TW201719396A TW201719396A (en) 2017-06-01
TWI632506B true TWI632506B (en) 2018-08-11

Family

ID=58694436

Family Applications (1)

Application Number Title Priority Date Filing Date
TW105135983A TWI632506B (en) 2015-11-12 2016-11-04 System and method for dynamically loading an application

Country Status (3)

Country Link
CN (1) CN106709317A (en)
TW (1) TWI632506B (en)
WO (1) WO2017080351A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130002538A1 (en) * 2008-12-22 2013-01-03 Mooring David J Gesture-based user interface for a wearable portable device
US20140300490A1 (en) * 2011-12-23 2014-10-09 The Trustees Of Dartmouth College Wearable computing device for secure control of physiological sensors and medical devices, with secure storage of medical records, and bioimpedance biometric
TWM489622U (en) * 2014-06-20 2014-11-11 Ke Yu-Hao Single hand-wearable physiological signal measurer combined with smart handheld device

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100965151B1 (en) * 2003-05-29 2010-06-23 주식회사 비즈모델라인 System for Transferring Applicationor Data by Using Smart Cardor IC Card
CN101820613B (en) * 2009-02-27 2014-03-19 中兴通讯股份有限公司 Application downloading system and method
CN101789968B (en) * 2010-01-08 2013-06-05 深圳市沟通科技有限公司 Safe enterprise mobile working application delivery method
US20130097659A1 (en) * 2011-10-17 2013-04-18 Mcafee, Inc. System and method for whitelisting applications in a mobile network environment
CN104765627A (en) * 2014-01-07 2015-07-08 联发科技(新加坡)私人有限公司 Smart device, and wearable device and application program installing and uninstalling method thereof
CN103823702B (en) * 2014-03-10 2018-04-27 联想(北京)有限公司 One kind applies installation method and electronic equipment
CN103985036B (en) * 2014-05-09 2017-05-24 杭州晟元数据安全技术股份有限公司 Two-dimension code payment method with biological characteristics
CN104063243A (en) * 2014-06-17 2014-09-24 成都雅鲁科技有限公司 Application store solution applied to intelligent dressing equipment
CN104361304A (en) * 2014-12-03 2015-02-18 东信和平科技股份有限公司 Method and device for downloading application program of smart card
CN104750515A (en) * 2015-03-03 2015-07-01 惠州Tcl移动通信有限公司 Firmware version upgrading method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130002538A1 (en) * 2008-12-22 2013-01-03 Mooring David J Gesture-based user interface for a wearable portable device
US20140300490A1 (en) * 2011-12-23 2014-10-09 The Trustees Of Dartmouth College Wearable computing device for secure control of physiological sensors and medical devices, with secure storage of medical records, and bioimpedance biometric
TWM489622U (en) * 2014-06-20 2014-11-11 Ke Yu-Hao Single hand-wearable physiological signal measurer combined with smart handheld device

Also Published As

Publication number Publication date
WO2017080351A1 (en) 2017-05-18
TW201719396A (en) 2017-06-01
CN106709317A (en) 2017-05-24

Similar Documents

Publication Publication Date Title
US10223096B2 (en) Logging operating system updates of a secure element of an electronic device
US11277394B2 (en) Managing credentials of multiple users on an electronic device
WO2019120091A1 (en) Identity authentication method and system, and computing device
US20180234405A1 (en) Apparatus and method for managing security domains for a universal integrated circuit card
KR102160597B1 (en) Method and apparatus for provisioning profile of embedded universal integrated circuit card
US20180336553A1 (en) Facilitating a fund transfer between user accounts
WO2015135337A1 (en) Method and system for encrypted communications
US20110225421A1 (en) Method of obtaining content for mobile terminal, mobile terminal using the method, and near field communication system having the mobile terminal
JP2023145640A (en) Management of secured transaction between electronic device and service provider
KR20160003992A (en) METHOD AND APPARATUS FOR PROFILE DOWNLOAD FOR eUICC
EP2887607A1 (en) Migration of assets of a trusted execution environment
US11563730B2 (en) Method and electronic device for managing digital keys
US20120124370A1 (en) Portable integrated security storage device and service processing apparatus, and service processing method using the same
US11899946B2 (en) Customer-specific activation of functionality in a semiconductor device
EP3413600B1 (en) Communication device and method of managing profiles
US20140380046A1 (en) Collaborative streaming system for protected media
US20230180007A1 (en) Electronic device and method for electronic device to provide ranging-based service
KR20200079776A (en) Method and apparatus for performing authentication using hardware security module in onem2m environment
US11297488B2 (en) Electronic device in which profile is installed and operating method for electronic device
TWI632506B (en) System and method for dynamically loading an application
CN115208555A (en) Gateway negotiation method, device and storage medium
KR102180481B1 (en) Methods and apparatus for providingbundle information
Kumar et al. Bluetooth
CN117353945A (en) Interconnection collaboration method and electronic equipment
KR20130012693A (en) Method and system for providing mobile application