WO2010000131A1 - Carte intelligente, système de traitement terminal pour prendre en charge un système de services web et procédé de fabrication associé - Google Patents

Carte intelligente, système de traitement terminal pour prendre en charge un système de services web et procédé de fabrication associé Download PDF

Info

Publication number
WO2010000131A1
WO2010000131A1 PCT/CN2009/000726 CN2009000726W WO2010000131A1 WO 2010000131 A1 WO2010000131 A1 WO 2010000131A1 CN 2009000726 W CN2009000726 W CN 2009000726W WO 2010000131 A1 WO2010000131 A1 WO 2010000131A1
Authority
WO
WIPO (PCT)
Prior art keywords
smart card
application
web
web service
terminal
Prior art date
Application number
PCT/CN2009/000726
Other languages
English (en)
Chinese (zh)
Inventor
何朔
孟宏文
胡佳
朱俭秋
Original Assignee
中国银联股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN200810039987A external-priority patent/CN101621494A/zh
Priority claimed from CN2008100399868A external-priority patent/CN101620758B/zh
Application filed by 中国银联股份有限公司 filed Critical 中国银联股份有限公司
Publication of WO2010000131A1 publication Critical patent/WO2010000131A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Definitions

  • the present invention relates to the field of smart card web applications and information security technologies, and in particular, to a smart card including a web server and a terminal for web communication, and an embedded Web server and web browser and implement terminal processing system for web services.
  • Background technique
  • a smart card is a plastic card that contains an embedded integrated circuit (IC) that contains a tiny central processing unit (CPU), read-only memory, read-write memory, and other peripheral circuitry.
  • IC integrated circuit
  • CPU central processing unit
  • the integrated circuit has similar capabilities to a computer, such as: running programs, processing input and output data.
  • CPU central processing unit
  • it is necessary to provide power and other interface devices from the outside.
  • IC card usually referred to as a CPU card
  • the realization of "one card multi-use" is an urgent development direction.
  • the so-called “one card multi-use” means that there are multiple applications on the same smart card, such as e-wallet application, debit Goods applications, rapid transit applications (such as transportation cards for public transport, rental and subway) and social security applications (such as social security cards).
  • the existing IC card operating system generally follows the directory and file mode based on the IS07816 standard, as shown in FIG. Part 1-7 of ISO 7816, as defined by the International Organization for Standardization, specifies a set of standards covering all aspects of the CPU card.
  • ISO7816 includes: physical characteristics, size and contact locations, electronic signals and transmission protocols, inter-industry exchange instructions, application identifiers, inter-industry data elements, and inter-industry SCQL instructions.
  • FIG. 1 shows the storage mechanism of a smart card based on the ISO7816 standard on application data.
  • the CPU card generally includes file types such as a main file MF (Master File), a dedicated file DF (Dedicated File), and a basic data file EF.
  • the card's dedicated file DF and the basic data file EF present a tree structure.
  • the main file MF is the root directory, which is the root of the smart card file system, which is equivalent to the root directory of DOS, and each card has one and only one MF file;
  • the special file DF is equivalent to a subdirectory of DOS, and can be further divided into ADF and DDF, where DDF is the DF containing the subordinate directory, and ADF is the DF that does not contain the subordinate directory.
  • FIG. 2 is a schematic diagram of communication between the terminal operating system and the terminal smart card using the POS terminal as an example in the prior art. Referring to FIG.
  • the terminal operating system 100 includes an application logic unit 104, which is substantially a terminal processing program in the terminal operating system 100, and includes information such as a user's bank card account number and password, an account opening name, and an available balance.
  • the terminal smart card 102 includes security.
  • Information service 106 which is the material basis for the terminal smart card 102 to display the terminal application logic unit 104.
  • the ISO7816/ISO 14443 standard is used for communication between the terminal operating system 100 and the terminal smart card 102. However, it can be known from the communication process described in FIG. 2 that the application development of the terminal smart card is distributed in the smart card and the terminal, and the development cycle is very long.
  • the present invention provides a terminal smart card based on the HTTP protocol for the above-mentioned drawbacks of the terminal smart card application in the prior art. Because it uses the HTTP protocol in Web technology, it is often called WebCard. In view of the above drawbacks of the smart card application in the prior art, the present invention provides a terminal processing system and an implementation method for supporting a Web service. According to an aspect of the present invention, a smart card is provided, wherein the smart card has at least: an application logic unit for saving a phase of a smart card application in a card application container of the smart card Off data information; and
  • a web server configured to store a logic program of the smart card application, to access the application logic unit, where the service provided by the application in the application logic unit and the corresponding web service for the terminal application accept the terminal operation together System request service.
  • the web server includes at least a web service interpretation layer, a web service communication management layer, a web service symptom container, and a web service application programming interface. Further, the web service interpretation layer invokes the web service application container, and sends the corresponding HTML script file in the web service application container to the terminal operating system for logical display through the web service communication management layer.
  • the Web service communication management layer supports the ISO7816/ISO14443 protocol and the HTTP protocol loaded on ISO7816/ISO14443.
  • the web service communication management layer can directly support one of the HTTP protocol, the TCP/IP protocol, the USB protocol, or a combination thereof.
  • the card application container and the web service application container are in different logical storage areas. Specifically, the physical storage carrier of the card application container is typically manufactured by an EEPROM process, and the physical storage carrier of the web service application container is typically manufactured by the FLASH process.
  • the web service application container accesses the application logic unit in one direction through the web service application programming interface.
  • the application logic unit may include an e-wallet application conforming to the regulations of the People's Bank of China, a debit-keeping application conforming to the regulations of the People's Bank of China, a fast traffic application, a social security application, and other industry applications.
  • a terminal processing system in a smart card application has at least one terminal operating system, and a smart card, wherein a web browser is set in the terminal operating system; and the smart card is At least: an application logic unit, configured to save related data information of the smart card application in a card application container of the smart card; and a web server, configured to store a logic program of the smart card application, to access the application logic unit, where The service provided by the application in the application logic unit and the corresponding web service for the terminal application accept the request service of the terminal operating system.
  • the terminal operating system may be a POS or ATM terminal of a financial terminal or a mobile terminal in a wireless communication system.
  • the web service interpretation layer invokes the web service application container, and sends a corresponding HTML script file in the web service application container to the terminal operating system for logical display. And, the terminal operating system logically displays the smart card application through the web browser.
  • an implementation method for supporting a web application service in a terminal processing system includes at least one terminal operating system and a smart card, and the implementation method includes: Setting a web browser; storing an application logic unit in a card application container of the smart card; setting a web server in the smart card; and communicating with the web server by using the web browser to implement a smart card application Web service.
  • the web browser determines whether it is a remote request or a local request according to the received URL request, and when the URL request is a remote request, the web browser communicates with the remote web server; when the URL request is a local request, and When the port number of the local request is sent as the port number of the smart card, communication is established between the web browser and the web server of the smart card. Wherein, when the URL request is a local request, and the port number of the local request is not the port number of the smart card, the other port agent is queried.
  • the web server includes at least a web service interpretation layer, a web service communication management layer, a web service application container, and a web service application programming interface.
  • the web service interpretation layer invokes the web service application container, and sends a corresponding HTML script file in the web service application container to a web browser of the terminal operating system for logical display.
  • the Web application application container accesses the application logic unit through the Web service application programming interface.
  • the smart card, the terminal processing system and the implementation method thereof of the present invention have an application logic unit migrated from the terminal operating system in the smart card, and a web server is built in the smart card, and the terminal operating system is built in the terminal operating system Web browser, so web communication can be performed between the terminal operating system and the smart card, and the terminal operating system only needs to provide logic display and input of the application interface.
  • FIG. 1 shows an architectural diagram of storing application data on a smart card based on the IS07816 standard directory and file mode.
  • FIG. 2 shows a communication between a terminal operating system and a terminal smart card using a POS terminal as an example in the prior art.
  • FIG. 3 is a schematic diagram of communication between a terminal smart card and a terminal operating system based on the HTTP protocol according to the present invention, taking a POS terminal as an example;
  • FIG. 4 shows a web service application container accessing a smart card through a web service application programming interface.
  • FIG. 5 is a flow chart showing the processing of a received URL request by a web browser in a terminal operating system.
  • the POS terminal selects the e-wallet application in the application logic unit through the terminal operating system, and then accesses and retrieves some data in the security information service of the terminal smart card through the interface of ISO7816/ISO 14443 to identify or authenticate the user card. legality.
  • APDU Application Protocol Data Unit
  • the POS terminal plays a very important role, and the terminal smart card only uses its security letter.
  • the structure of the terminal operating system and the terminal smart card in the POS terminal is not difficult to see. All aspects of the development, deployment, operation and maintenance of the smart card application involve the terminal and the smart card. If the terminal is replaced or the smart card supplier is replaced.
  • FIG. 3 is a schematic diagram showing the communication between the terminal smart card based on the HTTP protocol and the terminal operating system according to the present invention, taking the POS terminal as an example.
  • the terminal operating system 20 includes at least a web browser 202
  • the terminal smart card 30 includes at least a security information service 302, a web server 304, and an application logic unit 306.
  • the web browser 202 in the terminal operating system 20 communicates with the web server 304 in the financial smart card 30 through the HTTP protocol or the HOAP (HTTP Over APDU Protocol), and the web server 304 stores the smart card.
  • HTTP protocol HTTP Over APDU Protocol
  • the terminal operating system contains an application logic unit
  • the terminal smart card only contains a security information service.
  • the terminal operating system of the present invention the terminal operating system has a web browser
  • the terminal smart card includes not only a security information service but also a web server and an application logic unit. That is to say, the application logic unit originally in the terminal operating system is "decentralized" to the financial smart card, and the terminal operating system uses the Web browser to access the terminal smart card based on ISO7816/ISO14443 and the HTTP protocol, and the terminal smart card communicates with the Web through the Web server.
  • the browser communicates, when the application logic unit sends to the terminal operating system through the web service communication management layer, on the web browser
  • the web page is displayed in the form of a web page. Therefore, after the web technology is adopted, the web browser and the web server are respectively introduced in the terminal operating system and the terminal smart card to implement the web application of the terminal smart card.
  • the functions of the POS terminal have been greatly weakened, the positioning is more clear, and it is more suitable for service-oriented applications and application functions.
  • the terminal smart card stores the application logic unit and its security information service, and the terminal only needs to provide the application interface display, input and output, and online functions, etc., then the terminal is changed from the core component of the smart card application to having the ordinary browser function.
  • the shell greatly enhances the scalability and portability of the entire application system.
  • 4 shows a schematic diagram of a web service application container accessing a smart card application container through a web service application programming interface.
  • the terminal smart card has an application container of a card, a web service application container, a web service interpretation layer, and an API interface between the application container of the card and the web service application container.
  • the application container of the card is a storage area of the terminal smart card application, which adopts a traditional implementation manner, does not need to be specifically defined, and does not need to be associated with a specific manufacturer's product, and can be accessed through an application interface of a corresponding application specification. Realization, such as social security regulations, labor practices, financial norms, etc.
  • the web service application container is a storage area of an application displayed by the terminal operating system using a web browser, which is substantially a web application corresponding to each application in the application container of the card.
  • These web applications consist of one or more HTML script files.
  • the web service interpretation layer manages and calls these web applications, and displays the called web applications on the web browser of the terminal operating system through ISO7816/ISO 14443 and HTTP protocols.
  • the API interface only supports one-way access operations, that is, the application container of the card cannot use the API interface to access the web service application container.
  • the terminal smart card of the present invention has both an application container of a card and an application container of a web service.
  • the traditional smart card application container is logically in the form of a file system, just like the FAT file system, and provides a service interface (such as an APDU instruction). Since the application container of the card only needs to provide a small amount of data information such as storage of sensitive data and key service, the physical storage carrier is usually an EEPROM (Electrically Erasable Read Only Memory). The EEPROM is a highly secure storage carrier with a capacity of several Kbytes.
  • the Web application implements application logic and contains a large amount of information such as pictures, text, and process scripts, which are not required for security.
  • the application container of the smart card and the application container of the Web service are stored in one chip by using different storage media, and mutual access between them is also limited.
  • the components participating in the communication in the application system include a Web service communication management layer 400, which supports at least ISO7816, ISO 14443, and HTTP protocols; and an application container 402 of the smart card, which is stored in accordance with the People's Bank of China.
  • Standardized e-wallet application debit-keeping application conforming to the People's Bank of China regulations, fast traffic application, social security application and other industry applications; API interface 404 of Web server; Web service application container 406, corresponding to e-wallet application An HTML script file, an HTML script file corresponding to the debit application, an HTML script file corresponding to the fast traffic application, an HTML script file corresponding to the social security application, and the like; and a Web service interpretation layer 408.
  • the web browser is used by the web browser.
  • the request communicates with the web server in the terminal smart card, and the web service interpretation layer 408 receives the URL request from the web browser and performs corresponding processing.
  • the web service application container 406 accesses the fast traffic application logic located in the smart card's application container 402 via the web server's API interface 404, and the return code from the smart card's application container 402 is directly returned or translated into a standard HTML response code.
  • FIG. 5 is a flow chart showing the processing of a received URL request by a web browser in a terminal operating system.
  • the processing method includes: Step 500: Receive a URL request.
  • the web browser in the terminal operating system receives the URL request;
  • Step 502 The web browser determines whether the URL request is a remote request or a local request by determining a host address of the received URL. If the URL request is a remote request, then web browsing The device requests to communicate with the remote web server, go to step 510; Step 504, if the URL request is a local request, determine whether the port number of the local request is the port number of the terminal smart card, and if yes, go to step 506; If not, go to step 508; Step 506, request to communicate with the terminal smart card; Step 508, determine that the port number for sending the local request is not from the financial smart card, query other port agents; and Step 512, in the Web browser Establishing communication with the web server.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Cash Registers Or Receiving Machines (AREA)

Abstract

La présente invention concerne une carte intelligente (30), un système de traitement terminal et un procédé de fabrication associé. La carte intelligente (30) comprend un module logique d'application (306) qui contient les informations de données correspondantes, et un serveur Web (304) qui contient le programme logique pour l'application de carte intelligente et accède au module logique d'application (306). Le système de traitement à terminal comprend au moins un système d’exploitation de terminal (20) et une carte intelligente (30). Le système d’exploitation de terminal (20) paramètre un navigateur Web (202), utilise le navigateur Web (202) et le serveur Web (304) pour communiquer afin de réaliser le service Web pour l'application de carte intelligente (30). Comme le système de traitement terminal comprend le navigateur Web (202) et le serveur Web (304), il peut exécuter une communication Web entre le système d’exploitation terminal (20) et la carte intelligente (30), et le système d’exploitation de terminal (20) fournit uniquement un affichage logique d'une interface d'application, une fonction d'entrée et de sortie et une fonction en ligne, etc. La présente invention améliore considérablement la capacité d'extension et la portabilité du système de traitement terminal tout entier de même qu'elle améliore la sécurité, l'ouverture et la maintenabilité du système.
PCT/CN2009/000726 2008-07-01 2009-06-30 Carte intelligente, système de traitement terminal pour prendre en charge un système de services web et procédé de fabrication associé WO2010000131A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN200810039987A CN101621494A (zh) 2008-07-01 2008-07-01 一种支持Web服务的终端处理系统及实现方法
CN200810039987.2 2008-07-01
CN2008100399868A CN101620758B (zh) 2008-07-01 2008-07-01 一种支持Web服务的智能卡
CN200810039986.8 2008-07-01

Publications (1)

Publication Number Publication Date
WO2010000131A1 true WO2010000131A1 (fr) 2010-01-07

Family

ID=41465468

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/000726 WO2010000131A1 (fr) 2008-07-01 2009-06-30 Carte intelligente, système de traitement terminal pour prendre en charge un système de services web et procédé de fabrication associé

Country Status (1)

Country Link
WO (1) WO2010000131A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102420838A (zh) * 2010-09-27 2012-04-18 上海拉扎斯信息科技有限公司 一种可以通过Web访问销售终端设备的系统
CN110320879A (zh) * 2019-07-23 2019-10-11 上海一芯智能科技有限公司 智能卡生产线控制系统以及方法
US12020202B2 (en) 2021-12-01 2024-06-25 T-Mobile Usa, Inc. Smart container and orchestration engine configured to dynamically adapt multi-carrier transport processes

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1742462A (zh) * 2003-02-21 2006-03-01 意大利电信股份公司 使用智能卡管理网络接入设备的方法和系统
CN100375478C (zh) * 1999-10-28 2008-03-12 Cp8技术公司 用于经由互联网类型的网络与一个服务器通信的带有智能卡阅读器的安全终端

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100375478C (zh) * 1999-10-28 2008-03-12 Cp8技术公司 用于经由互联网类型的网络与一个服务器通信的带有智能卡阅读器的安全终端
CN1742462A (zh) * 2003-02-21 2006-03-01 意大利电信股份公司 使用智能卡管理网络接入设备的方法和系统

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102420838A (zh) * 2010-09-27 2012-04-18 上海拉扎斯信息科技有限公司 一种可以通过Web访问销售终端设备的系统
CN110320879A (zh) * 2019-07-23 2019-10-11 上海一芯智能科技有限公司 智能卡生产线控制系统以及方法
US12020202B2 (en) 2021-12-01 2024-06-25 T-Mobile Usa, Inc. Smart container and orchestration engine configured to dynamically adapt multi-carrier transport processes

Similar Documents

Publication Publication Date Title
US7191288B2 (en) Method and apparatus for providing an application on a smart card
US20230252449A1 (en) Systems, Methods, and Computer Program Products for Providing a Contactless Protocol
US7374099B2 (en) Method and apparatus for processing an application identifier from a smart card
US7140549B2 (en) Method and apparatus for selecting a desired application on a smart card
US7165727B2 (en) Method and apparatus for installing an application onto a smart card
US6808111B2 (en) Terminal software architecture for use with smart cards
US8942672B2 (en) Mobile integrated distribution and transaction system and method for NFC services, and a mobile electronic device thereof
US20150095224A1 (en) Customised Interaction With Computer Equipment
BRPI0915117B1 (pt) Método de acessar um aplicativo em um dispositivo de comunicação móvel, dispositivo de comunicação móvel,prestador de serviços e sistema
CN101620758B (zh) 一种支持Web服务的智能卡
CN105243407A (zh) 读写智能卡的方法及装置
EP1575005B1 (fr) Procédé et dispositif pour le traitement d'un identificateur d'application issu d' une carte à puce
WO2012037791A1 (fr) Procédé, dispositif et système permettant d'afficher des informations sur une application d'identification par radiofréquence
JP7325423B2 (ja) トラステッドサービスマネージメントのための方法および装置
CN103236003A (zh) 电子钱包支付方法及电子钱包支付装置
WO2010000131A1 (fr) Carte intelligente, système de traitement terminal pour prendre en charge un système de services web et procédé de fabrication associé
CN110866240A (zh) 智能密码钥匙调用方法和系统
CN102546721B (zh) 物理智能卡及在其中进行虚拟智能卡通讯的方法
CN101621494A (zh) 一种支持Web服务的终端处理系统及实现方法
CN102567752B (zh) 虚拟智能卡的可视化方法
US8484237B2 (en) Terminal, web application operating method and program
CN101122940A (zh) 一种usbkey集成方法及装置
WO2018165950A1 (fr) Procédé et dispositif de mise en œuvre d'emv
KR100971126B1 (ko) 카드 운영 시스템
CN115866125A (zh) Sim卡刷卡弹屏方法、系统及存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09771901

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09771901

Country of ref document: EP

Kind code of ref document: A1