WO2010096991A1 - An application downloading system and method - Google Patents

An application downloading system and method Download PDF

Info

Publication number
WO2010096991A1
WO2010096991A1 PCT/CN2009/075443 CN2009075443W WO2010096991A1 WO 2010096991 A1 WO2010096991 A1 WO 2010096991A1 CN 2009075443 W CN2009075443 W CN 2009075443W WO 2010096991 A1 WO2010096991 A1 WO 2010096991A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
management platform
smart card
card
service terminal
Prior art date
Application number
PCT/CN2009/075443
Other languages
French (fr)
Chinese (zh)
Inventor
贾倩
马景旺
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2010096991A1 publication Critical patent/WO2010096991A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks

Definitions

  • the present invention relates to the field of communications, and in particular, to an implementation scheme for electronic payment of a mobile terminal, and specifically relates to a system and method for downloading an application.
  • NFC Near Field Communication
  • RFID Radio Frequency Identification
  • interconnection technology After integrating NFC technology, mobile communication terminals such as mobile phones can simulate contactless IC cards for related applications of electronic payment. The application of mobile phones in the field of electronic payment will further expand the use of mobile phones, bring convenience to people's lives, and have broad application prospects.
  • an electronic payment application is placed in a smart card, and the card manufacturer usually presets the application on the card when the card is shipped. Multiple electronic payment applications can be installed on the smart card.
  • the smart card uses the Global Platform Card Specification V2.1/V2.2 specification, and the smart card is divided into several independent security domains to ensure the isolation and independence of multiple applications.
  • the Issuer Security Domain also known as the Issuer Security Domain, is the card's primary, mandatory card representative that contains secure domain secrets for supporting secure channel protocol operations and card content management. key.
  • the Supplementary Security Domain is an additional, optional card representative of the application provider or card issuer or their agent, hosting applications managed by the application provider and managing the application provider's card issuer.
  • Application the control party of the security domain can operate and maintain the stored applications, such as downloading new applications, applying upgrades and deleting.
  • the technical problem to be solved by the present invention is to propose a system and method for application downloading, which can conveniently and quickly perform application downloading.
  • the present invention provides a method for downloading an application, the method comprising:
  • the card external entity management platform receives the application download request sent by the service terminal, selects the security domain responsible for the application download on the smart card through the service terminal, establishes a secure channel with the smart card, and downloads the application to the smart card based on the secure channel.
  • the service terminal is a card issuer service terminal; or the card external entity management platform is an application provider management platform, and the service terminal is an application provider service terminal.
  • the method is:
  • the card issuer management platform receives an application download request from the card issuer business terminal.
  • the application provider management platform selects the slave security domain on the smart card responsible for the application download, establishes a secure channel through the card issuer management platform and the card issuer service terminal and the smart card, and downloads the application to the smart card based on the secure channel.
  • the application download request carries smart card feature information
  • the method further includes:
  • the method before the step of the card external entity management platform receiving the application download request sent by the service terminal, the method further includes:
  • the service terminal sends a command to read the smart card feature information to the smart card, and the smart card encapsulates the feature information in a response message for reading the smart card feature information command and sends the message to the service terminal.
  • the step of establishing a secure channel between the card issuer management platform or the application provider management platform and the smart card includes: performing identity authentication between the service terminal and the smart card to establish a secure channel, where
  • the predetermined secure channel protocol is based on a symmetric key or an asymmetric key mechanism.
  • the method before the step of downloading the application to the smart card by the external channel management platform, the method further includes: a predetermined command.
  • the steps for the station to send a predetermined command to the smart card include:
  • the smart card strips out the predetermined command from the transmitted data to perform the corresponding operation according to the predetermined command.
  • the method further includes:
  • the smart card encapsulates the response to the predetermined command according to the predetermined data format and sends it through the service terminal.
  • the method when the predetermined command is an application download command, the smart card is stripped After the step of the predetermined command, the method further includes:
  • the smart card parses the predetermined command to perform an application download.
  • the method before the step of sending the predetermined command by the application provider card hosted by the card issuer, the method further includes: a token key sent by the publisher management platform, and then the application The provider management platform generates a predetermined command including a load token for transmission to the smart card through the card issuer management platform and the card issuer service terminal.
  • the step of the service terminal selecting the security domain on the smart card responsible for the application download includes:
  • the card issuer management platform selects the primary security domain on the smart card, or,
  • the card issuer management platform creates a slave security domain for the application and selects the slave security domain;
  • the steps of the service terminal selecting a security domain on the smart card responsible for the application download include:
  • the card issuer management platform selects the primary security domain, establishes a secure channel with the smart card, and creates a slave security domain, generates a slave security domain initial key, and sends the slave security domain initial key to the application provider management platform. ; as well as
  • the application provider management platform selects the slave security domain responsible for the application download and updates the slave security domain key based on the secure channel;
  • the application provider management platform selects the slave security domain responsible for the application download and updates the slave security domain key based on the secure channel.
  • the invention also provides a system for application downloading, which comprises an out-of-card entity management platform and a business end End and smart card; among them,
  • the card external entity management platform is configured to: receive an application download request sent by the service terminal, and select a security domain on the smart card that is responsible for the application download through the service terminal, and after establishing a secure channel with the smart card, apply the application based on the secure channel Download to smart card;
  • the service terminal is configured to: send an application download request to an off-card entity management platform, and transparently transmit data between the card external entity management platform and the smart card;
  • the smart card is configured to: establish a secure channel through the service terminal and the card external entity management platform, and complete an application download operation through the secure channel.
  • the service terminal is a card issuer service terminal, or
  • the system when the provider service terminal, the system further includes a card issuer management platform;
  • the application provider management platform further includes:
  • An application module configured to: send a request to create a security domain from a card issuer management platform when a secondary security domain is not created for the application;
  • a receiving module configured to: receive a slave security domain initial key sent by the card issuer management platform;
  • the card issuer management platform also includes:
  • the creation and delivery module is configured to: receive a request from the security domain to be sent by the application provider management platform, create a slave security domain, generate a slave domain from the security domain, and send the initial key from the security domain to the application provider management platform.
  • the card issuer management platform is configured to: receive an application from a card issuer service terminal Download request
  • the application provider management platform is configured to: select a slave security zone, establish a secure channel with the smart card through the card issuer management platform and the card issuer service terminal, and download the application to the smart card based on the secure channel.
  • the card issuer management platform further includes a create and send module, and the create and send module is configured to:
  • the slave domain is created from the security domain, and the initial key is generated from the security domain and sent from the secure domain initial key to the application provider management platform;
  • the application provider management platform also includes a receiving module configured to receive a secure domain initial key transmitted from a card issuer management platform.
  • the application provider management platform further includes an update module, and the update module is configured to update the slave security domain key corresponding to the application.
  • the station also includes:
  • Generating a module which is configured to generate a predetermined command
  • a packaging module configured to encapsulate the predetermined command according to a predetermined data format
  • a sending module configured to send the predetermined command to the smart card through the service terminal
  • the smart card further includes:
  • the execution module is configured to: after receiving the predetermined command, parse the predetermined command and perform the corresponding operation. Further, in the above system,
  • the application provider management platform further includes: a token application module, configured to: apply for a token to the card issuer management platform, and receive a token key sent by the card issuer management platform;
  • the card issuer management platform also includes:
  • the token sending module is configured to: after receiving the token application of the application provider management platform, send the token key to the application provider management platform.
  • the application provider management platform further includes:
  • Generating a module the setting is: generating a predetermined command including a load token;
  • a package module configured to: package the predetermined command in a predetermined data format
  • a sending module configured to: send a predetermined command to the smart card through the card issuer management platform and the card issuer service terminal;
  • the smart card further includes:
  • the execution module is configured to: after receiving the predetermined command, parse the predetermined command and perform the corresponding operation. Further, in the above system,
  • the service terminal further includes a feature information reading module, and the feature information reading module is configured to send a smart card feature information command to the smart card;
  • the smart card further includes a feature information sending module, and the feature information sending module is configured to send the feature information to the service terminal in a response message for reading the smart card feature information command.
  • the application download request carries the smart card feature information
  • the acquiring module is configured to acquire the smart card feature information in the application download request
  • a judging module configured to determine, according to the smart card feature information, whether to allow downloading the application
  • the selection module is set to: When the judgment result of the determination module is yes, the security terminal responsible for the application download on the smart card is selected by the service terminal.
  • the station also includes certification and building modules.
  • the authentication and establishing module is configured to: establish a secure channel by using a service terminal and a smart card for identity authentication according to a predetermined secure channel protocol, where
  • the predetermined secure channel protocol is based on a symmetric key or an asymmetric key mechanism.
  • the invention has the beneficial effects that the application downloading system and method proposed by the invention can conveniently download the application to the smart card, thereby improving the user experience.
  • Figure 1 is a system block diagram of an application download of the present invention
  • FIG. 2 is a flow chart of a method for downloading an application of the present invention
  • FIG. 3 is a detailed signaling flow diagram of a card issuer's own application download and installation in accordance with an embodiment of the present invention. and a detailed signaling flow diagram of the installation;
  • FIG. 5 is a detailed signaling flow diagram of application download and installation autonomously controlled by an application provider in accordance with an embodiment of the present invention. Preferred embodiment of the invention
  • a system for application downloading is provided.
  • 1 is a system block diagram of an application download in accordance with the present invention.
  • a card issuer management platform 10 an application provider management platform 12 (a plurality of application provider management platforms may exist in the system), a card issuer service terminal 14, an application provider service terminal 16, and a smart card 18 are included.
  • the following describes the application download system in detail.
  • the card issuer management platform 10 is responsible for card issuance and management, and manages card resources and lifecycles, keys, certificates, and applications. And receiving a smart card application download request sent by the corresponding service terminal 14 in a predetermined data format, and selecting a security domain through the service terminal 14, performing identity authentication with the smart card 18, establishing a secure channel, and downloading the application to the smart card through the secure channel. 18; further, for creating a slave security domain and generating a slave security domain initial key, sending the security domain initial key to the application provider management platform 12; further, for receiving the application provider management platform 12 After the token application, the token key is sent to the application provider management platform 12.
  • the application provider management platform 12 is configured to receive a smart card application download request sent by the corresponding service terminal 16 in a predetermined data format, and send a request from the security issue domain to the card issuer management platform 10, at the slave card issuer management platform 10 After obtaining the initial key from the security domain, select the security domain, authenticate with the smart card 18, establish a secure channel, update the security domain key, and download the application to the smart card 18 through the secure channel.
  • the application provider management platform 12 is also used to apply for a token (Token) to the card issuer management platform 10, and generate a predetermined command including a Load Token, through the card.
  • the publisher management platform 10 and its service terminal 14 establish a secure channel with the smart card 18 to download the application to the smart card 18.
  • a card issuer service terminal or an application provider service terminal is called a service terminal.
  • the card issuer service terminal 14 is configured to send an application download request to the card issuer management platform 10, and transparently transmit data between the card issuer management platform 10 and the smart card 18, wherein the application download request carries the characteristics of the smart card
  • the information further includes a feature information reading module, configured to send a read smart card feature information command to the smart card 18.
  • the application provider service terminal 16 is configured to send an application download request to the application provider management platform 12, and transparently transmit data between the application provider management platform 12 and the smart card 18, wherein the application download request carries the characteristics of the smart card.
  • the information further includes a feature information reading module, configured to send a read smart card feature information command to the smart card 18.
  • the smart card 18 is configured to perform identity authentication with the card issuer management platform 10 or the application provider management platform 12 through the service terminal 14 or 16, establish a secure channel, and complete an application download operation through a secure channel; further includes a feature information sending module, And transmitting to the service terminal 14 or 16 in response to the read smart card feature information command and encapsulating its feature information in a response message for reading the smart card feature information command.
  • the above smart card refers to an IC chip or a smart card conforming to the Global Platform Card Specification V2.1.1/V2.2 specification, and may be a SIM/USIM card, a pluggable smart memory card or an IC chip integrated on the mobile terminal in physical form. .
  • the card issuer management platform 10 and the application provider management platform 12 are connected by a dedicated line or a network, and the two parties pre-agreed the connection mode and the data communication protocol.
  • the application provider management platform 12 and the application provider service terminal 16 may pass through a dedicated line and an internal service terminal thereof.
  • the management system is interconnected.
  • the service terminal 14/16 transparently transmits information such as data and keys exchanged between the management platform 10/12 and the smart card 18.
  • the service terminal is configured with a smart card reading and writing device, and communicates with the smart card through the smart card reading and writing device.
  • the smart card reading and writing device can be a contactless reader or a contact smart card reader.
  • the contactless reader/writer When the contactless reader/writer is used, the smart card is placed in the mobile terminal, and the service terminal communicates with the smart card through the mobile terminal using the near field communication protocol; when the contact smart card reader is used, the service terminal directly through the smart card reader Communicate with a smart card.
  • the above card issuer management platform 10 further includes:
  • An obtaining module configured to acquire feature information of the smart card 18 in the application download request
  • a determining module configured to determine, according to the feature information of the smart card 18, whether the download is allowed
  • the selection module is configured to select the security domain by the card issuing business terminal 14 if the judgment module determines that the result is YES.
  • the card issuer management platform 10 further includes: a creating and sending module, configured to create a slave security domain when receiving a request from a security domain for the application provider management platform or when determining that a slave domain is not created for the application, Generate and send an initial key from the secure domain to the application provider management platform;
  • the card issuer management platform 10 further includes: an authentication and establishment module, configured to perform identity authentication with the smart card 18 according to a predetermined secure channel protocol, and establish a secure channel.
  • an authentication and establishment module configured to perform identity authentication with the smart card 18 according to a predetermined secure channel protocol, and establish a secure channel.
  • the above card issuer management platform 10 further includes:
  • a generating module configured to generate a predetermined command
  • a packaging module configured to package the predetermined command in a predetermined data format
  • a sending module configured to send a predetermined command to the smart card through the card issuer service terminal 14
  • the application provider management platform 12 further includes: An obtaining module, configured to acquire feature information of the smart card 18 in the application download request;
  • a determining module configured to determine, according to the feature information of the smart card 18, whether the download is allowed
  • the selection module is configured to select, by the service terminal, the smart card to be responsible for the downloaded security domain when the judgment module determines that it is YES.
  • the above application provider management platform 12 further includes:
  • An application module configured to send a request to create a security domain from the card issuer management platform 10 when the slave security domain is not created for the application;
  • the receiving module is configured to receive the slave security domain initial key sent by the card issuer management platform, and the update module is configured to update the slave security domain key corresponding to the application, and update the security domain initial key to the master key.
  • the application provider management platform 12 further includes: an authentication and establishment module, configured to perform identity authentication with the smart card 18 according to a predetermined secure channel protocol, and establish a secure channel.
  • an authentication and establishment module configured to perform identity authentication with the smart card 18 according to a predetermined secure channel protocol, and establish a secure channel.
  • the above application provider management platform 12 further includes:
  • a token application module configured to apply for a token to the card issuer management platform, and receive a token key sent by the card issuer management platform;
  • the card issuer management platform 10 further includes: a token sending module, configured to send a token key to the application provider management platform after receiving the token application of the application provider management platform.
  • the above application provider management platform 12 further includes:
  • a generating module configured to generate a predetermined command, or used to generate a predetermined command including a loading token
  • a packaging module configured to encapsulate the predetermined command in a predetermined data format
  • the sending module is configured to send the predetermined command to the smart card through the service terminal 16 or through the card issuer management platform 10 and its service terminal 14.
  • the smart card 18 above further includes:
  • the execution module is configured to parse the predetermined command and perform the corresponding operation after receiving the predetermined command.
  • the application download command is received, the application download is performed.
  • FIG. 2 is a flowchart of an application downloading method according to an embodiment of the present invention. As shown in FIG. 2, the following processing is included:
  • Step S201 After receiving the application download request sent by the corresponding service terminal, the card issuer management platform or the application provider management platform selects a security domain that is responsible for the application download on the smart card through the service terminal, and performs identity authentication with the smart card. Establish a safe passage;
  • the user carries the smart card to the business outlet of the card issuer or the application provider to download the application through the service terminal.
  • the application download through the service terminal includes the following processing:
  • the service terminal sends a command to read the smart card feature information to the smart card, and the smart card feature information refers to information that can identify the smart card, for example, an ICCID (International Circuit Card Identity);
  • the smart card In response to the command to read the smart card feature information, the smart card encapsulates its feature information in a response message for reading the smart card feature information command and sends it to the service terminal;
  • the service terminal sends an application download request to the card issuer management platform or the application provider management platform, wherein the application download request carries the feature information of the smart card; and determines whether the download is allowed according to the feature information; Select the security domain responsible for the app download.
  • the application can be divided into a card issuer's own application, an application provider's application hosted by the card issuer, and an application-controlled application.
  • the card issuer can set a certain authority for the application provider according to the size of the application provider, and for the smaller application provider, the card issuer's authorization (for example, a token) is required to access the security domain.
  • the card issuer management platform may select the primary security domain, or may create a secondary security domain for the corresponding application download, which is determined by the card issuer. .
  • the card issuer management platform needs to first select the primary security domain, establish a secure channel with the smart card, create a slave security domain, generate a slave domain security key, and put the slave security domain.
  • the initial key is sent to the application provider management platform; the application provider management platform selects the corresponding slave security domain, establishes a secure channel with the smart card, and updates the slave security domain key;
  • the application provider management platform selects the corresponding slave security domain, establishes a secure channel with the smart card, and updates the slave security domain key;
  • the corresponding slave security domain needs to have Delegated Management Privilege.
  • step S201 the specific process of performing identity authentication and establishing a secure channel between the card issuer management platform or the application provider management platform and the smart card is:
  • the card issuer management platform or the application provider management platform passes the predetermined secure channel protocol.
  • the service terminal and the smart card perform identity authentication and establish a secure channel.
  • the predetermined secure channel protocol can be based on a symmetric key or an asymmetric key mechanism.
  • the application is downloaded to the smart card, and the specific processing is:
  • the download command is sent to the smart card through the service terminal.
  • the card issuer management platform For the download of the card issuer's own application, the card issuer management platform generates a predetermined command and sends it to the smart card through the card issuer service terminal; for the download of the application controlled by the application provider, the application provider management platform generates the reservation. The command is sent to the smart card through the application provider service terminal; for the application download of the application provider hosted by the card issuer, the application provider management platform needs to apply for a token to the card issuer management platform before generating the predetermined command. Download and install, after receiving the token key from the card issuer management platform, generate a predetermined command (for example, application download command and application installation command) containing the load token Load Token.
  • a predetermined command for example, application download command and application installation command
  • the token is specifically associated with the hosted application, which is generated by the card issuer and is evidence that the card issuer authorizes the management of the card content.
  • the application provider can only download new applications to the smart card if authorized by the card issuer.
  • the smart card executes the application download and sends the card to the card through the service terminal.
  • an application installation command is sent to the smart card to install the application.
  • the application install command invokes the application register() on the smart card, registers the payment application instance with the Java Card Runtime Environment (JCRE), and assigns the corresponding application instance AID to the payment application ( Application IDentifer, application ID).
  • JCRE Java Card Runtime Environment
  • Application IDentifer application ID
  • the smart card can feed back the installation results.
  • Send predetermined commands to the smart card including selecting a security domain, establishing a secure channel and applying download commands, applying installation commands, etc.
  • the smart card feeds the command response to the card through the service terminal.
  • the service terminal sends the smart card; the smart card strips the command from the sent data and executes according to the command.
  • the application provider management platform strips out the response of the command from the received data.
  • the predetermined command is an application download command
  • the smart card performs an application download.
  • FIG. 3 is a detailed signaling flowchart of a card issuer's own application downloading and installing according to an embodiment of the present invention. As shown in FIG. 3, the following processing is included. : Step 301: The card issuer service terminal of the card issuer network sends a command to read the smart card feature information to the smart card.
  • Step 302 After receiving the command to read the smart card feature information, the smart card encapsulates its own feature information in the read smart card feature information response, and then sends the message to the card issuer service terminal.
  • Step 303 The card issuer service terminal sends an application download request to the card issuer management platform.
  • the requested data needs to include the feature information of the smart card, so that the card issuer management platform can know the smart card that needs to be downloaded by the application.
  • Step 304 After receiving the application download request, the card issuer management platform determines whether the applied smart card is allowed to perform the application download; if not, rejects the application download; if yes, selects the primary security domain, and the card issuer management platform selects the smart card primary security
  • the selection of the domain SELECT command fills the AID of the primary security domain, encapsulates it according to the predetermined data format, and sends it to the card issuer service terminal; the card issuer service terminal sends the smart card to the smart card according to the predetermined data format.
  • the smart card strips the SELECT command from the received data and selects the primary security domain according to the command. After executing the command, the smart card sends the SELECT response data to the card issuer service terminal in a predetermined data format, and the card issuer service terminal transmits the data to the card issuer management platform.
  • Step 305 The card issuer management platform establishes a secure channel by using a card issuer service terminal and the smart card according to a predetermined protocol for identity authentication. A series of commands and responses that establish a secure channel are delivered in the same way as the SELECT command above.
  • Step 306 after the establishment of the secure channel is completed, the card issuer management platform generates an application download command INSTALL[for load] ([for download]), which is sent to the smart card by the card issuer service terminal, and may include multiple pieces according to the application file size.
  • INSTALL[for load] command After the smart card is completed, the download result is returned to the card issuer management platform through the card issuer business terminal. Commands and responses are passed in the same way as the SELECT command above.
  • Step 307 the card issuer management platform generates an application installation command INSTALL[for install] [for installation], and sends the card to the smart card through the card issuer service terminal.
  • the installation result is returned to the card issuer management platform through the card issuer business terminal. Commands and responses are passed in the same way as the SELECT command above.
  • the detailed signaling flow diagram of the installation includes the following processing:
  • Step 401 The card issuer service terminal of the card issuer network sends a command to read the smart card feature information to the smart card.
  • Step 402 After receiving the smart card feature information command, the smart card encapsulates its own feature information in the read smart card feature information response, and then sends the smart card feature information response to the card issuer service terminal.
  • Step 403 The card issuer service terminal sends an application download request to the card issuer management platform.
  • the requested data needs to include the feature information of the smart card, so that the card issuer management platform can know the smart card that needs to be downloaded by the application.
  • Step 404 After receiving the application download request, the card issuer management platform determines whether the applied smart card is allowed to be applied for downloading; if yes, the following operations are continued, otherwise the application download is rejected. If the slave security domain has been created for the application, the card issuer management platform notifies the application provider management platform of the application to be downloaded by the user, and then proceeds to step 406. Otherwise, the card issuer management platform selects the primary security domain and interacts with the smart card. Establish a secure channel, create an initial key from the security domain, and generate it from the security domain.
  • Step 405 The card issuer management platform sends the slave security initial key to the application provider management platform.
  • Step 406 The application provider management platform selects a secure channel between the security domain and the smart card, and then updates the security domain key.
  • Step 407 The application provider management platform applies a token (Token) to the card issuer management platform for application download and installation.
  • Token a token
  • Step 408 The card issuer management platform sends the publisher Token key to the application provider management platform.
  • Step 409 The application provider management platform generates an application download command INSTALL[for load] ([for downloading]) containing the load token Load Token according to the information such as the publisher Token, and the card issuer management platform and the card issuer service terminal.
  • Send to smart card depending on the size of the application file, may contain multiple INSTALL[for load] commands.
  • the application download is performed.
  • the download result is returned to the application provider management platform by the card issuer management platform and the card issuer service terminal.
  • Step 410 The application provider management platform generates an application installation command INSTALL[for install] ([installation]) including a load Token according to the information such as the publisher Token, and sends the smart card to the smart card through the card issuer management platform and the card issuer service terminal. . After the smart card is installed, the installation result is returned to the application provider management platform through the card issuer management platform and the card issuer service terminal. If it includes application status, resource occupancy, version status, and so on. The command and response are delivered in a similar manner to the SELCET command in the embodiment of Figure 3.
  • FIG. 5 is a detailed signaling flowchart of an application download and installation autonomously controlled by an application provider according to an embodiment of the present invention. As shown in FIG. 5, the following processing is included:
  • Step 501 The application provider service terminal of the application provider network sends a command to read the smart card feature information to the smart card.
  • Step 502 After receiving the smart card feature information command, the smart card encapsulates its own feature information in the read smart card feature information response, and then sends the smart card feature information response to the application provider service terminal.
  • Step 503 The application provider service terminal sends an application download request to the application provider management platform.
  • the requested data needs to include the feature information of the smart card, so that the application provider management platform can know the smart card that needs to be downloaded by the application.
  • Step 504 After receiving the application download request, the application provider management platform determines whether the applied smart card is allowed to be applied for downloading; if yes, the following operations are continued, otherwise the application download is rejected. If the secondary security zone has been created for the application, then step 506 is entered, otherwise, the secure domain creation request is sent to the card issuer management platform, and the process proceeds to step 505.
  • Step 505 After receiving the application for creating a security domain from the application provider management platform, the card issuer management platform determines that the secondary security domain is not created for the application, and selects the primary security domain, and establishes mutual authentication and establishes a secure channel with the smart card. Create an initial key from the security domain that is generated from the security domain.
  • Step 506 the card issuer management platform sends the slave security initial key to the application provider management platform.
  • Step 507 The application provider management platform selects a secure channel between the security domain and the smart card, and then updates the security domain key.
  • Step 508 the application provider management platform generates an application download command INSTALL[for load] ([for downloading]), and sends the smart card to the smart card through the application provider service terminal, and may include multiple INSTALL[for load] commands according to the application file size. .
  • the application After the smart card completes the download, the application provides the business terminal to return the download result to the application provider management platform.
  • Step 509 the application provider management platform generates an application installation command INSTALL[for install]
  • the command and response are delivered in a similar manner to the SELCET command in the Figure 3 embodiment.
  • the application can be conveniently downloaded to the smart card according to the management platform to which the application belongs and the security domain control party, thereby improving the user experience.

Abstract

An application downloading method is provided by the invention and implemented based on an application downloading system which includes a management platform for entities outside the card, a service terminal and an intelligent card. After receiving an application downloading request from the service terminal, the management platform for entities outside the card selects the safety domain with responsibility for the application downloading on the intelligent card via the service terminal, establishes a safe tunnel with the intelligent card, and downloads the application to the intelligent card based on the safe tunnel. By the application downloading system and method provided by the invention, the application could be downloaded to the intelligent card conveniently, and the user’s experience could be improved.

Description

一种应用下载的系统和方法  System and method for application downloading
技术领域 Technical field
本发明涉及通信领域, 特别涉及移动终端电子支付的实现方案, 具体涉 及一种应用下载的系统和方法。  The present invention relates to the field of communications, and in particular, to an implementation scheme for electronic payment of a mobile terminal, and specifically relates to a system and method for downloading an application.
背景技术 Background technique
近场通信技术(Near Field Communication, NFC )是工作于 13.56MHz的 一种近距离无线通信技术, 由 RFID ( Radio Frequency Identification, 射频识 别)技术及互连技术融合演变而来。 手机等移动通信终端集成 NFC技术后, 可以模拟非接触式 IC卡, 用于电子支付的有关应用。 手机应用于电子支付领 域, 会进一步扩大手机的使用范围, 给人们的生活带来便捷, 存在着广阔的 应用前景。  Near Field Communication (NFC) is a short-range wireless communication technology operating at 13.56MHz. It is a fusion of RFID (Radio Frequency Identification) technology and interconnection technology. After integrating NFC technology, mobile communication terminals such as mobile phones can simulate contactless IC cards for related applications of electronic payment. The application of mobile phones in the field of electronic payment will further expand the use of mobile phones, bring convenience to people's lives, and have broad application prospects.
在相关技术中, 电子支付应用被放置在智能卡中, 通常在卡片出厂时由 卡商将应用预置在卡片上。 在智能卡上可以安装多个电子支付应用。 为了实 现支付应用的安全, 智能卡釆用 Global Platform Card Specification V2.1/V2.2 规范, 智能卡被分隔为若干个独立的安全域, 以保证多个应用相互之间的隔 离以及独立性。  In the related art, an electronic payment application is placed in a smart card, and the card manufacturer usually presets the application on the card when the card is shipped. Multiple electronic payment applications can be installed on the smart card. In order to achieve the security of the payment application, the smart card uses the Global Platform Card Specification V2.1/V2.2 specification, and the smart card is divided into several independent security domains to ensure the isolation and independence of multiple applications.
主安全域( Issuer Security Domain, ISD ) , 又称为发行者安全域, 是卡 片发行商的主要的、 强制的卡上代表, 它包含用于支持安全通道协议运作以 及卡内容管理的安全域密钥。  The Issuer Security Domain (ISD), also known as the Issuer Security Domain, is the card's primary, mandatory card representative that contains secure domain secrets for supporting secure channel protocol operations and card content management. key.
从安全域(Supplementary Security Domain, SSD )是应用提供商或者卡 片发行商或者他们的代理的附加的、 可选的卡上代表, 存放应用提供商自主 管理的应用以及应用提供商委托卡片发行商管理的应用, 该安全域的控制方 可以对存放的应用进行操作和维护, 如下载新应用、 应用升级和删除。  The Supplementary Security Domain (SSD) is an additional, optional card representative of the application provider or card issuer or their agent, hosting applications managed by the application provider and managing the application provider's card issuer. Application, the control party of the security domain can operate and maintain the stored applications, such as downloading new applications, applying upgrades and deleting.
现有技术中, 对于电子支付应用下载没有提出具体的方案, 因此, 急需 一种能够方便快速的进行应用下载的技术方案。 发明内容 In the prior art, no specific solution is proposed for the electronic payment application downloading. Therefore, there is an urgent need for a technical solution that can conveniently and quickly perform application downloading. Summary of the invention
本发明要解决的技术问题是提出一种应用下载的系统和方法, 能够方便 快速的进行应用下载。  The technical problem to be solved by the present invention is to propose a system and method for application downloading, which can conveniently and quickly perform application downloading.
为了解决上述技术问题, 本发明提供了一种应用下载的方法, 所述方法 包括:  In order to solve the above technical problem, the present invention provides a method for downloading an application, the method comprising:
卡外实体管理平台收到业务终端发来的应用下载请求, 通过业务终端选 择智能卡上负责应用下载的安全域, 与智能卡之间建立安全通道, 并基于所 述安全通道, 将应用下载到智能卡中。 所述业务终端为卡片发行商业务终端; 或者, 所述卡外实体管理平台为应用 提供商管理平台, 所述业务终端为应用提供商业务终端。  The card external entity management platform receives the application download request sent by the service terminal, selects the security domain responsible for the application download on the smart card through the service terminal, establishes a secure channel with the smart card, and downloads the application to the smart card based on the secure channel. . The service terminal is a card issuer service terminal; or the card external entity management platform is an application provider management platform, and the service terminal is an application provider service terminal.
进一步地, 上述方法中,  Further, in the above method,
卡片发行商业务终端, Card issuer business terminal,
所述方法为:  The method is:
卡片发行商管理平台接收卡片发行商业务终端发来的应用下载请求; 以 及  The card issuer management platform receives an application download request from the card issuer business terminal; and
应用提供商管理平台选择智能卡上负责应用下载的从安全域, 通过卡片 发行商管理平台及卡片发行商业务终端和智能卡建立安全通道, 并基于所述 安全通道将应用下载到智能卡中。  The application provider management platform selects the slave security domain on the smart card responsible for the application download, establishes a secure channel through the card issuer management platform and the card issuer service terminal and the smart card, and downloads the application to the smart card based on the secure channel.
进一步地, 上述方法中,  Further, in the above method,
所述应用下载请求中携带有智能卡特征信息,  The application download request carries smart card feature information,
所述卡外实体管理平台收到应用下载请求的步骤之后,所述方法还包括:  After the step of receiving the application download request by the card external entity management platform, the method further includes:
判断是否允许下载所述应用, 其中, Determining whether the application is allowed to be downloaded, wherein
在判断结果为是时, 才通过业务终端选择智能卡上负责应用下载的安全 进一步地, 上述方法中, 所述卡外实体管理平台收到业务终端发来的应 用下载请求的步骤之前, 所述方法还包括: When the judgment result is yes, the security of the application download on the smart card is selected through the service terminal. Further, in the foregoing method, before the step of the card external entity management platform receiving the application download request sent by the service terminal, the method further includes:
业务终端向智能卡发送读取智能卡特征信息命令, 智能卡将其特征信息 封装在读取智能卡特征信息命令的响应消息中发送到业务终端。  The service terminal sends a command to read the smart card feature information to the smart card, and the smart card encapsulates the feature information in a response message for reading the smart card feature information command and sends the message to the service terminal.
进一步地, 上述方法中, 卡片发行商管理平台或应用提供商管理平台与 智能卡之间建立安全通道的步骤包括: 过业务终端与智能卡进行身份认证, 以建立安全通道, 其中,  Further, in the foregoing method, the step of establishing a secure channel between the card issuer management platform or the application provider management platform and the smart card includes: performing identity authentication between the service terminal and the smart card to establish a secure channel, where
所述预定安全信道协议基于对称密钥或非对称密钥机制。  The predetermined secure channel protocol is based on a symmetric key or an asymmetric key mechanism.
进一步地, 上述方法中, 所述卡外实体管理平台基于所述安全通道将应 用下载到所述智能卡中的步骤之前, 所述方法还包括: 预定命令。  Further, in the above method, before the step of downloading the application to the smart card by the external channel management platform, the method further includes: a predetermined command.
进一步地, 上述方法中,  Further, in the above method,
台向智能卡发送预定命令的步骤包括: The steps for the station to send a predetermined command to the smart card include:
同 ¾t卞 s )iL ^ ¾t-r a -it-fj¾  Same as 3⁄4t卞 s )iL ^ 3⁄4t-r a -it-fj3⁄4
式进行封装后, 通过业务终端发送给智能卡; 以及 After being encapsulated, it is sent to the smart card through the service terminal;
智能卡从发送来的数据中剥离出预定命令, 以根据预定命令执行对应的 操作。  The smart card strips out the predetermined command from the transmitted data to perform the corresponding operation according to the predetermined command.
进一步地, 上述方法中, 所述智能卡从发送来的数据中剥离出所述预定 命令的步骤之后, 所述方法还包括:  Further, in the above method, after the step of the smart card stripping the predetermined command from the sent data, the method further includes:
智能卡把对预定命令的响应按照预定数据格式封装后通过业务终端发送  The smart card encapsulates the response to the predetermined command according to the predetermined data format and sends it through the service terminal.
定命令的响应。 The response of the command.
进一步地, 上述方法中, 所述预定命令为应用下载命令时, 智能卡剥离 出所述预定命令的步骤之后, 所述方法还包括: Further, in the above method, when the predetermined command is an application download command, the smart card is stripped After the step of the predetermined command, the method further includes:
智能卡解析所述预定命令, 以执行应用下载。  The smart card parses the predetermined command to perform an application download.
进一步地, 上述方法中, 当所述应用为卡片发行商所托管的应用提供商 卡发送预定命令的步骤之前, 所述方法还包括: 发行商管理平台发送的令牌密钥, 之后所述应用提供商管理平台生成包括装 载令牌的预定命令, 以通过卡片发行商管理平台和卡片发行商业务终端发送 到智能卡。  Further, in the above method, before the step of sending the predetermined command by the application provider card hosted by the card issuer, the method further includes: a token key sent by the publisher management platform, and then the application The provider management platform generates a predetermined command including a load token for transmission to the smart card through the card issuer management platform and the card issuer service terminal.
进一步地, 上述方法中, 当所述应用为卡片发行商自有应用时, 所述业 务终端选择智能卡上负责应用下载的安全域的步骤包括:  Further, in the foregoing method, when the application is a card issuer's own application, the step of the service terminal selecting the security domain on the smart card responsible for the application download includes:
卡片发行商管理平台选择智能卡上的主安全域, 或者,  The card issuer management platform selects the primary security domain on the smart card, or,
所述卡片发行商管理平台为该应用创建从安全域, 并选择该从安全 域; 或者,  The card issuer management platform creates a slave security domain for the application and selects the slave security domain; or
当所述应用为应用提供商自主控制的应用或卡片发行商所托管的应用提 供商的应用时, 所述业务终端选择智能卡上负责应用下载的安全域的步骤包 括:  When the application is an application controlled by an application provider or an application provider hosted by a card issuer, the steps of the service terminal selecting a security domain on the smart card responsible for the application download include:
如果没有为所述应用创建从安全域,  If no security domain is created for the app,
卡片发行商管理平台选择主安全域, 并建立与智能卡之间的安全通 道, 以及创建从安全域, 生成从安全域初始密钥, 并将该从安全域初始 密钥发送给应用提供商管理平台; 以及  The card issuer management platform selects the primary security domain, establishes a secure channel with the smart card, and creates a slave security domain, generates a slave security domain initial key, and sends the slave security domain initial key to the application provider management platform. ; as well as
应用提供商管理平台选择负责应用下载的从安全域, 并基于安全通 道更新从安全域密钥; 或者,  The application provider management platform selects the slave security domain responsible for the application download and updates the slave security domain key based on the secure channel; or
如果已经为所述应用创建从安全域,  If you have created a slave security domain for the app,
所述应用提供商管理平台选择负责应用下载的从安全域, 并基于安 全通道更新从安全域密钥。  The application provider management platform selects the slave security domain responsible for the application download and updates the slave security domain key based on the secure channel.
本发明还提供一种应用下载的系统, 其包括卡外实体管理平台、 业务终 端和智能卡; 其中, The invention also provides a system for application downloading, which comprises an out-of-card entity management platform and a business end End and smart card; among them,
所述卡外实体管理平台设置为: 接收业务终端发来的应用下载请求, 并 通过业务终端选择智能卡上负责应用下载的安全域, 在与智能卡建立安全通 道后, 基于所述安全通道, 将应用下载到智能卡中;  The card external entity management platform is configured to: receive an application download request sent by the service terminal, and select a security domain on the smart card that is responsible for the application download through the service terminal, and after establishing a secure channel with the smart card, apply the application based on the secure channel Download to smart card;
所述业务终端设置为: 发送应用下载请求至卡外实体管理平台, 在卡外 实体管理平台和智能卡之间透明地传输数据;  The service terminal is configured to: send an application download request to an off-card entity management platform, and transparently transmit data between the card external entity management platform and the smart card;
所述智能卡设置为: 通过业务终端与卡外实体管理平台建立安全通道, 并通过安全通道完成应用下载操作。 所述业务终端为卡片发行商业务终端, 或者,  The smart card is configured to: establish a secure channel through the service terminal and the card external entity management platform, and complete an application download operation through the secure channel. The service terminal is a card issuer service terminal, or
供商业务终端。 Supplier business terminal.
进一步地, 上述系统中, 供商业务终端时, 所述系统还包括卡片发行商管理平台; 其中,  Further, in the above system, when the provider service terminal, the system further includes a card issuer management platform;
所述应用提供商管理平台还包括:  The application provider management platform further includes:
申请模块, 其设置为: 在没有为所述应用创建从安全域时, 向卡片发行 商管理平台发送从安全域创建请求; 以及  An application module, configured to: send a request to create a security domain from a card issuer management platform when a secondary security domain is not created for the application;
接收模块, 其设置为: 接收卡片发行商管理平台发送的从安全域初始密 钥;  a receiving module, configured to: receive a slave security domain initial key sent by the card issuer management platform;
所述卡片发行商管理平台还包括:  The card issuer management platform also includes:
创建及发送模块, 其设置为: 接收应用提供商管理平台发送的从安全域 创建请求, 创建从安全域, 生成从安全域初始密钥并发送从安全域初始密钥 给应用提供商管理平台。  The creation and delivery module is configured to: receive a request from the security domain to be sent by the application provider management platform, create a slave security domain, generate a slave domain from the security domain, and send the initial key from the security domain to the application provider management platform.
台和应用提供商管理平台, 所述业务终端为卡片发行商业务终端时, And the application provider management platform, when the service terminal is a card issuer service terminal,
所述卡片发行商管理平台设置为: 接收卡片发行商业务终端发来的应用 下载请求; The card issuer management platform is configured to: receive an application from a card issuer service terminal Download request
所述应用提供商管理平台设置为: 选择从安全域, 通过所述卡片发行商 管理平台和卡片发行商业务终端与智能卡建立安全通道, 并基于所述安全通 道, 将应用下载到智能卡中。  The application provider management platform is configured to: select a slave security zone, establish a secure channel with the smart card through the card issuer management platform and the card issuer service terminal, and download the application to the smart card based on the secure channel.
进一步地, 上述系统中, 所述卡片发行商管理平台还包括创建及发送模 块, 所述创建及发送模块设置为:  Further, in the above system, the card issuer management platform further includes a create and send module, and the create and send module is configured to:
在没有为所述应用创建从安全域时, 创建从安全域, 生成从安全域初始 密钥并发送从安全域初始密钥给应用提供商管理平台;  When the slave domain is not created for the application, the slave domain is created from the security domain, and the initial key is generated from the security domain and sent from the secure domain initial key to the application provider management platform;
所述应用提供商管理平台还包括接收模块, 所述接收模块设置为接收从 卡片发行商管理平台所发送的安全域初始密钥。  The application provider management platform also includes a receiving module configured to receive a secure domain initial key transmitted from a card issuer management platform.
进一步地, 上述系统中, 所述应用提供商管理平台还包括更新模块, 所 述更新模块设置为更新应用对应的从安全域密钥。  Further, in the above system, the application provider management platform further includes an update module, and the update module is configured to update the slave security domain key corresponding to the application.
台还包括: The station also includes:
生成模块, 其设置为生成预定命令;  Generating a module, which is configured to generate a predetermined command;
封装模块, 其设置为将预定命令按照预定的数据格式进行封装; 以及 发送模块 , 其设置为通过业务终端将预定命令发送到智能卡;  a packaging module, configured to encapsulate the predetermined command according to a predetermined data format; and a sending module configured to send the predetermined command to the smart card through the service terminal;
所述智能卡还包括:  The smart card further includes:
执行模块, 其设置为: 接收预定命令后, 解析预定命令, 执行相应操作。 进一步地, 上述系统中,  The execution module is configured to: after receiving the predetermined command, parse the predetermined command and perform the corresponding operation. Further, in the above system,
所述应用提供商管理平台还包括: 令牌申请模块, 其设置为: 向卡片发行商管理平台申请令牌, 接收 卡片发行商管理平台发送的令牌密钥;  The application provider management platform further includes: a token application module, configured to: apply for a token to the card issuer management platform, and receive a token key sent by the card issuer management platform;
所述卡片发行商管理平台还包括:  The card issuer management platform also includes:
令牌发送模块, 其设置为: 收到应用提供商管理平台的令牌申请后, 发送令牌密钥给应用提供商管理平台。  The token sending module is configured to: after receiving the token application of the application provider management platform, send the token key to the application provider management platform.
进一步地, 上述系统中, 所述应用提供商管理平台还包括: Further, in the above system, The application provider management platform further includes:
生成模块, 其设置为: 生成包含装载令牌的预定命令;  Generating a module, the setting is: generating a predetermined command including a load token;
封装模块, 其设置为: 将预定命令按照预定的数据格式进行封装; 以及  a package module, configured to: package the predetermined command in a predetermined data format;
发送模块, 其设置为: 通过卡片发行商管理平台和卡片发行商业务 终端将预定命令发送到智能卡;  a sending module, configured to: send a predetermined command to the smart card through the card issuer management platform and the card issuer service terminal;
所述智能卡还包括:  The smart card further includes:
执行模块, 其设置为: 接收预定命令后, 解析预定命令, 执行相应操作。 进一步地, 上述系统中,  The execution module is configured to: after receiving the predetermined command, parse the predetermined command and perform the corresponding operation. Further, in the above system,
所述业务终端还包括特征信息读取模块, 所述特征信息读取模块设置为 向智能卡发送读取智能卡特征信息命令;  The service terminal further includes a feature information reading module, and the feature information reading module is configured to send a smart card feature information command to the smart card;
所述智能卡还包括特征信息发送模块 , 所述特征信息发送模块设置为将 其特征信息封装在读取智能卡特征信息命令的响应消息中发送到业务终端。  The smart card further includes a feature information sending module, and the feature information sending module is configured to send the feature information to the service terminal in a response message for reading the smart card feature information command.
进一步地, 上述系统中, 所述应用下载请求中携带有智能卡特征信息, 获取模块, 其设置为获取应用下载请求中的智能卡特征信息;  Further, in the above system, the application download request carries the smart card feature information, and the acquiring module is configured to acquire the smart card feature information in the application download request;
判断模块,其设置为根据该智能卡特征信息判断是否允许下载所述应用; 以及  a judging module, configured to determine, according to the smart card feature information, whether to allow downloading the application;
选择模块, 其设置为: 在判断模块的判断结果为是时, 通过业务终端选 择智能卡上负责应用下载的安全域。 台还包括认证和建立模块,  The selection module is set to: When the judgment result of the determination module is yes, the security terminal responsible for the application download on the smart card is selected by the service terminal. The station also includes certification and building modules.
所述认证和建立模块设置为: 按照预定安全信道协议, 通过业务终端和 智能卡进行身份认证, 建立安全通道, 其中,  The authentication and establishing module is configured to: establish a secure channel by using a service terminal and a smart card for identity authentication according to a predetermined secure channel protocol, where
所述预定安全信道协议基于对称密钥或非对称密钥机制。  The predetermined secure channel protocol is based on a symmetric key or an asymmetric key mechanism.
本发明的有益效果在于, 通过本发明提出的应用下载的系统和方法, 可 以方便地把应用下载到智能卡上, 提高了用户体验。 附图概述 The invention has the beneficial effects that the application downloading system and method proposed by the invention can conveniently download the application to the smart card, thereby improving the user experience. BRIEF abstract
此处所说明的附图用来提供对本发明的进一步理解, 构成本申请的一部 分, 本发明的示意性实施例及其说明用于解释本发明, 并不构成对本发明的 不当限定。 在附图中:  The drawings are intended to provide a further understanding of the invention, and are intended to be illustrative of the invention. In the drawing:
图 1本发明的应用下载的系统框图;  Figure 1 is a system block diagram of an application download of the present invention;
图 2本发明的应用下载的方法流程图;  2 is a flow chart of a method for downloading an application of the present invention;
图 3根据本发明实施例的卡片发行商自有应用下载和安装的详细信令流 程图; 和安装的详细信令流程图; 以及  3 is a detailed signaling flow diagram of a card issuer's own application download and installation in accordance with an embodiment of the present invention; and a detailed signaling flow diagram of the installation;
图 5根据本发明实施例的应用提供商自主控制的应用下载和安装的详细 信令流程图。 本发明的较佳实施方式  Figure 5 is a detailed signaling flow diagram of application download and installation autonomously controlled by an application provider in accordance with an embodiment of the present invention. Preferred embodiment of the invention
下面将参考附图并结合实施例, 来详细说明本发明。  The invention will be described in detail below with reference to the drawings in conjunction with the embodiments.
系统实施例  System embodiment
根据本发明的实施例, 提供一种应用下载的系统。 图 1是根据本发明的 应用下载的系统框图。 如图 1所示, 包括卡片发行商管理平台 10、 应用提供 商管理平台 12 (系统中可存在多个应用提供商管理平台) 、 卡片发行商业务 终端 14、 应用提供商业务终端 16和智能卡 18, 下面对上述应用下载系统进 行详细的说明。  In accordance with an embodiment of the present invention, a system for application downloading is provided. 1 is a system block diagram of an application download in accordance with the present invention. As shown in FIG. 1, a card issuer management platform 10, an application provider management platform 12 (a plurality of application provider management platforms may exist in the system), a card issuer service terminal 14, an application provider service terminal 16, and a smart card 18 are included. The following describes the application download system in detail.
卡片发行商管理平台 10, 负责卡的发行和管理,对卡的资源和生命周期、 密钥、证书及应用等进行管理。 用于接收其对应的业务终端 14以预定数据格 式发送的智能卡应用下载请求, 并通过业务终端 14选择安全域, 在与智能卡 18进行身份认证, 建立安全通道后, 通过安全通道把应用下载到智能卡 18; 进一步, 用于创建从安全域及生成从安全域初始密钥, 将从安全域初始密钥 发送给应用提供商管理平台 12; 进一步, 用于接收到应用提供商管理平台 12 的令牌申请后, 把令牌密钥发送给应用提供商管理平台 12。 The card issuer management platform 10 is responsible for card issuance and management, and manages card resources and lifecycles, keys, certificates, and applications. And receiving a smart card application download request sent by the corresponding service terminal 14 in a predetermined data format, and selecting a security domain through the service terminal 14, performing identity authentication with the smart card 18, establishing a secure channel, and downloading the application to the smart card through the secure channel. 18; further, for creating a slave security domain and generating a slave security domain initial key, sending the security domain initial key to the application provider management platform 12; further, for receiving the application provider management platform 12 After the token application, the token key is sent to the application provider management platform 12.
应用提供商管理平台 12, 用于接收其对应的业务终端 16以预定数据格 式发送的智能卡应用下载请求,并向卡片发行商管理平台 10发送从安全域创 建请求, 在从卡片发行商管理平台 10获得从安全域初始密钥后, 选择从安全 域, 与智能卡 18进行身份认证, 建立安全通道后, 更新从安全域密钥, 并通 过安全通道把应用下载到智能卡 18。 对于应用由卡片发行商管理平台托管的 情况, 应用提供商管理平台 12还用于向卡片发行商管理平台 10 申请令牌 ( Token ) , 生成包含 Load Token (装载令牌)的预定命令, 通过卡片发行商 管理平台 10及其业务终端 14与智能卡 18建立安全通道,把应用下载到智能 卡 18中。  The application provider management platform 12 is configured to receive a smart card application download request sent by the corresponding service terminal 16 in a predetermined data format, and send a request from the security issue domain to the card issuer management platform 10, at the slave card issuer management platform 10 After obtaining the initial key from the security domain, select the security domain, authenticate with the smart card 18, establish a secure channel, update the security domain key, and download the application to the smart card 18 through the secure channel. For the case where the application is hosted by the card issuer management platform, the application provider management platform 12 is also used to apply for a token (Token) to the card issuer management platform 10, and generate a predetermined command including a Load Token, through the card. The publisher management platform 10 and its service terminal 14 establish a secure channel with the smart card 18 to download the application to the smart card 18.
卡片发行商业务终端或应用提供商业务终端称为业务终端。 A card issuer service terminal or an application provider service terminal is called a service terminal.
卡片发行商业务终端 14, 用于发送应用下载请求到卡片发行商管理平台 10, 并且在卡片发行商管理平台 10与智能卡 18之间透明地传输数据, 其中, 应用下载请求中携带有智能卡的特征信息; 进一步包括特征信息读取模块, 用于向智能卡 18发送读取智能卡特征信息命令。  The card issuer service terminal 14 is configured to send an application download request to the card issuer management platform 10, and transparently transmit data between the card issuer management platform 10 and the smart card 18, wherein the application download request carries the characteristics of the smart card The information further includes a feature information reading module, configured to send a read smart card feature information command to the smart card 18.
应用提供商业务终端 16, 用于发送应用下载请求到应用提供商管理平台 12, 并且在应用提供商管理平台 12与智能卡 18之间透明地传输数据, 其中, 应用下载请求中携带有智能卡的特征信息; 进一步包括特征信息读取模块, 用于向智能卡 18发送读取智能卡特征信息命令。  The application provider service terminal 16 is configured to send an application download request to the application provider management platform 12, and transparently transmit data between the application provider management platform 12 and the smart card 18, wherein the application download request carries the characteristics of the smart card. The information further includes a feature information reading module, configured to send a read smart card feature information command to the smart card 18.
智能卡 18, 用于通过业务终端 14或 16与卡片发行商管理平台 10或应 用提供商管理平台 12进行身份认证, 建立安全通道, 并通过安全通道完成应 用下载操作; 进一步包括特征信息发送模块, 用于响应于读取智能卡特征信 息命令, 并将其特征信息封装在读取智能卡特征信息命令的响应消息中发送 到业务终端 14或 16。 上述智能卡是指符合 Global Platform Card Specification V2.1.1/V2.2规范的 IC芯片或智能卡, 从物理形式上可以为 SIM/USIM卡、 可插拔的智能存储卡或者集成在移动终端上的 IC芯片。  The smart card 18 is configured to perform identity authentication with the card issuer management platform 10 or the application provider management platform 12 through the service terminal 14 or 16, establish a secure channel, and complete an application download operation through a secure channel; further includes a feature information sending module, And transmitting to the service terminal 14 or 16 in response to the read smart card feature information command and encapsulating its feature information in a response message for reading the smart card feature information command. The above smart card refers to an IC chip or a smart card conforming to the Global Platform Card Specification V2.1.1/V2.2 specification, and may be a SIM/USIM card, a pluggable smart memory card or an IC chip integrated on the mobile terminal in physical form. .
此外, 所述系统中, 所述卡片发行商管理平台 10与所述应用提供商管理 平台 12之间通过专线或者网络连接,由双方预先约定连接方式和数据通信协 议。 In addition, in the system, the card issuer management platform 10 and the application provider management platform 12 are connected by a dedicated line or a network, and the two parties pre-agreed the connection mode and the data communication protocol. Negotiation.
此外,所述卡片发行商管理平台 10与所述卡片发行商业务终端 14之间, 所述应用提供商管理平台 12与所述应用提供商业务终端 16之间, 可通过专 线及其内部业务终端管理系统进行互联。  In addition, between the card issuer management platform 10 and the card issuer service terminal 14, the application provider management platform 12 and the application provider service terminal 16 may pass through a dedicated line and an internal service terminal thereof. The management system is interconnected.
此外, 业务终端 14/16对管理平台 10/12与智能卡 18之间交互的数据和 密钥等信息进行透明传输。 业务终端配置有智能卡读写设备, 通过智能卡读 写设备与智能卡进行通信。 智能卡读写设备可以是非接触式读写器或者接触 式智能卡读写器。 釆用非接触式读写器时, 智能卡放置在移动终端, 业务终 端釆用近场通信协议通过移动终端与智能卡进行通信; 釆用接触式智能卡读 写器时, 业务终端通过智能卡读写器直接与智能卡进行通信。  In addition, the service terminal 14/16 transparently transmits information such as data and keys exchanged between the management platform 10/12 and the smart card 18. The service terminal is configured with a smart card reading and writing device, and communicates with the smart card through the smart card reading and writing device. The smart card reading and writing device can be a contactless reader or a contact smart card reader. When the contactless reader/writer is used, the smart card is placed in the mobile terminal, and the service terminal communicates with the smart card through the mobile terminal using the near field communication protocol; when the contact smart card reader is used, the service terminal directly through the smart card reader Communicate with a smart card.
此外, 上述卡片发行商管理平台 10进一步包括:  In addition, the above card issuer management platform 10 further includes:
获取模块, 用于获取应用下载请求中的智能卡 18的特征信息;  An obtaining module, configured to acquire feature information of the smart card 18 in the application download request;
判断模块, 用于根据智能卡 18的特征信息判断是否允许下载;  a determining module, configured to determine, according to the feature information of the smart card 18, whether the download is allowed;
选择模块, 用于在判断模块判断结果为是的情况下, 通过卡片发行商业 务终端 14选择安全域。  The selection module is configured to select the security domain by the card issuing business terminal 14 if the judgment module determines that the result is YES.
此外, 上述卡片发行商管理平台 10进一步包括: 创建及发送模块, 用于 在接收到应用提供商管理平台的从安全域创建请求时或者判断未为应用创建 从安全域时, 创建从安全域, 生成并发送从安全域初始密钥给应用提供商管 理平台;  In addition, the card issuer management platform 10 further includes: a creating and sending module, configured to create a slave security domain when receiving a request from a security domain for the application provider management platform or when determining that a slave domain is not created for the application, Generate and send an initial key from the secure domain to the application provider management platform;
此外, 上述卡片发行商管理平台 10进一步包括: 认证和建立模块, 用于 按照预定安全信道协议与智能卡 18进行身份认证, 建立安全通道。  In addition, the card issuer management platform 10 further includes: an authentication and establishment module, configured to perform identity authentication with the smart card 18 according to a predetermined secure channel protocol, and establish a secure channel.
此外, 上述卡片发行商管理平台 10进一步包括:  In addition, the above card issuer management platform 10 further includes:
生成模块, 用于生成预定命令;  a generating module, configured to generate a predetermined command;
封装模块, 用于将预定命令按预定的数据格式进行封装;  a packaging module, configured to package the predetermined command in a predetermined data format;
发送模块, 用于通过卡片发行商业务终端 14将预定命令发送到智能卡 a sending module, configured to send a predetermined command to the smart card through the card issuer service terminal 14
18。 18.
此外, 上述应用提供商管理平台 12进一步包括: 获取模块, 用于获取应用下载请求中的智能卡 18的特征信息; In addition, the application provider management platform 12 further includes: An obtaining module, configured to acquire feature information of the smart card 18 in the application download request;
判断模块, 用于根据智能卡 18的特征信息判断是否允许下载;  a determining module, configured to determine, according to the feature information of the smart card 18, whether the download is allowed;
选择模块, 用于在判断模块判断为是的情况下, 通过业务终端选择智能 卡负责应用下载的安全域。  The selection module is configured to select, by the service terminal, the smart card to be responsible for the downloaded security domain when the judgment module determines that it is YES.
上述应用提供商管理平台 12进一步包括:  The above application provider management platform 12 further includes:
申请模块, 用于在没有为应用创建从安全域时, 向卡片发行商管理平台 10发送从安全域创建请求;  An application module, configured to send a request to create a security domain from the card issuer management platform 10 when the slave security domain is not created for the application;
接收模块, 用于接收卡片发行商管理平台发送的从安全域初始密钥; 更新模块, 用于更新应用对应的从安全域密钥, 把从安全域初始密钥更 新为自己掌控的密钥。  The receiving module is configured to receive the slave security domain initial key sent by the card issuer management platform, and the update module is configured to update the slave security domain key corresponding to the application, and update the security domain initial key to the master key.
此外, 上述应用提供商管理平台 12进一步包括: 认证和建立模块, 用于 按照预定安全信道协议与智能卡 18进行身份认证, 建立安全通道。  In addition, the application provider management platform 12 further includes: an authentication and establishment module, configured to perform identity authentication with the smart card 18 according to a predetermined secure channel protocol, and establish a secure channel.
此外, 上述应用提供商管理平台 12进一步包括:  In addition, the above application provider management platform 12 further includes:
令牌申请模块, 用于向卡片发行商管理平台申请令牌, 接收卡片发行商 管理平台发送的令牌密钥;  a token application module, configured to apply for a token to the card issuer management platform, and receive a token key sent by the card issuer management platform;
上述卡片发行商管理平台 10进一步包括: 令牌发送模块, 用于收到应用 提供商管理平台的令牌申请后, 发送令牌密钥给应用提供商管理平台。  The card issuer management platform 10 further includes: a token sending module, configured to send a token key to the application provider management platform after receiving the token application of the application provider management platform.
此外, 上述应用提供商管理平台 12进一步包括:  In addition, the above application provider management platform 12 further includes:
生成模块, 用于生成预定命令, 或者用于生成包含装载令牌的预定命令; 封装模块, 用于将预定命令按预定的数据格式进行封装;  a generating module, configured to generate a predetermined command, or used to generate a predetermined command including a loading token; and a packaging module, configured to encapsulate the predetermined command in a predetermined data format;
发送模块, 用于通过业务终端 16或通过卡片发行商管理平台 10及其业 务终端 14将预定命令发送到智能卡。  The sending module is configured to send the predetermined command to the smart card through the service terminal 16 or through the card issuer management platform 10 and its service terminal 14.
上述智能卡 18, 进一步包括:  The smart card 18 above further includes:
执行模块, 用于接收预定命令后, 解析预定命令, 执行相应操作。 当接 收到应用下载命令时, 执行应用下载。  The execution module is configured to parse the predetermined command and perform the corresponding operation after receiving the predetermined command. When the application download command is received, the application download is performed.
通过上述处理, 能方便地通过业务终端实现应用的下载和安装。 方法实施例 Through the above processing, the download and installation of the application can be conveniently implemented through the service terminal. Method embodiment
根据本发明的实施例, 提供了一种应用下载的方法, 用于把应用下载到 智能卡中。 图 2是根据本发明实施例的应用下载方法的流程图, 如图 2所示, 包括以下处理:  According to an embodiment of the present invention, a method for downloading an application for downloading an application to a smart card is provided. FIG. 2 is a flowchart of an application downloading method according to an embodiment of the present invention. As shown in FIG. 2, the following processing is included:
步骤 S201 , 卡片发行商管理平台或应用提供商管理平台收到对应的业务 终端发来的应用下载请求后, 通过业务终端选择智能卡上负责应用下载的安 全域, 并与智能卡之间进行身份认证、 建立安全通道;  Step S201: After receiving the application download request sent by the corresponding service terminal, the card issuer management platform or the application provider management platform selects a security domain that is responsible for the application download on the smart card through the service terminal, and performs identity authentication with the smart card. Establish a safe passage;
用户携带智能卡去卡片发行商或应用提供商的营业网点通过业务终端进 行应用下载, 在用户携带智能卡去其营业网点后, 通过业务终端进行应用下 载包括以下处理:  The user carries the smart card to the business outlet of the card issuer or the application provider to download the application through the service terminal. After the user carries the smart card to the business outlet, the application download through the service terminal includes the following processing:
1、 业务终端向智能卡发送读取智能卡特征信息命令, 智能卡特征信息指 可以识别智能卡的信息, 例如可以是 ICCID ( Integrated Circuit Card Identity, 集成电路卡识别码) ;  1. The service terminal sends a command to read the smart card feature information to the smart card, and the smart card feature information refers to information that can identify the smart card, for example, an ICCID (International Circuit Card Identity);
2、 响应于读取智能卡特征信息命令, 智能卡将其特征信息封装在读取智 能卡特征信息命令的响应消息中发送到业务终端;  2. In response to the command to read the smart card feature information, the smart card encapsulates its feature information in a response message for reading the smart card feature information command and sends it to the service terminal;
3、业务终端发送应用下载请求到卡片发行商管理平台或应用提供商管理 平台, 其中, 应用下载请求中携带有智能卡的特征信息; 的特征信息, 并根据特征信息判断是否允许下载; 过业务终端选择负责应用下载的安全域。  3. The service terminal sends an application download request to the card issuer management platform or the application provider management platform, wherein the application download request carries the feature information of the smart card; and determines whether the download is allowed according to the feature information; Select the security domain responsible for the app download.
根据应用所属的管理平台以及安全域控制方的不同, 应用可分为, 卡片 发行商自有应用、 由卡片发行商托管的应用提供商的应用以及应用提供商自 主控制的应用。 在本发明中, 卡片发行商可根据应用提供商的大小, 给应用 提供商设置一定的权限, 对于较小的应用提供商, 需获得卡片发行商的授权 (例如, 令牌) 才能对安全域中存放的应用进行操作; 对于较大的应用提供 商, 其应用可由其自己控制、 管理和维护, 不需卡片发行商授权。 这样, 卡 片发行商可根据策略灵活选择对应用的控制方式。 因此, 对于选择安全域, 包括以下处理: 对于卡片发行商自有应用的下载,卡片发行商管理平台可选择主安全域, 也可为对应的应用下载建立从安全域, 由卡片发行商自行决定。 Depending on the management platform to which the application belongs and the security domain controller, the application can be divided into a card issuer's own application, an application provider's application hosted by the card issuer, and an application-controlled application. In the present invention, the card issuer can set a certain authority for the application provider according to the size of the application provider, and for the smaller application provider, the card issuer's authorization (for example, a token) is required to access the security domain. The application stored in the operation; for larger application providers, the application can be controlled, managed and maintained by itself without the authorization of the card issuer. In this way, card issuers can flexibly choose how to control the application based on the policy. Therefore, for selecting a security domain, the following processing is included: For the download of the card issuer's own application, the card issuer management platform may select the primary security domain, or may create a secondary security domain for the corresponding application download, which is determined by the card issuer. .
对于应用提供商的应用下载, 不管是由卡片发行商托管的, 还是由应用 提供商自主控制的, 进行如下处理:  For application downloads by the application provider, whether hosted by the card issuer or controlled by the application provider, proceed as follows:
如果没有为应用创建从安全域, 则卡片发行商管理平台需要首先选择主 安全域, 建立与智能卡之间的安全通道, 创建从安全域, 生成从安全域初始 密钥, 并把该从安全域初始密钥发送给应用提供商管理平台; 应用提供商管 理平台选择对应的从安全域, 建立与智能卡之间的安全通道, 并更新从安全 域密钥;  If no slave security domain is created for the application, the card issuer management platform needs to first select the primary security domain, establish a secure channel with the smart card, create a slave security domain, generate a slave domain security key, and put the slave security domain. The initial key is sent to the application provider management platform; the application provider management platform selects the corresponding slave security domain, establishes a secure channel with the smart card, and updates the slave security domain key;
如果已经为应用创建了从安全域, 则应用提供商管理平台选择对应的从 安全域, 建立与智能卡之间的安全通道, 并更新从安全域密钥;  If the slave security domain has been created for the application, the application provider management platform selects the corresponding slave security domain, establishes a secure channel with the smart card, and updates the slave security domain key;
对于由卡片发行商托管的应用, 对应的从安全域需要具有委托管理优先 权 ( Delegated Management Privilege ) 。  For applications hosted by card issuers, the corresponding slave security domain needs to have Delegated Management Privilege.
在步骤 S201中,卡片发行商管理平台或应用提供商管理平台与智能卡之 间进行身份认证、 建立安全通道的具体处理为: 卡片发行商管理平台或应用 提供商管理平台按照预定安全信道协议, 通过业务终端与智能卡之间进行身 份认证, 建立安全通道。 预定安全信道协议可基于对称密钥或非对称密钥机 制。  In step S201, the specific process of performing identity authentication and establishing a secure channel between the card issuer management platform or the application provider management platform and the smart card is: The card issuer management platform or the application provider management platform passes the predetermined secure channel protocol. The service terminal and the smart card perform identity authentication and establish a secure channel. The predetermined secure channel protocol can be based on a symmetric key or an asymmetric key mechanism.
应用下载到智能卡中, 具体处理为: The application is downloaded to the smart card, and the specific processing is:
下载命令)通过业务终端发送给智能卡。 The download command is sent to the smart card through the service terminal.
对于卡片发行商自有应用的下载,由卡片发行商管理平台生成预定命令, 并通过卡片发行商业务终端发送到智能卡; 对于应用提供商自主控制的应用 的下载, 由应用提供商管理平台生成预定命令, 并通过应用提供商业务终端 发送到智能卡; 对于由卡片发行商托管的应用提供商的应用下载, 应用提供 商管理平台在生成预定命令之前, 需要向卡片发行商管理平台申请令牌用于 下载和安装, 在收到卡片发行商管理平台发来的令牌密钥后, 生成包含装载 令牌 Load Token的预定命令(例如, 应用下载命令和应用安装命令) 。 For the download of the card issuer's own application, the card issuer management platform generates a predetermined command and sends it to the smart card through the card issuer service terminal; for the download of the application controlled by the application provider, the application provider management platform generates the reservation. The command is sent to the smart card through the application provider service terminal; for the application download of the application provider hosted by the card issuer, the application provider management platform needs to apply for a token to the card issuer management platform before generating the predetermined command. Download and install, after receiving the token key from the card issuer management platform, generate a predetermined command (for example, application download command and application installation command) containing the load token Load Token.
令牌特定地与托管应用相关, 它由卡片发行商生成, 是卡片发行商授权 对卡内容进行管理的一种证据。 对于由卡片发行商托管的应用提供商的应用 下载, 应用提供商只有得到卡片发行商的授权, 才能把新的应用下载到智能 卡上。  The token is specifically associated with the hosted application, which is generated by the card issuer and is evidence that the card issuer authorizes the management of the card content. For application downloads by application providers hosted by card issuers, the application provider can only download new applications to the smart card if authorized by the card issuer.
2、 智能卡接收到预定命令后, 执行应用下载, 并通过业务终端向卡片发  2. After receiving the predetermined command, the smart card executes the application download and sends the card to the card through the service terminal.
基于已经建立起的安全通道, 发送应用安装命令给智能卡, 进行应用的安装。 对于 Java Card应用, 该应用安装命令将调用智能卡上应用程序 register(), 将 支付应用实例注册到 Java Card运行环境 ( Java Card Runtime Environment , JCRE ) 中, 并为支付应用分配对应的应用实例 AID ( Application IDentifer, 应用标识) 。 在智能卡上成功执行了 register()后, 应用安装成功。 智能卡可 反馈安装结果。 向智能卡发送预定命令(包括, 选择安全域、 建立安全通道以及应用下载命 令、 应用安装命令等) , 以及智能卡通过业务终端把命令响应反馈给卡片发
Figure imgf000016_0001
Based on the established secure channel, an application installation command is sent to the smart card to install the application. For a Java Card application, the application install command invokes the application register() on the smart card, registers the payment application instance with the Java Card Runtime Environment (JCRE), and assigns the corresponding application instance AID to the payment application ( Application IDentifer, application ID). After the successful execution of register() on the smart card, the application is successfully installed. The smart card can feed back the installation results. Send predetermined commands to the smart card (including selecting a security domain, establishing a secure channel and applying download commands, applying installation commands, etc.), and the smart card feeds the command response to the card through the service terminal.
Figure imgf000016_0001
务终端发送给智能卡; 智能卡从发送来的数据中剥离出命令, 根据命令执行  The service terminal sends the smart card; the smart card strips the command from the sent data and executes according to the command.
应用提供商管理平台从收到的数据中剥离出命令的响应。 当预定命令是应用 下载命令时, 智能卡执行应用下载。 The application provider management platform strips out the response of the command from the received data. When the predetermined command is an application download command, the smart card performs an application download.
下面, 结合实例, 对本发明的上述技术方案进行详细的说明, 图 3是根 据本发明实施例的卡片发行商自有应用下载和安装的详细信令流程图, 如图 3所示, 包括以下处理: 步骤 301 , 卡片发行商网点的卡片发行商业务终端向智能卡发送读取智 能卡特征信息命令。 The foregoing technical solution of the present invention is described in detail with reference to an example. FIG. 3 is a detailed signaling flowchart of a card issuer's own application downloading and installing according to an embodiment of the present invention. As shown in FIG. 3, the following processing is included. : Step 301: The card issuer service terminal of the card issuer network sends a command to read the smart card feature information to the smart card.
步骤 302, 智能卡接收到读取智能卡特征信息命令后, 将自己的特征信 息封装在读取智能卡特征信息响应中, 然后发送给卡片发行商业务终端。  Step 302: After receiving the command to read the smart card feature information, the smart card encapsulates its own feature information in the read smart card feature information response, and then sends the message to the card issuer service terminal.
步骤 303 , 卡片发行商业务终端发送应用下载请求给卡片发行商管理平 台。 该请求的数据中需要包括智能卡的特征信息, 以使卡片发行商管理平台 可以得知需要进行应用下载的智能卡。  Step 303: The card issuer service terminal sends an application download request to the card issuer management platform. The requested data needs to include the feature information of the smart card, so that the card issuer management platform can know the smart card that needs to be downloaded by the application.
步骤 304, 卡片发行商管理平台收到应用下载请求后, 判断是否允许申 请的智能卡进行应用下载; 如果否, 拒绝应用下载; 如果是, 选择主安全域, 卡片发行商管理平台在选择智能卡主安全域的选择 SELECT命令中填充主安 全域的 AID, 按照预定数据格式封装后发送给卡片发行商业务终端; 卡片发 行商业务终端按照预定数据格式发送给智能卡。 智能卡从收到的数据中剥离 出 SELECT命令, 按照命令选择主安全域。 执行命令后, 智能卡把 SELECT 响应数据按预定数据格式发送给卡片发行商业务终端, 卡片发行商业务终端 将该数据发送给卡片发行商管理平台。  Step 304: After receiving the application download request, the card issuer management platform determines whether the applied smart card is allowed to perform the application download; if not, rejects the application download; if yes, selects the primary security domain, and the card issuer management platform selects the smart card primary security The selection of the domain SELECT command fills the AID of the primary security domain, encapsulates it according to the predetermined data format, and sends it to the card issuer service terminal; the card issuer service terminal sends the smart card to the smart card according to the predetermined data format. The smart card strips the SELECT command from the received data and selects the primary security domain according to the command. After executing the command, the smart card sends the SELECT response data to the card issuer service terminal in a predetermined data format, and the card issuer service terminal transmits the data to the card issuer management platform.
步骤 305 , 卡片发行商管理平台通过卡片发行商业务终端与智能卡按照 预定协议进行身份认证、 建立安全通道。 建立安全通道的一系列命令和响应 的传递方式同上述 SELECT命令。  Step 305: The card issuer management platform establishes a secure channel by using a card issuer service terminal and the smart card according to a predetermined protocol for identity authentication. A series of commands and responses that establish a secure channel are delivered in the same way as the SELECT command above.
步骤 306, 安全通道建立完成后, 卡片发行商管理平台生成应用下载命 令 INSTALL[for load] ( [用于下载] ) , 通过卡片发行商业务终端发送到智能 卡, 根据应用文件大小, 可能包含多条 INSTALL[for load]命令。 智能卡完成 下载后, 通过卡片发行商业务终端向卡片发行商管理平台返回下载结果。 命 令和响应的传递方式同上述 SELECT命令。  Step 306, after the establishment of the secure channel is completed, the card issuer management platform generates an application download command INSTALL[for load] ([for download]), which is sent to the smart card by the card issuer service terminal, and may include multiple pieces according to the application file size. INSTALL[for load] command. After the smart card is completed, the download result is returned to the card issuer management platform through the card issuer business terminal. Commands and responses are passed in the same way as the SELECT command above.
步骤 307, 卡片发行商管理平台生成应用安装命令 INSTALL[for install] [用于安装] , 通过卡片发行商业务终端发送到智能卡。 智能卡完成安装后, 通 过卡片发行商业务终端向卡片发行商管理平台返回安装结果。 命令和响应的 传递方式同上述 SELECT命令。 和安装的详细信令流程图, 如图 4所示, 包括以下处理: Step 307, the card issuer management platform generates an application installation command INSTALL[for install] [for installation], and sends the card to the smart card through the card issuer service terminal. After the smart card is installed, the installation result is returned to the card issuer management platform through the card issuer business terminal. Commands and responses are passed in the same way as the SELECT command above. And the detailed signaling flow diagram of the installation, as shown in Figure 4, includes the following processing:
步骤 401 , 卡片发行商网点的卡片发行商业务终端向智能卡发送读取智 能卡特征信息命令。  Step 401: The card issuer service terminal of the card issuer network sends a command to read the smart card feature information to the smart card.
步骤 402 , 智能卡接收到读取智能卡特征信息命令后, 将自己的特征信 息封装在读取智能卡特征信息响应中, 然后发送给卡片发行商业务终端。  Step 402: After receiving the smart card feature information command, the smart card encapsulates its own feature information in the read smart card feature information response, and then sends the smart card feature information response to the card issuer service terminal.
步骤 403 , 卡片发行商业务终端发送应用下载请求给卡片发行商管理平 台。 该请求的数据中需要包括智能卡的特征信息, 以使卡片发行商管理平台 可以得知需要进行应用下载的智能卡。  Step 403: The card issuer service terminal sends an application download request to the card issuer management platform. The requested data needs to include the feature information of the smart card, so that the card issuer management platform can know the smart card that needs to be downloaded by the application.
步骤 404 , 卡片发行商管理平台收到应用下载请求后, 将判断是否允许 申请的智能卡进行应用下载; 如果是, 继续下面的操作, 否则将拒绝应用下 载。 如果已经为应用创建了从安全域, 则卡片发行商管理平台把用户要下载 的应用告知应用提供商管理平台, 然后进入步骤 406, 否则, 卡片发行商管 理平台将选择主安全域, 并与智能卡建立安全通道, 创建从安全域, 生成从 安全域初始密钥。  Step 404: After receiving the application download request, the card issuer management platform determines whether the applied smart card is allowed to be applied for downloading; if yes, the following operations are continued, otherwise the application download is rejected. If the slave security domain has been created for the application, the card issuer management platform notifies the application provider management platform of the application to be downloaded by the user, and then proceeds to step 406. Otherwise, the card issuer management platform selects the primary security domain and interacts with the smart card. Establish a secure channel, create an initial key from the security domain, and generate it from the security domain.
步骤 405 , 卡片发行商管理平台把从安全域初始密钥发送给应用提供商 管理平台。  Step 405: The card issuer management platform sends the slave security initial key to the application provider management platform.
步骤 406 , 应用提供商管理平台选择从安全域、 与智能卡之间建立安全 通道, 然后更新从安全域密钥。  Step 406: The application provider management platform selects a secure channel between the security domain and the smart card, and then updates the security domain key.
步骤 407 ,应用提供商管理平台向卡片发行商管理平台申请令牌 ( Token ) 用于应用下载和安装。  Step 407: The application provider management platform applies a token (Token) to the card issuer management platform for application download and installation.
步骤 408, 卡片发行商管理平台把发行商 Token密钥发送给应用提供商 管理平台。  Step 408: The card issuer management platform sends the publisher Token key to the application provider management platform.
步骤 409, 应用提供商管理平台根据发行商 Token等信息生成包含装载 令牌 Load Token的应用下载命令 INSTALL[for load] ( [用于下载] ) , 通过卡 片发行商管理平台及卡片发行商业务终端发送到智能卡,根据应用文件大小, 可能包含多条 INSTALL[for load]命令。 智能卡收到应用下载命令后, 进行应 用下载, 智能卡完成下载后, 通过卡片发行商管理平台及卡片发行商业务终 端向应用提供商管理平台返回下载结果。 步骤 410, 应用提供商管理平台根据发行商 Token等信息生成包含 Load Token的应用安装命令 INSTALL[for install] ( [用于安装] ) , 通过卡片发行商 管理平台及卡片发行商业务终端发送到智能卡。 智能卡完成安装后, 通过卡 片发行商管理平台及卡片发行商业务终端向应用提供商管理平台返回安装结 果。 果, 包括应用状态、 资源占用情况、 版本情况等。 命令和响应的传递方式类似图 3实施例中的 SELCET命令。 Step 409: The application provider management platform generates an application download command INSTALL[for load] ([for downloading]) containing the load token Load Token according to the information such as the publisher Token, and the card issuer management platform and the card issuer service terminal. Send to smart card, depending on the size of the application file, may contain multiple INSTALL[for load] commands. After the smart card receives the application download command, the application download is performed. After the smart card completes the download, the download result is returned to the application provider management platform by the card issuer management platform and the card issuer service terminal. Step 410: The application provider management platform generates an application installation command INSTALL[for install] ([installation]) including a load Token according to the information such as the publisher Token, and sends the smart card to the smart card through the card issuer management platform and the card issuer service terminal. . After the smart card is installed, the installation result is returned to the application provider management platform through the card issuer management platform and the card issuer service terminal. If it includes application status, resource occupancy, version status, and so on. The command and response are delivered in a similar manner to the SELCET command in the embodiment of Figure 3.
图 5是根据本发明实施例的应用提供商自主控制的应用下载和安装的详 细信令流程图, 如图 5所示, 包括以下处理:  FIG. 5 is a detailed signaling flowchart of an application download and installation autonomously controlled by an application provider according to an embodiment of the present invention. As shown in FIG. 5, the following processing is included:
步骤 501 , 应用提供商网点的应用提供商业务终端向智能卡发送读取智 能卡特征信息命令。  Step 501: The application provider service terminal of the application provider network sends a command to read the smart card feature information to the smart card.
步骤 502, 智能卡接收到读取智能卡特征信息命令后, 将自己的特征信 息封装在读取智能卡特征信息响应中, 然后发送给应用提供商业务终端。  Step 502: After receiving the smart card feature information command, the smart card encapsulates its own feature information in the read smart card feature information response, and then sends the smart card feature information response to the application provider service terminal.
步骤 503 , 应用提供商业务终端发送应用下载请求给应用提供商管理平 台。 该请求的数据中需要包括智能卡的特征信息, 以使应用提供商管理平台 可以得知需要进行应用下载的智能卡。  Step 503: The application provider service terminal sends an application download request to the application provider management platform. The requested data needs to include the feature information of the smart card, so that the application provider management platform can know the smart card that needs to be downloaded by the application.
步骤 504, 应用提供商管理平台收到应用下载请求后, 将判断是否允许 申请的智能卡进行应用下载; 如果是, 继续下面的操作, 否则将拒绝应用下 载。 如果已经为该应用创建了从安全域, 则进入步骤 506, 否则, 向卡片发 行商管理平台发送从安全域创建申请, 并进入步骤 505。  Step 504: After receiving the application download request, the application provider management platform determines whether the applied smart card is allowed to be applied for downloading; if yes, the following operations are continued, otherwise the application download is rejected. If the secondary security zone has been created for the application, then step 506 is entered, otherwise, the secure domain creation request is sent to the card issuer management platform, and the process proceeds to step 505.
步骤 505 , 卡片发行商管理平台接收到应用提供商管理平台发送的从安 全域创建申请后, 判断没有为该应用创建从安全域, 将选择主安全域, 并与 智能卡建立相互认证、 建立安全通道, 创建从安全域, 生成从安全域初始密 钥。  Step 505: After receiving the application for creating a security domain from the application provider management platform, the card issuer management platform determines that the secondary security domain is not created for the application, and selects the primary security domain, and establishes mutual authentication and establishes a secure channel with the smart card. Create an initial key from the security domain that is generated from the security domain.
步骤 506, 卡片发行商管理平台把从安全域初始密钥发送给应用提供商 管理平台。 步骤 507 , 应用提供商管理平台选择从安全域、 与智能卡之间建立安全 通道, 然后更新从安全域密钥。 Step 506, the card issuer management platform sends the slave security initial key to the application provider management platform. Step 507: The application provider management platform selects a secure channel between the security domain and the smart card, and then updates the security domain key.
步骤 508,应用提供商管理平台生成应用下载命令 INSTALL[for load]( [用 于下载] ) , 通过应用提供商业务终端发送到智能卡, 根据应用文件大小, 可 能包含多条 INSTALL[for load]命令。 智能卡完成下载后, 通过应用提供商业 务终端向应用提供商管理平台返回下载结果。  Step 508, the application provider management platform generates an application download command INSTALL[for load] ([for downloading]), and sends the smart card to the smart card through the application provider service terminal, and may include multiple INSTALL[for load] commands according to the application file size. . After the smart card completes the download, the application provides the business terminal to return the download result to the application provider management platform.
步骤 509, 应用提供商管理平台生成应用安装命令 INSTALL[for install] Step 509, the application provider management platform generates an application installation command INSTALL[for install]
( [用于安装] ),通过应用提供商业务终端发送到智能卡。智能卡完成安装后, 通过业务终端向应用提供商管理平台返回安装结果。 ([for installation]), sent to the smart card through the application provider business terminal. After the smart card is installed, the installation result is returned to the application provider management platform through the service terminal.
命令和响应的传递方式类似图 3实施例中的 SELCET命令。 The command and response are delivered in a similar manner to the SELCET command in the Figure 3 embodiment.
以上所述仅为本发明的优选实施例而已, 并不用于限制本发明, 对于本 领域的技术人员来说, 本发明可以有各种更改和变化。 凡在本发明的精神和 原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发明的保护 范围之内。  The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
工业实用性 Industrial applicability
通过本发明提出的应用下载的系统和方法, 可以根据应用所属的管理平 台以及安全域控制方的不同, 方便地把应用下载到智能卡上, 提高了用户体 验。  Through the application downloading system and method proposed by the present invention, the application can be conveniently downloaded to the smart card according to the management platform to which the application belongs and the security domain control party, thereby improving the user experience.

Claims

权 利 要 求 书 Claim
1、 一种应用下载的方法, 其包括:  1. A method for downloading an application, comprising:
卡外实体管理平台收到业务终端发来的应用下载请求, 通过所述业务终 端选择智能卡上负责应用下载的安全域, 与所述智能卡之间建立安全通道, 并基于所述安全通道, 将应用下载到所述智能卡中。  The card external entity management platform receives an application download request sent by the service terminal, selects a security domain on the smart card that is responsible for application downloading, establishes a secure channel with the smart card, and applies the application based on the secure channel. Download to the smart card.
2、 如权利要求 1所述的方法, 其中, 行商业务终端; 或者,  2. The method of claim 1, wherein the merchant service terminal; or
供商业务终端。 Supplier business terminal.
3、 如权利要求 1所述的方法, 其中,  3. The method of claim 1, wherein
卡片发行商业务终端, Card issuer business terminal,
所述方法为: 所述卡片发行商管理平台接收所述卡片发行商业务终端发来的所述应用 下载请求; 以及 所述应用提供商管理平台选择所述智能卡上负责应用下载的从安全域, 安全通道, 并基于所述安全通道将所述应用下载到所述智能卡中。  The method is: the card issuer management platform receives the application download request sent by the card issuer service terminal; and the application provider management platform selects a slave security domain on the smart card that is responsible for application downloading, a secure channel, and downloading the application to the smart card based on the secure channel.
4、 如权利要求 2或 3所述的方法, 其中,  4. The method of claim 2 or 3, wherein
所述应用下载请求中携带有智能卡特征信息,  The application download request carries smart card feature information,
所述卡外实体管理平台收到所述应用下载请求的步骤之后, 所述方法还 包括:  After the step of receiving the application download request by the card external entity management platform, the method further includes:
卡特征信息判断是否允许下载所述应用, 其中, Card feature information determines whether the application is allowed to be downloaded, wherein
在判断结果为是时, 才通过所述业务终端选择所述智能卡上负责所 述应用下载的所述安全域。 When the judgment result is yes, the responsible terminal on the smart card is selected by the service terminal. The security domain of the application download.
5、 如权利要求 2或 3所述的方法, 其中, 所述卡外实体管理平台收到业 务终端发来的应用下载请求的步骤之前, 所述方法还包括:  The method of claim 2 or 3, wherein, before the step of receiving the application download request from the service terminal, the method further includes:
所述业务终端向所述智能卡发送读取智能卡特征信息命令, 所述智能卡 将其特征信息封装在读取智能卡特征信息命令的响应消息中发送给所述业务 终端。  The service terminal sends a command to read the smart card feature information to the smart card, and the smart card encapsulates the feature information in a response message for reading the smart card feature information command and sends the message to the service terminal.
6、 如权利要求 2或 3所述的方法, 其中, 所述卡片发行商管理平台或所 述应用提供商管理平台与所述智能卡之间建立安全通道的步骤包括: 协议, 通过所述业务终端与所述智能卡进行身份认证, 以建立所述安全通道, 其中,  The method according to claim 2 or 3, wherein the step of establishing a secure channel between the card issuer management platform or the application provider management platform and the smart card comprises: a protocol, through the service terminal Performing identity authentication with the smart card to establish the secure channel, where
所述预定安全信道协议基于对称密钥或非对称密钥机制。  The predetermined secure channel protocol is based on a symmetric key or an asymmetric key mechanism.
7、 如权利要求 2或 3所述的方法, 其中, 所述卡外实体管理平台基于所 述安全通道将应用下载到所述智能卡中的步骤之前, 所述方法还包括: 预定命令。  The method according to claim 2 or 3, wherein before the step of downloading an application to the smart card by the external channel management platform, the method further comprises: a predetermined command.
8、 如权利要求 7所述的方法, 其中, 所述卡片发行商管理平台或所述应 用提供商管理平台向所述智能卡发送预定命令的步骤包括:  8. The method according to claim 7, wherein the step of the card issuer management platform or the application provider management platform transmitting a predetermined command to the smart card comprises:
同 ¾t卞 3 尸 /1 ^ jn m仅^ r 卞 α 尸ι  Same as 3⁄4t卞 3 corps /1 ^ jn m only ^ r 卞 α 尸ι
照预定数据格式进行封装后, 通过所述业务终端发送给所述智能卡; 以及 所述智能卡从发送来的数据中剥离出所述预定命令, 以根据所述预定命 令执行对应的操作。 After being encapsulated in a predetermined data format, the smart card is sent by the service terminal; and the smart card strips the predetermined command from the transmitted data to perform a corresponding operation according to the predetermined command.
9、 如权利要求 8所述的方法, 其中, 所述智能卡从发送来的数据中剥离 出所述预定命令的步骤之后, 所述方法还包括:  The method of claim 8, wherein after the step of the smart card stripping the predetermined command from the sent data, the method further includes:
Figure imgf000022_0001
离出对所述预定命令的所述响应。
Figure imgf000022_0001
The response to the predetermined command is left.
10、 如权利要求 8所述的方法, 其中, 所述预定命令为应用下载命令时, 所述智能卡剥离出所述预定命令的步骤之后, 所述方法还包括:  The method of claim 8, wherein the method further comprises: after the step of the application downloading the command, the smart card is stripped of the predetermined command, the method further comprising:
所述智能卡解析所述预定命令, 以执行应用下载。  The smart card parses the predetermined command to perform an application download.
11、 如权利要求 8所述的方法, 其中, 当所述应用为卡片发行商所托管 台向所述智能卡发送预定命令的步骤之前, 所述方法还包括:  The method of claim 8, wherein the method further comprises: before the step of the card issuer hosting the predetermined command being sent to the smart card by the card issuer, the method further comprising:
接收所述卡片发行商管理平台发送的令牌密钥, 之后所述应用提供商管理平 台生成包括装载令牌的预定命令, 以通过所述卡片发行商管理平台和所述卡 片发行商业务终端发送到所述智能卡。 Receiving a token key sent by the card issuer management platform, and then the application provider management platform generates a predetermined command including a load token to be sent by the card issuer management platform and the card issuer service terminal Go to the smart card.
12、 如权利要求 1所述的方法, 其中,  12. The method of claim 1, wherein
当所述应用为卡片发行商自有应用时, 所述业务终端选择智能卡上负责 应用下载的安全域的步骤包括:  When the application is a card issuer's own application, the step of the service terminal selecting the security domain on the smart card responsible for the application download includes:
所述卡片发行商管理平台选择所述智能卡上的主安全域, 或者, 所述卡片发行商管理平台为所述应用创建从安全域, 并选择所述从 安全域; 或者,  The card issuer management platform selects a primary security domain on the smart card, or the card issuer management platform creates a secondary security domain for the application, and selects the secondary security domain; or
当所述应用为应用提供商自主控制的应用或卡片发行商所托管的应用提 供商的应用时, 所述业务终端选择智能卡上负责应用下载的安全域的步骤包 括:  When the application is an application controlled by an application provider or an application provider hosted by a card issuer, the steps of the service terminal selecting a security domain on the smart card responsible for the application download include:
如果没有为所述应用创建从安全域,  If no security domain is created for the app,
所述卡片发行商管理平台选择主安全域, 并建立与所述智能卡之间 的安全通道, 以及创建从安全域, 生成从安全域初始密钥, 并将所述从 安全域初始密钥发送给所述应用提供商管理平台; 以及  The card issuer management platform selects a primary security domain, establishes a secure channel with the smart card, and creates a slave security domain, generates a slave security domain initial key, and sends the slave security domain initial key to The application provider management platform;
所述应用提供商管理平台选择负责所述应用下载的所述从安全域, 并基于所述安全通道更新从安全域密钥; 或者,  The application provider management platform selects the slave security domain responsible for the application download, and updates the slave security domain key based on the secure channel; or
如果已经为所述应用创建从安全域, 所述应用提供商管理平台选择负责所述应用下载的所述从安全域, 并基于所述安全通道更新从安全域密钥。 If you have created a slave security domain for the app, The application provider management platform selects the slave security domain responsible for the application download and updates the slave security domain key based on the secure channel.
13、 一种应用下载的系统, 其包括卡外实体管理平台、 业务终端和智能 卡; 其中,  13. An application downloading system, comprising an external card management platform, a service terminal, and a smart card; wherein
所述卡外实体管理平台设置为:接收所述业务终端发来的应用下载请求, 并通过所述业务终端选择所述智能卡上负责应用下载的安全域, 在与所述智 能卡建立安全通道后, 基于所述安全通道, 将应用下载到所述智能卡中; 所述业务终端设置为:发送所述应用下载请求至所述卡外实体管理平台, 在所述卡外实体管理平台和所述智能卡之间透明地传输数据;  The card external entity management platform is configured to: receive an application download request sent by the service terminal, and select, by the service terminal, a security domain that is responsible for application downloading on the smart card, after establishing a secure channel with the smart card, And downloading, by the security channel, the application to the smart card; the service terminal is configured to: send the application download request to the card external entity management platform, where the card external entity management platform and the smart card are Transmitting data transparently;
所述智能卡设置为: 通过所述业务终端与所述卡外实体管理平台建立安 全通道, 并通过所述安全通道完成应用下载操作。  The smart card is configured to: establish a security channel with the card external entity management platform by using the service terminal, and complete an application download operation by using the secure channel.
14、 如权利要求 13所述的系统, 其中, 行商业务终端, 或者,  14. The system according to claim 13, wherein the merchant service terminal, or
所述卡外实体管理平台为应用提供商管理平台, 所述业务终端为应用提 供商业务终端。  The card external entity management platform is an application provider management platform, and the service terminal is an application provider service terminal.
15、 如权利要求 13所述的系统, 其中,  15. The system of claim 13 wherein
供商业务终端时, 所述系统还包括卡片发行商管理平台; 其中, When the service terminal is provided, the system further includes a card issuer management platform;
所述应用提供商管理平台还包括:  The application provider management platform further includes:
申请模块, 其设置为: 在没有为所述应用创建从安全域时, 向所述 卡片发行商管理平台发送从安全域创建请求; 以及  An application module, configured to: send a request to create a security domain from the card issuer management platform when a slave security domain is not created for the application;
接收模块, 其设置为: 接收所述卡片发行商管理平台发送的从安全 域初始密钥;  a receiving module, configured to: receive a slave security domain initial key sent by the card issuer management platform;
所述卡片发行商管理平台还包括:  The card issuer management platform also includes:
创建及发送模块, 其设置为接收所述应用提供商管理平台发送的所述从 安全域创建请求, 创建从安全域, 生成所述从安全域初始密钥并发送所述从 安全域初始密钥给所述应用提供商管理平台。 a creating and sending module, configured to receive the slave security domain creation request sent by the application provider management platform, create a slave security domain, generate the slave security domain initial key, and send the slave The secure domain initial key is given to the application provider management platform.
16、 如权利要求 13所述的系统, 其中, 所述卡外实体管理平台包括卡片 发行商管理平台和应用提供商管理平台, 所述业务终端为卡片发行商业务终 端时,  The system of claim 13, wherein the card external entity management platform comprises a card issuer management platform and an application provider management platform, and when the service terminal is a card issuer service terminal,
所述卡片发行商管理平台设置为接收所述卡片发行商业务终端发来的所 述应用下载请求;  The card issuer management platform is configured to receive the application download request sent by the card issuer service terminal;
所述应用提供商管理平台设置为: 选择从安全域, 通过所述卡片发行商 管理平台和所述卡片发行商业务终端与所述智能卡建立安全通道, 并基于所 述安全通道, 将所述应用下载到所述智能卡中。  The application provider management platform is configured to: select a slave security zone, establish a secure channel with the smart card by the card issuer management platform and the card issuer service terminal, and set the application based on the secure channel Download to the smart card.
17、 如权利要求 16所述的系统, 其中,  17. The system of claim 16 wherein
所述卡片发行商管理平台还包括创建及发送模块, 所述创建及发送模块 设置为:  The card issuer management platform further includes a create and send module, and the create and send module is configured to:
在没有为所述应用创建从安全域时, 创建从安全域, 生成从安全域初始 密钥并发送所述从安全域初始密钥给所述应用提供商管理平台;  When the slave security domain is not created for the application, the slave security domain is generated, the slave security domain initial key is generated, and the slave security domain initial key is sent to the application provider management platform;
所述应用提供商管理平台还包括接收模块, 所述接收模块设置为接收所  The application provider management platform further includes a receiving module, and the receiving module is configured to receive the receiving
18、 如权利要求 14至 17任一所述的系统, 其中, 所述应用提供商管理 平台还包括更新模块, 所述更新模块设置为更新所述应用对应的从安全域密 钥。 The system according to any one of claims 14 to 17, wherein the application provider management platform further comprises an update module, the update module being configured to update the slave security domain key corresponding to the application.
19、 如权利要求 14或 15所述的系统, 其中,  19. The system of claim 14 or 15, wherein
生成模块, 其设置为生成预定命令; Generating a module, which is configured to generate a predetermined command;
封装模块,其设置为将所述预定命令按照预定的数据格式进行封装; 以及  a packaging module configured to package the predetermined command in a predetermined data format;
发送模块, 其设置为通过所述业务终端将所述预定命令发送到所述 智能卡;  a sending module, configured to send the predetermined command to the smart card by using the service terminal;
所述智能卡还包括: 执行模块, 其设置为: 接收所述预定命令后, 解析所述预定命令, 执行相应操作。 The smart card further includes: An execution module is configured to: after receiving the predetermined command, parse the predetermined command, and perform a corresponding operation.
20、 如权利要求 16或 17所述的系统, 其中,  20. The system of claim 16 or 17, wherein
所述应用提供商管理平台还包括:  The application provider management platform further includes:
令牌申请模块, 其设置为: 向所述卡片发行商管理平台申请令牌, 接收所述卡片发行商管理平台发送的令牌密钥;  a token application module, configured to: apply a token to the card issuer management platform, and receive a token key sent by the card issuer management platform;
所述卡片发行商管理平台还包括:  The card issuer management platform also includes:
令牌发送模块, 其设置为: 收到所述应用提供商管理平台的令牌申 请后, 发送所述令牌密钥给所述应用提供商管理平台。  The token sending module is configured to: after receiving the token application of the application provider management platform, send the token key to the application provider management platform.
21、 如权利要求 20所述的系统, 其中,  21. The system of claim 20, wherein
所述应用提供商管理平台还包括: 生成模块, 其设置为生成包含装载令牌的预定命令;  The application provider management platform further includes: a generating module configured to generate a predetermined command including a loading token;
封装模块,其设置为将所述预定命令按照预定的数据格式进行封装; 以及  a packaging module configured to package the predetermined command in a predetermined data format;
发送模块, 其设置为: 通过所述卡片发行商管理平台和所述卡片发 行商业务终端将所述预定命令发送到所述智能卡; 所述智能卡还包括:  a sending module, configured to: send the predetermined command to the smart card by using the card issuer management platform and the card issuer service terminal; the smart card further includes:
执行模块, 其设置为: 接收所述预定命令后, 解析所述预定命令, 执行相应操作。  An execution module is configured to: after receiving the predetermined command, parse the predetermined command, and perform a corresponding operation.
22、 如权利要求 15至 17任一所述的系统, 其中,  22. The system of any one of claims 15 to 17, wherein
所述业务终端还包括特征信息读取模块, 所述特征信息读取模块设置为 向所述智能卡发送读取智能卡特征信息命令;  The service terminal further includes a feature information reading module, and the feature information reading module is configured to send a read smart card feature information command to the smart card;
所述智能卡还包括特征信息发送模块 , 所述特征信息发送模块设置为将 所述特征信息封装在读取智能卡特征信息命令的响应消息中发送到所述业务 终端。  The smart card further includes a feature information sending module, and the feature information sending module is configured to send the feature information to the service terminal in a response message for reading the smart card feature information command.
23、 如权利要求 14或 15所述的系统, 其中,  23. The system of claim 14 or 15, wherein
所述应用下载请求中携带有智能卡特征信息, 获取模块, 其设置为获取所述应用下载请求中的智能卡特征信息; 判断模块, 其设置为根据所述智能卡特征信息判断是否允许下载所 述应用; 以及 The application download request carries smart card feature information, An acquiring module, configured to acquire smart card feature information in the application download request, and a determining module, configured to determine, according to the smart card feature information, whether to allow downloading the application;
选择模块, 其设置为: 在所述判断模块的判断结果为是时, 通过所 述业务终端选择所述智能卡上负责所述应用下载的安全域。  And a selection module, configured to: when the determination result of the determining module is yes, select, by the service terminal, a security domain on the smart card that is responsible for the application download.
24、 如权利要求 14至 17任一所述的系统, 其中, 所述卡片发行商管理 平台或所述应用提供商管理平台还包括认证和建立模块,  The system according to any one of claims 14 to 17, wherein the card issuer management platform or the application provider management platform further includes an authentication and establishment module.
所述认证和建立模块设置为: 按照预定安全信道协议, 通过所述业务终 端和所述智能卡进行身份认证, 建立所述安全通道, 其中,  The authentication and establishing module is configured to: establish, according to a predetermined secure channel protocol, identity authentication by using the service terminal and the smart card, where
所述预定安全信道协议基于对称密钥或非对称密钥机制。  The predetermined secure channel protocol is based on a symmetric key or an asymmetric key mechanism.
PCT/CN2009/075443 2009-02-27 2009-12-09 An application downloading system and method WO2010096991A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200910118680.6 2009-02-27
CN 200910118680 CN101819696B (en) 2009-02-27 2009-02-27 Application downloading system and method

Publications (1)

Publication Number Publication Date
WO2010096991A1 true WO2010096991A1 (en) 2010-09-02

Family

ID=42654783

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/075443 WO2010096991A1 (en) 2009-02-27 2009-12-09 An application downloading system and method

Country Status (2)

Country Link
CN (1) CN101819696B (en)
WO (1) WO2010096991A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022143008A1 (en) * 2020-12-30 2022-07-07 飞天诚信科技股份有限公司 Card reading terminal and working method thereof

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102711101B (en) * 2012-04-28 2015-01-14 大唐微电子技术有限公司 Method and system for realizing distribution of smart cards
CN103051456B (en) * 2012-12-25 2017-04-05 北京大唐智能卡技术有限公司 The method and system of application program in a kind of management intelligent SD card
CN103914712B (en) * 2012-12-29 2017-09-29 北京握奇数据系统有限公司 Realization method and system being applied a kind of contact type intelligent card more
CN103903026B (en) * 2012-12-29 2017-06-20 北京握奇数据系统有限公司 Card reader and smart card exchange method and system in being applied contact type intelligent card more
US9916575B2 (en) * 2014-11-19 2018-03-13 Qualcomm Incorporated Systems and methods for adaptive routing for multiple secure elements
CN104602224B (en) * 2014-12-31 2018-07-24 浙江融创信息产业有限公司 It is a kind of that chucking method is opened based on NFC mobile phone SWP-SIM cards in the air
CN105160776B (en) * 2015-09-09 2017-07-21 建亿通(北京)数据处理信息有限公司 City one-card card, business platform, card operation system and implementation method
CN105426796B (en) * 2015-11-10 2021-08-06 苏州海博智能系统有限公司 Method for downloading application to smart card
CN105654299A (en) * 2015-12-31 2016-06-08 深圳前海微众银行股份有限公司 Mobile payment method, and cloud payment platform and system
CN108282764A (en) * 2017-01-03 2018-07-13 中国移动通信有限公司研究院 A kind of information interacting method and terminal device
CN109246170A (en) * 2017-07-11 2019-01-18 北京握奇智能科技有限公司 A kind of application security download system
CN113490210B (en) * 2021-06-17 2023-03-24 中国联合网络通信集团有限公司 Method and system for establishing auxiliary security domain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101068374A (en) * 2007-05-29 2007-11-07 中国网络通信集团公司 Aerial data transmission bearing mode switching method and system
CN101321350A (en) * 2008-07-24 2008-12-10 北京立通无限科技有限公司 Method ,device and system for automatically updating application software of mobile terminal
CN101340663A (en) * 2008-05-30 2009-01-07 普天信息技术研究院有限公司 Smart memory card system and method for implementing interaction by the system
WO2009017292A1 (en) * 2007-07-31 2009-02-05 Lg Electronics Inc. Mobile status detection contactless module

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101068374A (en) * 2007-05-29 2007-11-07 中国网络通信集团公司 Aerial data transmission bearing mode switching method and system
WO2009017292A1 (en) * 2007-07-31 2009-02-05 Lg Electronics Inc. Mobile status detection contactless module
CN101340663A (en) * 2008-05-30 2009-01-07 普天信息技术研究院有限公司 Smart memory card system and method for implementing interaction by the system
CN101321350A (en) * 2008-07-24 2008-12-10 北京立通无限科技有限公司 Method ,device and system for automatically updating application software of mobile terminal

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022143008A1 (en) * 2020-12-30 2022-07-07 飞天诚信科技股份有限公司 Card reading terminal and working method thereof

Also Published As

Publication number Publication date
CN101819696B (en) 2013-06-12
CN101819696A (en) 2010-09-01

Similar Documents

Publication Publication Date Title
WO2010096991A1 (en) An application downloading system and method
JP5513527B2 (en) Application download system and application download method
US10699277B2 (en) Security for mobile payment applications
US11039293B2 (en) Method and devices for transmitting a secured data package to a communication device
CN101742480B (en) Method and system for distributing initial key of slave security domain of intelligent card and mobile terminal
US20100058463A1 (en) Method of exchanging data between two electronic entities
CN101866463A (en) eNFC terminal, eNFC intelligent card and communication method thereof
CN104040553A (en) Method for executing an application in an NFC device
CN101742478B (en) Method and system for updating and distributing key of slave security domain of intelligent card and mobile terminal
CN101742481B (en) Method and system for distributing secondary security domain initial keys of smart card and mobile terminal
EP2620897A1 (en) Method, device and system for displaying radio frequency identification application information
EP2112634A1 (en) Method for transferring provisioning information to a mobile unit
US11907931B2 (en) Method and system for managing virtual electronic card, secure chip, terminal and storage medium
WO2010045821A1 (en) Cryptographic-key updating method and system
KR102652762B1 (en) Method for Providing Simple Registration by using Banking Application Linked by Page
US9253628B2 (en) Method of exchanging data between two electronic entities
CN101742479A (en) Method and system for updating and distributing smart card secondary security domain keys and mobile terminal
KR101288288B1 (en) Method for Providing Collective Application of Module Type
KR102642954B1 (en) Method for Providing Simple Member Registration by using Banking Application
KR102652761B1 (en) Method for Providing Simple Registration by using Banking Application
JP6323268B2 (en) Remote issuing system
JP2016096452A (en) Mobile terminal and radio communication system
KR20230024327A (en) End-to-end secure pairing of secure elements and mobile devices
CN103986739A (en) Action device, and conversion system and conversion method for virtual valuables
KR20150007376A (en) Method for Creating One Time Password by using SD Memory

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09840659

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09840659

Country of ref document: EP

Kind code of ref document: A1