[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN101739246A - Smart card and application data processing method - Google Patents

Smart card and application data processing method Download PDF

Info

Publication number
CN101739246A
CN101739246A CN200810177909A CN200810177909A CN101739246A CN 101739246 A CN101739246 A CN 101739246A CN 200810177909 A CN200810177909 A CN 200810177909A CN 200810177909 A CN200810177909 A CN 200810177909A CN 101739246 A CN101739246 A CN 101739246A
Authority
CN
China
Prior art keywords
application
smart card
card
java card
virtual machine
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN200810177909A
Other languages
Chinese (zh)
Inventor
刘子瑛
李丞倍
金亨一
罗栋元
李相研
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SK Telecom China Holdings Co Ltd
Original Assignee
SK Telecom China Holdings Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SK Telecom China Holdings Co Ltd filed Critical SK Telecom China Holdings Co Ltd
Priority to CN200810177909A priority Critical patent/CN101739246A/en
Publication of CN101739246A publication Critical patent/CN101739246A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Stored Programmes (AREA)

Abstract

The invention relates to a smart card and an application data processing method. The smart card comprises a security domain and an application domain, wherein the security domain comprises an on-chip operating system, a standard-version JAVA card virtual machine operated on the on-chip operating system, a JAVA card runtime library and a standard-version JAVA card application program; and the application domain comprises an operating system, a virtual machine operated on the operating system, a JAVA card runtime library and a connection-version JAVA card application program. The smart card and the application data processing method can reduce the transmission waiting time and the communication delay of application data and improve the application performance of the smart card under the condition that the system safety of the smart card is not reduced and an extra cost is not increased.

Description

Smart card and application data processing method
Technical field
The present invention relates to smart card techniques, relate in particular to a kind of dual operating systems smart card and application data processing method.
Background technology
Smart card is widely used as the important tool of identification and safety certification.Particularly, the JAVA technology makes the application of smart card more and more wider with combining of smart card techniques, and therefore this smart card often is called as the JAVA card owing to can support JAVA virtual machine and various operation platform.Traditional JAVA card is only supported the JAVA card virtual machine of standard edition (Classic Edition), is mainly used in safety certification and identification.
Along with the release of 3.0 connection version (Connected Edition) JAVA card virtual machine specification, the JAVA card begins to carry more business and realizes more function.It is different fully with standard edition to connect version, and the connection edition owner will be intended for network application, is applicable to air download, multimedia information management, business such as payment closely.It is incompatible with standard edition to connect version, and still, in order to adapt to traditional JAVA card of supporting standard edition, the JAVA card of present stage is the virtual machine of integrated these two kinds of versions on a card mostly.
Though the use that connects version JAVA card virtual machine has solved the problem of a part of smart card network application, under the prerequisite that guarantees security, for the consideration of cost, this JAVA card does not still satisfy the needs of handling more complexity and higher level service.So the JAVA card of dual operating systems arises at the historic moment, the JAVA of this dual operating systems is stuck in and increases an operating system on the basis of original JAVA card and come the individual processing senior application not high to security requirement.Particularly, referring to Fig. 1, Fig. 1 shows the Organization Chart of traditional double operating system smart card.As shown in Figure 1, the JAVA card of dual operating systems mainly comprises the two parts that communicate to connect each other: a part is called security domain, it comprise smart card Chip Operating System, run on 3.0 of this Chip Operating System and connect version JAVA card virtual machine and 3.0 standard edition JAVA card virtual machines, JAVA card Runtime Library and JAVA card applications, security domain is mainly realized the higher functions of security requirement such as identification, authentication, authentication and encryption, and is less demanding to hardware capabilities; Another part is called application domain, it comprises (SuSE) Linux OS, runs on the limited equipment disposition (CLDC of connection on this (SuSE) Linux OS, Connected Limited DeviceConfiguration) virtual machine, CLDC Runtime Library and application program, application domain is mainly realized the senior application such as multimedia service and network service, to having relatively high expectations of hardware.
Connect version JAVA card virtual machine and mainly be intended for network application, not high to security requirement, but, because in the JAVA of this dual operating systems card, connect version JAVA card virtual machine and be arranged in security domain, so the application data relevant with the network application that connects version JAVA card virtual machine has to handle in security domain.That is to say that application data will be had to from application domain by communications to security domain, pass back to application domain again through the processing of security domain, this has increased the time of application data transmission wait inevitably.In addition, security domain is subject to cost factor, and the hardware condition of self is limited, and the speed of handling these application datas is far away from application domain, and this performance that has limited dual operating systems JAVA card to a great extent improves.
Summary of the invention
Consider the problems referred to above of prior art, the object of the present invention is to provide a kind of smart card and application data processing method, can not reduce the smart card system security and not increase under the situation of extra cost, reduce the transmission latency and the communication delay of application data, improve the application performance of smart card.
To achieve these goals, the invention provides a kind of smart card, comprising:
Security domain, it comprises Chip Operating System, operates in standard edition JAVA card virtual machine, JAVA card Runtime Library and standard edition JAVA card application on this Chip Operating System; With
Application domain, it comprises operating system, operates in virtual machine, the JAVA card Runtime Library on this operating system and is connected version JAVA card application.
The present invention also provides a kind of application data processing method that is used for smart card, wherein, described smart card comprises: security domain, and it comprises Chip Operating System, operates in standard edition JAVA card virtual machine, JAVA card Runtime Library and standard edition JAVA card application on this Chip Operating System; And application domain, it comprises operating system, operates in virtual machine, the JAVA card Runtime Library on this operating system and is connected version JAVA card application that this method comprises the steps:
Judge that whether application data that described smart card receives is and the relevant application data of described standard edition JAVA card application;
In judged result is under the situation of negating, in the described application data of described application domain processes.
Description of drawings
Other features of the present invention, purpose and benefit will become more apparent by the detailed description below in conjunction with accompanying drawing.Wherein:
Fig. 1 shows the Organization Chart of traditional double operating system smart card;
Fig. 2 shows the Organization Chart according to the dual operating systems smart card of the embodiment of the invention;
Fig. 3 shows the process flow diagram according to the application data processing method of the embodiment of the invention.
Embodiment
Below, will describe each embodiment of the present invention in conjunction with the accompanying drawings in detail.
In the framework of dual operating systems smart card shown in Figure 1, the application data relevant with the network application that connects version JAVA card virtual machine has to be transferred to security domain, in the presence of security domain, handle, therefore, cause the transmission wait of application data to postpone, and security domain is because the restriction of self-condition, and arithmetic capability is not high, has limited the performance of whole smart card.
Consider that connecting version JAVA card virtual machine mainly is intended for network application, higher to the performance requirement such as arithmetic capability and storage capacity, and less demanding to security, so, the present invention is on the basis of existing dual operating systems smart card, and the application different with security requirement to performance requirement separate, on the basis that does not increase extra cost, reuse the existing device and the resource of smart card, significantly improve the performance of smart card.
Specifically describe according to smart card of the present invention referring to Fig. 2, Fig. 2 shows the Organization Chart according to the dual operating systems smart card of the embodiment of the invention.
As shown in Figure 2, dual operating systems smart card 1 comprises application domain 10 and the security domain 20 that communicates to connect each other.
Application domain 10 can be supported the senior application such as multimedia service and network download, can realize the partial function of being realized by principal computer or server traditionally.Senior application is higher to performance requirements such as the arithmetic capability of application domain 10, storage capacities, but less demanding to security, therefore, can in the control safety cost, on hardware, adopt advanced microprocessor and jumbo storer to improve and handle the performance of using.
Adapt therewith, the CLDC Runtime Library 120 that the software platform framework of application domain 10 comprises (SuSE) Linux OS 100, operate in CLDC virtual machine 110 on the (SuSE) Linux OS 100, CLDC virtual machine 110 is supported and application program 130 and JAVA card Runtime Library 140 be connected a version JAVA card application 150.
Security domain 20 is realized the most original function of fundamental sum of smart card 1, comprises safety certification and identification.Security domain 20 does not participate in the processing and the computing of complicated applications on the smart card 1, demand to performance is not high, but owing to need to realize functions such as safety certification and identification, to security require high, so the cost of microprocessor and storer on can control hardware, and cost is used to consider safety factor.
For this reason, the software platform framework of security domain 20 comprises smart card Chip Operating System 200, operates in the standard edition JAVA card virtual machine 210 on the Chip Operating System 200, JAVA card Runtime Library 220 and the standard edition JAVA card application 230 that standard edition JAVA card virtual machine 210 is supported.
From the framework of above-mentioned smart card 1 as seen, the standard edition JAVA card application 230 that security requirement is high is carried out in security domain 20 by standard edition JAVA card virtual machine 210, and the connection version JAVA card application 150 that network-oriented is used is carried out in application domain 10, because connecting version JAVA card virtual machine is the subclass of CLDC virtual machine 110, can realize by CLDC virtual machine 110 so connect version JAVA card application 150, and there is no need to be provided with separately a connection version JAVA card virtual machine.Under this framework, the application data relevant with connecting version JAVA card application 150 needn't be sent in the security domain 20 to be handled, handle but can directly in application domain 10, connect version JAVA card application by 110 operations of CLDC virtual machine, therefore, can reduce the stand-by period that application data is transmitted between security domain and application domain.Further, for this part application data, the processing power of application domain 10 and processing speed are all significantly better than security domain 20, so, compare with handle the application data relevant with being connected version JAVA card application 150 in security domain 20, these application datas of processing can significantly improve the performance of smart card in application domain 10.The more important thing is, compare with the smart card of traditional dual operating systems, smart card 1 of the present invention does not increase extra cost, only on the basis of conventional smart card, existing parts and resource are recombinated and optimized, under the situation that does not reduce the traditional intelligence card safety, make the function maximization of whole smart card.
Below, be described in the process of handling application data in the smart card shown in Figure 21 referring to Fig. 3.Fig. 3 shows the process flow diagram according to the application data processing method of the embodiment of the invention.
As shown in Figure 3, smart card 1 receives pending application data (step S300).
Smart card 1 judges that whether pending application data is and the relevant application data (step S310) of standard edition JAVA card application 230 in the security domain 20.
In the judged result of step S310 for certainly the time, illustrate that this application data relates to the higher functions of security requirement such as safety certification or identification, need security domain 20 to participate in calculation process, so, send pending application data to security domain 20 (step S320).
Security domain 20 is handled application data, and result is returned to application domain 10 (step S330).
When negating, illustrate that this application data does not belong to the security requirement higher data in the judged result of step S310, so, this application data (step S340) in application domain 20, handled.
From method shown in Figure 3 as seen, for the certain applications data, particularly,, therefore, needn't be sent to security domain 20 and handle owing to no longer need security domain 20 to participate in computing with the relevant application data of network application that connects version JAVA card application 150.Compare with the processing that two operating systems of traditional needs participate in, said method has been realized directly calling on same virtual machine, greatly reduces the time of data transmission communication.And the processing power of application domain 10 also is better than security domain 20, has improved processing speed to a certain extent, has improved the performance of smart card.
Those skilled in the art is to be understood that, operating system included in the above-mentioned application of IC cards territory can need not to be (SuSE) Linux OS, virtual machine also needs not to be the CLDC virtual machine, so long as support the virtual machine that connects version JAVA card application to get final product, even this virtual machine can be to connect version JAVA card virtual machine, like this, application domain comprises (SuSE) Linux OS, connects version JAVA card virtual machine, JAVA card Runtime Library and is connected version JAVA card application.
It will be understood by those of skill in the art that the disclosed method of the foregoing description can utilize software, hardware or way of hardware and software combination to realize.
Those skilled in the art is to be understood that, under the enlightenment of the above embodiment of the present invention, can obtain the various distortion of the embodiment of the invention, and under the situation that does not depart from the spirit or scope of the present invention, defined General Principle also can be applied among other embodiment herein.Therefore the embodiment shown in the present invention is not limited to herein, and requirement and principle and novel feature the widest corresponding to scope disclosed herein.

Claims (7)

1. smart card comprises:
Security domain, it comprises Chip Operating System, operates in standard edition JAVA card virtual machine, JAVA card Runtime Library and standard edition JAVA card application on this Chip Operating System; With
Application domain, it comprises operating system, operates in virtual machine, the JAVA card Runtime Library on this operating system and is connected version JAVA card application.
2. smart card as claimed in claim 1, wherein, the operating system of described application domain is (SuSE) Linux OS.
3. smart card as claimed in claim 1, wherein, the virtual machine of described application domain is to connect limited equipment disposition CLDC virtual machine.
4. smart card as claimed in claim 3 also comprises: the CLDC Runtime Library and the application program that are arranged in described application domain.
5. smart card as claimed in claim 1, wherein, the virtual machine of described application domain is to connect version JAVA card virtual machine.
6. application data processing method that is used for smart card, wherein, described smart card comprises: security domain, and it comprises Chip Operating System, operates in standard edition JAVA card virtual machine, JAVA card Runtime Library and standard edition JAVA card application on this Chip Operating System; And application domain, it comprises operating system, operates in virtual machine, the JAVA card Runtime Library on this operating system and is connected version JAVA card application that this application data processing method comprises the steps:
Judge that whether application data that described smart card receives is and the relevant application data of described standard edition JAVA card application;
In judged result is under the situation of negating, in the described application data of described application domain processes.
7. application data processing method as claimed in claim 6 further comprises:
Under judged result is sure situation, sends described application data to described security domain, and after described security domain is finished dealing with, send result to described application domain.
CN200810177909A 2008-11-21 2008-11-21 Smart card and application data processing method Pending CN101739246A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200810177909A CN101739246A (en) 2008-11-21 2008-11-21 Smart card and application data processing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200810177909A CN101739246A (en) 2008-11-21 2008-11-21 Smart card and application data processing method

Publications (1)

Publication Number Publication Date
CN101739246A true CN101739246A (en) 2010-06-16

Family

ID=42462773

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200810177909A Pending CN101739246A (en) 2008-11-21 2008-11-21 Smart card and application data processing method

Country Status (1)

Country Link
CN (1) CN101739246A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102023864A (en) * 2010-12-13 2011-04-20 中国联合网络通信集团有限公司 Method and system for processing OTA (over the air) message in universal USIM (subscriber identity module)
CN102629215A (en) * 2012-02-28 2012-08-08 东信和平智能卡股份有限公司 Communication method and communication device of virtual smart cards
CN105279183A (en) * 2014-07-15 2016-01-27 中国移动通信集团公司 Application domain management method and apparatus as well as user behavior reminding method and apparatus
CN105809011A (en) * 2014-12-31 2016-07-27 北京华大智宝电子系统有限公司 Method used by second generation USB Key capable of dynamically loading application to be compatible with Java Card platform
CN109547450A (en) * 2018-11-29 2019-03-29 北京元心科技有限公司 Method, apparatus, electronic equipment and the computer media in operational safety execution domain

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102023864A (en) * 2010-12-13 2011-04-20 中国联合网络通信集团有限公司 Method and system for processing OTA (over the air) message in universal USIM (subscriber identity module)
CN102629215A (en) * 2012-02-28 2012-08-08 东信和平智能卡股份有限公司 Communication method and communication device of virtual smart cards
CN105279183A (en) * 2014-07-15 2016-01-27 中国移动通信集团公司 Application domain management method and apparatus as well as user behavior reminding method and apparatus
CN105809011A (en) * 2014-12-31 2016-07-27 北京华大智宝电子系统有限公司 Method used by second generation USB Key capable of dynamically loading application to be compatible with Java Card platform
CN105809011B (en) * 2014-12-31 2019-02-05 北京华大智宝电子系统有限公司 A kind of method for the compatible Java Card platform of two generation USB Key that can be applied with dynamically load
CN109547450A (en) * 2018-11-29 2019-03-29 北京元心科技有限公司 Method, apparatus, electronic equipment and the computer media in operational safety execution domain

Similar Documents

Publication Publication Date Title
CN108737325B (en) Multi-tenant data isolation method, device and system
CN107729139B (en) Method and device for concurrently acquiring resources
US20200174801A1 (en) Information processing apparatus, ic chip, information processing method, program, and information processing system
US10033816B2 (en) Workflow service using state transfer
CN109144493A (en) Generation method, electronic device and the readable storage medium storing program for executing of business rule
CN108427649A (en) Access management method, terminal device, system and the storage medium of USB interface
CN101025698A (en) Apparatus for forcibly terminating thread blocked on input/output operation and method for the same
CN101739246A (en) Smart card and application data processing method
CN112256414A (en) Method and system for connecting multiple computing storage engines
CN103207965A (en) Method and device for License authentication in virtual environment
CN102043645A (en) Plug-in loading method and device
US20090313641A1 (en) Application management methods and systems
CN110990116A (en) Method, device and system for transmitting data between intelligent network card and virtual machine
CN105701406A (en) Method of Android platform for running traditional payment application
CN103077081B (en) Method and device of adjusting resources
CN103186738A (en) Software license management and control method and system for software resources, creating device and starting device
KR100759816B1 (en) Web-Based Development Environment Providing System and Method for Integrated Configuration of Embedded Linux Kernel and Application
CN108804236B (en) AIDL file sharing method and system
CN115454576B (en) Virtual machine process management method and system and electronic equipment
CN106778193B (en) Client and UI interaction method
CN100409165C (en) Device and method for providing intelligent card interface by large scale storage equipment
CN114327443A (en) Data processing method, system, terminal device and storage medium
CN109582464B (en) Method and device for managing multiple virtualization platforms by cloud platform
CN112000462A (en) Data processing method and device based on shared peripheral resources
CN112269649A (en) Method, device and system for realizing asynchronous execution of host task

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned

Effective date of abandoning: 20100616

C20 Patent right or utility model deemed to be abandoned or is abandoned