CN101520854A - Smart memory card, data safety control system and method thereof - Google Patents
Smart memory card, data safety control system and method thereof Download PDFInfo
- Publication number
- CN101520854A CN101520854A CN200810101199A CN200810101199A CN101520854A CN 101520854 A CN101520854 A CN 101520854A CN 200810101199 A CN200810101199 A CN 200810101199A CN 200810101199 A CN200810101199 A CN 200810101199A CN 101520854 A CN101520854 A CN 101520854A
- Authority
- CN
- China
- Prior art keywords
- file
- card
- confidential data
- district
- memory card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a smart memory card, a data safety control system and method thereof. The system consists of the smart memory card and a card access device. The smart memory card comprises a memory medium and a USB interface module and is connected with the card access device through a USB interface; the memory space of the memory medium is divided into different spaces at least comprising a confidential data area and a mass memory area; the capacity parameter of a disk configured in the USB interface module is matched with the access boundary of the mass memory area; the USB interface module is provided with a sector mapping unit used for conducting uniform mapping the different sectors covered by the confidential data area and the mass memory area and the memory sector of the card access device. The smart memory card solves the safety problem that occurs when the smart card data and mass memory data share a memory medium and data exchange is conducted with the card access device through the USB interface.
Description
Technical field
The present invention relates to intelligent memory card design and application, relate in particular to smart card and the data safety control system and the method for high calculated performance, super large memory capacity, high-speed transfer interface.
The intelligent memory card of indication of the present invention is meant that basic function meets or adopts the ISO/IEC7816 standard, has the novel smart card of mass storage and high-speed transfer interface.
Background technology
Can be IC-card again by card, be that a kind of integrated circuit (IC) chip that will have storage, encryption and data-handling capacity is embedded in the card in the plastic substrate.At present, smart card has been widely used in fields such as telecommunications, finance, government, traffic, medical treatment, public administration, internet.Especially at moving communicating field, conducts such as SIM, UIM, USIM and UICC card are applied in the smart card of moving communicating field, have not only obtained widespread use, but also have effectively promoted developing rapidly and widespread usage of mobile communication technology.
The interface specification of conventional smart card is stipulated that by ISO/IEC 7816 standards its transfer rate arrives between the hundreds of kbps at several kbps (kilobits per second, kbps) usually.Because the development of memory technology, the storage space on the smart card is increasing, and memory contents is also more and more, and the contradiction between the low and memory capacity height of interface rate is also more and more sharp-pointed.Thus, develop gradually again on the market recently a kind of intelligent memory card (Smart Storage Card, SSC).
Intelligent memory card (SSC) combines traditional smart card techniques and vast capacity flash memory technology, utilize multiple communication and computer interface, be loaded in mobile communication terminal, computing machine and other digital terminal equipment, provide the intelligent information of multiple functions such as high capacity storage, novel wireless value-added application, multimedia processing, information security, DRM, products such as multimedia, amusement.
The SSC card, for example the disclosed exercise question of Chinese patent publication number CN 1936934A is the smart card that provides in the patented claim of " method of integrating multiple data transmission interfaces and novel smart card on smart card ", the variation of novelty has all taken place on physical electrical characteristic, inner software/hardware framework than tradition (U) SIM card, its inner integrated 32 embedded microprocessors, high capacity flash storer and three kinds of high-speed interfaces of USB/SD/MMC have high-performance calculation, high capacity storage, high speed data transfer three big prominent feature.
Because when mass memory and smart card are used simultaneously, share same storage area between the Various types of data, and mass storage data is for the observability of personal computer (PC) or other card access means, and require the invisibility of intelligent card data for PC or other card access means, make the consideration that data security and intelligent card data are hidden becomes a kind of necessity.Simultaneously, because the telecom intelligent card data (comprise telephone directory, note and all kinds of development kit are used) along with the surge of using and people demand, make this intelligent memory card be necessary for intelligent card data again and the PC end provides the necessary security communication interface for vast capacity DB Backup and editor.How to realize that safe data communication will be the major issue that this intelligent memory card must solve.
Summary of the invention
Technical matters to be solved by this invention is to provide a kind of intelligent memory card and data safety control system and method, to realize intelligent memory card and the data communication safely and effectively that blocks access means.
For solving the problems of the technologies described above, the present invention at first provides a kind of intelligent memory card, comprise storage medium and usb interface module, wherein, the storage space of described storage medium is divided into the different spaces that comprises confidential data district and mass memory district at least, described mass memory district uses the file system of standard format, has the file relevant with smart card in the file system in described confidential data district; The visit boundary in disk size parameter that disposes in the described usb interface module and described mass memory district is complementary, and described usb interface module has the sector map unit, and mapping is unified with card access means memory sector in the different sectors that are used for described confidential data district and mass memory district are covered.
The present invention and then a kind of intelligent memory card data security access system is provided, comprise intelligent memory card and card access means, described intelligent memory card comprises storage medium and usb interface module, and link to each other with described card access means by the USB adapter, wherein, the storage space of described storage medium is divided into the different spaces that comprises confidential data district and mass memory district at least, described mass memory district uses the file system of standard format, has the file relevant with smart card in the file system in described confidential data district; The visit boundary in disk size parameter that is provided with in the described usb interface module and described mass memory district is complementary, and described usb interface module has the sector map unit, and the memory sector that is used for different sectors that described confidential data district and mass memory district are covered and described card access means is unified mapping.
Wherein, described card access means further comprises: the confidential data operational module, the memory sector that described confidential data operational module is operated on the card access means, the file system of the confidential data district same format of use and described intelligent memory card, and mapping relations are set up with the memory sector in the confidential data district of described intelligent memory card in the sector map unit that has by described usb interface module.
Wherein, the file system of described standard format is FAT, NTFS or EXT file system.
Wherein, the described file relevant with smart card is the file that meets the ISO/IEC7816 standard, comprises master file MF, private file DF and basic document EF.
Wherein, described intelligent memory card further comprises: the safe access control module is used to monitor the visit to the file in confidential data district, and judges by the access consideration of described file whether the visit to described file has corresponding authority.
The present invention also provides a kind of intelligent memory card data security control method, and described intelligent memory card comprises storage medium and usb interface module, and links to each other with the card access means by the USB adapter, and described method comprises the steps:
(1) storage space with described intelligent memory card is divided into the different spaces that comprises confidential data district and mass memory district at least, described mass memory district uses the file system of standard format, sets up the file relevant with smart card in the file system in described confidential data district;
(2) according to the visit boundary in described mass memory district, the disk size parameter is set in described usb interface module, the visit boundary in disk size parameter and mass memory district is complementary;
(3) in usb interface module, set up the sector map unit, different sectors and described card access means memory sector that described confidential data district and mass memory district are covered are unified mapping.
Wherein, the present invention may further include step: further set up a confidential data operational module in described card access means, the memory sector that described confidential data operational module is operated on the card access means, the file system of the confidential data district same format of use and described intelligent memory card, and the sector map unit that has by described usb interface module, set up mapping relations with the memory sector in the confidential data district of described intelligent memory card.
Wherein, the present invention may further include step: further set up a safe access control module in described intelligent memory card, by the visit of monitoring, and judge by the access consideration of described file whether the visit to described file has corresponding authority to the file in described confidential data district.
Wherein, described confidential data operational module is edited additions and deletions or backup operation by described mapping relations to the data in the confidential data district of described intelligent memory card.
Wherein, described confidential data operational module is by described mapping relations, in the output intelligent memory card during file in confidential data district, and filename and pathname conductively-closed in the smart card.
Wherein, after described confidential data operational module confirms that by initialization intelligent memory card has connected, further comprise step: call in the card access means with intelligent memory card in the identical file system dynamic base of confidential data district file layout, by the usb interface module of described intelligent memory card the file in intelligent memory card confidential data district is operated.
Wherein, described confidential data operational module further comprises step after confirming that by initialization intelligent memory card has connected:
A) the safe access control module in the described intelligent memory card judges whether described confidential data operational module satisfies the access consideration of described file to the visit of the file in confidential data district, thereby determines whether to have corresponding access rights;
B) if the confidential data operational module has corresponding access rights, described confidential data operational module call in the card access means with intelligent memory card in the identical file system dynamic base of confidential data district file layout, by the usb interface module of described intelligent memory card the file in intelligent memory card confidential data district is operated; If the confidential data operational module does not have corresponding access rights, then the confidential data operational module can not be operated the file in intelligent memory card confidential data district.
The invention solves when intelligent card data and the shared storage medium of mass storage data; and the data security problem that runs into when carrying out data interaction by USB/SD/MMC interface and card access means; providing a kind of can either conduct interviews to mass storage data; realize the intelligent card data protection simultaneously; and provide the solution that intelligent card data is backed up and edits, thereby provide value, competitive new type of safe intelligent memory card to the final user.
Description of drawings
Fig. 1 is the running environment structural representation according to the described intelligent memory card of the embodiment of the invention.
Fig. 2 is according to the application system figure between intelligent memory card of the present invention and the personal computer.
Fig. 3 is according to the described intelligent memory card data security control method of embodiment of the invention schematic flow sheet.
Fig. 4 is according to the described system architecture synoptic diagram of the embodiment of the invention.
Fig. 5 is the mapping synoptic diagram of usb interface module to the sector.
Fig. 6 is the corresponding diagram of file system on PC end file system and the intelligent memory card.
Fig. 7 reads synoptic diagram for the PIN code state according to the embodiment of the invention.
Fig. 8 is the PIN code status check synoptic diagram according to the embodiment of the invention.
Embodiment
The intelligent memory card running environment that the present invention relates to is based on multitask, the multi-application platform of RTOS (real time operating system), has comprised file system module and corresponding FLASH sector operation interface in the card simultaneously.Concrete environment description figure of the present invention as shown in Figure 1, thereby wherein USB interface is called USB by task scheduling and is driven the read-write finish bottom FLASH.
Versatility and ease for use for the storage data that realize intelligent memory card, the intelligent memory card that embodiments of the invention provide comprises storage medium and usb interface module, the storage space of described storage medium is divided into the different spaces that comprises confidential data district and mass memory district at least, described mass memory district uses the file system of standard format, has the file relevant with smart card in the file system in described confidential data district; The visit boundary in disk size parameter that is provided with in the described usb interface module and described mass memory district is complementary, and have the sector map unit in the usb interface module, the memory sector that is used for different sectors that described confidential data district and mass memory district are covered and access terminal is unified mapping.Make intelligent memory card can be used as a kind of universal storage device like this and use, have certain non-visible space (non-massive storage space) to deposit some significant datas simultaneously again for the user.
Preferably, the file system of described standard format is, for example FAT (File Allocation Table), NTFS (New Technology File System) or EXT (Extended File System) file system.The described file relevant with smart card is the file that meets the ISO/IEC standard, comprises master file MF, private file DF and basic document EF.
Preferably, may further include the safe access control module in the described intelligent memory card, be used to monitor visit, and judge by the access consideration of file whether the visit to file has corresponding authority the file in confidential data district.
As shown in Figure 2, be the application system figure between intelligent memory card of the present invention and the personal computer (PC).The embodiment of the invention comprises intelligent memory card 10 and personal computer 20, described intelligent memory card comprises storage medium and usb interface module, and link to each other with described personal computer by the USB adapter, the storage space of described storage medium is divided into the system file district, the mass memory district, subscriber computer ciphertext data district etc.; The visit boundary in disk size parameter that is provided with in the described usb interface module and described mass memory district is complementary, and have the sector map unit in the usb interface module, the different sectors and the described personal computer memory sector that are used for described confidential data district and mass memory district are covered are unified mapping.
Preferably, described personal computer 20 further comprises: confidential data operational module 201, the memory sector that described confidential data operational module 201 is operated on personal computer, the file system of the confidential data district same format of use and described intelligent memory card, and mapping relations are set up with the memory sector in the confidential data district of described intelligent memory card in the sector map unit that has by described usb interface module.
Preferably, the mass memory district of described intelligent memory card uses the file system of the standard format identical with personal computer, comprises FAT, NTFS or EXT file system; The described file relevant with smart card is the file that meets the ISO/IEC standard, comprises master file MF, private file DF and basic document EF.
Preferably, described intelligent memory card further comprises: the safe access control module is used to monitor the visit to the file in confidential data district, and judges by the access consideration of file whether the visit to file has corresponding authority.
As shown in Figure 3, be intelligent memory card data security access method schematic flow sheet of the present invention, described intelligent memory card comprises storage medium and usb interface module, and links to each other with personal computer by the USB adapter, and described method comprises the steps:
(301) storage space with described memory device is divided into the different spaces that comprises confidential data district and mass memory district at least, described mass memory district uses the file system of standard format, sets up the file relevant with smart card in the file system in described confidential data district;
(302) according to the visit boundary in described mass memory district, the disk size parameter is set in described usb interface module, the visit boundary in disk size parameter and mass memory district is complementary;
(303) in usb interface module, set up the sector map unit, different memory sectors and described personal computer memory sector that described confidential data district and mass memory district are covered are unified mapping.
Preferably, may further include step: in described personal computer, further set up a confidential data operational module, the memory sector that described confidential data operational module is operated on personal computer, the file system of the confidential data district same format of use and described intelligent memory card, and the sector map unit that has by described usb interface module, set up mapping relations with the memory sector in the confidential data district of described intelligent memory card.
Preferably, the mass memory district of intelligent memory card uses the file system of the standard format identical with personal computer, for example: FAT, NTFS or EXT file system, the file relevant with smart card is the file that meets the ISO/IEC7816 standard, comprise master file MF, private file DF and basic document EF.
Preferably, may further include step: in described intelligent memory card, further set up a safe access control module, monitoring is to the visit of the file in confidential data district, and judges by the access consideration of file whether the visit to file has corresponding authority.
Preferably, described confidential data operational module is edited additions and deletions or backup operation by described mapping relations to the data in the confidential data district of described intelligent memory card.
Preferably, described confidential data operational module is by described mapping relations, during the file in the confidential data district in the output intelligent memory card, and corresponding filename and pathname conductively-closed in the intelligent memory card.
When concrete the application, the described confidential data operational module 201 of the embodiment of the invention can be a PC backup software instrument.The modular structure of application system of the present invention has comprised data I/O api layer as shown in Figure 4, dedicated file system layer, and bottom sector operation interface (present embodiment has utilized USB interface).By structure bottom sector operation interface, file branch sector on the smart card is read, and by WINDOWS platform construction dedicated file system to carry out the establishment of file, read/write, operations such as attribute.On these file basic operation bases that file system realizes, concrete application and development be can carry out easily and quickly,, and flexible processing and mutual with the PC data carried out for the user provides the I/O of various intelligent card datas or USB device file.
Design to usb interface module describes below.
The visit end points of standard USB Mass Storage agreement comprises 0 end points (standard control end points) at least, the Bulk_Out end points, Bulk In end points, two end points of Bulk Out and Bulk In when carrying out data transmission, have mainly been used, wherein Bulk In refers to main frame device request data to the periphery, sends data by peripherals to main frame; The transmission direction of Bulk Out is opposite with Bulk-In, by main frame equipment sending data to the periphery.The embodiment of the invention has been used the SCSI protocol transmission after finishing the standard enumeration process.
The mass memory zone of intelligent memory card, the USB flash disk among Fig. 2 for example, intelligent card data storage area (confidential data zone) with the needs visit, many application area of the USB among Fig. 2 for example, be physically located at same NAND Flash, the setting of disk size parameter and the visit boundary of USB flash disk are complementary in the configuration descriptor, promptly are set to the size of USB flash disk storage area.
After getting access to the disk size parameter, PC conducts interviews to the read-write of the USB flash disk integral multiple with the standard sector-size, promptly, the read write command of PC is by the sector number of SCSI protocol transmission sector number and this transmission, bottom PC driver only carries out the encapsulation of CBW (Command Block Warp command block bag) to order, process of commands and parsing are carried out corresponding Interrupt Process by USB device in usb interface module.
Because PC itself does not carry out bounds checking to the command body of scsi command, make and to utilize the scsi command body to transmit other special many utility commands and data become possibility, scsi command at BULK_ONLY host-host protocol among the USB is introduced carrying out the hiding data transmission in the intelligent memory card below, and idiographic flow is as follows:
(1) PC carries out initialization to USB flash disk and enumerates (use standard control end points), obtains equipment disposition, endpoint type, and information such as agreement support determine that this equipment is USB flash disk equipment, use the SCSI agreement to carry out data transmission.
(2) utilize information in the equipment disposition descriptor, main frame and equipment use the SCSI agreement to utilize BulkOut end points and Bulk In end points to carry out data transmission.By Inquiry, Read_Capacity, Read_Format_Capacity, Mode_Sense obtain the information of disk Flash.
Bulk Out end points is to the processing of hiding data:
Bulk Out end points is responsible for receiving PC and is sent data, and write concrete physical medium, therefore, can utilize the sector map unit in the usb interface module, carry out unified mapping by the sector number to C zone and D zone and realize, concrete mapping relations as shown in Figure 5.
Moveable magnetic disc is partly for passing through the visible USB flash disk of PC zone among Fig. 5.Usb interface module with different sector map in the zones of different of Flash, and by make up at PC end with smart card on the file system of same format come C zone in blocking is conducted interviews.By mapping, make PC visit the C district by sector operation, simultaneously,, make that sector number has surpassed the disk size parameter when visit C district because the disk size parameter that is provided with and the size of D district storage area are complementary, the C district is sightless for PC.Bring in from PC, the memory sector that the C district is covered is hidden, thereby has realized hiding of C district data at the PC end, but can be by custom-designed software module, and for example the PC backup tool is realized the visit to the C district.
Bulk In end points to the processing of hiding data with Bulk Out end points.
The PC backup tool is to receiving the processing of data:
As from the foregoing, for smart card, SIM card for example, the visit in data area (C zone) is that the mapping by the sector realizes, therefore, at the PC end, need do opposite sector map and can accomplish normal visit to the intelligent card data zone.
The organizational form of C district file system may be identical with the structure of the FAT file system of PC in the intelligent memory card, also may be inequality, when file system is inequality, need set up the file system identical at the PC end with form on the smart card, can accomplish the correct visit of data and file.
Fig. 6 is the corresponding diagram of file system on PC end file system and the intelligent memory card.Among Fig. 6, the FAT file system is the Windows file system of standard, dedicated file system (BackupFAT) refer to the intelligent memory card file system in the corresponding file system in C zone.The file system in D district is identical with the standard file system of PC in the intelligent memory card.Should be noted that following some:
(1) the interface FlashDiskCommand () of intelligent memory card file system and bottom Flash should be revised as the USB interface that has sector map as required.
(2) (2) do more zone mapping and backup if desired, need with other zones (as A:, B:) do similarly mapping and sector-size is mated.
The PC backup tool is to the processing of data transmission:
(1) USB sector access process
Realize that the visit of USB sector mainly comprises:
1) opens USB device.
2) open the end points of USB.
3) read the USB sector.Comprising of the conversion of file system sector to USB visit sector number.
4) write the USB sector.Comprising of the conversion of file system sector to USB visit sector number.
(2) alignment processing of PC end dedicated file system and intelligent memory card file system.
(3) PC backup software and file system interface.
For preventing the maloperation of upper layer application, can provide the initialization of USB device to the upper strata, the importing/operations such as derivation of specific file to data in the intelligent memory card.Mainly comprise:
Whether (1) detect USB device is removed.Whether must detect intelligent memory card before each read-write exists.
(2) from intelligent memory card, derive a file in PC specified path specified file down, will not be created, if existence then cover this document if this document does not exist.
(3) specified file under the PC specified path is imported in the intelligent memory card in the specified file under the specified path, will not be created, if exist then cover this document if this document does not exist.
In order further to realize the data security characteristic of intelligent memory card storage file, the present invention has also designed a safe access control module, has realized the passage by the access to web page data content under the supervision of safety management, and the specific implementation method is as follows:
Purposes according to data is divided with logic or physics mode when storing, give different access considerations to different data, accomplish the data that PC both can the random access lack of competence requires, simultaneously also can visit limited data, thereby realize that intelligent memory card is synchronous by the data security of high-speed interface and PC by special software.
When with the PC backup tool data in blocking being read and write, according to the ISO/IEC7816 agreement, different files has different access considerations in the smart card.
The control of authority of SIM card data mainly comprises following aspect:
At first, according to the ISO/IEC7816 agreement, each file all has specific access consideration for each order.The access consideration of the file of selecting obtains before should beginning in the action of request recently.
Each file:
-READ (reading) is identical with the access consideration of SEEK (inquiry) order;
-SELECT (selection) is unconditional (ALW) with the access consideration of STATUS (state) order;
The present no standard of access consideration of-MF (master file) and DFs (private file).
According to GSM11.11, the rank of access consideration is as shown in the table:
| Rank | Access consideration |
| 0 1 2 3 4-14 15 | ALW CHV1 CHV2 keeps ADM NEV |
Wherein, ALW: the unconditional execution;
CHV1:(card holder authenticates 1): one of following 3 kinds of conditions person can be satisfied, action can be carried out:
A) at current session, a correct CHV1 value has offered SIM card;
B) CHV1 enables/does not enable indicator and is in " forbidding " state;
C) the successful execution of current session UNBLOCK CHV1.
CHV2:(card holder authenticates 2) can satisfy one of following two conditions person, can carry out action:
A) at current session, a correct CHV2 value has offered SIM card;
B) the successful execution of current session UNBLOCK CHV2.
ADM: this is to be used for the employed cryptographic algorithm of SIM card supvr;
NEV: on SIM/ME (portable terminal) interface, can not carry out action.SIM card can be carried out internal actions;
The condition rank is independently each other.For example, even correct CHV2 is arranged, do not allow to carry out the action that needs CHV1 to support yet.A condition rank up to standard is all remained valid up to the GSM end-of-dialogue.CHV condition rank up to standard is applicable to DF simultaneously
GSMAnd DF
TELECOMFile.
By the response to the STATUS order, whether CHV2 is available in the ME decision, if CHV2 does not have initialization, then can not use about the order (for example VERIFY CHV2) of CHV2.
Below be verified as example with CHV1, introduce the flow process of carrying out safe access control and verification by USB interface.
CHV1 is the PIN1 sign indicating number (PIN (Personal Identification Number)) in the mobile phone, and the PC backup software carries out the PIN code state and reads and the PIN code verification by sending specific SCSI read write command, and the PIN code state reads as shown in Figure 7; The PIN code status check as shown in Figure 8.
In sum, the present invention comes the SIM content is operated by set up the special-purpose file system identical with intelligent memory card confidential data plot structure in the confidential data operational module of PC end, and shields the path and the old file name of SIM inside when file backup is exported.
The present invention is by the corresponding file layout of file layout of each logic region on PC end structure and smart card, realized the accurate complete of file on the smart card read and write, and PC end output file path is controlled, and interior file of shielding smart card and pathname.
File hide and data backup by file system, specify particular path (as " C: 3F00 ") and it solidified in interface inside, make the user have no right to revise; The mapping table of filename is similar, solidifies in interface inside.
Further specify below by two application examples.
One of concrete application: backup and renewal smart card short message and telephone directory
(1) smart card is connected with PC by the USB adapter.
(2) start PC end backup tool, this backup tool initialization confirms that smart card connects.
(3) backup tool calls backupFS (identical with the file system format of the many application area of USB in the intelligent memory card) the file system dynamic base of PC end, by the data interaction of carrying out of usb interface module.
(4) because this document system dynamics storehouse is identical with the form of intelligent memory card store data inside, therefore can normally visits short message or telephone directory file, thereby short message or telephone directory are backuped on the PC with certain form., also short message file in the intelligent memory card or telephone directory file can be read the PC end by identical mode, write in the intelligent memory card again after editing, thus the renewal of interior short message of intact paired card or telephone directory file.
Two of concrete application: subscriber identity authentication
(1) intelligent memory card is connected with PC by the USB adapter.
(2) start PC end backup tool, this backup tool initialization confirms that smart card connects.
(3) authorization interface of PC end and intelligent memory card end agreement is called in the backup tool initialization, confirms to carry out follow-up other intelligent memory cards visits behind the user right.
(4) after authentication is confirmed, intelligent memory card will enable other critical data interfaces.At this moment, can carry out the critical data operation, as operations such as modification PIN code by the PC backup tool.
The present invention realizes the function of intelligent memory card file hiding and data backup by novel file system, can make intelligent memory card not only can be used as independently storer/card (USB flash disk, SD card, mmc card) use, share and swap data with digital equipments such as the PC of present main flow, digital camera, MP3/MP4 players, and can be used as a kind of data interchange platform, become mobile phone terminal, PC and other Card Reader access terminal equipment and carry out the mutual instrument of secure data.The user can be easily to blocking interior data (as personal information, telephone directory, note and mobile phone are provided with etc.) or responsive usb data is edited, additions and deletions and backup, and do not influence the operation of other data in the smart card simultaneously.
By the present invention, can obtain following obvious technique effect:
(1) utilize its USB interface at a high speed, can be so that the SIM file of large capacity storage dumps in PC and other card-reading apparatus fast.
(2) utilize its safe file hiding transmission characteristic, SIM data and USB/SD/MMC interface data can be positioned at same storage area and guarantee the security of its data, the utilization ratio of FLASH will improve a lot, and file also can be realized accessing by all kinds of means simultaneously.
(3) utilize its data I/O passage, the user can grasp the operation power of data in the SIM to greatest extent. And then make the SIM function that the characteristic of storage medium also arranged, become a kind of PC and SIM data interaction platform.
(4) utilize its stratification, structurized file system architecture and unified DLL, can be flexibly, efficiently, the rapidly new function of develop and field, the new application.
Claims (18)
1, a kind of intelligent memory card, comprise storage medium and usb interface module, it is characterized in that, the storage space of described storage medium is divided into the different spaces that comprises confidential data district and mass memory district at least, described mass memory district uses the file system of standard format, has the file relevant with smart card in the file system in described confidential data district; The visit boundary in disk size parameter that disposes in the described usb interface module and described mass memory district is complementary, and described usb interface module has the sector map unit, and mapping is unified with card access means memory sector in the different sectors that are used for described confidential data district and mass memory district are covered.
2, intelligent memory card as claimed in claim 1 is characterized in that, the file system of described standard format is FAT, NTFS or EXT file system.
3, intelligent memory card as claimed in claim 1 is characterized in that, the described file relevant with smart card is the file that meets the ISO/IEC standard, comprises master file MF, private file DF and basic document EF.
4, intelligent memory card as claimed in claim 1, it is characterized in that, further comprise: the safe access control module is used to monitor the visit to the file in described confidential data district, and judges by the access consideration of described file whether the visit to described file has corresponding authority.
5, a kind of intelligent memory card data security access system, comprise intelligent memory card and card access means, described intelligent memory card comprises storage medium and usb interface module, and link to each other with described card access means by the USB adapter, it is characterized in that, the storage space of described storage medium is divided into the different spaces that comprises confidential data district and mass memory district at least, described mass memory district uses the file system of standard format, has the file relevant with smart card in the file system in described confidential data district; The visit boundary in disk size parameter that is provided with in the described usb interface module and described mass memory district is complementary, and described usb interface module has the sector map unit, and the memory sector that is used for different sectors that described confidential data district and mass memory district are covered and described card access means is unified mapping.
6, system as claimed in claim 5, it is characterized in that, described card access means further comprises: the confidential data operational module, the memory sector that described confidential data operational module is operated on the card access means, the file system of the confidential data district same format of use and described intelligent memory card, and mapping relations are set up with the memory sector in the confidential data district of described intelligent memory card in the sector map unit that has by described usb interface module.
7, system as claimed in claim 5 is characterized in that, the file system of described standard format is FAT, NTFS or EXT file system.
8, system as claimed in claim 5 is characterized in that, the described file relevant with smart card is the file that meets the ISO/IEC7816 standard, comprises master file MF, private file DF and basic document EF.
9, system as claimed in claim 6, it is characterized in that, described intelligent memory card further comprises: the safe access control module is used to monitor the visit to the file in confidential data district, and judges by the access consideration of described file whether the visit to described file has corresponding authority.
10, a kind of intelligent memory card data security control method, described intelligent memory card comprises storage medium and usb interface module, and links to each other with the card access means by the USB adapter, it is characterized in that described method comprises the steps:
(1) storage space with described intelligent memory card is divided into the different spaces that comprises confidential data district and mass memory district at least, described mass memory district uses the file system of standard format, sets up the file relevant with smart card in the file system in described confidential data district;
(2) according to the visit boundary in described mass memory district, the disk size parameter is set in described usb interface module, the visit boundary in disk size parameter and mass memory district is complementary;
(3) in usb interface module, set up the sector map unit, different sectors and described card access means memory sector that described confidential data district and mass memory district are covered are unified mapping.
11, method as claimed in claim 10, it is characterized in that, further comprise: in described card access means, further set up a confidential data operational module, the memory sector that described confidential data operational module is operated on the card access means, the file system of the confidential data district same format of use and described intelligent memory card, and the sector map unit that has by described usb interface module, set up mapping relations with the memory sector in the confidential data district of described intelligent memory card.
12, method as claimed in claim 10 is characterized in that, the file system of described standard format is FAT, NTFS or EXT file system.
13, method as claimed in claim 10 is characterized in that, the described file relevant with smart card is the file that meets the ISO/IEC7816 standard, comprises master file MF, private file DF and basic document EF.
14, method as claimed in claim 11, it is characterized in that, further comprise: in described intelligent memory card, further set up a safe access control module, by the visit of monitoring, and judge by the access consideration of described file whether the visit to described file has corresponding authority to the file in described confidential data district.
15, method as claimed in claim 11 is characterized in that, described confidential data operational module is edited additions and deletions or backup operation by described mapping relations to the data in the confidential data district of described intelligent memory card.
16, method as claimed in claim 11 is characterized in that, described confidential data operational module is by described mapping relations, in the output intelligent memory card during file in confidential data district, and filename and pathname conductively-closed in the smart card.
17, method as claimed in claim 11, it is characterized in that, after described confidential data operational module confirms that by initialization intelligent memory card has connected, further comprise step: call in the card access means with intelligent memory card in the identical file system dynamic base of confidential data district file layout, by the usb interface module of described intelligent memory card the file in intelligent memory card confidential data district is operated.
18, method as claimed in claim 14 is characterized in that, described confidential data operational module further comprises step after confirming that by initialization intelligent memory card has connected:
A) the safe access control module in the described intelligent memory card judges whether described confidential data operational module satisfies the access consideration of described file to the visit of the file in confidential data district, thereby determines whether to have corresponding access rights;
B) if the confidential data operational module has corresponding access rights, described confidential data operational module call in the card access means with intelligent memory card in the identical file system dynamic base of confidential data district file layout, by the usb interface module of described intelligent memory card the file in intelligent memory card confidential data district is operated; If the confidential data operational module does not have corresponding access rights, then the confidential data operational module can not be operated the file in intelligent memory card confidential data district.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101011991A CN101520854B (en) | 2008-02-29 | 2008-02-29 | Smart memory card, data safety control system and method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101011991A CN101520854B (en) | 2008-02-29 | 2008-02-29 | Smart memory card, data safety control system and method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101520854A true CN101520854A (en) | 2009-09-02 |
| CN101520854B CN101520854B (en) | 2012-12-05 |
Family
ID=41081435
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008101011991A Active CN101520854B (en) | 2008-02-29 | 2008-02-29 | Smart memory card, data safety control system and method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101520854B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102567230A (en) * | 2010-12-23 | 2012-07-11 | 普天信息技术研究院有限公司 | Smart card and method for safely managing same |
| CN102841861A (en) * | 2011-06-24 | 2012-12-26 | 同方股份有限公司 | Data security storage device taking SD (Secure Digital Card) as communication interface and working method thereof |
| CN104182181A (en) * | 2014-08-15 | 2014-12-03 | 宇龙计算机通信科技(深圳)有限公司 | Data processing method, device and terminal of memory card |
| CN104866876A (en) * | 2015-04-28 | 2015-08-26 | 北京乐动卓越科技有限公司 | Personal information management method and information card |
| CN105809074A (en) * | 2014-12-30 | 2016-07-27 | 华为技术有限公司 | USB data transmission control method, apparatus and system, and control component |
| CN104050424B (en) * | 2014-06-26 | 2017-03-01 | 大唐微电子技术有限公司 | The realization of smartcard file access safety rights management and file access method |
| CN107025176A (en) * | 2016-02-01 | 2017-08-08 | 北京同方微电子有限公司 | One kind adjustment Large Copacity USIM massage storage subregion capacity systems and method |
| WO2020007365A1 (en) * | 2018-07-05 | 2020-01-09 | Mediatek Inc. | Efficient file identifiers (fids) and short file identifiers (sfis) under universal subscriber identity module (usim) application dedicated file (adf) |
| CN110929302A (en) * | 2019-10-31 | 2020-03-27 | 东南大学 | Data security encryption storage method and storage device |
| CN113507512A (en) * | 2021-06-30 | 2021-10-15 | 中标慧安信息技术股份有限公司 | Internet of things platform storage end data storage security detection method and system |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100346321C (en) * | 2005-03-17 | 2007-10-31 | 上海华申智能卡应用***有限公司 | Safe storage control device for mobile electronic bulk memory and method for implementation |
| CN100580642C (en) * | 2006-02-28 | 2010-01-13 | 国际商业机器公司 | Universal serial bus storage device and access control method thereof |
| CN101097548A (en) * | 2006-06-30 | 2008-01-02 | 佛山市顺德区顺达电脑厂有限公司 | Storing card data hidden management method and program thereof |
| CN100399302C (en) * | 2006-07-27 | 2008-07-02 | 北京飞天诚信科技有限公司 | Method and apparatus for raising speed of access USB interface information safety equipment |
| CN100555936C (en) * | 2007-01-08 | 2009-10-28 | 中国信息安全产品测评认证中心 | A kind of method that in smart card and USB flash disk equipment complex, improves access security |
-
2008
- 2008-02-29 CN CN2008101011991A patent/CN101520854B/en active Active
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102567230A (en) * | 2010-12-23 | 2012-07-11 | 普天信息技术研究院有限公司 | Smart card and method for safely managing same |
| CN102567230B (en) * | 2010-12-23 | 2014-11-26 | 普天信息技术研究院有限公司 | Smart card and method for safely managing same |
| CN102841861A (en) * | 2011-06-24 | 2012-12-26 | 同方股份有限公司 | Data security storage device taking SD (Secure Digital Card) as communication interface and working method thereof |
| CN104050424B (en) * | 2014-06-26 | 2017-03-01 | 大唐微电子技术有限公司 | The realization of smartcard file access safety rights management and file access method |
| CN104182181A (en) * | 2014-08-15 | 2014-12-03 | 宇龙计算机通信科技(深圳)有限公司 | Data processing method, device and terminal of memory card |
| WO2016023276A1 (en) * | 2014-08-15 | 2016-02-18 | 宇龙计算机通信科技(深圳)有限公司 | Data processing method and device for storage card |
| CN105809074A (en) * | 2014-12-30 | 2016-07-27 | 华为技术有限公司 | USB data transmission control method, apparatus and system, and control component |
| CN104866876A (en) * | 2015-04-28 | 2015-08-26 | 北京乐动卓越科技有限公司 | Personal information management method and information card |
| CN107025176A (en) * | 2016-02-01 | 2017-08-08 | 北京同方微电子有限公司 | One kind adjustment Large Copacity USIM massage storage subregion capacity systems and method |
| WO2020007365A1 (en) * | 2018-07-05 | 2020-01-09 | Mediatek Inc. | Efficient file identifiers (fids) and short file identifiers (sfis) under universal subscriber identity module (usim) application dedicated file (adf) |
| CN110892379A (en) * | 2018-07-05 | 2020-03-17 | 联发科技股份有限公司 | Efficient file identifier and short file identifier under universal user identity module application specific file |
| US11172349B2 (en) | 2018-07-05 | 2021-11-09 | Mediatek Inc. | Efficient file identifiers (FIDs) and short file identifiers (SFIs) under universal subscriber identity module (USIM) application dedicated file (ADF) |
| CN110892379B (en) * | 2018-07-05 | 2023-12-05 | 联发科技股份有限公司 | Method and user equipment for universal integrated circuit card operation |
| CN110929302A (en) * | 2019-10-31 | 2020-03-27 | 东南大学 | Data security encryption storage method and storage device |
| CN113507512A (en) * | 2021-06-30 | 2021-10-15 | 中标慧安信息技术股份有限公司 | Internet of things platform storage end data storage security detection method and system |
| CN113507512B (en) * | 2021-06-30 | 2022-10-21 | 中标慧安信息技术股份有限公司 | Internet of things platform storage end data storage security detection method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101520854B (en) | 2012-12-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101520854B (en) | Smart memory card, data safety control system and method thereof | |
| CN102037499B (en) | NFC mobile communication device and NFC reader | |
| US8762350B2 (en) | Methods and systems for providing data objects on a token | |
| KR102453780B1 (en) | Apparatuses and methods for securing an access protection scheme | |
| CN100557617C (en) | SD storage card by hardware to identifying identification | |
| CN100438409C (en) | Intelligent card with financial-transaction message processing ability and its method | |
| CN101984449B (en) | Smart card COS operating system | |
| JP2007515732A (en) | Framework for providing a configurable firewall for computing systems | |
| CN103415874A (en) | Writing application data to secure element | |
| CN105446713A (en) | Safe storage method and equipment | |
| CN100419620C (en) | Method for command interaction and two-way data transmission on USB mass storage equipment by program and USB mass storage equipment | |
| CN102930892A (en) | Multifunctional safe U disk | |
| CN101833676B (en) | Method for controlling reading and writing of intelligent card with USBKEY module and reader thereof | |
| CN101004797A (en) | Method for safely storing data in smart card with large capacity | |
| CN102200948A (en) | Multi-partition memory device and access method thereof | |
| KR100841982B1 (en) | Memory card storing host identification information and access method thereof | |
| CN210627203U (en) | UICC device with safe storage function | |
| CN201465116U (en) | Safe mobile storage device by using mobile communication network | |
| CN102184317A (en) | Resident medical data mobile storage device and implementation method thereof | |
| CN102567230B (en) | Smart card and method for safely managing same | |
| CN104951823A (en) | Composite card management method and system | |
| CN101354754B (en) | Intelligent memory card built-in with CPU IC and uses thereof | |
| CN2929835Y (en) | Intelligent card with financial trade message processing property | |
| CN102223227A (en) | Safe and intelligent code memory chip and automatic communication file reestablishing method thereof | |
| CN102740272A (en) | Method for realizing interaction of mobile phone application with SIM card through custom interface |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| ASS | Succession or assignment of patent right |
Owner name: RDA MICROELECTRONICS (SHANGHAI) CO., LTD. Free format text: FORMER OWNER: PHOENIX MICROELECTRONICS (CHINA) CO., LTD. Effective date: 20100423 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100084 18/F, TOWER A, SCIENCE BUILDING, QINGHUA SCIENCE PARK, ZHONGGUANCUN EAST ROAD, HAIDIAN DISTRICT, BEIJING CITY TO: 201203 ROOM 302, BUILDING 2, NO.690, BIBO ROAD, ZHANGJIANG HIGH-TECH PARK, SHANGHAI CITY |
|
| TA01 | Transfer of patent application right |
Effective date of registration: 20100423 Address after: 201203, room 2, building 690, No. 302 blue wave road, Zhangjiang hi tech park, Shanghai Applicant after: RDA Microelectronics (Shanghai) Corp. Ltd. Address before: 100084, Beijing Road, Zhongguancun, Haidian District science and Technology Park, Tsinghua Science and technology building, block A, 18 Applicant before: Poenix Mcroelectronic (China) Co., Ltd. |
|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20181101 Address after: 201203 Building 1, exhibition hall, 2288 lane, 2288 Chong, road, Zhangjiang hi tech park, Shanghai Patentee after: Zhanxun Communication (Shanghai) Co., Ltd. Address before: 201203 Shanghai Zhangjiang hi tech Park 302, room 2, building 690, Bi Po Road. Patentee before: RDA Microelectronics (Shanghai) Corp. Ltd. |
|
| TR01 | Transfer of patent right |