CN101950342B - Device and method for managing access control permission of integrated circuit card - Google Patents
Device and method for managing access control permission of integrated circuit card Download PDFInfo
- Publication number
- CN101950342B CN101950342B CN2010102905452A CN201010290545A CN101950342B CN 101950342 B CN101950342 B CN 101950342B CN 2010102905452 A CN2010102905452 A CN 2010102905452A CN 201010290545 A CN201010290545 A CN 201010290545A CN 101950342 B CN101950342 B CN 101950342B
- Authority
- CN
- China
- Prior art keywords
- integrated circuit
- safe condition
- circuit card
- write equipment
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a device for managing the access control permission of an integrated circuit card. The device comprises an authentication verification module (10), a safe sate assignment module (20), a safe state registering module (30), and a control module (40), wherein the authentication verification module (10) is used for identifying external read-write equipment and /or verifying the access validity of a user; the safe sate assignment module (20) is used for assigning the safe state of the catalogue of the integrated circuit card to be the corresponding safe state of the external read-write equipment which passed authentication or the user who passed the verification; the safe state registering module (30) is used for registering the safe state assigned by the safe sate assignment module (20); and the control module (40) is used for intersecting the safe state and the safety attribute of the file under the catalogue and determining the operation allowed to be performed on the file according to an intersection result. The invention also provides a method for managing the access control permission of the integrated circuit card for realizing the flexible and complete access control permission of the integrated circuit card.
Description
Technical field
The present invention relates to a kind of management devices and method of access control right, refer to especially a kind of management devices and method of integrated circuit card control authority.
Background technology
Smart card is called again IC-card (Integrated Circuit Card), i.e. integrated circuit card.Integrated central processing unit, storer and chip operating system (COS, ChipOperating System) consisted of a complete computer system in some IC-card, have independently data processing function, so security strengthens greatly.COS is based upon on the hardware such as central processing unit, storer, is managing chip resource and the safe and secret operating system of realization.Its major function is: control IC-card and extraneous message exchange, and the storer in the management IC-card, and in the inner processing of finishing various command of card.
Because IC-card generally stores important information, therefore a cover is complete, access control right is absolutely necessary for IC-card flexibly.
Summary of the invention
In view of this, fundamental purpose of the present invention is to provide a kind of management devices and method of access control permission of integrated circuit card, to realize that integrated circuit card has flexible, complete access control right.
The management devices of a kind of access control permission of integrated circuit card provided by the invention comprises:
Safe condition designated module 20, the safe condition that is used to specify the integrated circuit card catalogue are by the exterior read-write equipment of authentication or by the corresponding safe condition of the user of verification;
Safe condition is deposited module 30, is used for depositing the safe condition by 20 appointments of safe condition designated module;
The present invention also provides a kind of management method of access control permission of integrated circuit card, comprises step:
A, authentication exterior read-write equipment and/or verified users;
The safe condition of B, appointment integrated circuit card catalogue is by the exterior read-write equipment of authentication or by the corresponding safe condition of the user of verification;
C, deposit described integrated circuit be stuck in obtained under the current application, by the safe condition of step B appointment;
D, according to the common factor of the security attribute of file under the set of above-mentioned directory security state and this catalogue, determine to allow the operation carried out for this document.
Said method is characterized in that, described steps A comprises following substep:
Whether A1, judgement authentication exterior read-write equipment and/or verified users are passed through: if enter described step B after then authentication check error count number of times being resetted; Otherwise, enter steps A 2;
A2, judge whether the multiplicity of this authentication or verification reaches stipulated number: if then lock integrated circuit card and finish; Otherwise, return steps A.
Said method is characterized in that, the step of described authentication exterior read-write equipment comprises:
Exterior read-write equipment sends to integrated circuit card after then use specifies key with described random number encryption and carries out the external authentication order to one group of random number of integrated circuit card application;
Random number after integrated circuit card uses the external authentication key with described encryption is decrypted, and then result and its previous random number that produces is compared, and whether confirms unanimously according to comparative result whether the exterior read-write equipment authentication is passed through.
Said method is characterized in that, the step of described verified users comprises:
Integrated circuit card receives user's PIN (Personal Identification Number), and this PIN (Personal Identification Number) and the PIN (Personal Identification Number) of storing are compared, and whether confirms unanimously according to comparative result whether user's verification is passed through.
Said method is characterized in that, the set of the described directory security state of step D comprises the upper limit value and lower limit value of the level of security byte of described exterior read-write equipment appointment key.
Said method is characterized in that, the security attribute of the described file of step D is the set that comprises the upper limit value and lower limit value of described file security level interval.
As seen from the above, the present invention can make integrated circuit card have flexible, complete access control right.
Description of drawings
Fig. 1 is the hierarchical chart of common integrated circuit card file system;
Fig. 2 is the management devices structural drawing of access control permission of integrated circuit card of the present invention;
Fig. 3 is the method flow diagram of access control permission of integrated circuit card of the present invention.
Embodiment
The below introduces the management devices of a kind of access control permission of integrated circuit card provided by the invention in detail take integrated circuit card (IC-card) as example in conjunction with Fig. 1-Fig. 3.
For the ease of understanding the safe access control mechanism of chip operating system (COS, Chip Operating System), paper is the file system of COS once.File system is the basic module of COS, and it is responsible for organizing, manage, safeguarding all data of storage in the IC-card.The hierarchical structure of COS file system comprises master control file (MF, Master File), private file (DF, Dedicated File) and basic document (EF, Elementary File) as shown in Figure 1.
The master control file is the root of whole file system, and it is unique and necessary the existence in IC-card.(the individualized of IC-card is the operation of IC-card being carried out according to the needs of using to the master control file set up in the personalization process of IC-card, for example, create to use needed file structure etc.) in, in the whole life cycle of IC-card, exist always and remain valid.The master control file comprises the information such as document control parameter and file security attribute.
Private file is a kind of file (can be considered catalogue) of setting up for different application under the master control file, and it has stored total data and the secure data relevant with application operating of different application.By the foundation operation of the security attribute control of setting up file under the master control file to private file.Under private file, can set up child-DF or set up basic document.Each private file is separate and non-interfering.The operation that data under the private file are carried out is subjected to the control of the security mechanism of current C OS.
Basic document are used for storing various data and the management information relevant with application, and it is positioned under described master control file or the private file.On memory contents, basic document can be divided into two classes: inner basic document and work basic document.Wherein:
Inner basic document mainly comprise for user's identification and the private data (PIN (Personal Identification Number), key etc.) relevant with data encryption, and IC-card utilizes these data to carry out the safety management of application data.Can only set up inner basic document under each master control file and private file, the content of inner basic document can not be read and write, but can write with special instruction and revise.PKI file in its key file can be read and write by binary order, and private key file can only be made amendment by binary order.
The work basic document have comprised the applied real data of IC-card, when having the certain operations authority of work basic document (read, modification etc.), can operate its content.Quantity and the size of work basic document are subjected to the restriction in the space that master control file or private file have.
The definition of basic document head is referring to table 1.
Table 1 basic document head
The below describes in detail the present invention.As shown in Figure 2, the management devices of a kind of integrated circuit card operating system access control authority provided by the invention comprises authentication check module 10, and the safe condition rank is assert module 20, and safe condition is deposited module 30 and control module 40.Wherein:
When exterior read-write equipment needed the Access Integration circuit card, the legitimacy of the external section of integrated circuit calorie requirement read-write equipment authenticated.Specific implementation is to use simultaneously symmetric encipherment algorithm (3DES, SSF33 etc.) that a random number is encrypted computing by exterior read-write equipment and integrated circuit card, then judge the consistance of both sides' operation result or pass through a side to random number encryption, the opposing party is decrypted to reach the purpose of authentication.
When the user need to operate integrated circuit card, the integrated circuit calorie requirement carried out verification to this user's legitimacy, to reduce the possibility of being falsely used by the disabled user.Specific implementation is to show its PIN (Personal Identification Number) by the user to integrated circuit card, by integrated circuit card with this PIN (Personal Identification Number) with leave the judgement of comparing of its inner PIN (Personal Identification Number) in, and then reach the purpose of verification.
The safe condition that safe condition designated module 20 is used to specify integrated circuit card is by the exterior read-write equipment of authentication or by the corresponding safe condition of the user of verification.
In general, from the master control catalogue (DDF) of integrated circuit card to current application catalogue (ADF), each TOC level (for example has 16 kinds of safe conditions, state 0, state 1...... state 15), different safe conditions is corresponding from different exterior read-write equipments or user's (specifying key or PIN (Personal Identification Number)).After described exterior read-write equipment or user were by authentication or verification, the safe condition rank assert that module 10 can be that integrated circuit card is specified the safe condition corresponding with this exterior read-write equipment or user.Described safe condition comprises global safety state and local safe condition, and the global safety state is the safe condition that all TOC levels all have under the whole master control catalogue; The secure topical state is the safe condition that a certain TOC level has.
The safe condition of integrated circuit card can represent with set, hereinafter will describe in detail to it.
Safe condition deposit module 30 be used for depositing described integrated circuit be stuck in obtained under the current application, by the safe condition of safe condition designated module 20 appointments.
16 kinds of safe conditions of this of a certain catalogue can be in obtained set or not obtained set.After a certain catalogue obtains a kind of safe condition, so until before leaving this catalogue, this catalogue all can keep this safe condition constant, so the never obtained set of this safe condition enters obtained set, and deposits module 30 by safe condition and deposit.
The security attribute of file is called again access rights, refers to the set to the particular safety state of file operation definition.Generally appointment when setting up this document is described by a safe condition interval.For example, the read right of describing a file is that (X≤Y), the safe condition that the expression read operation need to obtain belong to set { X, Y}, (X≤Y) to XY.
Suppose, the safe condition set of a certain its upper directory of file is { M, (M≤N), the safe condition of this document is readable to N}, is expressed as { X1, Y1} (X≤Y), if { result of Y1} is not empty for M, N}{X1, be readable by authentication or the exterior read-write equipment of verification or user for the access rights of this document then, control module 40 allows exterior read-write equipment or user that this document is carried out read operation thus; Otherwise control module 40 does not allow exterior read-write equipment or user that this document is carried out read operation thus.
Introduce in detail the management method of a kind of integrated circuit card operating system access control authority provided by the invention below in conjunction with Fig. 3.
Step 100: authentication check.
Authentication is when exterior read-write equipment needs the Access Integration circuit card, and the legitimacy of the external section of integrated circuit calorie requirement read-write equipment authenticates.Verification refers to that integrated circuit card is to the checking of its holder (user) legitimacy.Comprise following substep:
Step 101-102: judge whether above-mentioned authentication check is passed through: if, then will authenticate/the check errors counter is reset to maximum wrong the permission and enters step 200 behind the number of times; Otherwise, enter step 103.
Step 103-105: will authenticate/value of check errors counter subtracts 1 and judges whether the number of attempt of authentication check reaches the upper limit of authentication/check errors counter afterwards: if then integrated circuit card automatically locks; Otherwise, return step 100 and continue authentication check.
In the present embodiment, can judge whether above-mentioned authentication is passed through according to following explanation: exterior read-write equipment can use GET CHALLENGE order (obtaining the random number order) to one group of random number of integrated circuit card application, then use in the data field that is placed on EXTERNAL AUTHENTICATION order (external authentication order) after specifying key (symmetric key) with described random number encryption (if use the 3DES algorithm, then get 8 byte random numbers, or mend 4Byte 0x00 after getting 4 byte random numbers), then integrated circuit card is carried out the external authentication order.Integrated circuit card uses the external authentication key that described external authentication order data territory is decrypted, then data field decrypted result and its previous random number that produces are compared, if unanimously represent the exterior read-write equipment authentication success, the authentication error counter is reset to maximum wrong the permission and enters step 200 behind the number of times; If the inconsistent words of data, expression exterior read-write equipment authentification failure, the value of authentication error counter subtracts 1, prescribes a time limit when the number of attempt that authenticates reaches the upper of authentication error counter, and integrated circuit card can automatically lock.
In the present embodiment, can judge whether above-mentioned verification is passed through according to following explanation: the user shows its PIN (Personal Identification Number) to integrated circuit card, by integrated circuit card the correctness of this PIN (Personal Identification Number) is judged.If correctly user's verification pass through, the check errors counter is reset to the maximum wrong number of times that allows; If incorrect, then the value of user's check errors counter subtracts 1, when the number of attempt of user's verification reach the check errors counter upper in limited time, integrated circuit card can automatically lock.
Step 200: the safe condition of specifying the integrated circuit card catalogue is by the exterior read-write equipment of authentication or by the corresponding safe condition of the user of verification.
In general, can set in advance certain safe condition for exterior read-write equipment and/or user that can a certain integrated circuit card catalogue of legal use, when this exterior read-write equipment and/or user by after the authentication and/or verification of integrated circuit card, this integrated circuit card catalogue has the above-mentioned safe condition that sets in advance for this exterior read-write equipment and/or user.Include 8 level of security bytes (SSB) in above-mentioned appointment key/PIN (Personal Identification Number), the lower limit (0~15) in the high 4 bit representation level of security intervals of SSB, the upper limit (0~15) in the low 4 bit representation level of security intervals of SSB.Suppose that it is " MN " that a certain exterior read-write equipment is specified the SSB value of key, the expression authentication success maybe can obtain the safe condition in the M-N interval.Described safe condition is divided into global safety state and local safe condition.The global safety state is effective at current DF or the whole duration of work of MF, until integrated circuit card is again resetted or selects new DF.The secure topical state is only effectively lower in a concrete application (can set up a plurality of EF under this application).For example, it is readable that the safe condition that a certain exterior read-write equipment can legal use integrated circuit card A catalogue is set, be specially: the M-N interval that the SSB value of this exterior read-write equipment appointment key can be set is a secure topical state, namely only for integrated circuit card A upper certain/a little catalogues, this exterior read-write equipment is by after authenticating, this/catalogues have readable safe condition for this exterior read-write equipment a bit, and this/change of the safe condition of catalogues can not have influence on the safe condition of its upper directory a bit; The M-N interval that the SSB value of this exterior read-write equipment appointment key also can be set is a global safety state, namely for all catalogues on the integrated circuit card A, this exterior read-write equipment is by after authenticating, and all catalogues on the integrated circuit card A have readable safe condition for this exterior read-write equipment.
In addition, can be with exterior read-write equipment/user to the Operation Definition of catalogue for not having any access rights, that is, exterior read-write equipment/user's SSB value bound is arranged to M>N.
Step 300: deposit described integrated circuit be stuck in obtained under the current application, by the safe condition of step 200 appointment.
Be specially: when exterior read-write equipment/user accesses a certain catalogue, this catalogue obtains a kind of safe condition, so until before leaving this catalogue, this catalogue all can keep this safe condition constant, therefore the never obtained set of this safe condition enters obtained set, and deposits module 30 by safe condition and deposit.A certain catalogue can represent with set for the safe condition that one exterior read-write equipment/user obtains, for example, level of security interval that this directory security state is corresponding be lower limit M to upper limit N, then be expressed as the set form and be { M, N}, (M≤N).
Step 400: according to the common factor of the security attribute of file under the set of the safe condition of above-mentioned catalogue and this catalogue, determine to allow the operation carried out for this document.
The security attribute of file is called again access rights, refers to exterior read-write equipment/user to the set of the particular safety state of file operation definition, and generally appointment when setting up this document also can be described by a level of security interval with catalogue is the same.For example, the read right of describing a file is XY (level of security interval be for lower limit X≤level of security is interval upper limit Y), and the safe condition that the expression read operation need to obtain belongs to set { X, Y}, (X≤Y).In addition, can be with exterior read-write equipment/user to the Operation Definition of file for not having any access rights, that is, exterior read-write equipment/user is arranged to X>Y to the security attribute of file.
With the safe condition set of the upper directory of described file { M, N}, (set { X, the Y} of M≤N) and the safe condition of described file, (X≤Y) asks friendship, i.e. { M, N} ∩ { X, Y} is not empty if ask the result after the friendship, then allows exterior read-write equipment/user that this document is carried out readable behaviour; Otherwise forbid that exterior read-write equipment/user is to the readable behaviour of the execution of this document.
The above only is preferred embodiment of the present invention, and is in order to limit the present invention, within the spirit and principles in the present invention not all, any modification of doing, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (7)
1. the management devices of an access control permission of integrated circuit card is characterized in that, comprising:
Authentication check module (10) is for the access legitimacy of authentication exterior read-write equipment and/or verified users;
Safe condition designated module (20), be used to specify the safe condition of the integrated circuit card catalogue with multiple safe condition for passing through the exterior read-write equipment of authentication or corresponding with set { M by the user of verification, the safe condition that N} represents, wherein, M≤N, M, N are respectively described safe condition { M, the lower limit of N} and the upper limit;
Safe condition is deposited module (30), is used for depositing safe condition { M, N} by safe condition designated module (20) appointment;
Control module (40), be used for described safe condition { M, under N} and this catalogue file { security attribute that X, Y} represent intersects, and be sky if intersect the result with set, then allow exterior read-write equipment and/or verified users that described file is carried out and is somebody's turn to do and intersect operation corresponding to result, otherwise forbid that exterior read-write equipment and/or verified users operate described file, wherein, X≤Y, X, Y are respectively described security attribute { X, the lower limit of Y} and the upper limit.
2. the management method of an access control permission of integrated circuit card is characterized in that, comprises step:
A, authentication exterior read-write equipment and/or verified users;
The safe condition that B, appointment have the integrated circuit card catalogue of multiple safe condition is by the exterior read-write equipment of authentication or corresponding with set { M by the user of verification, the safe condition that N} represents, wherein, M≤N, M, N are respectively described safe condition { M, the lower limit of N} and the upper limit;
C, deposit described integrated circuit be stuck in obtained under the current application, by safe condition { M, the N} of step B appointment;
D, with above-mentioned directory security state { M, under N} and this catalogue file with the set { X, the security attribute that Y} represents intersects, if crossing result is not empty, then allows exterior read-write equipment and/or verified users that described file is carried out and is somebody's turn to do and intersect operation corresponding to result, otherwise forbid that exterior read-write equipment and/or verified users operate described file, wherein, X≤Y, X, Y are respectively described security attribute { X, the lower limit of Y} and the upper limit.
3. method according to claim 2 is characterized in that, described steps A comprises following substep:
Whether A1, judgement authentication exterior read-write equipment and/or verified users are passed through: if enter described step B after then authentication check error count number of times being resetted; Otherwise, enter steps A 2;
A2, judge whether the multiplicity of this authentication or verification reaches stipulated number: if then lock integrated circuit card and finish; Otherwise, return steps A and continue authentication check.
4. according to claim 2 or 3 described methods, it is characterized in that the step of described authentication exterior read-write equipment comprises:
Exterior read-write equipment sends to integrated circuit card after then use specifies key with described random number encryption and carries out the external authentication order to one group of random number of integrated circuit card application;
Random number after integrated circuit card uses the external authentication key with described encryption is decrypted, and then result and its previous random number that produces is compared, and whether confirms unanimously according to comparative result whether the exterior read-write equipment authentication is passed through.
5. according to claim 2 or 3 described methods, it is characterized in that the step of described verified users comprises:
Integrated circuit card receives user's PIN (Personal Identification Number), and this PIN (Personal Identification Number) and the PIN (Personal Identification Number) of storing are compared, and whether confirms unanimously according to comparative result whether user's verification is passed through.
6. method according to claim 2 is characterized in that, { M, N} comprise the upper limit value and lower limit value of the level of security byte of described exterior read-write equipment appointment key to the described directory security state of step D.
7. method according to claim 2 is characterized in that, { X, Y} comprise the upper limit value and lower limit value of described file security level interval to the described security attribute of step D.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102905452A CN101950342B (en) | 2010-09-20 | 2010-09-20 | Device and method for managing access control permission of integrated circuit card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102905452A CN101950342B (en) | 2010-09-20 | 2010-09-20 | Device and method for managing access control permission of integrated circuit card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101950342A CN101950342A (en) | 2011-01-19 |
| CN101950342B true CN101950342B (en) | 2013-03-13 |
Family
ID=43453841
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102905452A Active CN101950342B (en) | 2010-09-20 | 2010-09-20 | Device and method for managing access control permission of integrated circuit card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101950342B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102663473B (en) * | 2012-04-25 | 2014-10-08 | 山东神思电子技术股份有限公司 | Method for realizing chip operating system (COS) safety mechanism of intelligent card |
| CN102881085B (en) * | 2012-08-23 | 2015-07-22 | 北京京源水仪器仪表有限公司 | Integrated circuit (IC) card module security authentication method for intelligent water meter |
| CN105346256B (en) * | 2015-11-09 | 2017-03-22 | 杭州旗捷科技有限公司 | Printer chip, ink box and storage allocation method for printer chip |
| CN105897426A (en) * | 2016-03-31 | 2016-08-24 | 成都银事达信息技术有限公司 | Student IC card information access method based on Internet |
| CN108376227B (en) * | 2017-12-29 | 2021-07-20 | 北京智芯微电子科技有限公司 | File access method and system of security chip |
| CN108537067B (en) * | 2018-02-28 | 2022-02-11 | 北京智芯微电子科技有限公司 | Chip safety protection method and system |
| US11030346B2 (en) * | 2018-07-13 | 2021-06-08 | Ememory Technology Inc. | Integrated circuit and data processing method for enhancing security of the integrated circuit |
| CN110321725A (en) * | 2019-07-12 | 2019-10-11 | 中孚信息股份有限公司 | A kind of method and device for preventing from distorting system data and clock |
| CN111881440A (en) * | 2020-07-31 | 2020-11-03 | 珠海优特物联科技有限公司 | Authority management method and integrated circuit card |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101739593A (en) * | 2009-12-07 | 2010-06-16 | 佛山市安讯智能科技有限公司 | Safety certification method of medium access control codes of integrated circuit cards |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1859345A1 (en) * | 2005-03-08 | 2007-11-28 | Koninklijke Philips Electronics N.V. | Arrangement for and method of protecting a data processing device against e[lectro]m[agnetic]radiation attacks |
-
2010
- 2010-09-20 CN CN2010102905452A patent/CN101950342B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101739593A (en) * | 2009-12-07 | 2010-06-16 | 佛山市安讯智能科技有限公司 | Safety certification method of medium access control codes of integrated circuit cards |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101950342A (en) | 2011-01-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101950342B (en) | Device and method for managing access control permission of integrated circuit card | |
| US6296191B1 (en) | Storing data objects in a smart card memory | |
| EP1571525B1 (en) | A method, a hardware token, and a computer program for authentication | |
| CN101018127B (en) | Remote access system, gateway, client device, program, and storage medium | |
| JP4598857B2 (en) | IC card and access control method thereof | |
| US20080120726A1 (en) | External storage device | |
| JPS63503335A (en) | Secure file system for portable data carriers | |
| CN101127111A (en) | Internet bank U disc KEY ciphering, authentication device and method | |
| CN100446021C (en) | Method of realizing intelligence cryptographic key set of fingerprint for multiple users to use | |
| CN106161442A (en) | A kind of system control user login method | |
| KR20120112598A (en) | Implementing method, system of universal card system and smart card | |
| AU8545398A (en) | Method for managing a secure terminal | |
| CN102881085A (en) | Integrated circuit (IC) card module security authentication method for intelligent water meter | |
| Lambrinoudakis | Smart card technology for deploying a secure information management framework | |
| EP3125464A1 (en) | Blocking service for a certificate created using an id token | |
| EP3186741B1 (en) | Access protection for external data in the non-volatile memory of a token | |
| JP3652409B2 (en) | Portable information recording medium | |
| CN110233723A (en) | A kind of secondary key management method and safety chip | |
| RU2285948C1 (en) | Method for providing safe user access to oracle databases | |
| Jain et al. | Smart Card Application for Attendance Management System | |
| Autor et al. | Specification of the Security Target TCOS Residence Permit Card Version 1.0 Release 1/SLE78CLX1440P Version: 1.0. 1/20110816 | |
| RU106974U1 (en) | SOFTWARE AND HARDWARE COMPLEX OF INFORMATION PROTECTION IN IT-SYSTEMS | |
| Holý et al. | Contactless smart card Mifare DESFire EV1—multi-application platform | |
| O’Connor | Industry group says e-passport clone poses little risk | |
| Giessmann | Specification of the Security Target TCOS Passport Version 2.0 Release 2/SLE66CLX800PE Basic Access Control |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Device and method for managing access control permission of integrated circuit card Effective date of registration: 20131203 Granted publication date: 20130313 Pledgee: Bank of China Limited by Share Ltd Beijing Century Fortune Central Branch Pledgor: Beijing Haitai Fangyuan High Technology Co., Ltd. Registration number: 2013990000923 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20150127 Granted publication date: 20130313 Pledgee: Bank of China Limited by Share Ltd Beijing Century Fortune Central Branch Pledgor: Beijing Haitai Fangyuan High Technology Co., Ltd. Registration number: 2013990000923 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Device and method for managing access control permission of integrated circuit card Effective date of registration: 20150128 Granted publication date: 20130313 Pledgee: Bank of China Limited by Share Ltd Beijing Century Fortune Central Branch Pledgor: Beijing Haitai Fangyuan High Technology Co., Ltd. Registration number: 2015990000074 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model | ||
| C56 | Change in the name or address of the patentee | ||
| CP03 | Change of name, title or address |
Address after: 100094, Beijing, Haidian District, West Road, No. 8, Zhongguancun Software Park, building 9, international software building E, one floor, two layers Patentee after: BEIJING HAITAI FANGYUAN HIGH TECHNOLOGY CO., LTD. Address before: 100085, Beijing, Haidian District on the road No. 22, science and technology complex on the eastern 4 floor Patentee before: Beijing Haitai Fangyuan High Technology Co., Ltd. |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20160512 Granted publication date: 20130313 Pledgee: Bank of China Limited by Share Ltd Beijing Century Fortune Central Branch Pledgor: Beijing Haitai Fangyuan High Technology Co., Ltd. Registration number: 2015990000074 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model |