CN106650461A - Mobile terminal and access method of embedded type security module based on same - Google Patents
Mobile terminal and access method of embedded type security module based on same Download PDFInfo
- Publication number
- CN106650461A CN106650461A CN201611048948.XA CN201611048948A CN106650461A CN 106650461 A CN106650461 A CN 106650461A CN 201611048948 A CN201611048948 A CN 201611048948A CN 106650461 A CN106650461 A CN 106650461A
- Authority
- CN
- China
- Prior art keywords
- data
- ese
- security module
- module
- embedded security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/42—Bus transfer protocol, e.g. handshake; Synchronisation
- G06F13/4282—Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Accounting & Taxation (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a mobile terminal and an access method of an embedded type security module based on the same, and belongs to the technical filed of secure communication. The mobile terminal is provided with a reliable operating environment module TEE, the embedded type secure module eSE is internally arranged in the mobile terminal, the reliable operating environment module TEE is communicated with the embedded type secure module eSE through an SPI port, the reliable operating environment module TEE is master equipment of SPI communication, and the embedded type secure module eSE is slave equipment. According to the mobile terminal and the access method of the embedded type secure module eSE based on the same, a new scheme of accessing the embedded type secure module eSE through the SPI port under the reliable operating environment module TEE is achieved, and more choices are provided for application of the mobile security payment field through the scheme.
Description
Technical Field
The invention relates to the technical field of secure communication, in particular to a mobile terminal and an access method of an embedded security module based on the mobile terminal.
Background
With the rapid development of mobile terminals such as smart phones, mobile phones are no longer simple communication tools, mobile payment is due to new requirements of mobile phones, and gradually becomes a hot problem for research of mobile operators, mobile phone manufacturers and SIM card manufacturers, and with the popularization and application of mobile payment, the security problem of mobile payment is also more and more emphasized.
At present, one part of mobile payment is non-contact micropayment based on near field communication technology NFC, such as a one-card, and the other part of mobile internet-based bank payment, such as various wallets. The scheme based on the near field communication technology NFC mainly comprises an SIM card, a single-wire protocol SWP card, an information encryption security chip SD card, an embedded security module eSE and the like, and represents different interest groups such as operators, banks, mobile phone manufacturers and the like behind the SIM card, the SWP card, the information encryption security chip SD card and the embedded security module eSE. From the handset side implementation, various schemes based on HCE (host card emulation) and eSE are included. In contrast, the HCE-based solution is simple to implement, has the disadvantages of being completely software-based and having an unavoidable security problem, and the eSE-based full-terminal solution is also advantageous and is motivated by many smart phone manufacturers.
Fig. 1 shows a schematic structural diagram of an internal structure of a Mobile phone of a current full-terminal solution based on an eSE, where an operating system architecture in a Mobile Processor of a Mobile main Processor of the Mobile phone includes two major parts, a first part is a REE end (Rich executive environment, which generally refers to a general-purpose operating system) and includes a user-side application CA, and a second part is a trusted execution environment TEE end and includes a trusted application TA, and for access to an eSE, the Mobile phone can interact with external data (such as a trusted service management platform TSM) through an application installation package APK, establish communication with the eSE through an openmobileiapi based on a SWP interface, support remote content management of the eSE by the TSM, or can interact with an external non-connected device (such as a POS) through an NFC Controller (based on an NFC control interface specification NCI), complete interaction between the external non-connected device and the eSE based on the SWP interface, and in order to ensure security of access to the eSE, access to the eSE is generally completed under control of the TEE operating environment of the Mobile phone, security mechanisms inherent to the TEE can prohibit illegal access to the eSE. It can be seen that, at present, the access mode for the embedded security module eSE is single, and is finally completed between the NFC controller and the eSE based on the SWP interface.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a novel mobile terminal capable of realizing the secure access to an embedded security module eSE and an embedded security module access method based on the terminal.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
the utility model provides a mobile terminal, possess trusted operation environment module TEE among the mobile terminal, built-in embedded safe module eSE that has among the mobile terminal, trusted operation environment module TEE passes through the SPI interface and communicates with embedded safe module eSE, and trusted operation environment module TEE is the master equipment of SPI communication, and embedded safe module eSE is slave unit.
Further, according to the mobile terminal as described above, data transmission is performed between the trusted operating environment module TEE and the embedded security module eSE according to a preset data transmission protocol.
Further, as for the mobile terminal described above, the DATA frame of the preset DATA transmission protocol includes an address information byte NAD, a protocol control byte PCB, a DATA length LEN, a DATA block DATA, and a check code CRC; the address information byte NAD is directly used to identify the transmission direction of the data.
Further, a mobile terminal as above, the mobile terminal comprises a smart phone.
The embodiment of the invention also provides an access method of the embedded security module based on any one mobile terminal, which comprises the following steps:
the trusted operating environment module TEE sends request data to the embedded security module eSE based on the SPI interface, and receives response data returned by the embedded security module eSE according to the request data through the SPI interface.
Further, according to the access method of the embedded security module as described above, the request data includes a security application request or a content management request of the embedded security module eSE.
Further, according to the access method of the embedded security module, the security application request includes a security application request sent by the general execution environment module REE of the mobile terminal to the trusted execution environment module TEE and a security application request of the trusted execution environment module TEE itself.
Further, according to the access method of the embedded security module, data transmission is performed between the trusted operating environment module TEE and the embedded security module eSE according to a preset data transmission protocol.
Further, in the above access method for an embedded security module, the DATA frame of the preset DATA transmission protocol includes an address information byte NAD, a protocol control byte PCB, a DATA length LEN, a DATA block DATA, and a check code CRC; the address information byte NAD is directly used to identify the transmission direction of the data.
Further, according to the access method of the embedded security module, the trusted operating environment module TEE receives response data returned by the embedded security module eSE in a polling receiving mode or an interrupt receiving mode;
the polling receiving mode is as follows: after the trusted operating environment module TEE sends request data to the embedded security module eSE, the trusted operating environment module TEE actively acquires data from the embedded security module at set intervals until response data are received;
the interrupt receiving mode is as follows: and after the trusted operating environment module TEE sends the request data to the embedded security module eSE, exiting the communication process with the embedded security module eSE, and when monitoring an interrupt signal waiting for receiving data from the embedded security module eSE, entering the communication process again to receive response data sent by the embedded security module eSE.
The invention has the beneficial effects that: the mobile terminal and the access method of the embedded security module eSE based on the mobile terminal realize a new scheme for accessing the embedded security module eSE through the SPI under the trusted operating environment module TEE, and provide more choices for the application in the field of mobile security payment.
Drawings
Fig. 1 is a schematic structural diagram of modules in a conventional mobile phone;
fig. 2 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the drawings and the detailed description.
Fig. 2 shows a schematic structural diagram of a mobile terminal according to an embodiment of the present invention, and it can be seen from the diagram that the mobile terminal includes a trusted operating environment module TEE, an embedded security module eSE is built in the mobile terminal, the trusted operating environment module TEE communicates with the embedded security module eSE through an SPI interface, the trusted operating environment module TEE is a master device of SPI communication, and the embedded security module eSE is a slave device.
The SPI interface generally uses four lines including a serial clock signal line SCK, a master input/slave output data line MISO, a master output/slave input data line MOSI, and a slave enable signal CS line, and has four operation modes, i.e., mode0/1/2/3, according to the difference of the polarity and phase of the serial clock signal. However, the SPI does not define a transmission control protocol for data, and in order to solve this problem, in this embodiment, data transmission is performed between the trusted operating environment module TEE and the embedded security module eSE according to a preset data transmission protocol, so as to ensure completeness, accuracy, and stability of data transmission.
In an embodiment of the present invention, a structure of the DATA frame of the preset DATA transmission protocol is shown in the following table, and includes an address information byte NAD, a protocol control byte PCB, a DATA length LEN, a DATA block DATA, and a check code CRC.
| NAD(1B) | PCB(1B) | LEN(2B) | DATA | CRC(2B) |
Wherein,
NAD: the data transmission method is used for distinguishing the transmission direction of data, and the transmission direction comprises two types, namely Master to Slave and Slave to Master, namely Master < - > Slave.
PCB: to define different frame formats. Such as Normal Frame, Reject Frame, timeutframe.
LEN length of data transmitted
DATA: transmitting data
CRC: frame check, checking correctness of data transmission
The mobile terminal provided by the invention realizes a new data transmission mode between the mobile terminal and the embedded security module thereof, and the scheme is completed under the control of the trusted operating environment module TEE, thereby ensuring the security access to the eSE, such as the security authentication of content management, keys and the like, and data access and the like of the mobile terminal to the eSE. It should be noted that, in addition to the trusted execution environment module TEE and the embedded security module eSE, the mobile terminal may further include various functional modules common to other terminal devices, such as a universal execution environment module REE, an NFC controller, and the like shown in fig. 2, which will be apparent to those skilled in the art. In this embodiment, the mobile terminal includes but is not limited to a smart phone, and may also be a smart band, a smart watch, and the like.
Based on the mobile terminal shown in fig. 2, the invention also provides an embedded security module access method, which mainly comprises the following steps:
the trusted operating environment module TEE sends request data to the embedded security module eSE based on the SPI interface, and receives response data returned by the embedded security module eSE according to the request data through the SPI interface.
Wherein the request data comprises a security application request or a content management request of an embedded security module eSE. The security application request includes, but is not limited to, a security application request sent by a general execution environment module REE of the mobile terminal to a trusted execution environment module TEE and a security application request of the trusted execution environment module TEE itself, for example, a client application CA in the general execution environment module REE needs the eSE to perform security processing on application data thereof, the general execution environment module REE sends the processing request and an interface API between the processing request and the trusted execution environment module TEE to the TEE, and the TEE sends the processing request and the interface API to the eSE through the SPI interface; or when the application data of the trusted application TA of the trusted operating environment module TEE itself needs the eSE to perform security processing, the TEE sends the security application request to the eSE. Of course, it will be clear to those skilled in the art that the completion of all operations in the mobile terminal is done by running in the terminal processor.
In this embodiment, data transmission is performed between the trusted operating environment module TEE and the embedded security module eSE according to a preset data transmission protocol. The DATA frame of the preset DATA transmission protocol comprises an address information byte NAD, a protocol control byte PCB, a DATA length LEN, a DATA block DATA and a check code CRC; the address information byte NAD is directly used to identify the transmission direction of the data.
In this embodiment, when the trusted operating environment module TEE receives response data returned by the embedded security module eSE according to the request data through the SPI interface, the trusted operating environment module TEE may receive the response data returned by the embedded security module eSE in a polling manner or an interrupt receiving manner. The polling receiving mode is specifically realized as follows: after the trusted operating environment module TEE, i.e. the master device master, sends out command data, the embedded security module eSE, i.e. the data transmitted from the slave device, is continuously delayed and polled (received) according to a set interval, and if the command data is not valid data, the receiving is continuously delayed until the valid data is received. The scheme is simple, and hardware and software expenses except for an SPI data line are not required to be increased by a master device. However, the CPU resources on the handset side are occupied during the polling phase.
The specific implementation of the interrupt receiving mode is as follows: and after the trusted operating environment module TEE sends the request data to the embedded security module eSE, exiting the communication process with the embedded security module eSE, and when monitoring an interrupt signal waiting for receiving data from the embedded security module eSE, entering the communication process again to receive response data sent by the embedded security module eSE. The interrupt scheme is that after the main device sends command data, the main device does not need to poll, the processing program can exit, when the eSE finishes processing and is ready to respond to the data, an interrupt signal is sent to the TEE, and when the TEE hardware (a main processor CPU of the mobile terminal) monitors the interrupt signal, the corresponding interrupt service program is triggered to enter to receive response information from the eSE. This solution would reduce the CPU occupation, but would place some extra demands on hardware and software (the master needs to implement the monitoring of the slave).
The mobile terminal and the embedded security module access method realize a mechanism for accessing the eSE through the SPI under the TEE trusted operation environment, increase an eSE security access mechanism, and can be popularized and applied in the field of mobile security payment. For example, the eSE may store sensitive data (such as a key) inside, the user data is transmitted to the eSE through the TEE and based on the SPI, the eSE performs data encryption or key distribution, and returns the result to the terminal, which is not known outside due to the data stored in the eSE and the operation performed by the eSE, thereby implementing a higher security level for mobile payment or other related mobile applications.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is intended to include such modifications and variations.
Claims (10)
1. The utility model provides a mobile terminal, possess trusted operating environment module TEE among the mobile terminal, built-in embedded safe module eSE in the mobile terminal, its characterized in that: the trusted operating environment module TEE is communicated with the embedded security module eSE through the SPI, the trusted operating environment module TEE is a main device of SPI communication, and the embedded security module eSE is a slave device.
2. A mobile terminal according to claim 1, characterized in that: and the trusted operating environment module TEE and the embedded security module eSE perform data transmission according to a preset data transmission protocol.
3. A mobile terminal according to claim 2, characterized in that: the DATA frame of the preset DATA transmission protocol comprises an address information byte NAD, a protocol control byte PCB, a DATA length LEN, a DATA block DATA and a check code CRC; the address information byte NAD is directly used to identify the transmission direction of the data.
4. A mobile terminal according to one of claims 1 to 3, characterized in that: the mobile terminal comprises a smart phone.
5. The access method of an embedded security module based on the mobile terminal of claim 1, comprising the steps of:
the trusted operating environment module TEE sends request data to the embedded security module eSE based on the SPI interface, and receives response data returned by the embedded security module eSE according to the request data through the SPI interface.
6. The method for accessing an embedded security module according to claim 5, wherein: the request data comprise a security application request or a content management request of an embedded security module eSE.
7. The method for accessing an embedded security module according to claim 6, wherein: the security application request comprises a security application request sent by the general execution environment module REE of the mobile terminal to the trusted execution environment module TEE and a security application request of the trusted execution environment module TEE itself.
8. An access method for an embedded security module according to claim 5 or 6, characterized in that: and the trusted operating environment module TEE and the embedded security module eSE perform data transmission according to a preset data transmission protocol.
9. An access method for an embedded security module according to claim 7, characterized in that: the DATA frame of the preset DATA transmission protocol comprises an address information byte NAD, a protocol control byte PCB, a DATA length LEN, a DATA block DATA and a check code CRC; the address information byte NAD is directly used to identify the transmission direction of the data.
10. An access method for an embedded security module according to claim 7, characterized in that: the trusted operating environment module TEE receives response data returned by the embedded security module eSE in a polling receiving mode or an interrupt receiving mode;
the polling receiving mode is as follows: after the trusted operating environment module TEE sends request data to the embedded security module eSE, the trusted operating environment module TEE actively acquires data from the embedded security module at set intervals until response data are received;
the interrupt receiving mode is as follows: and after the trusted operating environment module TEE sends the request data to the embedded security module eSE, exiting the communication process with the embedded security module eSE, and when monitoring an interrupt signal waiting for receiving data from the embedded security module eSE, entering the communication process again to receive response data sent by the embedded security module eSE.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611048948.XA CN106650461A (en) | 2016-11-23 | 2016-11-23 | Mobile terminal and access method of embedded type security module based on same |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611048948.XA CN106650461A (en) | 2016-11-23 | 2016-11-23 | Mobile terminal and access method of embedded type security module based on same |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106650461A true CN106650461A (en) | 2017-05-10 |
Family
ID=58811193
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611048948.XA Pending CN106650461A (en) | 2016-11-23 | 2016-11-23 | Mobile terminal and access method of embedded type security module based on same |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106650461A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108616352A (en) * | 2018-04-13 | 2018-10-02 | 北京握奇智能科技有限公司 | Dynamic password formation method based on safety element and system |
| CN109040147A (en) * | 2018-10-30 | 2018-12-18 | 北京握奇智能科技有限公司 | A kind of method and system of the encryption and decryption based on TEE+SE |
| CN109151777A (en) * | 2018-06-11 | 2019-01-04 | 中国银联股份有限公司 | A kind of non-switched letter method and communication device |
| WO2020073916A1 (en) * | 2018-10-09 | 2020-04-16 | 中兴通讯股份有限公司 | Encryption method and apparatus for storage device, and storage medium |
| CN111125705A (en) * | 2018-11-01 | 2020-05-08 | 华为终端有限公司 | Capability opening method and device |
| CN111177701A (en) * | 2019-12-11 | 2020-05-19 | 北京握奇智能科技有限公司 | Method and equipment for realizing cryptographic function service based on trusted execution environment and security chip |
| CN111459869A (en) * | 2020-04-14 | 2020-07-28 | 中国长城科技集团股份有限公司 | Data access method, device, equipment and storage medium |
| CN114286345A (en) * | 2021-12-27 | 2022-04-05 | 无锡融卡科技有限公司 | NFC communication device and method in intelligent terminal |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110246708A1 (en) * | 2009-02-27 | 2011-10-06 | Zhaoliang Li | METHOD AND APPARATUS FOR EXECUTING A PROGRAM BY AN SPI INTERFACE MEMORY(amended |
| CN102831450A (en) * | 2012-08-14 | 2012-12-19 | 东信和平科技股份有限公司 | Method and system for reading and writing SD card (Secure Digital Memory Card) based on ISO/IEC7816-3 interface |
| EP2741466A1 (en) * | 2012-12-10 | 2014-06-11 | Oberthur Technologies | Method and system for managing a built-in secured element eSE |
| CN104636666A (en) * | 2013-11-07 | 2015-05-20 | 中国移动通信集团公司 | Method and safety device for safely processing information of mobile terminal |
| CN104899506A (en) * | 2015-05-08 | 2015-09-09 | 深圳市雪球科技有限公司 | Security system implementation method based on virtual security element in trusted execution environment |
| CN105446713A (en) * | 2014-08-13 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Safe storage method and equipment |
| CN105468563A (en) * | 2015-12-28 | 2016-04-06 | 杭州士兰控股有限公司 | SPI slave device, SPI communication system and SPI communication method |
| CN105654168A (en) * | 2015-12-25 | 2016-06-08 | 金邦达有限公司 | Embedded intelligent safety module, safety hardware device, safe data processing system and operation method of embedded intelligent safety module |
-
2016
- 2016-11-23 CN CN201611048948.XA patent/CN106650461A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110246708A1 (en) * | 2009-02-27 | 2011-10-06 | Zhaoliang Li | METHOD AND APPARATUS FOR EXECUTING A PROGRAM BY AN SPI INTERFACE MEMORY(amended |
| CN102831450A (en) * | 2012-08-14 | 2012-12-19 | 东信和平科技股份有限公司 | Method and system for reading and writing SD card (Secure Digital Memory Card) based on ISO/IEC7816-3 interface |
| EP2741466A1 (en) * | 2012-12-10 | 2014-06-11 | Oberthur Technologies | Method and system for managing a built-in secured element eSE |
| CN104636666A (en) * | 2013-11-07 | 2015-05-20 | 中国移动通信集团公司 | Method and safety device for safely processing information of mobile terminal |
| CN105446713A (en) * | 2014-08-13 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Safe storage method and equipment |
| CN104899506A (en) * | 2015-05-08 | 2015-09-09 | 深圳市雪球科技有限公司 | Security system implementation method based on virtual security element in trusted execution environment |
| CN105654168A (en) * | 2015-12-25 | 2016-06-08 | 金邦达有限公司 | Embedded intelligent safety module, safety hardware device, safe data processing system and operation method of embedded intelligent safety module |
| CN105468563A (en) * | 2015-12-28 | 2016-04-06 | 杭州士兰控股有限公司 | SPI slave device, SPI communication system and SPI communication method |
Non-Patent Citations (1)
| Title |
|---|
| 何明,汤伟,赖俊,张婷婷等: "大学计算机基础", vol. 978, 南京:东南大学出版社 , pages: 63 - 64 * |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108616352B (en) * | 2018-04-13 | 2022-01-18 | 北京握奇智能科技有限公司 | Dynamic password generation method and system based on secure element |
| CN108616352A (en) * | 2018-04-13 | 2018-10-02 | 北京握奇智能科技有限公司 | Dynamic password formation method based on safety element and system |
| CN109151777B (en) * | 2018-06-11 | 2020-11-24 | 中国银联股份有限公司 | A kind of contactless communication method and communication device |
| US11775956B2 (en) | 2018-06-11 | 2023-10-03 | China Unionpay Co., Ltd. | Non-contact communication method and communication device |
| CN109151777A (en) * | 2018-06-11 | 2019-01-04 | 中国银联股份有限公司 | A kind of non-switched letter method and communication device |
| CN111027077A (en) * | 2018-10-09 | 2020-04-17 | 中兴通讯股份有限公司 | Encryption method and device of storage equipment and storage medium |
| WO2020073916A1 (en) * | 2018-10-09 | 2020-04-16 | 中兴通讯股份有限公司 | Encryption method and apparatus for storage device, and storage medium |
| CN111027077B (en) * | 2018-10-09 | 2023-09-05 | 中兴通讯股份有限公司 | Encryption method and device for storage equipment and storage medium |
| CN109040147B (en) * | 2018-10-30 | 2023-08-15 | 北京握奇智能科技有限公司 | Encryption and decryption method and system based on TEE+SE |
| CN109040147A (en) * | 2018-10-30 | 2018-12-18 | 北京握奇智能科技有限公司 | A kind of method and system of the encryption and decryption based on TEE+SE |
| CN111125705A (en) * | 2018-11-01 | 2020-05-08 | 华为终端有限公司 | Capability opening method and device |
| US12010250B2 (en) | 2018-11-01 | 2024-06-11 | Huawei Technologies Co., Ltd. | Capability enabling method and apparatus |
| CN111177701A (en) * | 2019-12-11 | 2020-05-19 | 北京握奇智能科技有限公司 | Method and equipment for realizing cryptographic function service based on trusted execution environment and security chip |
| CN111459869A (en) * | 2020-04-14 | 2020-07-28 | 中国长城科技集团股份有限公司 | Data access method, device, equipment and storage medium |
| CN111459869B (en) * | 2020-04-14 | 2022-04-29 | 中国长城科技集团股份有限公司 | Data access method, device, equipment and storage medium |
| CN114286345A (en) * | 2021-12-27 | 2022-04-05 | 无锡融卡科技有限公司 | NFC communication device and method in intelligent terminal |
| CN114286345B (en) * | 2021-12-27 | 2024-04-02 | 无锡融卡科技有限公司 | NFC communication device and method in intelligent terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106650461A (en) | Mobile terminal and access method of embedded type security module based on same | |
| US11743721B2 (en) | Protection of a communication channel between a security module and an NFC circuit | |
| CN102402820B (en) | Electronic transaction method and terminal equipment | |
| US11963004B2 (en) | Detection of a rerouting of a communication channel of a telecommunication device connected to an NFC circuit | |
| CN105472546A (en) | Near field communication method and mobile terminal | |
| CN105592403B (en) | NFC-based communication device and method | |
| CN103559523B (en) | The contactless read-write device realized based on SWP SE and method | |
| US20230186257A1 (en) | Payment method, gateway device, server and storage medium | |
| CN105096113A (en) | Mobile payment method and device | |
| KR20190064792A (en) | Electronic device and method for processing remote payment | |
| CN107005575A (en) | A kind of smart card and its method of work with dynamic token OTP functions | |
| CN101957921A (en) | Display method, device and system of radio frequency identification application information | |
| US12260385B2 (en) | Multi-use near field communication front end on a point of sale system | |
| AU2021273648B2 (en) | Multi-use near field communication front end on a point of sale system | |
| CN105007100A (en) | Information transmission method, apparatus and system of near field communication (NFC) identification chip | |
| JP2012141754A (en) | Ic chip, processing method in ic chip, processing program for ic chip, and portable terminal | |
| CN107911785A (en) | The operating method and device that NFC is applied in a kind of electric terminal | |
| CN205847259U (en) | A kind of bluetooth equipment and bluetooth system | |
| CA3077054C (en) | Multi-use near field communication front end on a point of sale system | |
| EP4354916A1 (en) | Terminal access method, equipment and terminal | |
| WO2022087949A1 (en) | Electronic device and method for entering force loading mode | |
| EP3889865A1 (en) | Method for handling relay attack and secure element | |
| HK1235170A1 (en) | Smart card having function of one time password (otp), and work method therefor | |
| CN113723946A (en) | Transfer method, device and system for mobile phone bank | |
| CN114125828A (en) | Mobile terminal, processing method, equipment and medium for near field communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Sun Jingang Inventor after: Wang Youjun Inventor before: Sun Jingang |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20171122 Address after: 100102 Beijing city Chaoyang District Wangjing Lize Park No. 101 west 7 floor International Building Qiming Applicant after: BEIJING WATCHSMART TECHNOLOGIES Co.,Ltd. Applicant after: BEIJING WATCHDATA Co.,Ltd. Address before: 100102 Beijing city Chaoyang District Wangjing Lize Park No. 101 West eight floor International Building Qiming Applicant before: BEIJING WATCHSMART TECHNOLOGIES Co.,Ltd. |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170510 |