WO2017201908A1 - Procédé et système de gestion de sécurité de programme d'application - Google Patents

Procédé et système de gestion de sécurité de programme d'application Download PDF

Info

Publication number
WO2017201908A1
WO2017201908A1 PCT/CN2016/097464 CN2016097464W WO2017201908A1 WO 2017201908 A1 WO2017201908 A1 WO 2017201908A1 CN 2016097464 W CN2016097464 W CN 2016097464W WO 2017201908 A1 WO2017201908 A1 WO 2017201908A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
data
key
security
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2016/097464
Other languages
English (en)
Chinese (zh)
Inventor
钟焰涛
傅文治
蒋罗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Original Assignee
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yulong Computer Telecommunication Scientific Shenzhen Co Ltd filed Critical Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Publication of WO2017201908A1 publication Critical patent/WO2017201908A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to an application security management method and system.
  • SIM Subscriber Identity Module
  • eSIM embedded SIM card.
  • the eSIM card Different from the current SIM card supporting only one network operator's service, the eSIM card stores multiple network operator profiles, which can support the mobile terminal to switch between different network operator services.
  • GSMA Global System for Mobile Communications Alliance
  • eUICC embedded Universal Integrated Circuit Card
  • an eUICC chip can download and install dozens of eSIM cards.
  • key data of the user's key applications for example, electronic wallet, bank certificate, etc.
  • An application security management method is applied to a mobile terminal, where the mobile terminal includes an eUICC device, and the eUICC device is provided with a security domain, and the method includes:
  • the key data generated when the key application is registered is stored in the security domain.
  • the key application includes an application for associating a bank card
  • the key data includes an encryption and decryption key, a signature key, and a password.
  • the method further includes:
  • the occupation notification of the security domain is reported to the subscription manager security route.
  • the method further comprises:
  • the method further includes:
  • the data of the authentication critical application comprises biometric data, behavioral feature data or cryptographic data of the user.
  • An application security management system is applied to a mobile terminal, where the mobile terminal includes an eUICC device, and the eUICC device is provided with a security domain, and the system includes:
  • a storage module configured to store key data generated when the key application is registered in the security domain.
  • the key application comprises an application associated with a bank card, the key data comprising an encryption and decryption key, a signature key, a password.
  • the system further comprises:
  • the reporting module is configured to report the occupation notification of the security domain to the subscription manager.
  • the storage module is further configured to:
  • the system further comprises:
  • a receiving module configured to receive authentication data input by a user
  • a determining module configured to determine whether the authentication data input by the user is related to the pre-stored authentication key The application's data matches;
  • a releasing module configured to: when the determining module determines that the authentication data input by the user matches the data of the pre-stored authentication key application, disarming the key data in the security domain;
  • the reporting module is further configured to report the application uninstallation of the security domain to the subscription manager secure route;
  • An uninstallation module is used to complete the uninstallation of the critical application.
  • the data of the authentication critical application comprises biometric data, behavioral feature data or cryptographic data of the user.
  • the key data of the critical application can be stored in the security domain of the eUICC, and the key data is prevented from being leaked when multiple eSIM cards coexist, thereby improving security.
  • FIG. 1 is a schematic diagram of a hardware architecture of a preferred embodiment of a mobile terminal for executing an application security management system of the present invention.
  • FIG. 2 is a schematic flow chart of an application security management method according to a first embodiment of the present invention.
  • FIG. 3 is a schematic diagram of information flow of an application security management method according to a first embodiment of the present invention.
  • FIG. 4 is a schematic flow chart of an application security management method according to a second embodiment of the present invention.
  • FIG. 5 is a functional block diagram of the application security management system of the present invention.
  • Mobile terminal 1 Application security management system 10 Storage device 20 Processing equipment 30 display screen 40 eUICC device 50
  • the mobile terminal 1 is a schematic diagram of a hardware architecture of a preferred embodiment of a mobile terminal for executing an application security management system of the present invention.
  • the mobile terminal 1 includes, but is not limited to, an application security management system 10, a storage device 20, a processing device 30, a display device 40, and an embedded universal integrated circuit card (eUICC). ) Device 50.
  • an application security management system 10 a storage device 20
  • a processing device 30 a display device 40
  • eUICC embedded universal integrated circuit card
  • the mobile terminal 1 may be a mobile terminal capable of automatically performing numerical calculation and/or information processing according to an instruction set or stored in advance, and the hardware thereof includes but is not limited to a microprocessor, an application specific integrated circuit, and a programmable gate array. , digital processors, embedded devices, etc.
  • the mobile terminal 1 may comprise a user equipment.
  • the user equipment includes, but is not limited to, any electronic product that can interact with a user through a keyboard, a mouse, a remote controller, a touch pad, or a voice control device, such as a personal computer, a tablet computer, a smart phone, and a personal digital device.
  • the network where the user equipment is located includes, but is not limited to, the Internet, a wide area network, Metropolitan area network, local area network, virtual private network (VPN), etc.
  • VPN virtual private network
  • the application security management system 10 is configured to store key data of the critical application in a security domain of the eUICC when the user downloads the critical application, and read the eUICC security domain when running and/or uninstalling the critical application.
  • the critical data and the user-defined authentication can perform related operations, thus improving the security of critical applications.
  • the critical application is an application that requires high security protection, including, but not limited to, any application associated with a bank card, such as an electronic wallet, mobile banking, and other payment software.
  • Key data for critical applications includes, but is not limited to, encryption and decryption keys, signing keys, and passwords.
  • the storage device 20 is configured to store program codes of respective program segments in the application security management system 10.
  • the storage device 20 can be a storage device such as a smart media card, a secure digital card, or a flash card.
  • the storage device 10 stores user-defined authentication authentication data, for example, biometric data and/or behavior characteristic data of the user.
  • the biometric data includes fingerprint data, face data, hand data, iris data, retina data, pulse data, or auricle data.
  • the behavior characteristic data includes handwriting, sound, key strength, and the like.
  • the user-defined authentication authentication data stored by the storage device 10 further includes a verification password set by the user, and the password may be a number, a letter, a symbol, or the like, or a combination of numbers, letters, symbols, and the like.
  • the processing device 30 can be comprised of one or more microprocessors, digital processors.
  • the processing device 30 is communicatively coupled to the application security management system 10, the storage device 20, the display device 40, and the eUICC device 50.
  • the communication can occur over a serial peripheral interface bus or some other communication path and protocol.
  • some or all of the communication data may also be encrypted by a private key, which may be a dynamic random key string code.
  • the display device 40 includes, but is not limited to, a display device having a touch function such as a touch display screen.
  • the eUICC device 50 is an embedded Universal Integrated Circuit Card (eUICC) for remotely managing a plurality of mobile network operators (MNOs) personal management services and conforms to the global mobile communication system. Regulations of the Global System for Mobile Communications Alliance (GSMA).
  • GSMA Global System for Mobile Communications Alliance
  • FIG. 2 it is a flowchart of an application security management method according to a first embodiment of the present invention. According to The order of the steps in the flowchart may be changed for different requirements, and some steps may be omitted.
  • step 210 the key application is downloaded.
  • the critical application may be downloaded through the application security management system 10, or the application may be downloaded through the mobile terminal 1 to download the critical application.
  • the key application refers to an application that requires high security protection, such as an application that associates a bank card, such as payment software, banking software, and the like.
  • Step 212 Store key data generated when the key application is registered in a security domain of the eUICC device 50.
  • the key data of the key application includes, but is not limited to, an encryption and decryption key, a signature key, and a password.
  • the eUICC device 50 can download multiple eSIM cards, and different eSIM cards can use different mobile network operators.
  • Each eSIM card stores information such as user identity, user authentication parameters (eg, encryption and decryption keys, etc.) and algorithms, user's phone book and short message data, and customized parameters of the mobile network operator.
  • the eUICC device 50 has a plurality of unassigned security domains in the storage space, and each of the unassigned security domains may be subsequently assigned to the eSIM card.
  • Each unassigned security domain in the eUICC device 50 has a permanent and unique identifier ID.
  • the security domain is used for secure storage of security values such as cryptographic keys, critical data for critical applications.
  • the storage space of the eUICC device 50 may be preset with a security domain, and the preset security domain may be allocated to the newly downloaded eSIM card, or may be used only for storing the security value without Assigned to the newly downloaded eSIM card.
  • the security domain may also provide access to security information through one or more standardized protocols as known to those skilled in the art.
  • Step 214 Report the occupation notification of the security domain to the subscription manager security route.
  • the application security management system 10 reports the occupation notification of the security domain to the subscription manager through the network.
  • the Subscription Manager Secure Routing (SM-SR) is mainly responsible for secure routing and transmission of eUICC remote profile data.
  • the specific process of the application security management system 10 reporting the occupation notification of the security domain to the SM-SR is shown in FIG. 3 and the corresponding description.
  • the application security management method may further include: the application The security management system 10 pre-stores data for authenticating critical applications.
  • the application security management system 10 receives data of one or more authentication critical applications preset by the user and stores data of the authentication critical application.
  • the data of the authentication critical application may be biometric data of the user, and the biometric data of the user includes fingerprint data, face data, hand data, iris data, retina data, pulse data or auricle data.
  • the data of the authentication critical application may also be behavior characteristic data of the user, and the behavior characteristic data of the user includes handwriting, sound, key strength, and the like.
  • the data of the authentication critical application may also be password data, and the password may be a number, a letter, a symbol, or the like or a combination of numbers, letters, symbols, and the like.
  • the data of the authentication critical application may also be a combination of two or all of the user's biometric data, behavioral feature data, and password data.
  • the application security management system 10 reports the information flow of the occupation information of the security domain to the SM-SR.
  • the order of the steps in the flowchart may be changed according to different requirements, and some steps may be omitted.
  • S310 The mobile terminal 1 sends an application installation occupation notice of the security domain to the mobile network operator MNO.
  • the application security management system 10 of the mobile terminal 1 sends an application installation occupation notification of the security domain to the mobile network operator MNO through the network.
  • the application installation occupation notification of the security domain carries an identifier of the security domain, an identifier of the eUICC, and remaining space information of the security domain.
  • S312 MNO and SM-SR mutually authenticate.
  • the MNO and the SM-SR first perform mutual authentication: the MNO confirms that the SM-SR is legal and reliable, and the SM-SR also confirms that the identity information announced by the MNO is authentic. After the two-way authentication succeeds, the MNO and SM-SR establish a secure IP connection (to prevent remote configuration information from leaking).
  • S314 The MNO sends an application installation occupation notification of the security domain to the SM-SR.
  • S316 The SM-SR records the occupation information of the security domain in a database.
  • the invention stores the key data of the key application in a secure domain of the eUICC, and can effectively improve the security of the key data when a plurality of eSIM cards coexist.
  • the critical application When running the critical application, it is necessary to read the key data stored in the eUICC. In other embodiments, it is also required to determine whether the data input by the user matches the data of the pre-stored authentication critical application, only in determining the data input by the user and the pre-stored authentication critical application. The critical application can be run when the program's data matches.
  • the SM-SR is required to report the application uninstallation of the security domain to meet the SM-SR management of the eUICC.
  • Figure 4. The order of the steps in the flowchart may be changed according to different requirements, and some steps may be omitted.
  • Step 410 Receive authentication data input by a user.
  • the application security management system 10 may receive fingerprint data input by the user by touching the display device 40, hand shape data, and may also receive key velocity data input by the user by pressing the display device 40. Handwriting data input by the user by writing characters on the display device 40 or input password data or the like can be received.
  • the mobile terminal 1 further includes a voice device, and the application security management system 10 can receive sound data input by the user through the voice device.
  • the mobile terminal 1 further includes an image collection device, and the application security management system 10 can receive facial data, iris data, retina data, and auricle data input by the user through the image collection device. .
  • Step 412 Determine whether the authentication data input by the user matches the authentication data of the pre-stored key application.
  • step 414 determines that the authentication data input by the user matches the authentication data of the pre-stored key application.
  • step 413 is performed.
  • step 413 the uninstallation of the key application is exited.
  • the step 413 may further include the application security management system 10 displaying a prompt for user authentication failure on the display device 40, or outputting the unsuccessful voice information through the voice device.
  • step 414 the occupation of key data in the security domain is released.
  • the application security management system 10 deletes key data in the security domain to release the occupation of key data in the security domain.
  • Step 416 Report the application uninstallation of the security domain to the SM-SR.
  • the application security management system 10 reports the application uninstallation of the security domain to the SM-SR through the network.
  • the application security management system 10 reports the application uninstallation of the security domain to the SM-SR.
  • the specific process of the notification is reported to the application security management system 10 to report the occupation notification of the security domain to the subscription manager. This article will not go into details here.
  • Step 418 completing the uninstallation of the key application.
  • the application security management system 10 includes a downloading module 500, a storage module 501, a reporting module 502, a receiving module 503, a determining module 504, an exiting module 505, a releasing module 506, an uninstalling module 507, and a prompting module 508.
  • a module referred to in the present invention refers to a series of computer program segments that can be executed by processing device 30 and that are capable of performing fixed functions, which are stored in storage device 20. In the present embodiment, the functions of the respective modules will be described in detail in the subsequent embodiments.
  • the download module 500 is configured to download a critical application.
  • the download module 500 can log in to the application mall through the mobile terminal 1 to download a key application.
  • the key application refers to an application that requires high security protection, such as an application that associates a bank card, such as payment software, banking software, and the like.
  • the storage module 501 is configured to store key data generated when the key application is registered in a security domain of the eUICC device 50.
  • the key data of the key application includes, but is not limited to, an encryption and decryption key, a signature key, and a password.
  • the eUICC device 50 can download multiple eSIM cards, and different eSIM cards can use different mobile network operators.
  • Each eSIM card stores information such as a user identity, a user authentication parameter (addition and decryption key, etc.) and an algorithm, a user's phone book and short message data, and a customized parameter of the mobile network operator.
  • the eUICC device 50 has a plurality of unassigned security domains in the storage space, and each of the unassigned security domains may be subsequently assigned to the eSIM card.
  • Each unassigned security domain in the eUICC device 50 has a permanent and unique identifier ID.
  • the security domain is used for secure storage of security values such as cryptographic keys, critical data for critical applications.
  • the storage space of the eUICC device 50 may be preset with a security domain, and the preset security domain may be allocated to the newly downloaded eSIM card, or may be used only for storing the security value without Assigned to the newly downloaded eSIM card.
  • the security domain may also provide access to security information through one or more standardized protocols as known to those skilled in the art.
  • the reporting module 502 is configured to report the occupation notification of the security domain to the subscription manager.
  • the reporting module 502 reports the occupation notification of the security domain to the subscription manager through the network.
  • the Subscription Manager Secure Routing (SM-SR) is mainly responsible for secure routing and transmission of eUICC remote profile data.
  • the specific process of the application security management system 10 reporting the occupation notification of the security domain to the SM-SR is shown in FIG. 3 and the corresponding description.
  • the storage module 501 is further configured to pre-store data of the authentication critical application.
  • the storage module 501 receives data of one or more authentication critical applications preset by the user and stores the data.
  • the data of the authentication critical application may be biometric data of the user, and the biometric data of the user includes fingerprint data, face data, hand data, iris data, retina data, pulse data or auricle data.
  • the data of the authentication critical application may also be behavior characteristic data of the user, and the behavior characteristic data of the user includes handwriting, sound, key strength, and the like.
  • the data of the authentication critical application may also be password data, and the password may be a number, a letter, a symbol, or the like or a combination of numbers, letters, symbols, and the like.
  • the data of the authentication critical application may also be a combination of two or all of the user's biometric data, behavioral feature data, and password data.
  • the invention stores the key data of the key application in a secure domain of the eUICC, and can effectively improve the security of the key data when a plurality of eSIM cards coexist.
  • the critical application When running the critical application, it is necessary to read the key data stored in the eUICC. In other embodiments, it is also required to determine whether the data input by the user matches the data of the pre-stored authentication critical application, and only determines the data input by the user and the data of the pre-stored authentication critical application. The critical application can be run when it matches.
  • the application release release notification of the security domain needs to be reported to the SM-SR to meet the SM-SR management of the eUICC.
  • the receiving module 503 is configured to receive authentication data input by a user.
  • the receiving module 503 can receive the fingerprint data and the hand shape data input by the user by touching the display device 40, and can also receive the button strength data input by the user by pressing the display device 40, and can also receive the user pass.
  • the handwriting data or the input password data or the like is written on the display device 40.
  • the mobile terminal 1 further includes a voice device, and the receiving module 503 can receive the number of voices input by the user through the voice device. according to.
  • the mobile terminal 1 further includes an image acquisition device, and the receiving module 503 can receive facial data, iris data, retina data, and auricle data input by the user through the image acquisition device.
  • the determining module 504 is configured to determine whether the authentication data input by the user matches the authentication data of the pre-stored key application.
  • the exiting module 505 is configured to exit the uninstallation of the critical application when the authentication data input by the user does not match the authentication data of the pre-stored critical application.
  • the release module 506 is configured to delete key data in the security domain to release the occupation of key data in the security domain.
  • the reporting module 502 is further configured to report the notification of application uninstallation of the security domain to the SM-SR.
  • the reporting module 502 reports the application uninstallation of the security domain to the SM-SR through the network.
  • the uninstalling module 507 is configured to complete the uninstallation of the critical application when the authentication data input by the user matches the authentication data of the pre-stored critical application.
  • the prompting module 508 is configured to prompt the user to fail the authentication on the display device 40, or output the unsuccessful voice information through the voice device.
  • modules described as separate components may or may not be physically separated, and the components displayed as modules may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional module in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of hardware plus software function modules.
  • the above-described integrated unit implemented in the form of a software function module can be stored in a computer readable storage medium.
  • the above software function modules are stored in a storage medium, including several instructions. Part of the steps of the method of the various embodiments of the present invention are performed by a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

La présente invention concerne un procédé de gestion de sécurité de programmes d'application, applicable à un terminal mobile. Le terminal mobile comprend un dispositif d'eUICC pourvu d'un domaine de sécurité. Le procédé consiste : à télécharger un programme d'application de clé ; et à stocker des données de clé générées pendant l'enregistrement du programme d'application de clé dans le domaine de sécurité. La présente invention concerne en outre un système de gestion de sécurité de programme d'application. Grâce au stockage de données de clé d'un programme d'application de clé dans un domaine de sécurité d'une eUICC, on évite des fuites des données de clé provoquées par la coexistence de multiples cartes eSIM, et on améliore ainsi la sécurité des données de clé.
PCT/CN2016/097464 2016-05-25 2016-08-31 Procédé et système de gestion de sécurité de programme d'application Ceased WO2017201908A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610352945.9A CN105827653A (zh) 2016-05-25 2016-05-25 应用程序安全管理方法和系统
CN201610352945.9 2016-05-25

Publications (1)

Publication Number Publication Date
WO2017201908A1 true WO2017201908A1 (fr) 2017-11-30

Family

ID=56531221

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/097464 Ceased WO2017201908A1 (fr) 2016-05-25 2016-08-31 Procédé et système de gestion de sécurité de programme d'application

Country Status (2)

Country Link
CN (1) CN105827653A (fr)
WO (1) WO2017201908A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102021002193A1 (de) 2021-04-26 2022-10-27 Giesecke+Devrient Mobile Security Gmbh Zahlungslösung, insbesondere digitale Zahlungslösung

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105827653A (zh) * 2016-05-25 2016-08-03 宇龙计算机通信科技(深圳)有限公司 应用程序安全管理方法和系统
CN106484796B (zh) * 2016-09-22 2022-12-20 宇龙计算机通信科技(深圳)有限公司 文件管理方法、文件管理装置及移动终端
CN108966205B (zh) * 2018-07-04 2021-08-27 高新兴物联科技有限公司 一种兼容多种eSIM管理规范的方法、设备及计算机可读存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104469737A (zh) * 2014-11-17 2015-03-25 中国联合网络通信集团有限公司 一种嵌入式通用集成电路卡及其用户签约信息激活方法
CN105282732A (zh) * 2014-07-17 2016-01-27 三星电子株式会社 用于更新配置文件管理服务器的方法和设备
CN105488427A (zh) * 2014-10-06 2016-04-13 意法半导体公司 移动装置安全模块中的客户端可访问的安全区域
CN105827653A (zh) * 2016-05-25 2016-08-03 宇龙计算机通信科技(深圳)有限公司 应用程序安全管理方法和系统

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2810360C (fr) * 2012-06-27 2016-05-10 Rogers Communications Inc. Systeme et procede de mise a disposition a distance de cartes a circuits integres universelles integrees
FR3002398B1 (fr) * 2013-02-18 2015-04-03 Oberthur Technologies Procede de creation d'un profil dans un domaine de securite d'un element securise

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105282732A (zh) * 2014-07-17 2016-01-27 三星电子株式会社 用于更新配置文件管理服务器的方法和设备
CN105488427A (zh) * 2014-10-06 2016-04-13 意法半导体公司 移动装置安全模块中的客户端可访问的安全区域
CN104469737A (zh) * 2014-11-17 2015-03-25 中国联合网络通信集团有限公司 一种嵌入式通用集成电路卡及其用户签约信息激活方法
CN105827653A (zh) * 2016-05-25 2016-08-03 宇龙计算机通信科技(深圳)有限公司 应用程序安全管理方法和系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102021002193A1 (de) 2021-04-26 2022-10-27 Giesecke+Devrient Mobile Security Gmbh Zahlungslösung, insbesondere digitale Zahlungslösung
WO2022228726A1 (fr) 2021-04-26 2022-11-03 Giesecke+Devrient Mobile Security Gmbh Solution de paiement, en particulier solution de paiement numérique

Also Published As

Publication number Publication date
CN105827653A (zh) 2016-08-03

Similar Documents

Publication Publication Date Title
KR102325912B1 (ko) 디바이스에 대한 총체적 모듈 인증
US11610019B2 (en) Information management method, apparatus, and information management system
US20180082050A1 (en) Method and a system for secure login to a computer, computer network, and computer website using biometrics and a mobile computing wireless electronic communication device
US20080003980A1 (en) Subsidy-controlled handset device via a sim card using asymmetric verification and method thereof
US8600355B1 (en) Systems and methods for authenticating applications for access to secure data using identity modules
CN105553928B (zh) 一种基于生物特征识别的通信方法、装置及系统
CN112559993A (zh) 身份认证方法、装置、系统及电子设备
US10069820B2 (en) Linked registration
WO2017210934A1 (fr) Procédé d'enregistrement de carte sim intégrée, procédé d'authentification de carte sim intégrée et systèmes correspondants
CN113472774A (zh) 账号免登录方法、系统、设备及计算机可读存储介质
WO2017201908A1 (fr) Procédé et système de gestion de sécurité de programme d'application
CN106293816A (zh) 一种增加用户与移动智能终端安装的App的黏度的方法
CN107623907A (zh) eSIM卡锁网方法、终端及锁网认证服务器
CN104660417B (zh) 验证方法、验证装置和电子设备
JP5440710B2 (ja) 情報処理装置、情報処理装置制御方法及び情報処理装置制御プログラム
US20110154436A1 (en) Provider Management Methods and Systems for a Portable Device Running Android Platform
CN110719257A (zh) 单页面应用的权限管理方法、装置、设备及存储介质
CN112597452A (zh) 应用程序接口调用方法、装置、存储介质及电子设备
KR20140043071A (ko) 접속 시도 기기 인증 시스템 및 방법
CN108540591B (zh) 通讯录管理方法、通讯录管理装置及电子设备
CN105554751A (zh) 一种无卡终端注册移动网络的方法、设备及系统
KR101221728B1 (ko) 그래픽 otp 인증을 위한 인증처리서버 및 그 방법
US20090077382A1 (en) Method for the preparation of a chip card for electronic signature services
US12568374B2 (en) Cloud computing environment and a method for providing remote secure element services
CN114722382A (zh) 基于软件环境的密码管理方法、系统、设备及存储介质

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16902894

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16902894

Country of ref document: EP

Kind code of ref document: A1