适于二次开发的32位UICC多应用COS平台的研制
|
摘要
智能卡操作系统(Chip Operating System,简称COS)是智能卡在软件层面的核心技术。其研究和开发对智能卡技术的发展和普及有很大的促进作用。
国内各卡商大多开发基于Native的COS(卡操作系统)平台,致力于智能卡芯片的研制,从硬件到软件的自主研发,形成了早期初级COS,移植性、通用性、维护性不好,多为单文件系统、单一应用、单通道,没有考虑多应用的实现,如多应用文件系统的实现、不同应用之间文件隔离、映射,多种PIN管理,多通道实现等。而JAVA卡平台通用性好,但对硬件资源要求非常高,且在实现多文件系统上是一个弱项。
本文研制的UICC COS平台,在整体设计上通过合理的层次化结构,使上层的应用与底层硬件分离,便于平台的移植操作、维护性好;在文件系统设计上,采用了通用的文件系统,使平台具有良好的通用性;在安全性上做了充分的设计;在应用设计上依靠多通道、多文件系统以及多级PIN的相关技术实现了多应用。
提出了二次开发的创新设计,保障了COS层以上应用的合作开发的安全可实现;此外,在掉电保护方面也做了设计和实现,保障了用户数据在使用过程中的安全性和可靠性。本文针对以上设计进行了可靠的脚本测试和实网验证工作,成功实现了UICC SIM和USIM功能,COS能够正常登网、通讯,并实现了USIM卡的批量商用。
The kernel technique of software is the operating system(abbr. COS). The powerful COS can greatly promote the card system to be acceptable and feasible.
The telecommunication smart card based on the 2G, especially in China, various cards business mostly has own COS platform based on Native; Specially the domestic enterprise, devote to the smart card chip development, independently researches and develops from the hardware to the software, polymorphism becomes the early time face SIM primary COS, but the portability ,the versatility and the maintenance are not good, most of them are single document systematic, sole application, single channel, they have not considered the multi-applications the realization,such as realization between multi-application filing system , different application document isolation, mapping, kinds of PIN management, multichannel realization and so on,the JAVA card platform is good onversatility , but it is extremely high to the hardware resources request,it is weak in realizes on the multiple file system. In view of in the above situation, this article has provided a kind of new COS platform design proposal.
This article develops the platform of UICC COS, in the overall design through the reasonable hierarchical structure, causes the upper formation the application and the first floor hardware separates, it is advantageous for the platform the transplant operation, the maintenance is good; In the filing system design, it has used the general filing system which enables the platform to have the good versatility; It has made the full design in the security; In depended upon the multichannel, the multiple files using the design in systematic as well as the multistage PIN correlation techniques has realized the multi-applications; Proposed re-development's innovative designs, safeguarded above the COS level the application cooperation development security to be possible to realize; In addition, it also did in the power failure protection aspect has designed and realizes, has safeguarded the user data in the use process security and the reliability. This article has carried on the reliable script test and the solid net confirmation work in view of the above design, the success has realized UICC SIM and the USIM function, COS can ascend the net and communicate normally.
国内各卡商大多开发基于Native的COS(卡操作系统)平台,致力于智能卡芯片的研制,从硬件到软件的自主研发,形成了早期初级COS,移植性、通用性、维护性不好,多为单文件系统、单一应用、单通道,没有考虑多应用的实现,如多应用文件系统的实现、不同应用之间文件隔离、映射,多种PIN管理,多通道实现等。而JAVA卡平台通用性好,但对硬件资源要求非常高,且在实现多文件系统上是一个弱项。
本文研制的UICC COS平台,在整体设计上通过合理的层次化结构,使上层的应用与底层硬件分离,便于平台的移植操作、维护性好;在文件系统设计上,采用了通用的文件系统,使平台具有良好的通用性;在安全性上做了充分的设计;在应用设计上依靠多通道、多文件系统以及多级PIN的相关技术实现了多应用。
提出了二次开发的创新设计,保障了COS层以上应用的合作开发的安全可实现;此外,在掉电保护方面也做了设计和实现,保障了用户数据在使用过程中的安全性和可靠性。本文针对以上设计进行了可靠的脚本测试和实网验证工作,成功实现了UICC SIM和USIM功能,COS能够正常登网、通讯,并实现了USIM卡的批量商用。
The kernel technique of software is the operating system(abbr. COS). The powerful COS can greatly promote the card system to be acceptable and feasible.
The telecommunication smart card based on the 2G, especially in China, various cards business mostly has own COS platform based on Native; Specially the domestic enterprise, devote to the smart card chip development, independently researches and develops from the hardware to the software, polymorphism becomes the early time face SIM primary COS, but the portability ,the versatility and the maintenance are not good, most of them are single document systematic, sole application, single channel, they have not considered the multi-applications the realization,such as realization between multi-application filing system , different application document isolation, mapping, kinds of PIN management, multichannel realization and so on,the JAVA card platform is good onversatility , but it is extremely high to the hardware resources request,it is weak in realizes on the multiple file system. In view of in the above situation, this article has provided a kind of new COS platform design proposal.
This article develops the platform of UICC COS, in the overall design through the reasonable hierarchical structure, causes the upper formation the application and the first floor hardware separates, it is advantageous for the platform the transplant operation, the maintenance is good; In the filing system design, it has used the general filing system which enables the platform to have the good versatility; It has made the full design in the security; In depended upon the multichannel, the multiple files using the design in systematic as well as the multistage PIN correlation techniques has realized the multi-applications; Proposed re-development's innovative designs, safeguarded above the COS level the application cooperation development security to be possible to realize; In addition, it also did in the power failure protection aspect has designed and realizes, has safeguarded the user data in the use process security and the reliability. This article has carried on the reliable script test and the solid net confirmation work in view of the above design, the success has realized UICC SIM and the USIM function, COS can ascend the net and communicate normally.
引文
[1]徐征,何为,陈义清.基于DDS芯片AD9833的可编程信号源[C].电工理论与新技术2004年学术研讨会论文集,2004.
[2]余永权.嵌入式系统的技术和发展(上).电子世界,2004,(09).
[3]刘嵩岩,毛志刚,叶以正.Java卡的研究与实现.微电子学,2000,(06).
[4]王延斌,叶兵.增强型智能卡的开发研究,2005:14-15.
[5]聂景丰,蒋朝根.智能卡操作系统安全模块研究与实现,2006:14-15.
[6]于健.中国银行卡EMV迁移策略分析,中国信用卡,2005,第1期:40-41.
[7]李翔.智能卡研发技术与工程实践.人民邮电出版社,2003.
[8]范晓红,吴今培,张其善.智能卡文件系统的安全访问机制.微计算机应用,2004第1期:37-42.
[9]刘玉珍.实用智能卡操作系统的设计与实现,武汉大学学报(自然科学版),2000,第3期:309-312.
[10]Wolfgang Rankl,Wolfgang Effing.智能卡大全-智能卡的结构·功能·应用.电子工业出版社,2002.
[11]范晓红,吴今培,张其善.智能卡文件系统的安全访问机制.微计算机应用,2004,第1期:37-42.
[12]ISO/IEC7816-1.Identification cards-lntegrated circuit(s)-cards with contacts,Part1:Physical Characteristics[S],1998.
[13]ISO/IEC7816-2.Information technology-Identification cards-Integrated circuit(s)cards with contacts,Part2:Dimensions and location of the contacts[S],1999.
[14]ISO/IEC7816-3.Information technology-Identification cards-Integrated circuit(s)cards with contacts,Part3:Electronics signals and transmission protocols[S],1997.
[15]ISO/IEC7816-4.Information technology-Identification cards-Integrated circuit(s)cards with eontacts,Part4:Interindustry commands for interchange[S],1995.
[16]ISO/IEC7816-5.Identification cards-Integrated circuit(s)cards with contacts,PartS:Numbering system and registration procedure for application identifiers[5],1994.
[17]黄智伟,智能IC卡操作系统的功能分析.电子计算机与外边设备,2000.
[18]冯清枝,王志群.智能卡的安全机制及其防范策略.中国人民公安大学学报(自然科学版),2004,第1期:95-97.
[19]张利华.双界面智能卡操作系统的安全体系,华东交通大学学报,2002,3第1期:24-27.
[20]AndreW Nash.张玉清等译.公钥基础设施P(KI):实现和管理电子安全,清华大学出版社,2002.
[21]陈纬.智能卡数据安全技术的研究.信息安全与通信保密,2002,3:44-47
[22]Wolfgang Rankl,Wolfgang Effing.Smart card handbook(3 edition),John Wiley &Sons,2004.
[23]杨帆,张焕国.金融智能卡操作系统安全体系研究,计算机应用研究,2005,第9期:96-97
[24]刘楠,曾志民.SIM技术体系和业务研究,2007-4,66-67.
[25]于健.中国银行卡EMV迁移策略分析,中国信用卡,25,第1期:40-41.
[26]关义章.智能卡-未来标准化的安全器件,通信保密,1993(3).
[27]DougiasR,Stnison著.冯登国译.Cryptography Theorynad practice(Scocnd Edition),电子 工业出版社,2003.
[28]张先红.数字签名原理及技术.机械工业出版社,2004.
[29]吴小红,郭艾侠.椭圆曲线密码体制及其在智能卡上的应用,计算机工程与设计,2005,第9期:2555-2560.
[30]3GPP TS 11,11 V8,13,0(2005-06):Speification of the Subscriber Identity Module-Mobile EquLPment(SIM-ME)interface(Release1999).
[31]ETSI TS 102221 V4,11,0(2003-09):Small cards,UICC-Terminal interfaces Physical and logical characteristics(Release4).
[32]吴明.3G智能卡的新业务研究[J].通信世界,2007,(05).
[33]飞天智能卡通过银行卡检测中心PBOC2.0检测[J].电脑编程技巧与维护,2006,(05).
[34]胡入祯.移动通信智能卡的发展及应用[J].电信技术,2003,(01).
[35]杨红梅.3G网络中的Presence业务[J],电信网技术,2006,(10).
[36]崔晓楠.智能卡市场及展望[J].今日电子,2005,(07).
[37]董威,杨义先.一种跨行业多应用智能卡系统模型及实现.计算机工程,2007,第8期:22-23.
[38]International Standard Organization,Information Technology-Identication Cards-Integrated Circuit(s)Cards with Contacts(Part 4):Inter - industry Commands for Interchange[S],1994.
[39]Sun Microsystems Inc.Java Card 2.2 Runtime Environment(JCRE)Specification[Z],2002-05-13.
[40]3rd Generation Partnership Project,3GPP TS 31.101,UICC-Terminal Interface,Physical and Logical Characteristics Version 6.1.0[Z],2002-12.
[41]GlobaLPlatform Inc.GlobaLPlatform Card Specification Version 2.1.1[Z],2003-03-25.
[42]孙伟,牟援朝.电子商务支付系统存在的问题及管理措施研究[J].中国管理信息化(综合版),2007,(01).
[43]王兵,陈冠东.嵌入式系统掉电保护的一种设计方法.单片机及嵌入式系统应用,2006-8-10.
[2]余永权.嵌入式系统的技术和发展(上).电子世界,2004,(09).
[3]刘嵩岩,毛志刚,叶以正.Java卡的研究与实现.微电子学,2000,(06).
[4]王延斌,叶兵.增强型智能卡的开发研究,2005:14-15.
[5]聂景丰,蒋朝根.智能卡操作系统安全模块研究与实现,2006:14-15.
[6]于健.中国银行卡EMV迁移策略分析,中国信用卡,2005,第1期:40-41.
[7]李翔.智能卡研发技术与工程实践.人民邮电出版社,2003.
[8]范晓红,吴今培,张其善.智能卡文件系统的安全访问机制.微计算机应用,2004第1期:37-42.
[9]刘玉珍.实用智能卡操作系统的设计与实现,武汉大学学报(自然科学版),2000,第3期:309-312.
[10]Wolfgang Rankl,Wolfgang Effing.智能卡大全-智能卡的结构·功能·应用.电子工业出版社,2002.
[11]范晓红,吴今培,张其善.智能卡文件系统的安全访问机制.微计算机应用,2004,第1期:37-42.
[12]ISO/IEC7816-1.Identification cards-lntegrated circuit(s)-cards with contacts,Part1:Physical Characteristics[S],1998.
[13]ISO/IEC7816-2.Information technology-Identification cards-Integrated circuit(s)cards with contacts,Part2:Dimensions and location of the contacts[S],1999.
[14]ISO/IEC7816-3.Information technology-Identification cards-Integrated circuit(s)cards with contacts,Part3:Electronics signals and transmission protocols[S],1997.
[15]ISO/IEC7816-4.Information technology-Identification cards-Integrated circuit(s)cards with eontacts,Part4:Interindustry commands for interchange[S],1995.
[16]ISO/IEC7816-5.Identification cards-Integrated circuit(s)cards with contacts,PartS:Numbering system and registration procedure for application identifiers[5],1994.
[17]黄智伟,智能IC卡操作系统的功能分析.电子计算机与外边设备,2000.
[18]冯清枝,王志群.智能卡的安全机制及其防范策略.中国人民公安大学学报(自然科学版),2004,第1期:95-97.
[19]张利华.双界面智能卡操作系统的安全体系,华东交通大学学报,2002,3第1期:24-27.
[20]AndreW Nash.张玉清等译.公钥基础设施P(KI):实现和管理电子安全,清华大学出版社,2002.
[21]陈纬.智能卡数据安全技术的研究.信息安全与通信保密,2002,3:44-47
[22]Wolfgang Rankl,Wolfgang Effing.Smart card handbook(3 edition),John Wiley &Sons,2004.
[23]杨帆,张焕国.金融智能卡操作系统安全体系研究,计算机应用研究,2005,第9期:96-97
[24]刘楠,曾志民.SIM技术体系和业务研究,2007-4,66-67.
[25]于健.中国银行卡EMV迁移策略分析,中国信用卡,25,第1期:40-41.
[26]关义章.智能卡-未来标准化的安全器件,通信保密,1993(3).
[27]DougiasR,Stnison著.冯登国译.Cryptography Theorynad practice(Scocnd Edition),电子 工业出版社,2003.
[28]张先红.数字签名原理及技术.机械工业出版社,2004.
[29]吴小红,郭艾侠.椭圆曲线密码体制及其在智能卡上的应用,计算机工程与设计,2005,第9期:2555-2560.
[30]3GPP TS 11,11 V8,13,0(2005-06):Speification of the Subscriber Identity Module-Mobile EquLPment(SIM-ME)interface(Release1999).
[31]ETSI TS 102221 V4,11,0(2003-09):Small cards,UICC-Terminal interfaces Physical and logical characteristics(Release4).
[32]吴明.3G智能卡的新业务研究[J].通信世界,2007,(05).
[33]飞天智能卡通过银行卡检测中心PBOC2.0检测[J].电脑编程技巧与维护,2006,(05).
[34]胡入祯.移动通信智能卡的发展及应用[J].电信技术,2003,(01).
[35]杨红梅.3G网络中的Presence业务[J],电信网技术,2006,(10).
[36]崔晓楠.智能卡市场及展望[J].今日电子,2005,(07).
[37]董威,杨义先.一种跨行业多应用智能卡系统模型及实现.计算机工程,2007,第8期:22-23.
[38]International Standard Organization,Information Technology-Identication Cards-Integrated Circuit(s)Cards with Contacts(Part 4):Inter - industry Commands for Interchange[S],1994.
[39]Sun Microsystems Inc.Java Card 2.2 Runtime Environment(JCRE)Specification[Z],2002-05-13.
[40]3rd Generation Partnership Project,3GPP TS 31.101,UICC-Terminal Interface,Physical and Logical Characteristics Version 6.1.0[Z],2002-12.
[41]GlobaLPlatform Inc.GlobaLPlatform Card Specification Version 2.1.1[Z],2003-03-25.
[42]孙伟,牟援朝.电子商务支付系统存在的问题及管理措施研究[J].中国管理信息化(综合版),2007,(01).
[43]王兵,陈冠东.嵌入式系统掉电保护的一种设计方法.单片机及嵌入式系统应用,2006-8-10.