CN104994498A - Method and system for interaction between terminal application and mobile phone card application - Google Patents

Abstract

Translated fromChinese

本发明公开了一种终端应用与手机卡应用交互的方法及系统，涉及互联网技术领域，为了解决现有的交互方法的安全性较低的问题而发明。该方法包括：机卡交互安全控制中间件接收机卡交互组件的请求消息，该请求消息包括终端应用的注册标识、目标手机卡应用的标识和终端应用的数字签名；根据终端应用的注册标识，获取预存储的数字签名公钥和终端应用的文件摘要；通过数字签名公钥解密终端应用的数字签名，得到目标文件；判断目标文件与获取的终端应用的文件摘要的内容是否相同；如果相同，则向机卡交互组件返回允许访问响应消息，该允许访问响应消息用于表示允许终端应用访问目标手机卡应用。本发明应用在终端应用与手机卡应用交互的过程中。

The invention discloses a method and system for interaction between a terminal application and a mobile phone card application, relates to the technical field of the Internet, and is invented in order to solve the problem of low security of the existing interaction method. The method includes: a request message of the machine-card interaction security control middleware receiver card interaction component, the request message including the registration identifier of the terminal application, the identifier of the target mobile phone card application and the digital signature of the terminal application; according to the registration identifier of the terminal application, Obtain the pre-stored digital signature public key and the file digest of the terminal application; decrypt the digital signature of the terminal application through the digital signature public key to obtain the target file; determine whether the content of the target file is the same as the obtained terminal application file digest; if they are the same, Then return an access permission response message to the phone-card interaction component, where the access permission response message is used to indicate that the terminal application is allowed to access the target phone card application. The present invention is applied in the process of interaction between the terminal application and the mobile phone card application.

Description

Translated fromChinese

一种终端应用与手机卡应用交互的方法及系统Method and system for interaction between terminal application and mobile phone card application

技术领域technical field

本发明涉及互联网技术领域，尤其涉及一种终端应用与手机卡应用交互的方法及系统。The invention relates to the technical field of the Internet, in particular to a method and a system for interacting between a terminal application and a mobile phone card application.

背景技术Background technique

目前，手机卡(有些文献也称之为用户身份识别卡、智能卡)作为手机终端的用户识别模块(英文：Subscriber/User Identity Module,简称：SIM/UIM)这一信息载体，由于其具有安全数据存储能力，越来越多的应用开发商以手机卡为开发环境推出多款手机卡应用。此外，随着移动互联网及无线射频识别技术的发展，手机卡应用在移动互联网应用中发挥着越来越重要的作用，终端应用与手机卡应用的交互也越来越频繁，例如：当利用支付宝等终端应用进行支付活动时，手机卡应用可通过射频识别技术读取用户的银行卡信息然后传递至支付宝等终端应用，而无需通过人工输入银行卡信息。At present, the mobile phone card (some documents are also called user identification card, smart card) is used as the information carrier of the user identification module (English: Subscriber/User Identity Module, referred to as: SIM/UIM) of the mobile terminal. In terms of storage capacity, more and more application developers use the mobile phone card as the development environment to launch a variety of mobile phone card applications. In addition, with the development of mobile Internet and radio frequency identification technology, mobile phone card applications are playing an increasingly important role in mobile Internet applications, and the interaction between terminal applications and mobile phone card applications is becoming more and more frequent. For example: when using Alipay When terminal applications such as Alipay perform payment activities, the mobile phone card application can read the user's bank card information through radio frequency identification technology and then transmit it to terminal applications such as Alipay without manually entering bank card information.

现有的一种终端应用与手机卡应用交互的方法主要包括：通过在终端侧建立一个安全交互中间件、手机卡侧建立一个解释层；终端成功选择手机卡侧的解释层后，发送指令取得手机卡解释层返回的命令列表，安全中间件发送携带命令索引的终端响应命令，安全中间件随后在指令下发流程中发送携带下载数据的终端响应命令，SIM卡应用执行完相应操作后通过解释层返回携带上传数据的主动式命令(DISPLAY TEXT、GET KEY、GET INPUT等)，交互结束后终端向SIM卡发送取消选择指令，解除解释层的选择操作。在交互流程中，终端应用根据交互指令的下载、上传需求分别选择相应的菜单条目，进而执行相应操作取得所需的指令。An existing method for interaction between a terminal application and a mobile phone card application mainly includes: establishing a security interaction middleware on the terminal side and an interpretation layer on the mobile card side; The command list returned by the mobile phone card interpretation layer, the security middleware sends the terminal response command carrying the command index, the security middleware then sends the terminal response command carrying the downloaded data in the command issuing process, and the SIM card application executes the corresponding operation through the explanation The layer returns active commands (DISPLAY TEXT, GET KEY, GET INPUT, etc.) carrying the uploaded data. After the interaction, the terminal sends a cancel selection command to the SIM card to release the selection operation of the interpretation layer. In the interactive process, the terminal application selects corresponding menu items according to the download and upload requirements of the interactive command, and then executes the corresponding operation to obtain the required command.

在终端应用与手机卡应用进行数据交互的上述过程中，任意终端应用都可以与手机卡应用进行交互，而由于终端应用鱼龙混杂，可能会有恶意应用与手机卡应用进行交互，可能带来用户数据的恶意窃取，因而现有的这种终端应用与手机卡应用的交互方法的安全性较低。In the above-mentioned process of data interaction between the terminal application and the mobile card application, any terminal application can interact with the mobile card application, and because the terminal application is mixed, there may be malicious applications interacting with the mobile card application, which may bring user data Malicious theft, thus the security of the existing interaction method between the terminal application and the mobile phone card application is relatively low.

发明内容Contents of the invention

本发明提供一种终端应用与手机卡应用交互的方法及系统，为了解决现有技术中终端应用与手机卡应用交互时，安全性较低的问题。The present invention provides a method and system for interaction between a terminal application and a mobile phone card application, in order to solve the problem of low security in the prior art when the terminal application interacts with the mobile phone card application.

为达到上述目的，本发明采用如下技术方案：To achieve the above object, the present invention adopts the following technical solutions:

所述方法应用于移动终端，所述移动终端包括机卡交互组件和机卡交互安全控制中间件，所述机卡交互安全控制中间件位于手机卡内，所述方法包括：The method is applied to a mobile terminal. The mobile terminal includes a machine-card interaction component and a machine-card interaction security control middleware. The machine-card interaction security control middleware is located in a mobile phone card. The method includes:

所述机卡交互安全控制中间件接收所述机卡交互组件转发的终端应用向目标手机卡应用发送的请求消息，所述请求消息用于表示终端应用向目标手机卡应用发送的访问请求，所述请求消息包括所述终端应用的注册标识、所述目标手机卡应用的标识和所述终端应用的数字签名；The machine-card interaction security control middleware receives the request message sent by the terminal application to the target mobile phone card application forwarded by the machine-card interaction component, and the request message is used to represent the access request sent by the terminal application to the target mobile phone card application. The request message includes the registration identifier of the terminal application, the identifier of the target mobile phone card application and the digital signature of the terminal application;

所述机卡交互安全控制中间件根据所述终端应用的注册标识，获取预存储的数字签名公钥和所述终端应用的文件摘要；The machine-card interaction security control middleware obtains the pre-stored digital signature public key and the file abstract of the terminal application according to the registration identifier of the terminal application;

所述机卡交互安全控制中间件通过所述数字签名公钥解密所述终端应用的数字签名，得到目标文件；The machine-card interaction security control middleware decrypts the digital signature of the terminal application through the digital signature public key to obtain the target file;

所述机卡交互安全控制中间件判断所述目标文件与获取的所述终端应用的文件摘要的内容是否相同；The machine-card interaction security control middleware judges whether the content of the target file is the same as that of the acquired file abstract of the terminal application;

如果相同，则所述机卡交互安全控制中间件向所述机卡交互组件返回允许访问响应消息，所述允许访问响应消息用于表示允许所述终端应用访问所述目标手机卡应用标识。If they are the same, the machine-card interaction security control middleware returns an access permission response message to the machine-card interaction component, and the access permission response message is used to indicate that the terminal application is allowed to access the target mobile phone card application identifier.

一种终端应用与手机卡应用交互的系统，所述系统包括机卡交互安全控制中间件和机卡交互组件，其中：A system for interaction between a terminal application and a mobile phone card application, the system includes a machine-card interaction security control middleware and a machine-card interaction component, wherein:

所述机卡交互安全控制中间件，用于接收所述机卡交互组件发送的请求消息，所述请求消息用于表示终端应用向目标手机卡应用发送的访问请求，所述请求消息包括所述终端应用的注册标识、所述目标手机卡应用的标识和所述终端应用的数字签名；The machine-card interaction security control middleware is used to receive the request message sent by the machine-card interaction component, the request message is used to represent the access request sent by the terminal application to the target mobile phone card application, and the request message includes the The registration identifier of the terminal application, the identifier of the target mobile phone card application and the digital signature of the terminal application;

所述机卡交互安全控制中间件，还用于根据所述终端应用的注册标识，获取预存储的数字签名公钥和所述终端应用的文件摘要；The machine-card interaction security control middleware is further configured to obtain a pre-stored digital signature public key and a file abstract of the terminal application according to the registration identifier of the terminal application;

所述机卡交互安全控制中间件，还用于通过所述数字签名公钥解密所述终端应用的数字签名，得到目标文件；The machine-card interaction security control middleware is also used to decrypt the digital signature of the terminal application through the digital signature public key to obtain the target file;

所述机卡交互安全控制中间件，还用于判断所述目标文件与获取的所述终端应用的文件摘要的内容是否相同；The machine-card interaction security control middleware is also used to determine whether the content of the target file is the same as that of the acquired file summary of the terminal application;

所述机卡交互安全控制中间件，还用于当所述目标文件与获取的所述终端应用的文件摘要的内容相同时，向所述机卡交互组件返回允许访问响应消息，所述允许访问响应消息用于表示允许所述终端应用访问所述目标手机卡应用。The machine-card interaction security control middleware is further configured to return an access permission response message to the machine-card interaction component when the content of the target file is the same as the acquired file abstract of the terminal application, and the access permission The response message is used to indicate that the terminal application is allowed to access the target mobile phone card application.

本发明提供的终端应用与手机卡应用交互的方法及系统，在手机卡内增加机卡交互安全控制中间件，当接收到请求消息时，该机卡交互安全控制中间件能够解密请求消息得到终端应用的文件摘要，将解密得到的文件摘要和预存储的该终端应用的摘要进行比对以确定该终端应用是否为合法应用，当终端应用为合法应用时才允许终端应用访问手机卡应用。与现有技术中的任意终端应用都能与手机卡应用进行交互进而交互的安全性较低相比，本发明能够对终端应用进行鉴别，仅允许合法应用访问手机卡应用，因而能够提高终端应用与手机卡应用交互的安全性。In the method and system for interaction between terminal applications and mobile phone card applications provided by the present invention, machine-card interaction security control middleware is added in the mobile phone card. When a request message is received, the machine-card interaction security control middleware can decrypt the request message to obtain the terminal The file summary of the application, compare the decrypted file summary with the pre-stored summary of the terminal application to determine whether the terminal application is a legal application, and only allow the terminal application to access the mobile card application when the terminal application is a legal application. Compared with any terminal application in the prior art that can interact with mobile phone card applications and then interact with lower security, the present invention can identify terminal applications and only allow legitimate applications to access mobile phone card applications, thus improving the security of terminal applications. Security for interacting with mobile card applications.

附图说明Description of drawings

为了更清楚地说明本发明实施例中的技术方案，下面将对实施例描述中所需要使用的附图作简单地介绍，显而易见地，下面描述中的附图仅仅是本发明的一些实施例，对于本领域普通技术人员来讲，在不付出创造性劳动的前提下，还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings that need to be used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some embodiments of the present invention. For those skilled in the art, other drawings can also be obtained based on these drawings without creative effort.

图1为本发明实施例提供的移动终端的结构示意图；FIG. 1 is a schematic structural diagram of a mobile terminal provided by an embodiment of the present invention;

图2为本发明实施例提供的一种终端应用与手机卡应用交互的方法的流程示意图；FIG. 2 is a schematic flowchart of a method for interacting between a terminal application and a mobile phone card application provided by an embodiment of the present invention;

图3为本发明实施例提供的另一种终端应用与手机卡应用交互的方法的流程示意图；FIG. 3 is a schematic flowchart of another method for interacting between a terminal application and a mobile phone card application provided by an embodiment of the present invention;

图4为本发明实施例提供的协商会话密钥的方法的流程示意图；FIG. 4 is a schematic flowchart of a method for negotiating a session key provided by an embodiment of the present invention;

图5为本发明实施例提供的终端应用的安装过程示意图；FIG. 5 is a schematic diagram of an installation process of a terminal application provided by an embodiment of the present invention;

图6为本发明实施例提供的一种终端应用与手机卡应用交互的系统结构示意图；FIG. 6 is a schematic structural diagram of a system for interaction between a terminal application and a mobile phone card application provided by an embodiment of the present invention;

图7为本发明实施例提供的另一种终端应用与手机卡应用交互的系统的结构示意图。FIG. 7 is a schematic structural diagram of another system in which a terminal application interacts with a mobile phone card application according to an embodiment of the present invention.

具体实施方式Detailed ways

下面将结合本实施例中的附图，对本实施例中的技术方案进行清楚、完整地描述，显然，所描述的实施例仅仅是本发明一部分实施例，而不是全部的实施例。基于本发明中的实施例，本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例，都属于本发明保护的范围。The following will clearly and completely describe the technical solution in this embodiment with reference to the drawings in this embodiment. Obviously, the described embodiment is only a part of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

本发明实施例提供了一种终端应用与手机卡应用交互的方法，该方法应用于移动终端，如图1所示为本发明实施例提供的移动终端的逻辑结构示意图，该移动终端包括手机卡，移动终端中的运行环境可根据该手机卡分为手机卡环境和移动终端环境，这两个环境可以看做两个并列的环境，手机卡内主要包括机卡交互安全控制中间件、密钥生成模块以及各种手机卡应用；移动终端内主要包括机卡交互组件以及各种终端应用。此外，终端与手机卡之间通过自定义机卡接口进行交互，其中该自定义机卡接口为一种在GSM11.11规范定义的机卡交互接口的基础上，通过从软件层面的实现方式扩展GSM11.11规范定义的机卡接口的功能，满足终端应用与卡应用间交互的需求的交互接口，其具体实现过程可参考现有技术。移动终端中有些应用在手机卡环境下，有些应用在移动终端环境下，本实施例中将应用于移动终端中的应用称之为终端应用，应用于手机卡环境下的应用称之为手机卡应用。例如：常见的支付宝、微信、微博等应用为终端应用，移动支付应用、电子现金应用等应用为手机卡应用。The embodiment of the present invention provides a method for interacting between a terminal application and a mobile phone card application. The method is applied to a mobile terminal. As shown in FIG. , the operating environment in the mobile terminal can be divided into the mobile card environment and the mobile terminal environment according to the mobile phone card. These two environments can be regarded as two parallel environments. The mobile phone card mainly includes machine-card interaction security control middleware, key Generating modules and various mobile phone card applications; the mobile terminal mainly includes machine-card interaction components and various terminal applications. In addition, the terminal and the mobile phone card interact through a custom machine card interface, where the custom machine card interface is based on the machine card interaction interface defined in the GSM11. The function of the machine-card interface defined by the GSM11.11 specification is an interactive interface that meets the requirements for interaction between terminal applications and card applications, and its specific implementation process can refer to the existing technology. Some applications in the mobile terminal are in the mobile phone card environment, and some applications are in the mobile terminal environment. In this embodiment, the applications applied to the mobile terminal are called terminal applications, and the applications used in the mobile phone card environment are called mobile phone cards. application. For example: common applications such as Alipay, WeChat, and Weibo are terminal applications, and applications such as mobile payment applications and electronic cash applications are mobile phone card applications.

目前，终端应用的开发较为成熟，各种应用层出不穷，因而终端应用市场呈现出应用种类、数量多但鱼龙混杂的情况，其安全性较低。以目前应用广泛的基于Linux内核的Android操作系统为例，当恶意应用获得了系统最高权限(root权限)后，能够对终端中的任何文件(包括系统文件)执行所有增、删、改、查等操作，进而使得基于终端的机卡接口安全控制方案失效，增高机卡应用交互的风险。相对来说，手机卡环境较干净，且由于手机卡技术设计之初就充分考虑到了安全性需求，同时从软件与硬件层面协同构成了手机卡的安全体系，安全性远高于终端环境。鉴于手机卡的安全环境，本发明实施例在手机卡内增加了机卡交互安全控制中间件，用于识别终端应用是否为合法应用。如图2所示，该识别过程包括：At present, the development of terminal applications is relatively mature, and various applications emerge one after another. Therefore, the terminal application market presents a situation where there are many types and quantities of applications, but the situation is mixed, and its security is low. Taking the widely used Android operating system based on the Linux kernel as an example, when a malicious application obtains the highest authority of the system (root authority), it can perform all additions, deletions, changes, and queries on any file (including system files) in the terminal. And other operations, which in turn makes the terminal-based machine-card interface security control scheme invalid, increasing the risk of machine-card application interaction. Relatively speaking, the mobile phone card environment is relatively clean, and because the mobile phone card technology design has fully considered the security requirements at the beginning, and at the same time, the security system of the mobile phone card is composed of software and hardware, and the security is much higher than that of the terminal environment. In view of the security environment of the mobile phone card, the embodiment of the present invention adds machine-card interaction security control middleware in the mobile phone card to identify whether the terminal application is a legitimate application. As shown in Figure 2, the identification process includes:

201：机卡交互安全控制中间件接收机卡交互组件发送的请求消息，所述请求消息用于表示终端应用向目标手机卡应用发送的访问请求，所述请求消息包括所述终端应用的注册标识、所述目标手机卡应用的标识和所述终端应用的数字签名。201: A request message sent by the machine-card interaction security control middleware receiver card interaction component, the request message is used to indicate the access request sent by the terminal application to the target mobile phone card application, and the request message includes the registration identifier of the terminal application , the identification of the target mobile phone card application and the digital signature of the terminal application.

当终端应用发起访问手机卡应用的请求时，位于移动终端内部的机卡交互组件拦截该访问请求，并将该访问请求转发至手机卡内部的机卡交互安全控制中间件。When the terminal application initiates a request to access the mobile card application, the machine-card interaction component located inside the mobile terminal intercepts the access request, and forwards the access request to the machine-card interaction security control middleware inside the mobile phone card.

其中，终端应用的注册标识是终端应用开发者向运营商注册应用时获得的，该注册标识为应用包名与前版本的应用文件散列摘要的前8位组合而成。Wherein, the registration identifier of the terminal application is obtained when the terminal application developer registers the application with the operator, and the registration identifier is a combination of the application package name and the first 8 digits of the hash summary of the application file of the previous version.

每个终端应用都具备包括一对预先生成的公私密钥对的开发者数字签名证书，本步骤中的终端应用数字签名信息为终端应用的文件摘要经过开发者数字签名私钥加密后的字符串。Each terminal application has a developer's digital signature certificate including a pair of pre-generated public-private key pairs. The digital signature information of the terminal application in this step is the string of the terminal application's file digest encrypted by the developer's digital signature private key. .

目标手机卡应用是指终端应用想要访问的手机卡应用。The target mobile phone card application refers to the mobile phone card application that the terminal application wants to access.

202：机卡交互安全控制中间件根据所述终端应用的注册标识，获取预存储的数字签名公钥和所述终端应用的文件摘要。202: The machine-card interaction security control middleware acquires the pre-stored digital signature public key and the file abstract of the terminal application according to the registration identifier of the terminal application.

终端应用在安装时，通过后台应用平台向手机卡管理平台发起安装请求，手机卡管理平台将安装请求中包含的的终端应用的注册标识、终端应用的开发者数字签名公钥和终端应用的文件摘要等内容记录并以TLV(Type-length-value)结构存储至手机卡内。终端应用的安装过程见后文详述。When the terminal application is installed, it sends an installation request to the mobile phone card management platform through the background application platform, and the mobile phone card management platform will include the registration identifier of the terminal application, the digital signature public key of the developer of the terminal application and the file of the terminal application contained in the installation request. Contents such as summaries are recorded and stored in the mobile phone card in a TLV (Type-length-value) structure. The installation process of the terminal application is described in detail later.

203：机卡交互安全控制中间件通过所述数字签名公钥解密所述终端应用的数字签名，得到目标文件。203: The machine-card interaction security control middleware decrypts the digital signature of the terminal application through the digital signature public key to obtain the target file.

步骤201中所指的数字签名是终端应用通过开发者数字签名私钥将终端应用的文件摘要加密后的字符串。而步骤202中指明了手机卡内部的机卡交互安全控制中间件中保存有该终端应用的开发者数字签名公钥，本实施例中采用私钥加密，公钥解密的方式解密数字签名。The digital signature referred to in step 201 is a character string after the terminal application encrypts the file digest of the terminal application through the developer's digital signature private key. In step 202, it is indicated that the terminal application developer's digital signature public key is stored in the machine-card interaction security control middleware inside the mobile phone card. In this embodiment, the digital signature is decrypted by means of private key encryption and public key decryption.

204：机卡交互安全控制中间件判断所述目标文件与获取的所述终端应用的文件摘要的内容是否相同。204: The machine-card interaction security control middleware judges whether the content of the target file is the same as that of the acquired file summary of the terminal application.

如果解密后得到的终端应用的文件摘要和手机卡内部存储的该终端应用的文件摘要内容相同，则证明该终端应用为合法应用，允许该终端应用访问该目标手机卡应用，执行下述步骤205。If the file abstract of the terminal application obtained after decryption is the same as the file abstract of the terminal application stored in the mobile phone card, it is proved that the terminal application is a legal application, and the terminal application is allowed to access the target mobile phone card application, and the following step 205 is performed .

如果不相同，则机卡交互安全控制中间件向机卡交互组件返回禁止访问响应消息，并由机卡交互组件转发至终端应用以禁止终端应用访问目标手机卡应用。If not, the machine-card interaction security control middleware returns a prohibition response message to the machine-card interaction component, and the machine-card interaction component forwards it to the terminal application to prohibit the terminal application from accessing the target mobile phone card application.

205：如果相同，则机卡交互安全控制中间件向机卡交互组件返回允许访问响应消息，所述允许访问响应消息用于表示允许所述终端应用访问所述目标手机卡应用。205: If they are the same, the machine-card interaction security control middleware returns an access permission response message to the machine-card interaction component, where the access permission response message is used to indicate that the terminal application is allowed to access the target mobile phone card application.

机卡交互组件接收到该允许访问响应消息后再向终端应用转发该响应消息以便于终端应用访问该目标手机卡应用。After receiving the access permission response message, the machine-card interaction component forwards the response message to the terminal application so that the terminal application can access the target mobile phone card application.

本发明实施例提供的终端应用与手机卡应用交互的方法，在手机卡内增加机卡交互安全控制中间件，当接收到机卡交互组件转发的终端的请求消息时，该机卡交互安全控制中间件能够解密请求消息得到终端应用的摘要，将解密得到的摘要和预存储的该终端应用的摘要进行比对以确定该终端应用是否为合法应用，当终端应用为合法应用时才允许终端应用访问手机卡应用。与现有技术中的任意终端应用都能与手机卡应用进行交互进而交互的安全性较低相比，本发明能够对终端应用进行鉴别，仅允许合法应用访问手机卡应用，因而能够提高终端应用与手机卡应用交互的安全性。The method for interacting between a terminal application and a mobile phone card application provided by an embodiment of the present invention includes adding machine-card interaction security control middleware in the mobile phone card, and when receiving a terminal request message forwarded by the machine-card interaction component, the machine-card interaction security control The middleware can decrypt the request message to obtain the summary of the terminal application, compare the decrypted summary with the pre-stored summary of the terminal application to determine whether the terminal application is a legal application, and only allow the terminal application when the terminal application is a legal application Access the mobile card application. Compared with any terminal application in the prior art that can interact with mobile phone card applications and then interact with lower security, the present invention can identify terminal applications and only allow legitimate applications to access mobile phone card applications, thus improving the security of terminal applications. Security for interacting with mobile card applications.

此外，本发明的执行主体为位于手机卡内部的机卡交互安全控制中间件，随着手机卡技术的发展，通信手机卡的软硬件性能得到了提高，使得相对更安全的手机卡环境更适合部署机卡接口访问控制机制，能够更好地避免恶意软件对于验证机制的破坏，并能够基于手机卡的权限控制等安全机制为接口访问提供多层级的安全控制机制。In addition, the executive body of the present invention is the machine-card interaction security control middleware located inside the mobile phone card. With the development of mobile phone card technology, the software and hardware performance of the communication mobile phone card has been improved, making the relatively safer mobile phone card environment more suitable Deploying the machine card interface access control mechanism can better avoid malicious software from destroying the verification mechanism, and can provide a multi-level security control mechanism for interface access based on security mechanisms such as mobile phone card authority control.

为了进一步提高终端应用访问的安全性，本发明实施例中在判断终端应用为合法应用后，还需要进一步判断终端应用是否具备访问该目标手机卡应用的访问权限，只有当终端应用具备访问权限时，才允许终端应用访问该目标手机卡应用。因而当判断到所述目标文件与获取的所述终端应用的文件摘要内容相同之后，如图3所示，该方法还包括：In order to further improve the security of terminal application access, after judging that the terminal application is a legitimate application in the embodiment of the present invention, it is necessary to further determine whether the terminal application has the access authority to access the target mobile phone card application. Only when the terminal application has the access authority , to allow the terminal application to access the target mobile card application. Therefore, after it is determined that the target file is the same as the acquired file summary content of the terminal application, as shown in FIG. 3 , the method further includes:

301：机卡交互安全控制中间件根据所述终端应用的注册标识和所述目标手机卡应用的标识，获取所述终端应用的访问权限。301: The machine-card interaction security control middleware acquires the access authority of the terminal application according to the registration identifier of the terminal application and the identifier of the target mobile phone card application.

终端应用的注册标识，终端应用的访问权限同样是在终端应用注册过程中生成的。The registration identifier of the terminal application and the access authority of the terminal application are also generated during the registration process of the terminal application.

在终端应用安装过程中，手机卡将每个终端应用的注册标识、每个手机卡应用的标识以及终端应用访问该手机卡应用的访问权限存储并记录成一条条的目录。During the installation process of the terminal application, the mobile phone card stores and records the registration identification of each terminal application, the identification of each mobile phone card application, and the access authority of the terminal application to access the mobile card application into an itemized directory.

302：当终端应用的访问权限满足预设条件后，机卡交互安全控制中间件向机卡交互组件返回允许访问响应消息，所述允许访问响应消息用于表示允许所述终端应用访问所述目标手机卡应用。302: When the access rights of the terminal application meet the preset conditions, the machine-card interaction security control middleware returns an access permission response message to the machine-card interaction component, and the access permission response message is used to indicate that the terminal application is allowed to access the target Mobile card application.

根据步骤301中获取到的终端应用的访问权限，当终端应用具备访问该目标手机卡应用的权限时，允许终端应用访问该目标手机卡应用，否则认为终端应用权限不足，拒绝其交互请求。According to the access authority of the terminal application obtained in step 301, when the terminal application has the authority to access the target mobile card application, the terminal application is allowed to access the target mobile card application; otherwise, the terminal application is deemed to have insufficient authority and its interaction request is rejected.

当终端应用为合法应用且具备访问目标手机卡应用的访问权限后，终端应用可以与目标手机卡应用进行交互。为了提高交互过程中的安全性，防止对机卡接口指令的监听处于终端环境下的机卡交互组件与处于手机卡内的机卡交互安全控制中间件协商会话密钥和会话验证索引的过程，采用该会话密钥对交互过程中的指令(既包括数据指令也包括命令指令)进行对称加密的方式实现会话加密。After the terminal application is a legitimate application and has the access authority to access the target mobile phone card application, the terminal application can interact with the target mobile phone card application. In order to improve the security during the interaction process and prevent the machine-card interface commands from being monitored, the machine-card interaction component in the terminal environment and the machine-card interaction security control middleware in the mobile phone card negotiate the process of session key and session verification index, Session encryption is realized by using the session key to symmetrically encrypt instructions in the interaction process (including both data instructions and command instructions).

因而在允许所述终端应用访问所述目标手机卡应用之后，该方法还包括终端应用与手机卡应用协商确定会话密钥和会话验证索引的过程，如图4所示，该方法包括：Therefore, after the terminal application is allowed to access the target mobile phone card application, the method also includes a process in which the terminal application negotiates with the mobile card application to determine the session key and the session verification index, as shown in Figure 4, the method includes:

401：机卡交互组件生成随机数并通过预读取的接口加密公钥加密所述随机数，得到第一加密数据。401: The machine-card interaction component generates a random number and encrypts the random number with a pre-read interface encryption public key to obtain first encrypted data.

其中，此处所指的接口加密公钥和下文中所指的接口加密私钥为一对密钥对，既可以由图1中所示的位于手机卡内部的密钥生成模块生成，也可以在手机卡的制造过程中直接灌入卡片中。机卡交互组件仅可以读取该接口加密公钥，但无法读取接口加密私钥。当插入手机卡的终端开机时，终端内的机卡交互组件便可读取该接口加密公钥。Among them, the interface encryption public key referred to here and the interface encryption private key referred to below are a pair of key pairs, which can be generated by the key generation module located inside the mobile phone card shown in Figure 1, or can be It is poured directly into the card during the manufacturing process of the mobile phone card. The machine-card interaction component can only read the interface encryption public key, but cannot read the interface encryption private key. When the terminal inserted into the mobile phone card is turned on, the machine-card interaction component in the terminal can read the encrypted public key of the interface.

此外，机卡交互组件还将保存生成的该随机数。为了便于描述，文中以S₁表示该随机数。In addition, the machine-card interaction component will also save the generated random number. For the convenience of description, the random number is_denoted by S1 in this paper.

402：机卡交互组件向所述机卡交互安全控制中间件发送所述第一加密数据。402: The machine-card interaction component sends the first encrypted data to the machine-card interaction security control middleware.

除了发送该第一加密数据外，机卡交互组件还需要向机卡交互安全控制中间件发送终端应用的注册标识和目标手机卡应用标识，目的是为了便于机卡交互安全控制中间件知道哪个终端应用想要访问哪个手机卡应用以及后续过程中生成会话验证索引以及确定会话验证索引与终端应用注册标识、目标手机卡应用标识的一一对应关系。In addition to sending the first encrypted data, the machine-card interaction component also needs to send the registration identifier of the terminal application and the target mobile phone card application identifier to the machine-card interaction security control middleware, in order to facilitate the machine-card interaction security control middleware to know which terminal Which mobile phone card application the application wants to access and generate a session verification index in the subsequent process, and determine the one-to-one correspondence between the session verification index and the terminal application registration identifier and the target mobile phone card application identifier.

403：机卡交互安全控制中间件通过预存储的接口加密私钥解密所述第一加密数据，得到第一解密数据。403: The machine-card interaction security control middleware decrypts the first encrypted data through the pre-stored interface encryption private key to obtain the first decrypted data.

理论上说，步骤401和步骤402是采用接口加密公钥加密产生的随机数，步骤403是利用接口加密私钥解密加密后的随机数，得到的应当是随机数S₁。Theoretically speaking, step 401 and step 402 are to use the interface encryption public key to encrypt the random number, and step 403 is to use the interface encryption private key to decrypt the encrypted random number, and the obtained random number should be S₁ .

404：机卡交互安全控制中间件计算所述第一解密数据的散列值，并将所述散列值经所述第一解密数据加密后，得到第二加密数据。404: The machine-card interaction security control middleware calculates a hash value of the first decrypted data, and encrypts the hash value with the first decrypted data to obtain second encrypted data.

机卡交互安全控制中间件调用散列计算模块计算第一解密数据的散列值，记为S₂，随后将该散列值S₂作为会话验证索引与终端应用注册标识、目标手机卡应用标识绑定，作为标识交互会话的安全识别符并将当前使用的会话验证索引S₂保存于手机卡内，直到本次会话结束或生成新的会话验证索引；此外，将S₂经第一解密数据加密后返回机卡交互组件。The machine-card interaction security control middleware invokes the hash calculation module to calculate the hash value of the first decrypted data, which is recorded as S₂ , and then the hash value S₂ is used as the session verification index, terminal application registration identifier, and target mobile phone card application identifier Binding, as a security identifier for identifying an interactive session and saving the currently used session verification index S2 in the mobile phone card until the end of this session or generating a new session verification index_; in addition, the first_decrypted data of S2 After encryption, return to the machine-card interaction component.

405：机卡交互安全控制中间件向机卡交互组件发送第二加密数据。405: The machine-card interaction security control middleware sends the second encrypted data to the machine-card interaction component.

406：机卡交互组件使用所述随机数解密所述第二加密数据，得到第二解密数据。406: The machine-card interaction component decrypts the second encrypted data by using the random number to obtain second decrypted data.

407：机卡交互组件计算所述随机数的散列值，将所述随机数的散列值与所述第二解密数据进行比较。407: The machine-card interaction component calculates a hash value of the random number, and compares the hash value of the random number with the second decrypted data.

408：如果所述散列值与所述第二解密数据相同，则将所述随机数作为所述终端应用与所述目标手机卡应用的会话密钥，所述会话密钥用于加密所述终端应用与所述目标手机卡应用的交互数据。此外，将该随机数的散列值作为此次交互过程中的会话验证索引，所述会话验证索引用于当多个终端应用在同一时间段内与手机卡应用发生交互时，用以区分该交互使用的是哪组会话密钥。即交互过程中是以“指令密文+会话验证索引明文”的方式传输，卡端根据会话验证索引确定使用哪个会话密钥解密密文。408: If the hash value is the same as the second decrypted data, use the random number as a session key between the terminal application and the target mobile phone card application, and the session key is used to encrypt the Interaction data between the terminal application and the target mobile phone card application. In addition, the hash value of the random number is used as a session verification index in this interaction process, and the session verification index is used to distinguish the terminal application when multiple terminal applications interact with the mobile phone card application within the same time period. Which set of session keys to use interactively. That is, the interaction process is transmitted in the form of "instruction ciphertext + session verification index plaintext", and the card side determines which session key to use to decrypt the ciphertext according to the session verification index.

在会话密钥和会话验证索引协商成功后，终端应用与手机卡应用便可以利用该会话密钥进行交互，该过程为：After the negotiation of the session key and the session verification index is successful, the terminal application and the mobile card application can use the session key to interact. The process is as follows:

机卡交互组件使用会话密钥加密，将加密后的指令密文与终端应用注册标识、会话验证索引通过自定义机卡接口发送至机卡交互安全控制中间件。The machine-card interaction component uses the session key to encrypt, and sends the encrypted command ciphertext, terminal application registration identifier, and session verification index to the machine-card interaction security control middleware through the custom machine-card interface.

机卡交互安全控制中间件校验会话验证索引与终端应用注册标识、目标手机卡应用的标识的对应关系正确后，使用与该会话验证索引对应的会话密钥解密指令密文，将解密后的指令转发至目标手机卡应用。After the machine-card interaction security control middleware checks that the corresponding relationship between the session verification index and the terminal application registration identifier and the target mobile phone card application identifier is correct, use the session key corresponding to the session verification index to decrypt the instruction ciphertext, and decrypt the decrypted The instruction is forwarded to the target mobile phone card application.

机卡交互安全控制中间件接收目标手机卡应用返回的上行指令，加密指令，将密文通过自定义机卡接口发送至机卡交互组件。The machine-card interaction security control middleware receives the uplink command returned by the target mobile phone card application, encrypts the command, and sends the ciphertext to the machine-card interaction component through the custom machine-card interface.

机卡交互组件使用会话密钥解密接收到的密文，将解密后得到的数据发送至终端应用。这样，终端应用和目标手机卡应用完成一次交互。The machine-card interaction component uses the session key to decrypt the received ciphertext, and sends the decrypted data to the terminal application. In this way, the terminal application completes an interaction with the target mobile phone card application.

每次会话结束后，需要重置会话密钥与会话验证索引，可在下一次会话发起时重新生成。After each session ends, the session key and session verification index need to be reset, which can be regenerated when the next session is initiated.

为了更清楚的说明步骤202和步骤301，本实施例还提供了终端应用的安装过程，在终端应用的安装过程中，终端应用通过后台应用平台向手机卡管理平台发起安装请求，并根据该安装请求中的消息生成或者存储终端应用和手机卡应用交互过程中需要的一些信息。如图5所示，该过程包括：In order to illustrate step 202 and step 301 more clearly, this embodiment also provides the installation process of the terminal application. During the installation process of the terminal application, the terminal application initiates an installation request to the mobile phone card management platform through the background application platform, and according to the installation The message in the request generates or stores some information needed during the interaction between the terminal application and the mobile card application. As shown in Figure 5, the process includes:

501：手机卡管理平台接收所述终端应用的安装请求消息，所述安装请求消息包括所述终端应用的注册标识、所述目标手机卡应用的标识、所述终端应用的数字签名公钥和文件摘要。501: The mobile phone card management platform receives the installation request message of the terminal application, and the installation request message includes the registration identifier of the terminal application, the identifier of the target mobile phone card application, the digital signature public key of the terminal application, and the file Summary.

502：手机卡管理平台将所述终端应用的注册标识、所述终端应用的数字签名公钥和所述文件摘要写入手机卡内的第一存储空间。502: The mobile phone card management platform writes the registration identifier of the terminal application, the digital signature public key of the terminal application, and the file abstract into the first storage space in the mobile phone card.

其中，该第一存储空间位于手机卡内的文件系统存储空间中。Wherein, the first storage space is located in the file system storage space in the mobile phone card.

503：手机卡管理平台将所述终端应用的注册标识、所述目标手机卡应用的标识和所述终端应用访问所述目标手机卡应用的访问权限写入手机卡内的第二存储空间。503: The mobile phone card management platform writes the registration identifier of the terminal application, the identifier of the target mobile phone card application, and the access right of the terminal application to the target mobile phone card application into the second storage space in the mobile phone card.

该第二存储空间同样位于手机卡内的文件系统存储空间中。The second storage space is also located in the file system storage space in the mobile phone card.

作为上述各图所示方法的补充和细化，本实施例还提供了一种终端应用与手机卡应用交互的系统，如图6所示，该系统包括机卡交互安全控制中间件601和机卡交互组件602，其中，As a supplement and refinement of the methods shown in the above figures, this embodiment also provides a system for interaction between terminal applications and mobile card applications, as shown in Figure 6, the system includes machine-card interaction security control middleware 601 and machine-card interaction card interaction component 602, wherein,

所述机卡交互安全控制中间件601，用于接收所述机卡交互组件602的转发的终端应用向目标手机卡应用发送的请求消息，所述请求消息包括所述终端应用的注册标识、所述目标手机卡应用的标识和所述终端应用的数字签名；The machine-card interaction security control middleware 601 is configured to receive the request message sent by the terminal application forwarded by the machine-card interaction component 602 to the target mobile phone card application, the request message including the registration identifier of the terminal application, the The identification of the target mobile phone card application and the digital signature of the terminal application;

所述机卡交互安全控制中间件601，还用于根据所述终端应用的注册标识，获取预存储的数字签名公钥和所述终端应用的文件摘要；The machine-card interaction security control middleware 601 is further configured to obtain a pre-stored digital signature public key and a file abstract of the terminal application according to the registration identifier of the terminal application;

所述机卡交互安全控制中间件601，还用于通过所述数字签名公钥解密所述终端应用的数字签名，得到目标文件；The machine-card interaction security control middleware 601 is also used to decrypt the digital signature of the terminal application through the digital signature public key to obtain the target file;

所述机卡交互安全控制中间件601，还用于判断所述目标文件与获取的所述终端应用的文件摘要的内容是否相同；The machine-card interaction security control middleware 601 is also used to determine whether the content of the target file is the same as that of the acquired file abstract of the terminal application;

所述机卡交互安全控制中间件601，还用于当所述目标文件与获取的所述终端应用的文件摘要的内容相同时，向所述机卡交互组件602返回允许访问响应消息，所述允许访问响应消息用于表示允许所述终端应用访问所述目标手机卡应用。The machine-card interaction security control middleware 601 is further configured to return an access permission response message to the machine-card interaction component 602 when the content of the target file is the same as the acquired file abstract of the terminal application, the The access permission response message is used to indicate that the terminal application is allowed to access the target mobile phone card application.

进一步的，所述机卡交互安全控制中间件601，还用于根据所述终端应用的注册标识和所述目标手机卡应用的标识，获取所述终端应用的访问权限；Further, the machine-card interaction security control middleware 601 is also used to obtain the access authority of the terminal application according to the registration identifier of the terminal application and the identifier of the target mobile phone card application;

所述机卡交互安全控制中间件601，还用于当所述终端应用的访问权限满足预设条件后，向所述机卡交互组件602返回允许访问响应消息，所述允许访问响应消息用于表示允许所述终端应用访问所述目标手机卡应用。The machine-card interaction security control middleware 601 is further configured to return an access permission response message to the machine-card interaction component 602 when the access authority of the terminal application satisfies a preset condition, and the access permission response message is used to Indicates that the terminal application is allowed to access the target mobile phone card application.

进一步的，所述机卡交互组件602，还用于生成随机数并通过预读取的接口加密公钥加密所述随机数，得到第一加密数据；Further, the machine-card interaction component 602 is also used to generate a random number and encrypt the random number with a pre-read interface encryption public key to obtain the first encrypted data;

所述机卡交互组件602，还用于向所述机卡交互安全控制中间件601发送所述第一加密数据；The machine-card interaction component 602 is further configured to send the first encrypted data to the machine-card interaction security control middleware 601;

所述机卡交互安全控制中间件601，还用于通过预存储的接口加密私钥解密所述第一加密数据，得到第一解密数据；The machine-card interaction security control middleware 601 is also used to decrypt the first encrypted data through the pre-stored interface encryption private key to obtain the first decrypted data;

所述机卡交互安全控制中间件601，还用于计算所述第一解密数据的散列值，并将所述散列值经所述第一解密数据加密后，得到第二加密数据；The machine-card interaction security control middleware 601 is also used to calculate a hash value of the first decrypted data, and encrypt the hash value with the first decrypted data to obtain second encrypted data;

所述机卡交互安全控制中间件601，还用于向所述机卡交互组件602发送所述第二加密数据；The machine-card interaction security control middleware 601 is further configured to send the second encrypted data to the machine-card interaction component 602;

所述机卡交互组件602，还用于使用所述随机数解密所述第二加密数据，得到第二解密数据；The machine-card interaction component 602 is further configured to use the random number to decrypt the second encrypted data to obtain second decrypted data;

所述机卡交互组件602，还用于计算所述随机数的散列值，将所述随机数的散列值与所述第二解密数据进行比较；The machine-card interaction component 602 is further configured to calculate a hash value of the random number, and compare the hash value of the random number with the second decrypted data;

所述机卡交互组件602，还用于当所述摘要值与所述第三数值相同时，将所述随机数作为所述终端应用与所述目标手机卡应用的会话密钥，所述会话密钥用于加密所述终端应用与所述目标手机卡应用的交互数据。The machine-card interaction component 602 is further configured to use the random number as a session key between the terminal application and the target mobile phone card application when the summary value is the same as the third value, and the session The key is used to encrypt the interaction data between the terminal application and the target mobile phone card application.

进一步的，如图7所示，所述系统还包括密钥生成模块701，用于生成所述接口加密公钥和所述接口加密私钥。Further, as shown in FIG. 7 , the system further includes a key generation module 701 configured to generate the interface encryption public key and the interface encryption private key.

本发明实施例提供的终端应用与手机卡应用交互的系统，在手机卡内增加机卡交互安全控制中间件，当接收到请求消息时，该机卡交互安全控制中间件能够解密请求消息得到终端应用的摘要，将解密得到的摘要和预存储的该终端应用的摘要进行比对以确定该终端应用是否为合法应用，当终端应用为合法应用时才允许终端应用访问手机卡应用。与现有技术中的任意终端应用都能与手机卡应用进行交互进而交互的安全性较低相比，本发明能够对终端应用进行鉴别，仅允许合法应用访问手机卡应用，因而能够提高终端应用与手机卡应用交互的安全性。In the system for interaction between terminal applications and mobile phone card applications provided by the embodiments of the present invention, machine-card interaction security control middleware is added in the mobile phone card. When a request message is received, the machine-card interaction security control middleware can decrypt the request message to obtain the terminal Application summary, compare the decrypted summary with the pre-stored summary of the terminal application to determine whether the terminal application is a legal application, and only allow the terminal application to access the mobile card application when the terminal application is a legal application. Compared with any terminal application in the prior art that can interact with the mobile phone card application and then interact with lower security, the present invention can identify the terminal application and only allow legal applications to access the mobile phone card application, thus improving the security of the terminal application. Security for interacting with mobile card applications.

通过以上的实施方式的描述，所属领域的技术人员可以清楚地了解到本发明可借助软件加必需的通用硬件的方式来实现，当然也可以通过硬件，但很多情况下前者是更佳的实施方式。基于这样的理解，本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来，该计算机软件产品存储在可读取的存储介质中，如计算机的软盘，硬盘或光盘等，包括若干指令用以使得一台计算机设备(可以是个人计算机，服务器，或者网络设备等)执行本发明各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be realized by means of software plus necessary general-purpose hardware, and of course also by hardware, but in many cases the former is a better embodiment . Based on this understanding, the essence of the technical solution of the present invention or the part that contributes to the prior art can be embodied in the form of a software product, and the computer software product is stored in a readable storage medium, such as a floppy disk of a computer , a hard disk or an optical disk, etc., including several instructions for enabling a computer device (which may be a personal computer, server, or network device, etc.) to execute the methods described in various embodiments of the present invention.

以上所述，仅为本发明的具体实施方式，但本发明的保护范围并不局限于此，任何熟悉本技术领域的技术人员在本发明揭露的技术范围内，可轻易想到变化或替换，都应涵盖在本发明的保护范围之内。The above is only a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Anyone skilled in the art can easily think of changes or substitutions within the technical scope disclosed in the present invention. Should be covered within the protection scope of the present invention.

Claims (8)

1. a terminal applies and Mobile phone card apply mutual method, it is characterized in that, described method is applied to mobile terminal, and described mobile terminal comprises machine card interactive component and the mutual security control middleware of machine card, the mutual security control middleware of described machine card is positioned at Mobile phone card, and described method comprises:

Described machine card mutual security control middleware receives the request message that described machine card interactive component sends, described request message is for representing the access request that terminal applies sends to the application of target mobile phones card, and described request message comprises the sign-on ID of described terminal applies, the mark of described target mobile phones card application and the digital signature of described terminal applies;

Described machine card mutual security control middleware, according to the sign-on ID of described terminal applies, obtains the digital signature PKI of pre-stored and the document of described terminal applies;

Described machine card mutual security control middleware, by the digital signature of terminal applies described in described digital signature public key decryptions, obtains file destination;

Described in described machine card mutual security control middleware judges, whether file destination is identical with the content of the document of the described terminal applies of acquisition;

If identical, then described machine card mutual security control middleware returns to described machine card interactive component and allows access response message, and described permission access response message allows described terminal applies to access the application of described target mobile phones card for representing.

2. terminal applies according to claim 1 and Mobile phone card apply mutual method, it is characterized in that,

After determining described file destination and be identical with the document content of the described terminal applies of acquisition, described method also comprises:

The mark that described machine card mutual security control middleware is applied according to the sign-on ID of described terminal applies and described target mobile phones card, obtains the access rights of described terminal applies;

When the access rights of described terminal applies meet pre-conditioned after, then described machine card mutual security control middleware returns described permission access response message to described machine card interactive component.

3. terminal applies according to claim 1 and 2 and Mobile phone card apply mutual method, it is characterized in that,

At described machine card mutual security control middleware to after described machine card interactive component returns described permission access response message, described method also comprises:

Described machine card interactive component generates random number and passes through random number described in the interface ciphering public key encryption of pre-read, obtains the first enciphered data;

Described machine card interactive component sends described first enciphered data to described machine card mutual security control middleware;

Described machine card mutual security control middleware, by described first enciphered data of interface ciphering private key deciphering of pre-stored, obtains the first data decryption;

Described machine card mutual security control middleware calculates the hashed value of described first data decryption, and by described hashed value after described first data decryption encryption, obtains the second enciphered data;

Described machine card mutual security control middleware sends described second enciphered data to described machine card interactive component;

Described machine card interactive component uses the second enciphered data described in described random nnrber decryption, obtains the second data decryption;

Described machine card interactive component calculates the hashed value of described random number, the hashed value of described random number and described second data decryption is compared;

If described hashed value is identical with described second data decryption, then using the session key that described random number is applied as described terminal applies and described target mobile phones card, the interaction data that described session key is applied for encrypting described terminal applies and described target mobile phones card.

4. terminal applies according to claim 3 and Mobile phone card apply mutual method, it is characterized in that, described mobile terminal also comprises the key production module being positioned at described Mobile phone card, described machine card mutual security control middleware receives the request message that described machine card interactive component sends, before, described method also comprises:

Described key production module generates described interface ciphering PKI and described interface ciphering private key.

5. terminal applies and Mobile phone card apply a mutual system, it is characterized in that, described system comprises the mutual security control middleware of machine card and machine card interactive component, wherein:

The mutual security control middleware of described machine card, for receiving the request message that described machine card interactive component sends, described request message is for representing the access request that terminal applies sends to the application of target mobile phones card, and described request message comprises the sign-on ID of described terminal applies, the mark of described target mobile phones card application and the digital signature of described terminal applies;

The mutual security control middleware of described machine card, also for the sign-on ID according to described terminal applies, obtains the digital signature PKI of pre-stored and the document of described terminal applies;

The mutual security control middleware of described machine card, also for the digital signature by terminal applies described in described digital signature public key decryptions, obtains file destination;

The mutual security control middleware of described machine card, also for judging that whether described file destination is identical with the content of the document of the described terminal applies of acquisition;

The mutual security control middleware of described machine card, also for when described file destination is identical with the content of the document of the described terminal applies of acquisition, return to described machine card interactive component and allow access response message, described permission access response message allows described terminal applies to access the application of described target mobile phones card for representing.

6. terminal applies according to claim 5 and Mobile phone card apply mutual system, it is characterized in that,

The mutual security control middleware of described machine card, also for according to the sign-on ID of described terminal applies and the mark of described target mobile phones card application, obtains the access rights of described terminal applies;

The mutual security control middleware of described machine card, also for meet when the access rights of described terminal applies pre-conditioned after, return described permission access response message to described machine card interactive component.

7. the terminal applies according to claim 5 or 6 and Mobile phone card apply mutual system, it is characterized in that,

Described machine card interactive component, for generating random number and by random number described in the interface ciphering public key encryption of pre-read, obtaining the first enciphered data;

Described machine card interactive component, also for sending described first enciphered data to described machine card mutual security control middleware;

The mutual security control middleware of described machine card, also for described first enciphered data of interface ciphering private key deciphering by pre-stored, obtains the first data decryption;

The mutual security control middleware of described machine card, also for calculating the hashed value of described first data decryption, and by described hashed value after described first data decryption encryption, obtains the second enciphered data;

The mutual security control middleware of described machine card, also for sending described second enciphered data to described machine card interactive component;

Described machine card interactive component, also for using the second enciphered data described in described random nnrber decryption, obtains the second data decryption;

Described machine card interactive component, also for calculating the hashed value of described random number, compares the hashed value of described random number and described second data decryption;

Described machine card interactive component, also for when described hashed value is identical with described second data decryption, be the session key that described terminal applies and described target mobile phones card are applied by described random number, the interaction data that described session key is applied for encrypting described terminal applies and described target mobile phones card.

8. terminal applies according to claim 7 and Mobile phone card apply mutual system, it is characterized in that,

Described system also comprises key production module, for generating described interface ciphering PKI and described interface ciphering private key.