Research on multi-application smart card based on web technology
1 Introduction
With the rapid development of chip technology, smart cards, as an emerging application platform, have been widely used in many fields. The emergence of smart cards is a composite technology achievement of multidisciplinary technologies such as microelectronics, computers and information security. As a relatively mature high-tech product, the wide application of smart cards will improve the application level of the industry in many aspects. Currently, smart cards are mainly divided into three types: single application smart card, static multi-application smart card and dynamic multi-application smart card. There is only one application in the single application smart card. Its application is solidified in the smart card. It cannot be changed. The static multi-application smart card will cure multiple applications in the card before the card is issued. The application on the card cannot be added or deleted. . The dynamic multi-application smart card has multiple applications, which can dynamically delete, install, and update applications on the card after card issuance. Compared with the first two smart cards, the dynamic multi-application smart card has great advantages both in technology and in business.
The dynamic multi-application smart card has become a hot spot in the development of smart card technology because of its good portability, high security, dynamic multi-application and other technical features, as well as the potential advantages of improving the efficiency of the smart card application system and reducing the cost of issuing cards. Based on multi-application smart card and web technology oriented, this paper combines smart card and internet technology, proposes a web server technology to implement dynamic multi-application smart card, and studies some technologies that need to be solved by dynamic multi-application smart card based on web technology. The problem is given by the basic theoretical scheme.
2 web technology analysis and the feasibility of smart card implementation
2.1 web server technical analysis
The main function of the web server is to provide application services on the Internet. It originated in the 1980s, a master-slave distributed hypermedia system developed by the European quantum physics laboratory. Through the web server of the Internet, users can quickly and easily run remote applications and obtain related services and information by simply clicking through the browser.
The web server uses a client/server architecture. The server organizes and stores various application information and data, and executes the application logic flow in response to the request of the client software or transmits the resources required by the client from the server to the client platform.
The web server can run the business logic by interacting with the client's browser, and the page can be viewed by the client browser. The web server interacts with the browser using the http protocol, and the server has the function of parsing the http protocol. When the user connects to the server through a remote browser, an http request is sent. When the web server receives the request, it will return an http response according to the content of the request, such as sending back an HTML page. The server handles the request into many types. It may be that the read returns a static page or image, and may require more processing. The server generally includes various processing modules to handle various dynamic situations, such as processing ASP scripts and CGI scripts. , servlets, JSP scripts, etc., these modules produce dynamic results by real-time processing of requests and then submit them back to each web server. Eventually the web server will generate an HTML response back for browsing by the browser.
2.2 Smart Card Implementation Web Server Analysis
According to the protocol stack structure and corresponding functions of the traditional web server, the application layer protocol HTTP protocol is at the uppermost layer of the protocol. The client of the smart card is the same as the client of the traditional web application, that is, the standard browser, fully supports the HTTP protocol, and the server side That is to say, the processing capability of the smart card itself can fully support the resolution of the HTTP protocol; in terms of the transport layer, due to the limitation of the smart card structure, it cannot be connected to the network as an independent communication terminal, and needs to be attached to the terminal as a node on the network, and the terminal The direct connection with the network is equivalent to the connection of the traditional web server. The terminal is connected with the smart card through the smart card CAT related protocol, and both parts satisfy the reliable connection requirement of the transport layer; in the network layer, the terminal and the smart card as a whole use the terminal on the network. The IP address, as a network node, uses the same IP protocol as the traditional network; in the data link layer, the traditional network protocol is used between the terminal and the network, and the terminal and the card exchange data through the ISO7816-4 protocol; the physical layer, the terminal and the Use wireless or twisted pair between networks Connection, using the interface defined in ISO7816-3 connection between the terminal and the smart card. In summary, the data transmission and processing functions can be effectively solved at all levels of the web server protocol stack, so implementing a web server on a smart card is feasible.
3 smart card web server architecture design and implementation
3.1 Overall design
According to the composition of the traditional web server, the web server needs to have an effective connection with the network, that is, a network card device is required, and the physical structure of the smart card itself cannot be provided, that is, the smart card itself cannot be independently connected to the network as a node on the network. Therefore, it is necessary to provide a host device for the smart card, and borrow the capability of the host device to connect to the network, and the host device can make a PC, POS, mobile phone or other embedded device. The connection structure is a smart card connected to the host device, the device is connected to the external network, the smart card and the terminal device as a whole network node, the terminal provides functions such as data forwarding and protocol conversion, and the smart card provides the actual web server function. The connection between the terminal and the network is the same as that of the traditional Internet connection, and will not be described here; the connection between the smart card and the terminal is designed according to the protocol of the smart card, as shown in FIG. 1 .
.jpg)
3.2 Agent Design
As a node on the network, the terminal first needs to have a network card device to connect to the network. If you need to access the server locally, you need to embed a standard or tailored browser. As a connected smart card device, you need to install a PCSC-related driver. Finally, due to the smart card structure limitation, the smart card The protocol stack used is different from the traditional network protocol stack, so the terminal needs to install the agent software. The full name of the proxy server in English is Proxy Server, and its function is to proxy network users to obtain network information. The image says: It is a transit point for network information. In general, when we use a web browser to connect directly to other Internet sites to obtain network information, we must send a Request signal to get an answer, and then the other party will send the information back in bit mode. The proxy server is a server between the browser and the web server. After that, the browser does not directly go to the web server to retrieve the web page but sends a request to the proxy server, and the request signal is sent to the proxy server first. The proxy server retrieves the information needed by the browser and sends it to your browser [5].
The general proxy server mainly implements buffering and storage functions, and the smart card proxy server here has some differences from the general proxy server, mainly applying the basic definition of the proxy server and some additional functions required by the smart card server. As the bridge between the actual server smart card and the browser, the proxy server transfers the valid information transmitted on both sides, which requires the proxy server to effectively interact with the browser and effectively interact with the smart card. In addition, according to the smart card Some features of the web server need to add some specific functions to the terminal's proxy server.
3.3 card-side server design
First of all, from the perspective of hierarchy, the lowest layer of the smart card is its hardware composition, processor, memory, etc., then the driver of the hardware and interface [6]; the next is the operating system of the smart card, that is, COS, COS is shielded to the upper layer. The underlying hardware implementation supports the file system scheduling, upper layer protocols and applications of the smart card; the upper layer is divided into two branches: the traditional smart card application and the web server application in this article. For the branch to study the web server, the smart card A web server is implemented on the COS, and the upper layer of the specific smart card web application is supported by the web server. The overall level is shown in Figure 2:
.jpg)
For the smart card web server function, firstly, it is necessary to design the support of the smart card operating system for the web server and the module composition of the smart card web server to realize the mode, data transmission and the like. First, you need to implement interaction with the outside world, which requires a communication protocol stack. The data sent and received through the communication interface is distributed to the http engine through the state machine to process the data of the http layer. The support part of the http engine is composed of the http request parser, the processor, the CGI parser, the configurator, the database support, etc. Separately handle different aspects of content, and the unified support by the smart card operating system and file system.
4 web smart card dynamic multi-application technology implementation
4.1 Multi-application technology implementation
The application of the web server is realized by static or dynamic invocation of the webpage and program resources of the application layer. Through different logic calls and separations, there are innate multi-applications, and a combination of a series of resource files can constitute an application, and the server only needs to be completed. Logic and security isolation between different applications and the development of corresponding application portals can be achieved.
The design is implemented in the smart card as follows. Each ADF corresponds to a web application, and all the DFs and EFs owned by the application are included under the ADF. In any case, by accessing an ADF using the ADF's AID, the ADF can be selected as the current application and the root of the ADF is the current directory. This provides a logical isolation of the different application resource sequences through the ADF, and provides a logical entry for the application through the registration of the ADF in the MF index file. In terms of security, the ADF is the root directory of the application, so that it can specify the security attributes of the application using the PIN index on the smart card file system. Accessing the directory DF and the normal file EF under the ADF requires verification of the PIN, which facilitates the same Application security management and security isolation between different applications. The home directory manages the web application on the card through the application management file. Each web application corresponds to an ADF structure storage, and has a relatively independent file structure and security attributes [7].
4.2 Dynamic Technology Implementation
Dynamic application smart card refers to the ability to dynamically delete, install, and update applications on the card after card issuance. The traditional single-application smart card does not have dynamic technology because its application is bundled with the smart card COS in the form of the underlying c language program and downloaded to the smart card. This download is implemented by downloading the converted binary code directly. Parsed by a smart card processor, this application is not dynamic. To implement a dynamic smart card application, it is necessary to dynamically execute the application logic and strip out the functions of the processor executing the application logic by the upper framework module. The direct solution is to design the server script that the smart card can support, and design and develop the corresponding script parser. The parser can dynamically analyze the script to realize the application logic running at any time. This realizes the most basic problem of dynamic application. In addition, dynamic technology can dynamically delete, install and update web applications after card issuance. This function can directly convert upper-layer web application resource files into APDU commands by means of APDU commands. The sequence, written to the smart card file system for dynamic installation, deletion and update can also be similarly implemented [8].
5 Summary
This paper proposes a technical solution for implementing dynamic multi-application smart cards with web technology through the research of dynamic multi-application smart cards and web technologies. By implementing a lightweight web server on a smart card, the concept and function of the web server are used to provide multiple applications of the web application layer, and a solution to the important technical problems of the dynamic multi-application smart card based on web technology is proposed. It has a certain guiding significance for the new method of multi-application smart card research, and expands the breadth and implementation form of smart card application. However, the framework still has its shortcomings. The level of smart card application is promoted to the web application layer. The direct impact will increase the amount of application data. On the one hand, the additional data is caused by the increase of the protocol level. The web application itself needs a variety of large-capacity resources, which poses certain challenges to the storage capacity of the smart card, and further research is needed to be solved; in addition, the existing smart card interface has a relatively low transmission speed in the face of web applications. Large data volume transmission will result in a longer application response time, and further improvement in hardware technology is required to develop into an acceptable range. But to a certain extent, it will also accelerate the further development of smart card technology.
Copper Dish Rack,Copper Wire Dish Drainer,Copper Wire Dish Drying Rack,Copper Wire Dish Rack
Jiangmen Xinhui Siqian Xiangyu Metalwork Factory , https://www.xydryingrack.com