大型城市一卡通系统线上应用方案

随着我国的信息化事业的迅猛发展,以Internet技术为基础的计算机网络已成为人们生活中最重要的基础设施之一,与此同时,智能卡（通常称为IC卡）也已在国民经济各部门、各行业以及各地区获得了广泛应用。我国电信、社会保障、交通、建设及公用事业、卫生、组织机构代码管理等领域应用的智能卡数量已经超过了40亿张,智能卡的广泛应用在促进政府与行业管理模式和工作方法的转变,推动国家经济与社会的协调发展,方便百姓生活,提高人民的信息化意识方面发挥了关键作用,做出了重大贡献。从Internet技术和智能卡技术入手,将两者相结合,提出了一个基于网络的大型城市一卡通系统线上交易与网上银行交互的应用方案。     

An overview of the GlobalPlatform smart card specification

Over the last five years smart card technology has changed considerably, both at the hardware and software level. More powerful microprocessors along with secure multi-application smart card operating systems provided the necessary functionality required by a large number of smart card applications. GlobalPlatform is considered among the leading multi-application smart card propositions that make an attempt to meet the requirements, for post issuance, issuer control, and interoperability. This article provides an overview of the GlobalPlatform card specification with an emphasis on its security functionality.     

智能卡硬件发展的关键技术探讨

随着电子商务活动的日益增多，智能卡在这些活动中的安全性与方便性也日益受到人们重视，但从智能卡本身来说，它所提供的功能并不能完全满足目前已有的应用需求，为了进一步完善智能卡技术，需要从硬件和软件两方面加以改进，文章仅从硬件的角度阐述智能卡发展的关键技术。     

高效的基于口令多服务器认证方案

随着计算机网络的快速发展,传统的单服务器认证方案存在明显的不足。如果一个远程用户想要从不同的服务器获得网络服务,则必须分别向这些服务器提交注册信息。为解决这个问题,研究者提出了多服务器认证方案。然而,大部分多服务器认证方案不能抵抗某些密码攻击或者计算复杂度太高。本文提出一种高效、安全的多服务器认证与密钥协商协议。由于智能卡和读卡器使得实现这类方案的成本较高,新方案没有使用智能卡。与相关的多服务器认证方案相比,新方案同时具有高效性和安全性,因而更适合在实际环境中应用。     

Recovering from a lost digital wallet: A smart cards perspective extended abstract

Multi-application smart cards enable a user to potentially have a diverse set of applications on her smart card. The growing trend of services convergence fuelled by Near Field Communication and smart phones has made multi-application smart cards a tangible reality. In such an environment, cardholders might have a number of applications on their smart cards and if a card is lost, all of the applications would be lost with it. In addition, consumers might decide to upgrade their smart cards and require a seamless and secure framework to migrate their applications from the old smart card to the new one. Currently, the recovery of a smart card-based service might take from a day to a week at best as each of the lost cards can only be replaced by the respective card issuer, during which time the card issuer might lose business from the user because she is not able to access the provisioned services. Similarly, there is at present no migration mechanism proposed for smart card applications. The proposed framework in this paper enables a user to acquire a new smart card as she desires and then migrate/restore all of her applications onto it—allowing her to recover from her lost digital wallet in a secure, efficient, seamless and ubiquitous manner.     

An object-based middleware supporting efficient interoperability on a smart home network

This paper proposes a novel object-based home network middleware for supporting the interoperability among home devices and smart grid devices. This middleware provides various types of abstract objects for flexible representation of heterogeneous home devices, which are classified based on their characteristics. It is also flexible enough to allow addition of new protocols and message conversion between different protocols through an abstraction layer, which are not supported by existing home network middlewares so that various protocols can be supported. As a result, it can be utilized to provide the interoperability among a variety of devices from sensors to typical home appliances as well as smart grid devices such as a home electric generator and a battery, which adopt different protocols. In order to demonstrate that home devices and smart grid devices are interoperable through the proposed middleware, we implement applications based on the middleware on a target platform consisting of embedded boards, sensors and laptops for emulation purposes of a home network. According to our emulation, this middleware can provide efficient interoperability among home devices and smart grid devices for future energy efficient home.     

Sony and DoCoMo join forces in FeliCa joint venture

Japanese consumer electronics giant Sony Corporation and NTT DoCoMo, Japan’s biggest mobile network operator, have announced a joint venture to develop new services based on mobile phones equipped with Sony’s contactless smart card technology FeliCa. The technology will allow consumers to charge their phones with credit and then electronically pay for products and services.Visit www.compseconline.com for the latest computer security industry news     

A strong user authentication scheme with smart cards for wireless communications

Seamless roaming over wireless network is highly desirable to mobile users, and security such as authentication of mobile users is challenging. Recently, due to tamper-resistance and convenience in managing a password file, some smart card based secure authentication schemes have been proposed. This paper shows some security weaknesses in those schemes. As the main contribution of this paper, a secure and light-weight authentication scheme with user anonymity is presented. It is simple to implement for mobile user since it only performs a symmetric encryption/decryption operation. Having this feature, it is more suitable for the low-power and resource-limited mobile devices. In addition, it requires four message exchanges between mobile user, foreign agent and home agent. Thus, this protocol enjoys both computation and communication efficiency as compared to the well-known authentication schemes. As a special case, we consider the authentication protocol when a user is located in his/her home network. Also, the session key will be used only once between the mobile user and the visited network. Besides, security analysis demonstrates that our scheme enjoys important security attributes such as preventing the various kinds of attacks, single registration, user anonymity, no password/verifier table, and high efficiency in password authentication, etc. Moreover, one of the new features in our proposal is: it is secure in the case that the information stored in the smart card is disclosed but the user password of the smart card owner is unknown to the attacker. To the best of our knowledge, until now no user authentication scheme for wireless communications has been proposed to prevent from smart card breach. Finally, performance analysis shows that compared with known smart card based authentication protocols, our proposed scheme is more simple, secure and efficient.     

Enhancing Innovation Capacity in SMEs through Early Network Relationships

Networks can offer SMEs a number of advantages, especially in terms of providing greater opportunities for knowledge activities that support innovation, but there is little in the literature to suggest how firms develop their innovation capacity through network participation. In this paper, we present an in‐depth longitudinal case study of a small entrepreneurial firm within the mobile‐commerce industry. A principal finding from the study is that network relationships formed during the earliest stages of the firm's life cycle played a critical role in developing the SME's capacity for sustained innovation. Further, the study contributes to network theory by calling into question the weak and strong tie dichotomy, as relationships critical to the SME's innovation capacity possessed characteristics of both types of ties. The paper also contributes to managerial practice by emphasizing the importance of establishing strong relationships in the earliest stages of network formation.     

Advances in network smart cards authentication

Smart cards have been widely used as simple token hardware in authenticationn processes. Nevertheless, a new trend indicates a shift towards more enhanced cards with networking capabilities. We propose revising the usual focus on smart card authentication protocol designs, as well as highlighting the need to adapt to new trends. Our main objective is to define an authentication model that uses the card as a stand-alone supplicant in a mutual end-to-end authentication schema. We also propose a protocol architecture which allows us to integrate the smart card within the network in the authentication plane. Finally, this new approach to network smart cards authentication processes is applied to a practical electronic payment scenario.     

Networking home entertainment devices with HAVi

The home audio/video interoperability (HAVi) architecture is a set of application programming interfaces (APIs), services, and an on-the-wire protocol specified by an industry initiative. HAVi facilitates multivendor interoperability between consumer electronics devices and computing devices and simplifies the development of distributed applications on home networks. The HAVi architecture strikes a balance between the demands of consumers and vendors by facilitating both device interoperability and the innovation and introduction of new features or refinements. A key feature of HAVi is that each physical device has an associated software proxy. Adding new proxies to a home system makes new features or devices accessible even to applications running on older devices     

通用智能卡数据采集器研究与实现

选用当前流行的STM32微控制器为硬件平台,利用智能卡芯片特有的ISO7816通信接口,设计了一款通用的智能卡数据采集系统。该系统通过STM32微控制器采集手机和智能卡之间的通信时钟来获取准确的位宽定时信号,并以相应的位宽间隔进行数据采样,从采样的数据中提取出手机与智能卡交互的PPS,从而达到自适应采集不同智能卡数据的功能。该系统具有硬件设计简单、通用性强、采集速度快、正确性和稳定性高等优点,极大地方便智能卡应用开发人员和业务维护人员的使用。目前该技术已投入实际使用,具有较好的应用前景和参考价值。     

ANTS: network services without the red tape

How well distributed computing systems perform depends a great deal on the network services used to move information among their machines. Yet despite this close correspondence, network services have evolved much more slowly than any other part of the distributed system environment. It is not that the networking community lacks innovative ideas: Internet Protocol version 6, Mobile IP, IP Multicast, and Integrated/Differentiated Services aim to support multimedia applications more effectively and to accommodate more hosts, many of them mobile. Unfortunately, progress in implementing these solutions lags far behind the identified need. The main problem is the way network protocols must change. First, network protocols are the main vehicle for achieving interoperability, so any candidate internetworking protocol has to become a standard. This means possibly years between the time someone identifies a need and the time everyone agrees on how to address it. Once the new protocol has been accepted, more delays occur because it has to be deployed manually and in a way that is compatible with the existing protocols. The paper discusses ANTS, a new approach to deploying network services, which bases interoperability on a programmable network model, not on individual networking protocols. The promise is automatic protocol upgrades, which can hasten progress toward a more responsive Internet     

Multiapplication smart card: Towards an open smart card?

Smart cards were invented four decades ago so as to keep data secrets and to process them secretly. Even though their main goal are still the same today, the smart cards have been subject to many evolutions at both their hardware and software levels. Indeed they have been the target of numerous attacks and new demands from the market. These demands have expanded their domains of application. When they were born and during some thirty years smart cards have been monolithic platforms with a fixed piece of software dedicated to one single application. But in the mid 90's, some technologies appeared that have broken this situation by enabling to easily host several applications on the same card. These new technologies have changed the business models and pushed the smart cards towards new domains and to a world where they will integrate lots of new functionalities.The aim of this paper is to give an overview of the evolution of the smart cards (and of their application domains) from monolithic static pieces of hardware and software to a flexible multiapplication platforms. This paper also explores the possibilities to see open multiapplication cards in the future and exposes the breakthroughs that are required to achieve in order to produce such cards.     

中国智能卡在交通和购物方面的应用分析

近两年,中国政府的便民工程和中国人的强劲消费力已经催生了智能购物卡在公交、购物、便民缴费等领域迅速而广泛的应用。全球智能卡支付市场呈稳步增长态势,并存在交易额增长快于用户数增长的情况。为了促进中国智能卡应用在用户中的深入推广,文章立足中国智能卡在交通、购物等具有中国特色的应用场景,探讨了中国智能卡应用的初步实践经验,以供智能卡从业人员交流借鉴。     

WLAN as easy as GSM

The WLAN Smart Card Consortium has released a comprehensive smart card specification — WLAN-SIM V0.1 — to allow hot spot operators to extend SIM technology for use in WLAN authentication. The purpose of the specification is to ensure interoperability between smart card providers, which is a key element for operators to provide roaming between hot spot providers.This is a short news story only. Visit www.compseconline.com for the latest computer security industry news.     

Fuelling market developments

Smart card industry developments associated with both EMV and contactless technology are now opening up new opportunities for customers in the oil and petroleum industries. The technology has the potential to be used for a diverse range of purposes from fleet management, to purchases, to customer loyalty. While the smart card technology industry is upbeat about the prospects for this market, some fuel providers report that they still need convincing that there is a good business case for adopting the technology.     

下一代移动通信网络控制管理关键技术

随着无线通信技术的进步,下一代移动通信网络呈现出异构、复杂的特点。同时,移动智能终端的普及使得用户应用从以桌面固定为主向以移动在线为主转移。无线化、泛在化的移动业务带来了海量、突发的数据传输需求。传统网络的控制管理已无法满足异构复杂的移动通信环境下用户随时随地获得高质量丰富多彩的移动业务的需求。因此有必要研究适合下一代移动通信网络的智能控制管理方法。本文将在考察移动通信网络控制管理的研究现状及面临挑战的基础上,分别从网络行为模型及架构、用户多维感知技术和基于感知的网络资源协同适配三个方面提出下一代移动通信网络控制管理的关键技术研究方向。     

Identifying opportunities

The last 12 months have seen the smart card industry notch up several new contracts in the national ID sector. As demand — and interest — in smart national ID cards grows, the industry is poised to benefit from the growing political impetus to provide additional applications on the smart card. However, in parts of the world, all these developments are occurring against a backdrop of concerns over the privacy implications of such technology.     

Visa launches first contactless EMV card

Visa Asia Pacific has announced the world's first contactless Visa smart card that is compatible with the global EMV smart card standard. The Visa Wave card eliminates the need for a signature and the need to hand the card to the cashier. The first cards are to be issued by MBF Cards in Malaysia.