摘要: 在现有智能卡规范中,对于来自终端的访问缺少有效的安全访问控制管理,容易导致智能卡在使用过程中存在非法输入、重放攻击、旁路攻击、强制复位等安全风险。为此,对智能卡的应用过程进行分析,并对UCONABC访问控制模型的特点进行研究,提出一种基于UCONABC的智能卡访问控制管理方法。将基于UCONABC的访问控制管理子系统嵌入到智能卡内,把外部定义的访问控制策略写入卡内的策略库文件,从而灵活地控制外界访问,保护智能卡的安全应用。
关键词:
智能卡,
访问控制,
使用控制模型,
公钥基础设施,
卡片操作系统
Abstract: The current existing specifications of smart card lack effective security access control and management for the terminal access, and possibly cause some security risks in the use of smart card, including illegal input, replay attack, bypass attack, mandatory reset, and so on. In response to these security risks, this paper analyzes the application process of smart card, does some research on the feature of UCONABC access control model and gives a method of smart card access control management based on UCONABC. It embeds the subsystem of access control management into the smart card, and then writes the access control policy defined by external into the policy library file of the smart card, to realize effective access control flexibly, to ensure the secure application of the smart card. Results prove this method can be more secure to protect the real application of smart card.
Key words:
smart card,
access control,
usage control model,
Public Key Infrastructure(PKI),
card operating system
中图分类号:
胡善学, 胡永涛, 姚静晶, 周家晶. 基于UCONABC的智能卡分析与应用[J]. 计算机工程, 2011, 37(11): 167-169.
HU Shan-Hua, HU Yong-Chao, TAO Jing-Jing, ZHOU Jia-Jing. Analysis and Application of UCONABC-based Smart Card[J]. Computer Engineering, 2011, 37(11): 167-169.