主权项 |
1. A method of enforcing control of access by a device to a secure element hosted in the device, the secure element comprising a master security domain and at least one other security domain, each security domain storing one or more access rules, each access rule identifying at least one application of the secure element to control access to the application, the method comprising the following steps performed by an access rule application of the master security domain of the secure element:
receiving a request from the hosting device, for retrieving at least one access rule controlling access to at least one application of the secure element, from access rules stored in the secure element, the request including an identifier identifying the at least one application; outputting, to the hosting device, at least one access rule retrieved from the stored access rules, wherein the method further comprises enforcing the output access rule by an access control enforcer of the hosting device; characterized in that the method further comprises the following steps performed by the access rule application of the master security domain of the secure element, upon receiving the request: first determining, based on the identifier identifying the application in the request, a security domain to which the application belongs in the secure element from amongst the security domains of the secure element, and then, requesting only the determined security domain to search for an access rule identifying the application to control access to the application, only in the access rules stored in the determined security domain. |