| 摘要 |
The invention relates to a method for managing application security carried out with the aid of a security module associated with mobile equipment. The inventive method authenticates at least one application (APP) functioning in equipment (CB) which is connected by a network (NET) to a control server (CSE), said equipment (CB) being locally connected to a security module (SIM), said application (APP) being loaded and/or run by means of an application running environment (AEE) for the equipment (CB) and utilizing resources (RES) stored in the security module (SIM), comprising the following preliminary stages: receipt of data comprising at least one identifier (IMEISV) of the equipment (CB) and the identifier (IMSI) of the security module (SIM), via the network (NET), by the control server (CSE); analysis and verification by the control server (CSE) of said data; generation of a cryptogram (CRY) comprising an application (APP) imprint (FINI) of data identifying the equipment (CB) and the security module (SIM) and instructions (INS RES) for said module; transmission of the cryptogram(CRY), via the network (NET) and equipment (CB), to the security module (SIM); verification of the application (APP) by comparing the imprint (FINI) extracted from the cryptogram (CRY) received with an imprint (FIN2) which is determined by the security module (SIM). The inventive method is characterized in that, during initialization and/or activation of the application (APP), the security module (SIM) carries out the instructions (INS RES) extracted from the cryptogram (CRY) and releases or respectively blocks access to certain resources (RES) of said security module (SIM) according to the result of the verification, which is proper to said application (APP) and which was previously carried out. |
