| 摘要 |
A smart card architecture includes a run-time environment, a card manager, one or more security domains, a provider application and an issuer application. One or more APIs provide communication. The life cycle of the card and card manager includes states: Pre-production, Ready, Initialized, Secured, Locked and Terminated. The life cycle of an application includes states: Installed, Selectable, Personalized, Blocked, Locked and Deleted. A card registry keeps track of card manager and application data elements. The functionality of a security domain on a smart card is extended to allow it to perform delegated management of smart card applications: delegated loading, installation and/or deletion of an application. A provider of an application is assured of more direct control and management of their application, yet an issuer still maintains some control over the management of the card. The card issuer empowers application providers to initiate changes to the issuer's smart cards that are pre-approved by the card issuer. A method of delegated loading of an application onto a smart card first receives a load command from an application provider via a card acceptance device. The load command includes an indication of an application to be loaded and an appended command authentication pattern. Next, the load command is verified using the command authentication pattern. Then, an application is received from an application provider via the card acceptance device; the application also includes an appended application authentication pattern which is used to verify the application. Finally, the application is loaded into memory of the smart card.
|
