智能与分布计算实验室
  PC/SC框架中的若干关键技术的研究
姓名 付秦华
论文答辩日期 2002.05.10
论文提交日期 2004.08.17
论文级别 硕士
中文题名 PC/SC框架中的若干关键技术的研究
英文题名 Research on Some Important Technology in PC/SC Framework
导师1 卢正鼎
导师2
中文关键词 智能卡;PC/SC;智能卡服务提供者;加密服务提供者
英文关键词 smart card;PC/SC;smart card service provider;crypto service provider
中文文摘 智能卡是保护电子商务客户端数据安全的最佳选择,并在各种电子商务的活动中得到了极其广泛的应用。为了顺应这种日益增长的智能卡应用需要,增强智能卡、智能卡操作系统、智能卡读写终端、操作系统以及上层应用之间的互操作性,提出了PC/SC(Interoperability Specification for ICCs and Personal Computer Systems)框架。智能卡服务提供者和加密服务提供者是PC/SC框架中的重要部件。 智能卡服务提供者向上层应用提供最基本的智能卡服务,它包括最基本的与智能卡通讯、智能卡认证、文件的访问以及其他行业相关的服务的封装。针对智能卡特殊的运行模型,类比web智能代理技术,采用缓存和预取技术提高智能卡的访问效率,提出了一种改进的LRU缓冲区置换策略;并借鉴数据库的事务模型,提出了智能卡事务模型,用于协调多个应用对串行的智能卡访问的关系。利用事务冲突图TCG对事务进行并发控制,并根据智能卡事务的特性提出了一种改进的FCFS算法对智能卡事务进行调度。 加密服务提供者向上层应用提供通用的加密服务,它包括加密服务对象的管理、加密服务对象的访问控制和各种加密服务等。主要讨论了在智能卡有限的存储空间下如何实现各种加密对象的高效的存储、在智能卡操作系统不支持文件删除的条件下如何实现对象的删除并根据加密服务的特性最大限度的减少删除后的碎片。对于加密服务对象的访问控制提出了R&T模型,并在会话管理中得到简单的实现。
英文文摘 Smart card seems to be the best solution to protect the sensitive data of client side in electronic commerce. It has been widely used in various activity of electronic commerce. PC/SC is a framework to specific the interoperability of smart card, smart card operation system, smart card reader, operation system an the top level applications. Smart card service provider and crypto service provider are two important parts in PC/SC framework. Smart card service provider provides the basic function of smart card, which involve the communication to the smart card, smart card authentication, file access, and other function of certain application scope. The execution model were analyzed, and compare to de web access smart agent, buffering and pre-get technology were used reduce the communication times to smart card. An improved LRU arithmetic was used to decide which file would be swap out when the buffer size is limited. Smart card transaction model were discussed imitated the traditional database transaction model to conciliate the access to the smart card which is a serial token when multi-application work on the smart card synchronously. A TCG diagram was used to eliminate the conflict of different transactions that is current running. FCFS arithmetic where changed to fit the need for Smart card transaction schedule. Crypto service provider provides common crypto functions for up level applications. It involves the management of crypto service object, the access control of crypto service object, and general arithmetic of crypto. It mainly discuss how to store the crypto service object on limited smart card NVM, how to implement deleting crypto service object although the deleting of file is not supported by smart card operation system, how to reuse the fragment left after frequently create an delete objects, how to use the special features of crypto applications to reduce those fragment furthest. A R&T model was given to describe the access control of objects.