1 Introduction
As the M1 smart card was cracked, not long ago, the Ministry of Industry and Information released the "Notice on Dealing with Serious Security Vulnerabilities in Some IC Cards", and various agencies and departments have carried out investigations and responses to the use of IC cards. jobs. In addition, as more and more gas stations are cheating and causing user trust problems, it is objectively necessary to actually introduce a trusted third party for substantive notarization. The electronic signature was not used for identity authentication during the transaction and did not comply with the Electronic Signature Law of the People's Republic of China. Therefore, no matter from which point of view, the self-service refueling terminal that originally used the M1 smart card must upgrade the card and the terminal. One of the upgrades is to replace the traditional M1 card with a more secure CPU smart card. The refueling terminal integrates the CPU smart card, which can realize the comprehensive operation of various current services, and can also be connected with the bank.
2 Smart card selection
In the industry, smart cards are usually divided into ordinary smart cards represented by M1 cards (ie, logically encrypted smart cards) and CPU smart cards with CPUs and operating systems.
2.1 M1 card crack
The M1 card is also a Mifare card, which integrates computer technology, automatic control technology, network communication technology, smart card technology, sensing technology, pattern recognition technology and mechatronics technology. The M1 card is a bus card commonly used in major cities in China, a campus card used by schools, a payment card for road use, and a consumption card for shopping mall restaurants. It accounts for 95% of China's contactless smart card market, and its card issuance has exceeded 150 million in China.
In 2009, there was never one thing that was more eye-catching than the M1 card was cracked, and the state organs were quickly moved. Recently, the Ministry of Industry and Information released the "Notice on Dealing with Serious Security Vulnerabilities in Some IC Cards", and all agencies and departments have carried out investigations and responses to the use of IC cards. In 2008, German researcher Henrik Protz and Dr. Karlsten Noel of Computer Science at the University of Virginia in the United States enjoyed the joy of success: they first used the computer to successfully crack the Mifare classic chip of MXP Semiconductors (M1 for short). Chip) security algorithm. After the M1 is cracked, if the data area is not encrypted, it is easily subject to data tampering. If the data area is encrypted, the defect of the copy card is difficult to avoid. Due to the high mobility of the gas station personnel, the problem of the card being copied cannot be avoided at all. According to international practice, once the card is copied and caused to consume, then the original holder must not be held liable. So upgrading the system has become an urgent task.
Therefore, a CPU smart card must be used instead of a normal M1 smart card.
2.2 CPU smart card selection
Smart Card (3), also known as IC card. The CPU card has a central processing unit (CPU), random access memory (RAM), program memory (ROM), data memory (EEPROM), and on-chip operating system COS (Chip Operating System). The CPU card is not just a single contactless card. , but an application platform with an on-chip operating system (COS). COS is used to protect data in the card, such as mutual authentication of users and systems, application sequence control and management, generation and transmission of random numbers, key management, encryption, decryption, and secure transmission of information. The CPU card with COS is equivalent to a microcomputer, which not only has the function of data storage, but also has the functions of command processing, calculation and data encryption. It has large amount of information, high security against anti-counterfeiting, offline operation, and multi-functional development. Etc. The CPU card is a true smart card is the SmartCard that people often say.
Due to the current security risks of logical encryption cards, it is imperative to vigorously promote CPU card applications. The relevant departments of the state have also done a lot of work. The IC Card Application Service Center of the Ministry of Construction has formulated two national industry standards in 2008, and applied three series of standards for urban interconnection cards to the Ministry of Construction. Therefore, the use of CPU smart cards on refueling terminals has become an inevitable choice.
3 card reader selection and installation
3.1 Card reader selection
In order to make the system compatibility better, the CPU smart card reader uses a PC/SC-based card reader [4]. The PC/SC specification was developed by a PC/SC working group composed of Microsoft and other world-renowned smart card vendors. The PC/SC specification is a standard user interface (AP1) based on the Windows platform, providing an integrated environment from a personal computer to a smart card (SmartCard), although so far, Windows is the only support for the PC/SC standard. The operating system platform, but due to the influence of Windows, the PC/SC specification is also accepted by the smart card industry. The PC/SC middleware was installed using an installation kit designed by the University of Applied Sciences Winterthur in Switzerland. It is worth noting that this middleware only provides basic PC/SC support and is more complicated to use. So in the actual application, the API is packaged and expanded on the basis of it. This is very beneficial to the development of the application. The vendor driver uses the Scr33 for linux9 driver provided by the vendor. This driver provides connectivity between hardware and PC/SC middleware. In the test, the authentication smart card temporarily used a more general-purpose smart card, but the COS and built-in algorithms made some changes, including the built-in standard DES algorithm.
3.2 Driver Installation
Usually, the terminal system works on the Linux platform, and the platform is taken as an example here. First you should log in as a ROOT user, and have compilation tools such as gcc.
First install the PC/SC middleware. Assume that the PC/SC package name is pcsc-lite-XYZtar.gz and XYZ is the version number. Please pay attention to the version number. It is best to read the README file to confirm whether it is suitable for your system and the specific installation process. In general, execute the following command:
Bash# tar -xvzf pcsc-lite-1.2.0.tar.gz
Bash# cd pcsc-lite-1.2.0
Bash# ./configure --enable-usb --enable-daemon
/ / Allow to run as a daemon. In this system, because you want to use smart cards for identity authentication, you must run as a daemon.
Bash# make
Bash# make install
It is worth noting that due to the continuous upgrade of the Linux system and the upgrade of the card itself, although the smart cards used are based on the PC/SC specification, the specific installation process is still troublesome. If you are using a new version of fedora 9, you can omit this step because of the built-in smart card driver. If the installation is not successful, please change to a different version of the driver. In this section, we must do more research, because few manufacturers provide relatively complete Linux9 support.
After installing the middleware. It is generally necessary to test. Run the executable pcscd - stdout &, and then use PSTREE to see if there is a pcscd daemon. If it does, it indicates that the installation of pcsc middleware has been completed.
then. Perform factory-driven installation. Under normal circumstances, according to the driver provided by the manufacturer, the installation can be generally successful. I won't go into details here.
3.3 PC/SC system service settings
Since the operating system needs to obtain the content of the smart card after the system is started, the pcscd daemon needs to be started automatically with the system. See the previous section for the introduction and installation process of pcscd. This section only describes how to add an existing program as a daemon that starts with the system.
(1) Write a pcscd script.
(2) Put pcscd in the /etc/init.d directory and execute the command cp -f pcscd /etc/init.d/
(3) Make a connection in the specified rc.d directory
Execute the command: ln -sf /etc/init.d/pcscd /etc/rc.d/rc$id/S94pcscd. Where $i indicates which startup level to run. In this system, it is necessary to run on the graphical interface, level 5, so i takes 5.
Restart the system, use the command pstree to see the pcscd daemon self-starting with the system.
4 Conclusion
So far, the design of the smart card system in the terminal is completed. In addition to the security of the CPU smart card, digital signatures can also be saved. Therefore, the self-service terminal access network is more legal, safe, stable, and non-repudiation.
Standard swing door cabinets is a model to your office.
They are made from high quality cold-rolled steel,all metal parts are phosphatised against rust and powder coated in different colors.
Full Height Swing Door Cupboard are suitable for general purpose in office, work places, home storage,keeping anything from office stationery to garage tools.
The standard feature of tall swing door cupboards are higed doors, 3-point locking system, and 2 to 4 adjustable shelves,and people also call them hinged door cabinets.
The external dimensions are usually in three sizes:Height 1850, 1200, 900 (mm)
Width 850, 900 (mm)
Depth 390, 400 (mm)
You always can get more choices in a manufacturer, sometimes two door storage cupboard with drawers are requested.
Black Metal Storage Cabinet,4 Shelf Metal Cabinet,Swing Cabinet for Sale
LUOYANG SHIDIU IMPORT AND EXPORT CO., LTD , https://www.shadowcabinete.com