信息安全研究 ›› 2016, Vol. 2 ›› Issue (5): 454-461.

• 技术应用 • 上一篇    下一篇

智慧校园一卡通系统安全研究

王永建   

  1. 中国通信建设集团设计院有限公司
  • 收稿日期:2016-05-17 出版日期:2016-05-15 发布日期:2016-05-17
  • 通讯作者: 王永建
  • 作者简介:硕士,高级工程师,主要研究方向为信息安全、信息检索、计算机应用. kingselfme@sina.com

Study on Security of Card System in Smart Campus

  • Received:2016-05-17 Online:2016-05-15 Published:2016-05-17

摘要: 为解决一卡通系统在智慧校园中的安全性问题,首先设计了一卡通系统架构,描述了各层功能.然后根据系统架构,分别从物理层、数据层、逻辑层分析了用户卡片和前端机具、数据访问、逻辑接口存在的安全风险,提出了安全防护方法、实现技术、注意事项.分析了传统存储卡中明文数据存储和运算的弊端,首次在前端机具中引入了同态加密与数据指针.该方案已运用在智慧校园一卡通的建设中,有效地提高了前端机具的数据安全性与处理效率.

关键词: CPU卡, 前端机具, 同态加密, 数据指针, Web服务

Abstract: It is increasingly important of the security for card system in smart campus. Firstly, it designs the system architecture of card system, and describes the function of each layer. Then, according to the system architecture, it analyzes the existing security risks about user card, foreterminal, data access and logical interface, respectively from physical layer, data layer and logic layer. It proposes the methods of security protection, implementation technology and the matters needing attention. By analyzing the disadvantages of data storage and operation of plaintext data in traditional memory card, for the first time, it introduces homomorphic encryption and data pointer in foreterminal. The scheme has been applied in the construction of card system in smart campus, and it effectively improves data security and processing efficiency of foreterminal.

Key words: CPU card, homomorphic encryption, foreterminal, data pointer, Web service