1、STD-BSI BS ISO/IEC 78Lb-7-ENGL 1999 m Lb24bb 0794785 358 m BS ISOAEC 7816-7:1999 BRITISH STANDARD Identification cards - Integrated circuit( s) cards with contacts - Part 7: Interindustry commands for Structured Cards Query Language (SCQU ICs 35.240.15 NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PER
2、MITTED BY COPYRIGHT LAW BS ISOLEC 7816-7:1999 been prepared under the direction of the DISC Board, was published under the authority of the Standards Committee and comes into effect on 15 September 1999 No. O BSI 09-1999 ISBN O 680 36119 X National foreword Date Comments This British Standard reprod
3、uces verbath ISOAEC 781 - present to the responsible international/European committee any enquiries on the interpretation, or proposais for change, and keep the UK interests informed; - monitm related international and European developments and promulgate them in the UK. A list of organizations repr
4、esented on this committee can be obtained on request to its secretary. Cross-references The British Standards which implement international or European publications referred to in this document may be found in the BSI Standards Catalogue under the section entitled “International Standards Correspond
5、ence Index”, or by using the “Find” facility of the BSI Standards Eleclronic Catalogue. A British Standard does not purport to include ail the necessary provisions of a contract. Users of British Standards are responsible for their correct application. Compliance with a British Standard does not of
6、itself confer immunity from legal obligations. Summary of pages This document comprises a front cover, an inside front cover, the ISOAEC title page, pages ii to v, a blank page, pages 1 to 36, an inside back cover and a back cover. The BSI copyright notice displayed in this document indicates when t
7、he document was last issued. - STD-BSI BS ISO/IEC 781b-7-ENGL 1999 D Lb2LibbS 079q787 120 BS ISO/IEC 7816-71999 INTERNATIONAL STANDARD ISOIIEC 781 6-7 First edition 1999-03-01 Identification cards - Integrated circuit(s) cards with contacts - Part 7: Interindustry commands for Structured Card Query
8、Language (SCQL) Cartes didentification - Cartes a circuit(s) integr(s) a contacts - Partie 7: Commandes intersectorielles pour langage dinterrogation de carte structure (SCQL) Reference number ISO/IEC 7816-7:1999(E) Contents 1 Scope 1 2 Normative references 1 3 Terms and definitions . 1 4 Symbols (a
9、nd abbreviated terms) 2 5 SCQL database concept . 2 5.1 SCQL database . 2 5.2 SCQL tables . 3 5.3 SCQL views . 4 5.4 SCQL system tables and dictionaries 5 5.5 SCQL user profiles . 7 6 SCQL related commands 7 6.1 General aspects 7 6.2 Grouping and encoding of commands . 8 6.3 Notation and special cod
10、ings 9 6.4 Status bytes . 10 6.5 Coding of identifiers . 11 6.6 Security attributes of tables, views and users . 12 6.7 Linking user ids to INSERT and UPDATE operations . 12 7 Database operations 12 7.1 CREATE TABLE 12 7.2 CREATE VIEW . 13 7.3 CREATE DICTIONARY 15 7.4 DROP TABLE . 16 7.5 DROP VIEW .
11、 17 STD=BSI BS ISOIIEC 78Lb-7-ENGi 1797 m Lb24bb7 079q787 TT3 BS ISOAEC 7816-7:1999 7.6 GRANT . 18 7.7 REVOKE . 19 7.8 DECLARE CURSOR 20 7.9 OPEN 22 7.10 NEXT 23 7.11 FETCH 23 7.12 FETCH NEXT . 24 7.13 INSERT . 25 7.14 UPDATE . 26 7.15 DELETE 27 8 Transaction management . 28 8.1 General concept 28 8
12、.2 Transaction operations 29 9 User management 31 9.1 General concept 31 9.2 User operations 32 Annex A (informative) Usage of SCQL operations 36 . 111 BS ISOAEC 7816-7:1999 Foreword IS0 (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form
13、 the specialized system for worldwide standardization. National bodies that are members of IS0 or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. IS0 and IEC te
14、chnical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with IS0 and IEC, also take part in the work. In the field of information technology, IS0 and IEC have established a joint technical committee, ISO/IEC JTC 1.
15、 Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an Intemational Standard requires approval by at least 75 % of the national bodies casting a vote. International Standard ISO/IEC 7816-7 was prepared by Joint Technica
16、l Committee ISO/IEC JTC 1, Information techno/ogy, Subcommitte SC 17, Identification cards and related devices. ISOAEC 7816 consists of the following parts, under the general title Identification cards - Integrated circuit(s) cards with contacts : - Part I: Physical characteristics - Part 2: Dimensi
17、ons and location of the contacts - Part 3: Electronic signals and transmission protocols - Part 4: Interindustry commands for interchange - Part 5: Numbering system and registration procedure for application identifiers - Part 6: Interindustry data elements - Part 7: Interindustry commands for Struc
18、tured Card Query Language (SCQL) - Part 8: Security related interindustry commands Annex A of this part of ISOAEC 7816 is for information only. iv STD*BSI BS ISO/IEC 78Lb-7-ENGL 1999 H LbZLibbS 079Li791 b51 BS ISODEC 7816-7:1999 Introduction This part of ISOAEC 7816 is one of a series of standards d
19、escribing the parameters for integrated circuit(s) cards with contacts and the use of such cards for international iterchange. These cards are identification cards intended for information exchange negotiated between the outside and the integrated circuit in the card. As a result of an information e
20、xchange, the card delivers information (computation results, stored data), and/or modifies its content (data storage, event memorization). During the preparation of this part of ISO/IEC 7816, information was gathered concerning relevant patents upon which application of this pari of ISO/IEC 7816 mig
21、ht depend. Relevant patents were identified in France, the patent holder is Gemplus. However, IS0 cannot give authoritative or comprehensive information about evidence, validity or scope of patents or like rights. The patent holder has stated that licenses will be granted in appropriate terms to ena
22、ble application of this part of ISOAEC 7816, provided that those who seek licenses agree to reciprocate. Further information is available from GEMPLUS B.P. 100 13881 GEMENOS CEDEX FRANCE V STD-BSI BS ISO/IEC 7Lb-7-ENGL 1979 lb2Libb9 0794792 598 m BS ISO/IEC 7816-7:1999 Identification cards - Integra
23、ted circuit(s) cards with contacts - Part 7: Interindustry commands for Structured Card Query Language (SCQL) 1 Scope This part of ISOAEC 7816 specifies - the concept of a SCQL database (SCQL = Structured Card Query Language based on SQL, see IS0 9075) and - the related interindustry enhanced comman
24、ds. 2 Normative references The following normative documents contain provisions which, through reference in this text, constitute provisions of this part of ISOAEC 7816. For dated references, subsequent amendments to, or revisions of, any of these publications do not apply. However, parties to agree
25、ments based on this part of ISO/IEC 7816 are encouraged to investigate the possibility of applying the most recent editions of the normative documents indicated below. For undated references, the latest edition of the normative document referred to applies. Members of IS0 and IEC maintain registers
26、of currently valid International Standards. ISO/IEC 9075:1992, information technology - Database languages - SQL2. ISOiIEC 781 6-4:1995, Information technology - Identification cards - Integrated circuit(s) cards with contacts - Part 4: Interindustry commands for interchange. ISO/IEC 7816-6:1996, Id
27、entification cards - Integrated circuit(s) cards with contacts - Part 6: Interindustry data elements. 3 Terms and definitions For the purposes of this part of ISO/IEC 7816, the following definitions apply. 3.1 database basic user SCQL user with no inherent rights 3.2 database file structured set of
28、database objects (tables, views, dictionaries) representing the content of a database 3.3 database object owner SCQL user with the.speciai right to create and drop objects and to manage privileges on these objects 3.4 database owner initial SCQL user which manages objects and users of the database 1
29、 3.5 dictionary view on a system table 3.6 system table table maintained by the card for managing the database structure and database access 3.7 table database object with a unique name and structured in columns and rows 3.8 view logical subset of a table 4 Symbols (and abbreviated terms) For the pu
30、rposes of this part of ISO/IEC 7816, the following abbreviations apply: APDU API DB DB-O DBBU DBF DBOO DF Do ICC IFD MF SCQL SQL TLV Application protocol data unit Application programming interface Database Database owner Database basic user Database file Database object owner Dedicated file Data ob
31、ject Integrated circuit(s) card Interface device Master file Structured card query language Structured query language Tag, length, value 5 SCQL database concept 5.1 SCQL database A database in a card according to this part of ISOAEC 7816 is called a SCQL database (SCQL = Structured Card Query Langua
32、ge), since the commands for accessing are based on SQL-functionality (see IS0 9075) and coded according to the principles of interindustry commands as defined in ISOAEC 7816-4. The database itself is a structured set of database objects called a database file DBF. Under a DF thare shall be not more
33、than one DBF which is accessible after selection of the respective OF. A database may be also directly attached to the MF. Fig.1 shows an example for the embedding of a database in the card. 2 STDOBSI BS ISO/IEC 78Lb-7-ENGL 1999 D Lb2LibbS 0794774 3bO H BS ISOAEC 7816-7:1999 I MF I r - 5 -.- -1 Appl
34、ication with a DFi I I database - -I - - - - - I I I 1 Database I Internal elementary files file I andor Any applicatioi Figure 1 - Application with a database in a multi-application card (example) An application system may interwork with a SQL database as well as with a SCQL database using the same
35、 SQL- API (API = Application Programming interface). Thus, a card carrying a SCQL database may appear as a part of a distributed SQL database environment. Fig. 2 shows a typical SQL configuration with a card integrated in the system design. Application System - soLzA_pI_ - - . SCQL- SQL- SQL- comnan
36、ds comnands data- comnands I -1 IFWICC interface Figure 2 - SCQL database as part of a distributed SQL database environment (example) 5.2 SCQL tables A SCQL database contains objects called tables, views and dictionaries. Each object can be referenced by a unique identifier. A table is a structured
37、data object with a unique name within a database. It consists of named columns and a sequence of rows. The number of rows may be conceptually unlimited (Le., only restricted by the available memory space in the card), or limited. The table and the main characteristics are shown in fig. 3. 3 BS ISODE
38、C 7816-71999 I Characteristics: - Table name: unique, max. 8 characters - No. of tables: not regulated by this standard - Column name in table: unique, max. 8 char. - No. of columns within a table: 1 - 15 - Max. no. of rows: not determined or fixed - Column size: O - 254 bytes, if not specified - Co
39、lumn data type: string Figure 3 - SCQL table (example) and its main Characteristics After creation the table structure is persistent, .e. neither an existing column can be withdrawn nor a new column can be inserted. On a table the following actions can be performed: - read (select) - insert - update
40、 - delete. 5.3 SCQLviews A view is a logical subset of a table, which defines the part of the table accessible. Two types of views are to be distinguished: - a view (see fig. 4), which by definition fixes the accessible columns, is called in this context a static view and - a view (see fig. 5), whic
41、h restricts the access to those rows whose contents matches defined conditions (e.9. to rows the value of which is greater 20), is called in this context a dynamic view. Static view wth access restriced to the 2nd and 3rd column Figure 4 - SCQL static view (example) 4 STD.BSI BS ISO/IEC 78Lb-7-ENGL
42、Lqqy Lb2LibbS 079q79b 133 BS ISO/IEC 7816-7:1999 Dynamic view with access restricted to rows where the content of the I row matches one or more defined conditions Figure 5 - SCQL dynamic view (example) A combination of static view and dynamic view in the same view definition is also possible. A view
43、 has like a table a unique name in a SCQL database. Several views may be defined on the same table. On a view the following actions can be performed: - read (select) - update. 5.4 SCQL system tables and dictionaries A system table is maintained by the card and contains information necessary to manag
44、e the database structure and access. There are three system tables: - the object description table (name *O) - the user description table (name *U) - the privilege description table (name *P) The object description table contains information about the tables and views stored in the database. The use
45、r description table contains information about the users which have access to the database. The privilege description table contains information about the privileges onto the database tables and views. Privileges describe which tables and views can be accessed by which users, and which actions can b
46、e performed by those users on the respective table or view. The figures 6 - 8 show the system tables with their mandatory columns. 5 O (Object description table) I OBJNAN OBJOWh OBJTYP OBJDES OBJOPT I I I I I Object Object Object Object name owner type descriptor (table (user id) (T = table, (column
47、 name or V = view) names in view case of name, table, unique) view de- finition in case of view) *U (User description table) USERID USRPRO USROWN USROPT I I I I Object options (secu- rity re- lated data objects, e.g. for authenti- cation) *P (Privege description table) OBJNAM OBJUSR USRPRI OBJOWN I
48、I I I L Note: This system table may contain additional implementation specific columns. Figure 6 - Object description table Figure 7 - User description table Figure 8 - Privilege description table 6 STD-BSI BS ISO/IEC 781b-7-ENGL 1999 m 1b2LibbS 079Li798 Tub m BS ISOAEC 7816-7:1999 For access to the
49、 information contained in the system tables, views on these system tables can be created. A view on a system table is called a SCQL dictionary. The only action which a user can perform on a dictionary is reading (select). 5.5 SCQL user profiles SCQL user profiles are characterized by special permissions. A user profile is attached to a user identifier stored in the user description table. Table 1 shows the profiles and the attached permissions. Table 1 - SCQL user profiles and attached permissions Iser latabase owner Database objec