At present, along with the fact that the application of the smart card is continuously increasing and becoming more and more popular, user needs to possess and carry more and more smart cards (such as, for example, the bank payment cards on internet, the electronic transaction card, the electronic traffic card, etc.). However, the number and kinds of the smart card continuously increasing not only improve the cost of using the smart card, but also make the management of the smart card more difficult.
Therefore, in order to overcome the foregoing problem, the Global Platform specification proposes a multi-application management model for the smart card. In the model, the Card Manager plays the role of a centralized administrator in the card, and said model comprises a issuer security domain, the main responsibility of which is performing the responsibility of the issuer on the card, that is, it can carry out the operations of loading, installing, deleting the application provided by the issuer or the corresponding application provider. The multi-application management model also comprises the application provider security domains (i.e. the security domain of the cooperator), which is primarily responsible for managing cryptographic keys and providing the encryption operation related to these cryptographic keys, which cryptographic keys are independent of the issuer security domain (i.e. not being controlled by the issuer security domain), thereby the complete separation between the key and the issuer and/or the multi-application providers can be ensured by creating the application provider security domain. It can be seen that in aforementioned multi-application management model, the privilege security domain (i.e. the issuer security domain) executes the management rights of the smart card, and other security domains are created under the authorization of the privilege security domain, and thus they are managed by the privilege security domain. However, along with the fact that the market of the smart card is gradually maturing and forming a larger scale, abovementioned multi-application management model cannot meet the requirements of the condominium and symbiotic relationship in the market and the service of the smart card, i.e. it cannot conform to the real environment which is non-centralized and of multi-party co-administration. Meanwhile, said multi-application management model also cannot meet the requirements of appropriately leaning the control rights of the card toward the cardholder.