HK40029679A - Information processing device, information processing method, and program - Google Patents
Information processing device, information processing method, and program Download PDFInfo
- Publication number
- HK40029679A HK40029679A HK62020019333.7A HK62020019333A HK40029679A HK 40029679 A HK40029679 A HK 40029679A HK 62020019333 A HK62020019333 A HK 62020019333A HK 40029679 A HK40029679 A HK 40029679A
- Authority
- HK
- Hong Kong
- Prior art keywords
- virtual machine
- information processing
- program
- information
- processing apparatus
- Prior art date
Links
Description
Technical Field
The present disclosure relates to an information processing apparatus, an information processing method, and a program.
Background
"a technique for incorporating an application program imitating another OS into a single Operating System (OS) and causing the other OS to operate in an execution environment of the single OS" has been developed. As the above-described technique, for example, a technique disclosed in the following patent document 1 is exemplified.
Further, "a technique regarding an OS that makes a plurality of applications work on a manageable multi-platform and can be activated in response to a command of the multi-platform" has been developed. As the above-described technique, for example, a technique disclosed in the following patent document 2 is exemplified.
In addition to this, the present invention is,
CITATION LIST
Patent document
Patent document 1: japanese patent application laid-open No. 2014-once 186747
Patent document 2: japanese patent application laid-open No.2013-168117
Disclosure of Invention
Problems to be solved by the invention
As a method for extending the functions of the device, for example, there is a method for causing a Virtual Machine (hereinafter, may be referred to as a Virtual Machine) to operate. The virtual machine according to the present embodiment is a virtual program execution environment. Hereinafter, there is a case where a computer program that causes a virtual machine to operate (i.e., a computer program that realizes processing in a virtual program execution environment) is referred to as a "VM program".
The present disclosure proposes an information processing apparatus, an information processing method, and a program that are novel and improved and that can improve the convenience of a device in which a virtual machine can operate.
Solution to the problem
According to the present disclosure, there is provided an information processing apparatus including a processing unit having a function for controlling execution of processing regarding a virtual machine, wherein a virtual machine program that causes the virtual machine to operate is associated with condition information including information indicating an area of a recording medium and indicating a condition for causing the virtual machine to operate, and a first electronic signature generated based on code of the virtual machine program and the condition information, and the processing unit controls execution of the processing regarding the virtual machine based on a result of confirmation of the first electronic signature associated with the virtual machine program.
Further, according to the present disclosure, there is provided an information processing apparatus including a processing unit having a function for causing a virtual machine to operate and a function for writing data based on a write command acquired from an external device, wherein a virtual machine program causing the virtual machine to operate is associated with condition information including information indicating an area of a recording medium and indicating a condition for causing the virtual machine to operate, in a case where the write command is acquired from the external device, the processing unit causes the virtual machine to operate in a case where the area indicated by a parameter of the write command is an area indicated by the condition information, determines whether all data writing performed based on the write command can be normally performed, writes data based on the write command when it is determined that all data writing can be normally performed, does not write data based on the write command when it is not determined that all data writing can be normally performed, and in the case where the virtual machine operates based on the write command, the data write based on the write command includes data write performed by the virtual machine program.
Further, according to the present disclosure, there is provided an information processing method executed by an information processing apparatus and including a step for controlling execution of processing regarding a virtual machine, wherein a virtual machine program that causes the virtual machine to operate is associated with condition information that includes information indicating an area of a recording medium and indicates a condition for causing the virtual machine to operate, and a first electronic signature generated based on code of the virtual machine program and the condition information, and in the controlling step, execution of processing regarding the virtual machine is controlled based on a confirmation result of the first electronic signature associated with the virtual machine program.
Further, according to the present disclosure, there is provided an information processing method executed by an information processing apparatus, the method including a step for causing a virtual machine to operate; and a step for writing data based on a write command acquired from an external apparatus, wherein a virtual machine program that causes a virtual machine to operate is associated with condition information that includes information indicating an area of the recording medium and indicates a condition for causing the virtual machine to operate, in a case where the write command is acquired from the external apparatus, the virtual machine is caused to operate in a case where an area indicated by a parameter of the write command is an area indicated by the condition information, in the step for performing writing, it is determined whether all data writing performed based on the write command can be normally performed, and data is written based on the write command when it is determined that all data writing can be normally performed; writing data based on the write command when it is not determined that all data writing can be normally performed; and in a case where the virtual machine operates by the step for operating the virtual machine, the data writing based on the write command includes data writing performed by the virtual machine program.
Further, according to the present disclosure, there is provided a program for causing a computer to realize a function for controlling execution of processing regarding a virtual machine, wherein the virtual machine program that causes the virtual machine to operate is associated with condition information including information indicating an area of a recording medium and indicating a condition for causing the virtual machine to operate, and a first electronic signature generated based on code of the virtual machine program and the condition information, and the control function controls execution of the processing regarding the virtual machine based on a result of confirmation of the first electronic signature associated with the virtual machine program.
Further, according to the present disclosure, a program for causing a computer to realize a function for operating a virtual machine and a function for writing data based on a write command acquired from an external apparatus, wherein the virtual machine program for operating the virtual machine is associated with condition information including information indicating a region of a recording medium and indicating a condition for operating the virtual machine, the function for operating the virtual machine operates the virtual machine in a case where the write command is acquired from the external apparatus, in a case where the region indicated by a parameter of the write command is a region indicated by the condition information, the function for performing writing determines whether all data writing performed based on the write command can be normally performed, and writes data based on the write command when it is determined that all data writing can be normally performed; and not writing data based on the write command when it is not determined that all data writes can be normally performed, and in a case where the function for operating the virtual machine causes the virtual machine to operate, the data writes based on the write command include data writes performed by the virtual machine program.
ADVANTAGEOUS EFFECTS OF INVENTION
According to the present disclosure, the convenience of a device in which a virtual machine can operate can be improved.
Note that the above-described effects are not necessarily limited, and any of the effects described in the present specification or other effects that can be found from the present specification may be obtained together with or instead of the above-described effects.
Drawings
Fig. 1 is an explanatory diagram illustrating an exemplary configuration of an information processing system according to the present embodiment.
Fig. 2 is a functional block diagram illustrating an exemplary configuration of an information processing apparatus according to the present embodiment.
Fig. 3 is an explanatory diagram illustrating an exemplary hardware configuration of the information processing apparatus according to the present embodiment.
Fig. 4 is an explanatory diagram illustrating an exemplary hardware configuration of the reader/writer according to the present embodiment.
Fig. 5 is an explanatory diagram for explaining an example of the operation of a Virtual Machine (VM) in the information processing apparatus according to the present embodiment.
Fig. 6 is an explanatory diagram for explaining an example of the operation of a Virtual Machine (VM) in the information processing apparatus according to the present embodiment.
Fig. 7 is an explanatory diagram for explaining an outline of an information processing method according to the first embodiment.
Fig. 8 is an explanatory diagram for explaining an outline of a first example of an information processing method according to the second embodiment.
Fig. 9 is an explanatory diagram for explaining an outline of a second example of the information processing method according to the second embodiment.
Fig. 10 is an explanatory diagram for explaining an outline of an information processing method according to the fifth embodiment.
Fig. 11 is an explanatory diagram for explaining a first example of a use case to which the information processing method according to the present embodiment is applied.
Fig. 12 is an explanatory diagram for explaining a first example of a use case to which the information processing method according to the present embodiment is applied.
Fig. 13 is an explanatory diagram for explaining a second example of a use case to which the information processing method according to the present embodiment is applied.
Fig. 14 is an explanatory diagram for explaining a second example of a use case to which the information processing method according to the present embodiment is applied.
Detailed Description
Hereinafter, preferred embodiments of the present disclosure will be described in detail with reference to the accompanying drawings. Note that in this specification and the drawings, components having substantially the same functional configuration are denoted by the same reference numerals, so that overlapping description is omitted.
Further, hereinafter, description will be made in the following order.
1. Information processing system according to the present embodiment and information processing method according to the present embodiment
[1] Configuration of information processing system according to the present embodiment
[1-1] information processing apparatus 100
[1-2] reader/writer 200
[1-3] application of each device included in the information processing system according to the present embodiment
Examples of the invention
[2] Processing based on the information processing method according to the present embodiment
[2-1] information processing method according to the first embodiment
[2-2] information processing method according to the second embodiment
[2-3] information processing method according to the third embodiment
[2-4] information processing method according to the fourth embodiment
[2-5] information processing method according to fifth embodiment
[2-6] information processing method according to other embodiments
[3] Example of effects obtained by using the information processing method according to the present embodiment
[4] Use case to which the information processing method according to the present embodiment is applied
[4-1] first example of use case: coupon provision by VM
[4-2] second example of use case: electronic money usage limit setting by VM
2. Program according to the present embodiment
(information processing system according to the present embodiment and information processing method according to the present embodiment)
Hereinafter, an example of the information processing system according to the present embodiment will be described first. Hereinafter, the information processing method according to the present embodiment will be described taking as an example a case where the information processing method is applied to the information processing system according to the present embodiment.
Further, hereinafter, a case where the information processing apparatus according to the present embodiment is an Integrated Circuit (IC) card will be mainly described as an example. Note that the information processing apparatus according to the present embodiment is not limited to the IC card. Another application example of the information processing apparatus according to the present embodiment will be described later.
[1] Configuration of information processing system according to the present embodiment
Fig. 1 is an explanatory diagram illustrating a configuration example of an information processing system 1000 according to the present embodiment. The information processing system 1000 includes, for example, the information processing apparatus 100 and the reader/writer 200.
Note that the configuration of the information processing system according to the present embodiment is not limited to the example shown in fig. 1. For example, the information processing system according to the present embodiment may include a plurality of information processing apparatuses 100. Further, the information processing system according to the present embodiment may include a plurality of reader/writers 200.
The information processing apparatus 100 and the reader/writer 200 communicate with each other by Near Field Communication (NFC) using, for example, a type, B type, F type, or the like.
Note that, in the information processing system according to the present embodiment, the information processing apparatus 100 and the reader/writer 200 can communicate with each other by, for example, "wireless communication using any communication method such as using ieee802.15.1 (such as Bluetooth Low Energy (BLE), wireless communication using IEEE802.11, infrared communication, or the like)" or "wired communication using communication via a Universal Serial Bus (USB) and a communication interface based on the ISO7816 standard, or the like".
[1-1] information processing apparatus 100
Fig. 2 is a functional block diagram illustrating a configuration example of the information processing apparatus 100 according to the present embodiment. The information processing apparatus 100 includes, for example, a communication unit 102 and a control unit 104.
Exemplary hardware configuration of the information processing apparatus 100
Fig. 3 is an explanatory diagram illustrating an exemplary hardware configuration of the information processing apparatus 100 according to the present embodiment. The information processing apparatus 100 includes, for example, an antenna 150 and an IC chip 152. Note that the information processing apparatus 100 does not necessarily have a configuration in the form of an IC chip such as the IC chip 152 shown in fig. 3.
The information processing apparatus 100 having the hardware configuration shown in fig. 3 is driven by a reception voltage according to a carrier wave received by the antenna 150. Note that the information processing apparatus 100 may be driven by, for example, power supplied from an internal power supply (such as a battery included in the information processing apparatus 100), power supplied from a connected external power supply, or the like.
The antenna 150 includes, for example, a resonator including a coil (inductor) L1 having a predetermined inductance and a capacitor C1 having a predetermined capacitance, and generates an induced voltage by electromagnetic induction in response to reception of a carrier wave. Then, the antenna 150 outputs a reception voltage obtained by resonating the induced voltage at a predetermined resonance frequency. Here, the resonant frequency of the antenna 150 is set according to the frequency of the carrier (for example, 13.56[ MHz ], etc.). With the above configuration, the antenna 150 receives the carrier wave and further transmits the response signal according to the load modulation performed by the load modulation circuit 164 included in the IC chip 152.
IC chip 152 includes, for example, a carrier detect circuit 154, a detection circuit 156, a regulator 158, a demodulation circuit 160, a processor 162, and a load modulation circuit 164. Note that, although not shown in fig. 2, the IC chip 152 may further include a protection circuit (not shown) that prevents an overvoltage or overcurrent from being applied to the processor 162, for example. Here, as a protection circuit (not shown), for example, a clamp circuit including a diode or the like is exemplified.
Further, the IC chip 152 includes, for example, a Read Only Memory (ROM)166, a Random Access Memory (RAM)168, and a nonvolatile memory 170. The processor 162, the ROM 166, the RAM 168, and the nonvolatile memory 170 are connected, for example, by a bus 172 as a data transmission path.
The ROM 166 stores control data such as programs to be executed by the processor 162 or calculation parameters.
The RAM 168 temporarily stores programs to be executed by the processor 162, calculation results, execution states, and the like. Further, in the case where the program to be executed by the processor 162 is a VM program, the RAM 168 temporarily stores the program to be executed by the VM program, the calculation result, the execution state, and the like.
The nonvolatile memory 170 stores various data, for example, "data of the information processing method according to the present embodiment, such as a VM program or a key", an electronic value (data having a currency (money) or a value equivalent to the currency, which may be referred to as "electronic money" hereinafter), data corresponding to various services, various applications, and the like. The key according to the present embodiment is data used in, for example, confirmation of an electronic signature, authentication in communication using an arbitrary communication method such as NFC (including authentication performed to access an area of a recording medium), arbitrary encryption, processing related to decryption, and the like.
Here, as the nonvolatile memory 170, for example, an Electrically Erasable Programmable Read Only Memory (EEPROM), a flash memory, or the like is exemplified.
Further, the nonvolatile memory 170 has tamper resistance, for example. By storing various data such as a VM program in a tamper-resistant secure recording medium such as the nonvolatile memory 170, the security of the data is ensured in the information processing apparatus 100.
The carrier detection circuit 154 generates, for example, a rectangular detection signal based on the reception voltage transmitted from the antenna 150, and transmits the detection signal to the processor 162. Further, the processor 162 uses the transmitted detection signal as a processing clock for data processing, for example. Here, since the detection signal is based on the reception voltage transmitted from the antenna 150, the detection signal is synchronized with the frequency of the carrier wave transmitted from the external device such as the reader/writer 200. Therefore, the IC chip 152 includes a carrier detection circuit 154 to perform processing with an external device such as the reader/writer 200 in synchronization with the external device.
The detection circuit 156 rectifies the reception voltage output from the antenna 150. Here, the detection circuit 156 includes, for example, a diode D1 and a capacitor C2.
The regulator 158 smoothes and stabilizes the reception voltage and outputs the driving voltage to the processor 162. Here, the regulator 158 uses the DC component of the reception voltage as the driving voltage. Note that, as described above, for example, in the case where the information processing apparatus 100 includes an internal power supply such as a battery, or in the case where the information processing apparatus 100 is connected to an external power supply, the information processing apparatus 100 may be driven by power supplied from the internal power supply or power supplied from the external power supply.
The demodulation circuit 160 demodulates a carrier signal included in the carrier based on the reception voltage, and outputs data (for example, binary data signals of high level and low level) corresponding to the carrier signal. Here, the demodulation circuit 160 outputs an AC component of the reception voltage as data.
For example, the processor 162 is driven by using the driving voltage output from the regulator 158 as a power supply, and processes the data demodulated by the demodulation circuit 160.
The processor 162 processes the data, for example, by executing native code. The native code according to the present embodiment is code that can be executed by any processor (such as the processor 162) included in the information processing apparatus 100. Since the native code is executed by a processor included in the information processing apparatus 100, the native code operates at the processing speed of the processor.
Further, for example, in the case where the processor 162 executes a VM program, the above-described data processing may be performed by the VM program.
Further, the processor 162 selectively generates a control signal for controlling load modulation with respect to a response to an external device (such as the reader/writer 200) according to the processing result. The processor 162 then selectively outputs the control signal to the load modulation circuit 164.
Note that the processing by the processor 162 is not limited to the processing of the data demodulated by the demodulation circuit 160. For example, the processor 162 may perform any data processing by executing a VM program or by executing native code.
The processor 162 includes one or two or more processors each including a calculation circuit, for example, a Micro Processing Unit (MPU) or the like, various processing circuits, and the like.
The load modulation circuit 164 includes, for example, a load Z and a switch SW1, and performs load modulation for selectively connecting (verifying) the load Z according to a control signal sent from the processor 162. Here, the load Z includes, for example, a resistor having a predetermined resistance value. Further, the switch SW1 includes, for example, a p-channel Metal Oxide Semiconductor Field Effect Transistor (MOSFET) and an n-channel MOSFET.
For example, with the above-described configuration, the IC chip 152 may process a carrier signal received by the antenna 150 and cause the antenna 150 to transmit a response signal according to load modulation. Further, with the above-described configuration, for example, the IC chip 152 may perform arbitrary data processing by the executed VM program or by executing native code.
Note that the hardware configuration of the information processing apparatus according to the present embodiment is not limited to the configuration shown in fig. 3. For example, the information processing apparatus according to the present embodiment may have a configuration according to an application example of the information processing apparatus according to the present embodiment to be described later.
Referring again to fig. 2, an example of the configuration of the information processing apparatus 100 will be described. The communication unit 102 is a communication unit included in the information processing apparatus 100, and communicates with an external device. The communication of the communication unit 102 is controlled by the control unit 104, for example.
Here, as the communication unit 102, for example, the antenna 150 and the IC chip 152 shown in fig. 3 are taken as an example. In the case where the communication unit 102 includes the antenna 150 and the IC chip 152, the information processing apparatus 100 performs contactless communication with an external device such as the reader/writer 200 by NFC defined by ISO/IEC18092 by using a carrier wave having a predetermined frequency (for example, 13.56[ MHz ] or the like).
Note that the communication unit 102 is not limited to the antenna 150 and the IC chip 152. For example, the communication unit 102 includes a communication device compatible with an arbitrary communication method, such as an IEEE802.15.1 port and a transmission and reception circuit, an IEEE802.11 port and a transmission and reception circuit, and the like. Further, the communication unit 102 may have a configuration that can communicate with, for example, one or two or more external devices by using a plurality of communication methods.
For example, the control unit 104 is used to control the entire information processing apparatus 100. Further, the control unit 104 includes, for example, a processing unit 110, and plays a leading role in executing processing according to an information processing method according to the present embodiment to be described later.
The processing unit 110 plays a leading role for performing processing according to the information processing method of the information processing apparatus 100. An example of processing according to the information processing method of the information processing apparatus 100 will be described below in each embodiment.
Note that the configuration of the information processing apparatus according to the present embodiment is not limited to the configuration shown in fig. 2.
For example, the information processing apparatus according to the present embodiment may include the processing unit 110 shown in fig. 2 separately from the control unit 104 (e.g., to be implemented by another processing circuit).
Further, the configuration of the information processing apparatus according to the present embodiment is not limited to the configuration shown in fig. 2, and the information processing apparatus may have any configuration according to how the processing is divided according to the information processing method by the information processing apparatus 100 which will be described later.
Further, for example, in the case where the information processing apparatus according to the present embodiment operates independently, or in the case where the information processing apparatus communicates with an external device via an external communication device having a function and configuration similar to those of the communication unit 102, the information processing apparatus according to the present embodiment does not necessarily include the communication unit 102.
[1-2] reader/writer 200
The reader/writer 200 is an example of a device that can communicate with the information processing apparatus 100. The reader/writer 200 may function as a relay device that relays communication between the information processing apparatus 100 and other devices.
[ exemplary hardware configuration of reader/writer 200 ]
Fig. 4 is an explanatory diagram illustrating an exemplary hardware configuration of the reader/writer 200 according to the present embodiment.
The reader/writer 200 includes, for example, an MPU 250, ROM 252, RAM 254, recording medium 256, communication interface 258, carrier wave transmission circuit 260, and antenna 262. Further, the reader/writer 200 is connected between the group components as a data transmission path, for example, through the bus 264. Further, the reader/writer 200 is driven by, for example, power supplied from an internal power source (such as a battery included in the reader/writer 200), power supplied from a connected external power source, or the like.
The MPU 250 includes one or two or more processors, various processing circuits, and the like, each including a calculation circuit such as an MPU and the like, and functions as a control unit (not shown) that controls the entire reader/writer 200.
The ROM 252 stores control data such as programs to be executed by the MPU 250, calculation parameters, and the like. The RAM 254 temporarily stores, for example, programs and the like to be executed by the MPU 250.
The recording medium 256 functions as a storage unit (not shown) and stores various data, for example, various applications and the like. Here, as the recording medium 256, for example, a magnetic recording medium such as a hard disk and a nonvolatile memory such as a flash memory are exemplified. Further, the recording medium 256 may be separated from the reader/writer 200.
The communication interface 258 is a communication unit included in the reader/writer 200, and performs communication using a single communication method, and functions as a first communication unit (not shown) that wirelessly or wiredly communicates with an external device such as a server via a network (or directly). Here, as the communication interface 258, for example, a communication antenna and an RF circuit (wireless communication), an IEEE802.15.1 port and a transmission and reception circuit (wireless communication), an IEEE802.11 port and a transmission and reception circuit (wireless communication), a LAN terminal and a transmission and reception circuit (wired communication), and the like are exemplified. Further, communication interface 258 may have any configuration compatible with a network according to the present embodiment.
The carrier wave transmission circuit 260 and the antenna 262 are communication units included in the reader/writer 200, and perform communication using other communication methods, and function as a second communication unit (not shown) that performs wireless or wired communication with an external device such as the information processing apparatus 100.
The antenna 262 includes, for example, a resonator including a coil having a predetermined inductance as a transmission/reception antenna, and a capacitor and a demodulation circuit having a predetermined capacitance. Then, by receiving a carrier wave having a predetermined frequency (for example, 13.56[ MHz ] or the like), the antenna 262 demodulates data transmitted from an external device (such as the information processing apparatus 100) by load modulation or the like, for example. Note that, for example, in the case where the carrier transmission circuit 260 includes a demodulation circuit, the antenna 262 may include a resonator.
The carrier transmission circuit 260 includes, for example, a modulation circuit that performs modulation such as Amplitude Shift Keying (ASK) and an amplification circuit that amplifies an output of the modulation circuit and transmits a carrier wave on which a carrier signal is applied from a transmission/reception antenna of the antenna 262. Further, the carrier transmission circuit 260 may include, for example, a demodulation circuit that demodulates a signal received by the antenna 262. The demodulation circuit demodulates a signal received by the antenna 262, for example, by performing envelope detection on an amplitude variation of a voltage between the modulation circuit (or the amplification circuit) and the resonator of the antenna 262 and binarizing the detected signal. Note that the demodulation circuit can demodulate a signal received by the antenna 262, for example, by using a phase change of a voltage between the modulation circuit (or the amplification circuit) and the resonator of the antenna 262.
By including the carrier transmission circuit 260, the reader/writer 200 has an initiator function in NFC and functions as a so-called reader/writer. Here, as the carrier signal transmitted from the antenna 262 by the carrier transmission circuit 260, for example, various signals such as a polling signal, a signal indicating various commands (such as a write command, and the like), and the like are exemplified. As the write command according to the present embodiment, for example, data including a data write command and various parameters indicating a write target area and the like is exemplified. Further, the write command may include data to be written.
In addition, in the carrier transmission circuit 260, transmission of the carrier is controlled by the MPU 250, for example.
The reader/writer 200 has a hardware configuration shown in fig. 4, for example. Note that the hardware configuration of the reader/writer 200 according to the present embodiment is not limited to the configuration shown in fig. 4.
For example, in the case where communication with an external device is performed via an external communication device having a function similar to the communication interface 258, the reader/writer 200 does not necessarily include the communication interface 258.
Further, in the case where communication with an external apparatus is performed via an external communication apparatus having functions similar to those of the carrier transmission circuit 260 and the antenna 262, the reader/writer 200 does not necessarily include the carrier transmission circuit 260 and the antenna 262.
Further, in the case where communication with an external device is performed by using a communication method other than NFC (such as wireless communication using ieee802.15.1), the reader/writer 200 does not necessarily include the carrier transmission circuit 260 and the antenna 262. In the above case, the reader/writer 200 communicates with an external device by including a communication device compatible with a communication method other than NFC or by using an external communication device compatible with a communication method other than NFC.
Further, the reader/writer 200 may have, for example, a configuration not including the recording medium 256.
Further, the reader/writer 200 may have, for example, a hardware configuration according to an application example of the reader/writer 200 which will be described later.
Further, for example, the configuration shown in fig. 4 (or according to a modified configuration) may be implemented by one or two or more ICs.
[1-3] application example of each device included in the information processing system according to the present embodiment
In the above, the information processing apparatus 100 has been described as a component of the information processing system according to the present embodiment, and the description has been made taking a case where the information processing apparatus 100 is an IC card as an example. However, an application example of the information processing apparatus according to the present embodiment is not limited to the above example. The information processing apparatus according to the present embodiment can be applied to various apparatuses that can perform processing according to an information processing method by the information processing apparatus 100 that will be described later, for example, "a computer such as a Personal Computer (PC) and a server", "a tablet device", "a game machine", "an arbitrary internet of things (IoT) apparatus", and the like. Further, the information processing apparatus according to the present embodiment can be applied to, for example, an IC such as "Subscriber Identity Module (SIM)", "eUICC", "eSE", "Trusted Execution Environment (TEE)", and the like, which can be incorporated into the above apparatus.
Further, the reader/writer 200 has been described as an example of a component of the information processing system according to the present embodiment. However, the present embodiment is not limited to this form. The present embodiment can be applied to any apparatus that can communicate with the information processing apparatus according to the present embodiment, for example, "reader/writer", "device having a reader/writer function", "communication device that performs communication by wireless communication (such as BLE or the like) using ieee802.15.1", or the like. Further, the present embodiment can be applied to, for example, a processing IC that can be incorporated into the above-described apparatus.
[2] Information processing method according to the present embodiment
Next, processing according to the information processing method according to the present embodiment will be described using the information processing system 1000 shown in fig. 1 as an example.
As described above, the method for extending the device function includes, for example, a method for causing a VM to operate. The information processing apparatus 100 to which the information processing method according to the present embodiment is applied is an apparatus to which a method for causing a VM to operate is applied.
Fig. 5 is an explanatory diagram for explaining an example of the operation of a Virtual Machine (VM) in the information processing apparatus 100 according to the present embodiment. In fig. 5, the information processing apparatus 100 and the reader/writer 200 shown in fig. 1 are illustrated.
One or more VM programs may be installed in the information processing apparatus 100. Here, installing the VM program means, for example, "the VM program is stored in a recording medium accessible to a processor (for example, a processor serving as the processing unit 110) included in the information processing apparatus 100 and the processor is in a state in which the processor can execute the VM program".
Here, for example, the VM programs may be the same regardless of the architecture of the processor included in the apparatus. Thus, a single VM program can be made to operate by multiple types of devices.
The VM program may be installed not only by the manufacturer of the information processing apparatus 100 but also by the user of the information processing apparatus 100.
For example, as shown in fig. 5, when a specific command is received by the information processing apparatus 100 or when a specific access is made to the file system in the course of processing the received command, the VM program is activated. The trigger for activating the VM program is defined by, for example, condition information (to be described later) associated with the VM program. By activating a VM program, a VM corresponding to the VM program operates.
As the file system according to the present embodiment, for example, an arbitrary file system compatible with the OS operating in the information processing apparatus 100, such as a file system of Felica (registered trademark) OS, is exemplified.
The activated VM program performs various processes such as "arbitrarily accessing the file system", "stopping a process related to an operation initially performed by the command and performing a process related to another operation instead", and the like.
Fig. 6 is an explanatory diagram for explaining an example of the operation of a Virtual Machine (VM) in the information processing apparatus 100 according to the present embodiment. Fig. 6 illustrates an example of processing performed by the information processing apparatus 100 and the reader/writer 200 shown in fig. 1.
The reader/writer 200 transmits a command such as a write command or a read command for reading data (S100).
In the case where it is determined that the condition for operating the virtual machine indicated by the condition information is satisfied, the processing unit 110 of the information processing apparatus 100 that has received the command transmitted from the reader/writer 200 in step S100 activates the VM program (S102).
The condition information according to the present embodiment is data indicating a condition under which the virtual machine operates, and includes, for example, information indicating an area of the recording medium (such as a parameter of the area of the recording medium) as the condition. As the condition information, for example, activation condition information using reception of a specific command as an activation trigger and access target information using specific access to the file system as an activation trigger are exemplified.
The activation condition information includes, for example, information indicating a VM program to be activated (e.g., an ID of the VM program, etc.), information defining a command to be a trigger for activating the VM program (e.g., a command code, etc.), and information indicating a recording medium area (e.g., data indicating an address, etc.). Further, the access target information includes, for example, information indicating a VM program to be activated (e.g., an ID of the VM program or the like) and information indicating an area of the recording medium and defines the access as a trigger (e.g., data indicating an address or the like) to activate the VM program.
For example, by activating the VM program based on the condition information, the activation of the VM program is realized when a specific command is received by the information processing apparatus 100 or when a specific access is made to the file system in the course of processing the received command.
The VM program that has been activated by the processing in step S102 performs processing according to the code of the VM program, and for example, appropriately accesses the file system (S104) and transmits the processing result to the processing unit 110 (S106).
The processing unit 110, which has acquired the processing result from the VM program in step S106, transmits a response signal to the command in step S100 (S108).
For example, as shown in fig. 6, in the information processing apparatus 100, when the condition indicated by the condition information is satisfied, the VM program is activated and the VM operates. Note that, needless to say, the operation example of the VM in the information processing apparatus 100 is not limited to the example shown in fig. 6.
Hereinafter, an example of processing of the information processing method according to the present embodiment will be described for each embodiment.
[2-1] information processing method according to the first embodiment
[2-1-1] overview of an information processing system 1000 to which the information processing method according to the first embodiment is applied
For example, a device such as an IC card includes a plurality of pieces of data, the owner and the access right of which are generally different from each other.
As indicated with reference to fig. 5 and 6, in the case of activating a VM program and causing the VM program to access a file system, it is considered necessary to restrict the conditions for activating the VM program and the access authority of the VM program. The reason why the restriction is required is, for example, "because the VM program can change the processing of arbitrary commands and the behavior of the file system, and it is possible that the VM program can access any data in the file system without imposing the restriction".
Here, as a method for restricting the condition for activating the VM program and the access authority of the VM program, "a method for storing a key for access in the VM program and performing access to the file system by the VM program after mutual authentication, similar to access to the file system by an external device such as the reader/writer 200," is considered. However, in the case of using the method for storing the key for access in the VM program, there is a risk of the key for access being leaked from the VM program, and the above-described method is undesirable from the viewpoint of security.
Therefore, in the information processing system 1000 to which the information processing method according to the first embodiment is applied, an electronic signature is given to the VM program. Hereinafter, there is a case where the electronic signature given to a single VM program is referred to as "first electronic signature".
The first electronic signature is generated based on, for example, the code of the VM program, condition information corresponding to the VM program, and a key corresponding to the condition information. The first electronic signature may be generated by any external device of the information processing apparatus 100, such as a server (not shown).
The first electronic signature may be, for example, a public key type electronic signature, or may be a common key type electronic signature. In the case where the first electronic signature is an electronic signature of a common key type, the first electronic signature is a Message Authentication Code (MAC).
In the information processing apparatus 100, the condition information and the first electronic signature are associated with the VM program and stored in the recording medium by an arbitrary association method such as association using an ID of the VM program. The condition information and the first electronic signature are transmitted to the information processing apparatus 100, for example, "when the VM program is transmitted from an external device (such as the reader/writer 200) of the information processing apparatus 100 to the information processing apparatus 100". Further, the condition information and the first electronic signature may be transmitted to the information processing apparatus 100 "at an arbitrary timing after the VM program is transmitted from the external device such as the reader/writer 200 to the information processing apparatus 100".
The information processing apparatus 100 confirms the first electronic signature associated with the VM program "at the time of performing the installation of the VM" or "after performing the installation of the VM and before the VM operation". The confirmation of the first electronic signature corresponds to the verification of the first electronic signature, and the first electronic signature is confirmed by any process that can verify the electronic signature.
Then, the information processing apparatus 100 controls execution of processing regarding the VM (processing regarding the virtual machine, the same applies hereinafter) based on the confirmation result of the first electronic signature. The processing regarding the VM according to the present embodiment includes, for example, one or both of processing for installing the VM and processing for operating the VM based on the condition information.
As an example, in a case where the confirmation result of the first electronic signature indicates that the first electronic signature is not a correct signature, the information processing apparatus 100 executes predetermined error processing, such as failure of VM installation, invalidation of a VM program, or invalidation of a condition indicated by condition information corresponding to the VM program. Further, as another example, in a case where the confirmation result of the first electronic signature indicates that the first electronic signature is a correct signature, the information processing apparatus 100 may perform processing on the VM based on the condition information, such as installing the VM or causing the VM to operate.
Note that after the first electronic signature is confirmed, "the first electronic signature associated with the VM program" or "the first electronic signature and the condition information associated with the VM program" may be discarded. By discarding the first electronic signature or the like after confirming the first electronic signature, for example, an "effect of making it possible to more efficiently use a recording medium included in the information processing apparatus 100 and to safely execute the VM program" is obtained.
Fig. 7 is an explanatory diagram for explaining an outline of an information processing method according to the first embodiment. A of fig. 7 illustrates an example of a case where the condition information is the activation condition information, and B of fig. 7 illustrates an example of a case where the condition information is the access target information. In fig. 7, the first electronic signature is indicated as "signature" (the same applies to the other figures).
As shown in fig. 7, in the information processing system 1000 to which the information processing method according to the first embodiment is applied, the first electronic signature is generated from the code of the VM program, the condition information corresponding to the VM program (the activation condition information shown in a of fig. 7 or the access target information shown in B of fig. 7), and the key associated with the condition information (the key associated with the "activation trigger target area" shown in a of fig. 7 or the key associated with the "access target area" shown in B of fig. 7).
Further, in the information processing apparatus 100, the condition information and the first electronic signature are associated with the VM program and stored in the recording medium.
The information processing apparatus 100 confirms the first electronic signature associated with the VM program, for example, "at the time of executing the installation of the VM" or "after the execution of the installation of the VM and before the VM operation". Then, the information processing apparatus 100 controls execution of processing regarding the VM based on the confirmation result of the first electronic signature.
For example, as described above, "the information processing apparatus 100 confirms the first electronic signature associated with the VM program and controls the execution of processing regarding the VM based on the confirmation result" so that the above-described "condition of restricting the activation of the VM program and the access right by the VM program" can be realized.
Further, in the case where the information processing apparatus 100 controls the execution of the processing regarding the VM based on the confirmation result of the first electronic signature, there is no risk of the key for access being leaked from the VM program as in the case of using the "method of storing the key for access in the VM program". Therefore, safety is sufficiently ensured.
Therefore, the information processing apparatus 100 to which the information processing method according to the first embodiment is applied can improve the convenience of the information processing apparatus 100 (an example of a device in which a VM can operate).
[2-1-2] processing performed by the information processing apparatus 100 according to the information processing method according to the first embodiment
Next, an example of processing performed by the information processing apparatus 100 according to the information processing method according to the first embodiment will be described.
The information processing apparatus 100 controls execution of processing regarding the VM based on the confirmation result of the first electronic signature.
The information processing apparatus 100 confirms the first electronic signature by using the key associated with the area indicated by the condition information.
The information processing apparatus 100 specifies a key associated with the area indicated by the condition information, for example, based on the setting information associated with the area of the recording medium. As the setting information, for example, "a table (or a database) in which addresses and keys (keys) indicating areas of the recording medium are recorded in association with each other for each area" is exemplified. Note that the setting information according to the present embodiment is not limited to the table (or database) as indicated above, and may be data in any format, for example, data of each area, or the like.
The information processing apparatus 100 generates an electronic signature for verification from, for example, the code of the VM program, the condition information, and a key associated with the area indicated by the condition information. Then, the information processing apparatus 100 confirms the validity of the first electronic signature by comparing the generated electronic signature for verification with the first electronic signature. According to the present embodiment, confirming the validity of the first electronic signature means confirming whether or not the first electronic signature is a correct signature.
In the case where the electronic signature for verification and the first electronic signature agree with each other, the information processing apparatus 100 determines that the first electronic signature is a correct signature (i.e., determines that the validity of the first electronic signature has been confirmed). Further, in the case where the electronic signature for verification and the first electronic signature do not agree with each other, the information processing apparatus 100 does not determine that the first electronic signature is a correct signature (i.e., does not determine that the validity of the first electronic signature has been confirmed).
Note that the processing regarding the confirmation of the first electronic signature is not limited to the above-described example, and the information processing apparatus 100 may confirm the first electronic signature by any processing that can verify the electronic signature.
In the case where the validity of the first electronic signature has been confirmed, the information processing apparatus 100 may execute processing regarding the virtual machine. As an example, in a case where the validity of the first electronic signature has been confirmed, the information processing apparatus 100 installs or operates the VM based on the condition information.
Further, in the case where the validity of the first electronic signature is not confirmed, the information processing apparatus 100 executes predetermined error processing. As an example, in the case where the validity of the first electronic signature is not confirmed, the information processing apparatus 100 fails the installation of the VM, invalidates the VM program, or invalidates the condition indicated by the condition information corresponding to the VM program. Note that the predetermined error process according to the present embodiment is not limited to the above example, and may be any process that can realize the deactivation of the VM.
[2-2] information processing method according to the second embodiment
By applying the information processing method according to the first embodiment described above, the convenience of the information processing apparatus 100 (an example of a device in which a VM can operate) can be improved.
Here, it is assumed that, for each area indicated by the condition information, the first electronic signature associated with the VM program is generated, and as the number of areas indicated by the condition information increases, the number of first electronic signatures increases. Therefore, as the number of areas indicated by the condition information increases, when the first electronic signature is transmitted to the information processing apparatus 100, the time required for the transmission becomes long, and the storage capacity of the recording medium of the information processing apparatus 100 that stores the first electronic signature increases. For example, in the case where the information processing apparatus 100 is an IC card, the storage capacity of the recording medium is not so large. Therefore, it is not preferable to increase the storage capacity for storing the first electronic signature.
Therefore, in the case where a plurality of pieces of condition information are associated with the VM, the information processing system 1000 to which the information processing method according to the second embodiment is applied prevents an increase in the number of electronic signatures associated with the VM program.
(A) First example of information processing method according to second embodiment
In the case where a plurality of pieces of condition information are associated with the VM program, a degenerate (generation) key (new key) is generated from a plurality of keys respectively corresponding to the plurality of pieces of condition information. The degenerate key may be generated by any external device of the information processing apparatus 100, such as a server (not shown).
For example, the degenerate key is generated by sequentially encrypting the original value of a random number or the like using a plurality of keys respectively corresponding to a plurality of pieces of condition information. Note that, needless to say, the method for generating the degenerate key is not limited to the above example.
Then, a first electronic signature is generated based on the code of the VM program, the pieces of condition information, and the generated degenerate key. As described above, the first electronic signature may be generated by any external device of the information processing apparatus 100, such as a server (not shown).
As in the case of using the information processing method according to the first embodiment described above, the information processing apparatus 100 controls execution of processing regarding the VM based on the confirmation result of the first electronic signature.
Fig. 8 is an explanatory diagram for explaining an outline of a first example of an information processing method according to the second embodiment. Fig. 8 shows an example in which the condition information is activation condition information, as in a of fig. 7.
As shown in fig. 8, in the information processing system 1000 to which the information processing method according to the second embodiment is applied, a single degenerate key is generated from a plurality of keys (keys 1 to 3 shown in fig. 8) corresponding to a plurality of pieces of condition information respectively corresponding to VM programs.
Further, in the information processing system 1000 to which the information processing method according to the second embodiment is applied, the first electronic signature is generated from the code of the VM program, the pieces of condition information corresponding to the VM program, and the degenerate key.
Further, in the information processing apparatus 100, the condition information and the first electronic signature are associated with the VM program and stored in the recording medium.
The information processing apparatus 100 confirms the first electronic signature associated with the VM program, for example, "at the time of executing the installation of the VM" or "after the execution of the installation of the VM and before the VM operation". Then, the information processing apparatus 100 controls execution of processing regarding the VM based on the confirmation result of the first electronic signature.
As can be found by comparing fig. 8 and 7, the first example of the information processing method according to the second embodiment is similar to the information processing method according to the first embodiment described above, except for the method for generating the first electronic signature.
Therefore, as in the case of applying the information processing method according to the first embodiment, the information processing apparatus 100 to which the information processing method according to the second embodiment is applied can improve the convenience of the information processing apparatus 100 (an example of a device in which a VM can operate).
Further, in the case of applying the information processing method according to the second embodiment, even when a plurality of pieces of condition information are associated with the VM programs, at least one electronic signature associated with the VM programs is required.
Note that in the case where the information processing method according to the second embodiment is applied, two or more electronic signatures including the first electronic signature generated based on the degenerate key may be associated with the VM program. As an example of a case where two or more electronic signatures are associated with the VM program, "an example in which a first electronic signature based on a degenerate key generated from a plurality of keys corresponding to the activation condition information and a first electronic signature based on a degenerate key generated from a plurality of keys corresponding to the access target information are associated with the VM program" is illustrated.
Therefore, in the case of applying the information processing method according to the second embodiment, "an increase in the number of electronic signatures associated with a VM program when a plurality of pieces of condition information are associated with the VM program" is prevented.
Further, the first example of the information processing method according to the second embodiment is particularly effective when the first electronic signature is a common key type signature (MAC).
(B) Second example of the information processing method according to the second embodiment
In a case where a plurality of pieces of condition information are associated with the VM program, a degenerate electronic signature (new electronic signature) is generated from a plurality of first electronic signatures respectively corresponding to the plurality of pieces of condition information. The degenerate electronic signature may be generated by any external device of the information processing apparatus 100, such as a server (not shown).
For example, a degenerate electronic signature is generated by sequentially encrypting original values of random numbers or the like using a plurality of first electronic signatures respectively corresponding to a plurality of pieces of condition information. Further, the degenerate electronic signature may be generated, for example, by generating a MAC for data in which a plurality of first electronic signatures respectively corresponding to a plurality of pieces of condition information are sequentially arranged. The MAC corresponds to a degenerate electronic signature. Note that, needless to say, the method for generating a degenerate electronic signature is not limited to the above-described example.
The information processing apparatus 100 confirms the degenerated electronic signature in place of the first electronic signature in the case of using the information processing method according to the first embodiment. Then, the information processing apparatus 100 controls execution of processing regarding the VM based on the confirmation result of the degraded electronic signature.
As an example, the information processing apparatus 100 generates an electronic signature for verification for each piece of condition information, for example. Further, the information processing apparatus 100 generates a degraded electronic signature for verification from the electronic signature for verification generated for each piece of condition information. Then, the information processing apparatus 100 confirms the validity of the degraded electronic signature by comparing the generated degraded electronic signature for verification with the degraded electronic signature.
Note that the process regarding the confirmation of the degraded electronic signature is not limited to the above-described example, and the information processing apparatus 100 may confirm the degraded electronic signature by any process that can verify the electronic signature.
Fig. 9 is an explanatory diagram for explaining an outline of a second example of the information processing method according to the second embodiment. Fig. 9 illustrates an example in which the condition information is activation condition information, as in a of fig. 7. Further, in fig. 9, the degenerate electronic signature is referred to as a "degenerate signature".
As shown in fig. 9, in the information processing system 1000 to which the information processing method according to the second embodiment is applied, a plurality of first electronic signatures (signatures 1 to 3 shown in fig. 9) corresponding to a plurality of pieces of condition information corresponding to VM programs, respectively, are generated. Further, in the information processing system 1000 to which the information processing method according to the second embodiment is applied, a degenerate electronic signature is generated from a plurality of first electronic signatures.
Further, in the information processing apparatus 100, the condition information and the degraded electronic signature are associated with the VM program and stored in the recording medium.
The information processing apparatus 100 confirms a degenerated electronic signature associated with the VM program, for example, "at the time of executing the installation of the VM" or "after the execution of the installation of the VM and before the VM operation". Then, the information processing apparatus 100 controls execution of processing regarding the VM based on the confirmation result of the degraded electronic signature.
As can be seen by comparing fig. 9 and 7, the second example of the information processing method according to the second embodiment is similar to the information processing method according to the first embodiment described above, except that the first electronic signature is a degenerate electronic signature.
Therefore, as in the case of applying the information processing method according to the first embodiment, the information processing apparatus 100 to which the information processing method according to the second embodiment is applied can improve the convenience of the information processing apparatus 100 (an example of a device in which a VM can operate).
Further, in the case of applying the information processing method according to the second embodiment, even when a plurality of pieces of condition information are associated with the VM programs, at least one electronic signature associated with the VM programs is required.
Note that in the case where the information processing method according to the second embodiment is applied, two or more degenerate electronic signatures may be associated with a VM program. As an example of a case in which two or more degraded electronic signatures are associated with the VM program, "an example in which a degraded electronic signature generated from a plurality of electronic signatures corresponding to the activation condition information and a degraded electronic signature generated from a plurality of electronic signatures corresponding to the access target information are associated with the VM program" is exemplified.
Therefore, in the case of applying the information processing method according to the second embodiment, "an increase in the number of electronic signatures associated with a VM program when a plurality of pieces of condition information are associated with the VM program" is prevented.
Further, the second example of the information processing method according to the second embodiment is particularly effective when the degenerate electronic signature is a common key type signature (MAC).
[2-3] information processing method according to the third embodiment
By applying the information processing method according to the first embodiment or the information processing method according to the second embodiment, the convenience of the information processing apparatus 100 (an example of a device in which a VM can operate) can be improved.
Here, for example, in the case where the information processing method according to the first embodiment or the information processing method according to the second embodiment is applied, it is impossible to cope with "a use case in which the provider of the VM program or the like desires to limit the operation of the VM after the VM program is associated with the electronic signature in the information processing apparatus 100".
Therefore, in the information processing system 1000 to which the information processing method according to the third embodiment is applied, the information processing apparatus 100 also has a function for controlling execution of processing regarding the VM based on control information for controlling execution of processing regarding the VM.
As the control information according to the present embodiment, for example, a table (or a database) in which information for specifying a VM program and information indicating the contents of restriction are recorded in association with each other is exemplified. Note that the control information according to the present embodiment is not limited to the above-described table (or database), and may be data in any format, for example, data for each VM program, or the like. The control information may be generated by any external device of the information processing apparatus 100, such as a server (not shown).
As the information for specifying the VM program, for example, arbitrary data from which the VM program can be identified, such as an ID of the VM program, a hash value which is at least a part of the program code, a MAC, and the like, is exemplified.
As the information indicating the restriction content, for example, arbitrary data defining the restriction content of the operation of the VM, such as data indicating prohibition of installation of the VM, data indicating prohibition of execution of the VM program, or the like, is exemplified.
The information processing apparatus 100 determines, for example, whether or not the "target VM program is a VM program set in the control information" based on information for specifying the VM program included in the control information. The information processing apparatus 100 determines, for example, at the time of installing a VM or at the time of executing a VM program, "whether or not a target VM program is a VM program set in control information. Note that the information processing apparatus 100 may assume that all VM programs stored in the recording medium are VM programs, and may determine "whether or not a target VM program is a VM program set in the control information" at an arbitrary timing.
Then, the information processing apparatus 100 controls execution of processing regarding the VM according to the determination result based on the control information.
As an example, if execution of a VM program and installation of the VM program are prohibited when the VM is installed or when the VM program is executed, the information processing apparatus 100 does not execute the prohibition processing. As another example, in the case where installation of a VM program is prohibited after a VM has been installed, the information processing apparatus 100 uninstalls the VM program or prohibits execution of the VM program.
Note that the processing of the information processing apparatus 100 according to the third embodiment is not limited to the above-described example.
For example, in the case of applying the information processing method according to the third embodiment, an electronic signature may be given to the control information. Hereinafter, the electronic signature given to a single piece of control information is sometimes referred to as a "second electronic signature".
The second electronic signature may be generated by any external device of the information processing apparatus 100, such as a server (not shown). Further, in the information processing apparatus 100, the control information and the second electronic signature are associated with each other by an arbitrary association method and stored in the recording medium.
In the case where the second electronic signature is associated with the control information, the information processing apparatus 100 controls execution of the processing regarding the VM based on the control information based on the confirmation result of the second electronic signature.
For example, in the case where the validity of the second electronic signature has been confirmed, the information processing apparatus 100 may control the execution of the processing regarding the VM based on the control information. Further, in the case where the validity of the second electronic signature is not confirmed, the information processing apparatus 100 does not control the execution of the processing regarding the VM based on the control information.
The information processing apparatus 100 confirms the second electronic signature by using, for example, a key associated with an area indicated by "condition information associated with a VM program to be controlled by control information".
For example, in the case of performing signature by using at least one or more keys among the keys associated with the areas indicated by the "condition information associated with the VM program to be controlled by the control information", the information processing apparatus 100 determines that the second electronic signature is a correct signature. Further, for example, in the case of performing signature by using all keys associated with the areas indicated by the "condition information associated with the VM program to be controlled by the control information", the information processing apparatus 100 can determine that the second electronic signature is a correct signature.
The information processing apparatus 100 to which the information processing method according to the third embodiment is applied controls execution of processing on the VM based on the control information as described above. Therefore, the information processing apparatus 100 to which the information processing method according to the third embodiment is applied can cope with "use case in which the provider of the VM program or the like desires to restrict the operation of the VM after the VM program and the electronic signatures are associated with each other in the information processing apparatus 100".
Therefore, the information processing apparatus 100 to which the information processing method according to the third embodiment is applied can improve the convenience of the information processing apparatus 100 (an example of a device in which a VM can operate) as compared with the case of applying the information processing method according to the first embodiment or the information processing method according to the second embodiment.
[2-4] information processing method according to the fourth embodiment
By applying at least one of the information processing methods according to the first embodiment to the information processing method according to the third embodiment, the convenience of the information processing apparatus 100 (an example of a device in which a VM can operate) can be improved.
Here, in the information processing apparatus 100, assume "a case where the area indicated by the condition information (i.e., the area associated with the key for generating a valid electronic signature) is deleted after the signed VM program is installed". In the event of the above, the VM program executed by the information processing apparatus 100 waits for an activation condition that is never satisfied or attempts to access a non-existing area.
Therefore, in the information processing system 1000 to which the information processing method according to the fourth embodiment is applied, when there is condition information indicating an area to be deleted when an area of a recording medium is deleted, the information processing apparatus 100 executes one of the following.
Not deleting the area to be deleted.
Predetermined processing is performed on the VM program associated with the condition information indicating the area to be deleted.
As the predetermined processing according to the fourth embodiment, for example, "processing for uninstalling a VM program associated with condition information indicating an area to be deleted" and "processing for invalidating a VM program associated with condition information indicating an area to be deleted" are exemplified. As the process of invalidating the VM program, one or both of a process of invalidating the VM program and a process of invalidating a condition indicated by condition information associated with the VM program are exemplified.
As described above, in the information processing apparatus 100 to which the information processing method according to the fourth embodiment is applied, in the case where the condition information indicating the area to be deleted exists at the time of deleting the area of the recording medium, the area to be deleted is not deleted or predetermined processing is performed on the VM program. Therefore, the information processing apparatus 100 to which the information processing method according to the fourth embodiment is applied prevents "the VM program waits for an activation condition never satisfied or the VM program attempts to access a non-existing area".
Therefore, the information processing apparatus 100 to which the information processing method according to the fourth embodiment is applied can improve the convenience of the information processing apparatus 100 (an example of a device in which a VM can operate).
[2-5] information processing method according to fifth embodiment
[2-5-1] overview of an information processing system 1000 to which the information processing method according to the fifth embodiment is applied
Some NFC-compliant devices, such as IC cards, have features that ensure atomicity of the result of a single execution of a command. As an example of ensuring atomicity, an "example of obtaining a result of causing all the writes to the areas a to C to be performed or not to be performed even if the command is interrupted in a case where the writes to the areas a to C are indicated in a parameter at a single time of the command" is illustrated.
Therefore, in the information processing system 1000 to which the information processing method according to the fifth embodiment is applied, the information processing apparatus 100 that can cause the VM to operate can ensure atomicity as in the above example. As an example, in the information processing system 1000 to which the information processing method according to the fifth embodiment is applied, "one of the results is obtained such that all writes including the write by the command and the write by the VM program succeed or fail" is realized.
Fig. 10 is an explanatory diagram for explaining an outline of an information processing method according to the fifth embodiment. Fig. 10 illustrates an example of processing in which the information processing apparatus 100 receives a command indicating areas a to C in the write parameters.
For example, when a file system is accessed by a received command and a VM program is activated by satisfying an activation condition, the information processing apparatus 100 does not immediately perform writing to the file system by the VM program and writing to the file system by the command, and whether each process is successful and the date of writing are held in the temporary buffer. For example, in the case of including the hardware configuration shown in fig. 3, the recording medium (e.g., the RAM 168, the nonvolatile memory 170, or the like) serves as a temporary buffer.
After completing the processing based on each parameter included in the command, in the case where all the processing results indicate that the processing has succeeded, the information processing apparatus 100 reflects all the data held in the temporary buffer to the file system. Further, in a case where at least one processing result indicates a processing failure after the processing is completed based on each parameter included in the command, the information processing apparatus 100 does not reflect all the data held in the temporary buffer to the file system.
For example, by executing the processing shown in fig. 10, "obtaining one of the results that causes all writes including the write by the command and the write by the VM program to succeed or fail" is realized. Thus, the atomicity of the information processing apparatus 100 is ensured.
Therefore, the information processing apparatus 100 to which the information processing method according to the fifth embodiment is applied can improve the convenience of the information processing apparatus 100 (an example of a device in which a VM can operate).
[2-5-2] processing by the information processing apparatus 100 according to the fifth embodiment according to the information processing method
Next, an example of processing performed by the information processing apparatus 100 according to the information processing method according to the fifth embodiment will be described.
The information processing apparatus 100 has a function of causing the VM to operate, for example, similar to the information processing apparatus 100 according to the first to fourth embodiments described above.
Note that the information processing apparatus 100 according to the fifth embodiment may not or need not control the operation of the VM according to the confirmation result of the electronic signature performed by the information processing apparatus 100 according to the first to fourth embodiments. That is, controlling the operation of the VM according to the confirmation result of the electronic signature is not necessary to ensure the above atomicity. Therefore, it is sufficient that at least the condition information is associated with the virtual machine program that causes the VM to operate according to the fifth embodiment.
Further, the information processing apparatus 100 has a function for processing a command acquired from an external device, including a function for writing data based on a write command. Hereinafter, processing for ensuring the above-described atomicity will be described taking a case where the information processing apparatus 100 processes a write command as an example.
When the write command is acquired, the information processing apparatus 100 operates the VM when the area indicated by the parameter of the write command is the area indicated by the condition information.
Further, in the case where the write command is acquired, the information processing apparatus 100 determines whether all data writing performed based on the write command can be normally performed. For example, as described with reference to fig. 10, the information processing apparatus 100 does not immediately perform writing to the file system, and whether all data writing is successful and the written data is held in the temporary buffer.
Then, when it is determined that all data writing can be normally performed, the information processing apparatus 100 writes data based on the write command. For example, as described with reference to fig. 10, after completing the processing based on each parameter included in the command, in the case where all the processing results indicate that the processing has succeeded, the information processing apparatus 100 reflects all the data held in the temporary buffer to the file system.
Further, when it is determined that all data writing cannot be normally performed, the information processing apparatus 100 does not write data based on the write command. For example, as described with reference to fig. 10, after completing the processing based on each parameter included in the command, in the case where the result of at least one processing indicates a failure, the information processing apparatus 100 does not reflect all the data held in the temporary buffer to the file system.
For example, as described above, the information processing apparatus 100 determines whether all data writing performed based on the write command can be normally performed, and selectively writes data based on the write command according to the determination result. Therefore, the information processing apparatus 100 ensures atomicity.
Here, in the case of operating the VM based on the write command, the data write based on the write command includes data write performed by the VM program.
[2-6] information processing method according to other embodiments
The processing of the information processing method according to the present embodiment is not limited to the processing of the information processing method according to the first embodiment through the processing of the information processing method according to the fifth embodiment.
For example, the process of the information processing method according to the present embodiment may be a process realized by combining two or more of the processes of the information processing method according to the first embodiment to the processes of the information processing method according to the fifth embodiment.
[3] Example of effects obtained by using the information processing method according to the present embodiment
By using the information processing method according to the present embodiment, for example, the following effects (a) to (d) are obtained. Note that, needless to say, the effect obtained by using the information processing method according to the present embodiment is not limited to the following example.
(a) Implementation of VM programs in cooperation with an OS and through an advanced Application Programming Interface (API)
The VM program according to the present embodiment can provide a high-level API having the following functions: the function of an OS such as a Felica (registered trademark) OS is customized.
For example, by providing an API in the VM program that cooperates with the OS, the VM program can be operated in cooperation with the movement of the OS. By way of example, by making the write operation of the OS cooperate with the write operation by the VM program, atomicity of the write operation can be ensured as indicated in the information processing method according to the fifth embodiment. Further, by ensuring atomicity of the write operation, it is possible to cope with a power failure before completion of writing (in the case where the power is cut).
A basic part of the application may be implemented as code (native code) that operates in situ in a processor that operates at high speed, and a function for customizing the function of the OS may be implemented by a VM program. With such an embodiment, for example, even in the case of including a low-speed program operating in a VM, an application operating at a high speed can be realized. Furthermore, with such an embodiment, functions can be realized compactly, and high-level functions can be realized in limited memory resources. In the case where the information processing apparatus 100 is an IC card, it is particularly useful to be able to realize high-level functions in a limited memory resource.
(b) Activation condition of VM program
Since the VM program is activated according to the condition information, the VM program can be executed at a predetermined timing without specifying the timing from outside the information processing apparatus 100. Therefore, since the VM program is executed without depending on an external device such as the reader/writer 200, the function of the information processing apparatus 100 can be extended by the VM program without changing an existing external device on the market, for example. Further, since the VM program is executed without depending on an external device such as the reader/writer 200, for example, the external device does not need to be aware of the presence of the VM program.
Execution of processing on the VM is controlled based on the confirmation result of the electronic signature by using any one of the information processing method according to the first embodiment to the information processing method according to the fourth embodiment. Here, in the information processing apparatus 100, for example, the electronic signature is checked and saved at the time of download, it is not necessary to confirm the electronic signature at the time of execution, and the program can be executed at high speed.
(c) Pre-setting of access targets
For example, by downloading information (for example, condition information and electronic signature) on resource access authority as metadata of the VM program, mutual authentication does not have to be performed when the VM program is executed, and the VM program can access resources of the OS. Here, the execution authority is signed for each required access authority, and the execution authority is set for the information processing apparatus 100. Further, in the information processing apparatus 100, for example, the electronic signature is checked and saved at the time of download, it is not necessary to confirm the electronic signature at the time of execution, and the program can be executed at high speed.
Restrictions may be added for each conditional access target.
(d) Addition of functionality in the marketplace
The download of the VM program can be realized as a command that can be issued on the market, and the function of the information processing apparatus 100 can be added on the market.
Unnecessary VM programs can be deleted in the market by a command that can be issued in the market.
By making it possible to download the VM program in a free space without requiring an area dedicated to the VM program, the information processing apparatus 100 can efficiently use the memory.
Operations for adding functionality may be implemented by a VM program without deleting an existing application. By this operation, for example, an existing data structure can be taken over, and additional movement by the VM program can be realized.
After downloading the application by the above (b) and (c), the function can be added to the information processing apparatus 100 without changing an external device such as a reader/writer on the market. As an example, functions may be added by the information processing apparatus 100 side without changing the order of application to the information processing apparatus 100.
[4] Use case to which the information processing method according to the present embodiment is applied
Next, a use case to which the information processing method according to the above-described present embodiment is applied will be described. Note that, needless to say, the use case of the information processing method according to the present embodiment is not limited to the following example.
[4-1] first example of use case: coupon provision by VM
As a first example of a use case, a use case in which a coupon is provided by a VM will be described.
Fig. 11 is an explanatory diagram for explaining a first example of a use case to which the information processing method according to the present embodiment is applied. A of fig. 11 illustrates a state of a recording medium included in the information processing apparatus 100 before the VM program is installed. Further, B of fig. 11 illustrates a state of the recording medium included in the information processing apparatus 100 after the VM program has been installed.
The signature of the activation condition information (an example of the condition information) is created, for example, by a person (e.g., an electronic money trader) having authority as a parent area of an area (block) that is a condition for activating the VM program. Further, a signature of access target information (an example of condition information) is created, for example, by a person (e.g., an electronic money service operator) having authority to save a parent area of an area (block) of a coupon accessed by the VM program.
The VM program, the activation condition information and signature, and the access target information and signature may be integrated with the signature into a single package. Here, the package with the signature according to the present embodiment will be encrypted and signed. Since the signed package is hidden and signed, the package can be safely downloaded on the market.
The activation condition information and signature and the access target information and signature correspond to metadata of the VM program.
For example, in the case of downloading a packaged VM program to the information processing apparatus 100, the information processing apparatus 100 verifies the signature and confirms that the signature is not falsified. By confirming the signature at the time of download, for example, it is not necessary to save the signature in the information processing apparatus 100. Even in the case where the capacity of the nonvolatile memory included in the information processing apparatus 100 is small, the VM program can be safely executed.
Note that the information processing apparatus 100 may confirm the signature, for example, at the time of activating the information processing apparatus 100 or at the time of executing the program. Further, security can be further enhanced by, for example, saving an electronic signature in the information processing apparatus 100 each time a program is executed and checking the saved signature by the information processing apparatus 100.
For example, by downloading the packaged VM program to the information processing apparatus 100, the state of the recording medium included in the information processing apparatus 100 is changed from the state shown in a of fig. 11 to the state shown in B of fig. 11, for example.
Fig. 12 is an explanatory diagram for explaining a first example of a use case to which the information processing method according to the present embodiment is applied. Fig. 12 illustrates an example of processing performed by the information processing system 1000 shown in fig. 1.
The reader/writer 200 transmits a mutual authentication command with respect to the service 1008 shown in fig. 11 (S200), and the processing unit 110 returns a response after performing processing according to the mutual authentication command (S202). The processing in steps S200 and S202 corresponds to mutual authentication with respect to the service 1008. Hereinafter, a case where mutual authentication is normally completed will be described as an example.
The reader/writer 200 transmits a write command for the write service 1008 (S204).
The processing unit 110 that has acquired the write command transmitted from the reader/writer 200 in step S204 makes a write access to the service 1008 with respect to the file system based on the write command (S206). Fig. 12 illustrates electronic money charging (processing for increasing the value of an electronic value) as the processing indicated in step S206.
Further, the processing unit 110 confirms the activation condition of the VM program after confirming the signature (S208), and the processing unit 110 activates the VM program if the signature is confirmed and the activation condition is satisfied (S210).
In the case where the VM program is executed and write access is made to the service 1108, the VM program confirms that, for example, the access target information includes update information of the service 1108 block. At this point, the VM program may confirm signature 2 shown in fig. 11.
The VM program makes write access to the service 1108 shown in fig. 11 (S212). In fig. 12, as the processing indicated in step S212, processing regarding coupon provision is illustrated.
The VM program confirms the condition of accessing the target information after confirming the signature, and retains the writing to the service 1108 if the signature is confirmed and the condition is satisfied (S214). For example, the VM program retains, for example, writing a coupon corresponding to writing to the service 1008 (for example, a coupon corresponding to an additional value of electronic value (so-called charged amount)). Further, the VM program transmits the processing result in step S214 to the processing unit 110 (S216). Here, in the access target information, for example, information indicating that the service 1108 is accessed and a right to write to the service 1108 are defined.
In the case where the result indicating that the write reservation is normally made is transmitted to the processing unit 110 in step S216, the file system writes the data to the nonvolatile memory (S218), and the write result is transmitted to the processing unit 110 (S220). For example, writing to service 1008 is performed by processing unit 110, and writing to service 1108 is performed by a VM program. After performing the write to the service 1108, the VM program is typically terminated.
In step S204, the processing unit 110 returns a response that has been normally processed as a response to the write command transmitted from the reader/writer 200 (S222).
For example, the VM provides the coupon by performing the process shown in FIG. 12. Note that, needless to say, the process of realizing coupon provision by the VM is not limited to the example shown in fig. 12.
[4-2] second example of use case: electronic money usage limit setting by VM
As a second example of the use case, a use case in which the electronic money usage limit is set by the VM will be described.
Fig. 13 is an explanatory diagram for explaining a second example of a use case to which the information processing method according to the present embodiment is applied. A of fig. 13 illustrates a state of the recording medium included in the information processing apparatus 100 before the VM program is installed. Further, B of fig. 13 illustrates a state of the recording medium included in the information processing apparatus 100 after the VM program has been installed.
The signature of the activation condition information (an example of the condition information) is created, for example, by a person (e.g., an electronic money trader) having authority as a parent area of the condition for activating the VM program.
The VM program and the activation condition information and signature may be integrated together with the signature into a single package. Since the signed package is hidden and signed, the package can be safely downloaded on the market.
For example, in the case of downloading a packaged VM program to the information processing apparatus 100, the information processing apparatus 100 verifies the signature and confirms that the signature is not falsified. By confirming the signature at the time of download, for example, it is not necessary to save the signature in the information processing apparatus 100. Even in the case where the capacity of the nonvolatile memory included in the information processing apparatus 100 is small, the VM program can be safely executed.
Note that the information processing apparatus 100 may confirm the signature, for example, at the time of activating the information processing apparatus 100 or at the time of executing the program. Further, security can be further enhanced by, for example, saving an electronic signature in the information processing apparatus 100 each time a program is executed and checking the saved signature by the information processing apparatus 100.
For example, by downloading the packaged VM program to the information processing apparatus 100, the state of the recording medium included in the information processing apparatus 100 is changed from the state shown in a of fig. 13 to the state shown in B of fig. 13, for example. For example, as shown in B of fig. 13, the VM program may be a program for saving data in a dedicated area of the VM program.
Fig. 14 is an explanatory diagram for explaining a second example of a use case to which the information processing method according to the present embodiment is applied. Fig. 14 illustrates an example of processing performed by the information processing system 1000 shown in fig. 1.
The reader/writer 200 transmits a mutual authentication command with respect to the service 1008 and the service 110C shown in fig. 13 (S300), and the processing unit 110 returns a response after performing processing according to the mutual authentication command (S302). The processing in steps S300 and S302 corresponds to mutual authentication with respect to the service 1008 and the service 110C, similar to the processing in steps S200 and S202 shown in fig. 12. Hereinafter, a case where mutual authentication is normally completed will be described as an example.
The reader/writer 200 transmits a write command for the write service 1008 (S304).
The processing unit 110 that has acquired the write command transmitted from the reader/writer 200 in step S304 makes a write access to the file system with respect to the service 1008 and the service 110C based on the write command (S306). In fig. 14, as the processing indicated in step S306, electronic money charging (processing for incrementing the value of electronic value) and processing for recording a log are illustrated.
Further, the processing unit 110 confirms the activation condition of the VM program after confirming the signature (S308), and activates the VM program if the signature is confirmed and the activation condition is satisfied (S310).
In the case of data reference access by the command packet, the VM program confirms whether the access target information includes the data reference information in the command packet of the service 110C. At this point, the VM program may confirm signature 2 shown in fig. 13.
The VM program writes the reduced amount of money and date of the service 110C to the data storage area of the VM program shown in fig. 13. At this time, for example, in the case of setting a daily allowance, the VM program confirms the date and the reduced amount of money in the command packet of the service 110C (S312). Then, the VM program confirms whether the subtracted amount exceeds the limit (S314), and sends the result to the processing unit 110 (S316). The quota is, for example, embedded in the VM program or recorded in a data storage area for the VM program.
In the case where it is confirmed in step S314 that the reduced amount exceeds the limit, the processing unit 110 returns an error as a response to the write command transmitted from the reader/writer 200 in step S304 (S318).
Further, in the case where it is confirmed in step S314 that the reduction amount does not exceed the limit, the file system writes data to the nonvolatile memory (S320), and the write result is transmitted to the processing unit 110 (S322). For example, writing to service 1008 is performed by processing unit 110, and writing to service 110C is performed by a VM program. After performing the write to service 110C, the VM program is typically terminated.
The processing unit 110 returns a response that has been normally processed as a response to the write command transmitted from the reader/writer 200 in step S304 (S324).
For example, by executing the processing shown in fig. 14, the electronic money usage limit is set by the VM. Note that, needless to say, the process of realizing the electronic money usage limit setting by the VM is not limited to the example shown in fig. 14.
(procedure according to the present embodiment)
A program that causes a computer system to function as the information processing apparatus according to the present embodiment (for example, a program that can realize a part or all of the functions of the processing unit 110 that performs processing according to the information processing method of the first embodiment to the processing unit 110 that performs processing according to the information processing method of the fifth embodiment) is executed by a processor or the like in the computer system, so that the convenience of a device in which a virtual machine can operate can be improved. Here, as the computer system according to the present embodiment, a single computer system or a plurality of computers is exemplified. The computer system according to the present embodiment performs a series of processes.
Further, by executing a program for causing a computer system to function as the information processing apparatus according to the present embodiment by a processor or the like in the computer system, it is possible to obtain an effect obtained by processing performed by the information processing method according to each embodiment.
The preferred embodiments of the present disclosure have been described in detail above with reference to the accompanying drawings. However, the technical scope of the present disclosure is not limited to these examples. It is apparent that those having ordinary knowledge in the technical field of the present disclosure can obtain various changes and modifications within the scope of the technical idea described in the claims. It should be understood that these variations and modifications naturally fall within the technical scope of the present disclosure.
For example, in the above, a description has been given of a program (computer program) provided to cause a computer system to function as the information processing apparatus according to the present embodiment. However, the present embodiment may also provide a recording medium storing the program.
The above-described configuration is an example of the present embodiment, and naturally falls within the technical scope of the present disclosure.
Further, the effects described in the present specification are merely illustrative and exemplary, and are not restrictive. That is, the technology according to the present disclosure may exhibit other effects apparent to those skilled in the art from the description in the present specification, or may exhibit the effects in addition to or instead of the effects described above.
Note that the following configuration belongs to the technical scope of the present disclosure.
(1) An information processing apparatus comprising:
a processing unit having a function for controlling execution of processing with respect to the virtual machine, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information including information indicating an area of a recording medium and indicating a condition for causing the virtual machine to operate, and a first electronic signature generated based on code of the virtual machine program and the condition information, and
the processing unit controls execution of processing with respect to the virtual machine based on a result of the validation of the first electronic signature associated with the virtual machine program.
(2) The information processing apparatus according to (1), wherein
Processing unit
In the case of confirming the validity of the first electronic signature, processing regarding the virtual machine can be performed, an
In a case where the validity of the first electronic signature is not confirmed, predetermined error processing is performed.
(3) The information processing apparatus according to (1) or (2), wherein
The processing regarding the virtual machine includes one or both of processing of installing the virtual machine and processing of operating the virtual machine based on the condition information.
(4) The information processing apparatus according to any one of (1) to (3), wherein
Generating a first electronic signature based on a key corresponding to the condition information, an
The processing unit confirms the first electronic signature by using a key associated with the area indicated by the condition information.
(5) The information processing apparatus according to any one of (1) to (4), wherein
The processing unit validates the first electronic signature when installing the virtual machine or after installing the virtual machine and before operating the virtual machine.
(6) The information processing apparatus according to any one of (1) to (5), wherein
In a case where a plurality of pieces of condition information are associated with a virtual machine program, a first electronic signature is generated based on code of the virtual machine program, the plurality of pieces of condition information, and degenerate keys generated based on a plurality of keys respectively corresponding to the plurality of pieces of condition information.
(7) The information processing apparatus according to any one of (1) to (5), wherein
In a case where a plurality of pieces of condition information are associated with the virtual machine program, associating the virtual machine program in which the virtual machine operates with a degenerated electronic signature generated based on a plurality of first electronic signatures respectively corresponding to the plurality of pieces of condition information, and
the processing unit controls execution of processing with respect to the virtual machine based on a result of validation of the degraded electronic signature associated with the virtual machine program.
(8) The information processing apparatus according to any one of (1) to (7), wherein
The processing unit further controls execution of processing with respect to the virtual machine based on control information for controlling execution of processing with respect to the virtual machine,
the control information is associated with a second electronic signature, an
The processing unit controls execution of processing with respect to the virtual machine based on the control information based on the confirmation result of the second electronic signature.
(9) The information processing apparatus according to (8), wherein
The processing unit confirms the second electronic signature by using a key associated with an area indicated by condition information associated with a virtual machine program to be controlled by using the control information.
(10) The information processing apparatus according to any one of (1) to (9), wherein
In a case where there is condition information indicating an area to be deleted when deleting an area of the recording medium, the processing unit does not delete the area to be deleted or performs predetermined processing with respect to a virtual machine program associated with the condition information indicating the area to be deleted.
(11) The information processing apparatus according to any one of (1) to (10), wherein
The information processing apparatus includes an IC card.
(12) An information processing apparatus comprising:
a processing unit having a function for operating the virtual machine and a function for writing data based on a write command acquired from an external device, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information that includes information indicating an area of a recording medium and indicates a condition for causing the virtual machine to operate,
in the case of acquiring a write command from an external device,
processing unit
The virtual machine is made to operate in the case where the area indicated by the parameter of the write command is the area indicated by the condition information,
it is determined whether all data writes performed based on the write command can be normally performed,
writing data based on the write command when it is determined that all data writing can be normally performed, an
Writing data not based on the write command when it is not determined that all data writing can be normally performed, an
In the case where the virtual machine operates based on the write command, the data write based on the write command includes data write performed by the virtual machine program.
(13) An information processing method performed by an information processing apparatus, the method comprising:
a step for controlling execution of a process with respect to a virtual machine, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information including information indicating an area of a recording medium and indicating a condition for causing the virtual machine to operate, and a first electronic signature generated based on code of the virtual machine program and the condition information, and
in the control step, execution of processing with respect to the virtual machine is controlled based on a result of the confirmation of the first electronic signature associated with the virtual machine program.
(14) An information processing method performed by an information processing apparatus, the method comprising:
a step for operating the virtual machine; and
a step for writing data based on a write command acquired from an external device, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information that includes information indicating an area of a recording medium and indicates a condition for causing the virtual machine to operate,
in the case of acquiring a write command from an external device,
in the step for operating the virtual machine, the virtual machine is operated in a case where the area indicated by the parameter of the write command is the area indicated by the condition information,
in the step for performing the writing, the writing is performed,
determining whether all data writing performed based on the write command can be normally performed, and writing data based on the write command when it is determined that all data writing can be normally performed;
writing data based on the write command when it is not determined that all data writing can be normally performed; and
in the case where the virtual machine operates by the step for operating the virtual machine, the data writing based on the write command includes data writing performed by the virtual machine program.
(15) A program for causing a computer to implement a function for controlling execution of processing with respect to a virtual machine, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information including information indicating an area of a recording medium and indicating a condition for causing the virtual machine to operate, and a first electronic signature generated based on code of the virtual machine program and the condition information, and
the control function controls execution of processing with respect to the virtual machine based on a result of the validation of the first electronic signature associated with the virtual machine program.
(16) A program for causing a computer to implement:
a function for operating a virtual machine; and
a function for writing data based on a write command acquired from an external device, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information that includes information indicating an area of a recording medium and indicates a condition for causing the virtual machine to operate,
in the case of acquiring a write command from an external device,
in the case where the area indicated by the parameter of the write command is the area indicated by the condition information, the function for operating the virtual machine operates the virtual machine,
function for performing writing
Determining whether all data writes performed based on the write command can be normally performed, and
writing data based on the write command when it is determined that all data writing can be normally performed;
writing data not based on the write command when it is not determined that all data writing can be normally performed, an
In the case where the function for operating the virtual machine causes the virtual machine to operate, the data write based on the write command includes a data write performed by the virtual machine program.
List of reference numerals
100 information processing apparatus
200 reader/writer
102 communication unit
104 control unit
110 processing unit
1000 information processing system
Claims (16)
1. An information processing apparatus comprising:
a processing unit having a function for controlling execution of processing with respect to the virtual machine, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information including information indicating an area of a recording medium and indicating a condition for causing the virtual machine to operate, and a first electronic signature generated based on code of the virtual machine program and the condition information, and
the processing unit controls execution of processing with respect to the virtual machine based on a result of the validation of the first electronic signature associated with the virtual machine program.
2. The information processing apparatus according to claim 1, wherein
Processing unit
In the case of confirming the validity of the first electronic signature, processing regarding the virtual machine can be performed, an
In a case where the validity of the first electronic signature is not confirmed, predetermined error processing is performed.
3. The information processing apparatus according to claim 1, wherein the processing regarding the virtual machine includes one or both of processing of installing the virtual machine and processing of operating the virtual machine based on the condition information.
4. The information processing apparatus according to claim 1, wherein
Generating a first electronic signature based on a key corresponding to the condition information, an
The processing unit confirms the first electronic signature by using a key associated with the area indicated by the condition information.
5. The information processing apparatus according to claim 1, wherein the processing unit confirms the first electronic signature when the virtual machine is installed or after the virtual machine is installed and before the virtual machine is made to operate.
6. The information processing apparatus according to claim 1, wherein in a case where a plurality of pieces of condition information are associated with the virtual machine program, the first electronic signature is generated based on code of the virtual machine program, the plurality of pieces of condition information, and a degenerate key generated based on a plurality of keys respectively corresponding to the plurality of pieces of condition information.
7. The information processing apparatus according to claim 1, wherein
In a case where a plurality of pieces of condition information are associated with the virtual machine program, associating the virtual machine program in which the virtual machine operates with a degenerated electronic signature generated based on a plurality of first electronic signatures respectively corresponding to the plurality of pieces of condition information, and
the processing unit controls execution of processing with respect to the virtual machine based on a result of validation of the degraded electronic signature associated with the virtual machine program.
8. The information processing apparatus according to claim 1, wherein
The processing unit further controls execution of processing with respect to the virtual machine based on control information for controlling execution of processing with respect to the virtual machine,
the control information is associated with a second electronic signature, an
The processing unit controls execution of processing with respect to the virtual machine based on the control information based on the confirmation result of the second electronic signature.
9. The information processing apparatus according to claim 8, wherein the processing unit confirms the second electronic signature by using a key associated with an area indicated by condition information associated with the virtual machine program to be controlled by using the control information.
10. The information processing apparatus according to claim 1, wherein in a case where condition information indicating an area to be deleted exists at the time of deletion of the area of the recording medium, the processing unit does not delete the area to be deleted, or performs predetermined processing with respect to a virtual machine program associated with the condition information indicating the area to be deleted.
11. The information processing apparatus as claimed in claim 1, wherein the information processing apparatus comprises an Integrated Circuit (IC) card.
12. An information processing apparatus comprising:
a processing unit having a function for operating the virtual machine and a function for writing data based on a write command acquired from an external device, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information that includes information indicating an area of a recording medium and indicates a condition for causing the virtual machine to operate,
in the case of acquiring a write command from an external device,
processing unit
The virtual machine is made to operate in the case where the area indicated by the parameter of the write command is the area indicated by the condition information,
it is determined whether all data writes performed based on the write command can be normally performed,
writing data based on the write command when it is determined that all data writing can be normally performed, an
Writing data not based on the write command when it is not determined that all data writing can be normally performed, an
In the case where the virtual machine operates based on the write command, the data write based on the write command includes data write performed by the virtual machine program.
13. An information processing method performed by an information processing apparatus, the method comprising:
a step for controlling execution of a process with respect to a virtual machine, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information including information indicating an area of a recording medium and indicating a condition for causing the virtual machine to operate, and a first electronic signature generated based on code of the virtual machine program and the condition information, and
in the control step, execution of processing with respect to the virtual machine is controlled based on a result of the confirmation of the first electronic signature associated with the virtual machine program.
14. An information processing method performed by an information processing apparatus, the method comprising:
a step for operating the virtual machine; and
a step for writing data based on a write command acquired from an external device, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information that includes information indicating an area of a recording medium and indicates a condition for causing the virtual machine to operate,
in the case of acquiring a write command from an external device,
in the step for operating the virtual machine, the virtual machine is operated in a case where the area indicated by the parameter of the write command is the area indicated by the condition information,
in the step for performing the writing, the writing is performed,
it is determined whether all data writes performed based on the write command can be normally performed,
writing data based on the write command when it is determined that all data writing can be normally performed;
writing data based on the write command when it is not determined that all data writing can be normally performed; and
in the case where the virtual machine operates by the step for operating the virtual machine, the data writing based on the write command includes data writing performed by the virtual machine program.
15. A program for causing a computer to implement a function for controlling execution of processing with respect to a virtual machine, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information including information indicating an area of a recording medium and indicating a condition for causing the virtual machine to operate, and a first electronic signature generated based on code of the virtual machine program and the condition information, and
the control function controls execution of processing with respect to the virtual machine based on a result of the validation of the first electronic signature associated with the virtual machine program.
16. A program for causing a computer to implement:
a function for operating a virtual machine; and
a function for writing data based on a write command acquired from an external device, wherein
A virtual machine program that causes a virtual machine to operate is associated with condition information that includes information indicating an area of a recording medium and indicates a condition for causing the virtual machine to operate,
in the case of acquiring a write command from an external device,
in the case where the area indicated by the parameter of the write command is the area indicated by the condition information, the function for operating the virtual machine operates the virtual machine,
function for performing writing
Determining whether all data writes performed based on the write command can be normally performed, and
writing data based on the write command when it is determined that all data writing can be normally performed;
writing data not based on the write command when it is not determined that all data writing can be normally performed, an
In the case where the function for operating the virtual machine causes the virtual machine to operate, the data write based on the write command includes a data write performed by the virtual machine program.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2018-020431 | 2018-02-07 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| HK40029679A true HK40029679A (en) | 2021-02-19 |
| HK40029679B HK40029679B (en) | 2024-08-02 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100449508C (en) | Data communication device and method for managing memory of data communication device | |
| US20180181416A1 (en) | Information processing apparatus, ic chip, information processing method, program, and information processing system | |
| CN109344605B (en) | Authority control method and system of intelligent POS machine | |
| EP2917828A1 (en) | Methods for providing anti-rollback protection in a device which has no internal non-volatile memory | |
| US7428992B2 (en) | Secure device and system for issuing IC cards | |
| US20170124339A1 (en) | Implementing method for javacard application function expansion | |
| US20100277279A1 (en) | Rfid privacy protection method and apparatus | |
| CN111684445B (en) | Information processing device, information processing method and program | |
| JP2019153310A (en) | Information processing apparatus, information processing method, and program | |
| US20140189223A1 (en) | Ic card, portable electronic device, and method of controlling ic card | |
| JP4993114B2 (en) | Shared management method for portable storage device and portable storage device | |
| EP1793331A1 (en) | Semiconductor memory card | |
| KR20190017041A (en) | How to manage security elements | |
| HK40029679A (en) | Information processing device, information processing method, and program | |
| EP3320437B1 (en) | Integrated circuit card adapted to transfer first data from a first application for use by a second application | |
| EP2996368B1 (en) | Mobile electronic device | |
| HK40029679B (en) | Information processing device, information processing method, and program | |
| CN112422281A (en) | Method and system for changing secret key in security module | |
| KR101663652B1 (en) | Method for reading card information in a terminal having a function of care reader | |
| US20210176629A1 (en) | Access control for near field communication functions | |
| CN120602944A (en) | A machine-card binding method, terminal device and computer-readable storage medium | |
| JP5875772B2 (en) | Portable electronic device, control method for portable electronic device, and processing system for portable electronic device | |
| CN118246040A (en) | Protection of electronic devices | |
| HK40029787A (en) | Information processing device and information processing system | |
| JP2018116724A (en) | Portable electronic device |