JP4185715B2 - IC card and IC card program - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to an IC card capable of registering a plurality of applications, and an IC card program that executes a CPU so that the registered applications use the hardware of the IC card.
[0002]
[Prior art]
Operating systems (hereinafter, “operating system” is referred to as “OS”) mounted on a conventional IC card can be classified into the following two types. One is a single application OS that allows a single application to be used with an IC card, and the other is a multi-application OS that allows a plurality of applications to be used.
A single application IC card equipped with a single application OS is stored in a read-only memory (ROM) in which most programs cannot be rewritten, and is in a memory area of a readable / rewritable nonvolatile memory (EEPROM). Most of them are used as areas for storing data. Therefore, in a single application IC card, an EEPROM having a high cost per capacity does not require a large capacity, and the chip price is low, so the IC card price is low.
[0003]
On the other hand, a multi-application IC card equipped with a multi-application OS such as a MULTIS card or JAVA card (“JAVA” is a registered trademark) stores a plurality of applications including programs and data in an EEPROM, and has a unique function with a user-specific function. Since the program can be registered, it is very convenient. Note that registration means storing so that it can be used, and does not include temporary storage for authentication or the like.
[0004]
[Problems to be solved by the invention]
However, the single application IC card and the multi-application IC card have the following problems.
Since the single application IC card cannot register a plurality of applications, there is a problem in that it lacks expandability and convenience.
[0005]
On the other hand, since a multi-application IC card stores a plurality of applications in an EEPROM having a high cost per capacity, it is necessary to provide an EEPROM having a capacity larger than that of a single application IC card, resulting in a high IC card price. was there.
Further, since the multi-application IC card is stored in the EEPROM for each application, even if the same program code is included in different applications, it must be individually stored in the EEPROM as a function of each application. It is very uneconomical.
[0006]
An object of the present invention is to provide an IC card and an IC card program that have the advantages of a single application IC card and a multi-application IC card, that is, can reduce manufacturing costs and are highly convenient.
[0007]
[Means for Solving the Problems]
The present invention solves the above problems by the following means. In addition, in order to make an understanding easy, although the code | symbol corresponding to embodiment of this invention is attached | subjected and demonstrated, it is not limited to this. That is, the invention of claim 1 is common to a plurality of applications. And run within each application A common program, which is a program, stores a read-only non-volatile first storage unit (15), a memory area is allocated to a program area (17p), and a data area (17d), and each application A rewritable non-volatile second storage unit (17-2) for storing the unique program, which is a unique program, in the program area and the application data in the data area in association with each other, the common program, An IC card capable of registering a plurality of applications including the unique program and the application data, and a registration request receiving means for receiving a unique program registration request including the unique program or an application data registration request including the application data. 11) and the registration request Registration request information writing means for writing the own program or application data received by the signal means in a predetermined area of the second storage section (148) Application identification information for identifying the application based on the unique program or the application data written in the predetermined area of the second storage unit by the registration request information writing means, unique program identification information, and Management information creating means for creating management information including location information indicating the location where the unique program is stored; IC card (1-2) characterized by
[0008]
According to a second aspect of the present invention, in the IC card according to the first aspect, any application data stored in the second storage unit or any application data received by the registration request receiving unit is stored. Association information receiving means (11) for receiving association information indicating whether to associate with an original program, and association validity determining means (147) for determining whether or not the association information received by the association information receiving means is valid. The IC card (1-2) is characterized in that the registration request information writing means writes data when it is determined affirmative by the association validity determining means.
[0009]
According to a third aspect of the present invention, in the IC card according to the second aspect, the second storage unit stores application identification information, a unique program stored in the program area included in the same application, and the data The IC card (1-2) is characterized in that it is stored in association with application data stored in an area, and the association information receiving means receives the application identification information as association information.
[0010]
According to a fourth aspect of the present invention, in the IC card according to the third aspect, whether or not the same application identification information as the application identification information received by the association information receiving means is stored in the second storage unit. A registration determination unit (144) for determining, and an association validity authentication information receiving unit (11) for receiving association validity authentication information corresponding to the association information received by the association information receiving unit; The sex determination means, when it is determined by the registered determination means that it is stored, registration association validity authentication information corresponding to the same application identification information stored in the second storage unit, It is determined by collating with the associated validity authentication information received by the associated validity authentication information receiving means. Performing the an IC card (1-2), characterized in.
[0011]
The invention of claim 5 is the IC card according to any one of claims 1 to 4, wherein the original program or application data received by the registration request receiving means is valid. Registration request information validity determining means (146) for determining the registration request information, and the registration request information writing means performs writing when the registration request information validity determining means determines affirmative. IC card (1-2).
[0012]
According to a sixth aspect of the present invention, in the IC card according to any one of the first to fifth aspects, the second storage unit is an area indicating a free capacity of the program area and / or the data area. The IC card (1-2) is characterized by storing free space information and / or writing position information indicating a position where the registration request information writing means writes a unique program or application data.
[0013]
The invention of claim 7 is common to a plurality of applications. And run within each application A common program, which is a program, stores a read-only non-volatile first storage unit (15), a memory area is allocated to a program area (17p), and a data area (17d), and each application A rewritable nonvolatile second storage unit (17-2) for storing a unique program, which is a unique program, in the program area and application data in the data area in association with each other; A CPU (14) for executing a program stored in the second storage unit, and an application to an IC card capable of registering a plurality of applications including the common program, the unique program, and the application data. An IC card program that is executed by the CPU for registration. A registration request receiving procedure (S209, S306) for receiving a unique program registration request including a unique program or an application data registration request including application data, and the unique program or the application data received in the registration request receiving procedure. Registration request information writing procedure (S210, S307) to be written in a predetermined area of the second storage unit Application identification information for identifying the application based on the unique program or the application data written in a predetermined area of the second storage unit by the registration request information writing procedure, unique program identification information, and A management information creation procedure (S213) for creating management information including location information indicating a location where the unique program is stored; Is an IC card program characterized by
[0014]
The invention according to claim 8 is the IC card program according to claim 7, wherein any application data or any application data stored in the second storage unit is received in the registration request receiving procedure. Association information reception procedure (S203, S303) for receiving association information indicating whether to associate with an original program, and association for receiving association validity authentication information for authenticating the validity of association information received in the association information reception procedure The validity authentication information receiving procedure (S203, S303) and whether or not the association information received in the association information receiving procedure is valid based on the association validity authentication information received in the association validity authentication information receiving procedure. Association validity determination procedure for determination (S2 5, S305) and wherein the registration request information writing procedure to be executed when it is determined to be valid in the associated validity determining step, an IC card program characterized.
[0015]
The invention according to claim 9 is the registration request information for determining whether the original program or application data received in the registration request receiving procedure is valid in the IC card program according to claim 7 or claim 8. An IC card program comprising a legitimacy determination procedure (S202, S302), wherein the registration request information writing procedure is executed when it is determined to be legitimate in the registration request information legitimacy determination procedure It is.
[0016]
DETAILED DESCRIPTION OF THE INVENTION
Hereinafter, embodiments of the present invention will be described in more detail with reference to the drawings.
(First embodiment)
FIG. 1 is a diagram for explaining a first embodiment of an IC card according to the present invention. FIG. 1A is a front view, FIG. 1B and FIG. FIG.
As shown in FIG. 1, the IC card 1 includes a contact type IC chip 10. The IC card 1 registers a plurality of applications that receive power from a contact reader / writer (hereinafter referred to as “R / W”), which is an external device (not shown), and perform communication. Is a multi-application IC card capable of When the IC card 1 receives from the R / W a command that is an instruction requesting execution of a predetermined program, the IC card 1 interprets and executes the command, and transmits the result to the R / W as a response.
[0017]
An application is a software program created according to a business or the like to realize a user's purpose, and is mainly a program part that is a part of a program code and application data that is information necessary for executing the program part. Including. The program unit includes a common program and a user program, and the user program is a unique program in each application, such as a program that performs processing corresponding to a unique command arbitrarily defined by the user. The user is a bank, a card company, or the like that performs business using an application registered in the IC card 1.
[0018]
In the case of a single application, in most cases, a software program is recorded in a readable non-volatile memory. In the case of a multi-application, a plurality of software programs are recorded in an EEPROM in order to realize different purposes.
Even software programs created to achieve different purposes often have several functions in common, such as a function for reading data and a function for collating passwords. In recent years, in particular, the number of cases where standards are established between industries has increased, and programs (common programs) that can be shared by business types have increased.
On the other hand, in addition to industry standards, a company-specific program (user program) is increasingly required in order to differentiate between the same industries.
[0019]
The common program is, for example, a program for analyzing a command received from the R / W, a program for transmitting data to the R / W, a program for writing a user program code in the nonvolatile memory 17, data reading / writing, password verification, etc. A program that can be used in common by a plurality of applications registered in the IC card 1, such as a program that performs processing corresponding to a command standardized by ISO 7816.
[0020]
The IC chip 10 includes, on the card surface, a contact terminal 11 that is a communication unit that transmits and receives signals and power, a transmission / reception circuit 12 that controls communication with the R / W, and a microprocessor 13.
The microprocessor 13 includes a CPU 14, three memories 15, 16, 17 and the like. The CPU 14 performs overall control of the IC card 1 by executing a program stored in the memory, and realizes an application selection unit 141, a validity determination unit 142, and a program execution unit 143.
[0021]
The application selection unit 141 executes application selection in response to the application selection request received from the R / W. The selection of an application is to hold identification information for identifying a file including application data specified by an application selection request in the RAM 16 and set an access target of a command such as a current file.
When the legitimacy determination unit 142 receives a command that is a program execution request from the R / W, the legitimacy that allows the application selected by the application selection unit 141 to access the execution of the program corresponding to the command. It is determined whether the application is a simple application.
The program execution unit 143 executes a user program or a common program corresponding to the command when the validity determination unit 142 determines that the application is a valid application.
[0022]
Each of the three memories is a read-only ROM 15 that is a non-volatile memory in which data is not erased even when the power is turned off, and can be read and rewritten. The volatile data that is erased when the power is turned off. This is a nonvolatile memory 17 that can read and rewrite RAM 16, EPROM, EEPROM, and the like, which are memories. In this embodiment, the memory capacity of the ROM 15 is 16 Kbytes, the RAM 16 is 1 Kbyte, and the nonvolatile memory 17 is 8 Kbytes.
[0023]
The ROM 15 stores functions (programs) necessary for the operation of the IC card 1 such as an OS and an execution environment stored when the IC chip is manufactured. The ROM 15 stores one common program for each type. This common program can be used by all applications.
The RAM 16 is a work area of the CPU 14 in which information necessary for operating the OS is sequentially written, and no program or the like is stored therein.
The nonvolatile memory 17 stores user programs, application data, and the like.
[0024]
FIG. 2 is a memory structure diagram of a rewritable nonvolatile memory.
As shown in FIG. 2, the memory area of the non-volatile memory 17 is allocated to a use-prohibited area that cannot be used by the user, a data area 17d that can be used by the user, and a program area 17p under the management of the OS. Yes. Application data and user programs are stored in the data area 17d and the program area 17p, respectively. In the present embodiment, the area that can be used by the user in the non-volatile memory 17 is an area whose address is “0100H to 1FFFH”, the program area 17p is “0100H to 0FFFH”, and the data area 17d is “1000H to 1FFFH”. Assigned.
[0025]
FIG. 3 is a memory structure diagram showing a data area of a rewritable nonvolatile memory.
As shown in FIG. 3, information is stored in the data area 17d of the nonvolatile memory 17 so as to form a hierarchical structure. A dedicated file DF (Dedicated File) is normally set for each application. The nonvolatile memory 17 stores application data in association with this dedicated file.
[0026]
The dedicated file stores DF identification information for identifying at least other dedicated files stored in the IC card 1 as attached information. The DF identification information includes a dedicated file name and an application ID. The dedicated file name is a value indicating the name of the application, and the user sets a value of 1 to 16 bytes. The application ID is information for identifying at least one application from other applications stored in the IC card 1 under the management of the OS, and is provided for each type of application. The application ID setting method is arbitrary.
[0027]
FIG. 4 is a diagram for explaining the DF identification information.
As shown in FIG. 4A, the application A of user A and the application B of user B are registered in the IC card 1, and a dedicated file for application A is stored in the data area of the nonvolatile memory 17. And a dedicated file for application B is stored.
[0028]
For example, the application IDs of a plurality of dedicated files (DF1, DF2, DF3) included in the application A such as dedicated files corresponding to a plurality of stores included in the point card application are “A0” indicating the application A. . DF1, DF2, and DF3 have DF identification information “APA1A0”, “APA2A0”, and “APA3A0”, respectively, and store application data used in processing of application A such as points for each store.
[0029]
The application IDs of the plurality of dedicated files (DF4, DF5) included in the application B are “B0” indicating the application B. DF4 and DF5 have DF identification information “APB1B0” and “APB2B0”, respectively, and store application data used in processing of application B. In this embodiment, the application ID is 1 byte. However, the application ID is not limited to this, and may be 2 bytes or more, and the data size is arbitrary.
[0030]
As shown in FIG. 4B, when company A wants to register a plurality of different types of applications such as a point card application A and a credit application AA in the IC card 1, for example, Dedicated files for use separately are created, and different application IDs “A0” and “A1” are set respectively. From the difference in the application ID, the CPU 14 under the processing of the OS recognizes the application A and the application AA as different applications.
[0031]
Next, the program area of the rewritable nonvolatile memory will be described.
5 and 6 are memory structure diagrams showing program areas of a rewritable nonvolatile memory.
As shown in FIG. 5, the program area 17p is divided into an INDEX area 17pi and a program code area 17pc. The INDEX area 17pi contains INDEX information, and the program code area 17pc contains program code that is the main body of the user program. The number (n) of user programs is stored in association with each other.
The INDEX information includes a user program identifier (2 bytes) for identifying one user program from at least another user program in the IC card 1, a program address (2 bytes) indicating a location where the program code is stored, an application ID ( Management information including 1 byte).
[0032]
The application ID in the INDEX information is identification information for identifying at least one application from other applications registered in the IC card 1, and is provided for each type of application as with the DF identification information. . The user program is executed only in the application indicated by the application ID. In other words, the validity determination unit 142 compares the application ID included in the application identification information indicating the selected application with the application ID included in the INDEX information before executing the user program, and executes the program only when they match. The unit 143 executes a user program.
[0033]
For example, when the application ID indicating the selected application is “A0”, the program execution unit 143 executes only the user program whose application ID included in the INDEX information is “A0”. The program execution unit 143 does not execute a user program whose application ID included in the INDEX information has different values such as “01” and “20”.
In the program code area 17pc, the user program code body is stored from the designated address, and this head address is included in the INDEX information.
[0034]
As shown in FIG. 6, in the program area 17p, a user program CA that performs processing corresponding to the unique command of the application A stored in the data area 17d and a user program that performs processing corresponding to the unique command of the application B are stored. CB is stored. The INDEX information of the user program CA is “00CA020001”, and “00CA”, “0200”, and “01” are the user program identifier, the start address of the program code, and the application ID, respectively. This INDEX information indicates that the program code of the user program CA is stored from the address 200 of the nonvolatile memory 17 and the user program CA is executed only in the application A indicated by the application identifier “01”.
[0035]
Similarly, in the INDEX information “00CB060002” of the user program CB, the program code of the user program CB is stored from the address 600 of the nonvolatile memory 17, and the user program CB is executed only in the application B indicated by the application identifier “02”. It is shown that.
[0036]
FIG. 7 is a memory structure diagram for explaining the mutual relationship between the dedicated file and the user program.
As shown in FIG. 7, the data area 17d stores three dedicated files: an application A dedicated file, an application B dedicated file, and an application C dedicated file. The program area 17p is executed by each of these applications. User programs A, B and C to be executed are stored. As described above, the dedicated file and the user program are associated with each other by the application ID included in the DF identification information and the application ID included in the INDEX information of the user program.
[0037]
8 and 9 are diagrams for explaining the issue of an IC card according to the present invention. A process in which the card issuer registers services A and B, which are two applications, in response to a request from company A and company B in IC card 1 and issues IC card 1 will be described. The programs included in the service A are a common program for performing processing corresponding to a common command such as READ and WRITE, and a user program A for performing processing corresponding to a unique command of the service A, and a service B The programs included in are a common program and a user program B for performing processing corresponding to the unique command of service B.
[0038]
First, as shown in FIGS. 8 and 9, the card issuer transmits the user program A and the user program B to the non-volatile memory by transmitting a predetermined dedicated command for registering the user program from the R / W to the IC card 1. 17 is registered. By this registration, INDEX information and program codes of the user program A and the user program B are stored in the program area 17p.
[0039]
Next, the card issuer transmits a common command from the R / W to the IC card 1 to convert the user program A and the data file A1 in which application data used by the common program is stored into a dedicated file for the application A ( The DF name is APPA.) And is formed in the data area 17d of the nonvolatile memory 17. Similarly, the card issuer forms the data file A2 in the data area 17d in association with the dedicated file for application B (DF name is APPB), and issues the IC card 1. Note that the INDEX information and the application ID included in the data file may be set in advance before application registration, or may be assigned after the IC card 1 receives registration information such as a user program.
[0040]
FIG. 10 is a flowchart showing the operation of the IC card according to the present invention and the first embodiment of the IC card program according to the present invention. Note that two applications of service A and service B are registered in the IC card 1.
In step 100 (hereinafter, “step” is referred to as “S”), the cardholder inserts the IC card 1 into a predetermined R / W capable of operating the service A.
[0041]
In S101, the IC card 1 performs a start process. Specifically, the IC card 1 communicates with the R / W, is activated, and can receive a command from the R / W. Further, the IC card 1 receives a command for selecting the service A from the R / W, and the application selection unit 141 stores the data of the DF name “APPA” and the application ID “01” in the RAM 16 to thereby provide the service A Is selected (S102).
[0042]
In S <b> 103, the IC card 1 receives a command “00CA01234456789ABCDEF” in a predetermined format from the R / W. The format of the command in this embodiment is a configuration of a 2-byte long user program identifier and 8-byte long data (the length is arbitrary).
The validity determination unit 142 searches the INDEX information for the received 2-byte user program identifier “00CA” and determines whether there is a user program having the same user program identifier.
In the present embodiment, since the user program identifier of the user program A stored in the program area of the nonvolatile memory 17 is “00CA”, the validity determination unit 142 determines positive.
[0043]
Next, the validity determination unit 142 determines whether or not the application ID included in the INDEX information of the user program A matches the application ID indicating the application selected in S101 (S105). Since both are “01”, the validity determination unit 142 determines that the result is positive, and the program execution unit 143 executes the user program A with reference to the program code head address in the INDEX information (S106). The result is transmitted as a response to the R / W (S110), and the process is terminated (S111).
[0044]
On the other hand, when it is determined NO in S104, the validity determination unit 142 searches the ROM 15 and determines whether there is a common program with the matching user program identifier (S107). If there is a matching common program, the program execution unit 143 executes the common program (S109), and if there is no matching common program, an error occurs (S108), and the IC card 1 Is transmitted to the R / W as a response (S110), and the process is terminated (S111).
[0045]
If the application IDs do not match in S105, for example, if the service B whose application ID is “02” is selected in S101, the IC card 1 determines whether there is a common program that matches the user program identifier. Is determined (S107). If there is a matching common program, the program execution unit 143 executes the common program (S109), and if there is no matching common program, an error occurs (S108), and the IC card 1 Is transmitted to the R / W as a response (S110), and the process is terminated (S111).
[0046]
According to the present embodiment, the IC card 1 stores a user program and application data in the nonvolatile memory 17 and registers a plurality of applications by storing a common program in the ROM 15. In comparison, it is possible to reduce the manufacturing cost while keeping the capacity of the nonvolatile memory 17 low and maintaining high convenience.
Further, by storing one common program for each type, it is not necessary to store the common program for each application, so that the capacity of the entire memory can be suppressed and the manufacturing cost can be reduced.
Furthermore, since the IC card 1 registers the common program, the user program and the application data separately, it is possible to improve versatility and improve convenience.
[0047]
Further, the validity determination unit 142 compares the application identification information included in the INDEX information of the user program corresponding to the command received from the R / W with the application identification information indicating the selected application, and compares the application identification information with the legitimate application. Therefore, it is possible to prevent execution of a user program by an unauthorized application without access authority and improve security.
[0048]
(Second Embodiment)
FIG. 11 is a diagram for explaining a second embodiment of the IC card according to the present invention, where FIG. 11A is a front view, FIG. 11B and FIG. 11C are the inside of the IC chip and the CPU. FIG.
In addition, the same code | symbol is attached | subjected to the part which fulfill | performs the same function as 1st Embodiment mentioned above, and the overlapping description is abbreviate | omitted suitably.
As shown in FIG. 11, the IC card 1-2 in the second embodiment includes a CPU 14-2 and a rewritable nonvolatile memory 17-2. The cardholder can register the application provided by the user in the IC card 1-2 by inserting the IC card 1-2 into the R / W of the writing device which is an external device (not shown). The writing device includes a user program or application data, and transmits a registration command, which is a registration request for requesting registration of the user program or application data to the IC card 1-2, to the IC card 1-2. Registers applications including user programs and application data.
[0049]
The CPU 14-2 includes a registered determination unit 144, a capacity determination unit 145, a registration request information validity determination unit 146, an association validity determination unit 147, and a registration request information writing unit 148. The CPU 14-2 implements these units by executing programs such as an OS stored in the ROM 15 and the nonvolatile memory 17-2.
When the registered determination unit 144 receives a second authentication command (described later) including an application ID from the R / W, whether or not the same application ID as the application ID is registered in the nonvolatile memory 17-2. A registered determination process is performed to determine whether or not.
[0050]
The capacity determination unit 145 determines whether or not the program area 17p or the data area 17d of the non-volatile memory 17-2 has a free capacity for writing the user program or application data received from the R / W. A capacity determination process is performed by determining the amount of user program or application data against the free capacity stored in the nonvolatile memory 17-2. In the present embodiment, the capacity determination unit 145 includes a data amount of the user program or application data, and performs processing when a capacity determination command that is a capacity determination request for requesting execution of this process is received from the writing device.
[0051]
The registration request information validity determination unit 146 determines whether or not the transmission source of the registration request password such as a writing device has the authority to register registration request information such as a user program or application data, that is, the registration request information is valid. The registration request information validity determination process is performed by comparing the registration request password received as to whether or not the password is registered with the registration authority authentication information stored in the nonvolatile memory 17-2.
In the present embodiment, the registration request information validity determination unit 146 includes a registration request password and receives a first authentication command, which is a registration request information validity determination request for requesting execution of this process, from the writing device. This process is performed. When the registration request information validity determination unit 146 determines that the registration request information is correct, the IC card 1-2 sets a flag indicating that the registration authority has been authenticated.
[0052]
The association validity determination unit 147 determines whether the transmission source of the application ID and ID usage password of the writing device or the like can use this application ID properly, and the received ID usage password and the nonvolatile memory 17. It is determined by collating with the ID registration password stored in. In other words, the association validity determination unit 147 makes this determination so that the received application ID includes the user program or application data included in the registration request and the application data or program stored in the nonvolatile memory 17-2. An association validity determination process for determining whether or not the user program stored in the area 17p should be associated is performed.
[0053]
In the present embodiment, the association validity determination unit 147 receives the second authentication command that is an association validity determination request that includes the application ID and the ID use password and requests execution of this process from the writing device, and has been registered. If the determination unit 144 determines positive, the process is performed. When the association validity determination unit 147 determines that the association is valid or when the registered determination unit 144 determines that the determination is negative, the IC card 1-2 sets a flag indicating that the received application ID has been authenticated. Stand up.
[0054]
The registration request information writing unit 148 receives a registration command including a user program or application data, and has a flag indicating that the registration authority is authenticated and a flag indicating that the application ID is authenticated. When both are standing, a registration request information writing process for writing the user program or application data, which is registration request information included in the registration command, into the program code area 17pc or the data area 17d of the nonvolatile memory 17-2 is performed.
[0055]
FIG. 12 is a memory structure diagram of a rewritable nonvolatile memory.
As shown in FIG. 12, the memory area of the nonvolatile memory 17-2 in the second embodiment includes a system area 17s for storing information necessary for OS processing, information necessary for card operation, and data The area 17d and the program area 17p are allocated under the management of the OS.
In this embodiment, as shown in FIG. 12B, the system area 17s is assigned to “0000H to 05FFH”, the program area 17p is assigned to “0600H to 13FFH”, and the data area 17d is assigned to “1400H to 1FFFH”. ing.
[0056]
As shown in FIG. 13, in the data area 17d, DF1 and DF2 storing DF identification information as attached information, and data files 1-1, 1- 1 storing application data under the dedicated file. 2, 2-1 and 2-2 are stored. The application registered in the IC card 1-2 is defined by the DF, and the application selection unit 141 selects the application to be executed by selecting the DF defining the application by the application selection request.
[0057]
FIG. 14 is a memory structure diagram showing a system area of a rewritable nonvolatile memory according to the second embodiment.
As shown in FIG. 14, the system area 17s contains OS management information (D10), registration authority authentication information (D21), and first unsuccessful count (D22), which are basic information necessary for the OS to operate. Management information including registration authentication management information (D20) including the application ID (D31), ID registration password (D32), and AC authentication information (D30) including the second unsuccessful count (D33) is concealedly stored. Yes. The system area 17s stores a program area free space (D41) and a next user program registration address (D42).
[0058]
The registration authority authentication information (D21) is reference information that is collated with the registration request password in the registration request information validity determination process by the registration request information validity determination unit 146.
The first unsuccessful count (D22) is the number of times that re-authentication can be requested even if the authentication based on the registration authority authentication information (D21) is unsuccessful, and the determination result of the registration request information validity determining unit 146 1 is subtracted when the answer is NO. When the number of unsuccessful times is “0”, the IC card 1-2 is in a closed state where authentication is not accepted.
The AC authentication information (D30) is information in which the ID registration password (D32) and the number of unsuccessful attempts (D33) are associated with each application ID (D31) of the application registered in the IC card 1-2. This is association management information for managing authentication of ID (D31).
[0059]
The ID registration password (D32) is registration association validity authentication information that is collated with an ID use password that is association validity authentication information in the association validity determination processing of the association validity determination unit 147, and is a writing device or the like. ID usage authority authentication information for authenticating that the transmission source of the ID usage password is an authorized user of the application ID (D31). The ID registration password (D32) registered in the IC card 1-2 is, for example, a password that only a user who can use the application indicated by the application ID (D31) can know.
Similar to the first unsuccessful count (D22), the second unsuccessful count (D33) is the number of times that re-authentication can be requested even if the authentication based on the ID registration password (D32) is unsuccessful.
[0060]
The area free capacity (D41) indicates the free capacity of the INDEX area 17pi, the program code area 17pc, and the data area 17d, and the registration request information writing unit 148 writes the user program in the program area 17pc for the next load address (D42). The head address of the empty area and the head address of the empty area where application data is written in the data area 17d are shown.
[0061]
Next, the operation of the IC card 1-2 when registering an application will be described.
FIG. 15 is a flowchart showing the operation of the IC card according to the second embodiment of the present invention and the second embodiment of the IC card program according to the present invention, and the user program registration process for registering the user program in the IC card 1-2. Is shown.
16 is a memory structure diagram of the rewritable nonvolatile memory before the user program registration process. FIGS. 17 and 18 are a system area 17s and a program area before, during, and after the user program registration process. It is a memory structure figure showing 17p.
[0062]
Hereinafter, the application A (application ID is “01”, the DF name of the DF storing the application data is “APPA”) and the application B (application ID are the application IDs) of the A company and the B company on the IC card 1-2. The case of registering “02” and DF name “APPB”) will be described focusing on the processing of the IC card 1-2.
Note that the user program identifier of the user program included in application A is “CA00”, the capacity of the user program is 512 bytes, the user program identifier of the user program included in application B is “CB00”, and the capacity is 512 bytes. .
[0063]
First, the initial state of the IC card 1-2 in S200 of the user program registration process shown in FIG. 15 will be described.
In the IC card 1-2, a predetermined common program common to a plurality of applications such as the application A and the application B is stored in the ROM 15 in S200.
As shown in FIGS. 16 and 17A, in the initial state of the IC card 1-2, the memory area of the nonvolatile memory 17-2 is allocated to the system area 17s, the program area 17p, and the data area 17d, The area 17s stores OS management information (D10), registration authentication management information (D20) including registration authority authentication information “1234567” (D22), area free capacity (D41), and next load address (D42) “0800H”. The AC authentication information (D30) is unregistered.
[0064]
The registration authority authentication information (D21) of the registration authentication management information (D20) is set to “01234567”, and the first unsuccessful number (D22) and the second unsuccessful number (D33) are set to three times. The area free space (D41) is 512 bytes for the INDEX area 17pi, 3072 bytes for the program code area 17pc, and the next load address is “0800H”.
As shown in FIG. 18A, the program area 17p is a state in which no user program is registered in the program INDEX area 17pi and the program code area 17pc, and as shown in FIG. 16, the data area 17d contains application data. The DF to be stored is in an unregistered state.
[0065]
A user program registration process for registering the user program included in the application A in the IC card 1-2 will be described with reference to FIG.
In S201, the IC card 1-2 receives the first authentication command from the R / W of the writing device. The registration request information validity determination unit 146 of the IC card 1-2 performs registration request information validity determination processing (S202). If the registration request password received in S201 is other than “1234567” and the registration request information validity determination unit 146 determines NO, the IC card 1-2 transmits an error response to the R / W. The first unsuccessful count is decremented by 1 (S216), the registration request password is received again (S201), and the same processing is repeated (S202).
[0066]
On the other hand, when it determines with affirmation, IC card 1-2 transmits the response which shows that, and receives the 2nd authentication command containing application ID and an ID utilization password (S203). The registered determination unit 144 performs a registered determination process, and determines whether or not the same application ID “01” received is registered in the system area 17s of the nonvolatile memory 17-2 (S204). The registered determination unit 144 determines that the application ID of the AC authentication information is unregistered in the system area 17s, so that the IC card 1-2 determines that the application ID (D31) and the ID registration password ( D32) (ID use password) is registered in the system area 17s (S218), a message to that effect is sent, and the process proceeds to S206.
[0067]
In S204, when the application ID “01” is already registered in the system area 17s and the determination is affirmative, the association validity determination unit 147 of the IC card 1-2 performs an association validity determination process (S205). ). If it is determined NO in this process, the IC card 1-2 transmits an error response, decrements the second unsuccessful count by 1 (S217), and repeats the same process (S203). To S205).
[0068]
When it is determined positive in S205 and when it is determined negative in S204, the IC card 1-2 receives a capacity determination command including the number of bytes of the user program (S206). The capacity determination unit 145 refers to the area free capacity (D41), and performs capacity determination processing for determining whether or not there is a space (5 bytes) in which the INDEX information is written in the INDEX area 17pi (S207). Since the free capacity of the INDEX area 17pi is 512 bytes, the capacity determination unit 145 determines affirmatively, and similarly performs capacity determination processing for the number of bytes (512 bytes) of the user program received in S206 (S208). Since the free space in the program area of the system area 17s is 3072 bytes, the capacity determination unit 145 determines affirmative and the IC card 1-2 transmits a response to that effect.
[0069]
If the capacity determination unit 145 determines NO in S207 or S208, the IC card 1-2 transmits an error response (S219), and ends the process.
In S209, the IC card 1-2 receives the registration command including the user program and the user program identifier “CA00”, and the registration request information writing unit 148 performs a registration request information writing process, and the user program is programmed. Write from the next load address (D42) of the code area 17pc (S210). If this writing is outside the program code area 17pc, the IC card 1-2 transmits an error response (S219) and ends the process (S215).
[0070]
When the writing is normally completed, the IC card 1-2 transmits a response indicating that and creates the INDEX information “00CA080001” in the INDEX area 17pi (S213). The IC card 1-2 updates the area free space (D41) and the next load address (D42) stored in the nonvolatile memory 17-2 (S214), and ends the user program registration process (S215). In this embodiment, the updated INDEX area free space (D41) is 507 bytes, the program code space free space (D41) is 2560 bytes, and the next load address (D42) is “0A00H” [FIG. 17 (b)].
[0071]
Similarly, the user program “00CB” included in the application B is also registered in the IC card 1-2. When registering this user program, the application ID “01” has already been registered in the system area 17s, but since it is different from the application ID “02” of the user program included in the application B, the IC card 1- 2 performs the same processing.
After the registration of the user program “00CB”, as shown in FIGS. 17C and 18C, the INDEX area free capacity (D41) is 502 bytes, and the program code area free capacity (D41) is 2048. The byte and next load address (D42) are “0C00H”, and two application IDs “01” and “02” and two user programs “00CA” and “00CB” are stored in the program area 17p of the nonvolatile memory 17-2. ] And INDEX information are registered.
[0072]
Next, a user program (identifier is “00DC”, data amount is 1 Kbyte) included in application C of company A (application ID is “01”) is additionally registered from the next load address (“0C00H” (D42)) Will be described.
The flow of registration is the same as the processing related to the user program “00CA” described above, but the operation corresponding to the second authentication command is partially different, and this point will be described with reference to FIG.
[0073]
In S200, S201, and S202, the IC card 1-2 performs the same processing as that of the user program “00CA” described above. In S203, the IC card 1-2 receives the second authentication command including the application ID “01” and the ID use password. The registered determination unit 144 determines that the same application ID “01” as received is registered in the system area 17s of the nonvolatile memory 17-2 [see S204, FIG. 17 (c)].
[0074]
The association validity determination unit 147 collates the ID use password received in S203 with the ID registration password (D32) corresponding to the application ID “01” stored in the system area 17s [see FIG. 17 (c)]. ]. In this case, if the ID use password received in S203 is “11111111”, the validity of the association is authenticated, and if the password is other than “11111111”, for example “00000000”, the authentication is not performed (S217). When the IC card 1-2 is authenticated, the IC card 1-2 performs the same processing as the user program “00CA” (S206 to S215).
[0075]
FIG. 19 is a flowchart showing the operation of the second embodiment of the IC card according to the present invention and the second embodiment of the IC card program according to the present invention, and an application data registration process for registering application data in the IC card 1-2. Is shown.
In S301 to S305 and S310 to S312, the IC card 1-2 performs the same processing as S201 to S205 and S216 to S218 of the user program registration processing.
In S306, the IC card 1-2 receives a registration command including application data, and the registration request information writing unit 148 performs a registration request information writing process, and the application data is stored in the next load address (in the data area 17d ( D42), a dedicated file and a data file are generated under this dedicated file (S307). The IC card 1-2 updates the area free capacity (D41) and the next load address (D42) stored in the nonvolatile memory 17-2 (S308), and ends the application data registration process (S309).
[0076]
FIG. 20 is a memory structure diagram showing each area of the nonvolatile memory 17-2 after user program registration processing and application data registration processing (after application registration).
As shown in FIG. 20, the application area DF and the application B DF registered by the application data registration process are stored in the data area 17d.
For convenience of explanation, the registration of the user program of application A, the user program of application B, the application data of application A, and the application data of application B are described in order, but the order of registration is not limited to this. For example, the user program of application A may be registered after application data of application A is registered.
[0077]
According to the present embodiment, in addition to the effects of the first embodiment, the IC card 1-2 performs application registration by performing communication in units of unique programs and units of application data. As a result, communication safety and convenience can be improved.
Further, the IC card 1-2 includes an association validity determining unit 147 that determines whether or not the received application ID as the association information is valid, and a user program or application data for which registration is requested is valid. Therefore, it is possible to register the application while maintaining high security.
[0078]
Furthermore, since the IC card 1-2 stores the free capacity (D41) and the next load address (D42) in the system area 17s of the nonvolatile memory 17-2, the process for checking and writing the free capacity is simplified. As a result, the processing speed can be improved. Further, since the IC card 1-2 stores the number of unsuccessful attempts (D22, D33) in the system area 17s, it is possible to further improve the security. Furthermore, since the user program and application data can be individually registered, for example, even when a point conversion user program is added in the point application, it is not necessary to newly register the entire application. In addition to improving the versatility of existing applications, it has become possible to improve convenience.
[0079]
(Deformation)
The present invention is not limited to the embodiment described above, and various modifications and changes are possible, and these are also within the equivalent scope of the present invention. For example, in the present embodiment, the IC card 1 includes the contact IC chip 10, but is not limited thereto, and may be a non-contact IC chip or an IC chip that operates in both contact and non-contact.
[0080]
The nonvolatile memory 17 may store the INDEX information including access condition information indicating a condition for the application to access, or may be a condition for executing the user program together with the application ID. Furthermore, security can be improved.
[0081]
The areas of the non-volatile memory 17 are allocated to the data area 17d and the program area 17p, and the application data and the user program are stored, respectively. User programs and application data may be stored.
[0082]
【The invention's effect】
As described above in detail, according to the present invention, the following effects can be obtained.
(1) By storing a common program in the first storage unit, writing a unique program for which registration is requested in the program area, and writing application data in the data area, and mounting a plurality of applications, security and While maintaining high convenience, the manufacturing cost is reduced, the versatility of registered applications is improved, and the convenience is improved.
(2) Communication is performed in units of unique programs and application data, and application registration is performed to reduce the amount of communication in a single communication, thereby improving communication safety and convenience.
(3) The application is additionally registered while maintaining security by determining whether or not the association information is valid.
(4) Similarly, an application is additionally registered while maintaining security by determining whether or not the original program or application data requested to be registered is valid.
(5) By storing the free space information and the writing position information, it is possible to simplify the processing related to the confirmation and writing of the free space and improve the processing speed.
[Brief description of the drawings]
FIG. 1 is a diagram for explaining a first embodiment of an IC card according to the present invention.
FIG. 2 is a memory structure diagram of a rewritable nonvolatile memory according to the first embodiment.
FIG. 3 is a memory structure diagram showing a data area of a rewritable nonvolatile memory according to the first embodiment.
FIG. 4 is a diagram for explaining DF identification information in the first embodiment.
FIG. 5 is a memory structure diagram showing a program area of a rewritable nonvolatile memory according to the first embodiment.
FIG. 6 is a memory structure diagram showing a program area of a rewritable nonvolatile memory according to the first embodiment.
FIG. 7 is a memory structure diagram for explaining a mutual relationship between a dedicated file and a user program in the first embodiment.
FIG. 8 is a diagram for explaining the issue of an IC card according to the present invention.
FIG. 9 is a diagram for explaining issuance of an IC card according to the present invention.
FIG. 10 is a flowchart showing the operation of the IC card according to the first embodiment of the present invention and the first embodiment of the IC card program according to the present invention.
FIG. 11 is a block diagram showing a second embodiment of the IC card according to the present invention.
FIG. 12 is a memory structure diagram of a rewritable nonvolatile memory according to a second embodiment.
FIG. 13 is a memory structure diagram showing a data area of a rewritable nonvolatile memory according to the second embodiment.
FIG. 14 is a memory structure diagram showing a system area of a rewritable nonvolatile memory according to the second embodiment.
FIG. 15 is a flowchart showing the operation of the second embodiment of the IC card according to the present invention and the second embodiment of the IC card program according to the present invention.
FIG. 16 is a memory structure diagram of a rewritable nonvolatile memory before a unique program registration process in the second embodiment.
FIG. 17 is a memory structure diagram showing system areas before, during, and after a unique program registration process in the second embodiment.
FIG. 18 is a memory structure diagram showing program areas before, during and after a unique program registration process in the second embodiment.
FIG. 19 is a flowchart showing the operation of the IC card according to the second embodiment of the present invention and the second embodiment of the IC card program according to the present invention.
FIG. 20 is a memory structure diagram of a rewritable nonvolatile memory after a unique program registration process and an application data registration process in the second embodiment.
[Explanation of symbols]
1,1-2 IC card
10, 10-2 IC chip
11 Contact terminal
12 Transceiver circuit
13, 13-2 Microprocessor
14, 14-2 CPU
15 ROM
16 RAM
17, 17-2 Nonvolatile memory
17p program area
17d Data area
17s system area
141 Application selection part
142 Validity judgment unit
143 Program execution unit
144 Registration judgment part
145 Capacity determination unit
146 Registration Request Information Validity Determination Unit
147 Association validity determination unit
148 Registration Request Information Writing Unit

Claims (9)

A common program that is common to a plurality of applications and is executed in each application is stored, a read-only non-volatile first storage unit, and a memory area are allocated to a program area and a data area A rewritable non-volatile second storage unit that stores a unique program, which is a unique program for each application, in a program area and application data in a data area in association with each other, the common program, An IC card capable of registering a plurality of applications including the unique program and the application data,
Registration request receiving means for receiving a unique program registration request including a unique program or an application data registration request including application data;
Registration request information writing means for writing the unique program or application data received by the registration request receiving means in a predetermined area of the second storage unit ;
Based on the unique program or the application data written in a predetermined area of the second storage unit by the registration request information writing means, application identification information for identifying the application, unique program identification information, and Management information creation means for creating management information including location information indicating the location where the unique program is stored;
IC card characterized by In the IC card according to claim 1,
Association information receiving means for receiving association information indicating which application data or application program stored in the second storage unit is associated with the unique program or application data received by the registration request receiving means; ,
Association validity determining means for determining whether or not the association information received by the association information receiving means is valid,
The registration request information writing means performs writing when it is determined affirmative by the association validity determining means;
IC card characterized by In the IC card according to claim 2,
The second storage unit stores application identification information in association with a unique program stored in the program area included in the same application and application data stored in the data area,
The association information receiving means receives the application identification information as association information;
IC card characterized by In the IC card according to claim 3,
Registered determination means for determining whether or not the same application identification information as the application identification information received by the association information receiving means is stored in the second storage unit;
Association validity authentication information receiving means for receiving association validity authentication information corresponding to association information received by the association information receiving means,
The association validity determining means is registered association validity authentication information corresponding to the same application identification information stored in the second storage unit when it is determined by the registered determination means that it is stored. And making a determination by collating the association validity authentication information received by the association validity authentication information receiving means,
IC card characterized by In the IC card according to any one of claims 1 to 4,
A registration request information validity determination unit that determines whether the unique program or application data received by the registration request reception unit is valid;
The registration request information writing unit performs writing when the registration request information validity determining unit determines affirmative;
IC card characterized by In the IC card according to any one of claims 1 to 5,
The second storage unit is an area free space information indicating a free space of the program area and / or the data area, and / or a document indicating a position where the registration request information writing unit writes a unique program or application data. Storing location information,
IC card characterized by A common program that is common to a plurality of applications and is executed in each application is stored, a read-only non-volatile first storage unit, and a memory area are allocated to a program area and a data area A rewritable non-volatile second storage unit that stores a unique program that is unique to each application in a program area and application data in a data area in association with each other, and the first and / or A CPU for executing a program stored in a second storage unit, and for registering an application in an IC card capable of registering a plurality of applications including the common program, the unique program, and the application data Causes the CPU to execute A card program,
A registration request receiving procedure for receiving an original program registration request including an original program or an application data registration request including application data;
A registration request information writing procedure for writing the original program or the application data received in the registration request receiving procedure in a predetermined area of the second storage unit ;
Based on the unique program or the application data written in the predetermined area of the second storage unit by the registration request information writing procedure, application identification information for identifying the application, unique program identification information, and the unique A management information creation procedure for creating management information including location information indicating a location where the program is stored;
IC card program characterized by this. In the IC card program according to claim 7,
An association information reception procedure for receiving association information indicating which application data or application program stored in the second storage unit is associated with the unique program or application data received in the registration request reception procedure;
An association validity authentication information reception procedure for receiving association validity authentication information for authenticating the validity of the association information received in the association information reception procedure;
An association validity determination procedure for determining whether or not the association information received in the association information reception procedure is valid based on the association validity authentication information received in the association validity authentication information reception procedure;
The registration request information writing procedure is executed when it is determined to be valid in the association validity determination procedure;
IC card program characterized by this. In the IC card program according to claim 7 or 8,
A registration request information validity determination procedure for determining whether or not the unique program or application data received in the registration request reception procedure is valid,
The registration request information writing procedure is executed when it is determined to be valid in the registration request information validity determination procedure;
IC card program characterized by this.

Images