MXPA98006674A - Method to modify the instruction series of an intelligent card - Google Patents

Abstract

The invention provides a method for modifying and / or extending the READ, WRITE instruction set of a smart card, use of attribute tables 100, 200, 300 associated with certain files and commands of the existing instruction set. to modify the functions of the instructions, thus, non-standard functions can be implemented without the need to use additional instructions, that is, not

Description

METHOD TO MODIFY THE INSTRUCTION SERIES OF AN INTELLIGENT CARD BACKGROUND OF THE INVENTION The present invention relates to a method for modifying the instruction series of a smart card. More particularly »the present invention relates to a method for modifying the individual instructions of a smart card. A smart card! also called IC card (IC = integrated circuit) »is an electronic device for making payments. The integrated circuit of the card contains a microprocessor or the like to process data. The processor of a smart card is usually provided with a series of instructions comprising instructions (commands), such as READ »WRITE. UPDATE etc .. to operate on the data (payment) contained in the card. Frequently standardized instruction sets are used. such co o. for example, those defined by the European standard EN726. Nevertheless. said series of instructions is necessarily limited with respect to the number and scope of the instructions. As electronic payment systems that involve smart cards arise. There is often a need to add new functions to the card, or to alter existing functions. Such changes usually involve a modification of the instruction series of the smart card. This would normally involve a redesign of the integrated circuit of the card, which is not only expensive, but makes existing cards obsolete. Further. altering a series of standardized instructions would compromise its compatibility with the standard. For these and other reasons, the need arises to be able to modify the instruction series of the smart cards without deviating substantially from the existing series.

BRIEF DESCRIPTION OF THE INVENTION It is thus an object of the invention to overcome the aforementioned disadvantages and other disadvantages of the prior art. and provide a method that makes it possible to modify a series of instructions of a smart card without adding commands. It is another object of the invention to add new functions to a smart card, the new functions being based on the original series of instructions. To achieve these and other objectives. The invention provides a method for modifying the instruction series of a smart card processor. the smart card also comprising a memory for storing files and groups of attributes associated with the files, each attribute specifying properties of an instruction of the series, the method comprising the step of inserting in a group of attributes a new attribute corresponding to the instruction which is going to be modified, said new attribute specifying a modified property of the respective instruction. That is to say. according to the present invention, the instructions are modified by modifying their attributes. Since the attributes can be organized into groups associated with specific files, the method of the present invention allows the structures to be selectively modified. that is, modified for specific files. An attribute typically specifies an access condition or a specific key that will be used by the instruction involved. However, the attribute may contain machine code (or a flag to machine code) that specifies an additional operation, the operation performing a specific function (such as a cryptographic procedure). By inserting a new operation, or a modified operation, into an attribute, you can modify the function of an instruction without changing the instruction itself. It will be understood that the insertion of an attribute may involve the replacement of an existing attribute. In general, memory locations can be reserved to store attributes. The insertion of a new attribute usually involves storing the new attribute in the corresponding memory location. in which case any information previously stored in the memory location is overwritten. In accordance with the invention, the method can be applied in situations where the attribute groups of the instruction series comprise a first table containing first attributes, and a second table containing second attributes, the first table containing references for the second table, and wherein a New attribute is inserted in the second table. Said first table may comprise, for example, said specific key, while the second table contains procedures (operations) that will be used in conjunction with the instruction involved. It should be noted that the first table can be referred by a base table containing references. By inserting a new attribute in the second table, the modification is achieved with a minimum change in the attributes. Modern smart cards can have at least two different data files, for example, for different applications of the smart card. In such a case, a group of attributes may comprise subgroups associated with the respective data files. The invention allows a new attribute to be inserted in a limited number of subgroups. making modifications to the specific instructions for individual data files. In this way, a great flexibility of instructions can be achieved.

BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 shows »in perspective. a smart card as it is used for payment and identification purposes. Figure 2 schematically shows the integrated circuit of the smart card of Figure 1. Figure 3 shows schematically an attribute table of a series of instructions of a smart card, for example, the smart card of Figure 2. Figure 4 schematically shows a key table associated with the attribute table of Figure 3. Figure 5 schematically shows a procedure table associated with the attribute table of Figure 3 and the key table of Figure 4. Figure 6 shows schematically an example of a hierarchical file structure of an inte! i people EXAMPLES OF MODALITIES The smart card or IC card 1 shown schematically and by the example of 1 to FIG. 1 comprises a substrate 2. in which an integrated circuit is included.

The integrated circuit is provided with contacts 3 to make contact with a card reader or the like. It should be noted that the present invention can also be applied in the case of so-called contactless smart cards. The integrated circuit 10 shown schematically and by the example in Figure 2 comprises a processor 11. a memory 12 and an input / output circuit 13. The memory may comprise a part of volatile memory (RAM) for storing data temporarily »and a part of nonvolatile memory (ROM) to store data permanently or semipermanently. The last part is preferably an EEPROM type memory (electrically erasable read only memory). The data stored in the non-volatile part can contain both programming data (instructions, programs) and payment data. that is, »data related to monetary transactions. It will be understood that a separate memory (not shown) can be provided to store the instruction set of the processor 11. The processor 11 can be a microprocessor having a series of standardized instructions, for example. in accordance with the European standard EN726. It will be understood that other series of standard or non-standard instructions may also be used. The series of instructions will be explained in more detail in relation to Figure 3. The input / output circuit 13 handles communication between the processor 11 and external devices (not shown) such as card readers. The input / output circuit 13. which may contain suitable volatile memories, is connected to the processor 11 by a data link. The processor 11 and 1 to memory 12 can be connected by means of the same data link. The table of attributes shown schematically and by the example in figure 3 and denoted in general by the reference number 100 »comprises several parts associated with different files (a possible structure of files of the smart card will be explained later in connection with the figure G). A first part, associated with file A (21 in figure S). it includes fields 111. 121 and 131. The first field 111 contains the file indicator »denoted here by" file A ". The second field 121 contains an instruction table »that is, a table containing the instruction series of the smart card» or at least references to the instructions in the instruction series. It will be understood that the instructions themselves comprise the machine code executed by the processor. In the example shown. the "READ" instructions are displayed. "RITE and" UPDATE. "The third field 131 contains attributes of the struc- tions in field 121. That is, for each instruction in the second field 121. there may be an entry in the third field 131. the entry consting a group of attributes that further specify the operation of the instruction The attributes may comprise, for example, access conditions and reference numbers denoted in Figure 3 by AC and B KEYIMR. respectmente amente. The access conditions may include ALWAYS. NEVER. PROTECTED. and similar. Reference numbers can refer to entries in the key table shown in Figure 4. The third field 131 of table 100 can thus constitute a base table of attributes, which refers to other tables (shown in Figure 4). Although the first, second and third fields of the attribute table 100 are shown in Figure 3 for clarity as adjacent fields. in real modalities the fields can be very well stored in different non-adjacent positions of the card memory 12 nte! igente The attributes included in field 131 all correspond to file A. as specified in field 111. That is. the attributes of field 111 are only valid for file A. This structure allows instructions to have different functionalities for different files (data). This file can contain data with respect to a specific application (function) of the smart card. Typical applications are "finance", "loyalty program" and "access" to make or receive payments, collect loyalty credits, and have access to constructions and the like, respectively. Even within that application, more than one data file can be used, and thus more than one associated group of attributes can exist. As a result of attributes that are specific to a data file, the function of an instruction can. at least for the parts defined by the attributes, it is specified to a data file. Thus, the access conditions of the "READ" instruction may vary between a file containing, for example, finance data (electronic money storage) and a file containing personal data of the smart card user. This will be explained in more detail in relation to Figures 4 and 5. The actual access conditions, symbolically shown in Figure 3 by AC, can be contained in the base attribute table 100, or they can be contained in a separate table (not shown). Similarly »the keys (KEY 1, KEY 2. ...) shown in Figure 4 can be contained in the attribute table 100. To facilitate the explanation of the invention, it will be assumed that the KEYNR entries. which can be simply numbers (1. 2. ...) »refer to the key table 200 of Figure 4. Each entry in the key table 200 of Figure 4 contains a key number (KEYNER.)» a key (KEY 1. KEY 2. ...) and a procedure identification or procedure number (denoted as PRONR) in figures 4 and 5). Each procedure identification refers in turn to an entry in the procedure table 300. Each entry in the procedure table 300 contains a procedure number and a procedure (operation). denoted in figure 5 »for example» by DES c RSA. Said procedure may be a cryptographic procedure. such as DES and RSA. or some other operation on data. In accordance with the present invention. The instructions of a smart card can be modified by modifying its attributes. Thus »by modifying an entry in the procedure table 300» a new function or a modification of an existing function can be achieved. Figure 5 records a new function (for example »multiply data with a common factor» or subtract one from data) in the second entry of the procedure table. Thus »if in the key table 200 the key number 3 is selected» the procedure number refers to the procedure number 2 »being the new function. Each time an instruction is executed that implies that the use of KEY 3 »will invoke the new function. It will be understood that references to a new function may be made in various ways "for example" directly from table 100 of figure 3. Similarly. the key table 200 may contain "ghost" keys to allow the use of the table without actually using a key. Instead of inserting the new function in the procedure table 300. you can insert a pointer that points to a memory location where the new or modified code is stored. As explained above. in the base table of attributes (100 in figure 3) different attributes may exist for different files. In accordance with the invention, the method allows a flexible set of instructions by modifying the attributes for data files in the video. Smart cards can comprise a hierarchical directory structure to organize your files. An example of such structure is shown in figure 6. A main file 20 has three subfiles 21. 22 and 23. That is to say, the main file may contain references to the subfiles. or such references are stored elsewhere (for example, in a common directory). A group of attributes is associated with the main file 20. It is possible to have individual groups of attributes for the three sub-files 21, 22 and 23. As shown in figure 3. However, in case a group of attributes is associated with the file 20. said group of attributes may be applicable to all the lower files in the hierarchy with respect to the main file 20. That is to say. the same group of attributes can also be associated with files 21. 22 and 23. In other words »if an instruction is changed by modifying an attribute (of a group of attributes) associated with a certain file» the modification can be maintained for all files hierarchically inferior with respect to said file. This allows an instruction to be altered for. for example. a specific card application. where this application involves several files. As explained above. the modification of instructions is achieved in accordance with the present invention by replacing and / or modifying attributes. The method of the invention thus allows the use of standard instructions (standard card functions) to perform non-standard operations. The invention also provides a modified series of instructions for a smart card as well as a smart card provided with a modified set of instructions. The actual insertion of a new attribute into an attribute table is achieved by storing the new attribute in an appropriate memory location. The data representing the new attribute can be transferred from a computer via a card reader / writer to the memory of the card. Referring to FIG. 2, the data are transferred by the 1/013 unit to the memory 12 in the usual manner. It will be understood by those skilled in the art that the embodiments described above are given by way of example only and that many modifications and additions are possible without departing from the scope of the present invention.

Claims (8)

NOVELTY OF THE INVENTION CLAIMS

1. - A method for modifying the instruction string of a processor (11) of a smart card (1). the smart card further comprising a memory (12) for storing files (21. 22) and groups of attributes (for example AC.KEYiMR »KEY 1) associated with the files» each attribute specifying properties of an instruction (for example, READ) of the series, characterized in that the method comprises the step of inserting in a group of attributes a new attribute (for example, NEW FUNCTION) that corresponds to an instruction that is to be modified, said new attribute specifying a modified property of the respective instruction to.

2. The method according to claim 1, characterized in that the attribute groups are organized in a first table (100) that refers to an additional table (200, 300), and where a new attribute (NEW FUNCTION) is insert into an additional table (for example, 300).

3. The method according to claim 1 or 2 »characterized in that the insertion of a new attribute implies the replacement of an existing attribute.

4. The method according to any of the preceding claims. characterized in that the memory (12) of the smart card (1) comprises at least two files (e.g., 21 »22), a group of attributes (e.g., 131) being associated with each file, a new attribute being inserted in a limited number of groups.

5. The method according to any of the preceding claims, characterized in that the files (for example »21» 22) are hierarchically organized »each group of attributes being associated with at least one file (for example» 20) » and all files (for example 21, 22) being hierarchically inferior to said file (20).

6. The method according to any of the preceding claims "characterized in that a series of attributes is associated with all the files of the smart card (1). 7.- The instruction series of a smart card (1). characterized in that it is modified by the method according to any of the preceding claims. 8. The smart card (1) »characterized in that it comprises a memory (12) and a processor (11) having a series of instructions modified by the method according to any of claims 1 to 6.