HK1065604B - Integrated circuit device, information processing device, information recording device memory management method, mobile terminal device, semiconductor integrated circuit device, and communication method using mobile terminal device - Google Patents
Integrated circuit device, information processing device, information recording device memory management method, mobile terminal device, semiconductor integrated circuit device, and communication method using mobile terminal device Download PDFInfo
- Publication number
- HK1065604B HK1065604B HK04105722.0A HK04105722A HK1065604B HK 1065604 B HK1065604 B HK 1065604B HK 04105722 A HK04105722 A HK 04105722A HK 1065604 B HK1065604 B HK 1065604B
- Authority
- HK
- Hong Kong
- Prior art keywords
- personal identification
- identification code
- mobile terminal
- integrated circuit
- application
- Prior art date
Links
Description
Technical Field
The present invention relates to an information storage medium having a storage area, an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method, and particularly to an information storage medium used by being mounted on an information processing apparatus such as a cellular phone or a Personal Digital Assistant (PDA), an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method.
More particularly, the present invention relates to an information storage medium in which one or more application programs are allocated to a storage area, an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method, and particularly to an information storage medium for controlling access rights to each application program allocated to a storage area, an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method.
The present invention also relates to a mobile terminal equipped with an IC chip driven by receiving power wirelessly communicated with an external device, and an IC card used with the mobile terminal, and more particularly to a mobile terminal equipped with an IC chip driven by receiving power wirelessly communicated with an external device and having a memory function, a control method thereof, and an IC card having a memory function.
More particularly, the present invention relates to a mobile terminal to which one or more applications are allocated to a memory area on an IC chip, a control method thereof, and an IC card to which one or more applications are allocated to a memory area, and particularly to a mobile terminal for controlling access rights to applications each allocated to a memory area in an application unit on an IC chip, a control method thereof, and an IC card for controlling access rights to applications each allocated to a memory area in an application unit.
Background
Various devices for identification or authentication using a personal identification number or a password have been designed and put to practical use. (in general, the word "personal identification number" refers to a character string represented by a combination of numerals 0-9, and the word "password" refers to a character string represented using numerals and general characters such as letters. in the present specification, a set of personal identification numbers and passwords may also be referred to as a "Personal Identification Code (PIC)")
For example, when a user wishes to use an Automated Teller Machine (ATM) card at a bank or other financial institution, an automated teller machine or the like prompts the user to enter a personal identification number or password for identification. Upon confirming that the user has entered the correct pin or password, the user may withdraw money from the cash dispenser.
Other applications of personal identification codes include: entering a personal identification code on a security box placed in an accommodation establishment such as a hotel; inputting a password when logging in a computer; and hiding the information on the information terminal.
Storage media such as magnetic stripes on known bank ATM cards have a storage area that is used only for the bank. The entry of the personal identification number or password accesses only a single memory area. Therefore, the user is required to prepare cards for each purpose or use and separately use a plurality of cards.
Recently, contactless IC cards have come into widespread use. For example, an IC card reader/writer placed on an automatic teller machine, an entrance of a concert hall, or a station ticket gate accesses an IC card held by a user in a contactless manner. A user inputs a personal identification number or a password into the IC card reader/writer, and checks the input personal identification number or password with the personal identification number or password stored on the IC card, thereby performing identification and authentication between the IC card and the IC card reader/writer. When the identification or authentication is successful, for example, the use of the application stored on the IC card is permitted. One possible type of application stored on an IC card is value information such as electronic money or electronic bills.
Due to the progress of miniaturization technology, IC cards having a relatively large capacity storage space have recently appeared and widely used. Since the known ATM card has only one storage area, i.e., one application, the user is required to carry a plurality of cards according to the purpose or use. In contrast, an IC card having a high-capacity storage space stores a plurality of application programs at the same time. So that a single IC card serves multiple purposes. For example, a single IC card stores two or more application programs such as electronic money for performing electronic transactions and electronic tickets for entering a specific concert hall. The single IC card serves various purposes.
When such an IC card having a high-capacity storage function (or a semiconductor IC chip having a data carrier function and/or an authentication function) is placed on, for example, a cellular mobile terminal, a user equipped with the mobile terminal is permitted to exchange electronic value information with the outside world, for example, to conduct electronic transactions.
Since ATM cards are known to have only a single use (as described above), the magnetic strip on each ATM card has a single personal identification number or password to manage the security of the entire card.
In contrast, since the security of an IC card is greatly lowered in the event that the IC card is lost or stolen when access to all applications on the IC card is opened using a single personal identification code, an IC card having a storage function capable of storing a plurality of applications and a mobile terminal including such an IC card or (IC chip) are required to control the access right of each application.
As the memory area placed on the IC card expands due to the progress of manufacturing technology, more digital applications are allocated to the memory area on the IC card. When simply allocating applications to a storage area, application arrangement becomes complicated for the user, and it is difficult for the user to classify and organize the applications on the storage area.
In the case where access rights to an application are controlled by individual personal identification codes, when a user wishes to use a plurality of related applications in a series of transactions, the user is required to enter personal identification codes in sequence in the same transaction. As a result, the operability of the apparatus is greatly reduced.
Disclosure of Invention
An object of the present invention is to provide an improved information storage medium having a storage area, an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method.
It is another object of the present invention to provide an improved information storage medium for use by being mounted on an information processing apparatus such as a cellular phone or a Personal Digital Assistant (PDA), an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method.
It is another object of the present invention to provide an improved information storage medium having a storage area to which one or more application programs are allocated, an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method.
It is another object of the present invention to provide an improved information storage medium for controlling access rights to each application program allocated to a storage area, an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method.
It is another object of the present invention to provide an improved information storage medium for efficiently managing a plurality of applications assigned to a storage area, an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method.
In view of the above object, according to a first embodiment of the present invention, there is provided an integrated circuit device or an information storage device memory management method including: storage allocation means or step for allocating a storage area to each application;
personal identification code setting means or step for setting a personal identification code for each application program allocated to the storage area to control access rights to each application program; and
an accessible/inaccessible management means or step for managing each application program allocated to the storage area to be accessible/inaccessible,
wherein the accessible/inaccessible management means or step sets each application program, for which the personal identification code is set, to inaccessible in default settings, and sets the corresponding application program to accessible in response to the fact that the personal identification code input by the user matches the set personal identification code.
The integrated circuit device according to the first aspect of the present invention is provided in the form of, for example, an IC chip. A cartridge equipped with an IC chip having an antenna and shaped in the size of a credit card is collectively called an "IC card". The IC chip is used by being embedded in a mobile terminal such as a cellular phone or a PDA or other information processing apparatus. The IC card can be used by inserting it into an information processing apparatus. The application program of the IC chip or the IC card includes value information related to, for example, prepaid electronic money or electronic bills. In the following description, the functions provided by the IC chip or the IC card may also be referred to as "application programs".
The storage allocation means or step manages the storage space arranged in a hierarchical manner in the IC card by allocating a storage area to each application program in a hierarchical structure using a directory. Accordingly, related applications such as a plurality of applications used in a series of transactions are stored in the same directory to enable a user to efficiently classify and manage the applications.
When the external device has a card reader, the external device can access the IC chip via the wireless interface. The right to access a storage area in an IC chip or the like is controlled by matching of personal identification codes. The personal identification code can be input to unlock using the information processing apparatus in which the IC chip is embedded. Then, a wireless link is established and access to the memory space is granted. Alternatively, after a wireless link is established between an IC chip in an information processing terminal and an external device, access rights are controlled based on a personal identification code input using the external device.
In this case, the personal identification code setting means or step may set a personal identification code for each application and directory to control access rights to each application and directory. The accessible/inaccessible management means or step may set each of the application and the directory to which the personal identification code is set as inaccessible in a default setting, and set the corresponding application or directory as accessible according to the fact that the personal identification code input by the user matches the set personal identification code.
The accessible/inaccessible management means or step sets all applications and subdirectories under a directory accessible based on the fact that the personal identification code entered by the user matches the personal identification code set for that directory.
According to the integrated circuit device and the information storage device storage management method of the first aspect of the present invention, the storage space has a hierarchical structure. By assigning a directory to each application, the applications are efficiently managed in units of directories.
For example, applications used in a series of transactions, for example, are registered in the same directory, (highly related subdirectories are registered in the same directory). Thus, the arrangement of applications and directories in the storage area is well organized, and the user can efficiently sort and organize the applications.
According to the integrated circuit device and the information storage device storage management method of the first aspect of the present invention, in addition to setting a personal identification code for each application program, a personal identification code can be set for each directory. In addition to controlling the access rights in units of applications, the access rights can be effectively controlled in units of directories.
For example, the user enters a personal identification code corresponding to the directory. The personal identification code is checked and authenticated to give the user access to the applications (and subdirectories) used in the directory. For example, a user may gain access to all applications used by a series of transactions by entering a personal identification code for the corresponding directory at one time. Thereby effectively performing access control, thereby improving the operability of the device.
The integrated circuit device or the information storage device storage management method according to the first aspect of the present invention may further include a private key setting means or step for setting a private key for authentication for each application and directory allocated to the storage area. In this case, the accessible/inaccessible management means or step may set the inaccessible application or directory to be accessible when the inaccessible application or directory is mutually authenticated by a predetermined certification authority using a private key.
The integrated circuit device or information storage device storage management method may further include access denying means or step for making each of the accessible applications and directories inaccessible in response to the power supply to the integrated circuit device or information storage device being turned off.
When the IC card is lost or stolen, the user may suffer a loss since the application and the catalog can be used without permission or fraudulently. According to the first aspect of the present invention, access to all applications and directories is automatically denied in response to the power-off of the IC card. In case the IC card is lost, the IC card is prevented from remaining accessible and fraudulent use of the IC card by a malicious user is prevented.
The integrated circuit device or information storage device storage management method may further include: an input error number storage means or step for storing the number of input errors of the personal identification code of each application and directory assigned to the storage area; and input error maximum permission number setting means for setting the input error maximum permission number of the personal identification code for each of the application program and the directory allocated to the storage area. In this case, the accessible/inaccessible management means or step may set as inaccessible an application or directory whose number of input errors has reached the maximum permitted number of input errors.
The integrated circuit device or information storage device storage management method may include an input error number initialization means or step for mutual authentication by a predetermined certification authority by an administrator, clearing the input error number stored in the input error number storage means or step.
According to a second aspect of the present invention, there is provided a mobile terminal device comprising:
a semiconductor integrated circuit device having a storage region;
one or more application programs allocated to the storage area, wherein access rights to each application program are controlled by the personal identification code;
a wireless interface for enabling the semiconductor integrated circuit device to wirelessly communicate with an external apparatus;
a wired interface for performing wired communication with the semiconductor integrated circuit device;
user input means for inputting a personal identification code and other data by a user;
a collating means for transferring to the semiconductor integrated circuit device a personal identification code input by a user from the user input means via the wired interface and collating the personal identification code with a personal identification code of each application program allocated to the storage area; and
an access right control means for giving the user an access right to an application program whose personal identification codes match each other as a result of the collation by the collation means.
Here, the term mobile terminal device means an information processing device such as a cellular phone or a Personal Digital Assistant (PDA), which is small and light enough to be carried around by a user. Meanwhile, the term semiconductor integrated circuit device denotes an IC chip having an authentication function for realizing an access operation.
The IC chip provided on the mobile terminal device according to the second aspect of the present invention includes: a wireless interface for establishing a wireless link with an external device such as a reader/writer; and a wired interface for establishing an internal connection with a controller of the mobile terminal equipped with the IC chip. In response to establishment of a wireless link with the reader/writer, the IC chip may be activated by an electromagnetic wave transmitted from the reader/writer.
The IC chip disposed on the mobile terminal device according to the second aspect of the present invention includes a storage area. One or more applications are allocated to the storage area. The access rights to each application are controlled by a personal identification code, such as a personal identification number or password. Here, the term application includes value information such as electronic money or electronic bills.
When a wireless link with an external device such as a reader/writer is established, a personal identification code input using the reader/writer can be input to the IC chip via the wireless interface. A personal identification code input from a user input unit such as a keypad of a mobile terminal device may be input into the IC chip via a wired interface. The personal identification codes inputted via the wireless interface or the wired interface are checked with the correct personal identification codes, and if the personal identification codes match each other, an access right to the corresponding application program is given.
According to a second aspect of the present invention, a personal identification code of a desired application program is input using a mobile terminal device. The mobile terminal is put on an external device such as a reader/writer so that an application program (such as conducting an electronic transaction) can be used using the external device. Thus, the user can input the personal identification code using the user mobile terminal with which the user is familiar, rather than using the user interface of the external device with which the user is unfamiliar, thereby checking the input personal identification code. In other words, the personal identification code can be input to unlock using the information processing apparatus in which the IC chip is embedded. A wireless link may then be established with an external device to grant access to the storage area. Needless to say, after the wireless link between the IC chip in the information processing apparatus and the external apparatus is established, the access right can be controlled based on the personal identification code input using the external apparatus.
The access right control means may grant the external device access to the application program given the access right using wireless communication via the wireless interface.
In response to detection of no electromagnetic wave from an external device connected via a wireless interface, the access right control means determines that a series of transactions involving the application program to which the access right has been given have ended, and performs transaction end processing. As a result, the IC chip does not remain in a state accessible to each application after use. For example, when the mobile terminal device is lost or stolen, unauthorized use of the application program is prevented. Thereby preventing a user from being subjected to unauthorized use or theft of value information such as electronic money.
In response to not receiving a response to a command transmitted from the IC chip via the wireless interface within a predetermined period of time, the access right control means may determine that a series of transactions between the external device and the IC chip connected to each other via the wireless interface are normally or abnormally ended, and perform an end process. As a result, the IC chip does not remain in a state accessible to each application after breaking the wireless link with the external device. For example, when the mobile terminal is lost or stolen, unauthorized use of each application is prevented. Thereby preventing the user from being subjected to unauthorized use or theft of value information such as electronic money.
The mobile terminal device according to the second aspect of the present invention may further include: personal identification code registration means for registering in advance a personal identification code of each application program; a program activation device; and personal identification code input means for inputting a personal identification code of a corresponding application program in accordance with the activated program to the IC chip via the wired interface. In this case, the user selects a desired program from a menu screen displayed on the display and calls the corresponding program to the mobile terminal. In response to the activated program, a personal identification code of the corresponding application program is input to the IC chip via the wired interface, thereby giving access rights to the application program. The user can ignore the input of the personal identification code of the desired application program, thereby improving the operability of the device.
In response to being connected to an external device via the wireless interface and thus receiving power, the IC chip may notify via the wired interface of the necessity of inputting the personal identification code for accessing the storage area. In response to the notification, the mobile terminal equipped with the IC chip displays a dialog or beeps on the display unit to remind the user. Therefore, when the user places the mobile terminal on an external device such as a reader/writer to use an application, the user is reliably reminded of the necessity of inputting a personal identification code. Thereby facilitating application use for every aspect of the user's daily life.
According to a third aspect of the present invention, there is provided a communication method using a mobile terminal apparatus having a semiconductor integrated circuit device which has a storage area and communicates with an external apparatus,
the mobile terminal device includes: a wireless interface for enabling the semiconductor integrated circuit device to wirelessly communicate with an external apparatus; and a wired interface for enabling the semiconductor integrated circuit device to wirelessly communicate with the semiconductor integrated circuit device in the mobile terminal apparatus,
one or more application programs are allocated to the storage area, wherein access rights to each application program are controlled by the personal identification code, the communication method comprising:
a user input step of inputting a personal identification code and other data by a user;
a transmission step of transmitting the personal identification code input via the wired interface in the user input step to the semiconductor integrated circuit device
A checking step of checking the personal identification code input in the user input step with the personal identification code of each application program allocated to the storage area; and
an access right control step of giving the user an access right to the application program whose personal identification codes are matched with each other as a result of the collation in the collation step.
The semiconductor integrated circuit device disposed on the mobile terminal apparatus according to the third aspect of the present invention is formed in the form of an IC chip. The IC chip includes: a wireless interface for establishing a wireless link with an external device such as a reader/writer; and a wired interface for establishing an internal connection with a controller of the mobile terminal equipped with the IC chip. In response to establishment of a wireless link with the reader/writer, the IC chip may be activated by an electromagnetic wave transmitted from the reader/writer.
The integrated circuit device disposed on the mobile terminal apparatus according to the third aspect of the present invention has a relatively large capacity storage area. One or more applications are allocated to the storage area. The access rights to each application are controlled by a personal identification code, such as a personal identification number or password. Here, the term application includes value information such as electronic money or electronic bills.
When a wireless link with an external device such as a reader/writer is established, a personal identification code input using the reader/writer can be input to the IC chip via the wireless interface. A personal identification code input from a user input unit such as a keypad of a mobile terminal device may be input into the IC chip via a wired interface. The personal identification codes inputted via the wireless interface or the wired interface are checked with the correct personal identification codes, and if the personal identification codes match each other, an access right to the corresponding application program is given.
According to the third aspect of the present invention, a personal identification code of a desired application program is input using a mobile terminal device. The mobile terminal is put on an external device such as a reader/writer so that an application program (such as conducting an electronic transaction) can be used using the external device. Thus, the user can input the personal identification code using the user mobile terminal with which the user is familiar, rather than using the user interface of the external device with which the user is unfamiliar, thereby checking the input personal identification code.
In the access right control step, the external device may be granted access to an application program that gives access rights using wireless communication via the wireless interface.
In the access right control step, in response to the absence of detection of electromagnetic waves from the external device connected via the wireless interface, it may be determined that a series of transactions involving the application program to which the access right has been given have ended, and a transaction end process may be performed. As a result, the semiconductor integrated circuit device does not remain in a state accessible by each application after use. For example, when the mobile terminal device is lost or stolen, unauthorized use of the application program is prevented. Thereby preventing a user from being subjected to unauthorized use or theft of value information such as electronic money.
In the access right control step, in response to not receiving a response to a command transmitted from the IC chip via the wireless interface within a predetermined period of time, it may be determined that a series of transactions between the external device and the IC chip connected to each other via the wireless interface are normally or abnormally ended, and the end processing is performed. As a result, the IC chip does not remain in a state accessible to each application after breaking the wireless link with the external device. For example, when the mobile terminal is lost or stolen, unauthorized use of each application is prevented. Thereby preventing the user from being subjected to unauthorized use or theft of value information such as electronic money.
The communication method using a mobile terminal device according to the third aspect of the present invention may further include: a personal identification code registration step of registering a personal identification code of each application in advance; a program activation step; and a personal identification code input step of inputting a personal identification code of a corresponding application program in accordance with the activated program to the semiconductor integrated circuit device via the wired interface. In this case, the user selects a desired program from a menu screen displayed on the display and calls the corresponding program to the mobile terminal. In response to the activated program, a personal identification code of the corresponding application program is input to the semiconductor integrated circuit device via the wired interface, thereby giving access rights to the application program. In this case, the user can ignore the input of the personal identification code of the desired application, thereby improving the operability of the device.
The communication method using the mobile terminal device may further include: a notification step of notifying, via the wired interface, necessity of inputting the personal identification code for accessing the storage area in response to a fact that the semiconductor integrated circuit device is connected to the external apparatus via the wireless interface and thus receives power. In response to the notification, the mobile terminal equipped with the IC chip displays a dialog or beeps on the display unit to remind the user. Therefore, when the user places the mobile terminal on an external device such as a reader/writer to use an application, the user is reliably reminded of the necessity of inputting a personal identification code. Thereby facilitating application use for every aspect of the user's daily life.
Other objects, features, and advantages of the present invention will become more apparent by describing in more detail preferred embodiments thereof with reference to the attached drawings.
Drawings
Fig. 1 is a schematic diagram showing a hardware configuration of a mobile terminal 10 according to an embodiment of the present invention.
Fig. 2 is a conceptual diagram showing a mechanism of wireless communication based on electromagnetic induction between a reader/writer and an IC chip 50;
fig. 3 is a model diagram of a system formed by the reader/writer 101 and the IC chip 50, the system functioning as a transformer.
Fig. 4 is a block diagram showing an internal functional configuration of an IC chip 50 embedded in the mobile terminal 10 of the first embodiment of the present invention.
Fig. 5 is a schematic diagram showing an example of the configuration of a storage space in the memory 52 shown in fig. 4.
Fig. 6 is a diagram showing a data structure of a personal identification code definition area.
Fig. 7 is a flow chart illustrating a process of controlling access rights to a directory or application consistent with a personal identification code entered by a user.
Fig. 8 is a flow chart illustrating a process for controlling access rights to a directory or application using a private key in place of a personal identification code entered by a user.
Fig. 9 is a flowchart showing a process of controlling access rights to an application or directory based on the number of personal identification code input errors.
Fig. 10 is a schematic diagram showing a mechanism for automatically making inaccessible a memory area to which access has been granted by cutting off power.
Fig. 11 is a block diagram showing an internal functional configuration of an IC chip 50 embedded in a mobile terminal 10 according to a second embodiment of the present invention.
Fig. 12 is a flowchart showing a process of granting access to an application program allocated to the memory 52 by checking a personal identification code input from the input unit 11 of the mobile terminal 10.
Fig. 13 is a flowchart showing a process of controlling the access right to the application program based on the detection result of the electromagnetic wave transmitted from the external apparatus 50.
Fig. 14 is a flowchart showing a process of controlling access rights to an application program based on a response of the external device 100 in response to a command transmitted from the IC chip 50.
Fig. 15 is a flowchart showing a process of reminding a user to input a personal identification code to the mobile terminal in response to establishment of a wireless link between the IC chip 50 and the external device 100 via the RF unit 51.
Fig. 16 is a schematic diagram showing the hardware configuration of a mobile terminal 102 of a third embodiment of the present invention.
Fig. 17 is a flowchart showing a process of ignoring input of a personal identification code by activating a program.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
A. System configuration
Fig. 1 schematically shows a hardware configuration of a mobile terminal 10 of the embodiment of the present invention. The mobile terminal 10 is an information processing terminal such as a cellular phone or a Personal Digital Assistant (PDA), which is small and light enough to be carried by a user.
The mobile station 10 shown in the figure comprises: an IC chip 50 which is driven by receiving power by wireless communication with an external device and has a memory function; a controller 11 for controlling the overall internal operations of the mobile terminal 10; a user input unit 12 formed of keys/buttons for inputting various character strings and commands such as a personal identification number or a password by a user; and a display unit 13, such as a Liquid Crystal Display (LCD), for displaying the processing result. Needless to say, the mobile terminal 10 may include peripheral units and circuit elements other than those shown in the drawings in order to realize the basic functions of the mobile terminal 10.
A cartridge equipped with an IC chip having an antenna and shaped in the size of a credit card is collectively called an "IC card".
The mobile terminal 10 may be equipped with the IC chip 50 in various different ways. For example, a semiconductor IC chip may be embedded within the mobile terminal 10 along with a wireless antenna. Or may be used by inserting a card-shaped IC chip, i.e., an IC card, into a card slot arranged in the mobile terminal 10. The application program of the IC chip or the IC card includes a function relating to value information such as prepaid electronic money or electronic bills. In the following description, the functions provided by the IC chip or the IC card may be referred to as "application programs".
The controller 11 is formed by integrating a Central Processing Unit (CPU), a Read Only Memory (ROM), a Random Access Memory (RAM), and the like. The controller 11 executes program codes stored on the ROM to control various operations in the mobile terminal 10.
The IC chip 50 includes: a wireless interface 14 for establishing a wireless link with the external device 100; and a wireless interface 15 for establishing a wireless link with the mobile terminal 10. The wireless interface 14 uses, for example, a contact interface standard defined by ISO 7816 or a wireless interface standard defined by ISO 14443. A scheme for establishing a link and an association between the IC chip 50 and the external device 100 will be described later.
The IC chip 50 is fabricated by using, for example, a contactless IC chip technology. The IC chip 50 is driven by an electromagnetic wave received from the external device 100 via the wireless interface 14. In other words, when the user does not put the mobile terminal 10 on the external device 100, the electromagnetic waves from the external device 100 cannot reach the mobile terminal 10, thereby canceling the operation of the IC chip 50. In this embodiment, in response to cutting off an electromagnetic wave (to be described later), the right to access the inside of the IC chip 50 no longer exists.
The IC chip 50 according to this embodiment has a memory area. Miniaturization technology makes such storage possible. The storage area is formed of a semiconductor memory, a magnetic stripe, or other readable/writable storage medium. One or more applications are allocated to the storage area. An example of an application is value information such as electronic money or electronic tickets.
In this embodiment, the memory area in the IC chip 50 has a hierarchical structure. Each application is assigned to a directory. This enables the application to be efficiently managed in units of directories. This will be described below.
In order to protect the value information stored in the storage space of the IC chip 50 from unauthorized use or theft, a personal identification code such as a personal identification number or a password is set for each application program. As a result, the access right to the storage area is controlled in units of application programs. For example, the personal identification code of each application is checked against the personal identification code input via the wireless interface 14 or the wired interface 15, and when the compared personal identification codes match each other (described below), an access right is given to each application.
In this embodiment, in addition to the above-described feature that the storage space has a hierarchical structure, each application is assigned to a directory, and a personal identification code is set for each application, a personal identification code may be set for each directory. Not only the access right is controlled in units of an application but also the access right is effectively controlled in units of a directory. The access right control will be described in detail below.
The external device 100 is a device that uses an application program allocated to a memory area on the IC chip 50. The external device 100 includes a reader/writer 101 for establishing a wireless link with the IC chip 50 using, for example, a contactless IC chip technology. Needless to say, the external device 100 is equipped with: other circuit components and peripheral devices for performing arithmetic processing of a specific operation; and a display unit and an input unit for interactive input with a user (neither shown in the drawings).
The external device 100 corresponds to, for example: a device such as an Automatic Teller Machine (ATM) terminal of a bank for using electronic money; devices for processing electronic value information, such as devices installed at entrances to concert halls or at stations or airports gates, for using electronic tickets; and devices such as security boxes at lodging facilities for user identification or authentication.
According to a system configuration such as that shown in fig. 1, a user inputs a personal identification code from the user input unit 12 of the mobile terminal 10 and unlocks. In some cases, the user confirms the number input by the user and displayed on the display unit 13, and transmits the input personal identification code to the IC chip 50 embedded in the mobile terminal 10 via the wired interface 15. In the IC chip 50, the personal identification code set for each application or directory on the storage area is checked against the personal identification code input by the user. If the personal identification codes match each other, the user is given access rights to the storage area assigned to the corresponding application or directory. Alternatively, after establishing a wireless link between the IC chip 50 in the mobile terminal 10 and the external terminal 100, the access right to each application program is controlled based on the personal identification code input using the external device 100.
Wireless communication between the reader/writer 101 and the IC chip 50 is realized based on, for example, the principle of electromagnetic induction. Fig. 2 conceptually describes a wireless communication mechanism based on electromagnetic induction between the reader/writer 101 and the IC chip 50. The reader/writer 101 includes an antenna L in the shape of a loop coilRW. Make current IRWCurrent through the antenna LRWThen at the antenna LRWAn electromagnetic field is generated around. On the other hand, on the IC chip 50 side, the circulation coil L is provided in an electrical sense around the IC chip 50C. Circulation coil L in IC chip 50CBy a reader/writer101 circulating antenna LCThe generated magnetic field induces a voltage, and the induced voltage is inputted to the circulation coil LCThe terminals of the connected IC chip 50.
Antenna L of reader/writer 101RWAnd a circulation coil L of the IC chip 50CThe degree of coupling therebetween changes according to the positional relationship thereof. As a system, it can be seen that a single transformer is provided. This can be described in the model diagram shown in fig. 3.
The reader/writer 101 modulates the current flowing through the antenna LRWCurrent of (I)RWTo modulate the circulating coil L on the IC chipCInduced voltage V0. With this phenomenon, the reader/writer 101 transmits data to the IC chip 50. The data transmitted in this case includes a personal identification code such as a personal identification number or a password input by the user at the external device 100 side for obtaining an access right to each application or directory and value information provided by each application, for example, electronic money or an electronic ticket.
The IC chip 50 has a load exchange function for changing the circulation coil L in accordance with data sent to the reader/writer 101CThe load between the terminals. When circulating the coil LCWhen the load between the terminals changes, the impedance between the antenna terminals of the reader/writer 101 changes. This results in an antenna LRWIs flowing through a current IRWOr voltage VRWTo generate fluctuations therein. The demodulation of the fluctuation enables the reader/writer 101 to receive the data transmitted from the IC chip 50. The data received by the external device 100 from the IC chip 50 includes value information such as electronic money or electronic ticket provided by each application program.
B. First embodiment
In the first embodiment of the present invention, the memory area embedded in the IC chip 50 of the mobile terminal 10 has a hierarchical structure using directories. Each application program that has been allocated to the storage area is registered in the directory at a desired hierarchical level. For example, highly related applications, such as applications used in a series of transactions, are registered in the same directory (highly related sub-directories are registered in the same directory). Thus, the arrangement of applications and directories in the storage area is well organized, and the user can efficiently sort and organize the applications.
By setting a personal identification code for each application and, in addition thereto, by setting a personal identification code for each directory, hierarchical control of access rights is achieved. For example, the user enters a personal identification code corresponding to the directory. The entered personal identification code is checked and authenticated, giving the user access to all applications (and sub-programs) in the directory. For example, a user gains access to all applications used in a series of transactions by entering the personal identification code of the corresponding directory at one time. Thereby effectively performing access control to improve the operability of the device.
Fig. 4 illustrates an internal functional configuration of the IC chip 50 embedded in the mobile terminal 10 of the present embodiment.
As shown, the IC chip 50 includes: an RF unit 51 connected to an antenna to establish a wireless link with the reader/writer 101 of the external device 100; a memory 52 to which a storage area is individually allocated for each application such as purchased ticket information or bank deposit information (electronic money); a verifier 53 for comparing and verifying the personal identification code; a wired interface 54; and a controller 55 for controlling the components in a general manner.
The controller 55 is formed by integrating a Central Processing Unit (CPU), a Read Only Memory (ROM), a Random Access Memory (RAM), and the like. The controller 55 executes the program codes stored on the ROM to control the internal operation of the IC chip 50. Meanwhile, the controller 55 communicates with the controller 11 of the mobile terminal 10 via the wired interface 54.
The memory 52 is used to allocate storage to one or more applications. The memory 52 may be implemented with any type of readable/writable storage medium, such as a semiconductor memory or a magnetic stripe, and is not limited to a specific device.
In this embodiment, the storage space of the memory 52 has a hierarchical structure using directories. Specifically, each application program that has been allocated to a storage area may be registered in a directory at a desired hierarchical level. For example, highly related applications, such as applications used in a series of transactions, are registered in the same directory (highly related sub-directories are registered in the same directory).
Each application and directory allocated in the memory 52 has a personal identification code definition area. A personal identification code may be provided for each application or directory. The access right to the memory 52 is controlled in units of applications or directories. The hierarchy, hierarchical control of access rights, and personal identification code definition area in memory 52 will be described in detail below.
The verifier 53 verifies the personal identification code transmitted via the wired interface 54 with the personal identification code set in the storage area allocated to each application or directory, and in the case where the personal identification codes match each other, permits access to the storage area. Information can be read from the storage area to which access has been granted via the RF unit 51 by the reader/writer 101, and information can be written to the storage area to which access has been granted.
In short, the personal identification code transmitted via the wired interface 54 is a personal identification code input by the user using the mobile terminal 10. In other words, according to the present embodiment, the user may input the personal identification code using the user mobile terminal 10 with which the user is familiar, instead of using the user interface of the external device 100 with which the user is unfamiliar, thereby checking the input personal identification code.
Fig. 5 schematically shows an example of the configuration of the storage space in the memory 52 shown in fig. 4. In the example shown in the figure, directory 1 corresponds to a root directory, which includes application 1A and application 1B, and directory 2 corresponds to a subdirectory.
Under the directory 2, an application 2A, a directory 3-1 and a directory 3-2 corresponding to subdirectories are included.
Under the directory 3-1, an application 3-1A and an application 3-1B are included. Under the directory 3-2, there are included an application 3-2A, an application 3-2B, and an application 3-2C.
As shown in fig. 5, each application and directory allocated to the memory 52 has a personal identification code definition area. Fig. 6 schematically shows a data structure of the personal identification code definition area. As shown in the figure, the personal identification code definition area has a personal identification number area, an area for storing the number of input errors, an area for setting the maximum permitted number of input errors, an area for selecting whether to use the personal identification code, and an access permission flag.
When the user wishes to access an application or a directory, the user is prompted by the IC chip 50 to enter a personal identification code. For example, a beep may be sounded by the mobile terminal 10 or a dialog may be displayed on the display unit 13 to remind the user to enter a personal identification code.
Only when the personal identification code entered by the user matches the correct personal identification code, an access permission flag is placed in the personal identification code definition area in the corresponding application or directory, thereby permitting access thereto.
The access permission flag indicates whether the corresponding application or directory can be accessed. The application or directory in which the access permission flag is set is accessible. In the default setting, the access permission flag in each application or directory in which the personal identification code is set to be inaccessible. After the personal identification code verification or authentication using the private key is successful, the access permission flag is set to make the application or directory accessible. If the access permission flag is continuously set, the user will suffer a loss in case the IC chip 50 or the mobile terminal 10 is lost or stolen since the application or the directory can be used without permission or fraudulently. The IC chip 50 according to the present embodiment has a mechanism for automatically changing the accessible state to the inaccessible state, which will be described later.
The record in the area for storing the number of input errors is updated each time an incorrect personal identification code is input. When the number of input errors reaches the maximum permitted number of input errors set in the area for setting the maximum permitted number of input errors, access to the corresponding application or directory is denied.
Generally, once the user successfully enters the correct personal identification code, the number of entry errors should be cleared. This scheme prevents a malicious user from checking each possible personal identification code to detect the correct personal identification code. When the user inputs an erroneous personal identification code and the number of input errors reaches the maximum permitted number of input errors, the input of the personal identification code fails. In this case, only the administrator who manages the IC chip 50 can clear the area for storing the number of input errors. The administrator may be authenticated by, for example, a private key, as will be described below.
When the personal identification code of a directory is entered and access to the directory is thereby granted, access to all applications and directories under the directory may be granted. For example, as shown in fig. 5 for directory 2, the personal identification code of the directory itself and the personal identification codes of the subdirectories are separately set, thereby setting the personal identification code for controlling only the access right to the application program belonging to directory 2, and setting the personal identification code for controlling only the access right to the application programs belonging to subdirectories 3-1 and 3-2 under directory 2.
The area for setting whether or not to use the personal identification code in each personal identification code definition area is used to select whether or not to set the personal identification code for the target area. Specifically, when the personal identification code is set, if authentication by the personal identification code is successful, access to the corresponding application or directory is permitted. In contrast, an application or directory for which no personal identification code is set does not require a personal identification code check, so that access to the application or directory is not limited.
In addition to the personal identification code, a private key may be set for each application or directory. In addition to authentication using input of a personal identification code, a private key may also be used as an authentication means.
Fig. 7 is a flow chart illustrating a process of controlling access rights to a directory or application program based on a personal identification code entered by a user.
When the user inputs the personal identification code (step S1), the verifier 53 accesses the personal identification code definition area of the application or the directory in the storage space to determine whether the input personal identification code matches the personal identification code set for the application or the directory (step S2).
When the personal identification code set for the application or directory matches the personal identification code input by the user, the access permission flag in the personal identification code definition area in the application or directory is set so that the application or directory is accessible (step S3).
For example, a personal identification code input by a user using the user input unit 12 of the mobile terminal 10 may be transmitted to the IC chip 50 via the wired interface 54. Alternatively, the IC chip 50 is put on the reader/writer 101 of the external apparatus 101, and the personal identification code input using the user interface of the external apparatus 100 is transmitted to the IC chip via the wireless interface, that is, the RF unit 51.
Fig. 8 is a flow chart illustrating a process for controlling access rights to a directory or application using a private key in place of a personal identification code entered by a user.
When the private key set for the desired directory or application is used, an authentication process is performed by a predetermined certification authority (step S11).
When the authentication is successful (step S12), an access permission flag in the personal identification code definition area of the directory or application is set so that the directory or application is accessible (step S13).
Needless to say, the right to access an application or a directory can be controlled by combining collation of a personal identification code input by a user such as shown in fig. 7 and authentication processing using a private key such as shown in fig. 8. In this case, unauthorized use or fraudulent use of the application or directory is prevented with a higher level of security.
When using personal identification codes such as shown in fig. 7 to control access rights to an application or directory, a malicious user can check each possible personal identification code to break its security (especially when the personal identification code uses fewer numbers). In the present embodiment, the maximum permitted number of inputs is set in the personal identification code definition area. And setting the application program or the catalogue of which the input error times reach the maximum permitted input times as inaccessible so as to perform access control.
Fig. 9 is a flow chart illustrating a process for controlling access rights to an application or directory using the number of personal identification code entry errors.
When the user inputs the personal identification code (step S21), the verifier 53 accesses the personal identification code definition area of the application or the directory in the storage space, and determines whether the input personal identification code matches the personal identification code of the application or the directory (step S22).
When the personal identification code of the application or directory matches the personal identification code input by the user, the access permission flag in the personal identification code definition area is set so that the corresponding application or directory is accessible (step S23).
In contrast, when the personal identification code of the application or the directory does not match the personal identification code input by the user, the number of input errors in the personal identification code definition area is updated (step S24).
In step S25, it is determined whether the updated number of input errors reaches the maximum permitted number of inputs set in the personal identification code definition area (step S25).
If the number of input errors reaches the maximum permitted number of inputs, the setting of the access permission flag in the personal identification code definition area is cleared, and the corresponding application or directory is made inaccessible (step S26).
As a result, the behavior of a malicious user to check each possible personal identification code is prevented.
When the user inputs an erroneous personal identification code and the number of input errors reaches the maximum permitted number of input errors, the input of the personal identification code fails. In this case, only the administrator who manages the IC chip 50 can clear the area for storing the number of input errors. The administrator may be authenticated by, for example, a private key.
For example, if a known ATM card is lost, when the owner of the card reports the loss to the bank managing the account number to abort any transaction using the bank account number, the funds in the account number are protected since the funds themselves are not stored in the card. In contrast, in the case where the IC chip has a storage region, a large amount of redeemable value information such as electronic money or an electronic ticket is stored in the semiconductor memory of the IC chip. When a malicious user finds a lost IC chip, it is highly likely that the IC chip is fraudulently used, resulting in economic loss.
In the present embodiment, in response to the power-off of the IC chip 50 (or the mobile terminal 10 in which the IC chip 50 is embedded), the access permission flags in all the personal identification code definition areas are cleared to automatically deny access to all the applications and directories. This scheme prevents the IC chip 50 from remaining accessible if the IC chip 50 is lost, and from fraudulent use by a malicious user.
Fig. 10 schematically shows a mechanism for automatically setting an accessible storage area inaccessible by turning off power. The mechanism shown in the figure can be implemented using a storage medium such as a semiconductor memory that retains the contents (volatility) of a storage area by receiving power supply.
In the personal identification code definition area of the application and the directory to which the storage area is allocated, access permission flags 201-1 to 201-n are provided as shown in fig. 6. In each of the access permission flags 201-1 to 201-n, a contact a and a contact B are arranged. The end of contact a may be connected to the end of contact B via switches SW1 and SW2 arranged in parallel. Contact a and contact B are both open, the corresponding application and directory are set to accessible, and contact a and contact B are shorted, the corresponding application and directory are set to inaccessible.
Access permission flag controllers 202-1 to 202-n are provided in the IC chip 50, and the number of access permission flag controllers 202-1 to 202-n is equal to the number of access permission flags (i.e., equal to the total number of applications and directories assigned to the memory area).
When the IC chip 50 is turned on, the switch SW1 shown in the drawing is turned on.
In normal operation, in order to grant access to the corresponding application or directory in response to the input of the personal identification code, the access permission flag controller 202 turns on the switch SW2 in the corresponding access permission flag 201. As a result, both the contact a and the contact B are opened, and the access permission flag 201 is set to an accessible state.
To deny access, switch SW2 is shorted out. Regardless of the state of the other switch, SW1, contact a and contact B are shorted, thereby setting the access grant flag to an inaccessible state.
If the IC chip 50 (or the mobile terminal 10 having the IC chip 50 embedded therein) is turned off in an accessible state where the switch SW is opened, the power supply voltage is from the initial voltage VCCDown to 0[ V ]]And the voltage detector 203 detects a threshold voltage V therebetweenth. Responsive to threshold voltage VthThe power supply voltage detector 203 short-circuits all the switches SW1 in the access permission flags 201-1 to 201-n. Regardless of the state of the other switch SW2, the contact a and the contact B in the access permission flags 201-1 to 201-n are short-circuited. Therefore, all the access permission flags are simultaneously changed to the inaccessible state.
C. Second embodiment
Fig. 11 illustrates an internal functional configuration of an IC chip 50 embedded in a mobile terminal 10 of a second embodiment of the present invention.
As shown in the figure, the IC chip 50 includes: an RF unit 51 connected to an antenna to establish a wireless link with the reader/writer 101 of the external device 100; a memory 52 to which a storage area is individually allocated for each application such as purchased ticket information or bank deposit information (electronic money); a verifier 53 for comparing and verifying the personal identification code; a wired interface 54; and a controller 55 for controlling the components in a general manner.
The controller 55 is formed by integrating a Central Processing Unit (CPU), a Read Only Memory (ROM), a Random Access Memory (RAM), and the like. The controller 55 executes the program codes stored on the ROM to control the internal operation of the IC chip 50. Meanwhile, the controller 55 communicates with the controller 11 of the mobile terminal 10 via the wired interface 54.
In the memory 52, a region is allocated for each application program. In the example shown in the figure, separate areas are allocated on the memory 52 for application a, application B, and application C. If necessary, a personal identification code for identification or authentication may be set for each application. The area allocated to each application program includes a personal identification code area for storing a personal identification code.
The memory 52 may be implemented with any type of readable/writable storage medium, such as a semiconductor memory or a magnetic stripe, and is not limited to a specific device.
In the present embodiment, the verifier 53 verifies the personal identification code transmitted via the wired interface 54 with the personal identification code set in the storage area allocated to each application program. If the personal identification codes match each other, access to the corresponding storage area is granted. Information can be read from or written to the storage area to which access has been granted via the RF unit 51 by the reader/writer 101.
In short, the personal identification code transmitted via the wired interface 54 is a personal identification code input by the user using the mobile terminal 10. In other words, according to the present embodiment, the user may input the personal identification code using the user mobile terminal 10 with which the user is familiar, instead of using the user interface of the external device 100 with which the user is unfamiliar, thereby checking the input personal identification code.
Fig. 12 is a flowchart showing permission to access the application program allocated to the memory 52 by checking the personal identification code input from the user input unit 11 of the mobile terminal 10. The process of granting access to an application will be described below with reference to the flowchart of fig. 12.
The user inputs the personal identification code using the user input unit 11 of the mobile terminal 10 (step S101)
The personal identification code input in this way is transmitted to the verifier 53 in the IC chip 50 via the wired interface 52 (step S102).
The verifier 53 checks the personal identification code input via the user input unit 12 with the personal identification code set for each application program allocated to the memory 52 (step S103).
As a result of the collation, the user is given access rights to the application programs whose personal identification codes match each other (step S104). The storage area allocated to the application program to which access has been granted becomes accessible to the reader/writer 101 using wireless communication.
Needless to say, the verifier 53 verifies not only the personal identification code received via the wired interface 54 (i.e., input by the user using the mobile terminal 10) but also the personal identification code received via the RF unit 51 (i.e., input by the user using the external device 100).
When a series of transactions is completed with the reader/writer 101 after access is granted, the controller 55 analyzes the completion and transmits the analysis result via the wired interface 54.
Alternatively, after normally or abnormally ending the transaction, the controller 55 waits for a command from the wired interface 54, or waits for the mobile terminal 10 itself to be turned off (i.e., waits for the electromagnetic wave from the reader/writer 101 to stop, resulting in the IC chip 50 not being activated). In this case, after a predetermined period of time has elapsed, the controller 11 of the mobile terminal 10 in which the IC chip 50 is embedded performs an end process, such as sending a next command to the IC chip 50 or turning off the IC chip 50.
Fig. 13 is a flowchart showing a process of controlling the access right to the application program based on the detection result of the electromagnetic wave transmitted from the external apparatus 100. The control of the access rights to the application will be described below with reference to a flow chart.
During the wireless connection of the IC chip 50 and the external device 100 via the RF unit 51, the controller 55 always determines whether an electromagnetic wave is received via the RF unit 51 (step S111).
In response to the absence of the detection of the electromagnetic wave, it is determined that a series of transactions between the external device 100 and the IC chip 50 connected to each other via the RF unit 51 are ended (step S112).
The controller 55 performs an end process to end the transaction with the external device 100 (S113). As a result, the right given to the external device 100 to access the application program disappears.
As a result, the IC chip 50 does not remain in a state accessible to each application after use. For example, when the mobile terminal 10 is lost or stolen, unauthorized use of each application is prevented. Thereby preventing the user from being subjected to unauthorized use or theft of value information such as electronic money.
Fig. 14 is a flowchart showing a process of controlling access rights to an application program based on a response of the external device 100 in response to a command transmitted from the IC chip 50. The control of the access rights to the application will be described below with reference to the flow chart
When the controller 55 transmits a command to the external device 100 via the RF unit 51 (step S121), the controller 55 determines whether a response to the command is given (step S122).
When no response is received within a predetermined period of time after the command is transmitted (step S123), it is determined that a series of transactions between the IC chip 50 and the external device 100 are normally or abnormally ended (step S124), and an end process of ending the transactions with the external device 100 is performed (step S125).
As a result, the IC chip 50 does not remain in a state of giving an access right to each application program after the wireless link with the external device 100 is interrupted. For example, when the mobile terminal is lost or stolen, unauthorized use of each application is prevented. Thereby preventing the user from being subjected to unauthorized use or theft of value information such as electronic money.
Before receiving the personal identification code via the wired interface 54, the IC chip 50 performs wireless communication with the reader/writer 101 via the RF unit 51, and transmits/receives data to/from the external device 100. Thereafter, when data is to be further transmitted or received, the controller 55 detects that authentication using the personal identification code is necessary, and transmits the detection result to the controller 11 of the mobile terminal 10 via the wired interface 54.
Fig. 15 is a flowchart showing a process of reminding a user to input a personal identification code to the mobile terminal in response to establishment of a wireless link between the IC chip 50 and the external device 100 via the RF unit 51.
The controller 55 always determines whether the IC chip 50 is connected to the external device 100 via the RF unit 51 (step S131).
When the IC chip 50 is connected with the external device 100 via the RF unit 51 and power is supplied to the IC chip 50, the controller 55 notifies the controller 11 of the mobile terminal 10 of the necessity of inputting the personal identification code to access the memory 52 via the wired interface 54 (step S132).
In response to the notification, the mobile terminal 10 beeps or displays a dialog on the display unit 12 to remind the user to input a personal identification code in order to use a desired application (step S133).
Therefore, when the user places the mobile terminal on the external device to use the application program, the user is reliably reminded of the necessity of inputting the personal identification code. Thereby facilitating application use for every aspect of the user's daily life.
D. Third embodiment
Fig. 16 schematically shows a hardware configuration of a mobile terminal 10-2 of a third embodiment of the present invention.
The mobile station 10-2 shown in the figure comprises: an IC chip 50 that is driven by receiving power using wireless communication with an external device and has a memory function; a controller 11 for controlling the overall internal operations of the mobile terminal 10-2; a user input unit 12 formed of keys/buttons for inputting various character strings and commands such as a personal identification number or a password by a user; and a display unit 13, such as a Liquid Crystal Display (LCD), for displaying the processing result. Needless to say, the mobile terminal 10-2 may include peripheral units and circuit elements other than those shown in the drawings in order to realize the basic functions of the mobile terminal 10-2.
The IC chip 50 includes: a wireless interface 14 for establishing a wireless link with the external device 100; and a wireless interface 15 for establishing a wireless link with the controller 11 of the mobile terminal 10. The wireless interface 14 uses, for example, a contact interface standard defined by ISO 7816 or a wireless interface standard defined by ISO 14443 (the same as above).
The IC chip 50 is fabricated by using, for example, a contactless IC chip technology. The IC chip 50 is driven by an electromagnetic wave received from the external device 100 via a wireless interface. In other words, when the user does not put the mobile terminal 10 on the external device 100, the electromagnetic waves from the external device 100 cannot reach the mobile terminal 10, thereby canceling the operation of the IC chip 50. So that access rights to the interior of the IC chip 50 no longer exist.
The IC chip 50 has a relatively large capacity storage area. Miniaturization technology makes such storage possible. The storage area is formed of a semiconductor memory, a magnetic stripe, or other readable/writable storage medium. One or more applications are allocated to the storage area. One example of an application includes value information such as electronic money or electronic tickets.
In order to protect this type of value information from unauthorized use or theft, access rights to each application program are controlled in units of application programs using a personal identification code such as a personal identification number or a password. For example, the personal identification code of each application is checked against the personal identification code inputted via the wireless interface 14 or the wired interface 15, and when the personal identification codes match each other, an access right to each application is given.
The mobile terminal 10-2 is formed by providing a personal identification code storage area in the controller 11 in the mobile terminal shown in fig. 1. A personal identification code corresponding to a program in the controller 11 is stored in advance in the personal identification code storage area. This enables the personal identification code corresponding to the called program to be transmitted to the IC chip 50 via the wired interface. Thereby not requiring the user to sequentially input the personal identification code to use the same application stored in the IC chip 50, thereby improving the operability of the apparatus.
Fig. 17 is a flowchart of a process of ignoring input of a personal identification code by an activation program.
A personal identification code is registered in advance for each application (step S141). The registered personal identification code is stored in a predetermined personal identification code storage area in the controller 55.
When the user wishes to use the application program, the user selects a desired program from, for example, a menu list (not shown) displayed on the display unit 13 (step S142).
As a result, the controller 11 activates the selected program (step S143).
The controller 11 reads the personal identification code of the corresponding application program from the personal identification code storage area according to the activated program, and transmits the personal identification code to the IC chip 50 via the wired interface 15 (step S144).
As a result, in the IC chip, the personal identification code set for each application program allocated to the storage area is collated with the personal identification code received via the wired interface 15 (step S145).
As a result of the collation, the user is given access rights to the application programs whose personal identification codes match each other (step S146). The storage area allocated to the application program to which the access right has been given is accessible by the reader/writer 101 using wireless communication.
In this case, the user selects a desired program from a menu screen displayed on the display and calls the corresponding program to the mobile terminal. In response to the activated program, a personal identification code of the corresponding application program is input to the IC chip via the wired interface, thereby giving access rights to the application program. The user can ignore the input of the personal identification code of the desired application program, thereby improving the operability of the device.
Appendix
The invention has been described in detail with reference to specific embodiments. It should be understood, however, that various modifications and substitutions may be made by those skilled in the art without departing from the scope of the invention.
In this specification, a case where the IC chip of the present invention is used by being embedded in a device such as a cellular phone or a PDA is described. However, the scope of the present invention is not limited to these cases.
The advantages of the present invention may be similarly realized using an IC chip, for example, by using an IC chip in a stand-alone manner, or by embedding an IC chip in other types of devices.
In short, the present invention has been disclosed by way of example for purposes of illustration, but such description should not be construed in a limiting sense. The scope of the invention is to be determined solely by the appended claims.
Industrial applicability
According to the present invention, there are provided an improved information storage medium that can be used by being placed in an information processing apparatus such as a cellular phone or a Personal Digital Assistant (PDA), an IC chip having a storage area, an information processing apparatus equipped with an IC chip having a storage area, and an information storage medium storage management method.
According to the present invention, there are provided an improved information storage medium having a storage area and effectively controlling access rights to each application program allocated to the storage area, an IC chip having the storage area, an information processing apparatus equipped with the IC chip having the storage area, and an information storage medium storage management method
According to the present invention, the memory area on the IC chip has a hierarchical structure. Each application program allocated to the storage area is registered in the directory. The storage area is efficiently managed in units of directories.
According to the present invention, a personal identification code is set for each application and directory. In this case, the access right is controlled in units of applications or in units of directories. For example, for all the applications included in the catalog, an identification or authentication scheme as available as the existing IC chip can be provided.
According to the present invention, when a mobile terminal or an IC chip in which the IC chip is embedded is lost, access rights to each application in the IC chip automatically disappear. Therefore, others are prevented from fraudulently using the IC chip or the mobile terminal.
The identification or authentication using the IC chip according to the present invention may be performed in conjunction with authentication using a private key. As a result, value information such as electronic money can be processed with high security.
According to the present invention, for example, when an IC chip embedded in a mobile terminal is used as a bank card, identification or authentication processing is performed by inputting a personal identification code by a user using a mobile terminal with which the user is familiar. This minimizes the amount of operations a user must perform using their unfamiliar bank ATM terminals.
According to the present invention, placing the mobile terminal in, for example, an ATM terminal in a bank causes the ATM terminal to alert the mobile terminal to enter the appropriate personal identification code.
According to the invention, the program and the personal identification code are associated with each other in the mobile terminal. Thus, for example, when the account settlement display program of a bank is called, the personal identification number is automatically called.
Claims (16)
1. A semiconductor integrated circuit device for a mobile terminal apparatus, comprising:
a storage area for storing one or more applications and/or directories, wherein access rights to each application and/or directory are controlled by personal identification codes, and the storage area is managed by directories to allocate applications on the storage area in a hierarchical structure;
a wired interface for wired communication with the mobile terminal device;
a collating means for receiving a personal identification code input from a user input means implemented in the mobile terminal device and transferred to the semiconductor integrated circuit device via the wired interface and collating the personal identification code with a personal identification code of each application and/or directory allocated to the storage area;
access right control means for giving the user an access right to an application and/or a directory in which personal identification codes match each other in accordance with a result of the collation by the collation means; and
and a wireless interface for enabling the external device and the semiconductor integrated circuit device to wirelessly communicate with each other.
2. The semiconductor integrated circuit device according to claim 1, wherein the access right control means permits the external device to access the application and/or directory to which the access right is given using wireless communication via the wireless interface.
3. The semiconductor integrated circuit device according to claim 1, wherein in response to detection of no electromagnetic wave from an external apparatus connected via the wireless interface, the access right control means determines that a series of transactions involving the application program to which the access right has been given have ended, and performs transaction end processing and sets each application program and/or directory to be inaccessible.
4. The semiconductor integrated circuit device according to claim 1, wherein in response to a failure to receive a response to a command transmitted from the semiconductor integrated circuit device via the wireless interface within a predetermined period of time, the access right control means determines that a series of transactions between the external apparatus and the semiconductor integrated circuit device, which are connected to each other via the wireless interface, have ended normally or abnormally, and performs ending processing.
5. The semiconductor integrated circuit device according to claim 1, wherein the semiconductor integrated circuit device is driven by receiving power with wireless communication with an external apparatus.
6. The semiconductor integrated circuit device according to claim 5, wherein in response to being connected to an external apparatus via the wireless interface and thereby receiving power, the semiconductor integrated circuit device notifies via the wired interface that the personal identification code needs to be input for accessing the storage area.
7. The semiconductor integrated circuit device according to claim 1, wherein the access right control means sets each of the applications and/or directories to which the personal identification code is set as inaccessible in a default setting.
8. The semiconductor integrated circuit device according to claim 1, wherein the application programs are distributed in a hierarchical manner using the directory.
9. A mobile terminal device including a semiconductor integrated circuit device, comprising:
(i) user input means for inputting personal identification codes and/or other data from a user;
(ii) a semiconductor integrated circuit device having:
a storage area for storing one or more applications and/or directories, wherein access rights to each application and/or directory are controlled by personal identification codes, and the storage area is managed by directories to allocate applications on the storage area in a hierarchical structure;
the wired interface is used for carrying out wired communication with the mobile terminal equipment;
a collating means for receiving the personal identification code input from the user input means and transferred to the semiconductor integrated circuit device via the wired interface, and collating the personal identification code with the personal identification code of each application and/or directory allocated to the storage area;
access right control means for giving the user an access right to an application and/or a directory in which personal identification codes match each other in accordance with a result of the collation by the collation means; and
a wireless interface for enabling the external device and the semiconductor integrated circuit device to wirelessly communicate with each other; and
(iii) and the display device is used for displaying the data to a user.
10. The mobile terminal device according to claim 9, wherein the access right control means grants the external device access to the application and/or directory to which the access right is given, using wireless communication via the wireless interface.
The mobile terminal device according to claim 9, wherein in response to detection of no electromagnetic wave from the external device connected via the wireless interface, the access right control means determines that a series of transactions involving the application program to which the access right has been given have ended, and performs transaction end processing and sets each application program and/or directory to be inaccessible.
12. The mobile terminal device according to claim 9, wherein in response to a failure to receive a response to a command transmitted from the semiconductor integrated circuit device via the wireless interface within a predetermined period of time, the access right control means determines that a series of transactions between the external device and the semiconductor integrated circuit device connected to each other via the wireless interface has ended normally or abnormally, and performs ending processing.
13. The mobile terminal device according to claim 9, wherein the semiconductor integrated circuit device is driven by receiving power with wireless communication with an external device.
14. The mobile terminal device according to claim 13, wherein in response to being connected to an external device via the wireless interface and thereby receiving power, the semiconductor integrated circuit device notifies via the wired interface that the personal identification code needs to be input for accessing the storage area.
15. The mobile terminal device according to claim 9, wherein the access right control means sets each application and/or directory to which the personal identification code is set as inaccessible in a default setting.
16. The mobile terminal device according to claim 9, wherein the application programs are distributed in a hierarchical manner using the directory.
Applications Claiming Priority (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2001194748A JP4207403B2 (en) | 2001-06-27 | 2001-06-27 | Information storage medium, IC chip having memory area, information processing apparatus having IC chip having memory area, and memory management method for information storage medium |
| JP2001194749A JP4207404B2 (en) | 2001-06-27 | 2001-06-27 | Mobile terminal, control method therefor, and IC card |
| JP194749/2001 | 2001-06-27 | ||
| JP194748/2001 | 2001-06-27 | ||
| PCT/JP2002/006323 WO2003003194A1 (en) | 2001-06-27 | 2002-06-25 | Integrated circuit device, information processing device, information recording device memory management method, mobile terminal device, semiconductor integrated circuit device, and communication method using mobile terminal device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| HK1065604A1 HK1065604A1 (en) | 2005-02-25 |
| HK1065604B true HK1065604B (en) | 2008-03-28 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100347667C (en) | Integrated circuit device, information processing device, storage management method of information storage device, mobile terminal device, semiconductor integrated circuit device, and communication method using mobile terminal device | |
| CN1249622C (en) | Integrated circuit chip and information processing terminal | |
| JP5479916B2 (en) | Portable terminal device and control method thereof | |
| CN1902604A (en) | Data communicating apparatus and method for managing memory of data communicating apparatus | |
| CN1313948C (en) | Electronic stamp. storage medium, high-level vertification system, moving device and vehicle start control equipment | |
| CN1536529A (en) | Data communication device and method for managing memory in the device | |
| CN100341002C (en) | IC card, terminal device, and data communication method | |
| CN1804872A (en) | Renewal method and renewal apparatus for an IC card having biometrics authentication functions | |
| CN1820279A (en) | Method and system for creating and operating biometrically enabled multi-purpose credential management devices | |
| CN1311414C (en) | Card processing system and card processing method on toll roads | |
| CN1236388C (en) | Apparatus and method for idntifying of private code | |
| CN1219712A (en) | Card type recording medium and access control method and recording control program medium | |
| CN101047735A (en) | Mobile communication terminal and program thereof | |
| CN1957361A (en) | Reader/writer secure module access control method | |
| CN1272187A (en) | Chip card with management of a virtual memory device and corresponding communication method and protocol | |
| CN1902605A (en) | Data communicating apparatus and method for managing memory of data communicating apparatus | |
| CN1820260A (en) | Information management device and information management method | |
| CN1280738C (en) | data storage device | |
| CN1897045A (en) | Information processing system, information processing device and method and programme | |
| HK1065604B (en) | Integrated circuit device, information processing device, information recording device memory management method, mobile terminal device, semiconductor integrated circuit device, and communication method using mobile terminal device | |
| CN1158526A (en) | Near radio data communications and data processing system | |
| CN1904299A (en) | Lock cabinet system | |
| CN1440525A (en) | Mobile information storage and communication device and method of communication | |
| HK1065144B (en) | Ic chip and information processing terminal | |
| CN1957339A (en) | Data communication system, data communication method and data communication device |