JP2014186378A - Ic card and portable electronic device - Google Patents

Abstract

Provided are an IC card and a portable electronic device that can select the operation of each application according to the free capacity of the usable storage area when a sufficient storage area to be used by the application cannot be secured.
The first storage means has a temporary storage area allocated to an application. The second storage means stores definition information of a temporary storage area that can be allocated to an application in the first storage means. The calculation means calculates the capacity of the unused area in the temporary storage area defined by the definition information when receiving a command designating the application by the communication unit. The determining means determines whether or not there is a function restriction on the application according to the unused area capacity calculated by the calculating means. The setting means sets function restriction information indicating the contents of function restriction on the application based on the determination result by the determination means.
[Selection] Figure 2

Description

  Embodiments described herein relate generally to an IC card and a portable electronic device.

  A portable electronic device such as an IC card has a CPU, a RAM, a rewritable nonvolatile memory, and the like, interprets and executes a command from the external device, and presents the processing result to the external device. Conventionally, in an IC card, a storage area on a RAM that can be assigned to an application to be executed is defined in advance. The IC card sequentially secures an area used by an application to be executed within a predefined storage area. However, if the IC card cannot secure a sufficient storage area for use by the application, the application cannot be executed.

JP 2000-348146 A

  Embodiments of the present invention provide an IC card and a portable electronic device that can select the operation of each application according to the free capacity of the usable storage area when a sufficient storage area used by the application cannot be secured. For the purpose.

  According to the embodiment, the IC card includes a communication unit, a first storage unit, a second storage unit, a calculation unit, a determination unit, and a setting unit. The communication unit communicates with an external device. The first storage means has a temporary storage area allocated to the application. The second storage means stores definition information of a temporary storage area that can be allocated to an application in the first storage means. The calculation means calculates the capacity of the unused area in the temporary storage area defined by the definition information when receiving a command designating the application by the communication unit. The determining means determines whether or not there is a function restriction on the application according to the unused area capacity calculated by the calculating means. The setting means sets function restriction information indicating the contents of function restriction on the application based on the determination result by the determination means.

FIG. 1 is a diagram illustrating a configuration example of an IC card system including an IC card and an IC card processing device according to the embodiment. FIG. 2 is a block diagram illustrating a configuration example of the IC card according to the embodiment. FIG. 3 is a diagram illustrating an example of a management structure of files stored in the nonvolatile memory of the IC card according to the embodiment. FIG. 4 is a diagram illustrating a configuration example of a storage area in the nonvolatile memory 24 in the IC card according to the embodiment. FIG. 5 is an example of a command format applicable to the IC card according to the embodiment. FIG. 6 is a diagram illustrating a configuration example of a registered application table stored in the nonvolatile memory of the IC card according to the embodiment. FIG. 7 is a diagram illustrating a configuration example of a storage area in the RAM 23 of the IC card according to the embodiment. FIG. 8 is a flowchart illustrating a calculation process procedure for calculating the free space of the Transient Area in the IC card according to the embodiment. FIG. 9 is a flowchart for explaining the flow of processing when the IC card according to the embodiment receives a SELECT command. FIG. 10 is a flowchart for explaining a processing example of the SELECT method by the IC card according to the embodiment.

Hereinafter, embodiments will be described with reference to the drawings.
FIG. 1 is a block diagram for explaining a configuration of an IC card 2 as a portable electronic device according to the embodiment and an IC card processing device 1 as an external device that communicates with the IC card 2.

  The IC card 2 is a portable electronic device that processes a command given from the IC card processing device 1 as an external device and outputs the processing result as a response. The IC card processing device 1 is a device that supplies a command requesting processing to the IC card 2 and receives a response indicating the processing result from the IC card 2.

First, the configuration of the IC card processing apparatus 1 will be described.
In the configuration example illustrated in FIG. 1, the IC card processing device 1 includes a control unit 10, a card reader / writer 15, an operation unit 17, and a display 18. The control unit 10 includes a CPU 11, a ROM 12, a RAM 13, and a nonvolatile memory 14. For example, the control unit 10 may be configured by a personal computer (PC). The CPU 11, the ROM 12, the RAM 13, the nonvolatile memory 14, the card reader / writer 15, the operation unit 17 and the display 18 are connected to each other via a bus.

  The CPU 11 controls the entire IC card processing apparatus 1. The CPU 11 performs various processes by executing a control program stored in the ROM 12 or the nonvolatile memory 14. For example, the CPU 11 transmits and receives commands and responses to and from the IC card 2 via the card reader / writer 15.

  The ROM 12 is a non-volatile memory that stores a control program and control data in advance. The RAM 13 is a volatile memory that functions as a working memory. The RAM 13 temporarily stores data being processed by the CPU 11. For example, the RAM 13 temporarily stores data to be transmitted / received to / from an external device via the card reader / writer 15. The RAM 13 temporarily stores a program executed by the CPU 11.

  The nonvolatile memory 14 is configured by a rewritable nonvolatile memory such as an EEPROM, for example. The nonvolatile memory 14 stores, for example, a control program, control data, an application, and data used for the application.

  The card reader / writer 15 is an interface device for performing communication with the IC card 2. The card reader / writer 15 is configured by an interface corresponding to the communication method of the IC card 2. For example, when the IC card 2 is a contact type IC card, the card reader / writer 15 is configured by a contact portion for physically and electrically connecting with a contact portion of the IC card 2.

  When the IC card 2 is a non-contact type IC card, the card reader / writer 15 includes an antenna for performing wireless communication with the IC card 2 and a communication control unit. The card reader / writer 15 performs power supply, clock supply, reset control, and data transmission / reception with respect to the IC card 2. With such a function, the card reader / writer 15 activates (activates) the IC card 2, transmits various commands, and receives responses to the transmitted commands based on control by the CPU 11 of the control unit 10. Do.

  Various operation instructions are input to the operation unit 17 by the operator of the IC card processing apparatus 1. The operation unit 17 transmits operation instruction data input to the operator to the CPU 11. The operation unit 17 is, for example, a keyboard, a numeric keypad, and a touch panel.

The display 18 is a display device that displays various information under the control of the CPU 11. The display 18 is, for example, a liquid crystal display device.
Next, the IC card 2 will be described.
The IC card 2 is activated (becomes operable) upon receiving power or the like from a host device such as the IC card processing device 1. For example, when the IC card 2 is connected to the IC card processing device 1 by contact-type communication, that is, when the IC card 2 is configured by a contact-type IC card, the IC card 2 is a contact unit as a communication interface. The IC card processor 1 is activated by receiving the operation power supply and the operation clock from the IC card processing apparatus 1 through the IC card.

  Further, when the IC card 2 is connected to the IC card processing device 1 by a non-contact type communication method, that is, when the IC card 2 is constituted by a non-contact type IC card, the IC card 2 is used as a communication interface. A radio wave is received from the IC card processing apparatus 1 via the antenna and modulation / demodulation circuit, and an operation power supply and an operation clock are generated from the radio wave by a power supply unit (not shown) and activated.

Next, a configuration example of the IC card 2 will be described.
FIG. 2 is a block diagram schematically showing a configuration example of the IC card 2 according to the embodiment.
The IC card 2 has a card-like main body C formed of plastic or the like. The IC card 2 has a module M built in the main body C. The module M is integrally formed in a state where one or a plurality of IC chips Ca and an external interface (communication interface) as a communication unit are connected, and is embedded in the main body C of the IC card 2.

  In the configuration example illustrated in FIG. 2, the IC card 2 includes a CPU 21, a ROM 22, a RAM 23, a nonvolatile memory (NVM) 24, a UART (communication unit) 25, and a co-processor (co-processor) 26. These units are connected to each other via a data bus. Further, the CPU 21, ROM 22, RAM 23, and nonvolatile memory 24 are configured by one or a plurality of IC chips Ca, and configure the module M in a state of being connected to the communication unit 25.

  The CPU 21 functions as a control unit that controls the entire IC card 2. The CPU 21 performs various processes based on the control program and control data stored in the ROM 22 or the nonvolatile memory 24. For example, the CPU 21 executes various programs according to the operation control of the IC card 2 or the operation mode of the IC card 2 by executing a program stored in the ROM 22. Note that some of the various functions may be realized by a hardware circuit. In this case, the CPU 21 controls functions executed by the hardware circuit.

  The ROM 22 is a non-volatile memory that stores a control program and control data in advance. The ROM 22 is incorporated in the IC card 2 in a state where a control program, control data, and the like are stored at the manufacturing stage. That is, the control program and control data stored in the ROM 22 are incorporated in advance according to the specifications of the IC card 2.

  The RAM 23 is a volatile memory. The RAM 23 temporarily stores data being processed by the CPU 21. For example, the RAM 23 functions as a calculation buffer, a reception buffer, a transmission buffer, and the like. The calculation buffer temporarily holds the results of various arithmetic processes executed by the CPU 21. As a reception buffer, a command received from the IC card processing apparatus 1 via the communication unit 25 is held. As a transmission buffer, data to be transmitted to the IC card processing apparatus 1 via the communication unit 25 is held.

  The nonvolatile memory 24 is configured by a nonvolatile memory capable of writing and rewriting data, such as an EEPROM or a flash ROM. The non-volatile memory 24 stores a control program, an application, and various data according to the usage application of the IC card 2. For example, in the nonvolatile memory 24, a program file and a data file are created. Each created file is written with a control program and various data.

The UART 25 is an interface for communicating with the card reader / writer 15 of the IC card processing apparatus 1. When the IC card 2 is realized as a contact-type IC card, the UART 25 is in contact with a communication control unit for transmitting and receiving signals in physical and electrical contact with the card reader / writer 15 of the IC card processing apparatus 1. Part. When the IC card 2 is realized as a non-contact type IC card, the UART 25 includes a communication control unit such as a modulation / demodulation circuit for performing wireless communication with the card reader / writer 15 of the IC card processing device 1 and an antenna. Composed.
The coprocessor 26 performs encryption and decryption.

Next, files stored in the nonvolatile memory 24 will be described.
FIG. 3 is a diagram showing an example of a management structure of files stored in the nonvolatile memory 24. As shown in FIG.
In the example shown in FIG. 3, the nonvolatile memory 24 includes an MF (Master File) 30, a DF (Dedicated File) 32, 35, 38, 41, and an EF (Elementary File) 33, 34, 36, 37, 39. , 40, 42, 43, etc. are stored. These files are managed in a hierarchical structure. Each file is defined by definition information. Note that the file structure and file definition shown in FIG. 3 are defined by, for example, ISO / IEC 7816-4, which is an international standard for IC cards.

  In the configuration example shown in FIG. 3, DF 31 (DF 1 (DF name: APL 1)), DF 35 (DF 2 (DF name: APL 2)), DF 38 (DF 3 (DF name: APL 3)) are placed next to the MF 30 of the top layer. ), DF41 (DF4 (DF name: APL4)) exists. For example, one DF stores data for realizing one application (applet) included in the IC card 2. The IC card 2 realizing a plurality of functions by a plurality of applications may be provided with a plurality of DFs corresponding to each application in the nonvolatile memory 24.

  In the configuration example shown in FIG. 3, EF33 (EF1-1) and EF34 (EF1-1) exist in the next hierarchy under DF32 (DF1). Moreover, EF36 (EF2-1) and EF37 (EF2-2) exist in the next hierarchy under DF35 (DF2). Moreover, EF39 (EF3-1) and EF40 (EF3-2) exist in the next hierarchy under DF38 (DF3). Further, EF42 (EF3-1) and EF43 (EF4-2) exist in the next hierarchy under DF41 (DF4).

  Each of the EFs 33, 34, 36, 37, 39, 40, 42, and 43 is a data file that stores data used in each application. Each of the EFs 33, 34, 36, 37, 39, 40, 42, and 43 is, for example, EF (specified by ISO / IEC 7816-4. Each EF is defined by the respective EF definition information. In the EF definition information, file type information indicating the type (file type) of each EF is set, that is, each EF is identified by the file type information of the EF definition information.

Next, the configuration of the data area in the nonvolatile memory 24 of the IC card 2 will be described.
FIG. 4 is a diagram illustrating a configuration example of a storage area in the nonvolatile memory 24 in the IC card 2.
In the configuration example shown in FIG. 4, the nonvolatile memory 24 functions as a data memory having a system area 51 and an application area 52.

  The system area 51 stores data for executing basic operations of the IC card 2. The data stored in the system area 51 is information set according to the specifications of the IC card 2, and is information including, for example, phase information, ATR information, and a file management table. The phase information indicates the phase of the IC card 2 such as the manufacture, issue, operation, and end of operation of the IC card 2. The ATR information indicates an initial response output to the external device after the IC card 2 is activated. The file management table stores information indicating file identification information, head address, and the like.

  In the system area 51, a registered application table 51a for managing a DF corresponding to an application is provided. The registered application table 51a includes DF identification information (DF name (DF name)) corresponding to an application registered in the IC card 2 and information (pointer) indicating a position on the memory of the DF indicated by the DF identification information. And have.

  The system area 51 stores definition information for defining a transient area 23a (see FIG. 7) as a temporary storage area on the RAM 23 used by each application to temporarily store data. The definition information storage area 51b of the Area 23a is included. The definition information storage area 51b stores the start address of the transient area 23a and the end address of the transient area 23a in the RAM 23.

  The application area 52 includes a definition information area and a data storage area for files used by each application. Each file stored in the nonvolatile memory 24 includes file definition information stored in the definition information area and data (file data) stored in the data area of the data storage area defined by the file definition information in the definition information area. Composed. For example, in the IC card 2, as shown in FIG. 3, a DF corresponding to an application folder and an EF corresponding to a data file are managed in a hierarchical structure. In this case, the DF is defined by DF definition information stored in the definition information area of the application area 52. The EF includes EF definition information stored in the definition information area of the application area 52 and a data area in the data storage area of the application area 52 defined by the EF definition information.

Next, a command for requesting processing from the IC card processing apparatus 1 to the IC card 2 will be described.
FIG. 5 shows an example of the command format of the IC card defined by ISO / IEC7816-4.
In the configuration example shown in FIG. 5, the command is composed of a class byte (CLA), an instruction byte (INS), a parameter byte (P2, P2), an Lc field, a command data field, and a Le field.

  The class byte (CLA) indicates the type of command. The instruction byte (INS) indicates a command. The parameter bytes (P2, P2) indicate command option designation. The Lc field indicates the length of the subsequent command data field. The command data field indicates data used for command processing. The Le field indicates the maximum length of response data returned as a response to the command.

  When receiving a command from the IC card processing device 1, the control element (CPU) 21 of the IC card 2 analyzes the received command according to the format shown in FIG. 4, recognizes the processing content requested by the received command, Performs the processing requested by the command.

Next, a registered application table provided in the system area 51 of the nonvolatile memory 24 will be described.
FIG. 6 is a diagram showing a configuration example of a registered application table 51 a provided in the system area 51 of the nonvolatile memory 24.
In the example shown in FIG. 6, the registered application table 51 a stores a DF name (DF name) of an application registered in the IC card 2 and a pointer indicating the DF position of each application.

  When the DF Name is specified in the data field of the received command, the IC card 2 compares the specified value with the DF Name in the registered application table 51a and searches for a match. For example, if the value specified in the data field of the command is APL1, referring to the registered application table 51a shown in FIG. 6, the IC card 2 has an application (DF) that matches the specified DF Name. , It recognizes that the pointer indicating the position of the DF is “10000”.

Next, the memory area in the RAM 23 will be described.
FIG. 7 is a diagram schematically showing the configuration of the memory area in the RAM 23.
As shown in FIG. 7, a Transient Area 23a is defined in a part of the memory area of the RAM 23 as a volatile memory. Information indicating the area used in the Transient Area 23a is written in a used address storage area 23b provided in the memory area of the RAM 23 other than the Transient Area 23a.

  As described above, the Transient Area 23a is a storage area that can be used by an application to temporarily store data. The Transient Area 23a is a storage area defined in advance in the memory area of the RAM 23. When it becomes necessary for the application to secure an area for temporarily storing data, the secure area for each application (the area in the Transient Area secured for each application) is required from the start address of the Transient Area 23a on the RAM 23. A sufficient capacity is secured in order.

  For example, if there is no application using the Transient Area 23a, a storage area for the capacity required by the application is secured from the start address of the Transit Area 23a as the secure area for the first application. If there is an application that already uses a part of the Transient Area 23a, the next application uses the application from the address following the last address of the area in use in the Transient Area 23a (the start address of the unused area). A storage area for the necessary capacity is secured. In addition, when an area that temporarily stores data in the Transient Area 23a becomes unnecessary (that is, when the application is terminated), the storage area reserved by the application is released. The

Next, the calculation process of the free memory capacity of the Transient Area in the RAM 23 will be described.
As described above, the start address of the transient area 23a and the end address of the transient area 23a are written in the definition area 51a in the system area 51 of the nonvolatile memory 24 as shown in FIG. Further, the final address of the area reserved for the application in the Transient Area 23a (the final address of the storage area in use in the Transient Area 23a) is written to the used address storage area 23b shown in FIG. 7 as the used address of the Transient Area 23a. . Therefore, the control element 21 of the IC card 2 can calculate the free memory capacity of the Transient Area 23a at the present time by taking the difference between the end address of the Transient Area 23a and the used address in the Transient Area 23a.

FIG. 8 is a flowchart showing the procedure of the calculation process for calculating the free memory capacity of the Transient Area 23a.
When calculating the free memory capacity of the Transient Area 23a, the control element 21 acquires the used address (for example, “A”) of the Transient Area 23a from the used address storage area 23b of the RAM 23 (step S100). Next, the control element 21 acquires the end address (for example, “B”) of the Transient Area 23 a from the definition information storage area 51 b of the Transient Area 23 a in the system area 51 of the nonvolatile memory 24. A difference value (B−A) between the used address (A) of the acquired transient area 23 a and the end address (B) of the transient area 23 a is calculated, and the free memory capacity of the transient area 23 a is determined from the difference value.

Next, a SELECT process for the SELECT command in the IC card 2 configured as described above will be described.
FIG. 9 is a flowchart for explaining the flow of SELECT processing in the IC card 2.
The IC card 2 activated by the power supplied from the IC card processing apparatus 1 receives a command transmitted from the IC card processing apparatus 1 by the UART 25. When the command is received by the UART 25, the control element 21 of the IC card 2 analyzes the received command according to the command format as shown in FIG. 5, and recognizes the processing content requested by the command. Here, the control element 21 checks whether or not “CLA” and “INS” of the received command are SELECT commands (step S103).

  If it is determined that the received command is not a SELECT command (step S103, NO), the control element 21 executes processing according to the received command (step S105). If it is determined that the received command is a SELECT command (step S103, YES), the control element 21 refers to (reads) the DF Name of each DF registered in the registered application table 51a (step S104). . When the DF Name registered in the registered application table 51a is read, the control element 21 checks whether the DF Name registered in the registered application table 51a matches the DF Name in the data field (“Data”) of the received command. It is confirmed whether or not (step S106).

  When the DF name of the received command does not match the DF name registered in the registered application table 51a (NO in step S106), the control element 21 determines that the process for the SELECT command has an error (step S108). . If it is determined that the processing for the received SELECT command has resulted in an error, the control element 21 transmits a response status indicating that the SELECT command is “abnormal termination” to the IC card processing device 1 by the UART 25 (step S112).

  When the DF name of the received command matches the DF name registered in the registered application table 51a (step S106, YES), the control element 21 executes a calculation process for calculating the free memory capacity of the Transient Area 23a. (Step S107).

  When the free memory capacity of the Transient Area 23a is calculated, the control element 21 of the IC card 2 calls the SELECT method to notify the application designated by the received SELECT command that it has been selected. That is, the control element 21 sets the free capacity of the Transient Area 23a calculated by the above calculation process as an argument of the SELECT method (step S109), and executes the SELECT method (step S110). The SELECT method is a process for determining the operation of the application designated by the SELECT command according to the free space of the Transient Area 23a. The processing procedure of the SELECT method will be described later.

  When the SELECT method is executed, the control element 21 determines whether the return value (execution result) of the SELECT method is a normal response (step S111). If the return value of the SELECT method is a normal response (step S111, YES), the control element 21 sends a response status indicating that the SELECT command is “normal end” as a response to the SELECT command by the UART 25 by the IC card processing device. 1 (step S113). In this case, the control element 21 keeps the limit flag provided in the non-volatile memory 24 (or RAM 23) indicating whether or not there is an application function restriction as a value (for example, “0”) indicating that there is no application function restriction. To do.

  If the return value of the SELECT method is not a normal response (step S111, NO), the control element 21 determines whether the return value of the SELECT method is a warning response (step S114). If the return value of the SELECT method is a warning response (step S114, YES), the control element 21 stores a value (for example, “1”) indicating that the function of the application is restricted in the nonvolatile memory 24 (or RAM 23). The restriction flag is set by writing to the provided restriction flag (step S115). When the restriction flag is set, the control element 21 transmits, as a response to the SELECT command, a response status indicating that the SELECT command is “warning end” to the IC card processing apparatus 1 by the UART 25 (step S116).

  If the return value of the SELECT method is neither a normal response nor a warning response (YES in step S114), the control element 21 is “abnormal termination” in which the application specified by the SELECT command becomes unexecutable as a response to the SELECT command. A response status to that effect is transmitted to the IC card processing apparatus 1 by the UART 25 (step S117).

Next, processing of the SELECT method will be described.
FIG. 9 is a flowchart illustrating an example of a SELECT method process executed by the application.
When the SELECT method is called, the control element 21 determines whether the value specified in the argument (the free capacity of the Transient Area 23a) is sufficient for application execution (step S120). When it is determined that the free space of the Transient Area 23a is sufficient (step S120, YES), the control element 21 sets the return value of the SELECT method as a normal response (step S121).

  When it is determined that the free space of the Transient Area 23a is insufficient for application execution (step S120, NO), the control element 21 determines whether or not the application can be executed by limiting the function of the application ( Step S122). When it is determined that the application can be executed with the function limited (step S122, YES), the control element 21 sets the return value of the SELECT method as a warning response (step S123). If it is determined that the application cannot be executed even if the function is restricted (step S122, YES), the control element 21 sets the return value of the SELECT method as an abnormal response (step S124).

  In the above processing example, the function is limited to determine whether or not the application can be executed. However, there are multiple levels (levels) for the application according to the free capacity of the Transient Area 23a. The function restriction may be determined. In this case, the control element 21 may write function restriction information indicating the function restriction level for the application in the nonvolatile memory 24 or the RAM 23 instead of the restriction flag.

  As described above, when the SELECT command is received, the IC card 2 calculates the free capacity of the Transient Area 23a. When the application specified by the SELECT command cannot secure a sufficient storage area, the IC card 2 can set a restriction flag indicating a function restriction on the application in the nonvolatile memory 24 if an area where a part of the functions can be used is secured. Set. When the application specified by the SELECT command receives a subsequent command, the IC card 2 operates with a reduced function by reading a restriction flag.

  According to the embodiment as described above, the IC card 2 can be operated with reduced functions even if the application cannot secure a sufficient storage area in the Transient Area 23a of the RAM. As a result, it is possible to reduce the case where the processing after the application selection processing cannot be executed completely due to insufficient memory capacity.

  Although several embodiments of the present invention have been described, these embodiments are presented by way of example and are not intended to limit the scope of the invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the scope of the invention. These embodiments and modifications thereof are included in the scope and gist of the invention, and are included in the invention described in the claims and the equivalents thereof.

  C ... Main body, M ... Module, Ca ... IC chip, 1 ... IC card processing device, 2 ... IC card, 10 ... Control unit, 15 ... Card reader / writer, 17 ... Operation unit, 18 ... Display, 21 ... Control element ( CPU, calculation means, determination means, setting means), 22 ... ROM, 23 ... RAM (first storage means, volatile memory), 23a ... transient area (temporary storage area), 23b ... address storage area used, 24 ... Nonvolatile memory (second storage means), 25... UART (communication unit), 51... System area, 51 a... Registered application table, 51 b.

Claims (8)

A communication unit that communicates with an external device;
First storage means having a temporary storage area allocated to the application;
Second storage means for storing definition information of a temporary storage area that can be assigned to an application in the first storage means;
A calculation means for calculating a capacity of an unused area in a temporary storage area defined by the definition information when a command specifying an application is received by the communication unit;
Determining means for determining whether or not there is a function restriction for the application according to the capacity of the unused area calculated by the calculating means;
Setting means for setting function restriction information indicating the contents of function restriction for the application based on the determination result by the determination means;
IC card having The determination means determines whether all functions of the application can be executed, some functions of the application can be executed, or all functions of the application cannot be executed, depending on the capacity of the unused area. decide,
The IC card according to claim 1. The setting means sets a restriction flag as the function restriction information when it is determined that a part of the functions of the application is executable.
The IC card according to claim 2. The calculation means calculates a capacity of an unused area in the temporary storage area when receiving a select command designating an application by the communication unit;
The IC card according to any one of claims 1 to 3. The first storage means is a volatile memory;
The IC card according to any one of claims 1 to 4. The second storage means is a nonvolatile memory;
The IC card according to any one of claims 1 to 5. A communication unit that communicates with an external device, a first storage unit having a temporary storage area allocated to the application, and a second storage that stores definition information of the temporary storage area that can be allocated to the application in the first storage unit And means for calculating the capacity of the unused area in the temporary storage area defined by the definition information when the command specifying the application is received by the communication unit, and the unused area calculated by the calculating means A determination unit that determines whether or not there is a function restriction on the application according to the capacity of the application; and a setting unit that sets function restriction information indicating the content of the function restriction on the application based on a determination result by the determination unit. When,
A main body comprising the module;
IC card having A communication unit that communicates with an external device;
First storage means having a temporary storage area allocated to the application;
Second storage means for storing definition information of a temporary storage area that can be assigned to an application in the first storage means;
A calculation means for calculating a capacity of an unused area in a temporary storage area defined by the definition information when a command specifying an application is received by the communication unit;
Determining means for determining whether or not there is a function restriction for the application according to the capacity of the unused area calculated by the calculating means;
Setting means for setting function restriction information indicating the contents of function restriction for the application based on the determination result by the determination means;
A portable electronic device.

Images