JP2002245414A - Data processing method and semiconductor circuit - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a data processing method by which a user can produce and customize a user application program to be carried out by a server device without notifying the user of information having high privacy. SOLUTION: An SAM chip 8 can refer to a table showing the correspondence between an operation code that is used by the application program AP to operation an IC card 3 and an operation name being the name of an operation, and inputs a script program that describes the operation of the AP by using the operation name. The SAM chip 8 obtains an operation code corresponding to the operation name described by the script program by referring to the table, and regulates AP processing by using the obtained operation code.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to a data processing method and a semiconductor circuit capable of customizing an application program while maintaining the confidentiality of predetermined information.

[0002]

2. Description of the Related Art Currently, a communication system has been developed in which an IC card is used for transactions via a network such as the Internet. In such a communication system,
Upon receiving a request from a service provider that provides a service using an IC card, the server device executes an application program that executes a procedure process specified by the service provider. The server device performs processing such as user authentication and data encryption and decryption based on the application program in response to a processing request from, for example, a reader / writer of an IC card or a PC (Personal Computer). Such an application program is an IC
The code needs to be described using key information for accessing the card and operation commands for operating the IC card. Here, these key information and operation commands are
Only the administrator of the server device can know the security of the transaction using the IC card. Therefore, conventionally, an administrator of the server device creates and customizes the application program upon receiving a request from the service provider.

[0003]

However, if the administrator of the server device creates and customizes the application program as described above, there is a problem that the burden on the administrator is large.

The present invention has been made in view of the above-mentioned problems of the prior art, and has a data processing method capable of creating and customizing a user's application program to be executed on a server device without informing the user of highly confidential information. And a semiconductor circuit.

[0005]

In order to achieve the above-mentioned object, a data processing method according to the present invention is a data processing method performed by a semiconductor circuit on which an application program for performing a process related to a procedure using an integrated circuit operates. hand,
The semiconductor circuit can refer to correspondence instruction data indicating a correspondence between an operation code used by the application program to operate the integrated circuit and an operation name that is a name of the operation, and the operation of the application program is controlled by the operation The semiconductor circuit inputs an operation description program described using a name, and the semiconductor circuit obtains the operation code corresponding to the operation name described in the operation description program by referring to the correspondence instruction data. The process of the application program is defined using the obtained operation code.

In the data processing method according to the present invention, preferably, the correspondence instruction data includes a correspondence between the operation name and key information used when an operation corresponding to the operation name is performed on the integrated circuit. Further, the semiconductor circuit obtains the key information corresponding to the operation name described in the operation description program by referring to the correspondence instruction data, and uses the obtained key information to process the application program. Is specified.

In the data processing method according to the present invention, preferably, the semiconductor circuit includes, in response to a processing request, job execution order data indicating an execution order of a plurality of jobs constituting the processing of the application program; Generate job management data including status data indicating the progress of execution of a plurality of jobs, and select a job to be executed next based on the status data and the processing order data of the job management data. Executing the selected job, and updating the status data of the selected job management data according to the execution of the job.

Further, in the data processing method of the present invention, preferably, the semiconductor circuit generates template data of the job management data using the correspondence instruction data and the operation description program, and responds to the processing request. Accordingly, the job management data is generated using the template data.

In the data processing method according to the present invention, preferably, the semiconductor circuit generates the job management data for each of a plurality of processing requests, and generates one job management data from a plurality of the data modules. Select, based on the status data and the processing order data of the selected job management data, select a job to be executed next, execute the selected job,
In response to the execution of the job, the status data of the selected job management data is updated, and after the update, one job management data is selected from the plurality of data modules.

In the data processing method according to the present invention, preferably, the semiconductor circuit erases the job management data in which all the jobs constituting the process according to the process request have been executed.

In the data processing method according to the present invention, preferably, the operation description program includes a description designating a maximum number of the job management data which can be processed by the semiconductor circuit, and the semiconductor circuit includes When the number of job management data is equal to or less than the specified maximum number, the job management data is generated according to the processing request.

In the data processing method according to the present invention, preferably, the semiconductor circuit includes the execution order data indicating an execution order of a plurality of jobs corresponding to the plurality of operations on the integrated circuit. Generate job management data.

In the data processing method according to the present invention, preferably, the operation description program includes a data block for storing data read from the integrated circuit, a data block for storing data to be written to the integrated circuit, and The semiconductor circuit includes a description that defines at least one data block of data blocks that store history information of the procedure processing using the integrated circuit, and the semiconductor circuit generates the data block based on the operation description program.

In the data processing method according to the present invention, preferably, the operation name is a macro command.

In the data processing method according to the present invention, preferably, the integrated circuit is mounted on a card.

Further, the semiconductor circuit of the present invention is a semiconductor circuit on which an application program for performing a process relating to a procedure using an integrated circuit operates, the operation code used by the application program for operating the integrated circuit, It is possible to refer to the correspondence instruction data indicating the correspondence with the operation name, which is the name of the operation, and input an operation description program describing the operation of the application program using the operation name, and input the operation description program to the input operation description program. The operation code corresponding to the described operation name is obtained by referring to the correspondence instruction data, and the processing of the application program is defined using the obtained operation code.

[0017]

Embodiments of the present invention will be described below with reference to the accompanying drawings. FIG. 1 is an overall configuration diagram of a communication system 1 according to the present embodiment. As shown in FIG. 1, a communication system 1 includes a server device 2, an IC card 3, a card reader / writer 4, a personal computer 5, an ASP (A
pplication Service Provider) server device 6, SAM (S
Using the ecure application module) unit 9, communication is performed via the Internet 10 to perform procedural processing such as payment processing using the IC card 3 (the integrated circuit of the present invention). The SAM unit 9 includes the external memory 7 and the SAM
It has a chip (semiconductor circuit of the present invention) 8.

The SAM chip 8 has a software configuration as shown in FIG. As shown in FIG.
The chip 8 is HW (Hardware) from the lower layer to the upper layer.
Layer, OS layer, lower handler layer, upper handler layer and A
It has a P layer in order. The lower handler layer includes a driver layer. Here, in the AP layer, businesses 15_1, 15_2, and 15 such as credit card companies shown in FIG.
Application programs AP_1, AP_2, and AP_3 that define procedures using the IC card 3 according to _3
There is. In the AP layer, the application program AP
_1, AP_2, AP_3, and a firewall FW between the upper handler layer.

The application program AP_1 is
It is defined by service definition table data (corresponding instruction data) 20_1 and a script program (operation description program) 21_1 which are stored in the external memory 7 and described later. Also, the application program AP_2
Is a service definition table data 20_2 described later and a script program 21 stored in the external memory 7.
_2. The application program AP_3 is defined by service definition table data 20_3 and a script program 21_3, which will be described later, stored in the external memory 7.

The SAM chip 8 is a SCSI or Eth
It is connected to the ASP server device 6 via ernet or the like. The ASP server device 6 is connected to a plurality of terminal devices including the personal computer 5 of the end user and the personal computers 16_1, 16_2, and 16_3 of the operators 15_1, 15_2, and 15_3 via the Internet 10. The personal computer 5 is, for example,
It is connected to a Dumb-type card reader / writer 4 via serial or USB. The card reader / writer 4 realizes, for example, wireless communication corresponding to a physical level with the IC card 3. The operation command to the IC card 3 and the response packet from the IC card 3 are SAM
Generated and decrypted on the unit 9 side. Therefore, the card reader / writer 4, the personal computer 5, and the ASP server device 6 interposed therebetween serve only to store the command and the response content in the data payload portion and relay the data and response data. It does not participate in actual operations such as encryption, decryption, and authentication.

Personal computers 16_1 and 16_
2, 16_3, a script program described later
By downloading the application programs to the M chip 8, the application programs AP_1, AP_2, and AP_3 can be customized.

Hereinafter, the components shown in FIG. 1 will be described. [IC Card 3] FIG. 3 is a functional block diagram of the IC card 3. As shown in FIG. 3, the IC card 3 includes an IC (Integrated Circuit) having a storage unit 50 and a processing unit 51.
t) 3a is provided. As shown in FIG. 4, the storage unit 50 includes a storage area 55_1 used by the business 15_1 such as a credit card company and a storage area 5 used by the business 15_2.
5_2 and the storage area 55 used by the operator 15_3
_3. Further, the storage unit 50 stores the storage area 55_1.
Key information used to determine access rights to
The key information used to determine the access right to the storage area 55_2 and the key information used to determine the access right to the storage area 55_3 are stored. The key information is used for mutual authentication, data encryption and decryption, and the like. The storage unit 50 stores identification information of the IC card 3 or a user of the IC card 3.

Hereinafter, the SAM unit 9 will be described in detail. [External Memory 7] FIG. 5 is a diagram for explaining data and programs stored in the external memory 7 shown in FIG. As shown in FIG. 5, the external memory 7 stores the business 1
5_1 service definition table data 20_1 and IC
Macro command script program 21 for card operation
_1 is stored. The external memory 7 also stores service definition table data 20_2 of the business 15_2.
And an IC card operation macro command script program 21_2. Also, the external memory 7
Contains the service definition table data 2 of the operator 15_3
0_3 and a macro command script program 21_3 for IC card operation are stored. The service definition table data 20_1, 20_2, and 20_3 have the same format. Also, macro command script programs 21_1, 21_ for IC card operation
2, 21_3 are described using a common macro command. Also, the service definition table data 20_
Macro command script programs 21_1, 21_2, 2 for IC card operation
1_3 is scrambled and stored in the external memory 7. The scrambled data and program are descrambled in the SAM chip 8.

In this embodiment, the script program 2
1_1, 21_2, and 21_3 are created by the operators 15_1, 15_2, and 15_3 using the personal computers 16_1, 16_2, and 16_3 shown in FIG. In addition, service definition table data 2
0_1, 20_2, and 20_3 are businesses 15_, respectively.
It is created by the administrator of the SAM unit 9 in response to instructions from 1, 15_2, 15_3.

FIG. 6 shows the service definition table data 20
_1 is a diagram for explaining FIG. As shown in FIG. 6, the service definition table data 20_1 has entries of a service type element (operation name), an address, a service number (operation code), key version information, and key information. Service type element is operator 1
5_1 indicates the name given to the service provided by the application program. The service type element is an identifier that is referred to instead of the service number of the service that can be used by the application program of the provider 15_1. In the present embodiment, as shown in FIG. 6, "Rc", "Rd", "Wd" and "Wc" are used as service type elements of the service definition table data 20_1 corresponding to the provider 15_1. . In the present embodiment, the IC card operation macro command script program 21_1 defines service contents in which a plurality of service type elements are combined, and reflects the contents in IC card entity data (job management data) to be described later. A service can be provided by combining services corresponding to a plurality of service type elements. For example, IC card 3
A service that combines a service for reading data from the server and a service for writing data to the server device 2 can be defined in the IC card entity data.

The service number in the service definition table data 20_1 is an operation command which is issued to the IC card 3 and can be interpreted by the IC card 3 when the service provided by the business entity 15_1 is performed.

An address in the service definition table data 20_1 indicates an address at which data relating to a procedure relating to a corresponding service type element is stored. The key version information in the service definition table data 20_1 indicates the version of the key information used in providing the service. The key information in the service definition table data 20_1 is key information used for providing the service. For example, in the service definition table data 20_1, key information used when accessing the storage area 55_1 of the IC 3a of the IC card 3 shown in FIG. 3 is set. In the service definition table data 20_2,
Key information used when accessing the storage area 55_2 of the IC 3a is set. In the service definition table data 20_3, the storage area 5 of the IC 3a
Key information used when accessing 5_3 is set.

The following describes the IC card operating macro command script program 21_1. The script program 21_1 is a program for defining an application program of the business operator 15_1 operating on the SAM chip 8, and a procedure of a process performed by the IC card 3 when the application program is executed. In the present embodiment, as will be described later, as shown in FIG. 7, in the SAM chip 8, IC card entity template data 30_1 used for procedures related to the business operator 15_1 using the service definition table data 20_1 and the script program 21_1. , Input data block 31_x1, output data block 32
_X2, a log data block 33_x3, and an operation definition data block 34_x4 are generated.

FIG. 8 is a diagram for explaining commands used to describe the IC card operating macro command script programs 21_1, 21_2, and 21_3.
The first character of the command for the SAM chip 8 itself is “S”, and the first character of the command related to the operation of the IC card 3 is “C”. The second character is used properly depending on the application.
The issuer setting declaration of the C card 3 is “I”, the service type element declaration is “S”, the simple read declaration from the IC card 3 is “R”, the simple write declaration to the IC card 3 is “W”, the service type The inter-element operation definition is "F".

Script programs 21_1, 21_
The commands used to describe 2, 21_3 include SC commands, SO commands, SI commands, SL commands,
There are SF commands, CI commands, CS commands, CR commands, and CW commands. The SC command is a command for declaring the maximum number of IC card entity data that can be processed simultaneously by the SAM chip 8.
For example, when the SAM chip 8 can simultaneously process 1000 pieces of IC card entity data, “SC:
1000 ".

The SO command stores data read from the IC card 3 among data blocks prepared in the SAM chip 8 when processing using the IC card 3 based on IC card entity data described later. This command declares a data block to be the output data block 32_x2. For example, when data blocks 1 to 10 are prepared and data read from the IC card 3 is stored in the data block 1, "SO: 1" is described.

The SI command stores data to be written to the IC card 3 among data blocks prepared in the SAM chip 8 when processing using the IC card 3 based on IC card entity data described later. This command declares a data block to be an input data block 31_x1. For example, data block 1
If the data to be written to the IC card 3 is stored in the data blocks 2 and 3 when
"SI: 2, 3" is described.

The SL command is a log for storing log data related to an operation among data blocks prepared in the SAM chip 8 when performing processing using the IC card 3 based on IC card entity data described later. Is a command for declaring a data block to be used as the data block 33_x3. For example, when data blocks 1 to 10 are prepared, log data is stored in data block 4.
Is stored as “SL: 4”.

The SF command is a command for preparing a data block which is an operation definition data block 34_x4 for describing the definition between the service type elements related to the IC card 3. The contents of the calculation definition data block 34_x4 become pre-processing information of the IC card entity data.

The CI command is a command for declaring the issuer (operator) of the IC card 3. The information specifying the business entity defined by the CI command is the IC card type information of the IC card entity data.

The CS command is a command declaring that a plurality of services for the IC card 3 are to be operated simultaneously by citing the service type element. The CS command can further declare a function that specifies an operation between service type elements. For example, “CS:“ Rc ”
+ "Wc" + "Wd"". Based on the content of the CS command, service type element designation information of IC card entity data and processing order information are determined.

The CR command is to store data read from the IC card 3 in a specified data block when the relationship between service type elements is not defined (when the SF command is not described). declare. For example, when data read from the IC card 3 is stored in the data block 1, "CR: SO:
1 = “Rc” ”.

The CW command declares that the data stored in the specified data block is to be written to the IC card 3 when the relationship between the service type elements has not been defined. For example, when writing the data stored in the data block 2 to the IC card 3, "CW:
SI: 2 = “Wc” ”.

The CF command declares a data block that describes the operation content across services. For example, when describing the operation content across services in the SF data block 1, CF: CES_FUNC = SF: 1 "
And Then, in the SF data block 1, for example,
““ Wc ”= If (“ Wc ”> 10) then (“ Wc ”
c "-10;" Wd "=" Wc "* 0.08 +" W
d ")". In this formula, the remaining number of services Wc is 1
When it is larger than 0, the value of Wc is subtracted by 10, and
Wd as accumulated points as the number of points corresponding to%
Represents the operation of adding to.

[SAM Chip 8] FIG. 9 shows the SAM chip 8 shown in FIG.
FIG. 3 is a functional block diagram of an AM chip 8; As shown in FIG. 9, the SAM chip 8 includes an ASPS communication interface unit 60, an external memory communication interface unit 61, a bus scramble unit 62, a random number generation unit 63, an encryption / decryption unit 64,
It has a storage unit 65 and a CPU 66. SAM chip 8
Is a tamper-resistant module.

The ASPS communication interface unit 60 is an interface used for data input / output with the ASP server device 6 shown in FIG. The external memory communication interface 61 is an interface used for data input / output with the external memory 7. The bus scrambler 62 scrambles output data and descrambles input data when inputting / outputting data via the external memory communication interface 61. The random number generator 63 generates a random number used when performing the authentication process. The encryption / decryption unit 64 performs data encryption and decrypts the encrypted data. The storage unit 65 stores tasks, programs, and data used by the CPU 66, as described later. The CPU 66 executes tasks such as a script download task, a script interpretation task, an entity generation task (job management data creation task), and an IC card procedure management task (job management data management task), which will be described later.

Hereinafter, the tasks, programs, and data stored in the storage unit 65 will be described. FIG. 10 is a diagram for explaining tasks, programs, and data stored in the storage unit 65. As shown in FIG. 10, a script download task 69, a script interpretation task 70, an entity generation task 71, an IC card procedure management task 72, macro command script programs 21_1 to 21_3 for IC card operation, service definition tables 20_1 to 20_3, IC Card entity template data 30_1 to 30_3, IC card entity data 73_x, input data block 31_
x1, an output data block 32_x2, a log data block 33_x3, and an operation definition data block 34_x4.

The script download task 69 is, as shown in FIG. 7, a service definition table data 20_1.
To _20_3, for example, are downloaded from the computer of each business operator, and are downloaded to the SAM chip 8.

The script interpreting task 70 uses the service definition table data and the script program for each business entity to execute IC card entity plate data, input data block, output data block, log data block, and operation definition table. Generate a data block. The number of data blocks generated for each company is not particularly limited.

The entity generation task 71 includes, for example,
When an entity creation request is received from the ASP server device 6, after polling with the IC card 3, the IC card 3 is used for a procedure process between the IC card 3 and the business entity.
The C card entity data is generated using IC card entity plate data corresponding to the carrier. At this time, the IC card entity plate data becomes a class, and an instance of the class is
C card entity data is generated. The generation processing of the IC card entity data by the entity generation task 71 will be described later in detail.

The IC card procedure management task 72 executes a procedure between the IC card 3 and the businesses 15_1 to 15_3 by using one or a plurality of IC card entity data 73_x existing in the storage unit 65. . In the present embodiment, the plurality of IC cards 3 and the operators 15_1 to 15_1
A plurality of procedural processes to be performed with 15_3 proceed simultaneously. The IC card procedure management task 72 executes these plural procedures in parallel. The IC card procedure management task 72 deletes the IC card entity data 73_x that has completed the series of procedures. The processing of the IC card procedure management task 72 will be described later in detail.

Script programs 21_1 and 21_2
Is input from, for example, the external memory 7 by the script download task 69 and stored in the storage unit 65. Service definition table data 20_1 to 20_3
Is input from, for example, the external memory 7 by the script download task 69 and stored in the storage unit 65.

[0048] The IC card entity template data 30_1 to 30_3 are generated by the script interpretation task 70, and the I
Used as a template (class) when generating the C card entity data 73_x. The IC card entity data 73_x is generated by the entity generation task 71 as an instance of the class using the IC card entity template data 30_1 to 30_3 as, for example, a class.

An input data block 31_x1, an output data block 32_x2, a log data block 33
_X3 and the operation definition data block 34_x4 are
Generated by the script interpretation task 70.

Hereinafter, the IC card entity data 73
_X will be described. The IC card entity data 73_x is, for example, when the SAM chip 8 receives a processing request for processing using the IC card 3 and a predetermined business application program from the ASP server device 6,
An entity generation task 71 in the SAM chip 8 generates the IC card entity template data of the corresponding business entity that has already been generated.

FIG. 11 is a diagram for explaining the format of the IC card entity data 73_x. As shown in FIG. 11, the IC card entity data 73
_X is management pointer information 80, entity ID information 81, entity status information (status data) 82, IC card type information 83, service type element designation information 84, processing order information (processing order data) 85, pre-processing information 86 And post-processing information 87.

The management pointer information 80 includes a storage unit 65.
It is a bidirectional pointer for managing the IC card entity data 73_x in the inside. Entity ID information 8
1 is used for a series of processes using the IC card entity data 73_x, such as a request to generate the IC card entity data 73_x, confirmation of the progress, and deletion. The entity ID information 81 is also a return value passed to the end user. The entity ID information 81 corresponds to a descriptor when a file is opened on a general file system.

The entity status information 82 includes an IC
The progress of the procedure for the card 3 is shown. The basic state of the IC card entity data 73_x includes:
As shown in FIG. 12, the state (RS) of the process of checking the service that can be used by the IC card 3 and the SAM chip 8
Status of processing for authenticating card 3 (A1), IC card 3
Of the process of authenticating the SAM chip 8 (A2), IC
There is a state (R) of processing for reading data from the card 3 and a state (W) of processing for writing data to the IC card 3. In the present embodiment, the process of examining the operator, the SAM chip 8
The process of authenticating the C card 3, the process of authenticating the SAM chip 8 by the IC card 3, the process of reading data from the IC card 3, and the process of writing data to the IC card 3 correspond to jobs. The job is a unit of processing whose execution order is determined by the IC card procedure management task 72, as described later. A1, A
2 configures a mutual authentication process between the IC card 3 and the SAM chip 8.

In this embodiment, the Internet 1
In consideration of the communication time at 0, each of the above basic states is divided into a state after starting (after issuing a command) and a state after receiving a response (after receiving a response), as shown in the state transition diagram of FIG. Manage. Specifically, an instance generation (IC card entity data generation) state, a state after RS startup,
RS completed state, A1 activated state, A1 completed state, A2 activated state, A2 completed state, R activated state, R completed state, W
The processing state using the IC card entity data 73_x is managed by the activation state, the W completion state, and the instant (IC card entity data) erasing state.

The IC card type information 83 is information for specifying the business entity that issued the IC card 3. The IC card type information 83 includes the IC card entity data 7
When 3_x is generated, information specified by the CI command in the above-described script program is set.

The service type element information 84 includes I
The service type element of the service defined in the service definition table data used in the processing using the C card entity data 73_x is shown. In the service type element information 84, at the time of generating the IC card entity data 73_x, one or more service type elements specified by the CS command in the above-described script program are set.

The processing order information 85 indicates the order of executing the service (job) used in the processing using the IC card entity data 73_x, that is, the transition state shown in FIG. That is, the processing order information 85 indicates the execution order of the job corresponding to the basic operation of the IC card 3 using the service type element. Here, as described above, the jobs are RS, A1, A shown in FIG.
2, R, W. A specific operation on the IC card 3 is realized in a processing order specified by using a job. For example, regarding the processing using the read-only IC card 3 without mutual authentication, the processing order information 85 includes “R
S → R ”is set. In the case of reading and writing with mutual authentication, the processing order information 85 includes
“RS → A1 → A2 → R → W” is set. The processing order information 85 includes the IC card entity data 73_x
When the job is generated, the order of the job shown in FIG. 12 corresponding to the order of the service elements specified in the CS command in the script program is set.

The pre-processing information 86 includes the ASP server device 6
The management data for performing the process using the IC card entity data 73_x is set from the side. . For example, in the pre-processing information 86, the point of the operation formula of the service specified in the SF data block is set. If the inter-service calculation function is not defined,
In the pre-processing information 86, a requested processing amount is set. For example, in the case of settlement, a state related to a billing amount, the number of granted points, and the like is set.

In the post-processing information 87, data of the processing result of the IC card entity data 73_x required on the ASP server device 6 side is set. For example, in the case of settlement, data indicating whether the settlement is normally completed is set.

Hereinafter, a procedure for performing a process relating to a plurality of IC cards 3 by using the plurality of IC card entity data 73_x by the IC card procedure management task 72 shown in FIG. 10 will be described. IC Card Procedure Management Task 7
2 is, for example, the CPU 66 of the SAM chip 8 shown in FIG.
Has always been launched on. FIG. 13 is a flowchart of the process performed by the IC card procedure management task 72. Step ST1: The IC card procedure management task 72 includes:
Among the plurality of IC card entity data 73 — x existing in the storage unit 65, one IC
The card entity data 73_x is selected. The I
The method of selecting the C card entity data 73 — x is determined by selecting the IC card entity data 7
3_x may be selected in order, or one with a higher priority may be selected with priority.

Step ST2: The IC card procedure management task 72 determines whether or not the job of the IC card entity data 73_x selected in step ST1 has already been started, and if it is determined that the job has been started. The process proceeds to step ST5, and if it is determined that it has not been started, the process proceeds to step ST3.

Step ST3: The IC card procedure management task 72 determines from the entity status information 82 shown in FIG. 11 of the IC card entity data 73 — x selected in step ST1 that the processing related to the entity data is in the state transition diagram shown in FIG. It is determined in which state the job is to be executed, and the next job to be executed is determined from the processing order information 85. At this time, the processing order information 85 specifies the job execution order using the service elements set in the service definition table data, as described above.

Step ST4: The IC card procedure management task 72 activates the job selected in step ST3. The IC card procedure management task 72 includes the input data block 31_x1, the output data block 32_x2, and the log data block 33_x described above with reference to FIG.
3 and the operation definition data block 34_x4
The job is executed using a data block related to the job.

At this time, the IC card procedure management task 7
2 issues a command to the IC card 3 in executing the job, searches the service definition table data using the service element corresponding to the job as a key, and searches the service definition table data corresponding to the service element (interpreted by the IC card 3). A possible operation command of the IC card 3 is obtained. Then, the IC card procedure management task 72
Issues a command to the IC card 3 using the obtained service number. Further, the IC card procedure management task 72 is, as described with reference to FIG.
If key information is required to access the storage area of the IC 3a, the service definition table data is searched using the service element corresponding to the job as a key, and key information corresponding to the service element is obtained. And I
The C card procedure management task 72 performs a process such as mutual authentication and data encryption and decryption with the IC card 3 using the key information, and accesses a predetermined storage area of the IC card 3. Get authority.

Step ST5: The step ST5 is performed when the IC card procedure management task 72 issues a command to the IC card 3 and waits for a processing result of the IC card 3. IC card procedure management task 72
Receives the processing result from the IC card 3,
Set in the C card entity data 73_x.

Step ST6: The IC card procedure management task 72 updates the entity status information 82 of the IC card entity data 73_x shown in FIG.

As described above, in the present embodiment, while the IC card procedure management task 72 sequentially selects the IC card entity data 73 — x for the plurality of IC cards 3 present in the SAM chip 8,
The processing for the card 3 is performed in parallel. Therefore, S
Even when the AM chip 8 receives a processing request for a procedure using a plurality of IC cards 3, the processing can proceed simultaneously.

Hereinafter, the overall operation of the communication system 1 shown in FIG. 1 will be described. FIGS. 14 and 15 are diagrams for explaining the overall operation of the communication system 1 shown in FIG.

Step ST21: Business Operators 15_1 to 15_1
_3 or a script program 21_1, 21_ describing a process for a transaction performed by the business operator using the IC card 3
2, 21_3 are created on, for example, the personal computers 16_1, 16_2, and 16_3 shown in FIG. In addition, the manager of the SAM chip 8 determines that the operators 15_1 to 15-15
_3, the service definition table data 20_1, 20_2, and 20_3 are created.

Step ST22: Service definition table data 20_1 and 20_ created in step ST21
2, 20_3 are stored in the external memory 7. Also, the script program 21_ created in step ST21
1, 21_2 and 21_3 are personal computers 1
Internet 1 from 6_1, 16_2, 16_3
0, downloaded to the external memory 7 via the ASP server device 6 and the SAM chip 8. The download process is managed by a script download task 69 in the SAM chip 8, as shown in FIG.

Step ST23: The script interpretation task 70 in the SAM chip 8 shown in FIG. 7 uses the service definition table data and the script program for each business entity to use the IC card entity plate data, the input data block, and the output. Data block,
A log data block and an operation definition data block are generated. These generated data are stored in the storage unit 65 of the SAM chip 8 shown in FIG.

Step ST24: IC card 3 is given to the user.
Is issued. As shown in FIG.
3a stores key information used for a transaction with a business operator with whom the user has made a contract. Note that the contract between the user and the business operator may be made via the Internet 10 or the like after the issuance of the IC card 3.

Step ST25: For example, when the user accesses the server device 2 via the Internet 10 using the personal computer 5 and tries to purchase a product, the server device 2 transmits the ASP server device via the Internet 10. Send a processing request to 6. Upon receiving a processing request from the server device 2, the ASP server device 6 accesses the personal computer 5 via the Internet 10. Then, as shown in FIG.
A processing request for the IC card 3 issued by the card reader / writer 4 is transmitted to the SAM chip 8 via the personal computer 5, the Internet 10, and the ASP server device 6.

Step ST26: The ASP server device 6 issues an entity creation request to the SAM chip 8.
The entity creation request stores information indicating the issuer of the IC card 3.

Step ST27: Upon receiving the entity creation request, the SAM chip 8 performs polling with the IC card 3, as shown in FIG.

Step ST28: The entity generation task 71 of the SAM chip 8 sets the SA
It is determined whether or not the number of IC card entity data 73_x existing in the M chip 8 is within the maximum number defined by the SC command of the script program,
If it is within the maximum number, the process proceeds to step ST29, otherwise, the process ends.

Step ST29: The entity generation task 71 specifies which business entity uses the IC card entity plate data based on the information indicating the issue source of the IC card 3 stored in the entity creation request, for example. , IC card entity data 73 using the specified IC card entity plate data.
_X is generated. This corresponds to the instance generation shown in FIG.

Step ST30: SAM chip 8 to A
The IC generated in step ST29 is stored in the SP server device 6.
Entity ID of card entity data 73_x
Is output.

Step ST31: IC of SAM chip 8
The service available for the IC card 3 is checked by the card procedure management task 72. This is a process corresponding to the job RS shown in FIG.

Step ST32: IC of SAM chip 8
The card procedure management task 72 authenticates the validity of the IC card 3. This is a process corresponding to the job A1 shown in FIG.

Step ST33: IC card 3 is SAM
The validity of the chip 8 is authenticated. This is a process corresponding to the job A2 shown in FIG. Step ST32, S
By T33, mutual authentication between the IC card 3 and the SAM chip 8 is performed. This corresponds to FIG.

Step ST34: IC of SAM chip 8
A card procedure management task 72 reads and writes data necessary for a procedure with the IC card 3. this is,
Jobs R and W shown in FIG.
This is processing corresponding to (E). The IC card procedure management task 72 includes an IC card entity data 73.
A predetermined calculation process is performed using the data read from the IC card 3 using the calculation formula specified based on the pre-processing information 86 of _x.

Step ST35: As shown in FIG. 16F, the task 7 for IC card procedure management of the SAM chip 8
2 outputs the processing result of step ST34 to the ASP server device 6.

Step ST36: For example, the IC card procedure management task 72 deletes the IC card entity data 73_x.

As described above, according to the communication system 1, each time a procedure is performed with the IC card 3,
The C card entity data 73 — x is generated, and the IC card procedure management task 72 can simultaneously perform the processing for the plurality of IC cards 3 using the plurality of IC card entity data 73 — x. Further, according to the authentication system 1, since the IC card entity data 73_x actually used for the process for the IC card 3 may be stored in the storage unit 65, the storage area of the storage unit 65 can be used efficiently. . Further, according to the authentication system 1, as shown in FIG. 12, the execution state of the job processed by the IC card procedure management task 72 is managed separately in the post-start state and the completed state. Can start processing related to other jobs while waiting for data from the IC card 3 after the execution of.
Therefore, it is possible to eliminate a waiting time caused by transmitting and receiving data to and from the IC card 3 via the Internet 10.

Further, according to the authentication system 1, the service type element, I, which is the name indicating the type of service provided by each service provider, is included in the service definition table data.
The service number used in the C card 3 and key information used in providing the service are described in the service definition table data, and are stored in the external memory 7. Therefore, the operators 15_1 to 15_3, who are not the developers of the SAM chip 8, create their own application programs operating on the SAM chip 8 by creating the script programs 21_1, 21_2, and 21_3, and through the SAM chip 8, the external memory 7 You can customize it by downloading it. That is, key information and I
These operators can customize their own application programs without informing the operators 15_1 to 15_3 of highly confidential information such as operation commands for directly operating the C card 3. Further, when customizing the application program, the business operator does not need to know the key information and the card operation command, so the burden on the business operator is reduced. Further, according to the authentication system 1, since the processing content over a plurality of services can be defined,
Various services combining a plurality of services can be provided within the range of services that are allowed and executed at the same time on the C card 3 side. In addition, according to the authentication system 1, by introducing the concept of a data block, data input / output to / from the IC card 3 and log data can be easily managed.

FIG. 17 is a more detailed functional block diagram of the SAM chip 8 shown in FIG.
As shown in FIG. 9, the SAM chip 8 includes an ASPS communication interface unit 60, an external memory communication interface unit 61, and a bus scramble unit 6 via an internal bus 90.
2. The random number generation unit 63, the encryption / decryption unit 64, the storage unit 65, and the CPU 66 are connected.

In the SAM chip 8 shown in FIG. 17, for example, as shown in FIG. 18, the card I / F section 91 connected to the internal bus 90 is connected to the RF transmitting / receiving section 92 outside the SAM chip 8, Data may be transmitted / received to / from the IC card 3 in a non-contact manner via the antenna 92a of the transmitting / receiving unit 92.

[0089]

As described above, according to the present invention,
A data processing method and a semiconductor circuit capable of creating and customizing a user's application program to be executed on a server device without notifying the user of highly confidential information can be provided.

[Brief description of the drawings]

FIG. 1 is an overall configuration diagram of a communication system according to an embodiment of the present invention.

FIG. 2 is a diagram for explaining a software configuration of the SAM chip shown in FIG. 1;

FIG. 3 is a functional block diagram of an IC of the IC card shown in FIG. 1;

FIG. 4 is a diagram for explaining information stored in a storage unit illustrated in FIG. 3;

FIG. 5 is a diagram for explaining information stored in an external memory of the SAM unit shown in FIG. 1;

FIG. 6 is a diagram for explaining service definition table data shown in FIG. 5;

FIG. 7 is a diagram for explaining processing in the SAM chip using the service definition table data and the script program shown in FIG. 5;

FIG. 8 is a diagram for explaining commands used in a script program;

FIG. 9 is a functional block diagram of the SAM chip shown in FIG. 1;

FIG. 10 is a diagram for explaining data stored in a storage unit illustrated in FIG. 9;

FIG. 11 is a diagram for explaining a format of IC card entity data generated by a SAM chip;

FIG. 12 is a state transition diagram of the IC card entity data shown in FIG. 11;

FIG. 13 is a diagram for explaining a processing procedure of the IC card procedure management task shown in FIG. 10;

FIG. 14 is a diagram for explaining an overall operation of the communication system shown in FIG. 1;

FIG. 15 is a diagram for explaining an overall operation of the communication system shown in FIG. 1;

FIG. 16 is a diagram for explaining a communication protocol between the IC card and the SAM chip.

FIG. 17 is a more specific functional block diagram of the functional blocks of the SAM chip shown in FIG. 9;

FIG. 18 is a diagram for explaining another usage form of the SAM chip.

[Explanation of symbols]

1. Communication system, 2. Server device, 3. IC card,
4 card reader / writer, 5 personal computer, 6 ASP server device, 7 external memory, 8 SA
M chip, 9 SAM unit, 10 Internet, 15_1, 15_2, 15_3 Credit card company, 16_1, 16_2, 16_3 Personal computer

Claims (23)

[Claims] 1. A data processing method performed by a semiconductor circuit on which an application program that performs a process related to a procedure using an integrated circuit operates, the operation code being used by the application program to operate the integrated circuit and the operation code of the operation. The semiconductor circuit can refer to correspondence instruction data indicating a correspondence with an operation name, which is a name, and the semiconductor circuit inputs an operation description program describing the operation of the application program using the operation name, A circuit that obtains the operation code corresponding to the operation name described in the operation description program with reference to the corresponding instruction data, and uses the obtained operation code to define processing of the application program; Method. 2. The correspondence instruction data further indicates a correspondence between the operation name and key information used when an operation corresponding to the operation name is performed on the integrated circuit. A data processing method for obtaining the key information corresponding to the operation name described in a program with reference to the correspondence instruction data, and using the obtained key information to define processing of the application program. 3. The semiconductor circuit, according to a processing request, job execution order data indicating an execution order of a plurality of jobs constituting the processing of the application program, and a status indicating a progress of execution of the plurality of jobs. And generating job management data including data, selecting a job to be executed next based on the status data and the processing order data of the job management data, executing the selected job, and 2. The data processing method according to claim 1, wherein the status data of the selected job management data is updated according to the execution of the job management data. 4. The semiconductor circuit generates template data of the job management data using the correspondence instruction data and the operation description program, and generates the job data using the template data in response to the processing request. 4. The data processing method according to claim 3, wherein the management data is generated. 5. The semiconductor circuit generates the job management data for each of a plurality of processing requests, selects one job management data from a plurality of the data modules, and selects the selected job management data. Selecting a job to be executed next based on the status data and the processing order data, executing the selected job, and, according to the execution of the job, the status data of the selected job management data 4. The data processing method according to claim 3, wherein after the update, one job management data is selected from the plurality of data modules. 5. 6. The data processing method according to claim 5, wherein the semiconductor circuit deletes the job management data for which execution of all jobs constituting a process according to the process request has been completed. 7. The operation description program includes a description designating a maximum number of the job management data that can be processed by the semiconductor circuit, and the semiconductor circuit is configured such that the number of the job management data is specified. 6. The data processing method according to claim 5, wherein the job management data is generated according to the processing request when the number is equal to or less than a maximum number. 8. The job management data according to claim 5, wherein the semiconductor circuit generates the job management data including the execution order data indicating the execution order of a plurality of jobs corresponding to the plurality of operations on the integrated circuit. Data processing method described. 9. The operation description program includes a data block for storing data read from the integrated circuit, a data block for storing data to be written to the integrated circuit, and history information of procedural processing using the integrated circuit. 6. The data processing method according to claim 5, further comprising: a description defining at least one data block of a data block storing the data block, wherein the semiconductor circuit generates the data block based on the operation description program. 10. The data processing method according to claim 1, wherein the operation name is a macro command. 11. The data processing method according to claim 1, wherein said integrated circuit is mounted on a card. 12. A semiconductor circuit on which an application program for performing a process related to a procedure using an integrated circuit operates, the operation code used by the application program to operate the integrated circuit and an operation name being the name of the operation. It is possible to refer to the correspondence instruction data indicating the correspondence with, and input an operation description program in which the operation of the application program is described using the operation name, and to the operation name described in the input operation description program A semiconductor circuit which obtains the corresponding operation code with reference to the corresponding instruction data, and defines the processing of the application program using the obtained operation code. 13. The correspondence instruction data includes the operation name,
Further indicating a correspondence with key information used when performing an operation corresponding to the operation name on the integrated circuit, referring to the corresponding instruction data for the key information corresponding to the operation name described in the operation description program Get it,
A semiconductor circuit that defines processing of the application program using the obtained key information. 14. A job including, in response to a processing request, job execution order data indicating an execution order of a plurality of jobs constituting the processing of the application program, and status data indicating a progress of execution of the plurality of jobs. Generating management data, selecting a job to be executed next based on the status data and the processing order data of the job management data, executing the selected job, and executing the selected job. 13. The semiconductor circuit according to claim 12, wherein the status data of the selected job management data is updated. 15. Generating template data for the job management data using the correspondence instruction data and the operation description program, and generating the job management data using the template data in response to the processing request. The semiconductor circuit according to claim 14, wherein: 16. The job management data is generated for each of a plurality of processing requests, one job management data is selected from a plurality of data modules, and the status data and the status data of the selected job management data are selected. Selecting a job to be executed next based on the processing order data; executing the selected job; updating the status data of the selected job management data in accordance with the execution of the job; 15. The semiconductor circuit according to claim 14, wherein after updating, one job management data is selected from the plurality of data modules. 17. The semiconductor circuit according to claim 16, wherein said job management data for which execution of all jobs constituting a process according to said process request has been completed is deleted. 18. When the operation description program includes a description specifying a maximum number of the job management data that can be processed by the semiconductor circuit, the number of the job management data is equal to or less than the specified maximum number. 17. The semiconductor circuit according to claim 16, wherein the job management data is generated in response to the processing request on the condition that: 19. The semiconductor circuit according to claim 16, wherein the job management data including the execution order data indicating an execution order of a plurality of jobs corresponding to the plurality of operations on the integrated circuit is generated. 20. A data block in which the operation description program stores data read from the integrated circuit;
A data block for storing data to be written to the integrated circuit, and a description for defining at least one data block of a data block for storing history information of procedural processing using the integrated circuit; 17. The semiconductor circuit according to claim 16, wherein said data block is generated based on said data block. 21. The semiconductor circuit according to claim 16, wherein said operation name is a macro command. 22. The semiconductor circuit according to claim 16, wherein said integrated circuit is mounted on a card. 23. A tamper-resistant semiconductor circuit.
7. The semiconductor circuit according to 6.