JP4551419B2 - Mobile communication terminal and terminal control method - Google Patents

Description

  The present invention relates to a mobile communication terminal incorporating a non-contact IC function such as a non-contact IC (Integrated Circuit) card, and a terminal control method in the mobile communication terminal.

Conventionally, a non-contact IC function such as a non-contact IC card is built in a mobile communication terminal such as a mobile phone. Such a non-contact IC function is used as a function of electronic money, a credit card, and a commuter pass. Techniques have been proposed for preventing unauthorized use of such functions by a third party when a mobile communication terminal is lost. For example, in Patent Document 1, an operation prohibition flag for prohibiting a non-contact IC function is provided in advance, thereby restricting the non-contact IC function. Moreover, in patent document 2, conditions, such as a utilization place, utilization time slot | zone, and utilization content, are memorize | stored in IC card, The function of an IC card is restrict | limited based on the said conditions.
JP 2006-13659 A JP 2006-58970 A

  In addition to measures for preventing unauthorized use as described above, a signal for locking the non-contact IC function to the mobile communication terminal is transmitted by, for example, SMS (Short Message Service) or the like, and is incorporated in the mobile communication terminal. There is also a method of locking the non-contact IC function. According to this method, there is an advantage that unauthorized use can be prevented without requiring a prior setting as described in Patent Documents 1 and 2 described above.

  By the way, there is a limitation of the above-described non-contact IC function that allows access to be prohibited for each memory area of the IC chip. By prohibiting access for each memory area of the IC chip, it is possible to limit each contactless IC function associated with the memory area. For example, only the contactless IC function that performs credit settlement can be restricted by restricting access to the memory area of the IC chip related to the function when the credit settlement is delayed.

  When access is prohibited for each memory area of the IC chip as described above, it is desirable to be able to grasp whether or not access to the memory area is possible. For example, it is conceivable that a credit company providing a non-contact IC function for performing credit settlement grasps whether or not an area related to the non-contact IC function of a mobile terminal held by a user can be accessed. As a means for grasping whether or not access is possible, it is conceivable that information indicating whether or not an area is accessible from an IC chip is acquired by a program, and the acquired information indicating whether or not access is transmitted to a credit company server or the like. However, if the program can acquire information indicating whether or not it is freely accessible from the IC chip, there are many problems in terms of protection of personal information and security. For example, whether or not an area related to the contactless IC function of a certain credit company is accessible may be recognized by another credit company.

  The present invention has been made to solve the above-described problems, and controls access for each memory area of an IC chip related to a non-contact IC function and appropriately acquires information on accessibility of each memory area. It is an object of the present invention to provide a mobile communication terminal and a terminal control method that can be performed at the same time.

The mobile communication terminal according to the present invention includes a contactless IC module including an IC chip, a control signal for controlling access to the IC chip, control area information for specifying a memory area of the IC chip for which the access is controlled, A receiving unit that receives a program that specifies a program that permits acquisition of information indicating whether or not access to the memory area is received, and a memory area of the IC chip that is associated with the control area information based on a control signal received by the receiving unit IC chip control means for controlling access and storage means for storing the program information received by the receiving means in association with the control execution area information for specifying the memory area controlled by the IC chip control means When, the program executing means to which the own terminal is provided to execute a program Thus when there is a request for acquiring information indicating the accessibility to the memory area of the IC chip, the program according to the stored program information and the acquisition request by being in storage means associated with the control execution area information related to the acquisition request Comparison means for comparing the information specifying the information, and program control means for permitting acquisition of information indicating whether or not the program can access the memory area of the IC chip based on a result of the comparison by the comparison means. And

  In the mobile communication terminal according to the present invention, the control signal for controlling the access to the IC chip transmitted to the terminal is the control area information for specifying the memory area of the IC chip whose access is controlled and the memory area. It is received together with program information that identifies a program that permits acquisition of information indicating whether access is possible. Based on the control signal, access control is performed on the memory area of the IC chip related to the control area information. Further, the program information is stored in association with the control execution area information for specifying the controlled memory area.

  Thereafter, when there is an acquisition request for information indicating whether or not an IC chip memory area can be accessed from a program executed in the terminal itself, the stored program information is compared with information specifying the program related to the acquisition request. Based on the comparison result, acquisition of information indicating whether the program can access the memory area of the IC chip is permitted.

  That is, according to the above configuration, it is possible to limit a program that can acquire information indicating whether access is possible for each memory area of the controlled IC chip. Therefore, according to the mobile communication terminal according to the present invention, it is possible to control access for each memory area of the IC chip related to the non-contact IC function and to appropriately acquire information on accessibility of each memory area. And

  The receiving means receives, together with the control signal, collation information for collating with information stored in the memory area of the IC chip. The IC chip control means receives the collation information received by the receiving means and the control area. It is desirable to check whether the information stored in the memory area of the IC chip associated with the information matches, and to control access to the memory area if they match. According to this configuration, it is possible to reliably control access to the memory area to be controlled.

  The receiving means receives the IC chip information specifying the IC chip together with the control signal, and the IC chip control means matches the IC chip information received by the receiving means with the information specifying the IC chip of its own terminal. It is desirable to check whether or not the memory area is controlled if the two match. According to this configuration, it is possible to reliably control access to the IC chip to be controlled.

  The mobile communication terminal preferably further includes transmission means for transmitting information indicating the result of control by the IC chip control means to a predetermined transmission destination. According to this configuration, the result of control can be notified to a predetermined transmission destination.

The comparison means, when there is a request for obtaining information indicating whether or not the access to the memory area of the IC chip is received from a program executed in its own terminal, the control execution area information stored in the storage means as the IC by the IC chip control means. It is desirable to match the control execution area information stored in the storage unit with the status of whether or not the access control to the IC chip is executed based on the result of the verification by comparing with the control state for the chip. . According to this configuration, it is possible to prevent the program from acquiring information indicating whether or not access is erroneous.

  By the way, the present invention can be described as an invention of a mobile communication terminal as described above, and can also be described as an invention of a terminal control method as follows. This is substantially the same invention only in different categories, and has the same operations and effects.

That is, the terminal control method according to the present invention is a terminal control method in a mobile communication terminal including a contactless IC module including an IC chip, and the access is controlled by a control signal for controlling access to the IC chip. Based on the control area information that identifies the memory area of the IC chip and the reception information that is received together with the program information that identifies the program that permits acquisition of information indicating whether or not the memory area can be accessed, and the control signal received in the reception step An IC chip control step for controlling access to the memory area of the IC chip related to the control area information, and a control execution area information for specifying the memory area for which access control is performed in the IC chip control step. Corresponding received program information A storing step of憶, when the program execution unit to which the own terminal included in an acquisition request for information indicating the accessibility to the memory area of the IC chip by executing a program, to control execution area information related to the acquisition request A comparison step for comparing the program information stored in the associated storage step with information for specifying the program related to the acquisition request, and an access to the memory area of the IC chip by the program based on the comparison result in the comparison step And a program control step for permitting acquisition of information indicating availability.

  ADVANTAGE OF THE INVENTION According to this invention, access can be controlled for every memory area of the IC chip which concerns on the non-contact IC function with which a mobile communication terminal is provided. Further, according to the present invention, it is possible to limit a program that can acquire information indicating whether access is possible for each memory area, thereby controlling access for each memory area of an IC chip related to a non-contact IC function. It is possible to appropriately acquire information related to accessibility for each memory area.

  Hereinafter, preferred embodiments of a mobile communication terminal and a terminal control method according to the present invention will be described in detail with reference to the drawings. In the description of the drawings, the same elements are denoted by the same reference numerals, and redundant description is omitted.

  FIG. 1 shows a configuration of a mobile communication terminal 10 according to the present embodiment. The mobile communication terminal 10 is a device having a function of performing mobile communication by connecting to a mobile communication network N such as a mobile phone network. The mobile communication terminal 10 is a device having a non-contact IC function as will be described below. The non-contact IC function corresponds to, for example, an electronic money function, a credit card function, a traffic ticket / commuter pass function, and an individual identification / authentication function such as an admission card / employee card. These functions are provided by the provider of each function. For example, a credit card function can be used when a user of the mobile communication terminal 10 and a credit company make a contract.

  As shown in FIG. 1, the mobile communication terminal 10 includes an IC chip 11, a non-contact IC module 12, a receiving unit 13, an IC chip control unit 14, a storage unit 15, a transmission unit 16, and a program execution unit. 17, a comparison unit 18, and a program control unit 19.

  The IC chip 11 has a calculation function, a memory function, and the like, and is mounted with a non-contact IC function. The functions of these IC chips 11 are realized by accessing the IC chip 11 from an application for contactless IC function (hereinafter referred to as an IC application) (not shown) provided in the mobile communication terminal 10. The

  Further, the power supply to the IC chip 11 can be individually turned on and off when the mobile communication terminal 10 is powered on. In other words, the mobile communication terminal 10 itself is powered on, but no power is supplied to the IC chip 11. In this case, the mobile communication terminal 10 can perform mobile communication, but cannot use the non-contact IC function.

  The configuration of the storage area of the IC chip 11 is shown in FIG. As shown in FIG. 2, the IC chip 11 stores IDm 1101 that is IC chip information for specifying the IC chip 11 and a system code 1102 that indicates the system of the IC chip 11. Further, data (data A1161, 1162 in FIG. 2) used for a non-contact IC function such as a credit card function is stored. The memory area in which the data is stored can be specified by a code or the like. The memory areas are managed in a hierarchical manner. For example, in FIG. 2, in order from the upper hierarchy, an area (area 0 (1111) in FIG. 2), a management area (management area 1 (1121) in FIG. 2), Service area (service area 1 (1131) in FIG. 2), service code (service code 1 (1141), service code 2 (1142) in FIG. 2), and block number (block number 1 (1151, 1153 in FIG. 2)) , Block number 2 (1152, 1153)).

  The memory area of the IC chip 11 is secured for each IC application. That is, a contactless IC function such as a credit card function corresponds to each area where data is stored. Which memory area corresponds to which IC application is set when the IC application is installed or when it is first activated.

  The non-contact IC module 12 includes an IC chip 11 and has a non-contact communication function. Specifically, the non-contact IC module 12 includes an antenna that transmits and receives radio waves for non-contact IC functions, a modulation / demodulation device that modulates and demodulates radio waves and signals, and the like. The non-contact IC module 12 implements the above-described non-contact IC function.

  The receiving unit 13 is a receiving unit that receives a control signal for controlling access to the IC chip 11. The control signal is transmitted from the mobile communication terminal control server 20 included in the mobile communication network N, for example. In the present embodiment, specifically, for example, an SMS message 30 as shown in FIGS. 3 and 4 is used as the control signal. The receiving unit 13 receives the SMS message 30 that is the control signal by mobile communication. However, it is not always necessary to use the SMS message 30 as a control signal. Any signal that can be transmitted to the mobile communication terminal 10 by mobile communication or the like and can control the mobile communication terminal 10 can be used. Things may be used. The receiving unit 13 outputs the received SMS message to the IC chip control unit 14.

  The SMS message 30 includes control area information (node code information 3007 to be stopped in FIG. 3 and node code 3009 to be stopped in FIG. 4) for specifying the memory area of the IC chip 11 whose access is controlled. That is, access control is performed for each memory area. In addition, the SMS message 30 includes program information (program identifier 3005 in FIGS. 3 and 4) that identifies a program that permits acquisition of information indicating whether or not to access a memory area to be controlled. Further, the SMS message 30 may include collation information (collation data 3008 in FIG. 3) for collation with information stored in the memory area of the IC chip 11. That is, the control area information, the program information, and the verification information are transmitted together with the control signal and received by the receiving unit 13 together with the control signal. Details of the information included in the SMS message 30 will be described later.

  Note that the control of access to the IC chip 11 includes control for prohibiting (stopping) access and control for canceling the prohibition of access. Here, the access to be controlled includes both access by the non-contact IC module 12 (that is, access from the wireless communication interface) and access from inside the mobile communication terminal 10 (that is, access from the wired communication interface). including. The contactless IC function associated with the memory area of the IC chip 11 whose access is prohibited cannot be used because access to the data to be used is prohibited.

  The transmission of the SMS message 30 for performing the control for prohibiting access to the IC chip 11 is performed, for example, when the credit card company wants to stop the non-contact IC function provided by the company. When the credit company requests the administrator of the mobile communication network N to transmit the SMS message 30, the SMS message 30 is transmitted.

  The IC chip control unit 14 is an IC chip control unit that controls access to the memory area of the IC chip 11 related to the control area information based on the SMS message 30 that is a control signal received by the receiving unit 13. . For example, the access prohibition control by the IC chip control unit 14 is set to prohibit access to a memory area specified by a code or the like of the IC chip 11, and the memory in which the setting is performed is performed. This is done by monitoring access to the area. Here, setting to prohibit access is referred to as “turning on the individual area access prohibition function”. The setting of the individual area access prohibition function is performed, for example, in units of service codes as shown in FIG. The IC chip control unit 14 outputs information (including information included in the SMS message 30) related to the access control to the storage unit 15. Further, the IC chip control unit 14 notifies the transmission unit 16 of information related to the executed control. The information includes control execution area information that identifies a memory area for which access control has been executed.

  In addition, the IC chip control unit 14 checks whether the verification information included in the SMS message 30 matches the information stored in the memory area of the IC chip 11, and if they match, The above access control is performed on the memory area. In addition, the IC chip control unit 14 checks whether the IC chip information included in the SMS message 30 and the information (IDm) for specifying the IC chip 11 of the terminal 10 match, and if they match, If they match, the access control to the memory area is performed. These processes will be described in detail later.

  The storage unit 15 is a storage unit that stores information related to control of access to the IC chip 11. The stored information is information included in the SMS message 30 used to control access input from the IC chip control unit 14 and information on the control result (remote individual area stop information). The stored information includes information in which control execution area information and program information are associated with each other. Specifically, the above storage is performed by storing information in a management table 15 a included in the storage unit 15. In the management table 15a, as shown in FIG. 4, all the information included in the SMS message 30 used for access control is an entry 40 corresponding to the access control (generic name of the entries 40a, 40b...). Stored as The entry 40 includes information indicating a memory area where the individual area access prohibition function is actually turned on, that is, a node code 4001 that is stopped as control execution area information, and the setting of the individual area access prohibition function. When the data is collated, the collation data address 4002 that is a stop, which is information indicating the memory area that is the collation target, is included.

  The transmission unit 16 is a transmission unit that transmits information indicating the control result notified from the IC chip control unit 14 to a predetermined transmission destination. The predetermined transmission destination is the mobile communication terminal control server 20 that has transmitted the SMS message 30 in the present embodiment. However, the transmission destination is not necessarily the mobile communication terminal control server 20. The information indicating the result of the control is information such as which area the access control has succeeded or whether the control has failed due to an error. If the transmission unit 16 is configured as described above, the control result can be notified to a predetermined transmission destination.

  The program execution unit 17 is means for executing an application program in the mobile communication terminal 10. The application program executed by the program execution unit 17 includes a program that acquires information indicating whether or not the memory area of the IC chip 11 is accessible. Specifically, the information indicating whether access is possible is information indicating a memory area in which the individual area access prohibition setting is turned on. The program execution unit 17 requests the IC chip 11 to acquire information indicating whether the access is possible, and acquires the information by receiving a response to the acquisition request. Note that the destination of the acquisition request is not necessarily the IC chip 11, and may be performed on the storage unit 15 that holds information indicating whether or not the memory area of the IC chip 11 is accessible.

  The application program executed by the program execution unit 17 is given a program identifier that is information for specifying the program. By referring to the program identifier, it is possible to identify which application program is executed and information indicating whether access is possible is to be acquired.

  Here, an application program that is executed by the program execution unit 17 and acquires information indicating whether access is possible is created by a contactless IC function provider such as a credit company and transmitted to the mobile communication terminal 10, for example. Is to be executed. Such an application program further has a function of transmitting the acquired information to the provider's server, and the non-contact IC function provided by the provider itself is the mobile communication terminal 10 by this function. It can be confirmed whether or not it can be used by the user.

  When there is an acquisition request for information indicating whether or not the memory area of the IC chip 11 is accessible from the application program executed by the program execution unit 17, the comparison unit 18 is associated with the control execution area information related to the acquisition request. The comparison unit compares the program identifier, which is the program information stored in the storage unit 15, with the information specifying the program related to the acquisition request. The comparison unit 18 monitors the program execution unit 17 and detects that the acquisition request has been made from the application program. The above comparison will be described later in more detail. The comparison unit 18 notifies the program control unit 19 of the comparison result, that is, whether or not the stored program identifier matches the information specifying the program related to the acquisition request.

  In addition, the comparison unit 18 controls the control area information stored in the storage unit 15 when there is an acquisition request for information indicating whether the memory area of the IC chip 11 is accessible from the application program executed by the program execution unit 17. Is compared with the state of control of the IC chip 11 by the IC chip control unit 14. The comparison unit 18 matches the control area information stored in the storage unit 15 with the control state for the IC chip 11 based on the result of the comparison. More specifically, it will be described later.

  The program control unit 19 is a program control unit that permits acquisition of information indicating whether a program can access the memory area of the IC chip 11 based on the result of the comparison by the comparison unit 18. Specifically, the program control unit 19 indicates whether or not access is possible when the result of the comparison by the comparison unit 18 is that in which the stored program identifier matches the information specifying the program related to the acquisition request. Allow information acquisition.

  FIG. 6 shows a hardware configuration of the mobile communication terminal 10. As shown in FIG. 6, a mobile communication terminal 10 includes a CPU (Central Processing Unit) 101, a RAM (Random Access Memory) 102, a ROM (Read Only Memory) 103, an operation unit 104, a wireless communication unit 105, a display 106, and an antenna. It is configured by hardware such as 107. In addition, the mobile communication terminal 10 includes the hardware of the IC chip 11 and the non-contact IC communication unit 108 as the non-contact IC module 12. By operating these components, each function of the mobile communication terminal 10 described above is exhibited.

  In addition, each functional component of the mobile communication terminal 10 described above (particularly, the reception unit 13, the IC chip control unit 14, the program execution unit 17, the comparison unit 18, and the program control unit 19) is stored in the mobile communication terminal 10. A program related to the function of the present invention will be described. FIG. 7 shows the configuration of a program related to the function of the present invention stored in the mobile communication terminal 10. As shown in FIG. 7, the mobile communication terminal 10 includes a native code 51, an intermediate layer component 52, and an application program 53 as its programs.

  The native code 51 can exchange information with the IC chip 11 and the communication module 60. The communication module 60 includes a communication baseband IC chip and the like, and corresponds to the wireless communication unit 105 in FIG. The communication module 60 functions as the receiving unit 13 and the transmitting unit 16 in FIG.

  The native code 51 includes a control SMS processing module 51a and an IC chip individual area stop processing module 51b. When the SMS message 30 performs processing (remote individual stop processing) for turning on the individual area access prohibition function for each memory area with respect to the IC chip 11, the SMS processing module 51a for control of the native code 51 communicates. The SMS message 30 is received from the module 60 and the IC chip individual area stop processing module 51b controls the IC chip 11.

  The intermediate layer component 52 provides an API (Application Program Interface) for executing an instruction to the native code 51. Specifically, it is composed of Java components such as Java Application Manager (JAM), K Virtual Machine (KVM), Connected Limited Device Configuration (CLDC), and Doja. In JAM, when an application program 53 is executed, an ADF (Application Descriptor File) and an SDF (Security Descriptor File) that manages application management information are referred to. In the SDF, a program identifier that is information for specifying the application program 53 is managed for each application program 53. That is, the program identifier of the application program 53 can be acquired by referring to the SDF. Also, the API execution authority for each application program 53 is managed. This execution authority includes information indicating whether or not information indicating whether or not access to the IC chip 11 can be acquired. These settings are set when the application program 53 is installed.

  The application program 53 is software that accesses the IC chip 11 via the intermediate layer component 52 and the native code 51, and corresponds to the application program executed by the program execution unit 17 in the present embodiment. In other words, the application program 53 makes an acquisition request for information indicating whether or not the memory area of the IC chip 11 is accessible to the IC chip 11. The application program 53 is created in a programming language such as Java, for example.

  Here, the native code 51 and the intermediate layer component 52 are programs that are stored in advance in the mobile communication terminal 10 at the time of manufacture or the like, and are usually manufactured by a credit company or the like that is a provider of a non-contact IC function and mobile communication. It cannot be incorporated into the terminal 10. On the other hand, the application program 53 is created by any person including a credit company or the like who is a provider of the non-contact IC function, downloaded by the mobile communication terminal 10 and installed, etc. Executed.

  Therefore, if the application program 53 can freely obtain information on whether or not the IC chip 11 can be accessed, information on whether or not the user of the mobile communication terminal 10 can use the credit card function which is a non-contact IC function is displayed. A person other than the credit company that is the provider of the contact IC function can obtain the information. As described above, this has many problems from the viewpoint of protection of personal information and security. For example, whether or not an area related to the contactless IC function of a certain credit company is accessible may be recognized by another credit company.

  Next, the SMS message 30 used for controlling access to the IC chip 11 will be described with reference to FIGS. The SMS message 30a shown in FIG. 3 is used when collating with data stored in the IC chip 11 when performing access control, and the SMS message 30b shown in FIG. 4 is used for access control. This is used when the verification with the data stored in the IC chip 11 is not performed. Whether or not the SMS message 30 has collation data is determined based on the presence / absence of a collation data tag (not shown) included in the SMS message 30.

  As shown in FIG. 3, the SMS message 30a in the presence of verification data includes a lock / release identification tag 3001, SMS data length 3002, IDm 3003, system code 3004, program identifier 3005, number of node code information to stop 3006, and node to stop Each information of the code information 3007 and the collation data 3008 is included. Further, as shown in FIG. 4, the SMS message 30a in the case of no verification data includes a lock / release identification tag 3001, an SMS data length 3002, an IDm 3003, a system code 3004, a program identifier 3005, the number of node code information to be stopped 3006, and a stop. Each information of the node code 3009 to be included is included.

  The lock / release identification tag 3001 is information indicating whether the SMS message 30 is for turning on or off the individual area access prohibition function. The mobile communication terminal 10 refers to the lock / release identification tag 3001 to determine whether to turn on or off the individual area access prohibition function. The SMS data length 3002 is information indicating the data length of the SMS message. IDm3003 is IC chip information that identifies the IC chip 11 to be controlled. The system code 3004 is information indicating the system of the IC chip 11.

  The program identifier 3005 is program information that identifies a program that permits acquisition of information indicating whether access to the memory area to be controlled is possible. The program specified here is assumed to be a program having a legitimate authority such as a program created by a person who generates and transmits the SMS message 30. For example, a program that permits acquisition of information indicating whether or not a memory area related to a contactless IC function of a certain credit company can be prevented from being a program created by another credit company.

  The number of node code information to be stopped 3006 is a value indicating the number of information (node code information to be stopped) related to the node code for turning on / off the individual area access prohibition function. The SMS message 30 includes node code information to be stopped by the number indicated by the number 3006 of node code information to be stopped. That is, it is possible to access a plurality of memory areas with one SMS message 30. The node code is a generic name for an area, a management area, a service area, a service code, and a block number that are information for specifying a memory area.

  The node code information 3007 to be stopped is information relating to a node code for turning on / off the individual area access prohibition function, and specifically includes a collation data address and a block number, the number of node codes to be stopped, and a node code to be stopped. The collation data address and the block number are information for specifying the location of information stored in the memory area of the IC chip 11 used for collation. The number of node codes to be stopped is information indicating the number of node codes for turning on the individual area access prohibition function, and the node code to be stopped is information for specifying a node code for turning on the individual area access prohibition function. As shown in FIG. 3, a plurality of node code information 3007 to be stopped may be included in one SMS message 30a.

  The collation data 3008 is collation information for collating with information stored in the memory area of the IC chip 11. Specifically, for example, a credit card number stored in a memory area when the credit card function is used as the non-contact IC function is used as the verification information.

  The node code 3009 to be stopped is information for specifying a node code for turning on the individual area access prohibition function. As shown in FIG. 4, a plurality of node codes 3009 to be stopped may be included in one SMS message 30b. The above is the description of the SMS message 30 for controlling access.

  The mobile communication terminal control server 20 is included in the mobile communication network N, generates an SMS message 30 for controlling the access to the memory area of the IC chip 11 for the mobile communication terminal 10, and sets the mobile communication network N in the mobile communication network N. It is an apparatus which transmits via. In the generation and transmission of the SMS 30 message, for example, a provider terminal that provides a non-contact IC function requests access control from the mobile communication terminal control server 20 in order to prohibit the use of the non-contact IC function. Is done by doing. Further, in the case of such a request, the result transmitted from the mobile communication terminal 10 is notified from the mobile communication terminal control server 20 to the terminal of the requesting provider. The SMS message 30 need not be transmitted from the mobile communication terminal control server 20. For example, it may be transmitted directly from the provider's terminal to the mobile communication terminal 10 via the mobile communication network N.

  Then, the process (terminal control method) performed in the mobile communication terminal 10 which concerns on this embodiment is demonstrated. First, a process for controlling access to the IC chip 11 will be described using the flowchart of FIG. 8, and then the memory of the IC chip 11 by a program executed in the mobile communication terminal 10 using the flowchart of FIG. 9. Processing when information indicating whether or not an area can be accessed is described.

  The access control process for the IC chip 11 (here, the process for turning on the individual area access prohibition function for the IC chip 11) is performed by the mobile communication terminal control server 20 to control the access to the IC chip 11 described above. An SMS message 30 to be generated is generated and transmitted to the mobile communication terminal 10.

  When the SMS message 30 is transmitted to the mobile communication terminal 10, the mobile communication terminal 10 receives the SMS message 30 by the receiving unit 13 (S01, reception step). The received SMS message 30 is output from the receiving unit 13 to the IC chip control unit 14.

  Subsequently, the IC chip control unit 14 verifies the electronic signature included in the SMS message 30 (S02). Specifically, for example, data other than the electronic signature of the received SMS message 30 is padded with an EF_IMODER value in a UIM (User Identity Module) card included in the mobile communication terminal 10, and the SHA1 hash is acquired. This process is a verification process for the SMS message 30 used conventionally. By this process, the forged SMS message 30 or the SMS message 30 from an unexpected source can be excluded, and unauthorized access control can be prevented. If it is determined by this verification process that the SMS message 30 is illegal, the error process is performed without performing the process of turning on the individual area access prohibition function for the IC chip 11. As error processing, information indicating that an error has occurred and the cause thereof are notified from the IC chip control unit 14 to the transmission unit 16, and the information is transmitted from the transmission unit 16 to the mobile communication terminal control server 20. included.

  If it is determined that the SMS message 30 is valid, the processing is continued, and whether or not the IC chip 11 is in an active state by the IC chip control unit 14, that is, whether power is supplied to the IC chip 11. It is determined whether or not (S03). Specifically, it is confirmed whether the voltage level of a specific terminal of the IC chip 11 is higher or lower than a specified value. If it is High, it is determined that the IC chip 11 is in an active state. If it is determined that the IC chip 11 is not in an active state, processing for the IC chip 11 cannot be performed, so that processing for turning on the individual area access prohibition function is not performed for the IC chip 11 and error processing is performed. . As error processing, information indicating that an error has occurred and the cause thereof are notified from the IC chip control unit 14 to the transmission unit 16, and the information is transmitted from the transmission unit 16 to the mobile communication terminal control server 20. included.

  If it is determined that the IC chip 11 is in an active state, the processing is continued, and the IC chip control unit 14 determines the ID m3003 that is the IC chip information included in the SMS message 30 and the ID m 1101 of the IC chip 11 of the terminal 10 itself. Are matched (S04, IC chip control step). If it is determined whether processing is continued based on the collation as described below, it is possible to reliably control access to the IC chip 11 to be controlled. Since the mobile communication terminal 10 can replace the UIM card with another mobile communication terminal at the user's will, the SMS message 30 for control transmitted from the mobile communication network N to the mobile communication terminal 10 is suspended. May be delivered to other than the mobile communication terminal 10 that wants to carry out. Even in such a case, unintended access control to the IC chip 11 can be prevented by performing the above processing.

  If it is determined that the two IDs 1101 and 3003 do not match as a result of the collation, the error processing is performed without performing the process of turning on the individual area access prohibition function for the IC chip 11. As error processing, information indicating that an error has occurred and the cause thereof are notified from the IC chip control unit 14 to the transmission unit 16, and the information is transmitted from the transmission unit 16 to the mobile communication terminal control server 20. included.

  As a result of the collation, if it is determined that the two IDs m1101 and 3003 match, the processing is continued, and the IC chip control unit 14 acquires each entry 40 stored in the management table 15a of the storage unit 15. (S05). Subsequently, the IC chip controller 14 determines whether there is an entry 40 that matches the SMS message 30 (S06). This determination is made by verifying whether the corresponding information included in the entry 40 and the SMS message 30 matches.

  If it is determined that there is an entry 40 that matches the SMS message 30, the individual area access prohibition function is already turned on in the memory area of the IC chip 11 where the individual area access prohibition function is already turned on by the SMS message 30. The following processing is performed in consideration of the above. First, the IC chip control unit 14 acquires information on a memory area in which the individual area access prohibition function is set to ON from the IC chip 11 (S07). The acquisition of the information is performed by issuing a command related to the acquisition from the IC chip control unit 14 to the IC chip 11.

  Subsequently, the IC chip control unit 14 determines whether or not the individual area access prohibition function is turned on in the memory areas of all the IC chips 11 that the SMS message 30 requests to turn on the individual area access prohibition function. Determination is made (S08). When the individual area access prohibition function is turned on in the memory areas of all the IC chips 11 subject to access control, the process of turning on the individual area access prohibition function for the IC chip 11 is not performed ( Error processing is performed (since it is not necessary to perform this processing). As error processing, information indicating that an error has occurred and the cause thereof are notified from the IC chip control unit 14 to the transmission unit 16, and the information is transmitted from the transmission unit 16 to the mobile communication terminal control server 20. included.

  If the individual area access prohibition function is not turned on in the memory areas of all the IC chips 11 subject to access control, the memory area format or the In some cases, deletion or the like is performed, and there is a mismatch between the state of the IC chip 11 and the state of each entry 40 stored in the management table 15a of the storage unit 15.

  As described above, when the individual area access prohibition function is not turned on in the memory areas of all the IC chips 11 subject to access control, and in S06, it is determined that there is no entry 40 that matches the SMS message 30. If so, processing continues as follows. The IC chip control unit 14 determines whether or not there is collation data in the SMS message 30 (S09, IC chip control step). This determination is made based on the presence / absence of the matching data included in the SMS message 30 as described above.

  If there is collation data, the IC chip control unit 14 refers to the address of the information to be collated stored in the IC chip 11 included in the SMS message 30 and obtains the information to be collated from the IC chip 11. (S10, IC chip control step). The address of the information to be collated is the collation data address and block number included in the node code information 3007 where the SMS message 30 stops. The acquisition of the information is performed by issuing a command related to the acquisition from the IC chip control unit 14 to the IC chip 11.

  Here, when the address of the information to be verified does not exist (S11, IC chip control step), error processing is performed. As error processing, information indicating that an error has occurred and the cause thereof are notified from the IC chip control unit 14 to the transmission unit 16, and the information is transmitted from the transmission unit 16 to the mobile communication terminal control server 20. included.

  When the address of the information to be collated exists and the information to be collated is acquired from the IC chip 11, whether the information matches the collation data 3008 that is the collation information included in the SMS message 30. Verification is performed by the IC chip control unit 14 (S12, IC chip control step). When a plurality of pieces of verification target information are acquired from the IC chip 11, verification is performed for each acquired information.

  When it is determined that the verification target information of the IC chip 11 and the verification data 3008 of the SMS message 30 do not match by the verification, the stop related to the address of the information that is determined not to match in the SMS message 30 The process of turning on the individual area access prohibition function to the memory area specified by the node code information 3007 to be performed is not performed, and error processing is performed. As error processing, information indicating that an error has occurred and the cause thereof are notified from the IC chip control unit 14 to the transmission unit 16, and the information is transmitted from the transmission unit 16 to the mobile communication terminal control server 20. included. However, even when there is something that does not match as described above, there is a plurality of pieces of information to be collated, and there is a case in which the information to be collated of the IC chip 11 matches the collation data 3008 of the SMS message 30. The processing is continued as follows using the node code information 3007 to be stopped relating to the address of the information determined to match.

  If it is determined in S12 that the verification target information of the IC chip 11 matches the verification data 3008 of the SMS message 30, and if it is determined in S09 that there is no verification data in the SMS message 30, As described above, the setting for turning on the individual area access prohibition function is performed. First, the node code for setting the individual area access prohibition function is acquired from the IC chip 11 by the IC chip control unit 14 (S13, IC chip control step). This acquisition is performed for the node code 3009 to be stopped included in the node code information 3007 to be stopped if the SMS message 30 has verification data, and to the node code 3009 to be stopped if there is no verification data. Done. The node code is acquired by issuing a command related to the acquisition from the IC chip control unit 14 to the IC chip 11.

  If there is no node code to be set for the individual area access prohibition function (S14, IC chip control step), error processing is performed. As error processing, information indicating that an error has occurred and the cause thereof are notified from the IC chip control unit 14 to the transmission unit 16, and the information is transmitted from the transmission unit 16 to the mobile communication terminal control server 20. included.

  When the node code exists, the IC chip control unit 14 sets the individual area access prohibition function to ON for the node code (S15, IC chip control step). That is, control for prohibiting access to the specified memory area of the IC chip 11 is performed. This control is performed by issuing a command related to the control from the IC chip control unit 14 to the IC chip 11.

  When the individual area access prohibition function is set, the SMS message 30 used for the setting is output from the IC chip control unit 14 to the storage unit 15 and stored as the entry 40 of the management table 15a (S16, Memory step). In the entry 40, in addition to the information included in the SMS message 30, the node code 4001 being stopped, which is information indicating the memory area where the individual area access prohibition function is actually turned on, and the setting of the individual area access prohibition function When data is collated when performing the above, the collation data address 4002 being stopped, which is information indicating the memory area to be collated, is stored. As described above, the program identifier 3005 as program information is stored in association with the stopped node code 4001 as control execution area information. The above is the process for controlling access to the IC chip 11.

  If the mobile communication terminal 10 notifies the mobile communication terminal control server 20 that the individual area access prohibition function could not be turned on by the above error processing, the mobile communication terminal 10 moves by another method (alternative means). The non-contact IC function of the communication terminal 10 can be restricted. As an alternative means, for example, a non-contact reader / writer terminal arranged at a storefront or the like to use a non-contact IC function is set to prohibit the use of the function by the mobile communication terminal 10. The set information is called negative data or the like. Further, the SMS message 30 may be retransmitted depending on the content of the error.

  Next, processing when information indicating whether or not the memory area of the IC chip 11 is accessible is acquired by a program executed in the mobile communication terminal 10 will be described using the flowchart of FIG.

  In the mobile communication terminal 10, first, an application program is started by the program execution unit 17 (S21). The application program activated here is a program for obtaining information indicating whether or not the memory area of the IC chip 11 is accessible. This activation is performed, for example, using a user operation on the mobile communication terminal 10 as a trigger. As described above, this application program allows the contactless IC function provider to check whether the contactless IC function provided by itself is available to the user of the mobile communication terminal 10, or It is used for the user to confirm which non-contact IC function can be used in the terminal 10.

  Subsequently, an acquisition request for information indicating whether or not the memory area of the IC chip 11 is accessible is issued from the activated application program to the IC chip 11 (S22). Here, the memory area of the IC chip 11 related to the acquisition request may be all memory areas or a specific memory area.

  Subsequently, the comparison unit 18 detects that there has been an acquisition request for information indicating whether or not the application program can access the memory area of the IC chip 11. Subsequently, management information of the application program is acquired by the comparison unit 18 (S23, comparison step). The management information includes an application identifier that is information for specifying the application program. In addition, information regarding the authority to execute the application program is acquired as the management information.

  Subsequently, the comparison unit 18 determines whether or not an acquisition request for information indicating whether or not an access to the memory area of the IC chip 11 from the application program is within the above-described implementation authority (S24). If it is determined that there is no execution authority, the comparison unit 18 notifies the program control unit 19 of the fact, and the program control unit 19 forcibly terminates the application program (S25). When the application program is forcibly terminated, a message to that effect is displayed on the display of the mobile communication terminal 10 or the like.

  If it is determined that there is an execution authority, the comparison unit 18 acquires information indicating whether or not the memory area of the IC chip 11 is accessible according to the acquisition request from the application program (S26, comparison step). Specifically, the information indicating whether access is possible is information (node code) that identifies a memory area in which the individual area access prohibition setting is turned on. This information is acquired by issuing a command related to the acquisition from the comparison unit 18 to the IC chip 11.

  Subsequently, information relating to control of access to the IC chip 11 is acquired from the management table 15a of the storage unit 15 by the comparison unit 18 (S27, comparison step). The information acquired here includes at least the stopped node code 4001 and the program identifier 3005 included in each entry 40.

  Subsequently, the comparison unit 18 checks whether or not there is a mismatch between the setting state of the individual area access prohibition function of the IC chip 11 and the acquired stopped node code 4001 (S28, comparison step). The above mismatch indicates a state where the individual area access prohibition setting is not turned on for the memory area specified by the stopped node code 4001. This discrepancy occurs when the memory area is formatted or deleted by the user of the mobile communication terminal 10 or the like.

  When it is determined that there is a mismatch, the comparison unit 18 deletes the entry 40 including the mismatched node code 4001 from the management table 15a of the storage unit 15, thereby eliminating the mismatch. (S29, comparison step). If the inconsistency is resolved in this way, it is possible to prevent the application program from acquiring information indicating whether or not access is erroneous.

  Subsequently, the comparison unit 18 uses the program identifier 3005 associated with the node code 4001 of the IC chip 11 related to the acquisition request from the application program (acquired in S27) and the application program (acquired in S23). The program identifier is compared (S30, comparison step). If there is a memory area in which the program identifier 3005 associated with the node code 4001 matches the program identifier of the application program, that fact and the corresponding node code of the memory area where the individual area access prohibition function is turned on 4001 is notified to the program control unit 19.

  Subsequently, the node code 4001 of the memory area in which the individual area access prohibition function is turned on is output from the program control unit 19 to the application program executed by the program execution unit 17 as a response to the acquisition request (S31). , Program control step). In the application program, the information on the memory area in which the individual area access prohibition function is input is output to a display device or the like provided in the mobile communication terminal 10 or transmitted to the server of the provider of the non-contact IC function. Or processing corresponding to the application program is performed. Thereby, the user of the mobile communication terminal 10 or the provider of the contactless IC function can know the memory area of the IC chip 11 in which the individual area access prohibition function is turned on.

  On the other hand, when there is no memory area where the program identifier 3005 associated with the node code 4001 matches the program identifier of the application program, only that effect is notified to the program control unit 19. Subsequently, the program control unit 19 outputs to the application program executed by the program execution unit 17 that the individual area access prohibition function cannot be notified as a response to the acquisition request. The node code 4001 of the memory area in which the individual area access prohibition function is turned on is not output (S32, program control step).

  As described above, the program control unit 19 performs control to permit acquisition of information indicating whether or not the application program can access the memory area of the IC chip 11 based on the comparison result by the comparison unit 18.

  As described above, according to the present embodiment, it is possible to limit the application program that can acquire the information indicating whether access is possible for each memory area of the controlled IC chip 11, that is, the setting of the individual area access prohibition function. Therefore, according to the present embodiment, it is possible to control access for each memory area of the IC chip 11 related to the non-contact IC function, and to appropriately acquire information related to accessibility of each memory area.

  For example, it is possible to prevent an application program provided by a certain credit company from acquiring information relating to accessibility of the memory area of the IC chip 11 related to the contactless IC function provided by another credit company. As a result, the above-described personal information protection and security problems are solved.

It is a figure which shows the function structure of the mobile communication terminal which concerns on embodiment of this invention. It is a figure which shows the structure of the storage area of an IC chip with which a mobile communication terminal is provided. It is a figure which shows the SMS message which is a control signal which controls access to an IC chip. It is a figure which shows another SMS message which is a control signal which controls access to an IC chip. It is a figure which shows the structure of the management table of the memory | storage part with which a mobile communication terminal is provided. It is a figure which shows the hardware constitutions of the mobile communication terminal which concerns on embodiment of this invention. 2 shows a program configuration in a mobile communication terminal. It is a flowchart which shows the process (terminal control method) performed with the mobile communication terminal which concerns on embodiment of this invention. It is a flowchart which shows the process (terminal control method) performed with the mobile communication terminal which concerns on embodiment of this invention.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 10 ... Mobile communication terminal, 11 ... IC chip, 12 ... Non-contact IC module, 13 ... Reception part, 14 ... Chip control part, 15 ... Memory | storage part, 15a ... Management table, 16 ... Transmission part, 17 ... Program execution part, DESCRIPTION OF SYMBOLS 18 ... Comparison part, 19 ... Program control part, 101 ... CPU, 102 ... RAM, 103 ... ROM, 104 ... Operation part, 105 ... Wireless communication part, 106 ... Display, 107 ... Antenna, 108 ... Communication for non-contact type IC , 20 ... Mobile communication terminal control server, 30 ... SMS message

Claims (6)

A non-contact IC module including an IC chip;
A control signal for controlling access to the IC chip is specified, and a program for permitting acquisition of control area information for specifying a memory area of the IC chip to which the access is controlled and information indicating whether the memory area is accessible or not is specified. Receiving means for receiving together with program information;
IC chip control means for controlling access to the memory area of the IC chip related to the control area information based on the control signal received by the receiving means;
Storage means for storing the program information received by the receiving means in association with control execution area information for specifying the memory area controlled by the IC chip control means;
When there is an acquisition request for information indicating whether or not the memory area of the IC chip is accessible by executing the program by the program execution means provided in the terminal itself, the information is associated with the control execution area information related to the acquisition request Comparison means for comparing the program information stored by the storage means with information for specifying the program related to the acquisition request;
Program control means for permitting acquisition of information indicating whether or not the memory area of the IC chip can be accessed by the program based on a result of comparison by the comparison means;
A mobile communication terminal comprising: The receiving means receives the information for collation for collating with the information stored in the memory area of the IC chip together with the control signal,
The IC chip control means collates whether or not the collation information received by the receiving means matches information stored in the memory area of the IC chip related to the control area information. If so, control the access to the memory area,
The mobile communication terminal according to claim 1. The receiving means receives the IC chip information specifying the IC chip together with the control signal,
The IC chip control means checks whether the IC chip information received by the receiving means matches information specifying the IC chip of its own terminal, and if the information matches, the IC chip control means Control the access,
The mobile communication terminal according to claim 1, wherein the mobile communication terminal is a mobile communication terminal.   The mobile communication terminal according to any one of claims 1 to 3, further comprising a transmission unit configured to transmit information indicating a result of control by the IC chip control unit to a predetermined transmission destination. The comparison means, when there is a request for obtaining information indicating whether or not an access to the memory area of the IC chip is received from a program executed in its own terminal, the control execution area information stored in the storage means as the IC chip Checking whether the control of the access to the IC chip by the control means is executed or not, and based on the result of the check, the control execution area information stored in the storage means is stored in the IC chip. The mobile communication terminal according to any one of claims 1 to 4, wherein the mobile communication terminal matches the state of the control. A terminal control method in a mobile communication terminal comprising a non-contact IC module including an IC chip,
A control signal for controlling access to the IC chip is specified, and a program for permitting acquisition of control area information for specifying a memory area of the IC chip to which the access is controlled and information indicating whether the memory area is accessible A receiving step for receiving together with the program information;
An IC chip control step for controlling access to the memory area of the IC chip related to the control area information based on the control signal received in the receiving step;
A storage step of storing the program information received in the reception step in association with the control execution area information for specifying the memory area in which the access control is performed in the IC chip control step;
When there is an acquisition request for information indicating whether or not the memory area of the IC chip can be accessed by executing the program by the program execution means provided in the terminal itself, it is associated with the control execution area information related to the acquisition request. A comparison step of comparing the program information stored in the storage step with information specifying the program related to the acquisition request;
A program control step for permitting acquisition of information indicating whether or not the memory area of the IC chip can be accessed by the program based on a result of comparison in the comparison step;
A terminal control method including:

Images