JP4618259B2 - Data storage device and data storage method - Google Patents

Description

  The present invention relates to a data storage device and a data storage method. For example, when a plurality of managers provide services by using one IC (Integrated Circuit) card, the flexible and high-security access to the IC card is provided. The present invention relates to a data storage device and a data storage method capable of performing control.

  For example, IC cards (smart cards) that are expected to be used in electronic money systems and security systems have been developed.

  The IC card has a CPU (Central Processing Unit) for performing various processes and a memory for storing data necessary for the process, and is in a state of being in electrical contact with a predetermined reader / writer (R / W) Data is transmitted and received in a non-contact manner using electromagnetic waves. In general, necessary power is supplied to an IC card that transmits and receives data without contact with an R / W by using electromagnetic waves.

  For example, ISO (International Organization for Standardizaion) 7816 defines a standard for contact IC cards. According to this standard, for example, an EF (Elementary File) for storing data (which corresponds to a so-called file), Data can be managed by the DF storing EF and DF (Dedicated File) (corresponding to a so-called directory (folder)). Therefore, by providing a certain DF as a parent hierarchy and a DF of its child hierarchy, data management by a hierarchical structure is possible.

  By the way, when using an IC card in an electronic money system, a security system, etc., security such as data concealment and prevention of forgery of the IC card is important. , Access to the DF and EF belonging to the DF hierarchy is restricted. That is, in ISO7816, in order to access a certain DF, it is necessary to know the keys of all DFs in the upper hierarchy (parent hierarchy) on the path leading to the DF.

  For this reason, for example, a certain administrator, as a parent manager, shares a part of the resources allocated to himself / herself with other managers who are the child managers, and manages the DF managed by the parent manager. When the child administrator creates a DF managed by the child administrator, the child administrator accesses the parent DF of the parent hierarchy, that is, the DF of the parent administrator. You need to know the key, which creates a security problem.

  The present invention has been made in view of such a situation, and makes it possible to perform flexible and high-security access control for data.

The data storage device according to claim 1, comprising: a management unit that manages the storage area of the data storage unit in a hierarchical structure; a hierarchical key storage unit that stores a hierarchical key for each hierarchy of the storage area of the data storage unit; For data storage area key storage means for storing a data storage area key for the storage area in which is stored, and for generating information for generating one or more authentication keys used for authentication for accessing the storage area, Generating means for generating an authentication key obtained by encryption using a hierarchy key for a hierarchy above the hierarchy of the storage area to be accessed or a data storage area key for the storage area to be accessed in a predetermined order ; , and an authentication process execution means that perform first authentication process using the generated authentication key.

The data storage method according to claim 12, wherein the generation unit has a hierarchy of a storage area to be accessed with respect to generation information for generating one or more authentication keys used for authentication for accessing the storage area. A generation step for generating an authentication key obtained by encryption using a hierarchy key for a higher hierarchy or a data storage area key for a storage area to be accessed in a predetermined order; and an authentication processing execution means have been and a authentication process executed steps to run the first authentication process using the authentication key.

In the data storage device according to claim 1, the management means manages the storage area of the data storage means in a hierarchical structure, and the hierarchical key storage means stores a hierarchical key for each hierarchy of the storage area of the data storage means. It is made to do. The data storage area key storage means stores a data storage area key for the storage area in which the data is stored, and the generation means is for generating one or more authentication keys used for authentication for accessing the storage area An authentication key obtained by encryption using a hierarchy key for a hierarchy above the hierarchy of the storage area to be accessed or a data storage area key for the storage area to be accessed in a predetermined order. Has been made to generate. Authentication means is adapted to so that to perform a first authentication process using the generated authentication key.

In the data storage method according to claim 12, the generation unit generates information for generating one or more authentication keys used for authentication for accessing the storage area. An authentication key obtained by encryption using a hierarchy key for a hierarchy above the hierarchy or a data storage area key for a storage area to be accessed in a predetermined order is generated, and an authentication processing execution means is generated It has been made so that to perform a first authentication process using the authentication key.

  According to the present invention, flexible and highly secure access control can be performed.

  FIG. 1 shows a contactless card system to which the present invention is applied (a system is a logical collection of a plurality of devices, regardless of whether or not each component device is in the same casing). 2 shows an example of the configuration of an embodiment.

  This contactless card system is composed of an R / W1, an IC card 2, and a controller 3. Data is transmitted and received between the R / W1 and the IC card 2 in a contactless manner using electromagnetic waves. Has been made.

  That is, the R / W 1 transmits a predetermined command to the IC card 2, and the IC card 2 receives the command and performs processing corresponding to the command. Then, the IC card 2 transmits response data corresponding to the processing result to the R / W 1.

  The R / W1 is connected to the controller 3 via a predetermined interface (for example, one compliant with the RS-485A standard), and the controller 3 supplies a predetermined control signal to the R / W1. Thus, a predetermined process is performed.

  FIG. 2 shows a configuration example of the R / W 1 in FIG.

  The IC 21 communicates with a DPU (Data Processing Unit) 31 for processing data, an SPU (Signal Processing Unit) 32 for processing data transmitted to the IC card 2 and data received from the IC card 2, and a controller 3. A memory unit 34 including an SCC (Serial Communication Controller) 33 to be performed, a ROM unit 41 that stores information necessary for data processing in advance, and a RAM unit 42 that temporarily stores data being processed, Connected via bus.

  Also connected to this bus is a flash memory 22 for storing predetermined data.

  The DPU 31 outputs a command to be transmitted to the IC card 2 to the SPU 32 and receives response data received from the IC card 2 from the SPU 32.

  The SPU 32 performs predetermined processing (for example, BPSK (BiPhase Shift Keying) modulation (coding into a one-chester code), etc.) on the command transmitted to the IC card 2, and then outputs the processed signal to the modulation circuit 23. The response data transmitted from the card 2 is received from the demodulation circuit 25, and predetermined processing is performed on the data.

  The modulation circuit 23 performs ASK (Amplitude Shift Keying) modulation on a carrier wave having a predetermined frequency (for example, 13.56 MHz) supplied from an oscillator (OSC) 26 with data supplied from the SPU 32, and generates a modulated wave. An electromagnetic wave is output to the IC card 2 via the antenna 27. At this time, the modulation circuit 23 performs ASK modulation with a modulation degree less than 1, so that the maximum amplitude of the modulated wave does not become zero even when the data is at a low level. Has been made.

  The demodulation circuit 25 demodulates the modulated wave (ASK modulated wave) received via the antenna 27 and outputs the demodulated data to the SPU 32.

  FIG. 3 shows a configuration example of the IC card 2 of FIG.

  In this IC card 2, the IC 51 receives the modulated wave transmitted by the R / W 1 via the antenna 53. The capacitor 52 constitutes an LC circuit together with the antenna 53, and is tuned (resonated) with an electromagnetic wave having a predetermined frequency (carrier frequency).

  In the IC 51, the RF interface unit 61 (communication means) detects and demodulates the modulated wave (ASK modulated wave) received via the antenna 53 by the ASK demodulator 81, and the demodulated data is converted into the BPSK demodulator circuit 62. In addition, the voltage regulator 82 stabilizes the signal detected by the ASK demodulator 81 and supplies it to each circuit as a DC power supply.

  The RF interface unit 61 oscillates a signal having the same frequency as the data clock frequency by the oscillation circuit 83 and outputs the signal to the PLL unit 63.

  Further, in the RF interface unit 61, in the ASK modulation unit 81, the load of the antenna 53 as the power source of the IC card 2 is changed in accordance with the data supplied from the calculation unit 64 via the BPSK modulation circuit 68 ( For example, the predetermined switching element is turned on / off corresponding to the data, and the predetermined load is connected in parallel to the antenna 53 only when the switching element is in the on state). The modulated wave is ASK-modulated (when data is transmitted from the IC card 2 (when data is transmitted to the IC card 2), the R / W1 makes the maximum amplitude of the modulated wave to be output constant, and this The modulated wave is ASK-modulated by the load variation of the antenna 53), and the modulation component is transmitted to the R / W1 via the antenna 53. (Fluctuate terminal voltage of the antenna 27 of R / W1) As is made it is in.

  The PLL unit 63 generates a clock signal synchronized with the data from the data supplied from the ASK demodulation unit 81 and outputs the clock signal to the BPSK demodulation circuit 62 and the BPSK modulation circuit 68.

  When the data demodulated by the ASK demodulator 81 is BPSK modulated, the BPSK demodulator 62 demodulates the data (decodes one-chester code) in accordance with the clock signal supplied from the PLL unit 63 and demodulates the data. The processed data is output to the calculation unit 64.

  When the data supplied from the BPSK demodulator circuit 62 is encrypted, the arithmetic unit 64 decrypts the data with the encryption / decryption unit 92 and then processes the data with the sequencer 91. . If the data is not encrypted, the data supplied from the BPSK demodulation circuit 62 is directly supplied to the sequencer 91 without going through the encryption / decryption unit 92.

  The sequencer 91 (management means) (generation means) (authentication means) performs processing corresponding to data as a command supplied thereto. That is, for example, the sequencer 91 performs data writing and reading with respect to the EEPROM 66 and other necessary arithmetic processing for the data. Further, the sequencer 91 performs control of access to the EEPROM 66 by performing authentication, management of the EEPROM 66, and the like.

  The parity calculation unit 93 of the calculation unit 64 calculates a Reed-Solomon code, for example, as parity from data stored in the EEPROM 66 or data stored in the EEPROM 66.

  Further, the arithmetic unit 64 performs predetermined processing by the sequencer 91, and then outputs response data (data to be transmitted to the R / W1) corresponding to the processing to the BPSK modulation circuit 68.

  The BPSK modulation circuit 68 performs BPSK modulation on the data supplied from the calculation unit 64 and outputs the modulated data to the ASK modulation unit 84 of the RF interface unit 61.

  A ROM (Read Only Memory) 65 stores a program for the sequencer 91 to perform processing and other necessary data. When the sequencer 91 performs processing, the RAM 67 temporarily stores data in the middle of the processing.

  An EEPROM (Electrically Erasable and Programmable ROM) 66 (storage means) (data storage means) is a non-volatile memory, and even after the IC card 2 terminates communication with the R / W 1 and the power supply is stopped, the data It is made to keep memorizing.

  Next, data transmission / reception processing between the R / W 1 and the IC card 2 will be described.

  The R / W 1 (FIG. 2) emits a predetermined electromagnetic wave from the antenna 27, monitors the load state of the antenna 27, and waits until a change in the load state due to the approach of the IC card 2 is detected. Note that R / W1 emits an ASK-modulated electromagnetic wave with a predetermined short pattern of data, and repeats a call to the IC card 2 until a response from the IC card 2 is obtained within a predetermined time (polling) ) May be performed.

  When the approach of the IC card 2 is detected in the R / W1, the SPU 32 of the R / W1 uses the rectangular wave of a predetermined frequency (for example, a frequency twice the data clock frequency) as a carrier wave to the IC card 2. BPSK modulation is performed with data to be transmitted (commands corresponding to processing to be executed by the IC card 2, data written to the IC card 2, etc.), and the generated modulated wave (BPSK modulation signal) (One Chester code) is converted into the modulation circuit 23 Output to.

  At the time of BPSK modulation, data can be made to correspond to a change in the phase of the modulated wave using differential conversion. In this case, even if the BPSK modulation signal is inverted, the original data Therefore, there is no need to consider the polarity of the modulated wave when demodulating.

  The modulation circuit 23 performs ASK modulation on a predetermined carrier wave with an input BPSK modulation signal with a modulation factor of less than 1 (for example, 0.1) (= maximum amplitude of data signal / maximum amplitude of carrier wave), and generated modulation A wave (ASK modulated wave) is transmitted to the IC card 2 via the antenna 27.

  When transmission is not performed, the modulation circuit 23 generates a modulated wave at a high level, for example, of two levels (high level and low level) of the digital signal.

  In the IC card 2 (FIG. 3), in the LC circuit composed of the antenna 53 and the capacitor 52, part of the electromagnetic wave radiated by the antenna 27 of the R / W 1 is converted into an electric signal, and the electric signal (modulated wave) is converted into an electric signal. , Output to the RF interface 61 of the IC 51. Then, the ASK demodulator 81 of the RF interface 61 performs envelope detection by rectifying and smoothing the modulated wave, and supplies a signal generated thereby to the voltage regulator 82 and also converts the DC component of the signal. The data signal is extracted while being suppressed, and the data signal is output to the BPSK demodulation circuit 62 and the PLL unit 63.

At this time, the terminal voltage V ₀ of the antenna 53 is, for example, as follows.
V ₀ = V ₁₀ (1 + k × Vs (t)) cos (ωt)
However, V ₁₀ cos (ωt) represents a carrier wave, k represents a modulation degree, and Vs (t) represents data output from the SPU 32.

The low level value V _LR of the voltage V ₁ after rectification by the ASK demodulator 81 is, for example, as follows.
V _LR = V ₁₀ (1 + k × (−1)) − Vf

  Here, Vf indicates a voltage drop in a diode (not shown) constituting a rectifier circuit for performing rectification and smoothing in the ASK demodulator 81, and is generally about 0.7 volts.

  When the voltage regulator 82 receives the signal rectified and smoothed by the ASK demodulator 81, the voltage regulator 82 stabilizes the signal and supplies it as a DC power source to each circuit including the arithmetic unit 64. Here, as described above, since the modulation degree k of the modulated wave is less than 1, the voltage fluctuation after rectification (difference between the high level and the low level) is small. Accordingly, the voltage regulator 82 can easily generate a DC power source.

Here, for example, when a modulated wave having a modulation degree k of 5% is received so that V ₁₀ is 3 volts or more, the low level voltage V _LR after rectification is 2.15 (= 3 × (1− 0.05) −0.7) volts or more, and the voltage regulator 82 can supply each circuit with a voltage sufficient as a power source. Furthermore, in this case, the amplitude 2 × k × V ₁₀ (Peak-to-Peak value) of the AC component (data component) of the rectified voltage V ₁ is 0.3 (= 2 × 0.05 × 3) volts. Thus, the ASK demodulator 81 can demodulate data with a sufficiently high S / N ratio.

  In this way, by using an ASK modulated wave having a modulation degree k of less than 1, communication is performed with a low error rate (with a high S / N ratio), and a DC voltage sufficient as a power source is applied to the IC card 2. Supplied.

  When receiving the data signal (BPSK modulated signal) from the ASK demodulator 81, the BPSK demodulator 62 demodulates the data signal in accordance with the clock signal supplied from the PLL unit 63, and outputs the demodulated data to the calculator 64. .

  When the data supplied from the BPSK demodulation circuit 62 is encrypted, the arithmetic unit 64 decrypts the data with the encryption / decryption unit 92 and then supplies the data (command) to the sequencer 91 for processing. Note that during this period, that is, after the data is transmitted to the IC card 2 and until a response to the response is received, the R / W 1 stands by while transmitting data having a value of 1. Therefore, during this period, the IC card 2 receives a modulated wave having a constant maximum amplitude.

  When the processing is completed, the sequencer 91 outputs data about the processing result (data to be transmitted to the R / W1) to the BPSK modulation circuit 68. The BPSK modulation circuit 68 performs BPSK modulation (coding into a one-chester code) of the data, like the R / W1 SPU 32, and then outputs the data to the ASK modulation unit 84 of the RF interface unit 61.

  Then, the ASK modulation unit 84 varies the load connected to both ends of the antenna 53 according to the data from the BPSK modulation circuit 68 using a switching element or the like, thereby receiving a modulated wave (IC card). 2, the maximum amplitude of the modulated wave output by the R / W 1 is constant as described above, and the ASK modulation is performed according to the data to be transmitted. The terminal voltage of the antenna 27 is changed, and the data is transmitted to the R / W1.

  On the other hand, the modulation circuit 23 of the R / W 1 continues to transmit data having a value of 1 (high level) when receiving data from the IC card 2. Then, in the demodulation circuit 25, the data transmitted by the IC card 2 from the minute fluctuation (for example, several tens of microvolts) of the terminal voltage of the antenna 27 electromagnetically coupled to the antenna 53 of the IC card 2 is obtained. Detected.

  Further, in the demodulation circuit 25, the detected signal (ASK modulation wave) is amplified and demodulated by a high gain amplifier (not shown), and the resulting digital data is output to the SPU 32. The SPU 32 demodulates the data (BPSK modulation signal) and outputs it to the DPU 31. The DPU 31 processes the data from the SPU 32 and determines whether or not to end the communication according to the processing result. When it is determined that communication is performed again, communication is performed between the R / W 1 and the IC card 2 in the same manner as described above. On the other hand, when it is determined that the communication is to be terminated, the R / W 1 ends the communication process with the IC card 2.

  As described above, the R / W 1 transmits data to the IC card 2 by using the ASK modulation whose modulation degree k is less than 1, and the IC card 2 receives the data and processes corresponding to the data And the data corresponding to the processing result is returned to the R / W1.

  Next, FIG. 4 shows a logical format of the EEPROM 66 of FIG.

  The EEPROM 66 is configured in units of blocks. In the embodiment shown in FIG. 4, one block is configured by 16 bytes, for example.

Further, in the embodiment of FIG. 4, the logical address of the uppermost block is # 0000h (h represents a hexadecimal number), and the logical addresses are assigned in ascending order. In FIG. 4, # 0000h to #FFFFh are assigned as logical addresses, and therefore 65536 (= 2 ¹⁶ ) blocks are configured.

  The block is designed to be used as a user block or a system block. The blocks of the EEPROM 66 are assigned to user blocks in ascending order of logical addresses, and are assigned to system blocks in descending order of logical addresses. That is, in FIG. 4, the user blocks increase in the downward direction and the system blocks increase in the upward direction. When there are no more empty blocks, the user blocks and the system blocks cannot be created. Therefore, the boundary between the user block and the system block is not fixed, and the number of user blocks or the number of system blocks is not particularly limited (however, in the embodiment of FIG. 4, the user block and the system block are not limited). The total number of blocks is limited to 65536 or less).

  There are five types of system blocks: manufacturing ID (Identification) block, issue ID block, system definition block, area definition block, and service definition block. In the embodiment of FIG. 4, blocks that are area definition blocks or service definition blocks are indicated as area / service definition blocks.

  Of the system blocks, the manufacturing ID block, the issue ID block, and the system definition block are basically already arranged when the IC card 2 is issued, and logical addresses #FFFFh, #FFFEh, #FFFDh Respectively. The area / service definition blocks are arranged in the order of creation above the logical address #FFFCh.

  Information relating to the manufacture of the IC card 2 is arranged in the manufacture ID block. That is, for example, a unique manufacturing ID, a manufacturing date, a manufacturer's code, and the like are arranged in the manufacturing ID block.

  Information relating to the issue of the IC card 2 is arranged in the issue ID block. That is, in the issue ID block, for example, a date when the IC card 2 is issued, a code indicating the order in which the IC cards are issued, and the like are arranged.

  In the system definition block, for example, the number of system blocks or user blocks included in the EEPROM 66, a system key, and the like are arranged. The system key is used when mutual authentication is performed between the IC card 2, the R / W 1 and the controller 3.

  The area definition block is created, for example, by assigning a storage area (area) of the EEPROM 66 to the administrator, and information for the administrator to manage the storage area assigned to the administrator is arranged there. Is done. That is, for example, a code range, a free capacity, an area key, and the like, which will be described later, are arranged in the area definition block.

  In the service definition block, information (service area capacity, service key, etc.) for managing a service area to be described later is arranged.

  Next, in the sequencer 91, the storage area of the EEPROM 66 is managed hierarchically.

  That is, FIG. 5 shows the directory structure of the EEPROM 66.

  The storage area of the EEPROM 66 has a hierarchical structure with the area definition area as a hierarchy, and the area definition area can have an area definition area and a service definition area.

  An area definition area (hierarchical key storage means) is assigned to an administrator, and there is a code range indicating a range of identification codes that can be used as a name for the administrator to identify the area definition area and the service definition area. , A free capacity indicating the number of available free blocks, an area key for generating an access key, which will be described later, used for authentication, and the like are arranged. Here, one area definition area corresponds to one area definition block described in FIG.

  In the embodiment of FIG. 5, the area definition area assigned to the manager A constitutes the highest hierarchy, and the area definition areas of the managers B1 and B2 are created using this as the parent hierarchy. Further, the area definition area of the manager C is created with the area definition area of the manager B1 as the parent hierarchy.

  A service definition area (data storage area key storage means) is allocated to a service provided by an administrator, and generates a capacity of a service area for storing data necessary for providing the service and an access key. The service key is arranged. Here, one service definition area corresponds to one service definition block described in FIG.

  The service area is a storage area in which data necessary for providing the service is stored, and corresponds to the user block in FIG. That is, the service area is composed of zero or more user blocks, and the number of user blocks constituting the service area is arranged as the capacity of the service definition area for managing the service area.

  In the area definition area and the service definition area, identification codes for identifying them are also arranged. Here, each identification code for identifying an area definition area or a service definition area is hereinafter referred to as an area code or a service code as appropriate. Since the service code identifies a service definition area that manages a certain service area, it can be said that the service code is an identification code (service area identification code) that identifies the service area.

  In the embodiment of FIG. 5, the area definition area of the highest hierarchy is assigned to the administrator A. Then, 0000h to FFFFh are defined as usable identification code ranges (code ranges), and 0123456789abcdef are defined as area keys. Here, any identification code within the code range in the area definition area can be used as the area code of the area definition area. In the present embodiment, for example, the area definition area code The minimum value of the range is used as the area code. Accordingly, the area definition area in which the code range is 0000h to FFFFh, that is, the area definition area assigned to the administrator A is 0000h. Here, the area definition area of area code #xxxxh is hereinafter referred to as area definition area #xxxxh as appropriate.

  In the hierarchy of the area definition area # 0000h of the administrator A, a service definition area for the administrator A to provide a service is provided. 0008h of 0000h to FFFFh, which is the code range of area definition area # 0000h, is assigned to this service definition area as a service code. Here, the service definition area of service code #xxxxh is hereinafter referred to as service definition area #xxxxh as appropriate.

  The capacity of the service definition area # 0008h is 8. Therefore, the service area composed of 8 user blocks can be used. The service key of the service definition area # 0008h is 001010101010101.

  Further, the area definition area # 0000h of the manager A is provided with an area definition area # 0100h of the manager B1 and an area definition area # 1000h of the manager B2 as child hierarchies thereof. In addition, other area definition areas (not shown) are also provided in the hierarchy of the area definition area # 0000h, so that the number of blocks (free capacity) that can be used by the area definition area # 0000h is 37 blocks, for example. It has become.

  As the code range of the area definition area # 0100h of the administrator B1, 0100h to 03FFh among the code ranges of 0000h to FFFFh that are the code range of the area definition area # 0000h that is the parent hierarchy is assigned. Here, since the code range of the area definition area of the administrator B1 is 0100h to 03FFh, the minimum value 0100h is the area code of the area definition area of the administrator B1.

  The free space or area key of the area definition area # 0100h is 14 or a0a0a0a0a0a0a0a0, respectively.

  Further, the area definition area # 0100h of the manager B1 is provided with an area definition area # 0300h of the manager C as a child hierarchy. Then, as the code range of the area definition area # 0300h of the administrator C, 0300h to 03FFh is assigned among 0100h to 03FFh which is the code range of the area definition area # 0100h which is the parent hierarchy. Here, since the code range of the area definition area of the administrator C is 0300h to 03FFh, 0300h which is the minimum value is the area code of the area definition area of the administrator C.

  The free space or area key of area definition area # 0300h is 0 or b0b0b0b0b0b0b0b0, respectively.

  In the hierarchy of the area definition area # 0300h of the administrator C, a service definition area for the administrator C to provide a service is provided. In this service definition area, 030Ch of 0300h to 03FFh, which is the code range of area definition area # 0300h, is assigned as a service code.

  The service definition area to which the service code 030Ch is assigned, that is, the service definition area # 030Ch has a capacity of 16, so that a service area composed of 16 user blocks can be used. The service key of the service definition area # 030Ch is 0202020202020202.

  Here, since the capacity of the service area managed by the service definition area # 030Ch is 16, and the service definition area # 030Ch itself uses one block as a service definition block, the service definition area # 030Ch exists. As a result, the number of blocks used is 17 (= 16 + 1) blocks. Further, the number of blocks that can be used by the area definition area # 0300h of the hierarchy to which the service definition area # 030Ch belongs is 0 block because the free capacity is 0. Furthermore, area definition area # 0300h itself uses one block as an area definition block. Accordingly, in the hierarchy of the area definition area # 0300h, the used blocks are 18 (= 17 + 1) blocks and the usable blocks are 0 blocks, so the area definition area which is the parent hierarchy (upper hierarchy) It can be seen that the number of blocks allocated from # 0100h is 18 (= 18 + 0) blocks.

  Further, regarding the hierarchy of the area definition area # 0100h, as described above, 18 blocks are used in the area definition area # 0300h that is a child hierarchy (lower hierarchy). Further, a block whose area definition area # 0100h itself is 1 is used as an area definition block. The free space in area definition area # 0100h is 14 as described above. Accordingly, in the hierarchy of the area definition area # 0100h, since 19 (= 18 + 1) blocks are used and 14 usable blocks are allocated, the area definition area # 0000h that is the parent hierarchy is assigned. It can be seen that the number of blocks is 33 (= 19 + 14) blocks.

  On the other hand, as the code range of the area definition area # 1000h of the administrator B2, 1000h to 1FFFh of the code range of 0000h to FFFFh which is the code range of the area definition area # 0000h that is the parent hierarchy is assigned. Here, since the code range of the area definition area of the administrator B2 is 1000h to 1FFFh, the minimum value 1000h is the area code of the area definition area of the administrator B2.

  The free space or area key of the area definition area # 1000h is 43 or c0c0c0c0c0c0c0c0, respectively.

  In the hierarchy of the area definition area # 1000h of the administrator B2, a service definition area for the administrator B2 to provide a service is provided. In this service definition area, 1022h out of 1000h to 1FFFh which is the code range of area definition area # 1000h is assigned as a service code.

  The capacity of the service definition area to which the service code 1022h is assigned, that is, the service definition area # 1022h is set to 4, so that the service area composed of 4 user blocks can be used. Also, the service key of the service definition area # 1022h is 003030303030303.

  Here, since the capacity of the service area managed by the service definition area # 1022h is 4, and the service definition area # 1022h itself uses one block as the service definition block, the service definition area # 1022h exists. As a result, the number of blocks used is 5 (= 4 + 1) blocks. Further, the number of blocks that can be used by the area definition area # 1000h of the hierarchy to which the service definition area # 1022h belongs is 43 blocks because the free capacity is 43. Further, a block whose area definition area # 1000h itself is 1 is used as an area definition block. Accordingly, in the hierarchy of the area definition area # 1000h, the number of used blocks is 6 (= 5 + 1) blocks, and the number of usable blocks is 43. Therefore, the blocks allocated to the area definition area # 1000h are 49 blocks. It can be seen that (= 6 + 43) blocks.

  As described above, since the code range that is the range of identification codes that can be assigned to the area definition area to be managed is stored in the area definition area, the area definition area to be managed is defined as a child based on the code range. A hierarchical structure as shown in FIG. 5 can be defined in which a hierarchy is used, and an area definition area that manages the area definition area is a parent hierarchy.

  Next, referring to FIG. 6, the hierarchical structure shown in FIG. 5 is configured assuming that administrator A to which area definition area # 0000h of the highest hierarchy is assigned is the issuer of IC card 2, for example. Explain the process.

  For example, the administrator A issues the IC card 2 in response to a user request (1). For example, only the area definition area # 0000h is created in the IC card 2 in the hierarchical structure of FIG.

  When the administrator A starts to provide a predetermined service using the service area managed by the service definition area # 0008h, the administrator A obtains information necessary for creating the service definition area # 0008h. Register in the ticket issuing machine 101 (2).

  Here, the ticket-issuing machine 101 is comprised from R / W1 of FIG. In addition, the ticket issuing machine 101 can be installed, for example, at a station, a retail store, or other facilities.

  Thereafter, when the user attaches the IC card 2 to the ticket issuing machine 101 (when the IC card 2 is in a state where communication with the R / W 1 built in the ticket issuing machine 101 is possible), the ticket issuing machine 101 is installed. Transmits a command and necessary data to the IC card 2 based on the registered information, and creates a service definition area # 0008h. Thus, the user can receive a service provided by the administrator A using the service area managed by the service definition area # 0008h.

  On the other hand, when each of the managers B1 and B2 wants to provide a service using the IC card 2, the manager B1 and B2 make a contract with the manager A, and create the area definition areas # 0100h and # 1000h. (3) and (4) are requested to register the information necessary for performing the registration in the ticket issuing machine 101. When the user attaches the IC card 2 to the ticket issuing machine 101, the ticket issuing machine 101 transmits a command and necessary data to the IC card 2 based on the registered information, and the area definition areas # 0100h and # 0 Create 1000h. As a result, the administrator B1 or B2 can use the resources of the IC card 2 within the range defined in the area definition area # 0100h or # 1000h.

  Thereafter, when the administrator B2 starts providing a predetermined service using the service area managed by the service definition area # 1022h, information necessary for creating the service definition area # 1022h is Register in the ticket issuing machine 101 (5). When the user attaches the IC card 2 to the ticket issuing machine 101, the ticket issuing machine 101 transmits a command and necessary data to the IC card 2 based on the registered information, and creates a service definition area # 1022h. Let As a result, the user can receive the service provided by the administrator B2 using the service area managed by the service definition area # 1022h.

  In addition, when the manager C wants to provide a service using the IC card 2 under the management of the manager B1, the manager C makes a contract with the manager B1 and sends the area definition area # 0300h to the manager B1. The information necessary for creating the ticket is registered in the ticket issuing machine 101 (6). When the user attaches the IC card 2 to the ticket issuing machine 101, the ticket issuing machine 101 transmits a command and necessary data to the IC card 2 based on the registered information, and creates an area definition area # 0300h. Let As a result, the administrator C can use the resources of the IC card 2 within the range defined in the area definition area # 0300h.

  After that, when the administrator C starts providing a predetermined service using the service area managed by the service definition area # 030Ch, information necessary for creating the service definition area # 030Ch is Register in the ticket issuing machine 101 (7). When the user attaches the IC card 2 to the ticket issuing machine 101, the ticket issuing machine 101 transmits a command and necessary data to the IC card 2 based on the registered information, and creates a service definition area # 030Ch. Let As a result, the user can receive the service provided by the administrator C using the service area managed by the service definition area # 030Ch.

  In the IC card 2, as described above, the area definition area and the service definition area are created in accordance with the command from the ticket issuing machine 101. The area creation process for creating the area definition area and the service creation process for creating the service definition area are performed by, for example, the sequencer 91. For the area creation process and the service creation process, refer to FIG. 7 and FIG. I will explain.

  First, the area creation process will be described with reference to the flowchart of FIG.

  When the IC card 2 is attached to the ticket issuing machine 101, the ticket issuing machine 101 instructs the IC card 2 to create an area definition area (hereinafter referred to as definition, area creation command) and its area. Information necessary for creating the definition area, for example, the code range of the area definition area to be created, the number of blocks allocated to the area definition area (hereinafter referred to as the number of allocated blocks as appropriate), the area key, and the parent The area definition area area code (hereinafter referred to as the parent area code as appropriate) is transmitted.

  Here, it is desirable to transmit the information necessary for creating the area definition area to the IC card 2 in an encrypted state from the viewpoint of security. Note that the encryption can be performed using, for example, the same key as the area key stored in the area definition area having the parent area code. Since the area key stored in the area definition area having the parent area code is stored in the EEPROM 66, the IC card 2 can decode the encrypted information.

  When the IC card 2 (sequencer 91) receives the area creation command, it decrypts the encrypted information transmitted together with it, whereby the parent area code, the code range of the area definition area to be created, and the allocation Recognize the number of blocks and area keys. Furthermore, the IC card 2 recognizes the area code of the area definition area to be created. That is, here, the minimum value of the code range of the area definition area to be created is recognized as the area code.

  Then, in the IC card 2, in step S <b> 1, it is determined whether the creation target area definition area has already been created in the EEPROM 66. That is, in step S1, it is determined whether an area definition area having the same area code as the area code of the area definition area to be created has already been created.

  If it is determined in step S1 that the area definition area to be created has already been created, the area creation process is terminated. That is, when the area definition area to be created has already been created, it is not necessary to create the same area definition area in duplicate, and therefore the subsequent processing is not performed.

  If it is determined in step S1 that the area definition area to be created has not been created, the process proceeds to step S2 to determine whether the code range and the number of allocated blocks (capacity) of the area definition area to be created are appropriate. Is done. That is, in step S2, the code range of the area definition area to be created is included in the code range stored in the area definition area having the parent area code, and the number of blocks allocated to the area definition area to be created is Then, it is determined whether or not it is less than the free space stored in the area definition area having the parent area code.

  If it is determined in step S2 that the code range and the number of allocated blocks of the area definition area to be created are not appropriate, that is, the code range of the area definition area to be created is stored in the area definition area having the parent area code. If it is not included in the code range, or if the number of allocation blocks of the area definition area to be created exceeds the free space stored in the area definition area having the parent area code, the process proceeds to step S3. Error processing is performed, and the area creation processing ends. That is, in step S3, for example, a message that the area definition area having the parent area code is set as a parent hierarchy and an area definition area that is a child hierarchy cannot be created is transmitted to the ticket issuing machine 101. Therefore, in this case, the area definition area is not created.

  On the other hand, when it is determined in step S2 that the code range and the number of allocated blocks of the area definition area to be created are appropriate, that is, the code range of the area definition area to be created has an area definition area having a parent area code. If the number of blocks allocated to the area definition area to be created is equal to or less than the free capacity stored in the area definition area having the parent area code, the process proceeds to step S4. The area definition area to be created is created as a child hierarchy of the hierarchy of the area definition area having the parent area code (parent hierarchy).

  That is, in step S4, the lowest block (the empty block with the largest logical address) among the empty blocks in the EEPROM 66 (FIG. 4) is secured as the area definition block corresponding to the area definition area to be created. . Further, a code range, a free capacity, an area key, and the like are written in the area definition block. Here, in step S4, the code range and area key transmitted from the ticket issuing machine 101 are written as they are. Further, as the free space, a value obtained by subtracting 1 from the number of allocated blocks transmitted from the ticket issuing machine 101 is written. The reason why the value obtained by subtracting 1 from the number of allocated blocks is written as the free space because the created area definition area uses one block.

  Thereafter, the process proceeds to step S5, where the free space in the area definition area having the parent area code is rewritten, and the area creation process is terminated. That is, in step S5, a value obtained by subtracting the number of allocated blocks from the free capacity of the area definition area having the parent area code is newly written as the free capacity of the area definition area.

  The area definition areas # 0100h, # 1000h, and # 0300h of the managers B1, B2, and C shown in FIG. 5 are created by performing the above area creation processing.

  That is, when the IC card 2 is issued, the administrator A who is also the issuer has all the resources of the IC card 2, and the usable identification code or capacity of the IC card 2 is, for example, 0000h to FFFFh. Or, if it is 65533 blocks, when the IC card 2 is issued, as the area definition area, only the area definition area # 0000h of the highest hierarchy having a code range of 0000h to FFFFh and a free space of 65532 is provided. Is present.

  In the present embodiment, as shown in FIG. 4, the EEPROM 66 has 65536 blocks. However, in the IC card 2 immediately after issuance, the usable capacity is 3533 blocks less than that. This is because, as shown in FIG. 4, a manufacturing ID block, an issued ID block, and a system definition block exist.

  The reason why the free space of the area definition area # 0000h in the highest hierarchy is 65532 blocks which is one block less than the usable capacity 65533 blocks is because the area definition area # 0000h itself uses one block. is there.

  In the case where the administrator A assigns, for example, an identification code in the range of 0100h to 03FFh and 33 blocks among his resources to the administrator B1, the area creation process is performed, so that the area definition area # 0100h Is created. That is, in this case, 0100h to 03FFh are written in the area definition area # 0100h as a code range and 32 blocks as free capacity. The reason why the free space is one block less than the 33 blocks allocated by the administrator A is that the area definition area # 0100h itself uses one block.

  When the area definition area # 0100h is created, the free space in the area definition area # 0000h of the manager A is reduced by 33 blocks allocated to the manager B1.

  In addition, when the administrator A distributes, for example, an identification code in the range of 1000h to 1FFFh and 49 blocks to his / her administrator B2 among his / her resources, the area definition region is obtained by performing area creation processing. # 1000h is created. That is, in this case, 1000h to 1FFFh are written in the area definition area # 1000h as the code range and 48 blocks as the free capacity. The reason why the free space is one block less than the 49 blocks allocated from the administrator A is that the area definition area # 1000h itself uses one block.

  When the area definition area # 1000h is created, the free space in the area definition area # 0000h of the manager A is reduced by 33 blocks allocated to the manager B2.

  When the area definition area # 0100h or # 1000h is created as described above, each of the managers B1 or B2 adds an area definition area as a child hierarchy to the area definition area # 0100h or # 1000h. It is possible to create a service definition area.

  For example, now, when the administrator B1 assigns, for example, an identification code in the range of 0300h to 03FFh and 18 blocks among his resources to the administrator C, area creation processing is performed, Definition area # 0300h is created. That is, in this case, 0300h to 03FFh are written in the area definition area # 0300h as the code range and 17 blocks as the free space. The reason why the free space is one block less than the 18 blocks allocated from the administrator B1 is that the area definition area # 0300h itself uses one block.

  When the area definition area # 0300h is created, the free space of the administrator B1 area definition area # 0100h is reduced by 18 blocks allocated to the administrator C. That is, as described above, when the area definition area # 0100h is created, the empty area is 32 blocks, but is reduced by 18 blocks to 14 blocks as shown in FIG. .

  Next, the service creation process will be described with reference to the flowchart of FIG.

  When the IC card 2 is attached to the ticket issuing machine 101, the ticket issuing machine 101 instructs the IC card 2 to create a service definition area (hereinafter referred to as definition and service creation command) and its service. Information necessary for creating the definition area, for example, the service code of the service definition area to be created, the number of blocks allocated to the service definition area (also referred to as the number of allocated blocks as appropriate hereinafter), service key , And the area code of the area definition area of the hierarchy in which the service definition area is created (hereinafter also referred to as the parent area code as appropriate) and the like.

  Here, the information necessary for creating the service definition area is the same key as the area key stored in the area definition area having the parent area code, for example, from the viewpoint of security, as in the area creation process. It is desirable to transmit the data to the IC card 2 in an encrypted state using.

  When the IC card 2 (sequencer 91) receives the service creation command, it decrypts the encrypted information transmitted together with it, thereby the parent area code, the service code of the service definition area to be created, and the allocation Recognize the number of blocks and service keys.

  In step S11, the IC card 2 determines whether the service definition area to be created has already been created in the EEPROM 66. That is, in step S11, it is determined whether a service definition area having the same service code as the service code of the service definition area to be created has already been created.

  If it is determined in step S11 that the service definition area to be created has already been created, the service creation process ends. That is, when the service definition area to be created has already been created, it is not necessary to create the same service definition area in duplicate, so that the subsequent processing is not performed.

  If it is determined in step S11 that the creation target service definition area has not been created, the process proceeds to step S12 to determine whether the service code and the number of allocated blocks (capacity) of the creation target service definition area are appropriate. Is done. That is, in step S12, the service code of the service definition area to be created is included in the code range stored in the area definition area having the parent area code, and the number of allocated blocks of the service definition area to be created is Then, it is determined whether or not it is less than the free space stored in the area definition area having the parent area code.

  If it is determined in step S12 that the service code and the number of allocated blocks in the service definition area to be created are not appropriate, that is, the service code in the service definition area to be created is stored in the area definition area having the parent area code. If the number is not included in the code range or the number of allocated blocks of the service definition area to be created exceeds the free space stored in the area definition area having the parent area code, the process proceeds to step S13. Error processing is performed, and the area creation processing ends. That is, in step S3, for example, a message indicating that the service definition area cannot be created in the hierarchy of the area definition area having the parent area code is transmitted to the ticket issuing machine 101. Therefore, in this case, the service definition area is not created.

  On the other hand, if it is determined in step S12 that the service code and the number of allocated blocks in the service definition area to be created are appropriate, that is, the area definition area in which the service code in the service definition area to be created has a parent area code. If the number of blocks allocated in the service definition area to be created is equal to or less than the free capacity stored in the area definition area having the parent area code, the process proceeds to step S14. A service definition area to be created is created in a hierarchy of area definition areas having a parent area code.

  That is, in step S14, the lowest block (the empty block with the largest logical address) among the empty blocks in the EEPROM 66 (FIG. 4) is secured as the service definition block corresponding to the service definition area to be created. . Further, a service code, a capacity, a service key, and the like are written in the service definition block. Here, in step S14, the service code and the service key transmitted from the ticket issuing machine 101 are written as they are. As the capacity, a value obtained by subtracting 1 from the number of allocated blocks transmitted from the ticket issuing machine 101 is written. The reason why the value obtained by subtracting 1 from the number of allocated blocks is written as the capacity because the created service definition area uses one block.

  In step S14, the number of empty blocks corresponding to the capacity written in the created service definition area is selected in ascending order of logical addresses, and secured as user blocks constituting the service area managed by the service definition area. Then, the process proceeds to step S15.

  In step S15, the free space in the area definition area having the parent area code is rewritten, and the service creation process ends. That is, in step S15, a value obtained by subtracting the number of allocated blocks from the free capacity of the area definition area having the parent area code is newly written as the free capacity of the area definition area.

  The service definition areas # 0008h, # 1022h, and # 030Ch of the managers A, B2, and C shown in FIG. 5 are created by performing the above service creation process.

  That is, when the administrator A provides a service using, for example, an identification code of 0008h and a capacity of 9 blocks among his own resources, the service creation process is performed, so that the service definition area # 0008h is created, and 8 blocks are written therein as a capacity. Further, eight free blocks are secured as user blocks and are service areas managed by area definition area # 0008h. The reason why the capacity written in service definition area # 0008h is one block less than nine blocks is that service definition area # 0008h itself uses one block.

  When the service definition area # 0008h is created, the free space in the area definition area # 0000h of the manager A is reduced by 9 blocks allocated to the service definition area # 0008h.

  As described above, the administrator A can provide a service using the 8-block service area managed in the service definition area # 0008h.

  In addition, when the administrator B2 provides a service using, for example, an identification code of 1022h and a capacity of 5 blocks among his own resources, the service creation process is performed, so that the service definition area # 1022h is created, and 4 blocks are written there as capacity. Further, four empty blocks are secured as user blocks and are service areas managed by area definition area # 1022h. The reason that the capacity written in service definition area # 1022h is one block less than five blocks is that service definition area # 1022h itself uses one block.

  When the service definition area # 1022h is created, the free space in the area definition area # 1000h of the administrator B2 is reduced by 5 blocks allocated to the service definition area # 1022h. That is, as described above, when the area definition area # 1000h is created, the free space is 48 blocks, but is reduced by 5 blocks to 43 blocks as shown in FIG. .

  As described above, the administrator B2 can provide a service by using the 4-block service area managed in the service definition area # 1022h.

  Furthermore, when the administrator C provides a service using, for example, an identification code of 030Ch and a capacity of 17 blocks among its own resources, the service creation process is performed, so that the service definition area # 030Ch is created, and 16 blocks are written therein as the capacity. Further, 16 free blocks are secured as user blocks, which are service areas managed by area definition area # 030Ch. The reason that the capacity written to the service definition area # 030Ch is one block less than 17 blocks is that the service definition area # 030Ch itself uses one block.

  When the service definition area # 030Ch is created, the free space in the area definition area # 0300h of the administrator C is reduced by 17 blocks allocated to the service definition area # 030Ch. That is, as described above, when the area definition area # 0300h is created, the free space is 17 blocks, but is reduced by 17 blocks to become 0 blocks as shown in FIG. .

  As described above, the administrator C can provide a service using the 16-block service area managed in the service definition area # 030Ch.

  As described above, since the EEPROM 66 is managed based on the area definition area storing the code range and the free space, the resource management of the IC card 2 can be performed. That is, it is possible to limit the capacity and identification code that can be used in a certain area definition area hierarchy.

  By the way, when the IC card is used for providing services by a plurality of managers, a DF as a hierarchy is assigned to each of the plurality of managers, and the DF is used as data for providing services by each manager. It is conceivable to store the EFs.

  However, in ISO7816 etc., it is difficult to limit the resources of the IC card such as the usable capacity and the identification code (corresponding to the file name and directory name) for identifying the DF and EF for each DF. It was.

  For this reason, it is possible to prevent the identification code from being duplicated between different administrators, or to restrict the administrator from using the memory built in the IC card beyond the capacity determined in advance by a contract or the like. It was difficult.

  Here, as described above, in the IC card 2 of the present embodiment, the EEPROM 66 is managed based on the area definition area in which the code range and the free space are stored. Management can be performed. That is, it is possible to limit the capacity and identification code that can be used in a certain area definition area hierarchy. As a result, for example, even if a certain administrator shares a part of the resources (here, usable capacity and identification code) assigned to the other administrator and shares the IC card 2, It is possible to prevent the identification code from being duplicated between different managers, and the manager from using the EEPROM 66 exceeding the capacity determined in advance by a contract or the like.

  Next, in the IC card 2, as described in FIG. 5, the storage area of the EEPROM 66 has a hierarchical structure with the area definition area as a hierarchy, and each area definition area and service definition area includes authentication. Key (in this embodiment, the area definition area or service definition area key is referred to as an area key or service key, respectively) is stored. As a result, flexible and highly secure access control to the IC card 2 It is possible to do.

  That is, by exchanging information as shown in FIG. 9 between the managers, for example, flexible and highly secure access control to the IC card 2 can be realized.

  Specifically, the administrator A who is also the issuer of the IC card 2 determines the system key to be stored in the system definition block of the EEPROM 66 (FIG. 4) and the area key of its own area definition area # 0000h. Are stored in the system definition block, and the area key # 0000h is stored in the area definition area # 0000h. Here, the area key of the area definition area #xxxxh is hereinafter referred to as area key #xxxxh as appropriate.

Further, the manager A is the system key, encrypted with the area key # 0000h, keep generating the area intermediate key K _A. As an encryption method, for example, DES (Data Encryption Standard), FEAL (Fast Data Encipherment Algolithm), or the like can be adopted.

Then, the administrator A is, its own resources, when to be given to the manager B1, the area intermediate key K _A, give the administrator B1. Furthermore, the administrator A determines the area key # 0100h of the administrator B1, and gives (distributes) it to the administrator B1 together with his area code # 0000h.

Accordingly, the manager B1 is able to recognize the area intermediate key K _A and its area key # 0100h, system key, and can not speak area key # 0000h of the manager A which is a parent recognizes . However, the area key # 0100h of the manager B1 is given by the parent manager A to the manager B1 who is a child, so the manager A who is the parent is the child manager B1. Area key # 0100h is recognized.

  The area key # 0100h given by the administrator A to the administrator B1 is written to the area definition area # 0100h in the area creation process (FIG. 7) of the area definition area # 0100h of the administrator B1.

The manager B1 is its parent area intermediate key K _A obtained from the manager A, encrypted by still area key # 0100h obtained from the manager A, should generate the area intermediate key K _B1.

Further, the manager A is the own resources, even when to be given to the manager B2, the area intermediate key K _A, giving the administrator B2. Furthermore, the manager A determines the area key # 1000h of the manager B2, and gives it to the manager B2 together with his area code # 0000h.

Therefore, the administrator B2 is able to recognize the area intermediate key K _A and its area key # 1000h, system key, and the parent manager A area key # 0000h can not recognize. However, the area key # 1000h of the administrator B2 is given to the administrator B2 who is the child by the parent administrator A, so the parent administrator A is the area of the child administrator B2. Key # 1000h is recognized.

  The area key # 1000h given by the administrator A to the administrator B2 is written to the area definition area # 1000h in the area creation process of the area definition area # 1000h of the administrator B2.

Administrators B2 is its parent area intermediate key K _A obtained from the manager A, encrypted by still area key # 1000h obtained from the manager A, should generate the area intermediate key K _B2.

On the other hand, when the administrator B1 assigns his / her resources to the administrator C, the administrator _B1 gives the area intermediate key _KB1 to the administrator C. Furthermore, the administrator B1 determines the area key # 0300h of the administrator C and gives it to the administrator C together with his area code # 0100h and the area code # 0000h of the parent administrator A.

Accordingly, the administrator C can recognize the area intermediate key K _B1 and his / her area key # 03000h, but cannot recognize the area key # 0100h of the parent administrator B1. However, the area key # 0100h is given by the parent administrator B1 to the child administrator C, and therefore the parent administrator B1 assigns the child administrator C area key # 0300h. It has recognized.

  The area key # 0300h given to the administrator C by the administrator B1 is written into the area definition area # 0300h in the area creation process of the area definition area # 0300h of the administrator C.

The administrator C encrypts the area intermediate key K _B1 obtained from the parent administrator B1 with the area key # 0300h obtained from the administrator B1 to generate the area intermediate key K _C.

Then, when the administrator A provides a service using the service area managed in the service definition area # 0008h created in the hierarchy of the area definition area # 0000h, as shown in FIG. The service key stored in the area # 0008h (the service key stored in the service definition area #xxxxh is hereinafter referred to as a service key #xxxxh as appropriate) is encrypted with the area intermediate key K _A , and the service intermediate key K _# to generate _0008h, together with the area intermediate key K _a, and registers the service providing apparatus 111. Further, the administrator A also sends the area code # 0000h of the area definition area # 0000h and the service code # 0008h of the service definition area # 0008h created in the hierarchy of the area definition area # 0000h to the service providing apparatus 111. sign up.

  Here, the service providing apparatus 111 includes, for example, the R / W 1 and the controller 3 in FIG. 1 and provides a predetermined service by reading and writing data in a predetermined service area.

  In this case, when the IC card 2 is attached to the service providing apparatus 111, mutual authentication is performed between the service providing apparatus 111 and the IC card 2 as follows.

  That is, the service providing apparatus 111 transmits the registered area code # 0000h and service code # 0008h to the IC card 2 as shown in FIG. The IC card 2 (sequencer 91) receives the area code # 0000h and the service code # 0008h from the service providing apparatus 111.

Then, in the IC card 2, the system key stored in the system definition block (FIG. 4) is read, and the area key # 0000h is read from the area definition area having the area code # 0000h received from the service providing apparatus 111. . Further, the system key is encrypted by the area key # 0000h, the result, the same key as the area intermediate key K _A registered in the service providing apparatus 111 of FIG. 10 is generated. The area the same key and the intermediate key K _A is the first access key (authentication key) K _bc used for certification.

Also, in the IC card 2, the service key # 0008h is read from the service definition area having the service code # 0008h received from the service providing apparatus 111. Then, in the service key # 0008h, the area intermediate key K _A is encrypted, so that the service intermediate key K _{# 0008h} same key as that registered in the service providing apparatus 111 of FIG. 10 is generated. The same key as the service intermediate key K _{# 0008h} is used as the second access key K _ac used for authentication.

Therefore, in this case, the service providing apparatus 111 is registered with the area intermediate key K _A or the service intermediate key K _{# 0008h} which is the first access key K _bc or the second access key K _ac. The area intermediate key K _A or the service intermediate key K _{# 0008h, which} is the first access key K _bc or the second access key K _ac , is generated.

  Then, the service providing apparatus 111 authenticates the IC card 2 as shown in FIG. 12, for example.

That is, the service providing apparatus 111 generates a random number and converts the random number according to the algorithm E1. That is, the random number is encrypted with the second access key _Kac (for example, DES encryption), and the encryption result is decrypted with the first access key _Kbc (for example, DES decryption). Further, the decryption result is encrypted with the second access key K _ac . The conversion result of the random number by the algorithm E1 is transmitted to the IC card 2.

In the IC card 2, the conversion result of the random number by the algorithm E1 from the service providing apparatus 111 is converted according to the algorithm D1. That is, the conversion result by the algorithm E1 is decrypted with the second access key _Kac , and the decryption result is encrypted with the first access key _Kbc . Further, the encryption result is decrypted with the second access key K _ac .

In the IC card 2, the conversion result by the algorithm D1 is further converted according to the algorithm E2. That is, the conversion result by the algorithm D1 is encrypted with the first access key _Kbc , while the first access key _Kbc is encrypted with the second access key _Kac . Then, the encryption result of the conversion result by the algorithm D1 with the first access key _Kbc is decrypted with the encryption result of the first access key _Kbc and the second access key _Kac . Further, the decryption result is encrypted with the first access key K _bc and transmitted to the service providing apparatus 111.

In the service providing apparatus 111, the conversion result by the algorithm E2 from the IC card 2 is converted according to the algorithm D2. That is, the conversion result by the algorithm E2 is decrypted with the first access key _Kbc , while the first access key _Kbc is encrypted with the second access key _Kac . Then, the decryption result of the conversion result by the algorithm E2 with the first access key _Kbc is encrypted with the encryption result of the first access key _Kbc with the second access key _Kac . Further, the encryption result is decrypted with the first access key _Kbc .

  Then, the service providing apparatus 111 authenticates the IC card 2 by comparing the original random number and the conversion result by the algorithm D2. That is, when the original random number matches the conversion result by the algorithm D2, the IC card 2 is recognized as appropriate, and when it does not match, the IC card 2 is inappropriate (for example, Forged).

  When the IC card 2 is recognized as being appropriate, the service providing apparatus 111 is authenticated in the IC card 2, for example, as shown in FIG.

  In other words, the IC card 2 generates a random number, which is converted according to the algorithm E2 and transmitted to the service providing apparatus 111.

  In the service providing apparatus 111, the conversion result of the random number by the algorithm E2 from the IC card 2 is converted according to the algorithm D2. Further, the conversion result by the algorithm D2 is converted according to the algorithm E1 and transmitted to the IC card 2.

  In the IC card 2, the conversion result by the algorithm E1 from the service providing apparatus 111 is converted in accordance with the algorithm D1, and the service providing apparatus 111 is authenticated by comparing the conversion result with the original random number. That is, when the original random number matches the conversion result by the algorithm D2, the service providing apparatus 111 is recognized as appropriate, and when the original random number does not match, the service providing apparatus 111 is inappropriate ( For example, it is recognized as a modified one).

  When both the IC card 2 and the service providing apparatus 111 are recognized as being appropriate, the IC card 2 is directed only to the service area managed by the service definition area having the service code transmitted from the service providing apparatus 111. Access is allowed. Accordingly, in the case described with reference to FIGS. 10 and 11, only the service area managed in the service definition area # 0008h can be accessed.

That is, the administrator A who knows the area intermediate key K _A , area code # 0000h, service key # 0008h, and service code # 0008h can access the service area managed in the service definition area # 0008h. . However, since the administrator A does not know the service key # 1022h or # 030Ch, basically, the administrator A cannot access the service area managed by the service definition area # 1022h or # 030Ch.

Next, when the administrator B2 provides a service using the service area managed in the service definition area # 1022h created in the hierarchy of its own area definition area # 1000h, as shown in FIG. The service key # 1022h stored in the service definition area # 1022h is encrypted with the area intermediate key K _B2 to generate the service intermediate key K _{# 1022h} and is registered in the service providing apparatus 111 together with the area intermediate key K _B2 . Then, the administrator B2 has the area code of the area definition area higher than the hierarchy of its own area definition area # 1000h, in this case, the area code # 0000h of the area definition area # 0000h of the administrator A, and The area code # 1000h of its own area definition area # 1000h and the service code # 1022h of the service definition area # 1022h created in the hierarchy of the area definition area # 1000h are also registered in the service providing apparatus 111.

  In this case, when the IC card 2 is attached to the service providing apparatus 111, mutual authentication is performed between the service providing apparatus 111 and the IC card 2 as follows.

  That is, the service providing apparatus 111 transmits the registered area codes # 0000h and # 1000h and the service code # 1022h to the IC card 2 as shown in FIG. The IC card 2 (sequencer 91) receives the area codes # 0000h and # 1000h and the service code # 1022h from the service providing apparatus 111.

In the IC card 2, the system key stored in the system definition block (FIG. 4) is read out, and the area key #from each area definition area having the area code # 0000h or # 1000h received from the service providing apparatus 111 is read. 0000h or # 1000h is read out. Further, the system key is encrypted by the area key # 0000h, as a result, the area intermediate key K _A same key is generated. Then, the same key as the area intermediate key K _A is encrypted with the area key # 1000h, and as a result, the same key as the area intermediate key K _B2 registered in the service providing apparatus 111 in FIG. 14 is generated. The The same key as the area intermediate key _KB2 is used as the first access key _Kbc used for authentication.

In the IC card 2, the service key # 1022h is read from the service definition area having the service code # 1022h received from the service providing apparatus 111. Then, in the service key # 1022h, the same key and the area intermediate key K _B2 is encrypted, so that generation service intermediate key K _# same key as _1022h registered in the service providing apparatus 111 of FIG. 14 Is done. The service intermediate key K _# same key and _1022h is a second access key K _ac used for certification.

Therefore, in this case, the service providing apparatus 111 is registered with the area intermediate key K _B2 or the service intermediate key K _{# 1022h} which is the first access key K _bc or the second access key K _ac. The area intermediate key K _B2 or the service intermediate key K _{# 1022h, which} is the first access key K _bc or the second access key K _ac , is generated.

  Then, mutual authentication is performed between the IC card 2 and the service providing apparatus 111 in the same manner as described with reference to FIGS.

  As a result of the mutual authentication, if both the IC card 2 and the service providing apparatus 111 are recognized as appropriate, the IC card 2 is managed by the service definition area having the service code transmitted from the service providing apparatus 111. Access to only the service area is permitted. Therefore, in the case described with reference to FIGS. 14 and 15, only the service area managed in the service definition area # 1022h can be accessed.

That is, the administrator B2 who knows the area intermediate key K _B2 , area code # 0000h, # 1000h, service key # 1022h, and service code # 1022h accesses the service area managed in the service definition area # 1022h. be able to. However, since the administrator B2 does not know the service key # 0008h or # 030Ch, basically, the administrator B2 cannot access the service area managed by the service definition area # 0008h or # 030Ch.

Next, when the administrator C provides a service using the service area managed in the service definition area # 030Ch created in the hierarchy of the area definition area # 0300h, as shown in FIG. The service key # 030Ch stored in the service definition area # 030Ch is encrypted with the area intermediate key K _C to generate the service intermediate key K _{# 030Ch,} and is registered in the service providing apparatus 111 together with the area intermediate key K _C. Then, the administrator C has the area code of the area definition area higher than the area definition area # 0300h, that is, in this case, the area code # 0000h of the area definition area # 0000h of the administrator A and the management code. The area code 0100h of the area definition area # 0100h of the user B1, the area code # 0300h of its own area definition area # 0300h, and the service code # 030Ch of the service definition area # 030Ch created in the hierarchy of the area definition area # 0300h Is also registered in the service providing apparatus 111.

  In this case, when the IC card 2 is attached to the service providing apparatus 111, mutual authentication is performed between the service providing apparatus 111 and the IC card 2 as follows.

  That is, the service providing apparatus 111 transmits the registered area codes # 0000h, # 0100h, and # 0300h and the service code # 030Ch to the IC card 2, as shown in FIG. The IC card 2 (sequencer 91) receives the area codes # 0000h, # 0100h, and # 0300h and the service code # 030Ch from the service providing apparatus 111.

Then, in the IC card 2, the system key stored in the system definition block (FIG. 4) is read, and the area definition areas having the area codes # 0000h, # 0100h, or # 0300h received from the service providing apparatus 111, respectively. Area key # 0000h, # 0100h, or # 0300h. Further, the system key is encrypted by the area key # 0000h, as a result, the area intermediate key K _A same key is generated. Also, the same key as the area intermediate key K _A is encrypted with the area key # 0100h, and as a result, the same key as the area intermediate key K _B1 is generated. Then, the same key as the area intermediate key K _B1 is encrypted with the area key # 0300h, and as a result, the same key as the area intermediate key K _C registered in the service providing apparatus 111 in FIG. 16 is generated. The The same key as the area intermediate key K _C is the first access key K _bc used for authentication.

Further, in the IC card 2, the service key # 030Ch is read from the service definition area having the service code # 030Ch received from the service providing apparatus 111. Then, the area intermediate key K _C is encrypted with the service key # 030Ch, and as a result, the same key as the service intermediate key K _{# 030Ch} registered in the service providing apparatus 111 in FIG. 16 is generated. The same key as the service intermediate key K _{# 030Ch} is used as the second access key K _ac used for authentication.

Therefore, in this case, the service providing apparatus 111 is registered with the area intermediate key K _C or the service intermediate key K _{# 030Ch} , which is the first access key K _bc or the second access key K _ac , respectively. Then, an area intermediate key K _C or a service intermediate key K _{# 030Ch that} is the first access key K _bc or the second access key K _ac is generated.

  Then, mutual authentication is performed between the IC card 2 and the service providing apparatus 111 in the same manner as described with reference to FIGS.

  As a result of the mutual authentication, if both the IC card 2 and the service providing apparatus 111 are recognized as appropriate, the IC card 2 is managed by the service definition area having the service code transmitted from the service providing apparatus 111. Access to only the service area is permitted. Accordingly, in the case described with reference to FIGS. 16 and 17, only the service area managed in the service definition area # 030Ch can be accessed.

That is, the administrator C who knows the area intermediate key K _C , area code # 0000h, # 0100h, # 0300h, service key # 030Ch, and service code # 030Ch is a service area managed in the service definition area # 030Ch. Can be accessed. However, since the administrator C does not know the service keys # 0008h and # 1022Ch, basically, the administrator C cannot access the service areas managed in the service definition areas # 0008h and # 1022Ch.

  As described above, the administrator can access his / her service area without knowing the area key of the higher hierarchy.

  By the way, as described above, each administrator cannot access the service area managed by the service definition area that does not know the service key. For example, the administrator C can access the service definition area # 030Ch. In addition to services that use managed service areas, there are cases where it is desirable to provide services that use service areas managed by the service definition area # 1022h of the administrator B2.

In this case, in order for the administrator C to access the service area managed by the service definition area # 1022h, as described with reference to FIGS. 14 and 15, the area intermediate key K _B2 , area codes # 0000h, # 1000h, It is necessary to know the service key # 1022h and the service code # 1022h. Therefore, it is simply necessary to have the administrator B2 teach these pieces of information.

  However, the service key # 1022h that the administrator B2 knows cannot be known even by the parent administrator A, and such a service key # 1022h that only the administrator B2 knows can be given to the administrator C. It is not preferable from a security point of view.

In this case, even if the security problem is ignored, in order for the administrator C to access both of the two service areas respectively managed by the service definition area # 030Ch or # 1022h, in the IC card 2, 15, the first access key K _bc and the second access key K _ac are generated, and mutual authentication for access to the service area managed by the service definition area # 030Ch is performed. generates the first access key K _bc and the second access key K _ac by performing the processing described in FIG. 17, it is necessary to perform mutual authentication for access to the service area managed by the service defining area # 1022h is there.

  Accordingly, when mutual authentication is performed for each service area to access the service area, it is difficult to quickly access each service area. As a result, for example, the card system of FIG. If the commuter passes the gate provided at the ticket gate, the commuter accesses the predetermined service area of the IC card 2 and writes data in a relatively short time, or It becomes difficult to read.

  Therefore, for example, the administrator C performs a service using the service area managed by the service definition area # 1022h of the administrator B2 in addition to the service using the service area managed by the own service definition area # 030Ch. In this case, in order to solve the security problem and ensure quick access to the service area, information is exchanged with the managers C and B2, for example, as shown in FIG. Registration with the service providing apparatus 111 is performed.

That is, as in the case of FIG. 16, the administrator C encrypts the service key # 030Ch stored in the service definition area # 030Ch with the area intermediate key K _C to generate the service intermediate key K _{# 030Ch} . Furthermore, the administrator C passes this service intermediate key K _{# 030Ch} to the administrator B2, and encrypts it with the service key # 1022h. The manager C the service intermediate key K _{# 030Ch,} the service intermediate key K _{# 1022h 'is} an encryption result of the service key # 1022h, it receives together with the service code # 1022h.

Therefore, the _only keys exchanged between the administrators C and B2 are the service intermediate keys K _{# 030Ch} and K _{# 1022h '} , and the service key # _{030Ch that} only the administrator C knows knows to the administrator B2. In addition, the service key # 1022h that only the administrator B2 knows is not known to the administrator C. That is, there is no security problem.

The administrator C who has received the service intermediate key K _{# 1022h ′} and the service code # 1022h from the administrator B2, together with them, the area code of the area definition area higher than the hierarchy of its own area definition area # 0300h, that is, In this case, the area code # 0000h of the area definition area # 0000h of the administrator A, the area code 0100h of the area definition area # 0100h of the administrator B1, and the area code # 0300h of the area definition area # 0300h of the administrator A Register with the providing device 111. Furthermore, the administrator C also registers in the service providing apparatus 111 the area intermediate key K _C and the service code # 030Ch of the service definition area # 030Ch created in the hierarchy of the area definition area # 0300h.

  In this case, when the IC card 2 is attached to the service providing apparatus 111, mutual authentication is performed between the service providing apparatus 111 and the IC card 2 as follows.

  That is, the service providing apparatus 111 transmits the registered area codes # 0000h, # 0100h, and # 0300h and the service codes # 030Ch and # 1022h to the IC card 2, as shown in FIG. The IC card 2 (sequencer 91) receives the area codes # 0000h, # 0100h, and # 0300h and the service codes # 030Ch and # 1022h from the service providing apparatus 111.

Then, in the IC card 2, the system key stored in the system definition block (FIG. 4) is read, and the area definition areas having the area codes # 0000h, # 0100h, or # 0300h received from the service providing apparatus 111, respectively. The area key # 0000h, # 0100h, or # 0300h is read from the same area, and the same key as the area intermediate key K _C registered in the service providing apparatus 111 in FIG. Generated. The same key as the area intermediate key K _C is the first access key K _bc used for authentication.

In the IC card 2, the service key # 030Ch or # 1022h is read from each service definition area having the service code # 030Ch or # 1022h received from the service providing apparatus 111. First, the area intermediate key K _C is encrypted with the service key # 030Ch, and as a result, the same key as the service intermediate key K _{# 030Ch} is generated. Further, the same key as the service intermediate key K _# 030Ch is encrypted with the service key # 1022h, and the same key as the service intermediate key K _{# 1022h ′} registered in the service providing apparatus 111 of FIG. 18 is generated. The The same key as the service intermediate key K _{# 1022h ′} is used as the second access key K _ac used for authentication.

Therefore, in this case, the service providing apparatus 111 is registered with the area intermediate key K _C or the service intermediate key K _{# 1022h ′} , which is the first access key K _bc or the second access key K _ac , and the IC card 2 Then, the area intermediate key K _C or the service intermediate key K _{# 1022h ′ which} is the first access key K _bc or the second access key K _ac is generated.

  Then, mutual authentication is performed between the IC card 2 and the service providing apparatus 111 in the same manner as described with reference to FIGS.

  As a result of the mutual authentication, if both the IC card 2 and the service providing apparatus 111 are recognized as appropriate, the IC card 2 is managed by the service definition area having the service code transmitted from the service providing apparatus 111. Access to only the service area is permitted. Accordingly, in the case described with reference to FIGS. 18 and 19, it is possible to access the service area managed in the service definition area # 030Ch and the service area managed in the service definition area # 1022Ch.

As described above, by encrypting the system key with two or more area keys or service keys, the two or more area keys or service keys are converted into two first access keys K _bc and second access keys K _ac. To the service area managed by the service definition area having the service code transmitted from the service providing apparatus 111 using the first access key _Kbc and the second access key _Kac . Since mutual authentication is performed to allow access, even when access to multiple service definition areas is targeted, mutual authentication can be completed in a short time. Quick access can be ensured.

In the case described with reference to FIGS. 12 and 13, the mutual authentication process is performed using the two keys of the first access key _Kbc and the second access key _Kac. It is also possible to use only the key K _ac . In this case, in the IC card 2, by encrypting the system key with two or more area keys or service keys, the two or more area keys or service keys are degenerated into one second access key _Kac. It will be.

For mutual authentication, as shown in FIG. 20, the first access key K _bc and the second access key K _ac are values unique to the IC card 2, for example, a manufacturing ID stored in a manufacturing ID block. It is also possible to use the encryption result encrypted by the above. Here, in FIG. 20, the first access key K _bc is encrypted by being EXORed with the manufacturing ID, and the second access key K _ac is encrypted by the DES method. Has been done. Note that the second access key K _ac can be encrypted by the DES method using the EXOR result of the first access key K _bc and the manufacturing ID as a key.

As described above, when the encrypted result obtained by encrypting the first access key _Kbc and the second access key _Kac is used for mutual authentication, the security can be further improved. In this case, the service providing apparatus 111 needs a manufacturing ID, which may be transmitted from the IC card 2.

  Next, the storage area of the EEPROM 66 has a hierarchical structure with the area definition area as a hierarchy, and each area definition area and service definition area stores an area key and a service key for authentication. As a result, for example, the following flexible access control can be performed.

  That is, for example, when a certain administrator is a parent administrator and a child administrator who has been assigned the resource is performing an illegal service, etc. and wants to stop providing that service, the parent administrator The administrator can prohibit access to the IC card 2 by the child administrator by changing the area key stored in the area definition area.

Specifically, for example, in FIG. 5, when the administrator B1 stops providing the service by the administrator C, the area key # 0100h stored in the area definition area # 0100h of the IC card 2 is changed. In this case, in FIG. 17, since the area intermediate key K _B1 generated in the IC card 2 and further the area intermediate key K _C are changed, the administrator who knows only the area intermediate key K _C before the change. C cannot access the service definition area # 030Ch.

  Note that the administrator B1 who is the parent administrator of the administrator C and the administrator A who is the parent administrator also change the area key # 0000h stored in the area definition area # 0000h. Access to the service definition area # 030Ch can be prohibited. However, in this case, the manager B2 who is a child of the manager A cannot access the service area managed by the own service definition area # 1022h. That is, when a certain administrator changes the area key, the area definition area of the hierarchy (child hierarchy, grandchild hierarchy,...) Within the area definition area hierarchy manages. Access to the service definition area becomes impossible.

  In FIGS. 18 and 19, the case where the administrator C shares the service definition area # 1022h of the administrator B2 (service area managed by the administrator B2) with the administrator B2 has been described. It is possible to share a service definition area having a more complicated relationship between managers.

  Specifically, for example, assume that the EEPROM 66 has a hierarchical structure as shown in FIG. That is, in FIG. 21, as a child layer of the area definition area # 0000h of the administrator A who is also the issuer of the IC card 2, the area definition area # 5000h of the administrator E and the area definition area # of the administrator G 7000h is created. Furthermore, service definition areas # 5008h, # 5048h, # 5088h, and # 50C8h are created in the hierarchy of area definition area # 5000h of administrator E, and area definition area # 6000h of administrator F is created. ing.

  Further, service definition areas # 6008h and # 6048h are created in the hierarchy of the area definition area # 6000h of the administrator F, and service definition areas # 7008h and # 6048h are created in the hierarchy of the area definition area # 7000h of the administrator G. # 70C8h is created.

  In the hierarchical structure as described above, as shown in FIG. 22A, the administrator A encrypts the system key with the area key # 0000h, and the administrator E who is the child administrator manages the encrypted result. And to G.

As shown in FIG. 22B, the administrator E encrypts the encryption result of the system key from the administrator A with the area key # 0000h with the area key # 5000h. The first access key K _E1 is used. Further, the administrator E sequentially encrypts the first access key K _E1 (encryption result by the area key # 5000h) with the service keys # 5008h, # 5048h, # 5088h, # 50C8h, and the final encryption result _Is used as the second access key K _E2 .

Further, as shown in FIG. 22C, the administrator F receives the first access key K _E1 (encryption result with the area key # 5000h) from the administrator E, and encrypts it with the area key # 6000h. The encryption result is taken as a first access key K _F1 . Further, the administrator F sequentially encrypts the first access key K _F1 (encryption result using the area key # 6000h) using the service keys # 6008h and # 6048h. Then, the result of the encryption is transferred to the manager E, and sequentially encrypted with service keys # 5048h and # 5088h. Thereafter, the administrator F receives the encryption result from the administrator E, passes it to the administrator G, and encrypts it with the service key # 70C8h. Then, the administrator F obtains the encryption result from the administrator G and uses it as the second access key K _F2 .

On the other hand, as shown in FIG. 22D, the administrator G encrypts the encryption result of the system key from the administrator A with the area key # 0000h with the area key # 7000h, and the encryption result _Is used as the first access key KG1. Further, the administrator G sequentially encrypts the first access key K _G1 (encryption result using the area key # 7000h) with the service keys # 7008h and # 70C8h, and sends the final encryption result to the administrator F. Pass it and have it encrypted with service key # 6048h. Thereafter, the administrator G gives the administrator E the result of encryption using the service key # 6048 by the administrator F and sequentially encrypts the result using the service keys # 5088h and # 50C8h. Then, the administrator G obtains the encryption result from the administrator E and uses it as the second access key _KG2 .

  In this case, in the IC card 2, the system key is encrypted using the area key and service key stored in the EEPROM 66 in the same procedure as described in FIG. 22, and the first access key and the second access key are encrypted. 23, the service definition areas as shown in FIG. 23 can be shared between the managers E, F, and G.

  That is, the administrator E can access only his / her own service definition areas # 5008, # 5048h, # 5088h, and # 50C8h. In addition to accessing his / her own service definition areas # 6008h and # 6048h, the administrator F can access the service definition areas # 5048h and # 5088h of the administrator E and the service definition area # 70C8h of the administrator G. Become. The administrator G can access his / her service definition areas # 7008h and # 70C8h, and can also access the service definition areas # 5088h and # 50C8h of the administrator E and the service definition area # 6048h of the administrator F. Become.

  In the delivery of keys as shown in FIG. 22, the service key of a certain manager is not known to other managers. That is, the service key # 5008h, # 5048h, # 5088h, # 50C8h of the manager E is not known to the managers F and G as well as the parent manager A. Similarly, the service keys # 6008h and # 6048h of the administrator F are not known to the managers E and G, and the service keys # 7008h and # 70C8h of the manager G are known to the managers E and F. There is no.

  In addition, as described above, when a certain administrator changes the area key, access to all service definition areas managed by the area definition area in the area definition area hierarchy is not allowed. In other words, when the parent manager changes the area key, the child manager cannot access the IC card 2. However, depending on the key management method, a specific child It is possible to prohibit access only by the administrator of the system.

  Specifically, for example, assume that the EEPROM 66 has a hierarchical structure as shown in FIG. That is, in FIG. 24, as a child hierarchy of the area definition area # 0000h of the administrator A who is also the issuer of the IC card 2, the area definition area # 8000h of the administrator H and the area definition area # 9000h of the administrator I And the area definition area # A000h of the administrator J are created. Furthermore, service definition areas # 8008h, # 8104h, and # 8105h are created in the hierarchy of the area definition area # 8000h of the administrator H.

  In the hierarchical structure as described above, as shown in FIG. 25A, the administrator A encrypts the system key with the area key # 0000h, and the result of the encryption is the administrator I who is the child administrator. And to J.

As shown in FIG. 25C, the administrator I encrypts the encryption result of the system key from the administrator A with the area key # 0000h with the area key # 9000h, and the encryption result is The first access key K _I1 is used. Furthermore, the administrator I passes the first access key K _I1 (encryption result by the area key # 9000h) to the administrator H, and sequentially uses the service keys # 8008h and # 8104h as shown in FIG. Get encrypted. Then, the administrator I uses the encryption result as the second access key K _I2 as shown in FIG.

Further, as shown in FIG. 25D, the administrator J encrypts the encryption result of the system key from the administrator A with the area key # 0000h with the area key # A000h, and the encryption result _Is used as the first access key K _J1 . Further, the administrator J passes the first access key K _J1 (encryption result using the area key # A000h) to the administrator H, and sequentially uses the service keys # 8008h and # 8105h as shown in FIG. Get encrypted. Then, the administrator J uses the encryption result as the second access key K _J2 as shown in FIG.

  In this case, in the IC card 2, the system key is encrypted using the area key and service key stored in the EEPROM 66 in the same procedure as described in FIG. 25, and the first access key and the second access key. The administrator I can access the service definition areas # 8008h and # 8104h of the administrator H, and the administrator J can access the service definition areas # 8008h and # 8105h of the administrator H. Are possible.

  On the other hand, the administrator H creates a service definition area # 8008h to share data with the administrators I and J, and sets the service definition area # 8104h or # 8105h as the administrator I or J, respectively. It is created as a dummy service definition area for controlling access to the service definition area # 8008h. Accordingly, the service area managed by the service definition areas # 8104h and # 8105h is not necessary, and the capacity thereof may be 0 block.

In this case, for example, when the administrator H changes the service key # 8104h, the administrator I who uses the service key # 8104h to generate the second access key K _{I2 and} performs authentication in the IC card 2 Cannot access service definition area # 8008h. That is, only access to the service definition area # 8008h by the administrator I is prohibited. On the other hand, when the administrator H changes the service key # 8105h, for example, the administrator J who is authenticated by generating the second access key K _J2 using the service key # 8105h in the IC card 2 The service definition area # 8008h cannot be accessed. That is, only access to the service definition area # 8008h by the administrator J is prohibited.

  As described above, by using the dummy service definition area, it is possible to prohibit access by only a specific child administrator.

  As described above, the case where the present invention is applied to a non-contact card system in which communication is performed in a non-contact manner has been described. The scope of application of the present invention is not limited to the card system.

  In the present embodiment, authentication is performed by a so-called secret key method, but authentication can also be performed by a so-called public key method.

  Further, in this embodiment, when accessing a service definition area in a certain area definition area, the area definition area area keys on the path from the area definition area hierarchy to the highest hierarchy are sequentially used. Although the first access key is generated, the method for generating the first access key is not limited to this. Furthermore, in the present embodiment, the second access key is generated by sequentially using the service key of the service definition area to be accessed, but the method of generating the second access key is not limited to this. Absent. That is, the first access key and the second access key can be generated by sequentially using any two or more area keys or service keys.

  Furthermore, in this embodiment, both the user block and the system block are stored in the EEPROM 66 which is one memory. However, the user block and the system block are physically stored in separate memories. It is possible to

  In this embodiment, data is stored in the EEPROM. However, the present invention can also be applied to a semiconductor memory other than the EEPROM, a magnetic disk, or the like.

  According to the data storage device and the data storage method described in the present embodiment, the range of the storage area identification code for identifying the storage area that can be assigned to the management target storage area, and the free space of the management target storage area The storage means is managed based on the storage contents of the area definition area of the storage means having the area definition area for storing the capacity. Therefore, it is possible to perform resource management of the storage means.

  According to the data storage device and the data storage method described in the present embodiment, the storage area of the data storage means is managed in a hierarchical structure, and the hierarchy key for each hierarchy of the storage area of the data storage means Alternatively, two or more data storage area keys for a storage area in which data is stored are used to generate one or more authentication keys used for authentication, and authentication is performed based on the authentication keys. Therefore, it is possible to perform flexible and high-security access control for the data storage means.

It is a block diagram which shows the structural example of one Embodiment of the card system to which this invention is applied. It is a block diagram which shows the structural example of the reader / writer 1 of FIG. It is a block diagram which shows the structural example of IC card 2 of FIG. It is a figure which shows the logical format of EEPROM66 of FIG. It is a figure which shows the directory structure of EEPROM66 of FIG. It is a figure for demonstrating the process in which the hierarchical structure of FIG. 5 is comprised. It is a flowchart for demonstrating an area creation process. It is a flowchart for demonstrating a service creation process. It is a figure for demonstrating delivery of the key between administrators. It is a figure for demonstrating information required when the administrator A provides a service. It is a figure for demonstrating the process of the IC card 2 when the administrator A provides a service. It is a figure for demonstrating the authentication method of IC card 2 by the service provision apparatus 111. FIG. It is a figure for demonstrating the authentication method of the service provision apparatus 111 by IC card 2. FIG. It is a figure for demonstrating information required when the administrator B2 provides a service. It is a figure for demonstrating the process of IC card 2 when the administrator B2 provides a service. It is a figure for demonstrating information required when the administrator C provides a service. It is a figure for demonstrating the process of the IC card 2 when the administrator C provides a service. It is a figure for demonstrating information required when the administrator C provides a service. It is a figure for demonstrating the process of the IC card 2 when the administrator C provides a service. It is a figure for demonstrating the production | generation method of the 1st access key used for mutual authentication, and a 2nd access key. 2 is a diagram showing a hierarchical structure in an EEPROM 66. FIG. It is a figure for demonstrating delivery of the key between administrators. It is a figure for demonstrating sharing of the service (data) between administrators. 2 is a diagram showing a hierarchical structure in an EEPROM 66. FIG. It is a figure for demonstrating delivery of the key between administrators.

Explanation of symbols

  1 Reader / Writer, 2 IC Card, 3 Controller, 21 IC, 23 Modulation Circuit, 25 Demodulation Circuit, 27 Antenna, 51 IC, 52 Capacitor, 53 Antenna, 61 RF Interface Unit, 62 BPSK Demodulation Circuit, 63 PLL Unit, 64 Arithmetic unit, 65 ROM, 66 EEPROM, 67 RAM, 68 BPSK modulation circuit, 81 ASK demodulation unit, 82 voltage regulator, 83 oscillation circuit, 84 ASK modulation unit, 91 sequencer, 92 encryption / decryption unit, 93 parity calculation unit, 101 Ticketing machine, 111 Service providing device

Claims (12)

A data storage device for storing data for providing a predetermined service,
Data storage means for storing the data;
Management means for managing the storage area of the data storage means in a hierarchical structure;
Hierarchical key storage means for storing a hierarchical key for each hierarchy in the storage area of the data storage means;
Data storage area key storage means for storing a data storage area key for the storage area in which the data is stored;
For generation information for generating one or more authentication keys used for authentication for accessing the storage area, the hierarchy key or access target for a hierarchy higher than the hierarchy of the storage area to be accessed Generating means for generating the authentication key obtained by encryption using the data storage area key for the storage area in a predetermined order ;
Data storage device and a authentication process execution means that perform first authentication process using the generated the authentication key is. A communication means for communicating with the external device;
The data storage device according to claim 1, wherein the authentication process execution unit further causes the external device to execute a second authentication process using the generated authentication key . The authentication processing execution means determines whether the data storage device is an appropriate communication target using the authentication key, and authenticates the data storage device when it is determined that the data storage device is an appropriate communication target. When causing the external device to execute the second authentication process, a first conversion result obtained by applying a first conversion algorithm using the authentication key to transmission information transmitted from the external device The data storage device according to claim 2 , wherein a second authentication process is executed by executing a transmission process for transmitting the data to the external device. The authentication processing execution means determines whether the external device is a proper communication target using the authentication key, and authenticates the external device when it is determined that the external device is a proper communication target . When executing the first authentication process, the first process includes a transmission process for transmitting a second conversion result obtained by applying a second conversion algorithm using the authentication key to predetermined information to the external device . The data storage device according to claim 3, wherein authentication processing 1 is executed. The external device holds in advance another authentication key to be used when performing the second authentication process, generates a random number, and uses the other authentication key for the generated random number. A third conversion result obtained by applying the conversion algorithm 3 is transmitted as the transmission information to the authentication processing execution means;
The authentication processing execution means uses the first conversion result obtained by applying the first conversion algorithm using the authentication key to the transmission information transmitted from the external device, and displays the first conversion result as the external device. The data storage device according to claim 3, wherein the transmission processing to be transmitted is executed. The authentication process executing means includes
A random number is generated as the predetermined information, and the second conversion result obtained by applying the second conversion algorithm using the authentication key to the generated random number is transmitted to the external device,
A fourth conversion obtained by applying a fourth conversion algorithm using the authentication key to other transmission information transmitted from the external device in response to receiving the second conversion result Determine whether the result matches the random number;
The data storage device according to claim 4, wherein when it is determined that the fourth conversion result matches the random number, the first authentication process is performed to authenticate the external device as an appropriate communication target. The generation means encrypts the generation information for generating the authentication key by sequentially using the hierarchy key for the hierarchy on the path up to the hierarchy of the storage area to be accessed, thereby The data storage device according to claim 1, wherein a first authentication key is generated as the authentication key. The generating means encrypts the first authentication key by sequentially using the data storage area key for the data storage area to be accessed, thereby providing a second authentication different from the first authentication key. The data storage device according to claim 7, wherein a key is generated. The data storage device according to claim 1, wherein the data storage unit, the hierarchical key storage unit, and the data storage area key storage unit are configured by a nonvolatile memory. A communication means for communicating with the external device;
First reading means for reading out the hierarchical key used to generate the authentication key out of a plurality of hierarchical keys stored in the hierarchical key storage means based on information from the external device;
Based on information from the external device, a second data storage area key that is used to generate the authentication key out of a plurality of data storage area keys stored in the data storage area key storage means is read out. A reading means, and
The data storage device according to claim 1, wherein the generation unit generates the authentication key based on the read hierarchical key and the data storage area key. The data storage device according to claim 2, wherein the communication unit performs communication in contact with or non-contact with the external device. A data storage method of a data storage device for storing data for providing a predetermined service,
The data storage device comprises:
Data storage means for storing the data;
Management means for managing the storage area of the data storage means in a hierarchical structure;
Hierarchical key storage means for storing a hierarchical key for each hierarchy in the storage area of the data storage means;
Data storage area key storage means for storing a data storage area key for the storage area in which the data is stored;
Generating means;
An authentication processing execution means, and
For the generation information for generating one or more authentication keys used by the generation means for authentication for accessing the storage area, the hierarchy for a hierarchy above the hierarchy of the storage area to be accessed Generating the authentication key obtained by encryption using the data storage area key for the key or the storage area to be accessed in a predetermined order ;
The authentication process executing means, data storing method comprising the authentication process execution step to run a first authentication process using the generated the authentication key.

Images