JPH0250287A - Portable electronic device - Google Patents

Abstract

PURPOSE:To attain an access with a same area as a subject in an access to use a different area number and an access to the same area between different applications by causing the propriety condition of the access to be respectively different at the time of the access to identifying information. CONSTITUTION:Function is provided to share the physical position information of one area with the plural area numbers (the identifying information) and to make the propriety condition of the access respectively different at the time of the access to those area numbers. Thus, in the access to use the different area number, the access to define the same area as the subject or the access to the sane area between the different applications can be attained. Then, the respective access conditions can be made different respectively.

Description

[Detailed Description of the Invention] [Object of the Invention] (Industrial Application Field) The present invention provides an integrated circuit (IC) chip having a non-volatile memory and a control element such as a CPU.
The present invention relates to a portable electronic device called an IC card, and particularly to a portable electronic device with an improved area access method for its memory.

(Prior Art) Recently, a so-called IC card has been developed as a new portable data storage medium, which has a built-in IC chip having an erasable non-volatile memory and a control element such as a CPU.

This type of IC card has multiple PIN numbers registered, and by internally comparing the PIN number input from the outside with the registered PIN number, only if the verification result is positive, the internal Determine the means by which memory can be accessed. As a result, it is positioned as a highly confidential data storage medium.

In terms of operation, the memory is divided into multiple areas to accommodate various applications, and each area is accessed logically. Therefore, since the physical data storage location in the memory is not known to the outside world, confidentiality is also increased in this respect.

Moreover, since access is performed logically, memory management from the outside is facilitated.

In addition, each area of the memory is assigned area-specific identification information called an area number, and by specifying this in the command data, the IC card identifies which area is to be accessed and physically Access is performed by recognizing the location etc.

However, in conventional IC cards, area numbers are assigned in one-to-one correspondence to each area physically arranged on the memory. For this reason, for example, depending on the application, it is impossible to access the same area when accessing with different area numbers, and it is also impossible, for example, to access the same area between different applications. It was possible.

Therefore, in order to realize such a usage method, a method of sharing area definition information that defines memory areas may be considered. By sharing area definition information, it is possible to access the same area even if the area numbers or applications are different.

However, the area definition information also includes information that defines access conditions for the area, and if this is also shared, it becomes impossible to realize unique access conditions for the operation of individual applications, for example.

One possible way to achieve this is to manually set different access conditions when sharing area definition information. However, depending on the operation of the application, there may be cases where you want to make the access conditions the same, so in order to achieve this, it is necessary to change the access conditions assigned to the area to be shared when sharing area definition information. There are also inconveniences such as having to confirm by some method and setting the same access conditions.

(Problems to be Solved by the Invention) As described above, the present invention solves the problem that it is impossible to access the same area using different area numbers, or to access the same area between different applications. This was created to solve the problem, and it is now possible to access the same area using different area numbers, or to access the same area between different applications, and to set each access condition individually. The objective is to provide a configurable portable electronic device.

[Structure of the Invention] (Means for Solving the Problem) A portable electronic device according to the first invention has a memory section and a control section for accessing the memory section, and selectively The memory section is divided into a plurality of areas, each of which is individually assigned identification information, and by inputting the identification information from the outside, A portable electronic device for uniquely selecting an area to be accessed from among the plurality of areas, the first means for selecting an area in which at least two of the identification information are physically the same; and second means for differentiating access permission conditions when accessing the two pieces of identification information.

A portable electronic device according to a second aspect of the invention includes a memory section and a control section for accessing the memory section, selectively inputting and outputting data to and from the outside, and wherein the memory section It is divided into multiple areas, each of which is individually assigned identification information, and by inputting the identification information from the outside, it is possible to uniquely identify the area to be accessed among the multiple areas. a first means for selecting an area in which at least two pieces of the identification information are physically the same; and a third means for making the availability conditions the same.

A portable electronic device according to a third aspect of the invention includes a memory section and a control section for accessing the memory section, selectively outputs data to and from the outside, and the memory section It is divided into multiple areas, each of which is individually assigned identification information, and by inputting the identification information from the outside, it is possible to uniquely identify the area to be accessed among the multiple areas. a first means for selecting an area in which at least two of said identification information are physically the same; A second means for setting different permission conditions, a third means for setting the same access permission conditions when the two pieces of identification information are accessed by the first means, and using these second means. and a fourth means for selecting whether to use the third means or the third means.

(Operation) The portable electronic device according to the first invention shares the physical location information of one area with a plurality of area numbers (identification information), and sets the access permission conditions when accessing those area numbers. By providing a function to make each area different, it is possible to access the same area using different area numbers, or to access the same area between different applications, and to make each access condition different. becomes possible.

A portable electronic device according to a second aspect of the present invention has a function of sharing physical location information of one area with a plurality of area numbers, and making the access permission conditions the same when accessing those area numbers. It is now possible to access the same area using different area numbers, or to access the same area between different applications, and it is possible to make each access condition the same. becomes.

The portable electronic device according to the third invention shares the physical location information of one area with a plurality of area numbers, and when accessing those area numbers, the access permission conditions are different or the same. It is possible to access the same area by using different area numbers, or to access the same area between different applications. It is possible to arbitrarily set the access conditions to be different or the same.

(Example) Hereinafter, an example of the present invention will be described with reference to the drawings.

FIG. 15 shows an IC as a portable electronic device according to the present invention.
This figure shows an example of the configuration of a terminal device that handles cards. That is, this terminal device allows an IC card 1 to be connected to a control section 3 consisting of a CPU, etc. via a card league writer 2, and also connects a keyboard 4, a CRT, etc. to the control section 3.
It is constructed by connecting a display device 5, a printer 6, and a floppy disk device 7.

The IC card 1 is held by the user and is used to refer to a personal identification number known only to the user when purchasing products, etc., and to store necessary data. For example, the functional blocks of the IC card 1 are shown in Fig. 14. As such, read/write section 1
1, a password setting/password verification section 12, an encryption/decryption section 13, and other sections that execute basic functions, and a supervisor 14 that manages these basic functions.

The read/write unit 11 has a function of reading, writing, or erasing data from the data memory 16 or the like.

The password setting/password verification unit 12 has a function of storing the password set by the user and prohibiting reading of the password, as well as verifying the password after setting the password and granting permission for subsequent processing.

The encryption/decryption unit 13 is configured to encrypt, encrypt, or encrypt data to prevent leakage or forgery of communication data when transmitting data from the control unit 3 to another terminal device via a communication line, for example. For example, D
ES (DataEncrypt, tion 5tand
This is a function that processes data according to an encryption algorithm with sufficient cryptographic strength, such as ard).

The supervisor 14 has the function of decoding the function code input from the card league writer 2 or the function code to which data is added, and selecting and executing a necessary function among the basic functions.

In order to exhibit these various functions, the IC card 1:
For example, as shown in FIG. 13, a control element (control section) 15 such as a CPU, a data memory (memory section) 16, a program memory 17, and a contact section 18 for making electrical contact with the card league writer 2. Of these, the control cable 15, data memory 16, and program memory 17 are composed of one IC chip (or a plurality of IC chips) and are embedded in the IC card body.

The program memory 17 is composed of, for example, a mask ROM, and stores a control program for the control element 15 including subroutines for realizing each of the basic functions described above.

The data memory 16 is used to store various data, and is composed of erasable nonvolatile memory such as EEFROM.

The data memory 16 is divided into a plurality of areas, for example, as shown in FIG. It is roughly divided into a group tip address storage area 164.

The directory control information storage area 161 is an area for storing directory control information caused by the memory structure, and is configured as shown in FIG. 2, for example. The directory control information consists of a directory name, directory identification information, and directory access condition information, as shown in FIG.

Here, the directory access condition information is used as information for determining availability when performing area registration or area link registration. For example, the directory access condition information is used as information for determining availability when performing area registration or area link registration. The key information verification status of the provider is used.

The area definition information storage area 162 is an area for storing area definition information that defines the location of areas under the directory, which is also caused by the memory structure, and is configured as shown in FIG. 1, for example. As shown in Figure 1, the area definition information includes directory identification information, area number (identification information), area start address information, area size information, area link information, link destination specification information, access condition selection information, and access condition information. It consists of

Here, the directory identification information indicates to which directory the area defined by the area definition information belongs, and is associated with the directory identification information given corresponding to each directory name in Figure 2. There is.

Note that if this directory identification information is "00", it is identified as not belonging to any directory.

The area number is identification information for specifying an area when accessing an area under the directory.

The area start address information and the area size information indicate which part of the area group storage area 163 shown in FIG. 3 is physically occupied by the area defined by the area definition information.

The area link information is for identifying whether the area defined by the area definition information is area-registered or area link-registered. If the area link has been registered, "00" will be given, and the link destination designation information added after that will be invalidated, and if the area link has been registered, "01" will be given, and the link destination specification information added after that will be invalidated. The area start address information and area size information are invalid.

The link destination designation information is information indicating which area the area defined by the area definition information is linked to, and is given the link destination directory identification information and area number.

The access condition selection information is, for example, "00" or "
If it is "00", it will be based on the access condition information in the area definition information of the linked destination, and if it is "01", it will be based on the access condition information in its own area definition information. Based on this, it is decided whether or not access to each area is possible. Note that areas registered are always "01", and area links registered can be designated as "00" or "01" by an area link registration command, which will be described later.

The access condition information indicates the access conditions for the area, and uses, for example, the card holder's key information verification state required when accessing the area.

Here, the concept of the memory structure will be explained using FIGS. 1 to 4. As shown in FIG. 2, for example, three directories are defined, and the directory names are rAAAJ, rBBBJ, and rCCCl, respectively.

As will be described later, each directory name includes directory identification information "01", "02", "03", and directory access condition information rYOIJ, rYO2.
J, rYO3J is assigned.

In addition, in particular, the directory name [****J is a directory that is always selected after starting the IC card, regardless of the directory selection command described later, and includes directory identification information "00" and directory access condition information rYOOJ. has been granted.

Further, in FIG. 1(a), for example, five areas are defined, and their physical locations are as shown in FIG.

For example, rAOIJ as area start address information,
Furthermore, area A having rsOIJ as area size information is registered as an area number "08".

Note that since the directory identification information is "QO", this indicates that area A does not belong to any directory.

The area C1 which has rAO3J as the area head address information and rS 03J as the area size information and the area E which has rAO5J as the area head address information and rS 05J as the area size information have the same directory identification information "01". , indicates that these two areas are under the directory named rAAAJ. The area numbers assigned to each number are "01" for the former and "01" for the latter.
3".

Similarly, area B is an area under a directory named rBBBJ and is registered as area number "01", and area D is an area under a directory named rCCCl and has area number "01". It shows that each is registered as .

Note that these five pieces of area definition information have been subjected to area registration processing. Therefore, the access condition selection information is all "01", and the access condition information "X01 to r, X05J of [1" are associated with each other.

The area group tip address storage area 164 stores data indicating how far the area allocated to the area group has been allocated, and when nothing is allocated, the data is stored at the end of the area group storage area 163. It is an address value, and after area A is allocated, rAOI
The value is updated each time an area is allocated, such as by subtracting "1" from the value of J.

FIG. 5 shows a diagram of the relationship between each area and the directory. As shown in the figure, area C and area E belong to the directory named rAAAJ, and are assigned area numbers "01" and "03", respectively. Furthermore, area B belongs to the directory named rB B BJ, and the area number is "01". Furthermore, area D belongs to the directory named rcCC4, and the area number is "01".

Note that area A does not belong to any directory (that is, it belongs to the directory name "* * * J"), and its area number is JO8J.

Next, the operation of such a configuration will be explained with reference to the flowchart shown in FIG.

First, the directory control information registration process will be explained. In the steady state, it is in a state of waiting for instruction data.
When command data is input in this state, the control element 15 determines whether it is a directory control information registration command as shown in FIG. As a result of this determination, if it is not a directory control information registration command, the control element 15 performs another process.

As a result of the determination of the command data, if it is a directory control information registration command, the control element 15 first refers to the directory control information storage area 161 in FIG.
It is determined whether there is a storage space for directory control information in 61.

As a result of this judgment, if the directory control information storage space does not exist, the control element 15 outputs response data indicating that there is no directory control information storage space, and returns to the command data waiting state.

As a result of determining the directory control information storage space above,
If the directory name exists, the control search element 15 determines whether the directory name exists in the main command data (telegram), and if it does not exist, the control search element 15 determines whether the directory name exists in the main command data (telegram). It is determined whether or not there is any control information whose directory identification information is "00".

As a result of this judgment, if it exists, the control element 15 outputs the same directory name existing response data and returns to the command data waiting state. If the directory does not exist, the control element 15 sets the directory identification information to "00" and registers the directory name "***J" together with the directory access condition information in this command data. The element 15 outputs the directory control information registration completion response data and returns to the command data waiting state.

As a result of determining whether or not the directory name exists, if the directory name does not exist, the control element 15 uses directory control information already stored in the main area 161 other than the directory control information having the directory identification information "00". Determine whether or not exists. As a result of this determination, if the directory does not exist, the control element 15 registers the directory control information by setting the directory identification information to "01". After the registration, the control element 15 outputs directory control information registration completion response data and returns to the command data waiting state.

As a result of the determination of the existing directory control information, if the existing directory control information exists, the control element 15 determines whether there is any existing directory control information having the same directory name as the directory name in this command data. to judge.

As a result of this judgment, if it exists, the control element 15 outputs the same directory name existing response data and returns to the command data waiting state.

As a result of the above determination of the same directory name, if the same directory name does not exist, the control element 15 transmits the directory identification information of the directory control information other than the directory control information having the directory identification information “00” last registered in this area 161. is incremented by one, added to the current directory control information, and registered. After the registration, the control element 15 outputs directory control information registration completion response data and returns to the command data waiting state.

FIG. 2 shows the results of sequentially registering the directory names "* * * J, rAAAJ, rB B BJ, and "CCC" in the directory name registration process described above.

Next, directory selection processing will be explained. As a result of the determination as to whether or not it is a directory control information registration command, if it is not a directory control information registration command, the control element 15 next determines whether or not it is a directory selection command as shown in FIG. As a result of this determination, if it is not a directory selection command, the control element 15 performs another process.

As a result of the determination of the command data, if it is a directory selection command, the control element 15 first refers to the directory control information Rakuno area 161 in FIG. It is determined whether there is already stored directory control information other than control information. As a result of this determination, if the directory control information does not exist, the control element 15 outputs directory control information unregistered response data and returns to the command data waiting state.

As a result of the determination of the existing directory control information, if the existing directory control information exists, the control element 15 determines whether there is any existing directory control information having the same directory name as the directory name in this command data. to judge.

As a result of this judgment, if the directory does not exist, the control element 15 outputs the corresponding directory nameless response data and returns to the command data waiting state.

As a result of the above judgment of the same directory name, if it exists, the control element 15 transfers the directory identification information added to the same directory name found in this area 161 to the current memory secured in the built-in RAM. Set it in a buffer (not shown). Note that the contents of the current buffer are set to "00" when the control module 15 is activated.

Then, the control element 15 outputs the directory selection end response data and returns to the command data waiting state.

Next, area registration processing will be explained. As a result of the determination as to whether or not it is a directory selection command, if it is not a directory selection command, the control element 15 next determines whether or not it is an area registration command as shown in FIG. As a result of this determination, if it is not an area registration command, the control element 15 performs another process.

As a result of the determination of the command data, if it is an area registration command, the control element 15 first refers to the area definition information storage area 162 in FIG. ' Determine whether As a result of this determination, if the area does not exist, the control element 15 outputs response data indicating that there is no area definition information storage space, and returns to the command data waiting state.

As a result of the determination of the area definition information storage space, if it exists, the control element 15 refers to the directory control information having the same directory identification information as the contents of the current buffer, and determines whether access is possible or not based on the corresponding access condition information. Make a judgment.

As a result of this determination, if the access condition is not satisfied, the control element 15 outputs access condition error response data and returns to the instruction data waiting state.

As a result of the access permission determination, if the access conditions are met, the control element 15 uses the area definition information with the contents of the current buffer as the directory identification information and the area number in this command data as the area number. Determine whether or not it already exists. As a result of this judgment, if the area exists, the control element 15 outputs the area registered response data and returns to the command data waiting state.

As a result of the determination of the area definition information, if it does not exist, the control element 15 calculates area start address information of the area to be registered this time. Actually, it is determined by subtracting the area size information in the command data input this time from the value stored in the area group tip address storage area 164. Next, the control element 15 compares the area start address information, which is the result of the above calculation, with the start address information of the area group storage area 163. As a result of this comparison, if the former value is not greater than or equal to the latter value, the control element 15 outputs area size inappropriate response data and returns to the command data waiting state.

As a result of the comparison of the start address information, if the former value is greater than or equal to the latter value, the control element 15 uses the calculation result as the area start address information, the area size information in the main command data as the area size information, and the main address information as the area size information. The area number in the instruction data is the area number, the access condition information in this instruction data is the access condition information, the contents of the current buffer are the directory identification information, and the area link information is
00'', the area definition information is stored in the area definition information storage area 162. Then, the control element 15 updates the area group tip address using the value subtracted by one from the calculation result, outputs the area registration end response data, and then returns to the command data waiting state.

Next, area link registration processing will be explained. As a result of the determination as to whether or not it is an area registration command, if it is not an area registration command, the control element 15 next determines whether or not it is an area link registration command as shown in FIG. As a result of this determination, if it is not an area link registration command, the control element 15 performs another process.

As a result of the determination of the command data, if it is an area link registration command, the control element 15 first refers to the area definition information storage area 162 in FIG. Decide whether or not. As a result of this judgment, if it does not exist, the control element 15:
Outputs response data without area definition information storage space,
Return to instruction data waiting state.

As a result of the determination of the area definition information storage space, if it exists, the control element 15 refers to the directory control information having the same directory identification information as the contents of the current buffer, and determines whether access is possible or not based on the corresponding access condition information. Make a judgment.

As a result of this determination, if the access condition is not satisfied, the control element 15 outputs access condition error response data and returns to the instruction data waiting state.

As a result of the access permission determination, if the access conditions are met, the control element 15 uses the area definition information with the contents of the current buffer as the directory identification information and the area number in this command data as the area number. Determine whether or not it already exists. As a result of this judgment, if the area exists, the control element 15 outputs the area registered response data and returns to the command data waiting state.

As a result of the determination of the area definition information, if it does not exist, the control element 15 sets these data as data 1.

The control search element 15 then stores the nine linked directories in this command data in the directory control information storage area 16.
Determine whether it exists in 1. As a result of this judgment, if there is no link, the control element 15 outputs response data of nine unregistered directs to be linked, and returns to the command data waiting state.

As a result of the determination of the nine linked directories, if the directory exists, the control search element 15 refers to the directory control information having the directory name and determines whether access is possible or not based on the corresponding access condition information. As a result of this determination, if the access condition is not satisfied, the control element 15 outputs access condition error response data and returns to the instruction data waiting state.

As a result of the above access permission determination, if the access conditions are met, the control element 15 determines that the area definition information that has the directory identification information corresponding to the found directory name and the link target area number in this command data already exists. determine whether or not. As a result of this determination, if the link target area does not exist, the control element 15 outputs link target area unregistered response data and returns to the command data waiting state.

As a result of the determination of the area definition information, if it exists, the control element 15 sets these data as data 2.

Then, the control element 15 uses the aforementioned data 1 as directory identification information, data 2 as link destination specification information, access condition selection information in this command data as access condition selection information, and access condition information in this command data as access condition information. The area definition information is stored in the area definition information storage area 162 with the area link information set to "01". Then, the control cable 15 outputs area link registration completion response data and returns to the command data waiting state.

Next, the process of writing and reading data into the area will be explained. As a result of the determination as to whether or not the area link registration command is issued,
If it is not an area link registration command, the control element 15 next determines whether it is a read command as shown in FIG. 11 or a write command as shown in FIG. 12. As a result of this determination, if it is neither command, the control element 15 outputs command unsupported response data and returns to the command data waiting state.

As a result of the judgment of the above command data, if it is either command, the control element 15 sets the contents of the current buffer as directory identification information and area definition information with the area number in this command data as the area number. exists in the area definition information storage area 162. As a result of this determination, if the area does not exist, the control element 15 outputs area unregistered response data and returns to the command data waiting state.

As a result of the determination of the area definition information, if the area definition information exists, the control element 15 determines whether or not the area link information in the area definition information is "01". As a result of this judgment,
If it is "01", the control element 15 refers to the corresponding access condition selection information and determines whether it is "00" or not. If the result of this judgment is "00", the control element 1
Step 5 sets a flag provided in the built-in RAM to "0" and finds area definition information whose directory identification information and area number have the same values as the corresponding link destination designation information.

If the result of the judgment of the above access condition selection information is "01"
If so, the control element 15 determines whether or not access is possible based on the corresponding access condition information.

As a result of this determination, if the access condition is not satisfied, the control element 15 outputs access condition error response data and returns to the instruction data waiting state.

As a result of the above access permission determination, if the access condition is satisfied, the control element 15 sets the above flag to "1" and similarly sets the same value as the corresponding link destination designation information to the directory identification information and the area number. Find the area definition information you have.

At this time, the control element 15 determines that the flag is "1.
”, the process moves to the process corresponding to this command data, and “
If it is "0", it is determined whether access is possible or not based on the corresponding access condition information. As a result of this determination, if the access condition is not satisfied, the control element 1'5 outputs access condition error response data and returns to the instruction data waiting state. As a result of the above access permission determination, if the access condition is satisfied, the control element 15 shifts to processing corresponding to this command data.

If the result of the determination of the area link information is "00", the control element 15 determines whether or not access is possible based on the corresponding access condition information.

As a result of this determination, if the access condition is not satisfied, the control element 15 outputs access condition error response data and returns to the instruction data waiting state. As a result of the above access determination, if the access conditions are met,
The control element 15 shifts to processing corresponding to this command data.

Now, in the process corresponding to this command data, if the command data is a read command, a read process is performed, and if the command data is a write command, a write process is performed. And control element 15
outputs the processing result as response data and returns to the command data waiting state.

In the example of FIG. 1(a), first, to select a directory, area A is allocated according to the area registration command data (area number -08, area size information -801), and then a directory with the directory name rB B BJ is selected. After that, area B is allocated according to the area registration command data (area number -01, area size information -802).
), then select the directory with the directory name rAAAJ, and then select the area C according to the area registration command data.
Assign (area number - 01, area size information - 80
3) Next, after selecting the directory with the directory name rCCCJ, area D is allocated according to the area registration command data (area number -01, area size information -5).
O4) shows the storage state of area definition information as a result of finally selecting a directory with the directory name rAAAJ and then allocating area E according to area registration command data (area number -03, area size information -805). A conceptual diagram showing this is shown in FIG. 5(a).

In the example of FIG. 1(b), first the directory name rB B
After selecting the directory of BJ-, the area is linked with the area number -02, the link target director 9 rAAAJ, and the link target area number -〇1 according to the area link registration command data, and then the directory with the directory name rCCCJ is linked. After making the selection, the area link registration command data indicates the storage state of area definition information as a result of linking the areas with area number -02, nine link targets rAAAJ, and link target area number -03. A conceptual diagram showing this is shown in FIG. 5(b).

This allows you to select the area number "0" before selecting the directory.
When a read command and a write command are executed using "8", the read and write processing is performed to area A.

Further, after selecting the directory name rAAAJ, read and write processing is performed to area C if area number "01" is used, and to area E if area number "03" is used.

Also, after selecting the directory name rBB BJ, if you use the area number "01", it will go to area B, and if you use the area number "02", it will go to the directory name rAAA first.
After selecting j, read and write processing is performed to area C, which is the same area when area number "01" was used.

Also, after selecting the directory name rCCCJ, if you use the area number "01", it will move to area D, and if you use the area number "02", it will move to the directory name rAAAJ first.
After selecting , read and write processing is performed to area E, which is the same area when area number "03" was used.

In this state, the area group start address Rakuno area 164 stores a value obtained by subtracting the value of the area start address information rAO5J by one.

In this way, the physical location information of one area is shared by multiple area numbers, and when accessing those area numbers, the access permission conditions are different, and the access permission conditions are the same. It has functions and the ability to select any of those functions. This makes it possible to access the same area using different area numbers, or to access the same area between different applications, with different access conditions for each, or for each access condition to be different. It is possible to arbitrarily set the values to be the same.

In the above embodiment, the directory identification information and area number of the link destination are used as the link destination designation information, but any information may be used as long as the area definition information of the link destination can be identified. For example, it may be location information where area definition information of a link destination is stored.

Further, the nine link target director names in the link registration command data may be any data as long as the name of the link target directory can be internally identified.

Further, in the embodiment described above, the area for storing application data has been described, but it is also possible to similarly link various authentication information areas necessary for accessing an IC card, such as a personal identification number, for example.

In other words, this assigns an area number to each authentication information area, and when specifying authentication information using this area number in verification command data, etc., different area numbers can be verified against the same authentication information. It will be processed.

[Effects of the Invention] As detailed above, according to the present invention, it is possible to access the same area using different area numbers, or to access the same area between different applications. It is possible to provide a portable electronic device in which each access condition can be individually set.

[Brief explanation of the drawing]

The figures are for explaining one embodiment of the present invention, and FIG. 1(a) is a diagram showing the area definition information storage area and the storage state of the area definition information before link registration, and FIG. 1(b) is a diagram showing the area definition information storage area and the storage state of the area definition information before link registration. A diagram showing the area definition information storage area and the storage state of the area definition information after link registration, Figure 2 is a diagram showing the directory control information storage area and the storage state of the directory control information, and Figure 3 is the state of the area group storage area. Figure 4 is a diagram showing the configuration of the data memory, Figure 5 (a
) is a conceptual diagram of area belonging to the area definition information storage state of FIG. 1(a), FIG. 5(b) is a conceptual diagram of area belonging to the area definition information storage state of FIG. 1(b), and FIG.
Figure 7 is a flowchart explaining each processing operation, Figure 7 is a diagram showing an example of the format of directory control information registration command data, Figure 8 is a diagram showing an example of the format of directory selection command data, and Figure 9 is a diagram showing area registration command data. 10 is a diagram showing a format example of area link registration command data. FIG. 11 is a diagram showing a format example of area read command data.
2 is a diagram showing an example of the format of write command data to the area, FIG. 13 is a block diagram showing the configuration of the IC card, FIG. 14 is a diagram showing the functional blocks of the IC card,
FIG. 5 is a block diagram showing the configuration of the terminal device. 1... IC card (portable electronic device), 2... Card reader/writer, 15... Control element (control unit),
16... Data memory (memory section), 17... Program memory, 18... Contact section, 161...
Directory control information storage area, 162... Area definition information storage area, 163... Area group storage area 164... Area group tip address storage area. Figure 2 Applicant's agent Patent attorney Takehiko Suzue Figure 3 Figure (b) Figure 13 Figure 14 Procedural amendments Commissioner of the Japan Patent Office Yoshi 1) Takeshi Moon Tono Heisei 1st year + 20th day 1, Indication of the case Japanese Patent Application No. 1983-200018 2, Name of the invention Portable electronic device Figure 15 3, Person making the amendment Relationship to the case Patent applicant (307) Toshiba Corporation 4. Agent, 3-7-2-7 Kasumigaseki, Chiyoda-ku, Tokyo, Contents of amendment (1) From line 17 to line 19 of page 15 of the specification, ``No directory... ” has been corrected to ``As will be described later, the area is identified as the area to be accessed regardless of the directory selection command.''. (2) From line 17 to line 18 of page 18 of the specification, the statement ``Area A indicates...'' was replaced with ``Area A is accessed regardless of the directory selection command.'' It indicates that it is subject to.'' (3) On page 20, line 17 of the specification, the statement ``Area A is in any directory'' is corrected to ``area A.'' (4) On page 22, line 13 of the specification, the phrase “the directory name is” has been replaced with “the directory name is in the message” 2
I am corrected. (5) In the 14th line of the same page, the phrase "if it does not exist" should be corrected to "if it exists." (6) "rRAMJ" on page 25, line 12 of the specification is corrected to "rRAM (not shown)."

Claims (3)

[Claims] (1) It has a memory section and a control section for accessing the memory section, and selectively inputs and outputs data to and from the outside, and the memory section is divided into a plurality of areas. , each area is individually assigned identification information, and the portable electronic device uniquely selects an area to be accessed from among the plurality of areas by inputting the identification information from the outside. a first means for selecting an area in which at least two pieces of the identification information are physically the same; and a second means for setting different access conditions when the two pieces of identification information are accessed by the first means. A portable electronic device characterized by comprising: (2) having a memory section and a control section for accessing the memory section, selectively inputting and outputting data to and from the outside, and the memory section being divided into a plurality of areas; Each of the areas is individually assigned identification information, and the portable electronic device uniquely selects an area to be accessed from among the plurality of areas by inputting the identification information from the outside. , a first means for selecting an area in which at least two pieces of the identification information are physically the same; and a third means for making the access permission conditions the same when accessing the two pieces of identification information by the first means. A portable electronic device characterized by comprising means for. (3) having a memory section and a control section for accessing the memory section, selectively inputting and outputting data to and from the outside, and the memory section being divided into a plurality of areas; Identification information is individually assigned to each of the areas, and the portable electronic device uniquely selects an area to be accessed from among the plurality of areas by inputting the identification information from the outside. a first means for selecting an area in which at least two pieces of the identification information are physically the same; and a second means for setting different access conditions when the two pieces of identification information are accessed by the first means. a third means for making the access permission conditions the same when the two pieces of identification information are accessed by the first means; and using these second means or using the third means. A portable electronic device characterized by comprising: fourth means for selecting one of the following.