JP2001516907A - How to load commands to the terminal security module - Google Patents

Abstract

  (57) [Summary] PROBLEM TO BE SOLVED: To issue a command (C) to a security module (2) of a terminal (1).₁ , C_Two , ...) are disclosed. The method is such that station (4) receives the command (C₁ ~ C_n ) Is transferred to the terminal (1), and the terminal (1) issues an instruction (C₁ ~ C_n ) To the security module (2), and the security module (2)₁ ~ C_n ), And the terminal (1) executes the executed instruction (C₁ ~ C_n ) Actual result (R ₁ ’-R_n ′) And the transfer means (3) records the result (R₁ ’-R_n') To the station (4). The instruction has an associated expected result (eg, R₁ ), And terminal (1) reports this to the actual result (eg, R₁ ’). This makes it possible to flexibly load data into the security module (2) according to an instruction, and to remotely check the function of the security module.   

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

TECHNICAL FIELD OF THE INVENTION

The present invention relates to a method for loading a command into a security module of a terminal. More particularly, it relates to the controlled loading of data into a security module of a smart card that operates a terminal by executing a command.

[0002]

[Prior art]

Terminals, such as vending machines and pay phones, often include security modules to securely store customary data. Such payment data may include, for example, the number of times a terminal has been used, the amount spent by a consumer on a particular terminal, and the number of meter pulses that a phone has used. Typically, security modules that are mechanically and / or electrically protected against abuse comprise electronic memory means (such as counters or EEPROMs) for registering payment data and storing keys. . The security module further comprises processing means for processing data such as conventional data. Such processing means usually consists of a microprocessor running a program of commands stored in the security module. The process often consists of the decryption protection of conventional data in order to avoid fraudulent means. An example of one security module and its use is disclosed in US Pat. No. 5,572,004, which is incorporated herein by reference.

For example, it is often necessary to update data stored in a security module to add new functions or modify existing functions. Data is added or modified using instructions, and its execution results in the desired addition or modification. However, the functions of addition and change need to be confirmed. This is particularly important since security modules often store monetary data or equivalent.

[0004] Thus, the need arises to be able to load such new data into the security module and confirm the result, ie the proper function of making the numerous corrections caused by that data. In practice, it is necessary to make changes to security modules in many different places, and confirming the function of those security modules raises one problem. The prior art does not provide a solution to this problem.

US Pat. No. 4,972,478 discloses a decryption circuit connected to an external program device. The program device performs an execution test to confirm whether the decryption circuit correctly performs the encryption algorithm. It is not disclosed how this execution test is performed and which results are transferred to an external program device. The patent does not deal with smart card operated terminals.

US Pat. No. 5,495,571 discloses a method for parameter testing a functional program interface. A test plan calls a function with different parameter values and tests whether the function produces the appropriate error code. The patent does not use controlled loading of data and instructions. Nor does it deal with smart card-enabled terminals.

[0007]

[Problems to be solved by the invention]

SUMMARY OF THE INVENTION It is an object of the present invention to provide a method of overcoming the above and other disadvantages of the prior art and loading data into a security module of a terminal and using the data to verify the proper functioning of an instruction. It is a further object of the present invention to provide a method for remotely checking a security module. It is another object of the present invention to provide a method for making a terminal transparent with respect to commands.

[0008]

[Means for Solving the Problems]

Accordingly, the present invention provides a method of loading a command into a security module of a terminal, wherein the station transfers the command to the terminal via a transfer means, and the terminal transfers the command to the security module. The security module executes the command, the terminal records the result of the executed command, and the transfer means transfers the result to the station.

[0009] The station may be a remote terminal management station. The transfer means may be, for example, a telephone line or a (special purpose) card inserted into the terminal. By recording the results of the executed instructions, the proper functioning of the security module can be remotely checked. Preferably, the instructions are transferred to the terminal as part of a script file, and the terminal extracts each instruction from the script file and sends it to the security module. Preferably, the script file contains information to selectively record the results. That is, the result of one instruction is recorded, but the result of another instruction is not recorded. This loads one instruction into the security module by requiring the previous instruction to execute properly, but requiring that other instructions (eg, those with unpredictable results) be loaded without restriction. Can be restricted. The terminal is practically transparent with respect to those instructions, since the terminal essentially only forwards the instructions to the security module. Thus, the terminal is substantially independent of the particular security module used.

[0010]

【Example】

In FIG. 1, a terminal 1 is connected to a station (terminal management center) 4 via a telecommunication link 3. As will be described later, the station 4 is used for creating a script file and confirming the function of the terminal 1. The terminal 1 comprises at least one security module 2, which communicates with the smart card 5 while the terminal 1 is in normal use. The terminal 1 further comprises a processor 6 connected to an associated memory (RAM and / or ROM) 7, an I / O (
Input / output) unit 8 and security module 2. The I / O unit is connected to a telecommunications link 3, for example a public switched telephone network subscriber line (PSTN) or a computer network link.

The security module 2 includes a processor, a memory, an I / O unit, and an IC.
It comprises an associated card reader / writer (not shown) for interfacing with a card (smart card) 5 and is usually physically and / or cryptographically protected, for example transaction data such as a financial account. Is stored securely for terminal use. Although the security module is described throughout this specification, it will be understood that the invention is also applicable to terminals in which the security module has been replaced by another unit having processing and storage means.

A script file is created in station 4 to load the instructions into security module 2 and execute the instructions with the potential to check the proper functioning of the instructions as in the present invention. The script file is described in FIG.
Transfers data to and / or from the security module 2 because it contains instructions to be loaded and executed. Preferably, the terminal 1 checks the source of the command. That is, the terminal checks whether the command was made by the station 4 or at least sent from the station 4. This check, which is performed to prevent unauthorized rewriting of the contents of the security module, can be made by comparing the received MAC (message authentication code) with the MAC calculated by the terminal. Such a verification procedure is well known to those skilled in the art.

As shown in FIG. 2, the script file 10 has one header and several records. Each record consists of a type field T _i (eg, T ₁ ), an instruction field C _i (eg, C ₁ ), and a result field R _i (eg, R ₁ ). The result field _Ri is empty, as described below. The instructions include data to be written into the memory of the security module, such as a key for encrypting conventional data. The instructions also include instructions executed by the security module 2.
A suitable format for the instruction C _i (i = 1 to 4, in FIG. 2) is, for example, ISO 78
It is disclosed in the 16-4 standard.

The type field T _i identifies different types of instructions. In the present invention, since three different types of instructions can be identified, three different types of instructions can be handled by the terminal. The first type of instruction has an associated expected result or response R. This type of instruction is preferably loaded into the one at the security module, the terminal compares the result R _i expected and actual results R _i '. If there is a discrepancy, ie a mismatch between R _i and R _i ′, the loading is stopped. This type of instruction can be used to perform a controlled loading of the security module and check its proper functioning during the loading.

The second type of instruction does not accompany the expected response (ie, the result field R _i Is complete). However, the terminal preferably registers the actual response. This type of instruction
In particular, an unknown security module was used (the response was not completely known in advance)
If so, the security module may be tested. The results are collected later
Log files. Thus, the instruction can be processed off-line.

A third type of instruction is loaded into the security module and executed without regard to the result. That is, the result of this type of instruction is not registered in the terminal. It will be appreciated that the above results of these instructions consist of memory contents, status (eg, indicating a failed write operation), and / or smart card instructions. These results thus result in data transfer to and / or from the security module.

As described above, the terminal extracts the instructions from the script file and sends them to the security module. The terminal is passive with respect to the instructions, but active with respect to the script file, derives the instructions from it and operates from the type field contained in the script file (check result / no check)
Is derived. Thus, the script file contains information that affects the terminal's function and the instructions derived therefrom.

A script file can also consist of only one instruction. However, the size of the script file is variable and its size is limited only by the amount of memory available in the terminal. Also, the script file may contain instructions in a compressed form and / or in a form that is protected against decryption.

FIG. 3 shows an example of a so-called log file. The file 20 has one header and several data fields. In the data field, the actual result of the instruction is stored during or after processing (result logging). The data field contains a first result R ₁ ′ of the first execution instruction and a second result R ₂ ′ of the second execution instruction. At station 4 (FIG. 1) or another device, these actual results R _i ′ are compared with the expected results R _i or otherwise processed.

FIG. 4 shows a flowchart according to an embodiment of the method of the present invention. In an initial step 100 labeled "Start", the instructions or script file containing the instructions are transferred from the station 4 to the security module 2 of the terminal 1 (FIG. 1). In step 101, the instructions are loaded into the processor of the security module 2, for example by extracting them from a script file. At step 102, the security module recalculates the message authentication code of the instruction and sets the result as the actual (recalculated) code MAC '. In step 103, this actual code MAC 'is compared with the received code MAC. MAC '=
If it is a MAC, the received code MAC is determined to be "true" and step 10
Proceed to 4. If MAC ′ ≠ MAC, the flow exits through a suitable exit routine (not shown). Then an error message is generated.

In step 104, the type of the instruction is determined by reading the type T _i (FIG. 2) and temporarily stored. Next, at step 105, the instruction C _i is executed by the security module, so that R _i ′ is temporarily stored. In steps 106-108, the security module determines whether and how to process the result.

At step 106, if the type is equal to I (the first type), then proceed to step 112, where the expected result R _i is read from the script file (FIG. 2) and at step 113 the actual result R is compared to _i . In step 113, if R _i ′ = R _i, go to step 109, and if R _i ′ ≠ R _i (inappropriate result), go out of the flow. If the type is not equal to I, go to step 107.

In step 107, if the type is equal to II (the second type), proceed to step 114, where the actual result R _i ′ is registered, for example, in the log file of FIG. If the type is not equal to II, go to step 108. If the type is equal to III (third type) in step 108, the process proceeds to step 109. If the type is not equal to III (inappropriate result), exit the flow.

In steps 109 and 110, the security module checks whether it has arrived at the end of the script file. If the end of the file is detected at step 110, the procedure ends at step 111, for example, by closing and transmitting the log file (if appropriate). If it has not arrived at the end of the script file, the process returns to step 101 to process the next command. By processing the results of the instructions depending on the type of each instruction, the instructions of a single script file can be selectively processed.

It will be appreciated that the procedures set forth above have been taken by way of example. Thus, a check of the message authentication code or any other data protection code may be performed by performing a back calculation of the code instead of a recalculation as described in steps 102 and 103. The result of the executed instruction is registered, preferably by storing it in the memory of the security module.
Alternatively, the results may be stored in the memory 7 of the terminal. The log file may be stored in the terminal's memory 7 before being sent to the station 4 or before being transferred to the smart card 5. A script file may also be stored in the memory 7 of the terminal, and each command is loaded into the security module in step 101 of the above procedure.

As described above, according to the method of the present invention, data can be flexibly loaded into the security module, and the function of the security module can be remotely checked. The above embodiments have been described by way of example only, and it will be understood by those skilled in the art that many modifications and additions may be made without departing from the scope of the invention.

[Brief description of the drawings]

FIG. 1 is a block diagram of a terminal used in the method of the present invention.

FIG. 2 is a diagram showing an example of the structure of a script file including instructions to be loaded.

FIG. 3 is a diagram showing an example of the structure of a log file including a result of an instruction.

FIG. 4 is a flowchart showing an instruction process in the security module according to the present invention.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Terminal 2 Security module 3 Telecommunication link 4 Station 5 Smart card 6 Processor 7 Memory 10 Script file 20 Log file

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) H04L 9/10 H04M 3/42 Z H04M 3/42 11/00 301 11/00 301 H04L 9/00 621Z ( 81) Designated countries EP (AT, BE, CH, DE, DK, ES, FI, FR, GB, GR, IE, IT, LU, MC, NL, PT, SE), OA (BF, BJ, CF, CG, CI, CM, GA, GN, ML, MR, NE, SN, TD, TG), AP (GH, KE, LS, MW, SD, SZ, UG, ZW), EA (AM, AZ, BY) , KG, KZ, MD, RU, TJ, TM), AL, AM, AU, AZ, BA, BB, BG, BR, BY, CA, CN, CU, CZ, FI, GE, H, HU, IL, IS, JP, KE, KG, KP, KR, KZ, LC, LK, LR, LS, LT, LV, MD, MG, MK, MN, MW, MX, NO, NZ, PL , RO, RU, SD, SG, SI, SK, SL, TJ, TM, TR, TT, UA, UG, UZ, VN, YU, ZW (72) Inventor Rombout, Willem, Netherlands The Hague CVA Bang Bevelen Plain 11

Claims (10)

[Claims] 1. A station (4) forwards the terminal (1) to the instruction (C ₁ -C _n) via transfer means (3), the terminal (1) is the command (C ₁ -C _n) safety security transferred to the module (2), the security module (2) executes the instructions (C ₁ -C _n), the instruction terminal (1) is the running (C ₁ -C _n) results (R ₁ 'to R _m '), and the transfer means (3) comprises the steps of transferring the result (R ₁ 'to R _m ') to the station (4). Loading instructions (C ₁ , C ₂ ,...) Into the security module (2). 2. The instructions are transferred to a terminal (1) as part of a script file (10), and the terminal (1) extracts each instruction (C ₁ -C _n ) from the script file (10). , Sending them to the security module (2). 3. The script file (10) stores the results (R ₁ ′ to R _m ′)
3. The method of claim 2 including information (T ₁ -T _n ) for selectively recording 4. The method of claim 2, wherein the script file (10) is created in a verification station (4). 5. The method of claim 1, wherein the script file (10) includes an expected result (eg, R ₃ ) of each instruction (eg, C ₃ ). 6. Each of the instructions (eg C ₁ ) is individually assigned to a security module (2).
6. The method of claim 5, wherein the terminal (1) compares the expected result (eg, R ₃ ) with the actual result (R ₃ ′) and stops the transfer if a mismatch is detected. 7. The method of claim 1, wherein the transfer means (3) is a telecommunications link, such as a telephone connection. 8. The method according to claim 1, wherein the transfer means comprises a card inserted into the terminal. 9. The terminal (1) transmits instructions (C _{1 to} C _n ) to the security module (2).
2.) The method according to claim 1, wherein it is checked whether the command comes from a station (4) before forwarding to (4). 10. A processor (6), a memory (I / O) and a security module (2), wherein the security module (2) executes instructions (C ₁ -C _n ) resulting in instructions (R ₁ -C _n ). R _m ) are selectively arranged in the terminal (
1).