JP2002354143A - Communication method and system, communication equipment, processing unit and its method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a communication system that uses a single integrated circuit to provide diversified services without restriction on a storage capacity of a memory built in the integrated circuit. SOLUTION: A virtual IC storage area server unit 13 stores an application program related to processing an IC 21. In succession to mutual authentication between the IC 21 and the virtual IC storage area server unit 13 via a mobile communication function section 20, the server unit 13 executes the application program and conducts processing related to a service in cooperation with an IC- R/W device 11 while making communication with the device 11 via IC 21, the mobile communication function section 20, a radio communication channel 17 and a network 18.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to an integrated circuit (IC:
The present invention relates to a communication method and a communication system using a communication device having a built-in integrated circuit, and a communication device, a processing device, and a method used in the communication method and system.

[0002]

2. Description of the Related Art Currently, electronic commerce using IC devices such as IC cards is performed. An IC (integrated circuit) of such an IC device includes an interface that communicates with a transaction device installed in a store or the like, a memory that stores an application program that defines processing related to a service using the IC, and an application program. And a CPU for executing the program.

[0003]

However, in the IC of the above-mentioned IC device, as described above,
The application program is stored in the memory built into the IC, and the storage capacity of the memory is limited from the viewpoint of miniaturization and cost reduction of the IC. Therefore, the services that can be provided using a single IC are limited. There is a problem that there is.

[0004] The present invention has been made in view of the above problems,
An object of the present invention is to provide a communication method and system, a communication device, a processing device, and a method capable of providing various services using a single integrated circuit without being limited by the storage capacity of a memory built in the integrated circuit. And

[0005]

SUMMARY OF THE INVENTION In order to solve the above-mentioned problems of the prior art and achieve the above-mentioned object, a communication method according to a first aspect of the present invention comprises a first method having an integrated circuit and a communication circuit.
A communication device for transmitting and receiving data between the communication device and the integrated circuit and performing communication using a processing device used for a service related to the integrated circuit, wherein the integrated circuit is connected to the service. A request for using the program is transmitted to the second communication device that stores and executes the program that defines the processing via the communication circuit, and the second communication device determines that the use request is valid. When authenticated, execute the program related to the use request,
While the integrated circuit relays communication between the processing device and the second communication device via the communication circuit, the processing device and the second communication device respond to the execution of the program by the second communication device. A process related to the service is performed in cooperation with the second communication device.

In the communication method according to a first aspect of the present invention, the integrated circuit sends a request to use the program to a second communication device that stores and executes a program defining processing related to the service. To send through. Next, when the second communication device authenticates that the use request is valid, the second communication device executes a program related to the use request. In addition, while communication between the processing device and the second communication device via the communication circuit is relayed by the integrated circuit, the processing device is executed in accordance with the execution of the program by the second communication device. And the second communication device cooperate with each other to perform a process related to the service. As described above, in the communication method according to the first aspect of the present invention, the service provision using the integrated circuit is performed by executing the program stored in the second communication device in response to a use request from the integrated circuit to the second communication device. The second communication device executes the second communication device to execute the second communication device.
The communication device and the processing device communicate with each other via the integrated circuit, and cooperate with each other. Therefore, there is no need to store a program in an integrated circuit, and various services can be provided using an integrated circuit having a limited storage capacity. Further, when the second communication device authenticates the use request in accordance with the use request from the integrated circuit, the integrated circuit relays communication between the processing device and the second communication device. I do. Therefore, spoofing can be prevented.

In the communication method according to the first aspect of the present invention, preferably, the second communication device includes a storage area previously allocated to the first communication device among storage areas in the second communication device. And stores the program related to the first communication device.

In the communication method according to the first aspect of the present invention, preferably, the first communication device sends the use request indicating that the first communication device uses the storage area allocated in advance to the first communication device. Transmit to the second communication device.

Further, in the communication method according to the first invention, preferably, after the integrated circuit transmits the use request to the second communication device, the first communication device transmits the request to the second communication device. The second communication device reads out and executes the program specified by the program selection instruction to transmit a program selection instruction for specifying a program to be selected and used.

In the communication method according to the first invention, preferably, the first communication device is a portable communication device, and the communication circuit is a wireless communication circuit for performing communication using a wireless communication network. The second communication device is connected to a network, and the integrated circuit communicates with the second communication device via the communication circuit, the wireless communication network, and the network.

A communication system according to a second aspect of the present invention provides a communication system for transmitting and receiving data between a first communication device having an integrated circuit and a communication circuit and the integrated circuit and used for a service related to the integrated circuit. A communication system comprising: a device; and a second communication device that stores and executes a program that defines processing related to the service, wherein the integrated circuit uses the program for the second communication device. Transmitting a request through the communication circuit,
When the communication device authenticates that the use request is valid, the communication device executes a program related to the use request, and the integrated circuit communicates between the processing device and the second communication device via the communication circuit. While relaying communication between the second communication device and the second communication device, the processing device and the second communication device cooperate to perform processing related to the service in accordance with the execution of the program.

According to a third aspect of the present invention, there is provided a communication apparatus for transmitting and receiving data between the integrated circuit and another communication apparatus having the communication circuit and used for a service related to the integrated circuit. A communication device that communicates with the server, a storage unit that stores a program that defines processing related to the service, a receiving unit that receives a program use request from the integrated circuit via the communication circuit, An authentication means for authenticating whether or not the service request is valid, and, when the use request is authenticated, reading a program defining processing related to the service from the storage means, and executing the read program. Cooperating with the processing device while performing communication with the processing device via the communication circuit and the integrated circuit according to the execution of the program. And a control unit for performing a process relating to the service Te.

According to a fourth aspect of the present invention, there is provided a communication method, comprising: a communication device having an integrated circuit and a communication circuit; and a communication device for transmitting and receiving data between the integrated circuit and a processing device used for a service related to the integrated circuit. A communication method for performing
A program use request is received from the integrated circuit via the communication circuit, and when the use request is authenticated, a program defining a process related to the use request is read from the storage unit, and the read is performed. A program is executed, and in accordance with the execution of the program, a process related to the service is performed in cooperation with the processing device while communicating with the processing device via the communication circuit and the integrated circuit.

A processing device according to a fifth aspect of the present invention is a processing device that exchanges data with a first communication device having an integrated circuit and a communication circuit and is used for a service related to the integrated circuit. A second communication device that stores and executes a program that defines related processing and the integrated circuit perform mutual authentication via the communication circuit, and after the mutual validity has been authenticated by the mutual authentication, the integrated circuit; And performs processing related to the service in cooperation with the second communication device while communicating with the second communication device that executes the program.

A processing method according to a sixth aspect of the present invention is a processing method for transmitting and receiving data to and from a first communication device having an integrated circuit and a communication circuit and used for a service related to the integrated circuit. A second communication device that stores and executes a program that defines related processing and the integrated circuit perform mutual authentication via the communication circuit, and after the mutual validity has been authenticated by the mutual authentication, the integrated circuit; And performs processing related to the service in cooperation with the second communication device while communicating with the second communication device that executes the program.

A communication method according to a seventh aspect of the present invention includes a first communication device having an integrated circuit and a communication circuit, a second communication device used for a service related to the integrated circuit, and a process related to the service. A communication method for performing communication using a third communication device that stores and executes a specified program, wherein a request for using the program is sent from the integrated circuit to the third communication device via the communication circuit. Transmitting and performing mutual authentication between the integrated circuit and the third communication device via the communication circuit, and the integrated circuit and the third communication device authenticate each other's validity by the mutual authentication. Then, the second communication device and the third communication device perform mutual authentication, and the mutual authentication authenticates the second communication device and the third communication device with each other. And before A third communication device executes the program related to the use request, and in response to the execution of the program, the second communication device and the third communication device perform communication and cooperate with each other to execute the program. Performs processing related to the service.

In the communication method according to a seventh aspect, first, a request for using the program is transmitted from the integrated circuit to the third communication device via the communication circuit. Next, mutual authentication is performed between the integrated circuit and the third communication device via the communication circuit. Then, when the mutual validity of the integrated circuit and the third communication device are authenticated by the mutual authentication, mutual authentication is performed between the second communication device and the third communication device. . Then, when the second communication device and the third communication device are mutually authenticated by the mutual authentication, the third communication device executes the program related to the use request. Then, in accordance with the execution of the program, the second communication device and the third communication device communicate with each other and cooperate with each other to perform a process related to the service.

According to the communication method of the seventh aspect, it is not necessary to store the program in the integrated circuit, and various services can be provided using the integrated circuit having a limited storage capacity. Further, since mutual authentication between the integrated circuit and the third communication device and between the second communication device and the third communication device are performed, spoofing and the like can be prevented.

In the communication method according to a seventh aspect of the present invention, preferably, the second communication device transmits a program selection instruction for instructing a program to be selectively used to the first communication device. The first communication device transmits a program selection instruction to the third communication device based on the program selection instruction, and the third communication device responds to the program selection instruction received from the first communication device. Execute the specified program.

The communication system according to an eighth aspect of the present invention includes a first communication device having an integrated circuit and a communication circuit, a second communication device used for a service related to the integrated circuit, and a process related to the service. A third communication device for storing and executing a specified program, wherein the integrated circuit transmits a use request of the program to the third communication device via the communication circuit, When mutual authentication is performed between the integrated circuit and the third communication device via the communication circuit, and when the integrated circuit and the third communication device are mutually authenticated by the mutual authentication, When the second communication device and the third communication device perform mutual authentication, and when the second communication device and the third communication device are mutually authenticated by the mutual authentication, 3 executes the program related to the use request, and in response to the execution of the program, the second communication device and the third communication device perform communication and cooperate with each other to execute the service. Is performed.

According to a ninth aspect of the present invention, there is provided a communication device, comprising: a first communication device having an integrated circuit and a communication circuit; and a second communication device for storing and executing a program defining processing relating to the service. A communication device used for a service related to the integrated circuit, wherein the mutual communication between the integrated circuit and the second communication device is authenticated by mutual authentication. An authentication unit that performs mutual authentication with the device, and a communication with the second communication device that executes the program after mutual validity is authenticated between the second communication device and the mutual communication by the authentication unit. And a control means for performing processing related to the service in cooperation with each other.

According to a tenth aspect of the present invention, there is provided a communication method, comprising: an integrated circuit; a first communication device having the communication circuit; and storage and execution of a program that defines processing related to the service provided by using the integrated circuit. A communication method performed between the integrated circuit and the second communication device after mutual authentication by mutual authentication, the communication method performed between the second communication device and the second communication device performing the second After performing mutual authentication with the communication device and performing mutual authentication between the communication device and the second communication device, mutual authenticity with the second communication device is authenticated. The communication device performs communication with the second communication device and performs processing related to the service in cooperation with each other.

A communication device according to an eleventh aspect of the present invention is a communication device that communicates with a first communication device having an integrated circuit and a communication circuit, and a second communication device used for services related to the integrated circuit. A storage unit that stores a program that defines processing relating to the service; a receiving unit that receives a use request of the program from the integrated circuit via the communication circuit; and the integrated circuit according to the use request. Perform mutual authentication via the communication circuit between
After the mutual authentication has verified each other's legitimacy,
An authentication unit for performing mutual authentication with the second communication device, and, when mutual validity between the second communication device and the second communication device is authenticated by the mutual authentication, storing the program related to the use request in the storage unit. And a control unit that executes processing related to the service by performing communication with the second communication device in cooperation with each other in accordance with the execution of the program.

A communication method according to a twelfth aspect is a communication method for communicating with a first communication device having an integrated circuit and a communication circuit, and a second communication device used for a service related to the integrated circuit. Receiving, from the integrated circuit, a request for use of a program defining processing related to the service via the communication circuit, and performing mutual authentication with the integrated circuit via the communication circuit in response to the use request. Perform mutual authentication with the second communication device after the mutual validity is authenticated by the mutual authentication, and the mutual validity is authenticated between the second communication device and the second communication device by the mutual authentication. And reads and executes a program related to the use request from a storage unit, and communicates with the second communication device in accordance with the execution of the program to cooperate with each other to execute the service. The related processing is performed.

[0025]

DESCRIPTION OF THE PREFERRED EMBODIMENTS A communication system according to an embodiment of the present invention will be described below. First Embodiment FIG. 1 is an overall configuration diagram of a communication system 1 of the present embodiment. As shown in FIG. 1, the communication system 1 includes, for example, a gateway 10, an IC_R / W device 11, an IC service providing device 12, a virtual IC storage area server device 13, and a mobile phone device 14. Mobile phone device 14 and virtual I
The communication with the C storage area server device 13 is performed via a wireless communication line 17 such as a mobile phone communication network, a gateway 10, and a network 18 such as the Internet. The mobile phone device 14 and the IC_R / W device 11 perform, for example, wireless communication. Further, the IC_R / W device 11 and the IC service providing device 12 perform communication via, for example, a dedicated transmission line. In addition, the mobile phone device 14
It has a mobile communication function unit 20 and an IC 21. This embodiment is an embodiment corresponding to the first and second inventions. The IC_R / W device 11 shown in FIG. 1 corresponds to the processing device of the present invention. This embodiment is an embodiment corresponding to the first to sixth inventions. The IC_R / W device 11 corresponds to the processing device of the present invention. Also, the mobile phone device 14
Are the first communication device of the first invention and the second invention, another communication device of the third invention, the communication device of the fourth invention, and the fifth communication device.
And the first communication device of the sixth invention. In addition, the virtual IC storage area server device 13 is added to the second communication device of the first and second inventions, the communication device of the third and fourth inventions, and the second communication device of the fifth and sixth inventions. Yes, it is.

First, an outline of an operation example of the communication system 1 shown in FIG. 1 will be described. FIG. 2 shows a communication system 1 shown in FIG.
FIG. 5 is a diagram for describing an outline of an operation example of FIG. User A
Visits the store 30 and finds the IC_R / W device 11 and IC 21
The mobile phone device 14 is located at a position where wireless communication is possible. Then, as shown in FIG. 2, first, in response to the operation of the mobile communication function unit 20 of the mobile phone device 14 by the user A, the mobile communication function unit 20 transmits the data via the wireless communication line 17, the gateway 10, and the network 18. , Virtual I
A virtual storage area use request (use request of the present invention) is transmitted to the C storage area server device 13 (in FIG. 2).

Next, mutual authentication is performed between the IC 21 of the portable telephone device 14 and the virtual IC storage area server device 13 (FIG. 2). When the mutual validity is verified by the mutual authentication, an application program selection instruction is transmitted from the portable communication function unit 20 to the virtual IC storage area server device 13 in response to the operation of the user A (FIG. 2). ), A virtual storage area use instruction is transmitted from the IC 21 to the IC_R / W device 11 (in FIG. 2). Next, via the portable communication function unit 20 and the IC 21, the IC
After performing communication between the _R / W device 11 and the virtual IC storage area server device 13 and performing mutual authentication, processes related to the service using the IC 21 are performed in cooperation (in FIG. 2).
As described above, according to the communication system 1, the IC 21
When performing processing related to a service with the _R / W device 11, after performing a predetermined authentication process, the virtual IC storage area server device 13 executes an application program stored in the server device 13, and executes the IC_R While performing communication with the / W device 11, processing related to the service is performed. Therefore, even if the storage capacity of the memory in the IC 21 is small, a service can be provided using an application program having a large data amount.

Hereinafter, each component of the communication system 1 shown in FIG. 1 will be described in detail. [Gateway 10] The gateway 10 is a device that relays communication between the wireless communication line 17 such as a mobile phone and the network 18.

[IC_R / W device 11] The IC_R / W device 11 is installed in a store 30 of a service provider, etc.
Data is exchanged with the IC 21 built in the mobile phone device 14 in a contact manner or a non-contact manner, and the IC 21
Performs processing related to the service performed using. In the present embodiment, a case where data is transmitted and received between the IC_R / W device 11 and the IC 21 by a non-contact method (wireless method) will be exemplified. The IC_R / W device 11, as described later,
Communication with a virtual IC storage area server device 13 that stores and executes an application program that defines processing related to the service via a mobile phone device 14;
In response to the execution of the application program by the virtual IC storage area server device 13, processing related to the service is performed in cooperation with the virtual IC storage area server device 13.
Examples of the services according to the present embodiment include services involving confidential processes such as personal (personal) authentication, electronic money, electronic commerce, and ticket issuance.

[IC Service Providing Device 12] The IC service providing device 12 communicates with the IC_R / W device 11
Data transmission and reception necessary for a service performed using C21 is performed.

[Virtual IC storage area server device 13] The virtual IC storage area server device 13
It functions as a virtual memory of C21, stores an application program related to a service performed using IC21, and executes the application program in response to an instruction from IC21. FIG. 3 is a functional block diagram of the virtual IC storage area server device 13. As shown in FIG. 3, the virtual IC storage area server device 13
AM 51, memory 52, control unit 53, and I / F unit 54
Having.

FIG. 4 is a functional block diagram of the SAM 51 shown in FIG. The SAM 51 is a tamper-resistant hardware or software module. SAM5
Reference numeral 1 denotes an authentication unit 61 and an encryption / decryption unit 6 as shown in FIG.
2. It has an IC control unit 63 and an IC-related processing unit 64. The authentication unit 61 performs mutual authentication with the IC 21 described later and mutual authentication with the IC_R / W device 11.

The encryption / decryption unit 62 includes, for example, a memory 52
It encrypts the application program registered (written) in the server and decrypts the application program read from the memory 52.

The IC control unit 63 controls, for example, communication with the IC 21. The IC-related processing unit 64
And performs processing related to a predetermined service.

The memory 52 is used as a virtual memory of the IC 21 and stores an application program related to a service using the IC 21. The memory 52 is shown in FIG.
As shown in FIG. 5, an IC virtual storage area 6 previously allocated to each user (mobile phone device) by a registration process described later.
0a, 60b, 60c,... For example, IC
The virtual storage area 60a is allocated to the user A of the mobile phone device 14, the IC virtual storage area 60b is allocated to the user B, and the IC virtual storage area 60c is allocated to the user C. In the IC virtual storage area 60a, for example, as shown in FIG. 6, application programs 65a, 65b, and 65c registered by an application program registration process described later are stored. The application programs 65a, 65b, 65c are:
Each program is a program that defines a process related to a service provided using the IC 21. The memory 52 has a storage capacity of, for example, 2 k, 4 k, or 8 k bytes.

The control unit 53 controls the overall processing of the virtual IC storage area server device 13. FIG.
3 is a functional block diagram of FIG. As shown in FIG.
3 includes a portal unit 71, a user I / F unit 72, an AP (application program) execution unit 73, a SAM control unit 74, and a memory control unit 75. Portal 71
Implements a portal function in response to access from the mobile phone device 14, for example, and displays a menu screen of a service that can be provided on the display unit of the mobile phone device 14, for example. The user I / F unit 72 controls a user I / F screen displayed on the display unit 34 of the mobile communication function unit 20. AP
The execution unit 73 executes the application program read from the memory 52. The SAM control unit 74 determines whether the SA
The processing using M51 is controlled. The memory control unit 75 includes:
It manages application programs stored in the memory 52. Specifically, the memory control unit 75 performs, for example, allocation of the IC virtual storage area 60a to the mobile phone device 14, registration of the application programs 65a, 65b, 65c to the IC virtual storage area 60a.

[Portable Telephone Device 14] As shown in FIG.
The mobile phone device 14 includes a mobile communication function unit 20 and an IC 2
One. Here, the portable communication function unit 20 corresponds to the communication circuit of the present invention, and the IC 21 corresponds to the integrated circuit of the present invention. <Portable Communication Function Unit 20> FIG. 8 is a functional block diagram of the portable communication function unit 20 shown in FIG. As shown in FIG. 8, the mobile communication function unit 20 includes, for example, a voice input / output unit 31, an A / D / D / A conversion unit 32, a DSP 33, a display unit 34, an operation unit 35, an IC_I / F unit 36, and a memory. 37,
Control unit 38, baseband processing unit 39, and wireless unit 40
Having.

The audio input / output unit 31 generates a speaker that outputs audio corresponding to the analog audio signal input from the A / D / D / A conversion unit 32, and generates an analog audio signal corresponding to the input audio. And a microphone for outputting to the A / D / D / A converter 32.

The A / D / D / A converter 32 includes a DSP 33
Is converted into an analog audio signal and output to the audio input / output unit 31. A / D
The D / A converter 32 converts an analog audio signal input from the audio input / output unit 31 into a digital audio signal,
Output to SP33.

The DSP 33 performs band compression processing of a digital audio signal. The display unit 34 is, for example, a liquid crystal display that displays an image according to the display signal input from the control unit 38. The operation unit 35 is an operation button or the like, and outputs an operation signal corresponding to an operation of the operation button by the user to the control unit 38. The IC_I / F unit 36 transmits and receives data to and from the IC 21 shown in FIG.
T (Universal Asynchronons)
ReceiverTransmitter), IC2
An interface such as USB or IEEE1394. The memory 37 stores programs and data necessary for processing in the control unit 38 and the baseband processing unit 39. The memory 37 includes, for example, the mobile communication function unit 20.
It may be fixed in a state that cannot be attached to or detached from the
Alternatively, it may be detachably attached to the portable communication function unit 20 such as a memory card. The memory 37 has a storage capacity of, for example, 64 k or 1 Mbyte. The mobile communication function unit 20 includes, for example, the memory 3
7 stores a program that defines processing using the IC 21, and in accordance with an instruction from the IC 21, stores the program read from the memory 37 by the control unit 38 in the control unit 48 of the IC 21.
May be transmitted via the IC_I / F unit 36 and the I / F unit 45. Further, the control unit 48 executes the read program, and executes the IC_I / F unit 36 and the I / F unit 4.
The processing related to the service may be performed in cooperation with the control unit 38 and the control unit 48 via the control unit 5.

The control section 38 controls the processing of the portable communication function section 20 as a whole, and is controlled by the control section 48 shown in FIG. The baseband processing unit 39 performs a baseband process. The wireless unit 40
Processing such as amplification and detection of data (signal) transmitted and received via the antenna 17 and generation of an IQ signal are performed.

<IC21> The IC21 is a tamper-resistant integrated circuit capable of preventing unauthorized monitoring and tampering of processing and data in the IC21 and data exchanged with the outside. The IC_R / W device 11 and the IC Processing related to various predetermined services provided by using the service providing device 12 is performed. FIG. 9 shows the IC2 shown in FIG.
1 is a functional block diagram of FIG. As shown in FIG.
1 includes, for example, an I / F unit 45, a memory 46, an analog unit 47, and a control unit 48. The I / F unit 45 is configured as shown in FIG.
Is an interface for exchanging data with the IC_I / F unit 36 of the portable communication function unit 20 by a wired method or a wireless method. The memory 46 stores data and programs necessary for the processing of the control unit 48. The memory 46 may store an application program used for a part of various services provided by using the IC 21. The analog unit 47 performs analog processing such as amplifying data (signal) transmitted and received between the IC_R / W device 11 and the IC_R / W device 11 via the antenna 49.

The control unit 48 controls the overall operation of the IC 21. The control unit 48 is a portable communication function unit 2 shown in FIG.
0, and controls the control unit 38. The baseband processing unit 39 performs baseband processing of a signal transmitted and received between the radio unit 40 and the baseband processing unit 39.

As shown in FIG. 10, the IC 21 includes a portable communication function unit 20, a wireless communication line 17, and a network 1
8 via the virtual IC storage area server device 1 shown in FIG.
3 uses the application program stored in the memory 52.

FIG. 11 shows processing between the IC 21, the portable communication function unit 20 and the virtual IC storage area server device 13 when the IC 21 uses an application program stored in the memory 52 of the virtual IC storage area server device 13. FIG. 9 is a diagram for explaining a sequence. FIG.
As shown in FIG. 1, the control unit 48 of the IC 21 transmits a memory access request to the control unit 38 of the mobile communication function unit 20 (step ST200), and the control unit 38 controls the virtual IC storage area server device 13 accordingly. A memory access request is transmitted to the unit 53 (step ST201). Then, when permitting access from the IC 21 to the memory 52, the control unit 53 transmits a memory access permission notification to the control unit 38 of the portable communication function unit 20 (step ST202), and performs control accordingly. The unit 38 transmits a memory access permission notice to the control unit 48 of the IC 21 (step ST203).

When receiving the memory access permission notice in step ST203, the control unit 48 of the IC 21 performs a memory access operation on the control unit 38 of the portable communication function unit 20 (step ST204). 38 is a control unit 53 of the virtual IC storage area server device 13
Performs a memory access operation (step ST20).
5). The control unit 53 accesses the memory 52 according to the memory access operation received from the control unit 38. Then, the control unit 53 of the virtual IC storage area server device 13
When the memory access is completed, a memory access acknowledgment is output to the control unit 38 of the mobile communication function unit 20 (step ST206), and the control unit 38 outputs a memory access acknowledgment to the control unit 48 of the IC 21 (step ST207).

The application program that defines the processing of the IC 21 is stored in the memory 37 of the portable communication function unit 20.
In the case where it is stored in the IC, as shown in FIG.
21 is a control unit 48 of the IC 21, an I / F unit 45, an IC
The memory 37 via the _I / F unit 36 and the control unit 38
Access to. In this case, the control unit 48
7 may be executed, or the control unit 38 may execute the application program. In this case, the control unit 48
May pass the access right to the application program stored in the memory 37 to the control unit 38, or may access the application program while mutually transmitting and receiving commands between the control unit 48 and the control unit 38. Is also good. Thus, the portable communication function unit 20 and the IC
According to 21, the I / F unit 45 and the IC_I / F unit 36
The communication between each other becomes possible by providing.

Hereinafter, an operation example of the communication system 1 shown in FIG. 1 will be described. [First operation example] Hereinafter, the virtual IC storage area server device 1
Operation of the communication system 1 in a case where processing relating to a service using the IC 21 is performed using the application program stored in the application program 3 and the service used by the user A is explicitly selected by the user A An example will be described.

FIG. 13 is a flowchart for explaining this. Hereinafter, each step shown in FIG. 13 will be described. Step ST1: The user A makes the mobile phone device 1 shown in FIG.
The operation unit 35 of the portable communication function unit 20 of FIG. 4 is operated, and in response to the operation, the control unit 38 shown in FIG. It is transmitted to the area server device 13.

Step ST2: Upon receiving the virtual storage area use request in step ST1, the virtual IC storage area server device 13 shown in FIG.
The SAM 51 generates an authentication request and transmits this to the mobile communication function unit 20.

Step ST3: When the portable communication function unit 20 shown in FIG. 8 receives the authentication request in step ST2, the control unit 38 generates an authentication request and sends the authentication request to the IC 21 via the IC_I / F unit 36. Send. I shown in FIG.
C21 transmits the authentication request from the mobile communication function unit 20 to the I / O
It is received by the F unit 45.

Step ST4: Controller 48 of IC 21
Performs mutual authentication with the virtual IC storage area server device 13 via the mobile communication function unit 20 in response to the authentication request received in step ST3.

Step ST5: When mutual validity is verified by the mutual authentication in step ST4, the control unit 53 of the virtual IC storage area server device 13 causes the display unit 34 of the portable communication function unit 20 to display the portable telephone device 14 Of the virtual storage area (contents of the service) corresponding to.

Step ST6: The user A performs step S
The service to be used is selected by operating the operation unit 35 based on the contents of the virtual storage area displayed at T5. Thereby, the control unit 38 of the mobile communication function unit 20 generates an application selection instruction for instructing to select an application program corresponding to the selected service, and transmits this to the virtual IC storage area server device 13.

Step ST7: Portable communication function unit 2
The 0 control unit 38 generates a virtual storage area use instruction, and transmits this to the IC 21 via the IC_I / F unit 36.
The IC 21 shown in FIG. 9 receives the virtual storage area use instruction from the portable communication function unit 20 at the I / F unit 45.

Step ST8: The user A positions the portable telephone device 14 at a position where the IC 21 and the IC_R / W device 11 can communicate wirelessly.

Step ST9: In response to the application selection instruction in step ST6 and the virtual storage area use instruction in step ST7, the IC 21 and the portable communication function unit 2 are executed.
0, the IC_R / W device 11 and the virtual IC storage area server device 13 perform mutual authentication.

Step ST10: When mutual validity is verified by the mutual authentication in step ST9, the virtual I shown in FIG.
The control unit 53 of the C storage area server device 13 executes step S
The application program specified by the application selection instruction received at T6 is read from the memory 52 and started to be executed.

Step ST11: The virtual IC storage area server device 13 executing the application program,
The IC_R / W device 11 performs processing related to a service in cooperation with each other while performing communication via the portable communication function unit 20 and the IC 21.

Step ST12: When the processing of step ST11 ends, the virtual IC storage area server device 13
The use history of the virtual IC storage area server device 13 and the use history of the service are displayed on the display unit 34 of the mobile communication function unit 20.

[Second Operation Example] Hereinafter, a case will be described in which processing relating to a service using the IC 21 is performed using an application program stored in the virtual IC storage area server device 13, and the IC_R / W device 11 An operation example of the communication system 1 when automatically instructing the virtual IC storage area server device 13 to select a service will be described. FIG.
FIG. 4 is a flowchart for explaining the operation example.

Step ST31: When the user A enters the IC 21
The mobile phone device 14 is located at a position where wireless communication between the mobile phone device and the IC_R / W device 11 is possible.

Step ST32: IC_R / W device 11
Transmits an application selection instruction for specifying an application program corresponding to a service performed using the IC_R / W device 11 to the IC 21. The IC 21 shown in FIG. 9 receives an application selection instruction from the IC_R / W device 11 via the antenna 49 shown in FIG.

Step ST33: The control unit 48 of the IC 21 shown in FIG. 9 searches whether or not the application program specified by the application selection instruction received in step ST32 is stored in the memory 46. Then, when determining that the application program is stored in the memory 46, the control unit 48 proceeds to the process of step ST34, and otherwise, proceeds to the process of step ST36.

Step ST34: If it is determined in step ST33 that the application program is stored in the memory 46, the IC 21 and the IC_R / W device 1
1 performs mutual authentication.

Step ST35: When mutual validity is verified by the mutual authentication in step ST34, the control unit 48 of the IC 21 shown in FIG. 9 reads out the application program from the memory 46 and executes it. This allows
While the IC 21 communicates with the IC_R / W device 11, the IC 21 and the IC_R / W device 11 cooperate to execute a process related to the service.

Step ST36: If it is determined in step ST33 that the application program is not stored in the memory 46, the IC 21 notifies the IC_R / W device 11 of no application via the antenna 49.

Step ST37: Also, the control section 48 of the IC 21 generates a virtual storage area use request, and sends this request to the I / F.
The data is transmitted to the portable communication function unit 20 via the unit 45.

Step ST38: The portable communication function unit 20 shown in FIG.
It is received by the C_I / F unit 36 and transmitted from the antenna 41 to the virtual IC storage area server device 13.

Step ST39: When the virtual IC storage area server device 13 shown in FIG. 3 receives the virtual storage area use request in step ST38, the SAM 51 generates an authentication request based on the control of the control unit 53, and The information is transmitted to the mobile communication function unit 20.

Step ST40: When the portable communication function section 20 shown in FIG. 8 receives the authentication request in step ST39, the control section 38 generates an authentication request and the IC_I / F section 3
The authentication request is transmitted to the IC 21 via the IC card 6. The IC 21 shown in FIG. 9 receives the authentication request from the mobile communication function unit 20 at the I / F unit 45.

Step ST41: control section 48 of IC 21
Performs mutual authentication with the virtual IC storage area server device 13 via the mobile communication function unit 20 in response to the authentication request received in step ST40.

Step ST42: When mutual validity is authenticated by the mutual authentication of step ST41, the control unit 53 of the virtual IC storage area server device 13 generates a virtual storage area use instruction, and transmits this to the portable communication function unit. 20.

Step ST43: Upon receiving the virtual storage area use instruction in step ST42, the control section 38 of the portable communication function section 20 transmits this to the IC 21 via the IC_I / F section 36. The IC 21 shown in FIG. 9 sends a virtual storage area use instruction from the portable communication function unit 20 to the I / F
It is received by the unit 45.

Step ST44: IC_R / W device 11
Transmits an application selection instruction for specifying an application program corresponding to a service performed using the IC_R / W device 11 to the virtual IC storage area server device 13 via the IC 21 and the portable communication function unit 20.

Step ST45: Via the IC 21 and the portable communication function unit 20, the IC_R / W device 11 and the virtual I
The C storage area server device 13 performs mutual authentication.

Step ST46: When mutual validity is verified by the mutual authentication in step ST9, the virtual I shown in FIG.
The control unit 53 of the C storage area server device 13 executes step S
The application program specified by the application selection instruction received at T44 is read from the memory 52 and started to be executed.

Step ST47: The virtual IC storage area server device 13 executing the application program,
The IC_R / W device 11 performs processing related to a service in cooperation with each other while performing communication via the portable communication function unit 20 and the IC 21.

Step ST48: When the processing of step ST47 ends, the virtual IC storage area server device 13
The use history of the virtual IC storage area server device 13 and the use history of the service are displayed on the display unit 34 of the mobile communication function unit 20.

[Third Operation Example] The virtual I shown in FIG.
An operation example of the communication system 1 when registering (securing) the IC virtual storage area 60a used by the IC 21 of the mobile phone device 14 in the storage area of the memory 52 of the C storage area server device 13 will be described. FIG. 15 is a flowchart for explaining the operation example. Step ST51: The user A operates the operation unit 35 of the mobile communication function unit 20 of the mobile phone device 14 shown in FIG. 8, and the control unit 38 shown in FIG. 8 generates a virtual storage area registration request in response to the operation. , This is the virtual IC storage area server device 1
Send to 3.

Step ST52: The control unit 53 of the virtual IC storage area server device 13 shown in FIG.
In response to the virtual storage area registration request received in step 1, a registration form (registration screen) is displayed on the display unit 34 of the mobile communication function unit 20 shown in FIG.

Step ST53: The user A enters the display unit 3
According to the registration form of 4, the user inputs his / her name, address, e-mail address and other information necessary for the registration.
The input information is transmitted to the virtual IC via the antenna 41.
It is transmitted to the storage area server device 13.

Step ST 54: The control unit 53 of the virtual IC storage area server device 13 issues an ID and a one-time password to the portable telephone device 14, and transmits this to the portable communication function unit 20.

Step ST55: Virtual IC Storage Area The control unit 53 of the server device 13 stores, for example, the IC virtual storage area 60a shown in FIG. Temporarily.

Step ST56 The portable communication function unit 20 receives the I
The IC virtual storage area 60a is accessed using D and the one-time password.

Step ST57: Portable communication function unit 20
Make a password change. The changed password is managed by the control unit 53.

Step ST 58: In the virtual IC storage area server device 13 shown in FIG. 3, the SAM 51 generates an authentication request under the control of the control unit 53, and transmits this to the portable communication function unit 20.

Step ST59: When the portable communication function section 20 shown in FIG. 8 receives the authentication request in step ST58, the control section 38 generates an authentication request and the IC_I / F section 3
The authentication request is transmitted to the IC 21 via the IC card 6. The IC 21 shown in FIG. 9 receives the authentication request from the mobile communication function unit 20 at the I / F unit 45.

Step ST60: Control section 48 of IC 21
Performs mutual authentication with the virtual IC storage area server device 13 via the mobile communication function unit 20 in response to the authentication request received in step ST59.

Step ST61: When mutual validity is verified in the mutual authentication in step ST60, the SAM 51 of the virtual IC storage area server device 13 receives the ID (individual data) of the IC 21 from the IC 21.

Step ST62: The SAM 51 of the virtual IC storage area server device 13 checks the ID of the IC 21 received in step ST61 and the ID issued in step ST54.
And the password received in step ST57 in FIG.
Is registered in association with the IC virtual storage area 60a shown in FIG.

Step ST63: The virtual IC storage area server device 13 notifies the portable communication function section 20 that the IC virtual storage area 60a has been allocated to the portable telephone device 14.

[Fourth Operation Example] Hereinafter, the case where the application program 65a is registered in the IC virtual storage area 60a allocated to the portable telephone device 14 in the third operation example described above in response to the operation of the user A An operation example will be described. FIG. 16 is a flowchart for explaining the operation example. Step ST71: The user A operates the operation unit 35 of the mobile communication function unit 20 of the mobile phone device 14 shown in FIG. 8, and in response to the operation, the control unit 38 shown in FIG. 8 generates an application registration request. To the virtual IC storage area server device 13.

Step ST72: When the virtual IC storage area server device 13 shown in FIG. 3 receives the application registration request in step ST71, the SAM 51 generates an authentication request based on the control of the control unit 53, and transmits this to the mobile communication. Transmit to the function unit 20.

Step ST73: When the portable communication function unit 20 shown in FIG. 8 receives the authentication request in step ST72, the control unit 38 generates an authentication request and the IC_I / F unit 3
The authentication request is transmitted to the IC 21 via the IC card 6. The IC 21 shown in FIG. 9 receives the authentication request from the mobile communication function unit 20 at the I / F unit 45.

Step ST74: Control section 48 of IC 21
Performs mutual authentication with the virtual IC storage area server device 13 via the mobile communication function unit 20 in response to the authentication request received in step ST73.

Step ST75: When mutual validity is verified by the mutual authentication in step ST74, the control unit 53 of the virtual IC storage area server device 13 informs the portable communication function unit 20 that the preparation for application registration is completed. Notice.

Step ST76: Portable communication function unit 20
Generates a relay instruction based on the notification in step ST75, and transmits this to the IC 21 via the IC_I / F unit 36. The IC 21 shown in FIG. 9 receives the relay instruction from the mobile communication function unit 20 at the I / F unit 45.

Step ST77: The user A enters the IC 21
The mobile phone device 14 is located at a position where wireless communication between the mobile phone device and the IC_R / W device 11 is possible.

Step ST78: Via the IC 21 and the portable communication function unit 20, the IC_R / W device 11 and the virtual I
The C storage area server device 13 performs mutual authentication.

Step ST79: When mutual validity is verified by the mutual authentication in step ST78, the virtual IC storage area server device 13 and the IC_R / W device 11 communicate with each other via the portable communication function unit 20 and the IC 21. While performing, the application program 65 cooperates with each other.
The registration processing of a is performed. Specifically, IC_R / W device 1
1 transmits the application program 65a to the virtual IC storage area server device 13, and writes the application program 65a to the memory 52 of the virtual IC storage area server device 13.

Step ST80: When the process of step ST79 is completed, the IC_R / W device 11 notifies the portable communication function unit 20 via the IC 21 that the application program registration process has been completed.

Step ST81: When the processing of step ST79 ends, the virtual IC storage area server device 13
The portable communication function unit 20 is notified that the registration processing of the application program has been completed. Thereby, the mobile communication function unit 20 ends the application program registration processing.

[Fifth Operation Example] Hereinafter, the IC_R / W device 11 automatically registers the application program 65a in the IC virtual storage area 60a allocated to the portable telephone device 14 in the above-described third operation example. An operation example in such a case will be described. FIG. 17 is a flowchart for explaining the operation example. Step ST91: The user A visits the store 30 and receives an IC
The mobile phone device 14 is located at a position where the _R / W device 11 and the IC 21 can perform wireless communication.

Step ST92: IC_R / W device 11
And the IC 21 perform mutual authentication.

Step ST93: When mutual validity is verified by mutual authentication in step ST92, an application registration request is transmitted from IC_R / W device 11 to IC21. The application registration request is received via the antenna 49 of the IC 21 shown in FIG.

Step ST94: The IC 21 transmits the application registration request received in step ST93 to the portable communication function unit 20 via the I / F unit 45 shown in FIG.

Steps ST95 to ST105: The processing of steps ST95 to ST105 shown in FIG. 17 is the same as the processing of steps ST71 to ST81 shown in FIG.

As described above, in the communication system 1, even if the storage capacity of the memory 46 of the IC 21 shown in FIGS. 1 and 9 is limited, the application program related to the service performed using the IC 21 is stored in the virtual IC storage. By storing and executing the area server device 13, various services can be provided even using the IC 21 having a relatively small memory. In this case, there is no need to download the application program from the virtual IC storage area server device 13 to the IC 21. That is, I
C21 can use the virtual IC storage area server device 13 on the network 18 as a virtual memory, and
1, a plurality of services provided by using a plurality of application programs can be provided. Further, according to the communication system 1, mutual authentication between the IC 21 and the virtual IC storage area server device 13 and the IC_R / W device 1
After performing mutual authentication between the virtual IC storage area server apparatus 1 and the virtual IC storage area server apparatus 13, the virtual IC storage area server apparatus 13 that executes the application program
In order to execute processing related to the service in cooperation with
So-called spoofing can be prevented.

The effects of the communication system 1 described above are realized by the configuration and operation of the IC 21 built in the portable telephone device 14 described above. Further, according to the IC 21 built in the mobile phone device 14, as shown in FIG.
By providing an I / F unit 45 for communicating with the portable communication function unit 20 in addition to the antenna 49 for communicating with the _R / W device 11, the portable communication function unit 20 and the IC 21 can mutually communicate with each other. It becomes possible to control. So, for example,
Under certain conditions, the mobile communication function unit 20 can disable the function of the IC 21 or the IC 21 can disable the function of the mobile communication function unit 20, and various controls can be realized from the viewpoint of service contents and security. .

Second Embodiment FIG. 18 is an overall configuration diagram of a communication system 101 according to this embodiment. As shown in FIG.
Has, for example, a gateway 10, an IC service providing device 112, a virtual IC storage area server device 113, and a mobile phone device 114. Mobile phone device 114 and virtual I
The communication with the C storage area server device 113 is performed via the wireless communication line 17 such as a mobile phone communication network, the gateway 10, and the network 18 such as the Internet.
Also, the gateway 10 and the IC service providing device 112
The virtual IC storage area server device 113 is connected to the network 18. As shown in FIG. 18, the communication system 101 differs from the communication system 1 shown in FIG. 1 in that an IC service providing apparatus 112 is connected to the network 18. In the communication system 101, after the mobile phone device 114 and the IC service providing device 112 communicate with each other, the virtual IC storage area server device 13 that executes the application program and the IC service providing device 12 communicate with each other via the network 18 to communicate with each other. IC in cooperation with
The processing related to 121 is executed. This embodiment is the seventh to
This is an embodiment corresponding to the twelfth invention. The IC service providing device 112 corresponds to the seventh and eighth communication devices of the present invention, the ninth invention communication device, and the eleventh and second invention communication second devices. Further, the mobile phone device 114 corresponds to the first communication device of the seventh to twelfth inventions. Also, the virtual IC storage area server device 113
Correspond to the third communication device of the seventh and eighth inventions, the second communication device of the ninth and tenth inventions, and the communication device of the eleventh invention, respectively.

The components shown in FIG. 18 will be described below. [IC Service Providing Apparatus 112] FIG. 19 is a functional block diagram of the IC service providing apparatus 112 shown in FIG. As shown in FIG. 19, the IC service providing device 112
Has, for example, an I / F unit 131, an authentication unit 132, and a control unit 133. The I / F unit 131 is connected to the network 18 shown in FIG. 18, and sends and receives requests and data via the network 18. Authentication unit 132
Performs mutual authentication with the virtual IC storage area server device 113. The control unit 133 controls the IC service providing apparatus 11
2 is controlled in a unified manner.

[Virtual IC Storage Area Server Device 113] The virtual IC storage area server device 113
4 functions as a virtual memory of the IC 121,
And executes the application program in response to an instruction from the IC 21. In response to the execution of the application program, the virtual IC storage area server apparatus 113 communicates with the IC service providing apparatus 112 via the network 18 without passing through the mobile phone apparatus 114, and executes services in cooperation with each other. I do.

FIG. 20 is a functional block diagram of the virtual IC storage area server device 113 shown in FIG. As illustrated in FIG. 20, the virtual IC storage area server device 113 includes, for example, a SAM 151, a memory 152, a control unit 153, and an I / F unit 154.

The SAM 151 is a tamper-resistant hardware or software module. SAM1
Reference numeral 51 denotes mutual authentication with the IC 121, mutual authentication with the IC service providing apparatus 112, encryption of an application program registered (written) in the memory 152,
In addition, it decrypts the application program read from the memory 152 and the like.

The memory 152 is used as a virtual memory of the IC 121, and stores an application program related to a service using the IC 121. Memory 152
Has IC virtual storage areas 60a, 60b, 60c,... Allocated in advance to each user (mobile phone device) by a registration process described later, as shown in FIG. For example, the IC virtual storage area 60a is allocated to the user A of the mobile phone device 14, the IC virtual storage area 60b is allocated to the user B, and the IC virtual storage area 60c is allocated to the user C.
Assigned to. The IC virtual storage area 60a
For example, as shown in FIG. 6, application programs 65a, 65b, 65c registered by an application program registration process described later are stored. Application programs 65a, 65b, 6
5c is a program that defines processing relating to a service provided using the IC 21.

The control unit 153 controls the processing of the virtual IC storage area server device 113 in an integrated manner. Control unit 153
Executes the application program read from the memory 152, for example. The control unit 153 manages application programs stored in the memory 152. Specifically, the memory control unit 75 performs, for example, allocation of the IC virtual storage area 60a to the mobile phone device 114, registration of the application programs 65a, 65b, and 65c to the IC virtual storage area 60a.

[Portable Telephone Device 114] As shown in FIG. 18, the portable telephone device 114 has a portable communication function unit 120 and an IC 121. The portable communication function unit 120 is configured as shown in FIG.
It has the same configuration as the portable communication function unit 20 of the first embodiment described with reference to FIG.

The IC 121 has internal processing and data,
And a tamper-resistant integrated circuit capable of monitoring and preventing tampering of data exchanged with the outside, and performing processes related to various predetermined services provided by using the IC service providing apparatus 112. . FIG.
FIG. 9 is a functional block diagram of the IC 121 shown in FIG. As shown in FIG. 21, the IC 121 includes, for example, an I / F unit 145,
It has a memory 146 and a control unit 148. I / F part 1
An interface 45 transmits and receives data to and from the portable communication function unit 120 shown in FIG. 18 by a wired method or a wireless method. The memory 146 stores data and programs necessary for the processing of the control unit 148. Note that the memory 146 may store an application program used for a part of various services provided by using the IC 21. The control unit 148 controls I
The control unit 3 shown in FIG.
8, a command is transmitted and received, and a predetermined control is performed while cooperating.

Hereinafter, an operation example of the communication system 101 shown in FIG. 18 will be described. [First operation example] Hereinafter, the virtual IC storage area server device 1
Communication system 101 in a case where a process related to a service using the IC 121 is performed using the application program stored in the user 13 and a service used by the user A is explicitly selected by the user A
An operation example will be described.

FIG. 22 is a flowchart for explaining this. Hereinafter, each step shown in FIG. 22 will be described. Step ST301: The user A operates the operation unit 35 shown in FIG. 8 of the mobile communication function unit 120 of the mobile phone device 114, and in response to the operation, the control unit 38 shown in FIG. And network 1
8 to access the IC service providing apparatus 112.

Step ST302: The user A operates the operation unit 3
5 is operated, and in response to the operation, the control unit 38 transmits to the IC service providing apparatus 112 a use service selection instruction for selecting and using a service to be used.

Step ST303: The control unit 133 of the IC service providing apparatus 112 shown in FIG.
An application selection instruction that specifies an application program corresponding to the use service selection instruction received in 302 is generated, and transmitted to the mobile communication function unit 120 of the mobile phone device 114.

Step ST304: Virtual I shown in FIG.
Control unit 153 of C storage area server apparatus 113 generates a virtual storage area use request in response to the application selection instruction received in step ST303, and transmits the request to virtual IC storage area server apparatus 113 via network 18. .

Step ST305: Virtual I shown in FIG.
When the C storage area server device 113 receives the virtual storage area use request in step ST304, the SAM 151 generates an authentication request based on the control of the control unit 153, and transmits this to the portable communication function unit 120.

Step ST306: Portable communication function section 12
If the authentication request is received in step ST305, the control unit 38 generates an authentication request and transmits the authentication request to the IC 121 via the IC_I / F unit 36. The IC 121 shown in FIG. 21 receives the authentication request from the mobile communication function unit 120 at the I / F unit 145.

Step ST307: The control section 148 of the IC 121 performs mutual authentication with the virtual IC storage area server device 113 via the portable communication function section 120 in response to the authentication request received in step ST306.

Step ST308: Step ST307
When mutual validity is authenticated by the mutual authentication, the control unit 153 of the virtual IC storage area server device 113 causes the display unit 34 of the mobile communication function unit 120 to display the contents of the virtual storage area corresponding to the mobile phone device 114 ( Service content).

Step ST309: The user A selects a service to be used by operating the operation unit 35 based on the contents of the virtual storage area displayed in step ST308. As a result, the control unit 38 of the mobile communication function unit 120 generates an application selection instruction to instruct to select an application program corresponding to the selected service, and transmits the generated application selection instruction to the virtual IC storage area server device 1
13 is transmitted.

Step ST310: Step ST309
In response to the application selection instruction, the IC service providing apparatus 112 and the virtual IC storage area server apparatus 113 perform mutual authentication via the network 18.

Step ST311: Step ST310
When mutual validity is authenticated by mutual authentication, the control unit 153 of the virtual IC storage area server device 113 shown in FIG.
Reads the application program specified by the application selection instruction received in step ST309 from the memory 152 and starts execution.

Step ST312: Virtual IC storage area server device 113 executing application program
And the IC service providing apparatus 112 are connected to the network 1
8 to perform processing related to the service while communicating with each other.

Step ST313: Step ST312
Is completed, the IC service providing apparatus 112
The portable communication function unit 120 is notified of the end of the application processing.

Step ST314: Step ST312
Is completed, the virtual IC storage area server device 11
3 is a usage history of the virtual IC storage area server device 113,
In addition, the use history of the service is displayed on the display unit 34 of the mobile communication function unit 120.

[Second Operation Example] Hereinafter, a case will be described in which processing relating to a service using the IC 121 is performed using an application program stored in the virtual IC storage area server device 113. An operation example of the communication system 1 in a case where a service provided by itself is automatically instructed to the virtual IC storage area server device 113 will be described. FIG. 23 is a flowchart for explaining the operation example.

Step ST320: The user A operates the operation unit 35 shown in FIG. 8 of the portable communication function unit 120 of the portable telephone device 114, and according to the operation, the control unit 3 shown in FIG.
8 accesses the IC service providing apparatus 112 via the wireless communication line 17, the gateway 10, and the network 18.

Step ST321: User A operates operation unit 3
5 is operated, and in response to the operation, the control unit 38 transmits to the IC service providing apparatus 112 a use service selection instruction for selecting and using a service to be used.

Step ST322: The control unit 133 of the IC service providing apparatus 112 shown in FIG.
An application selection instruction that specifies an application program corresponding to the use service selection instruction received in 302 is generated, and transmitted to the mobile communication function unit 120 of the mobile phone device 114.

Step ST323: Portable communication function unit 12
0 transmits to the IC 121 an application program search instruction indicated by the application selection instruction received in step ST322. The search instruction is received by I / F section 145 shown in FIG.

Step ST324: IC1 shown in FIG.
The control unit 148 of 21 searches whether or not the application program targeted for the search instruction in step ST323 is stored in the memory 146. Then, when determining that the application program is stored in memory 146, control unit 148 proceeds to the process of step ST325, and otherwise, proceeds to the process of step ST328.

Step ST325: Step ST324
When it is determined that the application program is stored in the memory 146, the IC 121 and the I
The C service providing apparatus 112 performs mutual authentication.

Step ST326: Step ST325
Fig. 2
1 executes the application program read from the memory 146 and executes the IC 121
And the IC service providing apparatus 112 cooperate with each other to perform processing related to the service.

Step ST327: Step ST326
Is completed, the control unit 133 of the IC service providing apparatus 112 shown in FIG. 19 generates an application end notification, and transmits this to the portable communication function unit 120 of the portable telephone device 114.

Step ST328: Step ST324
When it is determined that the application program is not stored in the memory 146 in the search for
The fourteen mobile communication function units 120 generate a virtual storage area use request and transmit it to the virtual IC storage area server device 113.

Step ST329: Virtual I shown in FIG.
Upon receiving the virtual storage area use request in step ST328, C storage area server device 113 causes SAM 151 to generate an authentication request based on the control of control section 153, and transmits this to portable communication function section 120.

Step ST330: Portable communication function unit 12
When the authentication request is received in step ST329, the control unit 38 generates an authentication request and transmits the authentication request to the IC 121 via the IC_I / F unit 36. The IC 121 shown in FIG. 21 receives the authentication request from the mobile communication function unit 120 at the I / F unit 145.

Step ST331: The control section 148 of the IC 121 performs mutual authentication with the virtual IC storage area server device 113 via the portable communication function section 120 in response to the authentication request received in step ST330.

Step ST332: Step ST331
When mutual validity is authenticated by the mutual authentication, the control unit 153 of the virtual IC storage area server device 113 causes the display unit 34 of the mobile communication function unit 120 to display the contents of the virtual storage area corresponding to the mobile phone device 114 ( Service content).

Step ST333: The user A operates the operation unit 35 to select a service to be used based on the contents of the virtual storage area displayed in step ST332. As a result, the control unit 38 of the mobile communication function unit 120 generates an application selection instruction to instruct to select an application program corresponding to the selected service, and transmits the generated application selection instruction to the virtual IC storage area server device 1
13 is transmitted.

Step ST334: Step ST333
In response to the application selection instruction, the IC service providing apparatus 112 and the virtual IC storage area server apparatus 113 perform mutual authentication via the network 18.

Step ST335: Step ST334
When mutual validity is authenticated by mutual authentication, the control unit 153 of the virtual IC storage area server device 113 shown in FIG.
Reads the application program specified by the application selection instruction received in step ST333 from the memory 152 and starts execution.

Step ST336: The IC service providing apparatus 112 and the virtual IC storage area server apparatus 113 communicate with each other according to the execution of the application program, and perform processing related to the service in cooperation with each other.

Step ST337: Step ST336
Is completed, the IC service providing apparatus 112
The portable communication function unit 120 is notified of the end of the application processing.

Step ST338: Step ST336
Is completed, the virtual IC storage area server device 11
3 is a usage history of the virtual IC storage area server device 113,
In addition, the use history of the service is displayed on the display unit 34 of the mobile communication function unit 120.

[Third Operation Example] A case where the IC virtual storage area 60a used by the IC 121 of the mobile phone 114 is registered (secured) in the storage area of the memory 152 of the virtual IC storage area server 113 shown in FIG. Communication system 10
The operation example 1 is basically the same as the case shown in FIG. 15 except that communication is performed between the IC 121, the portable communication function unit 120, and the virtual IC storage area server device 113.

[Fourth Operation Example] Hereinafter, in the case where the application program 65a is registered in the IC virtual storage area 60a allocated to the portable telephone device 114 in the third operation example described above, the portable communication function unit 120 An operation example in the case where the free area of the virtual storage area 60a is not checked will be described. FIG. 24 is a flowchart for explaining the operation example. Step ST341: The user A operates the operation unit 35 shown in FIG. 8 of the mobile communication function unit 120 of the mobile phone device 114, and in response to the operation, the control unit 38 shown in FIG. 8 generates an application program registration request. , This is IC
This is transmitted to the service providing device 112.

Step ST342: Upon receiving the application registration request in step ST341, the IC service providing apparatus 112 displays the registration format of the application program on the display unit 34 of the portable communication function unit 120 shown in FIG.

Step ST343: The user A operates the operation unit 35 shown in FIG. 8 of the portable communication function unit 120 of the portable telephone device 114 to input information necessary for registering an application program. The information is transmitted to the IC service providing apparatus 112.

Step ST344: IC service providing apparatus 112 inquires of portable communication function section 120 about the registration destination of the application program.

Step ST345: Portable communication function unit 12
0 designates the registration destination designation indicating the virtual IC storage area server device 113 (the IC virtual storage area 60a as necessary) for registering the application program in response to the inquiry received in step ST344.
12 is transmitted.

Step ST346: Mobile phone device 114
The mobile communication function unit 120 generates an application registration request for requesting the virtual IC storage area server device 113 to register an application program, and transmits the application registration request to the virtual IC storage area server device 113.

Step ST347: Virtual I shown in FIG.
Upon receiving the application registration request in step ST346, C storage area server device 113 controls section 153.
SAM 151 generates an authentication request based on the control of
This is transmitted to the portable communication function unit 120.

Step ST348: Portable communication function section 12
0, upon receiving the authentication request in step ST347, the control unit 38 generates an authentication request and transmits the authentication request to the IC 121 via the IC_I / F unit 36. The IC 121 shown in FIG. 21 receives the authentication request from the mobile communication function unit 120 at the I / F unit 145.

Step ST349: The control section 148 of the IC 121 performs mutual authentication with the virtual IC storage area server device 113 via the portable communication function section 120 in response to the authentication request received in step ST348.

Step ST350: Step ST349
When the mutual validity is verified by the mutual authentication, the control unit 153 of the virtual IC storage area server device 113 notifies the portable communication function unit 12 that the preparation for application registration is completed.
Notify 0.

Step ST351: Portable communication function section 12
0 generates a registration start request for requesting to start registration of an application program based on the notification of step ST350, and transmits this to the IC service providing apparatus 112.

Step ST352: The IC service providing apparatus 112 and the virtual IC storage area server apparatus 113 perform mutual authentication.

Step ST353: Step ST352
When the mutual authenticity is verified by the mutual authentication, the IC service providing apparatus 112 and the virtual IC storage area server apparatus 113
Communicates with the application program 6
The registration processing of 5a is performed. Specifically, the application program 65a is transmitted from the IC service providing apparatus 112 to the virtual IC storage area server
The application program 65a is written to the memory 152 of the storage area server device 113.

Step ST354: Step ST353
Is completed, the IC service providing apparatus 112
The mobile communication function unit 120 is notified via the IC 121 that the registration processing of the application program has been completed.

Step ST355: Step ST353
Is completed, the virtual IC storage area server device 11
3 notifies the portable communication function unit 120 that the registration processing of the application program has been completed. Thereby, the portable communication function unit 120 ends the application program registration processing.

[Fifth Operation Example] Hereinafter, in the case where the application program 65a is registered in the IC virtual storage area 60a allocated to the portable telephone device 114 in the above-described third operation example, the portable communication function unit 120 An operation example in the case of confirming a free area of the virtual storage area 60a will be described. FIG. 25 is a flowchart for explaining the operation example. Steps ST361 to ST3 shown in FIG.
63 represents steps ST341 to ST343 shown in FIG.
This is the same processing as. Step ST3 shown in FIG.
The processing of 68 to ST377 is performed in step ST shown in FIG.
The processing is the same as the processing of 346 to ST355. FIG.
In the process shown in FIG. 5, the IC service providing apparatus 112 sends a registration destination inquiry to the portable communication function unit 12 together with the memory capacity necessary for storing the application program to be registered.
0 (step ST364). Next, portable communication function section 120 searches whether or not there is a necessary free area in IC virtual storage area 60a of virtual IC storage area server device 113 (step ST365). If there is no free area, portable communication function section 120 notifies IC service providing apparatus 112 that there is no free area (step ST366). On the other hand, if there is an empty area, the mobile communication function unit 120 sends the virtual IC storage area server device 1
13, an application registration request is issued (step ST368), and at the same time, the registration destination designation indicating the virtual IC storage area server device 113 is transmitted from the portable communication function unit 120 to the IC service providing device 112 (step ST3)
67).

As described above, the communication system 101
Now, the memory 1 of the IC 121 shown in FIGS.
Even if the storage capacity of the storage device 46 is limited, an application program related to a service performed using the IC 121 is stored in the virtual IC storage area
By executing the C storage area server device 113, various services can be provided by using the IC 121 having a relatively small memory. Further, in this case, since communication based on the application program is performed between the IC service providing apparatus 112 and the virtual IC storage area server apparatus 113, the application program is downloaded from the virtual IC storage area server apparatus 113 to the IC 121. No need. That is, a plurality of services provided by using a plurality of application programs can be provided by using a single IC 121. Communication system 1
According to No. 01, after performing mutual authentication between the IC 121 and the virtual IC storage area server device 113 and between the IC service providing apparatus 112 and the virtual IC storage area server device 113, the application program is executed. Since the virtual IC storage area server device 113 and the IC service providing device 112 execute processing related to the service in cooperation with each other, so-called spoofing can be prevented.

The effects of the communication system 101 described above are realized by the configuration and operation of the IC 121 built in the portable telephone device 114 described above. According to the IC 121 built in the mobile phone device 114, as shown in FIG. 21, the I / F unit 145 for communicating with the mobile communication function unit 120 is provided, so that the mobile communication function unit 120 and the IC 1
21 can mutually control the other party. Therefore, for example, under a certain condition, the portable communication function unit 120 disables the function of the IC 121,
1 can invalidate the function of the mobile communication function unit 120, and various controls can be realized from the viewpoint of service contents and security.

The present invention is not limited to the above embodiment. In the above-described embodiment, the mobile phone devices 14 and 114 are used.
The case where the ICs 21 and 121 are built in the
A fixed-line telephone connected by a wire, a portable information terminal that is a small information device (Personal Digital Assistant)
The present invention is also applicable to a case where the ICs 21 and 121 are incorporated in a device having a function of connecting to a network by any of wired or wireless methods, such as a clock, a clock, and a computer. In addition, IC21,12
1 may be incorporated in the communication device in any form that is detachable or non-detachable, and ICs 21 and 121
An external storage medium such as an IC card having a built-in memory card or a memory card may be configured to be detachable from a mobile phone device, a portable information terminal, a computer, or the like.

[0175]

As described above, according to the present invention,
It is possible to provide a communication method and system, a communication apparatus, a processing apparatus, and a method that can provide various services using a single integrated circuit without being limited by the storage capacity of a memory built in the integrated circuit. .

[Brief description of the drawings]

FIG. 1 is an overall configuration diagram of a communication system according to a first embodiment of the present invention.

FIG. 2 is a diagram for explaining an outline of an operation example of the communication system shown in FIG. 1;

FIG. 3 is a functional block diagram of a virtual IC storage area server device shown in FIG. 1;

FIG. 4 is a functional block diagram of the SAM shown in FIG. 3;

FIG. 5 is a diagram for explaining a storage area of a memory 52 shown in FIG. 3;

FIG. 6 is a diagram for explaining an application program stored in an IC virtual storage area shown in FIG. 5;

FIG. 7 is a functional block diagram of a control unit shown in FIG. 3;

FIG. 8 is a functional block diagram of a portable communication function unit of the portable telephone device shown in FIG. 1;

FIG. 9 is a functional block diagram of an IC of the mobile phone device shown in FIG. 1;

FIG. 10 is a diagram for explaining a case where the IC shown in FIG. 1 uses a memory of a virtual IC storage area server device.

FIG. 11 is a diagram for explaining a control flow in the case shown in FIG. 10;

FIG. 12 is a diagram for explaining a case where the IC shown in FIG. 1 uses a memory of a portable communication function unit.

13 illustrates a case where a process related to a service using an IC is performed using an application program stored in the virtual IC storage area server device illustrated in FIG. 1; It is a flowchart for demonstrating the operation example of the communication system when the service to be used is explicitly selected.

FIG. 14 is a diagram illustrating a case where a process related to a service using an IC is performed using an application program stored in the virtual IC storage area server device illustrated in FIG. 1, and an IC_R / W device selects the process; 9 is a flowchart illustrating an operation example of a communication system when a service is automatically instructed to a virtual IC storage area server device.

15 is an operation example of a communication system in a case where an IC virtual storage area used by an IC of a mobile phone device is registered (secured) in a storage area of a memory of a virtual IC storage area server device shown in FIG. 3; It is a flowchart for explaining.

FIG. 16 is a flowchart for explaining an operation example when an application program is registered in the IC virtual storage area allocated to the mobile phone device in the third operation example in response to an operation of a user A; It is.

FIG. 17 shows an IC virtual storage area allocated to the mobile phone device 14 in the third operation example described above.
9 is a flowchart for explaining an operation example when an IC_R / W device automatically registers an application program.

FIG. 18 is an overall configuration diagram of a communication system according to a second embodiment of the present invention.

FIG. 19 is a functional block diagram of the IC service providing apparatus shown in FIG. 18;

FIG. 20 is a functional block diagram of the virtual IC storage area server device shown in FIG. 18;

FIG. 21 is a functional block diagram of the IC shown in FIG. 18;

22 illustrates a case where a process related to a service using an IC is performed using an application program stored in the virtual IC storage area server device illustrated in FIG. 18; It is a flowchart for demonstrating the operation example of the communication system when the service to be used is explicitly selected.

FIG. 23 is a diagram illustrating a case where a service related to a service using an IC is performed using an application program stored in the virtual IC storage area server device illustrated in FIG. 9 is a flowchart illustrating an operation example of a communication system when automatically providing a service to be provided to a virtual IC storage area server device.

FIG. 24 is a diagram illustrating a case where an application program is registered in the IC virtual storage area allocated to the mobile phone device according to the third embodiment, and the mobile communication function unit does not check a free area of the IC virtual storage area; It is a flowchart for demonstrating the operation example in the case.

FIG. 25 is a diagram illustrating a case where the application program is registered in the IC virtual storage area allocated to the mobile phone device in the third operation example, and the mobile communication function unit checks a free area of the IC virtual storage area; It is a flowchart for demonstrating the operation example in the case.

[Explanation of symbols]

DESCRIPTION OF SYMBOLS 1 ... Communication system, 10 ... Gateway, 11 ... IC_
R / W device, 12: IC service providing device, 13: Virtual IC storage area server device, 14: Mobile phone device, 17 ...
Wireless communication line, 18 network, 20 mobile communication function unit, 21 IC, 31 voice input / output unit, 32 A / D
D / A conversion unit, 33 DSP, display unit, 35
Operation unit, 36 IC_I / F unit, 37 memory, 38
Control unit, 39: baseband processing unit, 40: radio unit, 4
DESCRIPTION OF SYMBOLS 1 ... Antenna, 45 ... I / F part, 46 ... Memory, 47 ...
Analog section, 48 control section, 49 antenna, 51 S
AM, 52: memory, 53: control unit, 54: I / F unit,
61: authentication unit, 62: encryption / decryption unit, 63: IC control unit, 64: IC-related processing unit, 60a, 60b, 60c ...
IC virtual storage area, 65a, 65b, 65c: application program, 71: portal unit, 72: user I / F unit, 73: AP execution unit, 74: SAM control unit, 7
5: memory control unit, 101: communication system, 112: I
C service providing device, 113: virtual IC storage area server device, 114: portable telephone device, 120: portable communication function unit, 121: IC, 145: I / F unit, 146: memory, 147: analog unit, 148: control Department

 ──────────────────────────────────────────────────続 き Continuing on the front page (72) Inventor Akira Fukada 6-7-35 Kita-Shinagawa, Shinagawa-ku, Tokyo Inside Sony Corporation (72) Inventor Nao Morita 6-7-35 Kita-Shinagawa, Shinagawa-ku, Tokyo Sony Corporation F term (reference) 5K101 KK02 KK16 KK17 LL12 MM07 NN18 NN21 PP03 PP04 SS07

Claims (30)

[Claims] 1. A communication system for transmitting and receiving data between a first communication device having an integrated circuit and a communication circuit and a processing device used for a service related to the integrated circuit and performing communication using the first communication device. The method, wherein the integrated circuit transmits, via the communication circuit, a use request of the program to a second communication device that stores and executes a program that defines processing related to the service, The second communication device executes a program related to the use request when the use request is authenticated, and performs communication between the processing device and the second communication device via the communication circuit. While the integrated circuit relays, the processing device and the second communication device cooperate with each other to execute a process related to the service in accordance with the execution of the program by the second communication device. Cormorant communication method. 2. The program according to claim 1, wherein the second communication device stores the program related to the first communication device in a storage region allocated in advance to the first communication device among storage regions in the second communication device. The communication method according to claim 1, wherein the information is stored. 3. The communication device according to claim 1, wherein the first communication device transmits the use request indicating use of the storage area allocated to the first communication device in advance to the second communication device. The communication method described. 4. A program selection for specifying a program to be selectively used from the first communication device to the second communication device after the integrated circuit transmits the use request to the second communication device. The instruction is transmitted, and the second communication device reads and executes the program specified by the program selection instruction.
Communication method described in. 5. A program selection instruction for specifying the program to be selectively used from the processing device to the integrated circuit, and the use request is transmitted from the integrated circuit to the second communication device together with the program selection instruction. The communication method according to claim 1, wherein the second communication device selects and executes a program specified by the program selection instruction. 6. When the integrated circuit receives the use permission instruction, the integrated circuit performs mutual authentication between the processing device and the second communication device, and after authenticating each other's validity by the mutual authentication, 2. The communication method according to claim 1, wherein the processing device and the second communication device communicate with each other via the integrated circuit and the communication circuit to perform a process related to the service in cooperation with each other. 7. A method of allocating a part or all of a storage area in the second communication device from the first communication device to the second communication device for use of the first communication device. The communication method according to claim 1, wherein the second communication device allocates a storage area to the first communication device in response to the storage area allocation request. 8. After authenticating each other's validity between the integrated circuit and the second communication device, the integrated circuit sends the unique information of the integrated circuit to the second communication device via the communication circuit. The communication method according to claim 1, wherein data is transmitted, and the second communication device manages the unique data in association with the storage area allocated to the first communication device. 9. The first communication device is a portable communication device, the communication circuit is a wireless communication circuit performing communication using a wireless communication network, and the second communication device is connected to a network. 2. The communication method according to claim 1, wherein the integrated circuit communicates with the communication circuit, the wireless communication network, and the second communication device via the network. 3. 10. The integrated circuit has a first interface for transmitting and receiving data to and from the processing device, and a second interface for transmitting and receiving data to and from the communication circuit. Communication method described in. 11. The communication method according to claim 1, wherein the integrated circuit is a tamper-resistant circuit. 12. A first communication device having an integrated circuit and a communication circuit, a processing device that exchanges data with the integrated circuit and is used for a service related to the integrated circuit, and a process related to the service. A communication system comprising: a second communication device that stores and executes a specified program, wherein the integrated circuit transmits a use request of the program to the second communication device via the communication circuit. When the second communication device authenticates that the use request is valid, the second communication device executes a program related to the use request, and the processing device and the second communication device via the communication circuit The processing device and the second communication device cooperate with each other in response to the execution of the program by the second communication device while the integrated circuit relays communication between the devices. Communication system that performs processing related to bis. 13. A communication device for transmitting and receiving data between another communication device having an integrated circuit and a communication circuit, and communicating with a processing device used for a service related to the integrated circuit. A storage unit that stores a program that defines processing related to the service; a receiving unit that receives a program use request from the integrated circuit via the communication circuit; and authenticates whether the use request is valid. An authentication unit, when the use request is authenticated, reads a program that defines processing related to the service from the storage unit, and executes the read program;
Depending on the execution of the program, while communicating with the processing device via the communication circuit and the integrated circuit,
A communication device having control means for performing processing related to the service in cooperation with the processing device. 14. The communication device according to claim 13, wherein the program related to the communication device is stored in a storage region allocated to the communication device in advance in a storage region of the storage unit. 15. The receiving means receives from the other communication device the use request indicating that the storage area allocated in advance to the another communication device is to be used, and the control means includes: 14. The communication device according to claim 13, wherein, when authenticating is valid, the communication device transmits the use permission instruction indicating that use of the storage area by the other communication device is permitted to the integrated circuit. 16. The receiving means receives a storage area allocation request requesting that part or all of the storage area of the storage means be allocated for use by the other communication device. 14. The communication apparatus according to claim 13, wherein a storage area is allocated to said another communication apparatus in response to said storage area allocation request. 17. The receiving means receives the unique data of the integrated circuit from the integrated circuit via the communication circuit after the authentication means has verified mutual validity with the integrated circuit, 14. The communication device according to claim 13, wherein the control unit manages the unique data in association with the storage area allocated to the another communication device. 18. The other communication device is a portable communication device, the communication circuit is a wireless communication circuit that performs communication using a wireless communication network, and the transmitting unit and the receiving unit are a network, 14. The communication device according to claim 13, wherein the request and the data are exchanged via a network. 19. A communication method for transmitting and receiving data between a communication device having an integrated circuit and a communication circuit, and communicating with a processing device used for a service related to the integrated circuit, Receiving a use request of the program from the integrated circuit via a communication circuit, reading the application program related to the use request from the storage unit when the use request is authenticated, and executing the read program; According to the execution of the program, while communicating with the processing device via the communication circuit and the integrated circuit,
A communication method for performing processing relating to the service in cooperation with the processing device. 20. A processing device for transmitting and receiving data to and from a first communication device having an integrated circuit and a communication circuit and used for a service related to the integrated circuit, wherein a program defining processing related to the service is stored and stored. The second communication device to be executed and the integrated circuit perform mutual authentication via the communication circuit, and after the mutual authentication verifies the validity of each other, relay the integrated circuit to execute the program. A processing device that performs processing related to the service in cooperation with the second communication device while performing communication with the second communication device. 21. A processing method for transmitting and receiving data to and from a first communication device having an integrated circuit and a communication circuit and used for a service related to the integrated circuit, wherein a program defining processing related to the service is stored and stored. The second communication device to be executed and the integrated circuit perform mutual authentication via the communication circuit, and after the mutual authentication verifies the validity of each other, relay the integrated circuit to execute the program. A processing method for performing processing related to the service in cooperation with the second communication device while performing communication with the second communication device. 22. A first communication device having an integrated circuit and a communication circuit, a second communication device used for a service related to the integrated circuit, and storage and execution of a program defining processing related to the service. A communication method for performing communication using a third communication device, wherein the integrated circuit transmits a use request of the program from the integrated circuit to the third communication device via the communication circuit. 3 performs mutual authentication with the third communication device via the communication circuit, and when the integrated circuit and the third communication device are mutually authenticated by the mutual authentication, the second communication is performed. When the device and the third communication device perform mutual authentication, and the second communication device and the third communication device authenticate each other's validity by the mutual authentication, the third communication device Required A communication method for executing the program related to the request, and in response to the execution of the program, the second communication device and the third communication device communicate and perform a process related to the service in cooperation with each other. . 23. A program selection instruction for instructing a program to be selected and used from the second communication device to the first communication device, wherein the first communication device receives the program selection instruction based on the program selection instruction. 23. The device according to claim 22, further comprising: transmitting a program selection instruction to the third communication device, wherein the third communication device executes the program specified by the program selection instruction received from the first communication device. Communication method. 24. A program selection instruction for instructing a program to be selectively used from the second communication device to the first communication device, wherein the integrated circuit responds to the program selection instruction by It is determined whether or not a program used for a service performed using the second communication device is stored. If the integrated circuit determines that the program is stored, the integrated circuit executes the program. In response to the execution of the program, the integrated circuit and the second communication device cooperate with each other via the communication circuit to perform processing related to the service, and the integrated circuit does not store the program. When it is determined, the first communication device transmits a program selection instruction to the third communication device, and the third communication device receives the program selection instruction from the first communication device. 23. The program according to claim 22, wherein the program specified by the program selection instruction is executed, and in response to the execution of the program, the second communication device and the third communication device cooperate to perform a process related to the service. Communication method. 25. The first communication device is a portable communication device, the communication circuit is a wireless communication circuit for performing communication using a wireless communication network, the second communication device and the third communication device. A communication device connected to a network, wherein the integrated circuit communicates with the second communication device and the third communication device via the communication circuit, the wireless communication network, and the network, 23. The communication method according to claim 22, wherein the second communication device and the third communication device perform communication via the network. 26. A first communication device having an integrated circuit and a communication circuit, a second communication device used for a service related to the integrated circuit, and storing and executing a program that defines processing related to the service. A communication system having a third communication device, wherein the integrated circuit transmits a request to use the program from the integrated circuit to the third communication device via the communication circuit, and the integrated circuit and the third communication device And mutual authentication is performed between the second communication device and the third communication device when the mutual authentication authenticates the mutual validity of the integrated circuit and the third communication device. And the third communication device performs mutual authentication. When the second communication device and the third communication device authenticate each other's validity by the mutual authentication, the third communication device responds to the use request. Run the Waru the program, a communication system in accordance with the execution of the program, performs processing with the second communication apparatus and the third communication apparatus according to the in cooperation with each other by communicating services. 27. A first communication device having an integrated circuit and a communication circuit communicates with a second communication device for storing and executing a program defining processing related to the service, and a service related to the integrated circuit is provided. An authentication means for performing mutual authentication with the second communication device after mutual validity between the integrated circuit and the second communication device has been authenticated by mutual authentication; and After the mutual validity between the second communication device and the second communication device is authenticated by the mutual authentication by the authentication unit, the communication is performed with the second communication device that executes the program to cooperate with each other, and A communication device having control means for performing processing relating to a service. 28. A communication system comprising: a first communication device having an integrated circuit and a communication circuit; and a second communication device for storing and executing a program defining processing related to the service provided by using the integrated circuit. A mutual authentication between the integrated circuit and the second communication device after mutual authentication is performed by mutual authentication, and then performing mutual authentication with the second communication device. After mutual validity has been authenticated with the second communication device by the mutual authentication with the second communication device, communication with the second communication device executing the program is performed. A communication method for performing processing related to the service in cooperation with each other. 29. A communication device for communicating with a first communication device having an integrated circuit and a communication circuit, and a second communication device used for a service related to the integrated circuit, wherein a process related to the service is defined. Storage means for storing the program thus obtained, receiving means for receiving a use request of the program from the integrated circuit via the communication circuit, and via the communication circuit between the integrated circuit in response to the use request An authentication unit that performs mutual authentication and performs mutual authentication with the second communication device after mutual validity is authenticated by the mutual authentication; and mutual authentication between the second communication device and the second communication device by the mutual authentication. When the validity is authenticated, the program relating to the use request is read out from the storage unit and executed, and communicates with the second communication device in accordance with the execution of the program. And a control unit for performing processing related to the service in cooperation with each other. 30. A communication method for communicating with a first communication device having an integrated circuit and a communication circuit, and a second communication device used for a service related to the integrated circuit, wherein the communication circuit is provided from the integrated circuit. A request for use of a program that defines processing related to the service via the communication circuit, performs mutual authentication with the integrated circuit via the communication circuit in accordance with the use request, and performs mutual authentication by the mutual authentication. After the authenticity is authenticated, mutual authentication is performed with the second communication device. When the mutual authenticity is authenticated with the second communication device by the mutual authentication, a program related to the use request is executed. A communication method that reads out from a storage unit and executes the communication, and performs communication with the second communication device in accordance with the execution of the program and performs processing related to the service in cooperation with each other.