JP2004336719A - Mobile terminal and its information management method, as well as computer program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a mobile terminal with which the protection of privacy can be improved for personal contents a user remaining in the mobile terminal for identifying the user according to identification information stored in a detachable storage medium, when sharing the mobile terminal among a plurality of the users, and its information management method, and computer program. <P>SOLUTION: In a portable telephone set 100 in which subscriber information (IMSI) can be held separately from a main body by a UIM card 8, user data (personal contents) within the relevant portable telephone set are encrypted and stored in a unique folder (IMSI-unique folder) corresponding to the identification information while being associated with the IMSI within the UIM card 8. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a technical field of a mobile terminal such as a mobile phone, and particularly to a technical field of a mobile terminal for identifying an available user according to identification information stored in a storage medium.

  In recent years, mobile phones (so-called third-generation mobile phones) based on next-generation standards such as IMT-2000 have been developed. Such a third-generation mobile phone has a configuration in which a mechanism medium (IC card) in which subscriber information and the like are recorded and a mobile phone main body are separated.

  In such a third-generation mobile phone, each user has a UIM (User Identity Module: sometimes referred to as USIM or R-UIM) card. This UIM card is an IC card in which subscriber information (contractor information) for itself and other information (personal identification information for credit settlement, etc.) are recorded. The user can use the service in any third-generation mobile phone by inserting his or her own UIM card into the main body.

In a conventional GSM mobile phone, information stored in a SIM (Subscriber Identity Module) is limited to subscriber information. On the other hand, in a third-generation mobile phone, a single phone can be used by a plurality of users by using a UIM card.
Therefore, in the third-generation mobile phone that can be used in such a manner, in order to secure individual privacy, not only the subscriber information but also various personal contents are all stored in the personal UIM card. What you can do is ideal. Here, the personal content is, for example, information such as a telephone directory, an e-mail, a schedule, and personal setting information input by the user.

  However, it is impossible to store all personal contents (hereinafter, sometimes referred to as “user data”) in one UIM card due to the limitation of the size and storage capacity of the UIM card. Therefore, in reality, most of various contents set, collected, and used by the user (that is, mail, telephone directory, application setting information, etc.) are recorded in the mobile phone main body, and after the user finishes using the system. Will remain inside the mobile phone.

  That is, in a third-generation mobile phone, when another user's UIM card is inserted (attached) to a certain mobile phone, a service based on the other party's contractor information can be provided. However, in this case, the other person can freely use and change various contents left inside the mobile phone by the previous user.

More specifically,
(1) The call history of the previous user remains in the mobile phone.
(2) Another person can refer to a mail or the like addressed to a user who has used the same mobile phone first.
(3) Other users can use network-based contents (applications using network connection, etc.) used by users who have used the same mobile phone first.
(4) A user who has previously used the same mobile phone can perform operations such as addition and deletion of personal content that has been set, collected, and the like.

  Further, in a conventional third-generation mobile phone, if the power of the mobile phone is turned on without inserting the UIM card, it is impossible to use the service of the mobile phone. However, others can freely refer to and use the personal content remaining in the mobile phone.

  In general, in conventional mobile phones of the second generation or earlier in Japan, the individual subscriber information of a user is recorded in a nonvolatile storage area of each mobile phone. Therefore, there is a one-to-one relationship between the management of the contractor information (subscriber information) and the management of the personal content in the mobile phone. On the other hand, in the third-generation mobile phone, the opportunity to share one mobile phone among a plurality of contractors is significantly increased as described above, and thus a means for protecting personal content is required.

  Here, as a conventional technology example, in a portable terminal configured to store user data in a non-volatile memory, there is a “portable terminal and its user data protection method” that prevents loss or tampering at the time of writing user data. (For example, see Patent Document 1).

  Further, there is a “system for encrypting / decrypting information and the same system” that automatically encrypts and decrypts user identification information and identification information uniquely determined by a user using a keyword (for example, Patent Document 2). reference).

  When a mobile phone used by using a SIM card is handed over to another person, private personal data recorded inside (ie, a telephone directory, e-mail, schedule, personal setting information, etc., input by the user). ) Can be prevented from being viewed (for example, see Patent Document 3).

JP 2001-10179 A (Paragraph No. 0013, FIG. 1) JP-A-2002-281022 (paragraph number 0026, FIG. 1) JP-A-2002-300254 (paragraph numbers 0026 and 0040, FIG. 1)

  However, the invention described in Patent Document 1 has a configuration that is not compatible with a third-generation mobile terminal that uses a UIM card or the like.

  In addition, the invention described in Patent Literature 2 is such that a keyword used for data encryption is created by a user, does not use identification information in a UIM card, and is not compatible with a third-generation mobile terminal. It is.

  The invention described in Patent Document 3 has a configuration corresponding to a third-generation mobile phone, and personal data stored inside the main body is deleted when the SIM card is pulled out from the main body. However, when the SIM card is pulled out from the main body, the personal data is recorded in an encrypted state in another external memory different from the SIM card. That is, the invention described in Patent Document 3 requires an external memory for data protection in addition to the SIM card.

  Therefore, in view of such a background, even if the main body is turned on without the need for a memory card other than the UIM card and the UIM card is not mounted, the internal memory is stored. There is a demand for a portable terminal compatible with third-generation mobile phones that cannot browse personal contents.

  Therefore, the present invention provides a portable terminal for identifying a user according to identification information stored in a removable storage medium, which is shared among a plurality of users. It is an object of the present invention to provide a mobile terminal capable of protecting and improving privacy, a method of managing the information, and a computer program.

  In order to achieve the above object, a portable terminal according to the present invention has the following configuration.

That is, when a removable storage medium (IC card, UIM card 8) is mounted, available users are identified according to identification information (IMSI, subscriber information, contractor information) stored in the storage medium. A mobile terminal (mobile phone 100) to be identified,
Storage area generating means (3) for generating a user-specific storage area (IMSI-specific folder) in a state associated with the identification information;
Encryption means (3, 13) for reading identification information from the attached storage medium and encrypting personal content in the portable terminal based on the identification information;
Storage means (3) for storing the encrypted personal content in a specific storage area associated with the identification information;
Reading identification information from the attached storage medium, and decrypting personal content stored in an encrypted state in the specific storage area associated with the identification information based on the identification information; Decoding means (3, 13) for expanding the state to allow browsing by the user;
It is characterized by having.

Further, the storage area generating means includes:
The specific storage area, which is associated with the identification information stored in the storage medium, may be automatically generated in response to the mounting of the storage medium.

  In a preferred embodiment, at least one of writing content to a shared storage area (shared folder) for a plurality of users who can use the mobile terminal and referring to content stored in the storage area It is characterized by further comprising an information sharing means capable of performing the following.

The encryption means (encryption processing software program 13)
Preferably, an encryption key is generated based on the identification information read from the storage medium, and the personal content is encrypted using the encryption key.

The decrypting means (encryption processing software program 13)
An encryption key is generated based on the identification information read from the storage medium, and the personal content stored in an encrypted state in the specific storage area already associated with the identification information. May be decrypted using the encryption key.

  Note that the above object is also achieved by an information management method corresponding to the portable terminal having each of the above configurations.

  The object is also achieved by a portable terminal having each of the above configurations, a program code for realizing the corresponding method by a computer, and a computer-readable storage medium storing the program code. You.

  According to the present invention, when a mobile terminal that identifies a user according to identification information stored in a removable storage medium is shared among a plurality of users, each user remains in the mobile terminal. A portable terminal capable of improving and protecting the privacy of content for use, an information management method thereof, and a computer program are provided.

  Hereinafter, an embodiment in which a mobile terminal according to the present invention is applied to a mobile phone as a representative mobile terminal will be described in detail with reference to the accompanying drawings.

  FIG. 2 is a block diagram showing an example of a general device configuration of a mobile phone to which the present invention can be applied.

  The mobile phone 100 shown in FIG. 1 is a third-generation mobile phone based on a standard such as IMT-2000, for example, and has a configuration in which a user can attach and detach the UIM card 8 to and from the main body.

  The UIM (User Identity Module) card 8 is a storage medium such as a so-called IC card. Identification information for identifying a user who can use the mobile phone 100 is stored in the UIM card 8 in advance. In the present embodiment, the identification information is subscriber information (contractor information) called an IMSI (International Mobile Subscriber Identifier). The IMSI is information individually assigned to each subscriber in order to identify each subscriber (user).

  In FIG. 2, a radio unit 1 transmits and receives radio waves in a predetermined frequency band for realizing radio communication with a base station. The communication processing unit 2 converts a signal corresponding to a radio wave received by the wireless unit 1 into a digital signal that can be recognized by the central control unit 3. The communication processing unit 2 converts the digital signal output from the central control unit 3 into a signal form that can be converted into a transmission signal by the wireless unit 1.

  The central control unit 3 is composed of hardware including a CPU (Central Processing Unit) and a memory (both are not shown) that control the entire operation of the mobile phone 100, and various software programs executed by the CPU. . In the present embodiment, a cryptographic processing software program 13 is mounted on the mobile phone 100 as a software program to be executed (details will be described later).

  The peripheral device control unit 4 processes audio output to the receiver (speaker) 9, processes audio signal input from the microphone 10, and performs input / output processing of operation switches and displays (not shown) according to instructions from the central control unit 3. I do.

  The UIM card control unit 7 reads information from the UIM card 8 attached to the mobile phone 100 according to an instruction from the central control unit 3, and writes information when necessary. The power supply control unit 5 has a battery (not shown) and supplies power to each unit of the mobile phone 100.

  A nonvolatile memory (or a volatile memory that is always backed up) 11 is a storage element such as an EEPROM that stores user data (personal contents) and various software programs to be executed by the CPU of the central control unit 3. is there.

  In the present embodiment, user data (personal content) includes telephone directory, mail, call history, other contents, and customization information of a mobile phone operation unit (for example, layout information of icons placed on a screen) ).

  Next, the temporary storage memory 12 is used as a temporary storage for information read from the UIM card 8 and information to be written, and as a work area for various programs executed by the central control unit 3.

  The common bus 6 is connected to each block of the mobile phone 100 described above, and transfers various information according to the operation of the mobile phone.

  Then, when using the mobile phone 100, the user mounts the UIM card 8 at a predetermined position such as a slot (not shown) provided in the main body of the mobile phone 100. As a result, the user can use a conversation with another person via the mobile phone network and use various services (such as browsing a Web site) under contract.

  Note that the device configuration of the mobile phone 100 (FIG. 2: especially, the configuration provided for wireless communication) is merely an example, and various general technologies can be adopted at present. Detailed description of the embodiment will be omitted.

  Next, a method of managing user data (personal content) according to the present embodiment will be described with reference to FIGS. 1, 3A, and 3B.

  FIG. 3A is a diagram conceptually illustrating a case where data is statically managed in the information processing apparatus. FIG. 3B is a diagram conceptually illustrating a case where data is dynamically managed in the information processing apparatus.

  Various methods have been proposed as general methods for managing data to be processed in various information processing apparatuses. Of these methods, in the static management method shown in FIG. 3A, each piece of data (data A to D) is stored in a preset fixed-size data area. In the dynamic management method shown in FIG. 3B, each piece of data is stored as a variable-size filed data file based on management by file management information (file management table). Such file management information is secured in a predetermined area of a non-volatile memory in the information processing device, and a mapping with the physical address of the predetermined area is recorded.

  In these data management methods, individual data (data files) are stored in a nonvolatile memory. Further, the stored individual data is read out from the nonvolatile memory when the information processing apparatus is powered on or in response to a user's read operation, and is then expanded once in the temporary storage memory and used. Is done. When the data is changed, the data expanded in the temporary storage memory is first changed, and the changed content is reflected in the nonvolatile memory. The timing at which the nonvolatile memory is rewritten to reflect such changes depends on the nature of each data.

  In this embodiment, privacy protection when managing user data is realized based on the dynamic management method (FIG. 3-B) among such data management methods.

  FIG. 1 is a diagram conceptually showing a user data management method performed in the mobile phone 100 according to the present embodiment.

  In the present embodiment, it is assumed that user data in the mobile phone 100 is dynamically managed. In the user data storage area prepared in the nonvolatile memory 11, folder information associated with the IMSI is recorded. This folder information (hereinafter referred to as “IMSI-specific folder”) is associated with the IMSI (subscriber information) individually assigned to the user who can use the mobile phone 100 on a one-to-one basis, and Secured. Then, the user data of a certain user is stored in an “IMSI unique folder” associated with the IMSI stored in the UIM card 8 of the user.

  That is, in the present embodiment, the number of UIM cards 8 attached to the mobile phone (in other words, the number of users sharing the same mobile phone) is stored in the nonvolatile memory 11 of the same mobile phone 100. , “IMSI-specific folder (in FIG. 1, IMSI = A to D)” is created.

  In the user data storage area prepared in the nonvolatile memory 11, a “shared folder” for storing contents that can be commonly used by users of the mobile phone 100 is set.

  The “IMSI-specific folder” and the “shared folder” are managed by file management information (file management table) as in the case described with reference to FIG. However, as a feature of user data management in the present embodiment, as conceptually shown in FIG. 1, user data stored in an “IMSI-specific folder” indicated by IMSI = A to D is transmitted from the UIM card 8. It is stored in the “IMSI-specific folder” in a state of being encrypted with the key information based on the read IMSI. The “IMSI-specific folder” is associated with the corresponding IMSI when the folder is generated.

  That is, the encrypted personal content file is a variable-size data file. The central control unit 3 uses the file management information for managing the state of the association between the encrypted personal content file and the IMSI as the identification information and the “IMSI-specific folder” as the specific storage area. Manage dynamically.

  Here, in the present embodiment, the key information (encryption key) is generated based on the IMSI read from the UIM card 8. More specifically, the key information used when performing the encryption and the decryption may use a part of the IMSI or may use the entire IMSI. Further, in order to generate an encryption key using part or all of the IMSI, it is only necessary to use the result of performing encryption processing, hash processing, or the like.

  In addition, when dynamic management is performed by the central control unit 3, the encryption processing software program 13 performs encryption and decryption of user data (personal content).

  More specifically, the encryption processing software program 13 generates an encryption key (key information) based on the identification information (IMSI) read from the UIM card 8 (storage medium) and uses the encryption key. To encrypt personal content. Further, the encryption processing software program 13 generates an encryption key based on the IMSI read from the UIM card 8, and encrypts the encryption key in the “IMSI-specific folder” already associated with the IMSI. Decrypts the personal content stored in step (1) using the encryption key.

  Note that the encryption software program 13 temporarily stores the IMSI read from the UIM card 8 when performing encryption and decryption as described above.

  In the central control unit 3 of the mobile phone 100, a main program (not shown) for controlling the overall operation of the mobile phone is executed. This main program starts the encryption processing software program 13 when the power of the mobile phone 100 is turned on, regardless of whether the UIM card 18 is attached.

  Further, this main program is used when the personal content (unencrypted user data) stored in the temporary storage memory 12 is changed (or updated) by an input operation by the user, an external download, or the like. Also activates the encryption processing software program 13.

  In any of the above cases, the encryption processing software program 13 encrypts the changed content using the encryption key, and then transmits the encrypted user data from the temporary storage memory 12 to the corresponding “ Move to the “IMSI specific folder”. In the present embodiment, the main program of the central control unit 3 stops the operation of the encryption processing software program 13 as one encryption or decryption process is completed.

  FIG. 4 conceptually shows a state in which decrypted user data and encrypted user data are present in the mobile phone 100 by the user data management method performed in the mobile phone 100 according to the present embodiment. FIG.

  In the figure, folders indicated as IMSI = A to D are “IMSI-specific folders”. The correspondence between these folders and IMSI (= A to D) is as follows.

  That is, the folder indicated as IMSI = A is protected (encrypted / decrypted) by the encryption key generated based on the corresponding identification information of IMSI = "A".

  The folder indicated as IMSI = B is protected by an encryption key generated based on the corresponding identification information of IMSI = "B".

  The folder indicated by IMSI = C is protected by the encryption key generated based on the identification information corresponding to IMSI = “C”.

  The folder IMSI = D is protected by an encryption key generated based on the corresponding IMSI = “D” identification information.

  The example shown in FIG. 4 shows a state in which a user who owns the UIM card 8 in which IMSI = “B” is stored as identification information (subscriber information) uses the mobile phone 100. In this case, the user can operate after decrypting the personal content stored in the “IMSI-specific folder” indicated by IMSI = B. Further, the user can operate contents stored in the “shared folder”. On the other hand, the user cannot access personal contents stored in an encrypted state in the “IMSI-specific folder” other than IMSI = B.

  Next, a control process for realizing the operation of the mobile phone 100 will be described with reference to FIGS.

  FIG. 5 is a flowchart of a control process when the power of the mobile phone 100 according to the present embodiment is turned on. FIG. 6 is a flowchart of a control process at the time of reading user data of the mobile phone 100 in the present embodiment. FIG. 7 is a flowchart of a control process of the mobile phone 100 according to the present embodiment when saving user data.

  The flowcharts shown in FIGS. 5 to 7 show the processing procedure of a software program executed by a CPU (not shown) in the central control unit 3 shown in FIG.

  First, the operation when the power is turned on will be described with reference to FIG. The process of the flowchart shown in FIG. 5 is started when the power supply to the central control unit 3 is started by the power control unit 5 in response to detection of a predetermined power-on operation.

  The central control unit 3 initializes the mobile phone 100 (step S501) and checks whether the UIM card 8 is attached to the device (step S502).

  If the determination in step S502 is YES (there is a UIM card 8), the central control unit 3 activates the installed UIM card 8 (step S503) and reads various information in the card (step S504). ). The information read in step S504 includes the IMSI that is the identification information of the user. Thus, the central control unit 3 temporarily stores the read IMSI in the temporary storage memory 12 (step S505), and proceeds to step S506.

  In step S506, the central control unit 3 activates the encryption processing software program 13. Step S506 is also executed when the determination in step S502 is NO (there is no UIM card 8).

  Next, the central control unit 3 reads out the information in the “shared folder” into the temporary storage memory 12 (Step S507). Since the information existing in the “shared folder” is open to each user, encryption and decryption are not performed.

  The central control unit 3 determines whether the IMSI temporarily stored in step S505 exists in the temporary storage memory 12 (step S508). Then, if the determination is YES (there is an IMSI) in step S508, the central control unit 3 has a temporarily stored folder corresponding to the IMSI (that is, an “IMSI-specific folder” associated with the IMSI). It is determined whether or not this is the case (step S509).

  Next, in the case of a YES determination in step S509 (“IMSI-specific folder” is present), the central control unit 3 stores the encrypted user data in the “IMSI-specific folder” in the non-volatile memory. 11 to the temporary storage memory 21 (step S510).

  Then, the central control unit 3 generates an encryption key based on the temporarily stored IMSI, and decrypts the user data read in step S510 using the encryption key (step S511). In step S512, the central control unit 3 loads the user data decrypted in step S511 and the contents (shared data) in the “shared folder” read in step S507 in the temporary storage memory 12.

On the other hand, when the determination in step S508 or S509 is NO,
(1) When the power is turned on without the UIM card 8 being attached,
(2) When the UIM card 8 is mounted but there is no “IMSI-specific folder” corresponding to the IMSI in the card,
It is either. Therefore, in any of these cases, the central control unit 3 advances the processing to step S512 in order to expand the shared data read in step S507 in the temporary storage memory 12.

  Next, an operation at the time of reading user data accompanying a user operation of the apparatus will be described with reference to FIG.

  Upon detecting an operation by the user (step S601), the central control unit 3 determines whether the operation specifies reading of shared data in the “shared folder” (step S602).

  In the case of a YES determination in step S602, the central control unit 3 reads out the shared data in the “shared folder” (step S603), and expands the read out shared data in the temporary storage memory 12 (step S609). Since the shared data is open to each user, no decryption processing is required.

  On the other hand, if the determination in step S602 is NO (not shared data), the data designated by the user to read in step S601 is user data for that user. Therefore, in this case, the central control unit 3 determines whether or not there is an IMSI temporarily stored in step S505 of the control process (FIG. 5) previously executed when the power is turned on (step S604).

  Next, in the case of YES determination (there is IMSI) in step S604, the central control unit 3 determines that the temporarily stored folder corresponding to the IMSI (that is, the “IMSI-specific folder” associated with the IMSI) exists. It is determined whether or not to perform (step S605).

  If it is determined in step S605 that the “IMSI-specific folder” exists, the central control unit 3 activates the encryption processing software program 13 in step S606, and then executes the above-described steps S510 and S511. The same processing as described above is executed in steps S607 and S608. As a result, user data after decoding corresponding to the temporarily stored IMSI is obtained. The central control unit 3 expands the user data in the temporary storage memory 12 (step S609).

  On the other hand, the case of NO determination in step S604 or step S605 is the case of the above (1) or (2) described in step S508 and step S509. Therefore, in either case, the central control unit 3 completes the process without reading out the information (step S610).

  Next, an operation at the time of saving user data according to a user's operation of the apparatus will be described with reference to FIG.

  The contents obtained by the input operation of the telephone directory, the transmission and reception of the mail, the download from the network, and the like are recorded in the temporary storage memory 11. In the present embodiment, the user can perform an operation of saving the content obtained in this manner.

  Upon detecting an operation by the user (step S701), the central control unit 3 determines whether the operation instructs storage as shared data in the “shared folder”, or in the encrypted “IMSI-specific folder” for itself. It is determined whether the instruction is to store the information in "" (step S702).

  If the central control unit 3 determines in step S702 that the user's operation instructs storage as shared data, the central control unit 3 saves the target data as shared data in the “shared folder” without encryption. (Step S703).

  On the other hand, if it is determined in step S702 that the user has instructed to save the file in his / her own “IMSI-specific folder”, the central control unit 3 executes the control processing (FIG. In step S505, it is determined whether or not the temporarily stored IMSI exists (step S704).

  If the determination in step S704 is NO, it indicates that there is no “IMSI-specific folder” for the user in the mobile phone 100 or the UIM card 8 is not mounted. Therefore, the central control unit 3 completes the processing in such a case (step S711).

  On the other hand, in the case of a YES determination in step S704, there is a temporarily stored IMSI. Therefore, the central control unit 3 determines whether or not there is a temporarily stored folder corresponding to the IMSI (that is, the “IMSI-specific folder” associated with the IMSI) (step S705).

  If it is determined in step S705 that the “IMSI-specific folder” exists, the central control unit 3 activates the encryption processing software program 13 in step S706, and then specifies saving in step S701. The generated user data generates an encryption key based on the IMSI and encrypts the user data using the encryption key (step S707). Then, the central control unit 3 saves the user data encrypted in step S707 in the “IMSI-specific folder” in the nonvolatile memory 11 associated with the IMSI (step S708).

  On the other hand, even if it is determined in step S705 that the corresponding “IMSI-specific folder” does not exist, in the case of YES determination in step S704, the temporarily stored IMSI exists. Therefore, in this case, the central control unit 3 determines whether to newly create an “IMSI-specific folder” corresponding to the IMSI (step S709).

  That is, in step S709, the central control unit 3 notifies the user that there is no “IMSI-specific folder” at the present time, and determines whether to create a new “IMSI-specific folder” for the user. Request for the selection operation.

  If the determination is YES in step S709, the central control unit 3 newly creates an “IMSI-specific folder” corresponding to the IMSI. That is, after this processing step, the newly created “IMSI-specific folder” is stored in the non-volatile memory 11 together with information indicating the association with the IMSI inside the mobile phone 100.

  Thereafter, the central control unit 3 advances the processing to step S705, and performs the processing of steps S706 to S708 described above, and stores the encrypted user data in the “IMSI-specific folder”.

[Effects of Embodiment]
In the present embodiment described above, a mobile terminal (mobile phone 100) that can be held in a state where the subscriber information (IMSI) and the main body are separated by a storage medium (IC card) such as the UIM card 8 is premised. Then, in the portable terminal, in a state where the user data (personal content) in the portable terminal is associated with the identification information (IMSI) in the UIM card, a unique folder (IMSI-specific folder) corresponding to the identification information And can be stored encrypted. In addition, the user data encrypted and stored in the folder cannot be browsed except when the UIM card storing the corresponding identification information is attached to the mobile terminal.

  According to the present embodiment, even when one mobile terminal is shared and used by a plurality of contractors as in a so-called third-generation mobile phone, browsing of user data of another person other than yourself is performed. , Changes, etc. can be prohibited.

  Further, according to the device configuration of the mobile terminal according to the present embodiment, when the power of the mobile phone is turned on without the UIM card, the user data stored therein cannot be decrypted. For this reason, internal user data cannot be browsed.

  That is, according to the present embodiment, even when a single portable terminal for identifying a user is shared among a plurality of users according to identification information stored in a removable storage medium, management of individual user data is performed. Can be strengthened, and privacy can be protected.

  Further, the effect of the present embodiment described above is realized if the user carries the main body of the mobile phone 100 and the UIM card 8. Therefore, according to the present embodiment, unlike the conventional technology that requires another storage medium in addition to the main body of the mobile phone and the IC card storing the contractor information, the convenience of the user is remarkably improved. To improve.

  Here, the effects of the present embodiment described above can also be enjoyed by the modified examples described below.

<First Modification of Embodiment>
In the embodiment described above, when generating key information (encryption key) used for the encryption and decryption processing, IMSI is used as identification information. When associating each user with a unique folder, IMSI was used as identification information. On the other hand, in the present modification, a serial number unique to the UIM card, which is an IC card, is used as the identification information.

<Second Modification of Embodiment>
In the above-described embodiment, when managing the encrypted user data as a variable-size filed data file, dynamic management based on file management information (file management table) is performed. On the other hand, in the present modification, static management is performed on the encrypted user data by securing a fixed area in the nonvolatile memory 11 as shown in FIG. However, in this case, in a usage mode in which the mobile phone 100 is shared by a plurality of users, it is wasteful to allocate a fixed area for each user.

  Therefore, in this modification, a tag is added to the header portion of each fixed area. When decrypting the encrypted personal content, a specific fixed area for the target user is determined by referring to the tag according to the identification information read from the inserted UIM card 8.

<Third Modification of Embodiment>
In the above-described embodiment, if the “IMSI-specific folder” associated with the IMSI that specifies a certain user does not exist in the nonvolatile memory 11, in step S709, it is determined whether a new “IMSI-specific folder” is created. Was requested to the user. On the other hand, in the present modified example, by omitting the process of step S709, if it is determined in step S705 that the “IMSI-specific folder” does not exist, a new “IMSI-specific folder” is created. Is automatically created.

<Fourth Modification of Embodiment>
In the present modification, when the “IMSI-specific folder” associated with the IMSI exists in the nonvolatile memory 11 in a state where the UIM card 8 is mounted, the subfolder (substorage area) associated with the folder is An apparatus configuration that can be set according to a setting operation by a user. According to such an apparatus configuration, the convenience for the user can be further improved.

<Fifth Modification of Embodiment>
In the present modification, an apparatus configuration is adopted in which personal content in a browsable state (that is, decrypted user data) can be moved and copied to a “shared folder” in accordance with a user operation. . As a more preferable aspect, an apparatus configuration is adopted in which content (shared data) stored in the “shared folder” can be moved and copied to the “IMSI-specific folder” in accordance with a user operation.

  However, as the state of the mobile phone 100 capable of performing the above-described movement and copy operations, the UIM card 8 is attached, and the “IMSI-specific folder” associated with the IMSI exists in the nonvolatile memory 11. It is assumed that the content can be browsed. According to this modified example, it is possible to improve the convenience when not only the device but also the information is shared between a plurality of users.

  In the above-described embodiment, the present invention has been described as applied to a mobile phone. However, the mobile terminal according to the present invention is not limited to application to a mobile phone. As a more specific example, the present invention is also applicable to a PDA (Personal Digital Assistance: portable information terminal) or the like that can use a removable storage medium such as an IC card.

  Further, according to the present invention described in the above-described embodiment as an example, after supplying a computer program capable of realizing the functions of the flowcharts referred to in the description to the above-described mobile phone 100, the computer program is read out to the CPU of the apparatus. Achieved by performing Further, the computer program supplied to the apparatus may be stored in a storage device such as a readable / writable memory (for example, the nonvolatile memory 11).

  Further, in the above case, the method of supplying the computer program to each of the devices can be performed by using various recording media such as an IC card (or a memory card) of a physical common standard with the UIM card 8. At present, a general procedure can be adopted, such as a method of installing on a computer or a method of downloading from the outside via a communication line such as the Internet. It is composed of a program code or a storage medium.

FIG. 5 is a diagram conceptually showing a user data management method performed in the mobile phone 100 according to the embodiment. 1 is a block diagram showing a general device configuration example of a mobile phone to which the present invention can be applied. FIG. 4 is a diagram conceptually illustrating a case where data is statically managed in the information processing apparatus. FIG. 4 is a diagram conceptually illustrating a case where data is dynamically managed in the information processing apparatus. FIG. 9 is a diagram conceptually showing a state in which user data decrypted and encrypted user data exist in the mobile phone 100 by the user data management method performed in the mobile phone 100 according to the embodiment. 5 is a flowchart of a control process when the power of the mobile phone 100 is turned on in the present embodiment. 5 is a flowchart of a control process when reading user data of the mobile phone 100 according to the embodiment. 5 is a flowchart of a control process when the mobile phone 100 stores user data in the embodiment.

Explanation of reference numerals

DESCRIPTION OF SYMBOLS 1 Wireless unit 2 Communication processing unit 3 Central control unit 4 Peripheral device control unit 5 Power supply control unit 6 Common bus 7 UIM card control unit 8 UIM card 9 Receiver (speaker)
DESCRIPTION OF SYMBOLS 10 Microphone 11 Non-volatile memory 12 Temporary storage memory 13 Encryption software program 100 Mobile phone

Claims (18)

A portable terminal that identifies an available user according to identification information stored in a removable storage medium when the storage medium is mounted,
Storage area generating means for generating a user-specific storage area in a state associated with the identification information;
Encryption means for reading identification information from the attached storage medium and encrypting personal content in the portable terminal based on the identification information;
Storage means for storing the encrypted personal content in a specific storage area associated with the identification information,
Reading identification information from the attached storage medium, and decrypting personal content stored in an encrypted state in the specific storage area associated with the identification information based on the identification information; Decoding means for expanding the state to allow browsing by the user;
A mobile terminal comprising: The storage area generation means,
2. The specific storage area, which is associated with the identification information stored in the storage medium, is automatically generated in response to the mounting of the storage medium. Mobile terminal. The storage area generation means,
3. The apparatus according to claim 2, further comprising a sub-storage area setting unit configured to set a sub-storage area associated with the specific storage area in accordance with a setting operation by a user when the storage medium is mounted. Mobile terminal. An information sharing unit capable of at least one of writing content to a shared storage area for a plurality of users who can use the mobile terminal and referring to content stored in the storage area. The mobile terminal according to claim 1, wherein: In a state where the storage medium is mounted and the personal content can be browsed, the personal information stored in the specific storage area, which is associated with the identification information stored in the storage medium, 5. The mobile terminal according to claim 4, further comprising an operation unit that executes at least one of moving to the shared storage area and copying of the content according to a user operation. In a state in which the storage medium is mounted and the personal content can be browsed, information stored in the shared storage area is associated with the identification information stored in the storage medium. 5. The mobile terminal according to claim 4, further comprising an operation unit that executes at least one of movement to a specific storage area and copying in accordance with a user operation. The encryption means,
7. The personal content according to claim 1, wherein an encryption key is generated based on the identification information read from the storage medium, and the personal content is encrypted using the encryption key. The mobile terminal described in Crab. The decoding means,
An encryption key is generated based on the identification information read from the storage medium, and the personal content stored in an encrypted state in the specific storage area already associated with the identification information. The mobile terminal according to any one of claims 1 to 7, wherein the mobile terminal is decrypted using the encryption key. The identification information is
9. The portable terminal according to claim 1, wherein the portable information is subscriber information for identifying a subscriber who can use a service provided by the portable terminal, or a serial number unique to each storage medium. . The storage means and the decryption means,
The encrypted personal content is dynamically managed as a variable-size data file using file management information for managing a state of association between the identification information and the specific storage area. The mobile terminal according to claim 1. As the storage area, individual fixed areas are secured for a plurality of users,
The storage unit, when storing the encrypted personal content in a specific fixed area for the target user, to add a tag to the header portion of the specific fixed area,
The decrypting means refers to the tag in accordance with the identification information read from the attached storage medium when decrypting the encrypted personal content, so that the specific fixed area for the target user is The portable terminal according to claim 1, wherein: The portable terminal according to claim 1, wherein the storage medium is a common standard IC card. An information management method in a portable terminal using a storage medium in which identification information is detachable from a main body,
Reading the identification information from the storage medium mounted on the mobile terminal, encrypting the personal content in the mobile terminal based on the identification information, and encrypting the encrypted personal content with the identification information; An encryption step for saving to a specific storage area associated with
When the portable terminal is mounted on the storage medium, the identification information is read from the storage medium, and the encrypted personal content is stored in the specific storage area associated with the identification information. In such a case, a decryption step of expanding the encrypted personal content into a state that can be browsed by a user by decrypting the encrypted personal content based on the identification information;
An information management method comprising: According to the mounting of the storage medium, the identification information is read from the storage medium, and the specific storage area in a state associated with the identification information is automatically generated individually for each of the identification information. 14. The information management method according to claim 13, further comprising a storage area creation step. In the encryption step,
The method according to claim 13, wherein an encryption key is generated based on the identification information read from the storage medium, and the personal content is encrypted using the encryption key. Information management method. In the decoding step,
An encryption key is generated based on the identification information read from the storage medium, and the personal content stored in an encrypted state in the storage area is decrypted using the encryption key. The information management method according to claim 13 or 14, wherein: The identification information is
17. The information management according to claim 13, wherein the information is subscriber information for identifying a subscriber who can use a service provided by the portable terminal, or a serial number unique to each storage medium. Method. A computer program for operation control of a portable terminal for identifying an available user according to identification information stored in a removable storage medium when the storage medium is mounted, the computer program comprising: By
A storage area generation function of generating a storage area for each user in a state where the storage area is associated with the identification information;
An encryption function of reading identification information from the attached storage medium and encrypting personal content in the mobile terminal based on the identification information;
A storage function of storing the encrypted personal content in a specific storage area associated with the identification information,
Reading identification information from the attached storage medium, and decrypting personal content stored in an encrypted state in the specific storage area associated with the identification information based on the identification information; A computer program for causing a computer to execute a decryption function for expanding the state so that the user can browse the information.

Images