JP2005056306A - Service system and device for user using information storage device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a service system that enables a user to arbitrarily set the number and size of split areas into which the memory area of an information storage device 70 is split, so that the user can enjoy services depending on the way of setting them. <P>SOLUTION: The services are provided while focus is put on the size of a specific split area among a plurality of split areas of different security levels set in the memory area of the information storage device 70. For an enterprising body 80 that runs a service business while using the specific split area, securement of the split area is the key to expanding the business. For this, the system provides money and point services or the like to urge the user to expand the split area. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention is a business model that provides services to users who use information storage devices such as semiconductor memory cards and IC cards.

In recent years, semiconductor memory cards having a plurality of areas with different security strengths and access methods on a single card have been developed. For example, Patent Document 1 below discloses a semiconductor memory card having an authentication area that can be accessed only by an authenticated device and a non-authentication area that can be accessed without requiring authentication, as storage areas.
As shown in FIG. 9, this memory card includes an IC chip of a flash memory 303 that constitutes a storage area, and a control IC 302 that controls writing / reading to / from the storage area. An authentication area 332 that permits access only to devices that can be authenticated, and a non-authentication area 331 that permits access without requiring such authentication.

Further, the control IC 302 determines the type of command input via the authentication unit 321 for authenticating the validity of the counterpart device trying to access the memory card 109 and the command pin, and various configurations according to the type. A command determination control unit 322 that controls elements, an authentication region access control unit 325 that executes data writing to and reading from the authentication region 332 of the flash memory 303, and a non-authentication that performs data writing to and reading from the non-authentication region 331 And an area access control unit 326.
The terminal that accesses the authentication area 332 of the memory card 109 performs authentication with the authentication unit 321 of the memory card 109. When the authentication is successful, data is written to and read from the authentication area 332 through the authentication area access control unit 325. It becomes possible. In addition, data can be written to and read from the non-authentication area 331 through the non-authentication area access control unit 326.

The non-authentication area 331 and the authentication area 332 of the memory card 109 are divided with a certain address on the flash memory 303 as a boundary, and the size of each area can be changed by changing the boundary address. When changing the area, the device accessing the memory card 109 authenticates with the memory card 109, and then sends the size of the non-authentication area 331 to the memory card 109 using a dedicated area change command. When the memory card 109 receives the area change command, the memory card 109 stores the value in a non-volatile work area in the memory card 109, and in subsequent accesses, the value is used as a new boundary address and the authentication area 332 and the non-authentication Access control to the area 331 is executed.
JP 2001-14441 A

  However, in the conventional information storage device having a plurality of divided areas as described above, the memory area is already divided based on the intention of the card issuer at the stage of delivery to the user. Therefore, even if the usage form of the information storage device varies depending on the individual user, each user can obtain only the information storage device having the dressed divided area.

  The present invention solves such conventional problems, and the number and size of the memory area of the information storage device can be set by the user's intention, and a service is received according to the setting method. It is an object of the present invention to provide a service system capable of providing information, and to provide a service providing apparatus for executing the information storage device and the service.

In the service system of the present invention, the service is provided by paying attention to the size of a specific area of the information storage device.
For a business entity that develops a service business using a specific area, securing that area is the key to business development. For this reason, in this system, services such as money and points are provided to encourage the user to expand the area.

In the service system of the present invention, the service is provided by paying attention to the size of the area set when the information storage device is delivered.
Therefore, the user who receives the information storage device determines the size of the area in consideration of services such as money and points when setting the area on his / her own will.

In the service system of the present invention, when the information storage device updates the size of the area, it creates receipt information indicating the updated area size and transmits it to the service provider.
Therefore, the service provider can acquire accurate information regarding the area of the information storage device.

In the service system of the present invention, the service provider manages size information describing the relationship between the information storage device and the area size of the information storage device, and the size information is based on the received receipt information. To update.
Therefore, the service providing side can provide a service corresponding to the size of a specific area to the user of the information storage device based on the latest size information.

In the present invention, the information storage device having a specific area for storing information and transmitting information for prompting service provision according to the size of the specific area is requested to update the size of the specific area. A request receiving means for receiving an update request to be performed, an area update means for updating the size of the specific area in accordance with the update request, and information on the size of the area after the update if the update is normally performed. A receipt creation means for creating a receipt, and a transmission means for sending the receipt directly or indirectly to the provider of the service provision.
When the size of the specific area of the information storage device is updated, a receipt indicating the size of the updated specific area is sent to the service provider. Here, “directly send” means to send a receipt directly to the service provider, and “indirectly send” means to send a receipt to the card issuer, for example. It means a form in which a receipt is sent to the provider. In addition, the “information regarding the size of the updated area” shown in the receipt includes information indicating the absolute size of the updated area, information on a relative size indicating a difference value between the sizes before and after the update, and the like.

In the present invention, in order to provide a service according to the size of a specific area of an arbitrary information storage device, information for prompting the provision of the service is received directly or indirectly from the information storage device. Receiving means for receiving the size information of the specific area in the service providing device, size information management means for managing the size information of the specific area, and updating the size information with reference to the receipt A service content management means for managing the contents of the return service corresponding to the size information, and a service for determining the contents of the return service corresponding to the size information from the size information of the size information management means and executing the return service Execution means.
The service providing apparatus can provide a service corresponding to the size of the specific area to the user of the information storage device based on the latest size information.

Since the service system of the present invention provides services by paying attention to a specific area of the information storage device, a business entity that develops a service business using that area can enter this system to develop business. Is given. In addition, when the user sets the area of the information storage device with his / her own intention, the user can select a setting that allows the user to enjoy the merit.
The information storage device and service providing device of the present invention can realize this service system.

In the embodiment of the present invention, a service system is described in which an information storage device having three areas of an authentication area, a non-authentication area, and a secure area is used as an area whose size can be set by the user's intention.
The information storage device having the authentication area, the non-authentication area, and the secure area (hereinafter referred to as “secure memory card”) is a card recently developed by the applicant, and is shown in the block diagram of FIG. In general, the control unit 20 includes a large-capacity nonvolatile memory 50 including a flash memory, and a tamper-resistant IC unit 11.
The large-capacity nonvolatile memory 50 includes an authentication area 52 that can be accessed only by an authenticated device, a non-authentication area 53 that can be accessed without requiring authentication, a secure area 51 that can be accessed only by the IC unit 11, And an address information management area 54 in which address information is stored.

  The control unit 20 includes a data I / F unit 21 that exchanges data with the R / W device 69, a command I / F unit 22 that exchanges commands with the R / W device 69, and an R The control authentication unit 23 that authenticates the / W device 69, the control command processing unit 24 that interprets the received command and performs processing according to the command, and the access to the large-capacity nonvolatile memory 50 and the IC unit 11 And an access control unit 25 serving as a data transfer window, and a large-capacity nonvolatile memory I / F unit 26 that transfers data to and from the large-capacity nonvolatile memory 50.

  The IC unit 11 includes an internal nonvolatile memory 41, an I / F unit 12 that exchanges data and commands with the control unit 20, and an IC command process that interprets commands and performs processing according to commands. Unit 13, file management unit 14 that manages data stored in the internal nonvolatile memory 41 and secure area 51 in a file format, and R / W device 69 are authenticated, and internal to the authenticated R / W device 69 The IC authentication unit 15 that permits data access to the nonvolatile memory 41 and the secure area 51, and the key stored in the internal nonvolatile memory 41 for the write / read data to the internal nonvolatile memory 41 and the secure area 51 The encryption / decryption circuit 17 that performs encryption / decryption using the memory, the memory management unit 16 that manages the internal nonvolatile memory 41 and the secure area 51, And an internal non-volatile memory I / F unit 18 that exchanges data into nonvolatile memory 41.

  The R / W device 69 that writes / reads data to / from the non-authentication area 53 of the secure memory card 10 transmits a command requesting access to the non-authentication area 53 to the secure memory card 10. The control command processing unit 24 interprets the command, instructs the access control unit 25 to control access to the large-capacity nonvolatile memory 50, and transmits the data sent from the R / W device 69 through the data I / F unit 21. Is written in the non-authentication area 53, and data read from the non-authentication area 53 is transmitted to the R / W device 69 via the data I / F unit 21.

  The R / W device 69 that writes / reads data to / from the authentication area 52 transmits a command requesting authentication to authenticate with the control / authentication unit 23, and then accesses the authentication area 52. Send a command requesting The control command processing unit 24 interprets the command, and when the authentication is successful, instructs the access control unit 25 to control access to the large-capacity nonvolatile memory 50, and transmits data I / O from the R / W device 69. Data sent through the F unit 21 is written into the authentication area 52, and data read out from the authentication area 52 is transmitted to the R / W device 69 through the data I / F unit 21.

A command of the R / W device 69 that requests writing / reading of data to / from the secure area 51 is transferred from the access control unit 25 to the IC unit 11 in accordance with an instruction from the control command processing unit 24 that interprets the command. When the IC command processing unit 13 of the IC unit 11 interprets this command and requests authentication, the IC authentication unit 15 causes the R / W device 69 to perform authentication processing, and the command is sent to the secure area 51. When data writing / reading is requested, after confirming that the authentication processing of the IC authentication unit 15 has been completed, the memory management unit 16 is instructed to write / read data to / from the secure area 51. Receiving the instruction, the memory management unit 16 encrypts the data sent from the R / W device 69 to the IC unit 11 through the access control unit 25 by the encryption / decryption circuit 17 and passes through the large-capacity nonvolatile memory I / F unit 26. Thus, the data is written into the secure area 51 of the large-capacity nonvolatile memory 50. The data read from the secure area 51 is decrypted by the encryption / decryption circuit 17 and sent to the IC command processing unit 13. This data is transmitted from the data I / F unit 21 of the control unit 20 to the R / W device 69.
The sizes of the non-authentication area 53, the authentication area 52, and the secure area 51 of the secure memory card 10 can be changed by changing their boundary addresses and updating the address information stored in the address information management area 54.

Thus, in this secure memory card 10, the security level of the authentication area 52 is higher than that of the non-authentication area 53, and the security level of the secure area 51 is higher than that of the authentication area 52. The secure area 51 is suitable as a place for storing a large amount of data handled by a highly confidential application or an application mounted on an IC card, and the authentication area 52 is used for storing copyright-protected content. Are suitable. Further, general data that does not need to be concealed and encrypted data that is not likely to be decrypted can be stored in the non-authentication area 53.
Therefore, a user who wants to store a lot of highly confidential applications wants a large secure area 51, and a user who stores a lot of copyright-protected content wants a wide authentication area 52 and needs to be concealed. A user who exclusively stores general data having no data desires expansion of the non-authentication area 53.

On the other hand, from the perspective of the business operator that develops the service business, for businesses that provide applications and provide services based on them online, the wider secure area 51 increases the possibility of service provision. desirable. In addition, a business that provides copyright-protected content is expected to expand the authentication area 52.
In the system of this embodiment, the memory area of the secure memory card is divided based on the user's intention to receive the card. Then, the operator whose memory area is expected to be expanded by this division returns the service to the user with money, points, or the like. By doing so, the business operator guides the user's intention so that the memory area is divided into areas conveniently for the user.

  FIG. 1 schematically represents this system. When the user purchases the secure memory card 70 at the store, the user selects a memory area division mode and designates area division along the memory area (1). The secure memory card 70 is mounted on a storefront R / W device, the memory area is divided as specified, and the result of the area division is reported to the service side 80 online or the like (2). The service side 80 including the card issuer server and the service provider server manages the identification information of the secure memory card 70 and the area division result in association with each other (3). Services such as points and free usage rights are returned to the user (4).

The service return time can be set as appropriate on the service side 80. For example,
・ When the area of the secure memory card 70 is divided (only once)
・ When each new application is downloaded to the secure memory card 70 ・ When each application downloaded to the secure memory card 70 is used ・ When a specific function of the application downloaded to the secure memory card 70 is used Conceivable.
When a memory area division request command is sent from the storefront R / W device, the secure memory card 70 updates the memory area division form accordingly.

In order to realize this function, the secure memory card 70 receives a command for requesting division from the outside for requesting re-division of the memory area 78 and sends a processing result to the outside, as shown in FIG. And an area update condition management means 71 for managing the update conditions of the memory area 78, and an area update determination for judging whether the division request for the memory area 78 satisfies the area update conditions managed by the area update condition management means 71 Means 72, an area update means 77 for reformatting the memory area 78 when the area division request satisfies the area update condition, an area management means 76 for managing the address of the memory area 78, etc. Initialization means 75 that performs division and storage of initial value data in the divided areas, and normal re-division of the memory area 78 based on the division request And a receipt creation unit 74 for creating a receipt indicating that the.
The area updating unit 77 includes area updating units 771 to 774 that set memory division areas of respective security levels, and the security level set in the memory area 78 by some of the area updating units. Different memory divided areas are represented here as area 1 (781) to area a (783).

  The memory area 78 of the secure memory card 70 corresponds to the large-capacity nonvolatile memory 50 of FIG. 8, and the areas 1 (781) to a (783) are the non-authentication area 53, the authentication area 52, and the secure area of FIG. This corresponds to the area 51 and the like. Further, the area management means 76 is means for managing the address information management area 54 of the large-capacity nonvolatile memory 50 of FIG. 8, including the area management means 76, command transmission / reception means 73, area update condition management means 71. The region update determination unit 72, the region update unit 77, the initialization unit 75, and the receipt creation unit 74 are provided in the control unit 20 of FIG.

As shown in FIG. 3, the area update condition management means 71 manages a table defining area update conditions. The area update condition includes a procedure condition (FIG. 3 (a)) that defines a procedure and an entity condition (FIG. 3 (b)) that defines the entity of the area update. The necessity of authentication and the necessity of command encryption are defined in association with (timing), and in the actual conditions, the number of divisions possible, the maximum number of divisions of the memory area 78, and the number of divisions per memory division area The maximum size is specified.
A non-authentication area, an authentication area, and a secure area of a predetermined size are set by the initialization unit 75 in the memory area 78 of the secure memory card 70 at the shipping stage, and initial data is stored in each memory divided area. Is written by the initialization means 75.

The area management unit 76 manages address information of the memory divided areas included in the memory area 78. FIG. 4 illustrates the area management information managed by the area management means 76. Here, an area identifier indicating the security level of the memory divided area, an address value indicating the position of the memory divided area on the memory area 78, and an address indicating the range in which the actual data is stored in the memory divided area The value is managed.
When the user purchases the secure memory card 70 at the store, the secure memory card 70 is set in the R / W device at the store, and the size requested by the user is determined by the division request command input from the R / W device. The memory division area is set in the memory area 78.

At this time, the secure memory card 70 performs the following processing.
The secure memory card 70 first performs mutual authentication with the R / W device and external authentication with the card issuer defined in the procedure condition of the area update condition (FIG. 3A), and then a split request command Process by. The division request command may be input by operating the R / W device, or the user transmits information on the selected division form to the card issuing server on the service side 80, and the card issuing server is online and stores the R at the store. A split request command may be sent to the / W device.

The area update determining means 72 of the secure memory card 70 acquires information such as the number, size, and attributes of the memory divided areas from the division request command received by the command transmission / reception means 73, and the division request is an entity condition of the area update condition. It is determined whether or not (FIG. 3B) is satisfied, and when the area update condition is satisfied, the reception information is transmitted to the area update unit 77 and an update of the memory area 78 is requested.
The area update unit 77 obtains an unused area in which actual data is not stored from the area management information of the memory area 78 managed by the area management unit 76, reformats the unused area, and has the requested size. The memory division area is set using the area update means 771 to 774 of the corresponding security level.

FIG. 5 shows a memory divided area before update (FIG. 5A), an updated memory divided area reformatted according to the intention of the user (FIGS. 5B, 5C, and 5D). Is schematically shown.
When the memory area 78 is updated, as shown in FIG. 6, the receipt creating means 74 obtains basic data including card specifying information for specifying the secure memory card 70, the size of the updated memory divided area, and other information. Encrypt with the receipt creation key and create a receipt with a digital signature. Note that the size of the memory partition area included in the basic data may be represented by (a) an absolute value or (b) a difference from the size before update.
This receipt is transmitted to the service side 80 online as a report of the region division result.

  FIG. 7 shows the configuration of the service side 80 as functional blocks. When the service side 80 receives a receipt and issues a division request command from the service side, the service side 80 receives the command issuance request and transmits the division request command, and verifies the received receipt. The verification means 82, the area size database 84 in which the size information of the memory division area of each secure memory card is stored, and the area size database 84 are managed, and the data of the area size database 84 is stored in accordance with the contents of the receipt. The area content management means 83 to be updated, the return service database 87 storing the contents of the return service corresponding to the size of the memory partition area, and the return service database 87 are managed, and each secure memory card is used by using the data. A return service management means 86 for determining a return service corresponding to And a service execution unit 85 for executing reduction services reducing the service management unit 86 decides the secure memory card.

  When the division request command is sent from the service side 80 to the R / W device at the store, the division unit 81 receives the user command issue request and transmits the division request command to the R / W device. The receipt issued from the secure memory card for which the memory area update processing has been completed is received by the dividing means 81, verified by the verification means 82, and when the verification is successful, the data stored in the area size database 84 Is updated by the in-area management means 83 based on the receipt information.

  When the service return time of the secure memory card comes, the service execution means 85 transmits the card specific information of the secure memory card to the area content management means 83 and inquires about the area size of the memory division area in the secure memory card. The area content management means 83 acquires the area size of the corresponding secure memory card from the area size database 84 and transmits it to the return service management means 86, and the return service management means 86 receives the area from the return service database 87. The return service content corresponding to the size is acquired and transmitted to the service execution means 85, and the service execution means 85 executes the return service.

As described above, in this system, when a user sets a large area size of a specific memory partition area in the secure memory card, a service business is developed using the area (to obtain profit) from the business entity to the user. The benefits are reduced. The size of the memory division area has a great influence on the development of the business. Therefore, if the services are differentiated according to the size of the memory division area and a large number of memory division areas necessary for the business can be secured, the expansion of the business can be expected.
In this system, a receipt indicating the result of the area division processing is created in the secure memory card, automatically transmitted to the server, and verified on the server side. It is possible to obtain accurate processing information, and to avoid data inaccuracy in the case of adopting a user reporting system, contamination of illegal data during transmission, data alteration, and the like.

In this system, since the service side updates the data in the memory partition area when receiving a receipt from the secure memory card and refers to this data when providing the service, the service according to the latest memory partition status Can be provided.
Although the case where the memory area of the card is divided into a plurality of areas having different security levels has been described here, a plurality of areas having the same security level are set on the card, or only one memory area is set on the card. Even if the size of the area of interest greatly affects the development of the business, this system enables the development of the business by returning services according to the size of the area.

  The service system of the present invention is an online service such as electronic payment, music distribution, image distribution, etc. performed using various information recording devices called semiconductor memory cards, IC cards, secure memory cards, secure devices, etc. It can be applied to various service businesses such as non-online services, and can provide opportunities for business development in these service businesses.

The figure which shows typically the service system in embodiment of this invention. The figure which shows the secure memory card used with the service system in embodiment of this invention The figure which shows the area | region update conditions of the secure memory card in embodiment of this invention The figure which shows the area | region management information of the secure memory card in embodiment of this invention (A) The figure which shows typically the memory division area before update (b) The figure which shows the memory division area after update typically The figure which shows the receipt creation procedure of the secure memory card in embodiment of this invention The figure which shows the functional block by the side of the service of the service system in embodiment of this invention Block diagram showing the configuration of the secure memory card Block diagram showing the configuration of a conventional semiconductor memory card

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Secure memory card 11 IC part 12 I / F part 13 IC command processing part 14 File management part 15 IC authentication part 16 Memory management part 17 Encryption / decryption circuit 18 Internal non-volatile memory I / F part 20 Control part 21 Data I / F Unit 22 command I / F unit 23 control authentication unit 24 command processing unit 25 access control unit 26 large capacity nonvolatile memory I / F unit 41 internal nonvolatile memory 50 large capacity nonvolatile memory 51 secure area 52 authentication area 53 non-authentication area 54 Address information management area 69 R / W device 71 Area update condition management means 72 Area update determination means 73 Command transmission / reception means 74 Receipt creation means 75 Initialization means 76 Area management means 77 Area update means 78 Memory area 80 Service side 81 Division means 82 Verification means 83 Area content management means 84 Area size database 85 Service execution means 86 Return service management means 87 Return service database 109 Memory card 302 Control IC
303 Flash Memory 321 Authentication Unit 322 Command Determination Control Unit 325 Authentication Area Access Control Unit 326 Non-Authentication Area Access Control 331 Non-Authentication Area 332 Authentication Area 771 Level 1 Area Update Unit 772 Level 2 Area Update Unit 773 Level 3 Area Update Unit 774 Level n region update means 781 region 1
782 Region 2
783 region a

Claims (6)

  A service system characterized by providing a service by paying attention to the size of a specific area of an information storage device.   2. The service system according to claim 1, wherein the service is provided by paying attention to the size of the area set when the information storage device is delivered.   2. The information storage device according to claim 1, wherein when the size of the area is updated, receipt information indicating the size of the updated area is generated and transmitted to a service provider. 2. The service system according to 2.   The service providing side manages size information describing a relationship between the information storage device and the size of the area of the information storage device, and updates the size information based on the received receipt information. The service system according to claim 3, wherein: An information storage device having a specific area for storing information and transmitting information for prompting service provision according to the size of the specific area,
Request receiving means for receiving an update request for updating the size of the specific area;
Area updating means for updating the size of the specific area according to the update request;
A receipt creating means for creating a receipt indicating information related to the size of the area after the update when the update is normally performed;
Transmitting means for transmitting the receipt directly or indirectly to the provider of the service provision;
An information storage device comprising: Service providing apparatus for directly or indirectly receiving information for prompting provision of the service from the information storage apparatus in order to provide a service according to the size of a specific area of an arbitrary information storage apparatus Because
Receiving means for receiving a receipt in which size information of the specific area is described;
Size information management means for managing size information of a specific area and updating the size information with reference to the receipt;
Service content management means for managing the content of the return service corresponding to the size information;
Service execution means for determining the content of the return service corresponding to the size information from the size information of the size information management means, and executing the return service;
A service providing apparatus comprising:

Images