JP2011060136A - Portable electronic apparatus, and data management method in the same - Google Patents

Portable electronic apparatus, and data management method in the same Download PDF

Info

Publication number
JP2011060136A
JP2011060136A JP2009210911A JP2009210911A JP2011060136A JP 2011060136 A JP2011060136 A JP 2011060136A JP 2009210911 A JP2009210911 A JP 2009210911A JP 2009210911 A JP2009210911 A JP 2009210911A JP 2011060136 A JP2011060136 A JP 2011060136A
Authority
JP
Japan
Prior art keywords
data
command
plurality
ic card
record
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
JP2009210911A
Other languages
Japanese (ja)
Inventor
Satoru Sekiya
哲 関谷
Original Assignee
Toshiba Corp
株式会社東芝
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toshiba Corp, 株式会社東芝 filed Critical Toshiba Corp
Priority to JP2009210911A priority Critical patent/JP2011060136A/en
Publication of JP2011060136A publication Critical patent/JP2011060136A/en
Application status is Withdrawn legal-status Critical

Links

Images

Abstract

An IC card 1 and a data management method for the IC card 1 that can reduce the risk of unauthorized access to a data file and improve data security.
An IC card stores in a data memory a plurality of data files each storing a plurality of divided data obtained by dividing one data as a part of the data, and a part of the plurality of files is stored. When a command for designating data in order is received from the IC card processing device 2, the CPU 11 sequentially accesses each data stored in a part of the plurality of files in the order designated by the command. A plurality of divided data is set as an access target as one data.
[Selection] Figure 1

Description

  The present invention relates to a portable electronic device such as an IC card or IC tag in which an IC chip storing personal information or transaction information is stored, and a data management method in the portable electronic device.

  In general, portable electronic devices such as IC cards are used in various fields, and are often used in operation forms that require high security. For example, in a contact type or non-contact type IC card, information with high security such as personal information or transaction information is often recorded in a nonvolatile memory.

  In a conventional IC card, for example, in the case where access to a file storing important data is restricted, the file is searched on the condition that the verification or authentication by the “key” that only the IC card administrator or owner can know is successful. Security controls that allow access to are implemented. In other words, the conventional IC card is protected by a “key” in order to protect the file data from being illegally read or tampered with.

  However, in recent years, it has become impossible to ignore the risk that data itself recorded in a nonvolatile memory such as an EEPROM or a flash memory in an IC card is read illegally. For this reason, it has become important to take measures to prevent the entire correct data from being easily identified even if the data itself stored in the non-volatile memory in the IC card is illegally read.

ISO / IEC7816-4

  An object of one embodiment of the present invention is to provide a portable electronic device and a data management method in the portable electronic device that can reduce the risk of unauthorized access and improve data security.

  A portable electronic device according to an aspect of the present invention performs processing in response to a command from an external device, and includes communication means for communicating with the external device and a plurality of data obtained by dividing one data Data storage means for storing a plurality of files each stored as a part of data, and a command for sequentially specifying a plurality of data stored as a part of data in the plurality of files by the communication means And processing means for specifying each data specified by the command in order from the plurality of files, and executing processing required by the command for the entire data obtained by sequentially combining the specified data.

  A portable electronic device according to another aspect of the present invention performs processing in response to a command from an external device, and includes a communication unit that performs communication with the external device, and a plurality of data obtained by dividing one piece of data. Data storage means for storing a plurality of files each storing data as part of the data, and a command for sequentially specifying a plurality of data stored as part of the data in the plurality of files by the communication means A module having processing means for specifying each data specified by the command in order from the plurality of files, and executing processing requested by the command on the entire data obtained by sequentially combining the specified data. And a main body having the module.

  A data management method in a portable electronic device according to another aspect of the present invention is a method in a portable electronic device that performs processing in response to a command from an external device, and each of a plurality of pieces of data obtained by dividing one piece of data When multiple commands stored as a part of data are stored in the data memory and a command for sequentially specifying a plurality of data stored as a part of the data in the plurality of files is received, it is designated by the command. Each of the data to be processed is specified in order from the plurality of files, and the processing requested by the command is executed on the whole data obtained by sequentially combining the data specified by the specified command.

  According to one aspect of the present invention, it is possible to provide a portable electronic device and a data management method in the portable electronic device that can reduce the risk of unauthorized access and improve data security.

FIG. 1 is a block diagram illustrating a configuration example of an IC card as a portable electronic device and an IC card system including the IC card. FIG. 2 is a diagram illustrating a configuration example of the entire non-contact type IC card. FIG. 3 is a diagram illustrating a state in which one data is divided into three divided data. FIG. 4 is a diagram schematically showing a state in which divided data obtained by dividing one data into three is stored in three different records EF, respectively. FIG. 5 is an example of a command for reading the three divided data shown in FIG. 4 as one data. FIG. 6 is a flowchart for explaining the flow of data read processing managed by the first data management method in the IC card. FIG. 7 is a diagram schematically showing a state in which three divided data are stored in three different transmission-type EFs. FIG. 8 shows an example of a command for reading the three divided data shown in FIG. 7 from the three transmissive EFs as one data. FIG. 9 is a flowchart for explaining the flow of data read processing managed by the second data management method in the IC card. FIG. 10 is a diagram schematically showing a state in which three divided data are stored in three different records EF. FIG. 11 shows an example of a command for reading out data stored in a divided manner in the third data management method. FIG. 12 is a flowchart for explaining the flow of data read processing managed by the third data management method in the IC card. FIG. 13 is a diagram schematically showing a state in which three divided data are stored in three different records EF. FIG. 14 is a diagram illustrating a configuration example of link information. FIG. 15 is a diagram illustrating a configuration example of a command for designating link information. FIG. 16 is a flowchart for explaining the flow of data read processing managed by the fourth data management method in the IC card.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
FIG. 1 is a block diagram showing a configuration example of an IC card 1 as a portable electronic device and an IC card system including the IC card 1 according to an embodiment of the present invention.
The IC card 1 becomes operable by supplying power from an IC card processing device 2 as an external device or a host device. The operable IC card 1 performs various processes in response to commands from the IC card processing device 2. The IC card processing device 2 supplies power for operating the IC card 1 and supplies commands for requesting the IC card 1 to perform various processes. The command that the IC card processing device 2 supplies to the IC card 1 requests processing according to the application or operation mode.

  The IC card 1 may be a non-contact portable electronic device (non-contact IC card) that performs wireless communication in a non-contact state with the IC card processing device 2 by an antenna or a wireless communication unit. It may be a contact type portable electronic device (contact type IC card) that communicates with the IC card processing device 2 in physical and electrical contact. Furthermore, the IC card 1 may be a composite IC card (dual interface IC card) having a communication function as a non-contact IC card and a communication function as a contact IC card. The non-contact type IC card and the contact type IC card differ only in the communication method with the IC card processing device 2. For this reason, the embodiment described below can be similarly applied to a non-contact IC card and a contact IC card.

A configuration example of the IC card 1 will be described.
As shown in FIG. 1, the IC card 1 has a CPU 11, a program memory 12, a working memory 13, a data memory 14, a communication control unit 15, a power supply unit 16, an interface (antenna or contact unit) 17, and the like. ing.
The IC card 1 includes a card-like main body C. One (or a plurality) of IC chips 1 a and an interface 17 are embedded in the card-like main body C forming the IC card 1. The IC chip 1a includes a CPU 11, a program memory 12, a working memory 13, a data memory 14, a communication control unit 15, a power supply unit 16, and the like. The IC chip 1a is modularized while being connected to the interface 17, and is embedded in a card-like main body C that forms the IC card 1. For example, FIG. 2 is a diagram illustrating a configuration example of the entire non-contact type IC card. The noncontact IC card shown in FIG. 2 has a card-like main body C. A module M having one (or a plurality) of IC chips 1a and an antenna as an interface 17 is embedded in the main body C, as indicated by a dotted line in FIG.

  The CPU 11 controls the entire IC card 1. The CPU 11 operates based on a control program and control data stored in the program memory 12 or the data memory 14. For example, the CPU 11 executes a process according to a command given from an external device by executing a control program for performing basic operations stored in the program memory 12. Thus, when a command for requesting data writing to the data memory 14 is given from an external device, the CPU 11 executes data writing processing to the data memory 14. Further, when a command for requesting reading of data stored in the data memory 14 is given from an external device, the CPU 11 executes a process of reading data from the data memory 14. Further, the CPU 11 executes a processing program that is installed according to the use of the IC card 1 to realize processing according to the use.

  The program memory 12 is constituted by a read-only memory (ROM: read-only memory). The program memory 12 stores in advance a control program for controlling basic operations, control data, and the like. In the program memory 12, a control program and control data according to the specifications of the IC card 1 are stored in advance. For example, the CPU 11 realizes processing according to a command given from the outside by a control program stored in the program memory 12.

  The working memory 13 is composed of a volatile memory (RAM; random access memory). The working memory 13 functions as a buffer memory for temporarily storing data. For example, the working memory 13 temporarily stores data transmitted and received in the communication process with the IC card processing device (external device) 2. The working memory 13 is also used as a memory for temporarily storing various write data.

  The data memory (nonvolatile memory) 14 is a nonvolatile memory capable of writing data. The data memory 14 is composed of, for example, an EEPROM or a flash memory. The data memory 14 stores various information corresponding to the purpose of use of the IC card 1. Applications (processing programs, operational data, etc.) corresponding to the purpose of use of the IC card are written in the data memory 14. When the IC card 1 is used for a plurality of usage purposes, the data memory 14 stores a plurality of applications corresponding to the usage purposes. For example, an application corresponding to the purpose of use of the IC card 1 is stored in each file such as a program file (DF; Dedicated File) and a data file (EF; Elementary File) defined on the data memory 14. Remembered. Such a file structure is based on, for example, ISO / IEC7816-4.

  As the format (structure) of the data file (EF), there are a record type file and a transparent type file. A record type file stores data in a plurality of records. Such a record type file can be accessed for each record in the file. The data in the transparent file can be accessed by specifying an offset value indicating the data position in the file. A configuration example of the data file (EF) will be described later in detail.

  The communication control unit 15 controls data communication with an external device (for example, the IC card processing device 2) via the interface 17. For example, if the IC card is a contactless IC card, when receiving data from an external device, the communication control unit 15 demodulates and demodulates transmission data as radio waves received by an antenna as the interface 17. The signal is supplied to the CPU 11. When data is transmitted to an external device, the communication control unit 15 modulates data provided from the CPU 11 and transmits the modulated data as radio waves by an antenna as the interface 17. In the contact IC card, the interface 17 performs data communication with the external device via a contact portion that physically and electrically contacts the contact terminal portion of the external device instead of the antenna.

  The power supply unit 16 supplies power and clock pulses received via the interface 17 for operating each unit of the IC card 1. For example, if the IC card is a non-contact type IC card, the power supply unit 16 generates power and clock pulses from the radio wave received by the antenna as the interface 17 and supplies it to each unit in the IC card. It is like that. Further, when the CPU 11 is activated by supplying power from the power supply unit 16, the CPU 11 performs a process of resetting the processing state of the IC card 1. If the IC card 1 is a contact type IC card, the power supply unit 16 is supplied to each unit by power and clock pulses supplied directly from an external device via the interface 17.

Next, the IC card processing apparatus 2 will be described.
The IC card processing device 2 includes a control device 21 and a card reader / writer 22 as shown in FIG. The control device 21 is configured by a personal computer (PC) or the like. The control device 21 includes an arithmetic processing unit such as a CPU, various memories such as a RAM, a ROM, a nonvolatile memory, and a hard disk drive, and various interfaces such as a communication interface. In the control device 21, the arithmetic processing unit implements various processes by executing various control programs stored in the memory. The control device 21 inputs and outputs data to and from the card reader / writer 22 that performs data communication with the IC card 1.

  For example, the control device 21 stores in advance a control program corresponding to various processes using the IC card 1. The control device 21 executes various processes using the IC card 1 by executing the control program as described above. For example, in various processes using the IC card 1, the control device 21 supplies a predetermined command according to a predetermined procedure. The control device 21 performs various processes based on the responses from the IC card 1 to the commands as described above (information indicating the processing results for the commands).

  The card reader / writer 22 functions as a communication unit that performs data communication with the IC card 1. The card reader / writer 22 is for performing data communication by a communication method corresponding to the communication method of the IC card 1. That is, the control device 21 implements data communication with the IC card 1 via the card reader / writer 22.

  When the IC card 1 is a non-contact type IC card, the card reader / writer 22 includes an antenna for performing wireless data communication with the IC card 1 and a communication control unit (modem / demodulation circuit, etc.). The When data is transmitted to the non-contact type IC card 1, the card reader / writer 22 modulates transmission data provided from the control device 21 by the communication control unit, and transmits the modulated signal as a radio wave by an antenna. When data is received from the non-contact type IC card 1, the card reader / writer 22 demodulates a signal as a radio wave received by the antenna by the communication control unit, and uses the demodulated data as received data. To supply. The card reader / writer 22 transmits and receives the data as described above, and transmits a power source for operating the IC card 1 and a radio wave as a clock pulse by an antenna.

  When the IC card 1 is a contact type IC card, the card reader / writer 22 includes a contact unit and a communication control unit for performing data communication in physical contact with the IC card 1. . When transmitting / receiving data to / from a contact-type IC card, the card reader / writer 22 performs various data communications by physically contacting the contact portion with a contact portion provided on the IC card 1 side. The card reader / writer 22 supplies power and clock pulses to the IC card 1 through a contact portion that is in physical contact with the IC card 1.

Next, files stored in the data memory 14 will be described.
The data memory 14 stores data in a file having a hierarchical structure. In the present embodiment, it is assumed that each file is stored in the data memory 14 with a file structure defined by ISO / IEC 7816. ISO / IEC 7816 defines a hierarchical file structure including MF (Master File), DF (Dedicated File), EF (Elementary File), and the like. The MF is a file positioned at the top of the hierarchical structure, and a DF or EF is provided below the MF. The DF is, for example, a file set for each application, and an EF that stores data used by the application is provided in the lower layer. Each EF is a data file that stores actual data.

  The EF as a data file stores data in a predetermined format. For example, ISO / IEC 7816-4 defines the following types of EF formats.

(1) A fixed length sequential record file.

(2) Variable length sequential record file.

(3) Fixed-length circular sequential record file.

(4) Transparent file.

  In an IC card conforming to the ISO / IEC 7816-4 standard, data is stored in the data memory 14 with the EF in any one of the formats (1) to (4). Data in these types of EF is accessed by a command given from the IC card processing device 2 to the IC card 1.

  The EFs in the formats (1) to (3) are record type files. A plurality of data in units of records can be stored in the EFs (1) to (3) (hereinafter also referred to as records EF). For this reason, the data in record units stored in the record EF is specified by information for identifying the EF (file identification information (ID)) and information for identifying the record (record management number).

  For example, in the command that the IC card processing device 2 requests the IC card 1 to access the record stored in the record EF, the record to be accessed is specified by the file identification information (ID) and the record management number. Is done. When such a command is received, the IC card 1 specifies the recording location (area) of the data to be accessed based on the file identification information (ID) and the record management number, and performs processing requested by the command (for example, Read, write, or rewrite data to the area.

  For the record EF (variable length sequential record file) of the format (2), the length of each record data can be arbitrarily designated. In a record EF of a format other than (2) (fixed length sequential record file, fixed length circular sequential record file), the length of each record data depends on the file. Further, the record EF (fixed length circulation sequential record file) in the format (3) includes a concept of sequentially adding data. That is, in the EF as a fixed-length circular sequential record file, the oldest record data is deleted every time record data is additionally written to the file. In this case, the record management numbers are reassigned to the record data of the EF from the newest order or the oldest order.

  The EF in the format (4) is a transparent data file. In the EF of the format (4) (hereinafter also referred to as a transparent EF), data is stored as a group of data, not in units of records. For this reason, for the data in the transparent EF, the data to be accessed can be specified by information indicating the head position (address) of the data.

  For example, in the command that the IC card processing device 2 requests the IC card 1 to access the data stored in the transparent EF, from the file identification information (ID) and the head position in the data portion in the file. The access target data is specified by the offset value (data start address). When such a command is received, the IC card 1 uses the file identification information (ID) and the offset value (data start address) from the start position in the data portion in the file to record the location of data to be accessed (data start address). An area is specified, and processing requested by the command (for example, reading, writing, or rewriting of data in the area) is executed. Note that the transmission type EF can normally arbitrarily specify the length of data.

Next, a data management method in the IC card 1 will be described.
In the present embodiment, one piece of data is divided into a plurality of pieces of data, and the divided pieces of data are stored in the data memory 14 in a discrete state (not connected). For example, the divided data is stored in a plurality of files. Below, the 1st-4th data management method is demonstrated as an example of the recording method and the management method (data management method) of the divided | segmented data applicable to this IC card 1. FIG.

First, the first data management method will be described.
The first data management method is a method of dividing one data into a plurality of data and storing the divided data in separate records EF. FIG. 3 is a diagram illustrating a state in which one data D is divided into three divided data Da, Db, and Dc. In each data management method described below, as a specific example, a method for managing data Da, Db, and Dc obtained by dividing one data D into three will be described as shown in FIG.

  FIG. 4 is a diagram schematically showing a state in which divided data Da, data Db, and data Dc obtained by dividing data D into three are stored in three different records EF, respectively. In the example shown in FIG. 4, the data Da is stored in the record with the record management number “002” in the EF1-1 having the EF identification information “0003”. The data Db is stored in the record with the record management number “001” in the EF1-2 having the EF identification information “0012”. The data Dc is stored in the record with the record management number “003” in the EF1-3 with the EF identification information “0138”.

As shown in FIG. 4, each record EF also stores other record data other than the data Da, Db, and Dc. For this reason, even if each record EF or each record data can be read, it cannot be easily determined how the record data are combined to obtain the original correct data.
Further, in the first data management method, the information indicating the storage location of each data Da, Db, Dc is not held in the IC card 1, and the location where each data Da, Db, Dc is stored is determined by the IC. It is assumed that the operator of the card processing device (higher-order device) 2 or the IC card processing device recognizes it. According to such a form, it becomes difficult to specify the original correct data D no matter how the IC card 1 is analyzed.

FIG. 5 shows an example of a command for reading out data D that is divided and stored as three data Da, Db, and Dc as shown in FIG.
In the command shown in FIG. 5, an EF identification number indicating a region (record) in which each data Da, Db, and Dc is stored and a record management number are specified in order. Here, it is assumed that the IC card processing device 2 as the host device or the authorized operator of the IC card processing device 2 knows in advance where each of the divided data Da, Db, Dc is stored. Yes. For this reason, in the IC card processing apparatus 2, the EF identification number storing each data Da, Db, and Dc and the record management number are sequentially specified in the command in which the command code for requesting the data reading is set. In the IC card 1 that has received such a command, the data Da, Db, Dc designated by the EF identification number and the record management number are read in order, and the data D obtained by concatenating the data Da, Db, Dc is sequentially read. The read result (command processing result) is transmitted to the IC card processing device 2. As a result, the IC card processing apparatus 2 can acquire data D as shown in FIG. 3 as a response to the read command.

Next, data read processing managed by the first data management method will be described.
FIG. 6 is a flowchart for explaining the flow of data read processing managed by the first data management method in the IC card 1.
Here, it is assumed that the IC card 1 first receives a data read command as shown in FIG. Then, the CPU 11 of the IC card 1 determines that the received command is a request to read data based on the command data of the received command. If the CPU 11 determines that the received command is a command for requesting data reading, the CPU 11 clears (initializes) the data buffer for storing the read data (step S11), and sets an initial value (N = 1) for the variable N. Is set (step S12). Note that the storage area of the data buffer is secured in the working memory 13, for example. The value of the variable N is stored in the working memory 13 or the data memory 14.

  When the value of the variable N is set, the CPU 11 sets the Nth EF identification information (EF identification information N) that designates the Nth data in the received read command, the Nth record management number (record management number N), and It is determined whether or not there is (step S13). For example, if the variable N is “N = 1”, the CPU 11 determines whether there is EF identification information 1 indicating the first data and the record management number 1 in the received read command.

  When it is determined that there is EF identification information N specifying the Nth data and the record management number N in the received read command (step S13, YES), the CPU 11 performs a process of searching for the EF of the EF identification information N. Perform (step S14). If the EF of the EF identification information N is detected as a search result (step S14, OK), the CPU 11 performs a process of reading the record data of the record management number N in the EF of the detected EF identification information N (step S15). .

  For example, in the case of the command example shown in FIG. 5, if N = 1, the EF with ID “0003” is searched, and the record data with the record management number “002” in the EF with ID “0003” is read. In the case of the command example shown in FIG. 5, if N = 2, the record data with the record management number “001” in the EF with the ID “0012” is read. In the case of the command example shown in FIG. 5, if N = 3, the record data with the record management number “003” in the EF with the ID “0138” is read.

  When the record data of the record management number N in the EF of the EF identification information N is read (step S15, OK), the CPU 11 adds the read record data of the record management number N to the data buffer (step S16). As a result, the data buffer stores data in which the data up to the Nth is added in order. When the read record data is stored in the data buffer, the CPU 11 increments the variable N (N = N + 1) (step S17), and repeatedly executes the processing from step S13.

  When it is determined that the Nth EF identification information (EF identification information N) and the Nth record management number (record management number N) are not included in the read command received in step S13 (NO in step S13), the CPU 11 Determines whether the value of the variable N is larger than the initial value (“1”) (that is, a value other than the initial value) (step S18).

  When the value of the variable N is larger than the initial value (step S18, YES), the CPU 11 outputs the data stored in the data buffer to the IC card processing device 2 as a result of the reading process (step S19). Then, the process ends. In this case, the entire data (restored data) in which all the data (divided data) specified by the command are sequentially added is stored in the data buffer. Therefore, the IC card 1 can output the data held in a divided manner as one data as the processing result of the read command.

If it is determined in step S18 that the value of the variable N is not larger than the initial value (that is, the initial value) (NO in step S18), the CPU 11 specifies the data to be read by the command. As a result, the processing result for the received command is regarded as an error, a response in which an error code is set is transmitted to the IC card processing device 2 (step S20), and the processing is terminated.
When the EF of the EF identification information N cannot be detected (step S14, ERROR), or when the record data of the record management number N cannot be read (step S15, ERROR), the CPU 11 The processing result for the command is regarded as an error, and a response in which an error code is set is transmitted to the IC card processing device 2 (step S20), and the processing is terminated.

  In the first data management method as described above, each divided data is stored in a part of record data in a plurality of records EF, and the storage location of each data is designated by an IC card processing device (higher-order device). To do. For this reason, it becomes difficult for the IC card 1 to which the first data management method is applied to specify the original correct data D no matter how it is analyzed. In addition, when an IC card to which the first data management method is applied receives a command for sequentially specifying a plurality of divided data from a higher-level device, the IC card is accessed by sequentially accessing each of the specified data. The required processing can be divided and executed as processing for one data stored in a plurality of records EF. As a result, the IC card can perform efficient data processing while realizing highly secure data management.

Next, the second data management method will be described.
The second data management method is a method of dividing one piece of data into a plurality of pieces and storing the divided pieces of data in separate transparent EFs. Here, a method of managing data Da, Db, and Dc obtained by dividing one data D as shown in FIG. 3 into three by the second data management method will be described.

  FIG. 7 schematically shows a state in which data Da, data Db, and data Dc obtained by dividing data D into three are stored in three different transmissive EFs (EF2-1, EF2-2, and EF2-3), respectively. FIG. In the example illustrated in FIG. 7, the data Da is stored in the storage area from the address “X” in the EF2-1 having the EF identification information “1002”. The data Db is stored in the storage area from the address “Y” in the EF2-2 having the EF identification information “1016”. The data Dc is stored in the storage area from the address “Z” in the EF2-3 having the EF identification information “1123”.

  Further, as shown in FIG. 7, other data other than the data Da, Db, and Dc are also stored in the data portion of each transmission type EF. For this reason, even if all the data of each transmission type EF can be read, it is not easy to determine how the data is combined to obtain the original correct data. Further, in the second data management method, the information indicating the storage location of each data Da, Db, Dc is not held in the IC card 1, and the location where each data Da, Db, Dc is stored is determined by the IC card. It is assumed that the operator of the processing device (high-order device) 2 or the IC card processing device recognizes it. According to such a form, it becomes difficult to specify the original correct data D no matter how the IC card 1 is analyzed.

FIG. 8 shows an example of a command for reading out data D that is divided into transmissive EFs and stored as three data Da, Db, and Dc, as shown in FIG.
In the command shown in FIG. 8, the EF identification number of the EF storing each data Da, Db, Dc, the start address of the data in the EF (offset value from the start position in the data portion of the EF), and the data The length of each is designated in order. Here, it is assumed that the IC card processing device 2 as the host device or the authorized operator of the IC card processing device 2 knows in advance where each of the divided data Da, Db, Dc is stored. Yes. For this reason, in the IC card processing device 2, in the command in which the command code for requesting data reading is set, the EF identification number, the head address (offset value) and the data length in which each data Da, Db, Dc is stored are Specify in order.

  In the IC card 1 that has received such a command, the storage area of each data Da, Db, Dc is identified and read in order by the EF identification number, the head address (offset value), and the data length, and the data Da, Db, Data D in which Dc is sequentially connected is transmitted to the IC card processing apparatus 2 as a read result (command processing result). As a result, the IC card processing apparatus 2 can acquire data D as shown in FIG. 3 as a response to the read command.

Next, data read processing managed by the second data management method will be described.
FIG. 9 is a flowchart for explaining the flow of data read processing managed by the second data management method in the IC card 1.
Here, it is assumed that the IC card 1 first receives a data read command as shown in FIG. Then, the CPU 11 of the IC card 1 determines that the received command is a request to read data based on the command code of the received command. If the CPU 11 determines that the received command is a command for requesting data reading, the CPU 11 clears (initializes) the data buffer for storing the read data (step S31), and sets an initial value (N = 1) for the variable N. Is set (step S32). Note that the storage area of the data buffer is secured in the working memory 13, for example. The value of the variable N is stored in the working memory 13 or the data memory 14.

  When the value of the variable N is set, the CPU 11 sets the Nth EF identification information (EF identification information N) specifying the Nth data in the received read command, and the Nth head address information (address (offset value) N). ) And Nth length information (length N) is determined (step S33). For example, if the variable N is “N = 1”, the CPU 11 determines whether there is EF identification information 1, address (offset value) 1 and length 1 specifying the first data in the received read command. Determine whether.

  If it is determined that there is EF identification information N, address N, and length N specifying the Nth data in the received read command (step S33, YES), the CPU 11 searches for the EF of the EF identification information 1 Is performed (step S34). When the EF of the EF identification information N can be detected as a search result (step S34, OK), the CPU 11 sets the “long (address (offset value) N)” position from the top of the data portion in the EF as “long”. “N” data is read (step S35).

  For example, in the case of the command example shown in FIG. 8, if N = 1, the EF with ID “1002” is searched, and the address (offset) “00” from the beginning of the data portion in the EF with ID “1002” is retrieved. The data (data Da) for the length “04” starting from the position of is read. Further, in the command example shown in FIG. 8, if N = 2, the length of “05” with the position corresponding to the address (offset) “13” from the head of the data portion in the EF with ID “1016” as the head. Data (data Db) is read out. Further, in the command example shown in FIG. 8, if N = 3, the length of “06” with the position corresponding to the address (offset) “07” from the head of the data portion in the EF with ID “1123” as the head. Data (data Dc) is read out.

  When the data designated Nth in the command is read as described above (step S35, OK), the CPU 11 adds the read Nth data to the data buffer (step S36). As a result, the data buffer stores data in which the data up to the Nth is added in order. When the read data is stored in the data buffer, the CPU 11 increments the variable N (N = N + 1) (step S37), and repeatedly executes the processing from step S33.

  When it is determined that there is no Nth EF identification information (EF identification information N), Nth address information (address N), and Nth length information (length N) in the read command received in step S33 (Step S33, NO), the CPU 11 determines whether or not the value of the variable N is a value larger than the initial value (“1”) (that is, a value other than the initial value) (Step S38). When the value of the variable N is larger than the initial value (step S38, YES), the CPU 11 sends the data stored in the data buffer to the IC card processing device 2 as a result of the data read process for the read command. Output (step S39), the process is terminated. In this case, the entire data (restored data) in which all the data (divided data) specified by the read command are sequentially added is stored in the data buffer. Therefore, the IC card 1 can output the data held in a divided manner as one data as the processing result of the read command.

If it is determined in step S38 that the value of the variable N is not greater than the initial value (that is, the initial value) (NO in step S38), the CPU 11 specifies the data to be read in the read command. If it is determined that it has not been processed, the processing result for the command is regarded as an error, and a response in which the error code is set is transmitted to the IC card processing device 2 (step S40), and the processing is terminated.
Further, when the EF of the EF identification information N cannot be detected (step S34, ERROR), or when data of a specified length cannot be read from the specified head address (step S35, ERROR), the CPU 11 Makes the processing result for the read command an error, transmits a response in which the error code is set to the IC card processing device 2 (step S40), and ends the processing.

  In the second data management method as described above, each piece of divided data is stored in a part of a plurality of transparent EFs, and the storage location of each piece of data is designated by an IC card processing device (higher-order device). For this reason, it becomes difficult for the IC card 1 to which the second data management method is applied to specify the original correct data D no matter how it is analyzed. In addition, when an IC card to which the second data management method is applied receives a command for sequentially specifying a plurality of divided data from a higher-level device, the IC card is accessed by sequentially accessing each of the specified data. The required processing can be divided and executed as processing for one data stored in a plurality of transparent EFs. As a result, the IC card can perform efficient data processing while realizing highly secure data management.

Next, the third data management method will be described.
The third data management method is a method of dividing one piece of data into a plurality of pieces and storing the divided pieces of data in separate records EF. Here, a method for managing data Da, Db, and Dc obtained by dividing one data D as shown in FIG. 3 into three by the third data management method will be described.
FIG. 10 is a diagram schematically illustrating a state in which data Da, data Db, and data Dc obtained by dividing data D into three are stored in three different records EF (EF3-1, EF3-2, and EF3-3), respectively. It is. The example shown in FIG. 10 shows a state in which each divided data is stored in a part of record data in a plurality of records EF, similarly to the example shown in FIG. 4 described in the first data management method. Yes.

  That is, in the third data management method, as in the first data management method, even if each record EF or each record data can be read, how the record data are combined to obtain the original correct data Cannot be easily identified. Further, in the third data management method, the information indicating the storage location of each data Da, Db, Dc is not held in the IC card 1, and the location where each data Da, Db, Dc is stored is determined by the IC. It is assumed that the operator of the card processing device (higher-order device) 2 or the IC card processing device recognizes it. In such a form, similarly to the first data management method described above, it is difficult to specify the original correct data D, no matter how the IC card 1 is analyzed.

  However, as shown in FIG. 10, in the third data management method, a record in the current state can be set for each record EF. The current record in each record EF is designated by the IC card processing device 2 as a host device. That is, in the third data management method, when three divided data are stored in three records EF, the IC card processing device 2 stores the divided data for each record EF. Put the record in the current state (selected state). In such a state, the IC card processing device 2 can request processing for one piece of data that is divided and stored in a plurality of records EF with a command designated by current.

FIG. 11 shows an example of a command for reading out data stored in a divided manner in the third data management method. FIG. 11 shows an example of a command for reading data D including three data Da, Db, and Dc from three records EF in which the current state is set as shown in FIG.
In the command shown in FIG. 11, only the EF identification number storing each data Da, Db, Dc is specified in order. In this case, it is assumed that the command code of the command shown in FIG. 11 indicates that the command requests reading of the record in the current state. That is, in the command shown in FIG. 11, when accessing one piece of data that is divided and stored in a plurality of records EF, the data Da, Db, and Dc obtained by dividing the IC card processing device 2 as the host device are It is assumed that the stored record is kept in the current state in each record EF.

  If each record to be read is set in the current state in this way, the IC card processing apparatus 2 stores each data Da, Db, Dc in a command in which a command code for requesting data reading is set. Only the EF identification number of the record EF may be designated in order. In the IC card 1 that has received such a command, the record data in the current state is sequentially read as each data Da, Db, Dc from each record EF specified by the EF identification number, and these data Da, Db, Dc are sequentially read. The concatenated data D is transmitted to the IC card processing device 2 as a read result (command processing result). As a result, the IC card processing apparatus 2 can acquire data D as shown in FIG. 3 as a response to the read command.

Next, data read processing managed by the third data management method will be described.
FIG. 12 is a flowchart for explaining the flow of data read processing managed by the third data management method in the IC card 1.
Here, the IC card processing apparatus 2 sets each record as a data portion divided into each record EF to the current state before sending a data read command as shown in FIG. And The IC card processing device 2 can set the record in the current state in each record EF by supplying a command for designating the record in the current state to the IC card 1.

  Assume that the IC card 1 receives a data read command as shown in FIG. 11 from the interface 17 in a state where the current record is set in each record EF as shown in FIG. Then, the CPU 11 of the IC card 1 determines that the received command is a request for reading data based on the command code of the received command. If the CPU 11 determines that the received command is a command for requesting data reading, the CPU 11 clears (initializes) the data buffer for storing the read data (step S51), and sets an initial value (N = 1) for the variable N. Is set (step S52). Note that the storage area of the data buffer is secured in the working memory 13, for example. The value of the variable N is stored in the working memory 13 or the data memory 14.

When the value of the variable N is set, the CPU 11 determines whether or not there is Nth EF identification information (EF identification information N) specifying the Nth data in the received read command (step S53). For example, if the variable N is “N = 1”, the CPU 11 determines whether or not there is EF identification information 1 specifying the first data in the received read command.
When it is determined that the EF identification information N is included in the received read command (step S53, YES), the CPU 11 performs a process of searching for the EF of the EF identification information N (step S54). When the EF of the EF identification information N is detected as a search result (step S54, OK), the CPU 11 determines whether or not there is a record in the current state in the detected EF (step S55).

  When it is determined that there is a record in the current state in the EF detected by this determination (step S55, YES), the CPU 11 performs a process of reading the record data in the current state in the EF of the EF identification information N (step S56). For example, in the case of the command example shown in FIG. 11, if N = 1, the EF with ID “0003” is searched, and the record data in the current state in the EF with ID “0003” (in the example shown in FIG. Record data whose record management number is “002”). In the case of the command example shown in FIG. 11, if N = 2, the record data in the current state in the EF with the ID “0012” (in the example shown in FIG. 10, the record management number is “001”). Is read. In the case of the command example shown in FIG. 11, if N = 3, the record data in the current state in the EF with the ID “0138” (in the example shown in FIG. 10, the record data with the record management number “003”). Is read.

  When the record data in the current state in the EF of the EF identification information N is read (step S56), the CPU 11 adds the read record data to the data buffer (step S57). As a result, the data buffer stores data in which the data up to the Nth is added in order. When the read record data is stored in the data buffer, the CPU 11 increments the variable N (N = N + 1) (step S38), and repeatedly executes the processing from step S53.

  When it is determined that there is no Nth EF identification information (EF identification information N) for designating Nth data in the read command received in step S53 (step S53, NO), the CPU 11 determines that the value of the variable N is It is determined whether or not the value is larger than the initial value (“1”) (that is, a value other than the initial value) (step S59).

  When the value of the variable N is larger than the initial value (step S59, YES), the CPU 11 outputs the data stored in the data buffer to the IC card processing device 2 as a result of the reading process (step S60). Then, the process ends. In this case, the entire data (restored data) in which all the data (divided data) specified by the command are sequentially added is stored in the data buffer. Therefore, the IC card 1 can output the data held in a divided manner as one data as the processing result of the read command.

If it is determined in step S59 that the value of the variable N is not larger than the initial value (that is, the initial value) (NO in step S59), the CPU 11 specifies the data to be read by the command. As a result, the processing result for the received command is regarded as an error, a response in which an error code is set is transmitted to the IC card processing device 2 (step S61), and the processing is terminated.
If the EF identification information N cannot be detected (step S54, ERROR), or if no record in the current state exists in the detected EF (step S55, NO), the CPU 11 The processing result is regarded as an error, and a response in which an error code is set is transmitted to the IC card processing device 2 (step S61), and the processing is terminated.

  In the third data management method as described above, each divided data is stored in a part of record data in a plurality of records EF, and a record storing each data divided in each record EF is stored in an IC card processing apparatus ( The higher-level device is designated as a recipient. In this state, when the IC card receives a command for sequentially specifying a plurality of pieces of divided data with the EF identification information from the host device, the IC card accesses the record data in the current state in each of the specified EFs in order. The processing requested by the command can be divided and executed as processing for one data stored in a plurality of records EF. As a result, the IC card can perform efficient data processing while realizing highly secure data management.

Next, a fourth data management method will be described.
The fourth data management method is a method of dividing one data into a plurality of data and storing the divided data in separate records EF. Here, a method of managing data Da, Db, and Dc obtained by dividing one data D as shown in FIG. 3 into three by the fourth data management method will be described.

  FIG. 13 is a diagram schematically illustrating a state in which data Da, data Db, and data Dc obtained by dividing data D into three are stored in three different records EF (EF3-1, EF3-2, and EF3-3), respectively. It is. In the example shown in FIG. 13, each divided data is stored in a part of record data in a plurality of records EF as in the example shown in FIG. 4 described in the first data management method. That is, in the fourth data management method, as in the first data management method, even if each record EF or each record data can be read, how the record data are combined to obtain the original correct data Cannot be easily identified.

  In the fourth data management method, information indicating each divided data (information for restoring the divided data) is recorded in the IC card 1. For example, when each divided data is stored in a plurality of EFs, the IC card 1 has a storage location (for example, EF identification information and record management number) where each divided data is stored and a storage order (concatenation order). Information about is recorded. Here, the information for restoring the divided and stored data into one data is referred to as link information. Such link information is information with high security. For this reason, link information is memorize | stored in the secure storage area in the data memory 14, for example. Further, the link information may be encrypted and stored in the data memory 14.

FIG. 14 is a diagram illustrating a configuration example of link information.
FIG. 14 shows an example of link information related to data D when each divided data Da, Db, Dc is stored in a plurality of records EF as shown in FIG. The example of the link information shown in FIG. 14 has a configuration in which the link number as identification information is set to “1”, and the EF identification number and the record management number in which each data Da, Db, Dc is stored are sequentially displayed. ing. By referring to such link information, the IC card 1 can sequentially access the data Da, Db, Dc specified by the EF identification number and the record management number, and sequentially connect the data Da, Db, Dc. It is possible to handle the processed data D as access target data.

  The link information is stored not only when a plurality of divided data is stored in a plurality of records EF as shown in FIG. 13, but also a plurality of divided data is stored in a plurality of transparent EFs as shown in FIG. It can also be applied to cases. In this case, the link information can be realized, for example, by arranging information indicating areas of the data Da, Db, and Dc in order as in a portion other than the command code shown in FIG.

FIG. 15 is a diagram illustrating a configuration example of a command for designating link information.
For the IC card having the link information as described above, the IC card processing apparatus 2 may specify the link information by the link number or the like instead of specifying each data divided in the command. In the command example shown in FIG. 15, a link number for identifying link information is designated together with a command code. In the IC card 1 that has received such a command, each data storage location (EF identification number and record management number) is identified in order based on the specified link information, and each data Da stored in those storage locations. , Db, and Dc are accessed in order, and the access result (command processing result) for the data D obtained by concatenating the data Da, Db, and Dc in order is transmitted to the IC card processing device 2. For example, the IC card processing device 2 can acquire the data D as a response to the read command by a read command designating link information related to the data D as shown in FIG.

  As described above, in the fourth data management method, information indicating the storage location of each divided data Da, Db, and Dc is registered in the IC card 1 as link information. For this reason, the IC card processing device (higher-level device) 2 does not directly specify each piece of data stored separately for the IC card 1, but simply specifies the link information to provide the data D. The specified command can be configured. Here, it means that control of accessing the data D divided into a plurality of data Da, Db, and Dc in the IC card 1 on the host device side becomes easy. Also in this case, since the data itself (for example, data D) is divided and stored together with other data in a plurality of EFs, it is difficult to identify the original correct data D even if each EF is analyzed. Become.

Next, data read processing managed by the fourth data management method will be described.
FIG. 16 is a flowchart for explaining the flow of data read processing managed by the fourth data management method in the IC card 1.
Here, first, it is assumed that the IC card 1 has received a data read command in which link information as shown in FIG. Then, the CPU 11 of the IC card 1 determines that the received command is a request to read data based on the command code of the received command. In this case, the CPU 11 determines whether a link number is specified in the command and the specified link number exists (step S71).

  If it is determined by this determination that the specified link number exists (step S71, YES), the CPU 11 clears (initializes) the data buffer for storing the read data (step S72), and sets an initial value for the variable N. (N = 1) is set (step S73). Note that the storage area of the data buffer is secured in the working memory 13, for example. The value of the variable N is stored in the working memory 13 or the data memory 14.

  When the value of the variable N is set, the CPU 11 sets the Nth EF identification information (EF identification information N) specifying the Nth data in the link information specified by the received command and the Nth record management number (record It is determined whether there is a management number N) (step S74). For example, if the variable N is “N = 1”, the CPU 11 determines whether or not there is EF identification information 1 indicating the first data and the record management number 1 in the link information specified by the received read command. Judging.

  When it is determined that there is EF identification information N specifying the Nth data and record management number N in the link information specified by the received read command (YES in step S74), the CPU 11 determines the EF identification information N. Processing for searching for EF is performed (step S75). When the EF of the EF identification information N can be detected as a search result (step S75, OK), the CPU 11 performs a process of reading the record data of the record management number N in the EF of the detected EF identification information N (step S76). .

  For example, in the case of the link information shown in FIG. 14 specified by the command shown in FIG. 15, if N = 1, the EF with the ID “0003” is searched, and the record in the EF with the ID “0003” is searched. Read record data with management number “002”. In the case of the link information shown in FIG. 14, if N = 2, the record data with the record management number “001” in the EF with the ID “0012” is read. In the case of the link information shown in FIG. 14, if N = 3, the record data with the record management number “003” in the EF with the ID “0138” is read.

  When the record data of the record management number N in the EF of the EF identification information N is read (step S76, OK), the CPU 11 adds the read record data of the record management number N to the data buffer (step S77). As a result, the data buffer stores data in which the data up to the Nth is added in order. When the read record data is stored in the data buffer, the CPU 11 increments the variable N (N = N + 1) (step S78), and repeatedly executes the processing from step S74.

  N-th EF identification information (EF identification information N) specifying the N-th data and N-th record management number (record management number N) are specified in the link information specified by the read command received in step S74. If it is determined that there is no value (step S74, NO), the CPU 11 determines whether or not the value of the variable N is a value larger than the initial value (“1”) (that is, a value other than the initial value) (step S1). S79).

  When the value of the variable N is larger than the initial value (step S79, YES), the CPU 11 outputs the data stored in the data buffer to the IC card processing device 2 as a result of the reading process (step S80). Then, the process ends. In this case, the entire data (restored data) in which all the data indicated by the link information specified by the command is added in order is stored in the data buffer. Therefore, the IC card 1 can output the data held in a divided manner as one data as the processing result of the read command.

  If it is determined in step S79 that the value of the variable N is not larger than the initial value (that is, the initial value) (NO in step S79), the CPU 11 specifies the data to be read by the command. As a result, the processing result for the received command is regarded as an error, a response in which an error code is set is transmitted to the IC card processing device 2 (step S81), and the process is terminated.

  Further, when the EF of the EF identification information N cannot be detected (step S75, ERROR), or when the record data of the record management number N cannot be read (step S76, ERROR), the CPU 11 receives the reception. The processing result for the command is regarded as an error, and a response in which an error code is set is transmitted to the IC card processing device 2 (step S81), and the processing is terminated.

  As described above, the IC card 1 to which the fourth data management method is applied stores each divided data in a part of a plurality of EFs, and the storage location and order of each divided data are linked information. Register as In this state, when the IC card 1 receives a command specifying the link information from the IC card processing device (higher-order device), the IC card 1 sequentially stores the data divided and stored based on the specified link information. By accessing, the processing requested by the command can be divided and executed as processing for one data stored in a plurality of EFs. As a result, the IC card 1 can perform efficient data processing while realizing highly secure data management.

  According to each data management method as described above, the recorded contents of the data file recorded in the data memory of the IC card are illegally known to a third party by physical or electrical analysis means. However, the original data can be divided into a plurality of data files and recorded (managed) so that the illegally known data does not immediately become meaningful information.

  C ... Main body, M ... Module, 1 ... IC card, 1a ... IC chip, 2 ... IC card processing device, 11 ... CPU, 12 ... Program memory, 13 ... Working memory, 14 ... Data memory, 15 ... Communication control unit, DESCRIPTION OF SYMBOLS 16 ... Power supply part, 17 ... Interface, 21 ... Control apparatus, 22 ... Card reader / writer.

Claims (9)

  1. A portable electronic device that performs processing in response to a command from an external device,
    A communication means for communicating with the external device;
    Data storage means for storing a plurality of files each storing a plurality of pieces of data obtained by dividing one data as a part of the data;
    When a command for sequentially specifying a plurality of data stored as part of data in the plurality of files is received by the communication means, each data specified by the command is specified in order from the plurality of files and specified. Processing means for executing the processing requested by the command for the entire data obtained by combining the respective data in order,
    A portable electronic device comprising:
  2. When the processing unit receives a read command for sequentially specifying a plurality of data stored as a part of data in the plurality of files by the communication unit, the processing unit converts each of the data specified by the read command to the plurality of data Specify sequentially from the file, read the specified data in order, and output the entire combined data as a result of the read process according to the read command,
    The portable electronic device according to claim 1, wherein the portable electronic device is a portable electronic device.
  3. The data storage means stores a plurality of record type files in which each data obtained by dividing one data into a plurality of records is stored as one record together with another record,
    When the processing unit receives a read command for sequentially specifying a plurality of data stored as records in the plurality of record-type files by the communication unit, the processing unit converts each record specified by the read command to the plurality of records. Identify sequentially from the type file, read the identified records in order and output the entire combined data as a result of the read process according to the read command,
    The portable electronic device according to claim 2, wherein:
  4. The command is for sequentially specifying a plurality of records by sequentially specifying identification information for identifying a record type file and a record management number for identifying a record in the file.
    The portable electronic device according to claim 3, wherein:
  5. Furthermore, it has setting means for setting a record in the current state for each record type file stored in the data storage means,
    The command sequentially specifies records in a current state in a plurality of record type files by sequentially specifying identification information for identifying record type files.
    The portable electronic device according to claim 3, wherein:
  6. The data storage means stores a plurality of transparent files in which each piece of data divided into a plurality of pieces of data is stored as a part of data in a group of data.
    When the processing means receives a read command for sequentially specifying a plurality of data stored as a part of data in the plurality of transparent files by the communication means, the data specified by the read command Specify sequentially from a plurality of transparent files, and read out the combined data in order and output the entire data as a result of the read processing according to the read command,
    The portable electronic device according to claim 2, wherein:
  7. Furthermore, it has registration means for registering link information indicating storage locations of a plurality of data obtained by dividing one data,
    When the processing means receives a command requesting reading of data specifying the link information by the communication means, the processing means is stored as a part of data in the plurality of files according to the link information specified by the command. Identify each data in order, and execute the processing required by the command for the entire data obtained by combining the identified data in order.
    The portable electronic device according to claim 1, wherein the portable electronic device is a portable electronic device.
  8. A portable electronic device that performs processing in response to a command from an external device,
    A communication means for communicating with the external device, a data storage means for storing a plurality of files each storing a plurality of pieces of data divided as one data, and a plurality of files by the communication means. When a command for sequentially specifying a plurality of data stored as a part of data is received, each data specified by the command is specified in order from the plurality of files, and the entire data obtained by combining the specified data in order A module having processing means for executing a process requested by the command,
    A body having the module;
    A portable electronic device comprising:
  9. A data management method in a portable electronic device that performs processing in response to a command from an external device,
    A plurality of files in which a plurality of data obtained by dividing one data are respectively stored as a part of the data are stored in the data memory,
    When receiving a command for sequentially specifying a plurality of data stored as part of data in the plurality of files, each data specified by the command is identified in order from the plurality of files,
    Executing the processing requested by the command for the entire data obtained by sequentially combining the data specified by the identified command.
    A data management method for a portable electronic device, comprising:
JP2009210911A 2009-09-11 2009-09-11 Portable electronic apparatus, and data management method in the same Withdrawn JP2011060136A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2009210911A JP2011060136A (en) 2009-09-11 2009-09-11 Portable electronic apparatus, and data management method in the same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2009210911A JP2011060136A (en) 2009-09-11 2009-09-11 Portable electronic apparatus, and data management method in the same

Publications (1)

Publication Number Publication Date
JP2011060136A true JP2011060136A (en) 2011-03-24

Family

ID=43947671

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2009210911A Withdrawn JP2011060136A (en) 2009-09-11 2009-09-11 Portable electronic apparatus, and data management method in the same

Country Status (1)

Country Link
JP (1) JP2011060136A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101316377B1 (en) 2012-12-26 2013-10-08 신한카드 주식회사 Control method for mobile transaction device
JP2013222273A (en) * 2012-04-13 2013-10-28 Lapis Semiconductor Co Ltd Semiconductor device, confidential data management system, and confidential data management method
JP2013222272A (en) * 2012-04-13 2013-10-28 Lapis Semiconductor Co Ltd Semiconductor device, confidential data management system, and confidential data management method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013222273A (en) * 2012-04-13 2013-10-28 Lapis Semiconductor Co Ltd Semiconductor device, confidential data management system, and confidential data management method
JP2013222272A (en) * 2012-04-13 2013-10-28 Lapis Semiconductor Co Ltd Semiconductor device, confidential data management system, and confidential data management method
US9086971B2 (en) 2012-04-13 2015-07-21 Lapis Semiconductor Co., Ltd. Semiconductor device, confidential data control system, confidential data control method
KR101316377B1 (en) 2012-12-26 2013-10-08 신한카드 주식회사 Control method for mobile transaction device

Similar Documents

Publication Publication Date Title
JPWO2002099742A1 (en) Storage device
JP2010527069A (en) Dynamically programmable RFID transponder
US20100291896A1 (en) Method, system and trusted service manager for securely transmitting an application to a mobile phone
JP3015377B2 (en) Ic card
US7825776B2 (en) Device configuration with RFID
CN1088223C (en) Encryptablc IC card
CN101878492B (en) Trusted service manager managing reports of lost or stolen mobile communication devices
JP2005354529A (en) Moving machine, and access controlling method
DE10001672C2 (en) Electronic data storage medium with the ability to check fingerprints
JP2005136960A (en) Mobile communication terminal with radio frequency identification function, and radio frequency identification programming method of the same
JP2004295160A (en) Memory card
KR960005397B1 (en) Portable electronic apparatus
US8533856B2 (en) Secure compact flash
JP2005056305A (en) Information storage device with split area in memory area
JP4428055B2 (en) Data communication apparatus and memory management method for data communication apparatus
JP4584979B2 (en) Method, apparatus, and system for performing automated data selection processing and supply based on information by means of identification
JP4651212B2 (en) Portable information storage medium and authentication method thereof
JP3568970B2 (en) IC card issuing device
US20040025035A1 (en) Contactless electronic identification system
CN1104699C (en) Communication apparatus
WO2006120938A1 (en) Memory card, application program holding method, and holding program
FR2719680A1 (en) Method for securing access to removable computer cards.
JP5272637B2 (en) Information processing apparatus, encryption switching method, and program
CN1158635C (en) Card memory appts.
JP5521803B2 (en) Communication device, communication method, and communication system

Legal Events

Date Code Title Description
A300 Withdrawal of application because of no request for examination

Free format text: JAPANESE INTERMEDIATE CODE: A300

Effective date: 20121204