JP3657315B2 - Portable information recording medium and access method thereof - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a portable information recording medium and an access method thereof, and more particularly, to a novel access method suitable for use with an IC card incorporating a CPU.
[0002]
[Prior art]
IC cards are attracting attention as next-generation portable information recording media that can replace magnetic cards. Recently, IC cards have been put into practical use in various systems in the real world due to technological advances for miniaturization and cost reduction of semiconductor integrated circuits.
[0003]
In particular, an IC card with a built-in CPU is not only a function as an information recording medium but also an information processing function, so that it is expected to be used in an information processing system that requires high security. A general IC card that is currently popular has a CPU and three types of memories accessed by the CPU, that is, ROM, RAM, and EEPROM. In the ROM, a program made up of instruction codes that can be directly executed by the CPU is stored, and the CPU has a function of comprehensively controlling the IC card based on the program. The RAM is a memory used as a work area when the CPU performs such overall control. On the other hand, the EEPROM is a non-volatile memory capable of reading and writing data via the CPU, and is used for storing original data to be recorded on the IC card.
[0004]
Normally, all access to the EEPROM is performed via the CPU, and the EEPROM cannot be directly accessed from the outside. Therefore, various access rights can be set for each individual file stored in the EEPROM, and a high level of security can be ensured. When it is desired to access the EEPROM in the IC card from the outside, a predetermined command is always given to the CPU from the outside. For example, when data is written to a predetermined file in the EEPROM, the data to be written is given to the CPU together with the predetermined write command, and the writing process is performed in the form of execution of the write command by the CPU. It will be. When data is read from a predetermined file in the EEPROM, a predetermined read command is given to the CPU, and the read process is performed in the form of execution of the read command by the CPU. When a predetermined command is given from the outside to the IC card, a response to this command is returned from the IC card to the outside. For example, when a write command is given, a response indicating whether or not the write process has been executed without any trouble is returned. When a read command is given, the data to be read is in the form of a response. Will be returned.
[0005]
When the access right is set for ensuring security, a specific key is required to execute a specific command. In order to execute a command that requires such a key, it is necessary to collate the key before that. Such key verification is performed by giving a predetermined key together with a verification command to the IC card from the outside. Within the IC card, the given key and the key recorded in the EEPROM are collated, and if both match, execution of a specific command is permitted.
[0006]
[Problems to be solved by the invention]
As described above, a portable information recording medium with a built-in CPU is usually accessed by a method in which a predetermined command is transmitted from the outside and a response to the response is received. In other words, it is necessary to repeatedly execute the process of command transmission / response return / command transmission / response return /... Whatever access is made to the portable information recording medium. Such command transmission and response return processing are performed via an I / O line formed between the external device and the portable information recording medium, and the data transfer speed via this I / O line is: The data transfer speed between the CPU and the memory inside the medium is very slow. For this reason, it takes much time to access the medium from the outside, compared to the performance of the CPU inside the medium. Thus, a large amount of data flowing on the I / O line for a long time is not preferable from the viewpoint of security. That is, the I / O line formed between the external device and the medium can be physically accessed from the outside, and data flowing on the I / O line can be illegally observed from the outside. Since data transfer is performed for a long time, there is a problem in securing security. In addition, when performing data transfer via an I / O line, it is necessary to add control information (so-called header and footer information) according to a predetermined transmission protocol to the data to be originally transferred, which increases redundancy. There is also a problem. As described above, the access of the medium by the procedure of command transmission / response return via the I / O line is not always efficient.
[0007]
As a solution to such a problem, a program consisting of instruction codes is written each time depending on the contents of access to the medium, this program is written as binary data as a file in the EEPROM, and this EEPROM is stored in the CPU in the medium. An access method for directly executing the instruction code is also proposed. According to this method, the data transfer through the I / O line can be performed in a short time only for transferring the program as binary data. Thereafter, since the CPU only needs to execute the program in the EEPROM, only the processing in the medium is required, and very high-speed processing is possible. However, this method has a big problem in terms of security. That is, the control of the CPU is completely controlled by the routine of the instruction code transferred to the EEPROM, away from the control of the normal routine prepared in the ROM. For this reason, if an unauthorized user describes an unauthorized program with an instruction code and uses this method, the CPU will faithfully execute the unauthorized program.
[0008]
Accordingly, an object of the present invention is to provide a portable information recording medium and an access method thereof that can efficiently perform external access while ensuring sufficient security.
[0009]
[Means for Solving the Problems]
  (1) According to a first aspect of the present invention, a CPU, a ROM storing a program made up of instruction codes that can be directly executed by the CPU, a RAM used as a work area of the CPU, a data stored via the CPU, And a non-volatile memory that can be read and written, and the CPU executes a predetermined program in the ROM based on a command given from the outsideThe result is sent back to the outside as a response.In a portable information recording medium having a function to
  When a write command with “batch file consisting of multiple commands listed” is given as data to be written from outside, this batch file is written to nonvolatile memory and the execution result is written. Processing to send back as a response to the command,
When a predetermined batch processing execution command is given from the outside, multiple commands contained in the batch file written in the non-volatile memory are interpreted as commands given from the outside and executed sequentially Once all the commands in the batch file have been processed, the necessary responses to these commands are sent in batches as responses to the batch processing execution command,
I doA function is provided.
[0010]
  (2) According to a second aspect of the present invention, in the portable information recording medium according to the first aspect described above,
  Responses generated by the execution of each command in the batch file are temporarily stored in the RAM. After all commands in the batch file have been executed, the responses stored in the RAM are responses to the batch processing execution command. As a batchIt is what I did.
[0011]
  (3) According to a third aspect of the present invention, in the method for accessing the portable information recording medium according to the first or second aspect described above,
  Prepare a batch file that lists multiple commands to be given to portable information recording media.
  Give a batch file prepared with a predetermined write command to the portable information recording medium, write this batch file in the nonvolatile memory,The result is sent back to the outside as a response to the write command.
  By giving a predetermined batch processing execution command to the portable information recording medium, each command in the batch file written in the nonvolatile memory is interpreted as an externally given command and executed.When all the commands in the batch file have been processed, the necessary responses for these commands are batched and returned as a response to the batch processing execution command.It is made to let you.
[0012]
(4) A fourth aspect of the present invention is the portable information recording medium access method according to the third aspect described above,
Responses generated by the execution of each command in the batch file are temporarily stored in the RAM. After all commands in the batch file have been executed, the responses stored in the RAM are responses to the batch processing execution command. Are sent to the outside in a batch.
[0013]
DETAILED DESCRIPTION OF THE INVENTION
The portable information recording medium according to the present invention has a batch processing execution function for interpreting and executing data written in the nonvolatile memory as a command given from the outside. Therefore, if a batch file consisting of a plurality of commands is prepared, and this batch file is given to the medium from the outside together with a write command and written into the non-volatile memory, the batch file is configured by this batch processing execution function. It becomes possible to interpret the command as an externally given command and execute it. That is, the CPU in the medium handles the command in the batch file stored in the non-volatile memory in the same medium as if it were a command given from the outside, and executes it.
[0014]
According to this method, the data transfer via the I / O line can be performed in a short time only to transfer the batch file to the medium. Thereafter, since the CPU only needs to execute commands in the EEPROM, only processing in the medium is required, and extremely high-speed processing becomes possible. In addition, for each command in the batch file, control information (so-called header and footer information) according to a predetermined transmission protocol is not necessary, and redundancy can be reduced. Moreover, what the CPU executes is only a command, not an instruction code itself. Accordingly, it is possible to maintain the same security as the access by the procedure of command transmission / response return via the I / O line.
[0015]
As described above, according to the present invention, it is possible to efficiently perform external access while ensuring sufficient security.
[0016]
【Example】
Hereinafter, the present invention will be described based on embodiments shown in the drawings.
[0017]
§1. General access method of IC card
First, a general access method for an IC card that is currently popular will be described. FIG. 1 is a block diagram showing a state in which a reader / writer device 20 as an external device is connected to a general IC card 10 and accessed. The IC card 10 and the reader / writer device 20 are connected to each other by an I / O line 30. Here, the IC card 10 includes an I / O interface 11, a CPU 12, a ROM 13, a RAM 14, and an EEPROM 15. The I / O interface 11 is an input / output circuit for transmitting and receiving data via the I / O line 30, and the CPU 12 communicates with the reader / writer device 20 via the I / O interface 11. The ROM 13 stores a program made up of instruction codes that can be directly executed by the CPU 12, and the CPU 12 has a function of performing overall control of the IC card 10 based on this program. The RAM 14 is a memory used as a work area when the CPU 12 performs such overall control. On the other hand, the EEPROM 15 is a memory for storing original data to be recorded on the IC card 10.
[0018]
Normally, power and a clock are supplied to the IC card 10 from an external reader / writer device 20. Therefore, when the IC card 10 is disconnected from the reader / writer device 20, the supply of power and clock to the IC card 10 is stopped. However, since the EEPROM 15 is a non-volatile memory, the recorded content is retained as it is even after the power supply is stopped. However, all the data in the RAM 14 is lost by stopping the power supply.
[0019]
All accesses to the memories 13, 14, and 15 in the IC card 10 are performed via the CPU 12, and these memories cannot be directly accessed from the outside. That is, when a predetermined “command” is given from the reader / writer device 20 to the CPU 12, the CPU 12 interprets and executes this “command” and returns the result as a “response” to the reader / writer device 20. Become. For example, when writing to a predetermined file in the EEPROM 15, data to be written is given to the CPU 12 together with the “write command”, and the writing process is performed in the form of execution of the “write command” by the CPU 12. It will be. Conversely, when data is read from a predetermined file in the EEPROM 15, a predetermined “read command” is given to the CPU 12, and read processing is performed in the form of execution of the “read command” by the CPU 12. As described above, when the execution of the “command” is completed in the IC card 10, a “response” for the executed “command” is returned to the outside. For example, when a “write command” is given, a “response” indicating whether or not the write process has been executed without any trouble is returned. When a “read command” is given, the data to be read is returned. Will be returned in the form of a response.
[0020]
Usually, data is stored in the EEPROM 15 in units of files, and an access right is set for each individual file. In this case, when a specific “command” is executed for a specific file, input of a predetermined key is required. Therefore, before executing the “write command” or the “read command”, the key collation must be performed by executing a predetermined “collation command”. For this reason, it is possible to ensure high security for the data stored in the EEPROM 15.
[0021]
FIG. 2 is a block diagram illustrating such a general access method. When accessing the IC card 10, first, the transmission data 31 is transferred from the reader / writer device 20 to the CPU 12 via the I / O line 30. The transmission data 31 is obtained by adding “header” and “footer” before and after the original “command” to be given to the CPU 12. The “header” and “footer” are control information according to a predetermined transmission protocol for transmission via the I / O line 30. When the “command” is transferred in this way, the CPU 12 interprets and executes it to generate a “response”. This “response” is returned to the reader / writer device 20 as return data 32. The return data 32 is obtained by adding “header” and “footer” before and after “response”.
[0022]
In order to cause the CPU 12 to execute “commands”, a program routine is prepared for each “command” in the ROM 13. For example, corresponding to each of “write command”, “read command”, and “collation command”, “write processing routine”, “read processing routine”, and “collation processing routine” are prepared in ROM 13. ing. Actually, several other “commands” are defined, and each of the defined “commands” has its own subroutine in the ROM 13. The subroutine in the ROM 13 is an instruction code that can be directly executed by the CPU 12, that is, a program described in so-called “machine language”. When the CPU 12 receives the “command” via the I / O line 30, it first interprets the received “command” by executing the “common command processing routine” in the ROM 13, and a subroutine corresponding to the “command”. Select. Then, a jump to the instruction code at the head of the subroutine corresponding to each “command” occurs, and a predetermined process is executed. When this process is completed, the process returns to the “common command process routine” again, and a process of returning a predetermined “response” is performed. The above is the overall processing flow when one “command” is given to the CPU 12.
[0023]
In this way, general access to the IC card is performed by repeating the process of command transmission / response return / command transmission / response return /. For this reason, as described above, (1) it takes a long time to access, (2) security during transmission decreases, and (3) redundancy increases. That is, the transfer speed of the “command” and “response” via the I / O line 30 is very slow compared to the arithmetic processing speed of the CPU 12, and there is a problem that (1) access takes time. Become. In addition, there is a high possibility that data flowing on the I / O line 30 will be illegally observed from the outside. If data is transferred over a long period of time, (2) the security during transmission will be reduced. become. Furthermore, since it becomes necessary to add control information such as “header” and “footer” in accordance with a predetermined transmission protocol for transmission via the I / O line 30, (3) redundancy is increased. The problem of, etc. also arises. Thus, the access of the IC card 10 by the procedure of command transmission / response return via the I / O line 30 is not necessarily efficient.
[0024]
§2. Access method using instruction code
As a solution to such a problem, an access method using an instruction code has been conventionally proposed. This method will be described with reference to the block diagrams of FIGS. First, in accordance with the contents of access to the IC card 10, a program composed of instruction codes is prepared each time. As described above, the instruction code is a program described in so-called “machine language” that can be directly executed by the CPU 12. However, normally, a program composed of this instruction code is prepared by compiling a source program written in a high-level language.
[0025]
Subsequently, a process of writing the program including the prepared instruction code into the EEPROM 15 as binary data is performed. FIG. 3 shows this writing process. In the illustrated example, a “write command” “WRITE BINARY” is transmitted to the CPU 12 as the transmission data 31. Here, the “write command” is composed of “write command code” and “data to be written”, and is composed of prepared instruction codes in the “data to be written” portion. There is a program. Since this program is handled as binary data, as a result, as shown in FIG. 4, the program consisting of this instruction code is written as it is in a predetermined file in the EEPROM 15.
[0026]
Next, as shown in FIG. 4, a “program execution command” “GO PROG” is transmitted to the CPU 12 as the transmission data 31. This “program execution command” is a command specially defined for performing the access method using the instruction code described here, and is a command for instructing that the instruction code group written in the EEPROM 15 should be executed as it is. It is. In order to execute such a command, it is necessary to prepare a subroutine corresponding to the “program execution command” in the ROM 13, but the subroutine is very simple. That is, it may be constituted by a jump instruction to the start address of the instruction code written in the EEPROM 15.
[0027]
Thus, when the “program execution command” is executed, the CPU 12 directly executes the instruction code written in the EEPROM 15. According to such an access method, the data transfer via the I / O line 30 can be performed in a short time only to transfer the program as binary data. Thereafter, since the CPU 12 only has to execute the program in the EEPROM 15, only the processing inside the IC card 10 is required, and very high speed processing is possible. Compared with the general access method described in §1, the CPU 12 Can be accessed efficiently.
[0028]
However, this access method has a big problem in terms of security as already described. After the “program execution command” is executed, the control of the CPU 12 is completely controlled by the instruction code written in the EEPROM 15. For this reason, if an unauthorized user describes an unauthorized program with an instruction code and uses this method, the CPU will faithfully execute the unauthorized program. In other words, as long as the CPU 12 executes an instruction given in the form of “command”, the regular security check prepared in the ROM 13 functions, but the primitive instruction given in the form of “instruction code” is executed by the CPU 12. Such security checks will no longer work when running.
[0029]
§3. Access method according to the present invention
As described above, both the general access method described in §1 and the access method using the instruction code described in §2 have advantages and disadvantages. The present invention proposes a novel access method that solves the problems of these methods. Hereinafter, this method will be described with reference to the block diagrams of FIGS.
[0030]
First, in accordance with the access contents to the IC card 10, a batch file consisting of a list of commands is prepared each time. That is, in the general access method described in §1, a batch file is created by arranging several “commands” transmitted as the transmission data 31. However, the “header” and “footer” added based on the transmission protocol are not necessary here, and the prepared batch file may include only the “command” portion.
[0031]
Subsequently, a process of writing the prepared batch file in the EEPROM 15 is performed. FIG. 5 shows this writing process. In the illustrated example, a “write command” “WRITE BINARY” is transmitted to the CPU 12 as the transmission data 31. Here, the “write command” is composed of “write command code” and “data to be written”, and the prepared batch file is put in the “data to be written” part. ing. This batch file is composed of a large number of “commands”. Here, however, the batch files are handled not as “commands” but as mere data, and as a result, as shown in FIG. It will be written as it is.
[0032]
Next, as shown in FIG. 6, a “batch process execution command” “BATCH” is transmitted to the CPU 12 as the transmission data 31. This “batch processing execution command” is a command specially defined for performing the access method according to the present invention. The “command” in the batch file written in the EEPROM 15 is transferred via the I / O line 30. It is a command for performing processing to be interpreted and executed as a “command” given from the outside. In order to execute such a command, it is necessary to prepare a subroutine corresponding to the “batch processing execution command” in the ROM 13, but the subroutine can be added relatively easily. This is because, as already described, a “common command processing routine” for interpreting and executing a “command” given from the outside via the I / O line 30 is already prepared in the ROM 13. In the “Common Command Processing Routine”, instead of the “Command” given from the outside, if the “Command” in the batch file is changed to be interpreted and executed, it corresponds to the “Batch Processing Execution Command”. Routines can be easily created.
[0033]
Specifically, during execution of the “batch processing execution command”, the “command” in the batch file stored in the EEPROM 15 may be indicated by the buffer pointer BP. This basic concept will be described with reference to FIG. In the general access method described in §1, the “command” given through the I / O line 30 is temporarily stored in a buffer in the RAM 14 as shown in FIG. The start position of the “command” in this buffer is indicated by the pointer BP. The CPU 12 interprets and executes the “command” while sequentially moving the buffer pointer BP. That is, after a subroutine corresponding to a given “command” is executed, a predetermined “command” is generated and returned. On the other hand, in the access method according to the present invention, when a “batch processing execution command” is given, the start position of the batch file in the EEPROM 15 is indicated by the buffer pointer BP as shown in FIG. The “command” is interpreted and executed while sequentially moving the buffer pointer BP.
[0034]
Thus, although the memory area pointed to by the buffer pointer BP is different in that one is a buffer area in the RAM 14 and the other is a batch file storage area in the EEPROM 15, the substantial interpretation processing of “command” is performed. There is no essential difference between the general access method described in §1 and the access method according to the present invention.
[0035]
However, there is a slight difference regarding the method of returning the “response”. That is, when a “command” given through the I / O line 30 and stored in the buffer in the RAM 14 is executed, a “response” to this “command” is immediately returned, but the EEPROM 15 When the “command” stored in the batch file is executed, the “response” for each “command” is temporarily accumulated in the RAM 14 and all the “commands” in the batch file are processed. At the time of completion, the “responses” stored in the RAM 14 are returned in a batch. Accordingly, when viewed from the reader / writer device 20 side, when a “batch processing execution command” “BATCH” is transmitted to the CPU 12, each “command” in the batch file is used as a “response” to this “batch processing execution command”. "Response" can be obtained collectively.
[0036]
In the general access method described in §1, the CPU 12 always executes a predetermined command sequentially by repeating the procedure of command transmission / response return. However, in the access method according to the present invention, first, a plurality of commands are transmitted. A batch file in which “commands” are listed and prepared is prepared, and after writing the batch file in the EEPROM 15, a “batch processing execution command” may be given to the CPU 12. Since the CPU 12 interprets each “command” in the batch file as a “command” given from the outside via the I / O line 30 and executes it sequentially, the CPU 12 performs the same processing as a general access method. Can be executed. According to this method, the data transfer through the I / O line 30 is a short time required to transfer the batch file as binary data. Thereafter, since the CPU 12 only has to execute the “command” in the EEPROM 15, only the processing inside the IC card 10 is required, and extremely high speed processing becomes possible. In addition, since the data transfer time via the I / O line 30 is relatively short, the possibility that data is illegally leaked outside via the I / O line 30 is also reduced. Furthermore, it is not necessary to add control information corresponding to the transmission protocol such as “header” and “footer” to each “command” in the batch file (the batch file is transferred via the I / O line 30). It is necessary to add "Header" and "Footer" to the "Write command", but it is necessary to add "Header" and "Footer" to each "Command" that makes up the batch file. There will be less redundancy.
[0037]
Further, this method does not cause a security problem unlike the access method using the instruction code described in §2. Comparing FIG. 4 (description of the method of §2) and FIG. 6 (description of the method of §3), both are common in that “the CPU 12 executes an instruction written in the EEPROM 15”. However, the former instruction is an instruction code, that is, a “machine language” level instruction that can be directly executed by the CPU 12, whereas the latter instruction is a “command” level instruction given via the I / O line 30. There are some major differences. That is, in the access method according to the present invention, the execution target of the CPU 12 is merely a “command”, and the instruction code directly executed by the CPU 12 is an instruction code prepared in the ROM 13. Therefore, the regular security check prepared in the ROM 13 functions sufficiently, and unauthorized access is not performed at the instruction code level.
[0038]
§4. Examples of access
Next, an access method according to the present invention will be described based on a specific example. Here, as shown in FIG. 8, an explanation will be given taking an example of access processing related to six files existing in the EEPROM 15. Each of these six files has a unique file ID (in this example, a 2-byte code in hexadecimal), that is, “2F10”, “2F11”, “2F12”, “2F13”, “2F14”, “2F15”. Is granted. Here, the file “2F10” is a data file storing some user data related to the user who is the owner of the IC card, and the other five files are for reading user data from the data file “2F10”. It is assumed that the key file stores necessary keys. For example, a first key “1111” is stored in the first key file “2F11”. In order to read user data from the data file “2F10”, a “read command” may be given to the CPU 12 after giving a “select command” for selecting this data file. If the verification is not completed, this “read command” is rejected without being executed. Accordingly, in order to access the data file “2F10”, it is necessary to repeatedly execute the “collation command” and collate all five keys.
[0039]
Here, first, a method for reading user data in the data file “2F10” by the general access method described in §1 will be described. In this case, 12 types of “commands” as shown in FIG. 9 are required. These 12 types of “commands” are transmitted one by one from the reader / writer device 20 to the CPU 12 via the I / O line 30. When the execution of one “command” is completed, a “response” to this is returned from the CPU 12 to the reader / writer device 20 via the I / O line 30. After the “response” is returned, the reader / writer device 20 transmits the next “command”. Thus, when the round-trip transfer of “command” and “response” is repeated 12 times via the I / O line 30, the user data in the data file “2F10” is read to the reader / writer device 20 side.
[0040]
The 12 types of “commands” shown in FIG. 9 will be briefly described step by step. First, the “select command” “SELECT FILE 2F11” in step 1 selects the first key file “2F11”. It is a command to do. After performing the process of selecting the key file “2F11”, the CPU 12 returns a “response” indicating that the selection has been performed correctly. The subsequent “verification command” “VERIFY 1111” in step 2 is a command for comparing and collating the key in the key file selected immediately before with the password code “1111”. The CPU 12 executes this collation, and returns a result indicating whether or not both match as a “response”. If the two match, an unlock flag for this key is set in the RAM 14. The “selection command” “SELECT FILE 2F12” in step 3 is a command for selecting the second key file “2F12”, and the “verification command” “VERIFY 2222” in step 4 is immediately before. This is a command for comparing and collating the key in the selected key file with the password code “2222”. In the same manner, all the five types of keys are collated by the “command” in steps 5 to 10.
[0041]
Then, the target data file “2F10” is selected by the “selection command” “SELECT FILE 2F10” in step 11. Subsequently, when the “read command” “READ BINARY” in step 12 is given, the CPU 12 refers to the unlock flag in the RAM 14 to execute the “read command” on the data file “2F10”. It is determined whether or not the set access right condition is satisfied. At this point, since the collation match has already been obtained for all the first to fifth keys, the CPU 12 executes this “read command”. As a result, the user data in the data file “2F10” is returned as a “response” to the reader / writer device 20 in the form of binary data.
[0042]
As described above, in order to execute the reading process for the data file “2F10” by the conventional general access method described in §1, 12 types as shown in FIG. It is necessary to perform an operation of sending “commands” one by one, waiting for a “response” reply, and sending the next “command”. As described above, such an operation is very slow compared with the arithmetic processing speed of the CPU 12, and the exchange of “command” and “response” is easily intercepted from the I / O line 30. In addition, when each “command” shown in FIG. 9 and “response” corresponding thereto are transmitted, the “header” and “footer” according to a predetermined transmission protocol are transferred to each “command” and “response”. There is also a problem that the redundancy becomes high.
[0043]
In order to perform the same reading process according to the present invention, the following process may be performed. First, as shown in FIG. 10, in addition to the six files described above, a dedicated data file “2F16” and key file “2F17” for carrying out the present invention are prepared in the EEPROM 15. Here, the data file “2F16” is a file for storing a batch file. The key file “2F17” is a key file that stores keys necessary for executing the “batch processing execution command” for the batch file. In this embodiment, a key “7777” is written in advance. It is. Note that the key file “2F17” is not necessarily required to implement the present invention, but it is preferable to provide such a key file in order to increase security.
[0044]
On the other hand, the reader / writer device 20 side prepares a batch file in which 12 types of “commands” as shown in FIG. 9 are listed. Then, six types of “commands” as shown in FIG. 11 may be transmitted one by one from the reader / writer device 20 to the CPU 12 via the I / O line 30. First, the “selection command” “SELECT FILE 2F16” in step 1 is a command for selecting the data file “2F16” for storing the batch file. After performing the process of selecting the data file “2F16”, the CPU 12 returns a “response” indicating that the selection has been performed correctly. The next “write command” “WRITE BINARY (batch file)” in step 2 is a command for writing the prepared batch file as binary data into the data file selected immediately before. In this embodiment, since no key verification is required for the writing process for the data file “2F16”, the 12 types of “commands” shown in FIG. The enumerated batch file is written as it is in the data file “2F16”.
[0045]
Subsequently, the key file “2F17” is selected by the “selection command” “SELECT FILE 2F17” in step 3, and the key in the selected key file is selected by the “verification command” “VERIFY 7777” in step 4. The code code “7777” is compared and collated. The CPU 12 executes this collation, returns a result indicating whether or not both match as a “response”, and if both match, sets an unlock flag for this key in the RAM 14. Subsequently, the data file “2F16” storing the batch file is selected again by the “selection command” “SELECT FILE 2F16” in step 5. In the final step 6, a “batch processing execution command” “BATCH” is given to the CPU 12. The CPU 12 executes the “batch process execution command” after confirming that the key “7777” has already been unlocked by referring to the unlock flag in the RAM 14. That is, the “command” shown in FIG. 9 stored in the batch file is executed as if it were sequentially given as “command” via the I / O line 30 and the “response” is temporarily stored in the RAM 14. Keep it. Thus, when the execution of the “command” “READ BINARY” in step 12 shown in FIG. 9 is completed, the “response” temporarily stored in the RAM 14 is used as the “response” of the “batch processing execution command”. Return it. Eventually, when viewed from the reader / writer device 20, the user data in the data file “2F10” can be read out as the “response” of the “command” “BATCH” in step 6 of FIG.
[0046]
As described above, in the conventional general access method, it is necessary to perform the operation of sequentially transferring 12 types of “commands” as shown in FIG. 9 through the I / O line 30 and waiting for “response” for each of them. On the other hand, in the access method according to the present invention, it is sufficient to perform the same operation for the six types of “commands” shown in FIG. In addition, the number of “commands” shown in FIG. 11 is always 6 regardless of how many “commands” shown in FIG. 9 increase (written by “write command” “WRITE BINARY” in step 2). It only increases the capacity of the batch file). Therefore, the effect of the present invention becomes more prominent when an access is performed using a series of “commands” composed of more steps. The data in the batch file is only a “command” level instruction and not an “instruction code” level instruction used in the method described in §2, so there is no problem in terms of security. For example, in the above-described example, the unauthorized user cannot read the user data in the data file “2F10” unless he / she knows five keys “1111”, “2222”,.
[0047]
Lastly, FIG. 12 shows an example of the format when a batch file is configured by listing “commands”. In this example, the code of “command” is arranged following the part indicating the command length consisting of 2 bytes (the part indicated as “XX” in the figure), and finally the end code “0000” consisting of 2 bytes. "Is added. In the batch file in the “write command” in step 2 of FIG. 11, binary codes in which “commands” are listed in the format shown in FIG. 12 are entered. Any other format may be used as the format of the batch file. A predetermined format is defined in advance, and a processing routine corresponding to the “batch processing execution command” in the ROM 13 It is necessary to be able to interpret each "command" in the batch file based on the format.
[0048]
As mentioned above, although this invention was demonstrated based on the Example shown in figure, this invention is not limited to this Example, It can implement in a various aspect other than this. For example, in the above-described embodiment, “responses” for individual “commands” in the batch file are temporarily stored in the RAM 14 and finally returned in a batch. There is no need to send back the “response”, and it may be omitted for the “response” of low importance. For example, for the 12 types of “commands” shown in FIG. 9, the “response” to “read command” in step 12 is important including user data to be read, but for other “commands”. The “response” is merely for confirming that the file selection or verification has been executed without any problem, and may be discarded without being temporarily stored in the RAM 14.
[0049]
If any error (for example, mismatch of collation) occurs while executing a series of “commands” in the batch file, the execution of the “batch processing execution command” is interrupted at that time, and “BATCH” As a “response” to “command”, a status indicating the occurrence of an error may be returned.
[0050]
Further, in the above-described embodiments, the example in which the present invention is applied to an IC card has been described. However, the application of the present invention is not limited to an IC card, and extends to a portable information recording medium having a built-in CPU. Is.
[0051]
【The invention's effect】
As described above, the portable information recording medium according to the present invention has a batch processing execution function for interpreting and executing data written in the nonvolatile memory as a command given from the outside. If you prepare a batch file with a list of commands, give this batch file to the medium from outside with a write command, and write it in the non-volatile memory, this batch process execution function will change the commands that make up the batch file to the external It is possible to interpret and execute the command given by. For this reason, it is possible to efficiently perform external access while ensuring sufficient security.
[Brief description of the drawings]
FIG. 1 is a block diagram showing a state in which a reader / writer device as an external device is connected to a general IC card and accessed.
FIG. 2 is a block diagram illustrating a conventional general access method for an IC card.
FIG. 3 is a block diagram for explaining an operation in a previous stage of an access method using an instruction code for an IC card.
FIG. 4 is a block diagram for explaining a subsequent operation of an access method using an instruction code for an IC card.
FIG. 5 is a block diagram for explaining an operation in the first stage of an access method according to the present invention for an IC card.
FIG. 6 is a block diagram for explaining a subsequent operation of an access method according to the present invention for an IC card.
FIG. 7 is a diagram for explaining a difference in command interpretation processing between a general access method and an access method according to the present invention.
FIG. 8 is a conceptual diagram showing an example of a file group stored in an EEPROM in a general IC card.
FIG. 9 is a diagram illustrating a “command” group necessary for performing an operation of reading user data from the data file “2F10” illustrated in FIG. 8;
FIG. 10 is a conceptual diagram showing a state in which another file is added to the file group shown in FIG. 8 in order to apply the present invention.
11 is a diagram showing a “command” group necessary for performing an operation of reading user data from the data file “2F10” shown in FIG. 10 according to the present invention.
FIG. 12 is a diagram showing an example of a format of a batch file used in the present invention.
[Explanation of symbols]
10 ... IC card
11 ... I / O interface
12 ... CPU
13 ... ROM
14 ... RAM
15 ... EEPROM
20: Reader / writer device
30 ... I / O line
31 ... transmission data
32 ... Return data

Claims (4)

A CPU, a ROM storing a program comprising instruction codes that can be directly executed by the CPU, a RAM used as a work area of the CPU, and a non-volatile memory capable of reading and writing data via the CPU In accordance with a command given from the outside, the portable information recording medium having a function for the CPU to execute a predetermined program in the ROM and return the result to the outside as a response .
When a write command having a “batch file formed by listing a plurality of commands” from outside is given as write target data, a process of writing the batch file to the nonvolatile memory is executed, and the execution result is Processing to send back as a response to the write command;
When a predetermined batch processing execution command is given from outside, a plurality of commands included in the batch file written in the non-volatile memory are interpreted as commands given from outside and sequentially executed When the processing of all the commands in the batch file is completed, the necessary responses to these commands are batched and returned to the outside as a response to the batch processing execution command;
A portable information recording medium having a function of performing The medium of claim 1, wherein
Responses generated by the execution of each command in the batch file are temporarily stored in the RAM. After all commands in the batch file have been executed, the responses stored in the RAM are displayed as responses to the batch processing execution command. A portable information recording medium characterized by being collectively sent to the outside. A CPU, a ROM storing a program comprising instruction codes that can be directly executed by the CPU, a RAM used as a work area of the CPU, and a non-volatile memory capable of reading and writing data via the CPU And a portable information recording medium having a function of executing a predetermined program in the ROM and returning the result to the outside as a response based on a command given from the outside In
Prepare a batch file that lists a plurality of commands to be given to the portable information recording medium,
Giving the batch file together with a predetermined write command to the portable information recording medium, writing the batch file in the nonvolatile memory, returning the result to the outside as a response to the write command,
To the portable information recording medium, by applying a predetermined batch processing execution command, each command of said nonvolatile written batch file in memory, to be executed by interpreting the command given from the outside When all the commands in the batch file have been processed, necessary responses to these commands are collectively returned to the outside as responses to the batch processing execution command. Possible information recording medium access method. The access method according to claim 3, wherein
Responses generated by the execution of each command in the batch file are temporarily stored in the RAM. After all commands in the batch file have been executed, the responses stored in the RAM are displayed as responses to the batch processing execution command. A method for accessing a portable information recording medium, characterized by:

Images