JP5214291B2 - IC card and IC card control method - Google Patents

Description

The present invention relates to an IC card incorporating an IC chip having a control element, a communication interface, a nonvolatile memory, and the like , and a method for controlling the IC card , for example.

  In general, an IC card as a portable electronic device has an IC chip having a control element and various memories embedded in a card-like casing made of plastic or the like. Various application programs, data files, and the like are stored in the nonvolatile memory in such an IC card. Some IC cards have a function of a logical channel as a method of processing a command given from an external device. In an IC card having a logical channel function, different systems of processing can be performed in parallel on each logical channel.

For example, according to Non-Patent Document 1 (ISO / IEC7816-4: 2005 Section 5.3.3) described later, file control information may permit or deny access to one file on a plurality of different logical channels. It is controllable by. However, when access to one file is permitted, access such as writing and deleting can be performed on the file from a plurality of channels. For this reason, in a conventional IC card, when processing for changing file data or file status such as writing, rewriting, deleting, and erasing data is performed on one channel, another channel accessing the same file There is a problem in that it may become inconsistent with the processing performed so far.
ISO / IEC7816-4: 2005 Section 5.3.3

An embodiment of the present invention solves the above-described problems , and provides an IC card that can maintain consistency in processing for processing requests from a plurality of channels , and an IC card control method. For the purpose.

An IC card according to an aspect of the present invention performs processing for a command given from an external device, and is defined by communication means for communicating with the external device through a plurality of channels, file definition information, and the definition information. Storage means for storing file data , setting means for setting information indicating a channel having priority for access to the file in the definition information of the file, and access to the file received by the communication means If the channel of the command requesting the command is a channel having priority in accessing the file, the first processing means for executing the processing for the file requested by the command and the received by the communication means The command channel that requests access to a file has no priority in accessing that file. If a channel, if it is determined the determining means processing of the command received to determine whether viable, the process for the command by the determining means is executable by the communication means, processing for the command If the determination unit determines that the process for the command is not executable by the second processing unit for executing the command, the process for the command is not executed, and the file access has no priority and cannot be executed. And a third processing means for transmitting to the external device a response indicating that

An IC card control method according to an aspect of the present invention includes: a communication unit that communicates with an external device through a plurality of channels; and a storage unit that stores file definition information and file data defined by the definition information an IC card control method with bets, and sets information indicating a channel having a priority access to said file definition information of the file, the channel is the file commands requesting access to the file If the channel has priority for access to the file, the process of the file requested by the command is executed, and the command channel requesting access to the file does not have priority for access to the file. If a channel, determines whether the processing to the command is executable, the command by the determining If against process is determined to be executable, and execute the processing for the command, if the process for the command by the determining determines that the unexecutable, without performing the processing for the command to a file A response is sent to the external device indicating that execution is not possible because there is no priority for access .

According to one aspect of the present invention, it is possible to provide an IC card that can maintain consistency in processing for processing requests from a plurality of channels , and an IC card control method.

Embodiments of the present invention will be described below with reference to the drawings.
FIG. 1 is a block diagram schematically showing a configuration example of an IC card (portable electronic device) 2 according to the present embodiment and an IC card processing device 1 as an external device having a communication function with the IC card 2. It is.
First, the configuration of the IC card processing apparatus 1 will be described.
As shown in FIG. 1, the IC card processing device 1 includes a terminal device 11, a display 12, a keyboard 13, a numeric keypad 14, a card reader / writer 15, and the like.

The terminal device 11 controls the operation of the entire IC card processing device 1. The terminal device 11 includes a CPU, various memories, various interfaces, and the like. For example, the terminal device 11 is configured by a personal computer (PC).
The terminal device 11 has a function of transmitting a command to the IC card 2 by the card reader / writer 15 and a function of performing various processes based on data received from the IC card 2. For example, the terminal device 11 performs control to write data into the nonvolatile memory in the IC card 2 by transmitting a data write command to the IC card 2 via the card reader / writer 15. The terminal device 11 controls to read data from the IC card 2 by transmitting a read command to the IC card 2.

  The display 12 is a display device that displays various information under the control of the terminal device 11. The keyboard 13 functions as an operation unit operated by an operator of the IC card processing apparatus 1, and various operation instructions and data are input by the operator. The numeric keypad 14 functions as an input unit for inputting information such as numbers such as a user ID or a password.

  The card reader / writer 15 is an interface device for communicating with the IC card 2. The card reader / writer 15 is configured by an interface corresponding to the communication method of the IC card 2. For example, when the IC card 2 is a contact type IC card, the card reader / writer 15 is constituted by a contact portion for physically and electrically connecting with a contact portion of the IC card 2. When the IC card 2 is a non-contact type IC card, the card reader / writer 15 includes an antenna for performing wireless communication with the IC card 2 and communication control. The card reader / writer 15 performs power supply, clock supply, reset control, and data transmission / reception with respect to the IC card 2. With such a function, the card reader / writer 15 performs activation (activation) of the IC card 2, transmission of various commands, reception of responses to the transmitted commands, and the like based on control by the terminal device 11.

Next, a hardware configuration example of the IC card 2 will be described.
The IC card 2 is activated (becomes operable) when receiving power or the like from a host device such as the IC card processing device 1. For example, when the IC card 2 is connected to the IC card processing device 1 by contact communication, that is, when the IC card 2 is configured by a contact IC card, the IC card 2 is used as a communication interface. It is activated upon receipt of an operation power supply and an operation clock from the IC card processing apparatus 1 through the contact portion.

  Further, when the IC card 2 is connected to the IC card processing apparatus 1 by a non-contact communication method, that is, when the IC card 2 is configured by a non-contact IC card, the IC card 2 is A radio wave is received from the IC card processing device 1 via an antenna as a communication interface, a modulation / demodulation circuit, and the like, and an operation power supply and an operation clock are generated from the radio wave by a power supply unit (not shown) and activated.

  FIG. 2 is a block diagram schematically showing a hardware configuration example of the IC card 2 according to the present embodiment. The IC card 2 has a module M built in a casing constituting the main body C. The module M is integrally formed in a state where one or a plurality of IC chips Ca and a communication external interface (communication interface) are connected, and is embedded in the main body C of the IC card 2. The module M of the IC card 2 includes a control unit 21, a communication interface 22, a ROM 23, a RAM 24, a nonvolatile memory 25, and the like as shown in FIG.

  The control unit 21 controls the entire IC card 2. The control unit 21 realizes various functions by operating based on a control program and control data stored in the ROM 23 or the nonvolatile memory 25. For example, the control unit 21 performs basic operation control of the IC card 2 by executing an operating system program. The control unit 21 executes various application controls according to the operation mode of the IC card 2 by executing an application program.

  The communication interface 22 is an interface for communicating with the card reader / writer 15 of the IC card processing apparatus 1. When the IC card 2 is realized as a contact-type IC card, the communication interface 22 is in physical and electrical contact with the card reader / writer 15 of the IC card processing device 1 for transmitting and receiving signals. It is comprised by a communication control part and a contact part. When the IC card 2 is realized as a non-contact type IC card, the communication interface 22 is a communication control unit such as a modulation / demodulation circuit for performing wireless communication with the card reader / writer 15 of the IC card processing device 1. And an antenna.

The ROM 23 is a non-volatile memory in which a control program and control data are stored in advance. The ROM 23 is incorporated in the IC card 2 in a state where a control program, control data, and the like are stored at the manufacturing stage. That is, the control program and control data stored in the ROM 23 are incorporated according to the specifications of the IC card 2 in advance.
The RAM 24 is a volatile memory that functions as a working memory. The RAM 24 also functions as a buffer for temporarily storing data being processed by the control unit 21. For example, the RAM 24 temporarily stores data received from the IC card processing apparatus 1 via the communication interface 22. On the RAM 24, a management table for managing various operation states and the like is appropriately configured. For example, in a logical channel described later, a current file and the like are managed by a channel management table 24a configured on the RAM 24.

  The non-volatile memory 25 is constituted by a non-volatile memory capable of writing and rewriting data, such as an EEPROM (Electrically Erasable Programmable Read-Only Memory) or a flash ROM. In the non-volatile memory 25, a control program and various data are written according to the usage application of the IC card 2. The nonvolatile memory 25 is also provided with a management table that needs to retain data even after power supply is stopped. For example, program files or data files are defined in the nonvolatile memory 25, and control programs and various data are written in these files. The file stored in the non-volatile memory 25 is defined by file definition information, and data as a file body is stored in a storage area defined by the file definition information.

Next, logical channels that can be used in the IC card 2 as described above will be described.
The IC card 2 has a function of managing access to files for each of a plurality of logical channels. For example, the current file can be set for each of the logical channel 1 and the logical channel 2. In such a case, the command given on the logical channel 1 is processed with the current file of the logical channel 1 as an access target, and the command given on the logical channel 2 is processed with the current file on the logical channel 2 as an access target. I do. In other words, the IC card processing device 1 gives various commands for requesting access to a file through a plurality of logical channels to the IC card 2, thereby assigning processing groups of different series for each logical channel. Can be executed. The current file of each logical channel as described above is managed by, for example, a channel management table 24a configured on the RAM 24 as a working memory.

  The logical channel is specified by each command. For example, FIG. 3 is a diagram illustrating a configuration example of a command defined by ISO / IEC7816-4. As shown in FIG. 3, the commands defined by ISO / IEC7816-4 are composed of “CLA”, “INS”, “P1”, “P2”, “Le”, “DATA”, and the like. The logical channel used in the command having such a configuration is designated by “CLA” (CLA byte, CLA data). In the configuration example shown in FIG. 3, the CLA byte of each command is composed of 8 bits. In such a CLA byte of each command, the first bit (b1) and the second bit (b2) designate the logical channel (logical channel number) of the command. In such a configuration, in each command, “00” (logical channel “# 0”), “01” (logical channel “# 1”), “10” (logical channel “# 2”), “11” (logical Up to four logical channels of channel “# 3”) can be set.

  ISO / IEC 7816-4 stipulates that a desired logical channel can be used by a MANAGE CHANNEL command. Normally, one predetermined logical channel (for example, logical channel “# 0”) is always usable. Therefore, when processing is performed without being conscious of the logical channel, various processing is executed on one predetermined logical channel. On the other hand, when multiple logical channels are used (for example, when logical channels “# 1”, “# 2”, “# 3” are used), logical channels used in advance by the MANAGE CHANNEL command can be used. It is necessary to be in a proper state. In addition, each logical channel is subjected to a process of being blocked in response to a predetermined command requesting to block the channel.

Next, file control information included in the file definition information of each file stored in the nonvolatile memory 25 will be described.
FIG. 4 is a diagram illustrating a configuration example of file control information included in the file definition information.
As shown in FIG. 4, the file control information includes information such as “file ID”, “file size”, “security attribute”, “file type”, and “access channel number”. “File ID” is identification information for identifying the file. “File size” is information indicating the data size of the file. “Security attribute” is information indicating a security setting for the file. “Access channel number” is information indicating a logical channel to which priority is given to access to the file. The “access channel number” is not necessarily set, and may not be set. For example, when the process is executed with only one logical channel, it is considered that the “access channel number” does not need to be set.

  The priority specified by the access channel number (access priority) is assumed to be a command execution right that may change the data of the file. As a command that may cause a change in file data, for example, a command requesting data rewriting, a command requesting data erasure, or a command requesting file deletion is assumed. That is, when the access channel number is set, a command that may cause a change in the data body of the file can be executed only on the logical channel to which priority is given.

  On the other hand, a command that does not change the data body of the file is allowed to be executed on each logical channel regardless of the presence or absence of the priority. As a command that does not change the data body of the file, for example, a command that requests reading of data or a command that requests selection of a file is assumed. That is, even when the access channel number is set, a command that does not change the data body of the file is allowed to be executed even for a logical channel to which priority is not given.

Next, a first operation example in the IC card 2 will be described.
FIG. 5 is a flowchart for explaining a first operation example for various commands received from the IC card processing apparatus 1.
Here, it is assumed that a plurality of logical channels are open. When a plurality of logical channels are not opened (when processing is performed with only one predetermined logical channel), control for maintaining consistency with respect to processing with a plurality of logical channels is not required. For this reason, it is assumed that access restriction according to the access priority described later is not required.

  First, when a command is received from the IC card processing device 1 (YES in step S11), the control unit 21 of the IC card 2 determines the processing content of the received command. When the received command is a command requesting selection of the current file (a command requesting setting of the specified file as the current file of the logical channel) (step S12, YES), the control unit 21 specifies the specified file. The file is set as the current file in the logical channel of the command (step S13).

  When the file specified by the reception command is set as the current file of the logical channel, the control unit 21 sets a logical channel having priority for access to the file selected as the current file in the logical channel of the reception command. It is determined whether it has been completed (step S14). This is determined whether or not an access channel number is set in the file control information of the file.

If it is determined by this determination that a logical channel having priority for access to the selected file is not set (step S14, NO), the control unit 21 assigns access priority to the file to the logical of the command. A channel is set (step S15). The access priority to the file is set by adding information indicating the logical channel to the file control information of the file as an access channel number.
Also, when it is determined that a logical channel having priority for access to the file selected by the above determination has been set (step S14, YES), or when the access priority setting processing at step S15 is completed Then, the control unit 21 transmits to the IC card processing device 1 that the setting of the current file has been normally completed as a response to the received command (step S16).

  When the received command is a command requesting access to a file (for example, a command requesting data read, data write, data erase, file delete, etc.) (step S21, YES), the control unit 21 It is determined whether the logical channel of the received command matches the access channel number set in the current file (accessed file) of the logical channel (step S22). This is to determine whether or not the logical channel is given access priority for the current current file.

  When it is determined that the logical channel of the received command matches the access channel number of the current file of the logical channel, that is, when it is determined that the logical channel has access priority to the current file (YES in step S22), The control unit 21 executes processing according to the received command (step S23), and transmits the result of the command processing to the IC card processing device 1 as a response to the received command (step S24).

  If it is determined that the logical channel of the received command does not match the access channel number of the current file of the logical channel, that is, if it is determined that the logical channel does not have access priority to the current file (step (S22, NO), the control unit 21 determines whether or not the processing content of the received command is permitted to be executed (step S25). The access restriction based on the access priority is restricted such that, for example, a command requesting a process that may change the data body of the file cannot be executed in a logical channel in which the access priority is not set. For example, commands such as data rewriting, data erasure, and file deletion are restricted so that they cannot be executed on a logical channel for which the access priority is not set. On the other hand, even for a logical channel for which access priority is not set, a command requesting processing that does not change the data body of the file can be executed. For example, a command such as data read is allowed to be executed even on a logical channel for which access priority is not set.

  When it is determined by the above determination that the received command can be executed (step S25, YES), the control unit 21 executes the received command (step S23), and the IC card process is performed using the processing result as a response. It transmits to the apparatus 1 (step S24). If it is determined by the above determination that the received command is not executable (step S25, NO), the control unit 21 does not execute the received command, and executes the file as a response to the received command. To the IC card processing device 1 is transmitted to the IC card processing apparatus 1 (step S26).

  When the received command is a command requesting blocking of the logical channel (step S31, YES), the control unit 21 blocks the logical channel designated by the received command (step S32). When the logical channel is blocked, the control unit 21 clears the access channel number in the file control information of each file for which access priority is set for the logical channel (step S33). When these processes are completed, the control unit 21 transmits to the IC card processing apparatus 1 that the logical channel blockage has ended normally as a response to the received command (step S34).

  For commands other than commands that request file selection, commands that request access to files, and commands that request blocking of logical channels, access control to files for each logical channel should not be considered. Since it is considered, processing corresponding to the processing content of each command is executed (step S35).

Next, a specific operation example in the IC card 2 to which the first operation example described above is applied will be described.
FIG. 6 is a diagram showing an example of command groups C1 to C11 given to the IC card 2. FIG. 7 is a diagram for explaining an operation that the IC card 2 that operates according to the first operation example executes in response to the series of commands shown in FIG. Here, it is assumed that the commands shown in FIG. 6 are a series of commands given to the IC card 2 in which at least the logical channel 1 and the logical channel 2 are open.

  First, when the selection request command C1 for the file A specifying the logical channel 1 is received, the control unit 21 of the IC card 2 performs the processes described in steps S12 to S16. That is, the control unit 21 sets the file A as the current file of the logical channel 1 and checks whether an access channel number is set in the file A. At this time, assuming that no access channel number is set for file A, the control unit 21 sets “1” indicating logical channel 1 as the access channel number of file A.

  In this state, when the selection request command C2 of the file A specifying the logical channel 2 is received, the control unit 21 performs the processes of steps S12 to S16. In this case, since “1” is already set as the access channel number for file A, the control unit 21 rewrites the access channel number of file A simply by setting file A as the current file of logical channel 2. Do not.

  Further, when the read request command C3 specifying the logical channel 1 is received, the control unit 21 performs a file A read process as the processes of steps S21 to S26. This is because the logical channel 1 current file (file A) has access priority to the logical channel. Therefore, the control unit 21 reads the data of the file A and transmits the read data as response data of the command C3.

  In addition, when the read request command C4 specifying the logical channel 2 is received, the control unit 21 performs the file A read process. This is because the current file (file A) of logical channel 2 has access priority in logical channel 1, but the read command is a command that can be executed without access priority. Therefore, the control unit 21 allows the execution of the command C4, reads the data of the file A, and transmits the read data as response data of the command C4.

  Next, when the data write request command C5 specifying the logical channel 2 is received, the control unit 21 disables the execution of the command C5 as the processing of steps 21 to S26. This is because the current file (file A) of the logical channel 2 has access priority to the logical channel “1”, and the data write request command cannot be executed without access priority. . Therefore, the control unit 21 disables execution of the process according to the command C5, and transmits that the command C5 cannot be executed as a response to the command C5.

  Further, when the data write request command C6 specifying the logical channel 1 is received, the control unit 21 executes the command C6. This is because the current file (file A) of logical channel 1 has access priority to logical channel “1”. That is, the control unit 21 rewrites the data of the file A according to the processing content specified by the command C6, and transmits the processing result as a response to the command C6.

  Next, when the command C7 for requesting the blocking of the logical channel 1 is received, the control unit 21 performs a process of blocking the logical channel 1 as the process of steps 31 to S34. In this case, the control unit 21 closes the logical channel 1, clears the current file setting in the logical channel 1, and clears the access channel number of the file A that has given the access priority to the logical channel 1. As a result, the access priority of the logical channel 1 with respect to the file A is cleared, and no access priority is given to any logical channel in the file A.

  In this state, when the data write request command C8 designating the logical channel 2 is received, the control unit 21 disables the execution of the command C8 as the processing of steps 21 to S26. This is because a logical channel having access priority is not set in the current file (file A) of logical channel 2. In the first operation example, even when such an access channel number is not set, processing such as data writing is disabled. Therefore, the control unit 21 disables execution of the process according to the command C8, and transmits that the command C8 cannot be executed as a response to the command C8.

  Next, when the selection request command C9 of the file A specifying the logical channel 2 is received, the control unit 21 sets the file A as the current file of the logical channel 2 as the processing of the steps S12 to S16, and the file A The access channel number is set to the logical channel “2”. This is because an access channel number is not set for the file A when a selection request for the file A is received. That is, when the logical channel 1 having the accelerator priority for the file A is blocked, the access channel number of the file A is also cleared. For this reason, the access priority of the file A is given to the logical channel 2 in response to the selection request of the file A received by the logical channel 2 after the logical channel 1 is closed. In other words, in the first operation example, the logical channel 2 to which the access priority is not given to the file A executes the selection request command for the file A after the logical channel 1 to which the access priority is given is blocked. By doing so, the access priority for the file A can be obtained.

  Therefore, when the write request command C10 of the file A specifying the logical channel 2 is received after the execution of the command C9, the control unit 21 rewrites the data of the file A according to the processing content specified by the command C10. Then, the processing result is transmitted as a response to the command C10. This is because the access priority of the current file (file A) of the logical channel 2 is in the logical channel “2”, so that the data write request command C10 can be executed.

  Next, when the command C11 requesting blocking of the logical channel 2 is received, the control unit 21 closes the logical channel 2 and clears the setting of the current file in the logical channel 2 as the processing of the above steps 31 to S34. At the same time, the access channel number of the file A that has given the access priority to the logical channel 2 is cleared. As a result, no access priority is given to any logical channel in the file A.

  As described above, in the first operation example, when a file selection request command is received, if there is no logical channel for which the access priority is set in the selected file, the command is assigned to the logical channel of the command. Access priority is given to the selected file. Furthermore, the access priority given to a logical channel is held until the logical channel is blocked. As a result, in the logical channel first selected as the current file, various commands for accessing the file are allowed, but in other logical channels, access to the file can be restricted. . As a result, the consistency of each process can be maintained even when a process request for accessing a specific file through a plurality of logical channels is received.

Next, a second operation example in the IC card 2 will be described.
In the second operation example, in addition to the first operation example, when an access priority is given to another logical channel, it is confirmed that an executable command is limited. Command sender) 1 is notified. It is possible to notify that a command that can be executed is limited as a response to an arbitrary command. Here, when access priority is given to another logical channel for the file selected by the file selection request command, the logical channel of the command notifies that the command for the selected file is restricted. Shall.

FIG. 8 is a flowchart for explaining the second operation example.
The second operation example shown in FIG. 8 is obtained by adding steps S41 and S42 to the first operation example shown in FIG. Therefore, since each step other than steps S41 and S42 shown in FIG. 8 is the same processing as each step shown in FIG. 5, detailed description thereof will be omitted here.

  That is, when the access channel number has already been set in the file selected as the current file in response to the received file selection request command in step S14 (YES in step S14), the control unit 21 determines the logic of the command. It is determined whether or not the channel matches the access channel number of the selected file (step S41). If it is determined by this determination that the logical channel of the file selection request command matches the access channel number of the selected file (YES in step S41), the control unit 21 proceeds to step S16 and performs normal normality. The response shown is transmitted to the IC card processing apparatus 1.

  On the other hand, when it is determined that the logical channel of the file selection request command does not match the access channel number of the selected file (NO in step S41), the control unit 21 responds to the command. As a result, a command that the executable command for the selected file is restricted in the logical channel is transmitted to the IC card processing apparatus 1 together with the processing result for the command (step S42). In this case, the control unit 21 not only notifies that an executable command is limited, but also notifies information indicating a command that cannot be specifically executed (or a command that is allowed to be executed) as a response. Anyway.

Next, a specific operation example in the IC card 2 to which the above-described second operation example is applied will be described.
FIG. 9 is a diagram for explaining the operation that the IC card 2 that operates according to the second operation example executes in response to the series of commands shown in FIG. The operation for each command other than the command C2 shown in FIG. 6 is the same as the operation of the first operation example shown in FIG. 8 described above, and detailed description thereof will be omitted.

  That is, it is assumed that the access channel number of the file A is set to “1” indicating the logical channel 1 in response to the selection request command C1 of the file A specifying the logical channel 1. In this state, when the selection request command C2 of the file A specifying the logical channel 1 is received, the control unit 21 changes the file A to the current file of the logical channel 2 as the processing of steps S12 to S16, S41, and S42. Confirm that “1” is already set as the access channel number in file A. In this case, since “1” is already set as the access channel number in the file A, the control unit 21 indicates that the command executable in the logical channel 2 is limited together with the execution result of the command C2. Send as a response.

  According to the second operation example as described above, when the current file is set by the file selection request, the access priority to the current file is given to a logical channel different from the logical channel of the command. It is possible to notify that the command that can be executed on the file is restricted in the logical channel of the command.

Next, a third operation example in the IC card 2 will be described.
In the third operation example, in addition to the first operation example, when a logical channel to which an access priority is given to a specific file is blocked, the access priority of the file is changed to another logical channel. The process to move to is performed. Here, the description will be made assuming that the access priority of the file is given to another logical channel that has selected the file to which the access priority is given to the logical channel to be blocked.

FIG. 10 is a flowchart for explaining the third operation example.
The third operation example shown in FIG. 10 is obtained by adding steps S51 and S52 to the first operation example shown in FIG. Accordingly, each step other than steps S51 and S52 shown in FIG. 10 is the same processing as each step shown in FIG. 5, and therefore detailed description thereof will be omitted here.

  In other words, it is assumed that a certain logical channel is blocked in step S32. In this case, the control unit 21 determines whether or not the access priority given to the logical channel to be blocked can be transferred to another logical channel (step S51). That is, the control unit 21 detects a file in which access priority is given to the logical channel to be blocked. When a file in which access priority is given to the logical channel to be blocked is detected, the control unit 21 determines whether the detected file is selected in another logical channel. If it is determined by this determination that there is a logical channel that selects a file to which access priority is given to the logical channel to be blocked, the control unit 21 determines that the access priority can be transferred.

  If it is determined by the above determination that the file to which the access priority is given to the logical channel to be blocked is selected by another logical channel, the control unit 21 determines the access channel number in the file control information of the file. The file is rewritten to another logical channel determined to have selected the file (step S52). As a result, the access priority of the file for which the access priority has been set for the logical channel to be blocked is moved from the logical channel to be blocked to another logical channel that has selected the file.

  If it is determined by the above determination that the access priority given to the logical channel to be blocked cannot be moved (for example, a file to which access priority is given to the logical channel to be blocked is selected on another logical channel). If not, the control unit 21 clears the access channel number (information indicating the logical channel to be blocked) in the file control information of the file (step S33).

Next, a specific operation example in the IC card 2 to which the above-described third operation example is applied will be described.
FIG. 11 is a diagram for explaining an operation executed by the IC card 2 that operates according to the third operation example with respect to the series of commands shown in FIG. The operation for each command other than the command C7 shown in FIG. 6 is the same as the operation of the first operation example shown in FIG. 8 described above, and thus detailed description thereof will be omitted.

  That is, in the state where the access channel number of the file A is set to “1” indicating the logical channel 1 and the current file of the logical channel 2 is set to the file A, the command C7 that requests blocking of the logical channel 1 The control unit 21 closes the logical channel 1 and rewrites the access channel number of the file A from “1” to “2” as the processing of steps S31 to S34, S51, and S52.

  According to the third operation example as described above, when a logical channel is blocked, the access priority of a file given to the logical channel is transferred to another logical channel that selects the file. It is what I did. If the logical channel to which the access priority is given is blocked, another logical channel that selects the file automatically sets the access priority of the file without executing the command to select the file again. Can be obtained.

Next, a fourth operation example in the IC card 2 will be described.
In the fourth operation example, in addition to the first operation example, a process for notifying the IC card processing device (command transmission source) 1 of information related to a file for which an access priority can be acquired is performed. Note that information regarding a file for which access priority can be acquired can be notified as a response to an arbitrary command. Here, when a command (for example, a data rewrite command) cannot be executed because the access priority is not set, the access priority of the file is acquired as a response to the command using the logical channel of the command. It shall be notified that it is possible.

FIG. 12 is a flowchart for explaining the fourth operation example.
The fourth operation example shown in FIG. 12 is obtained by adding steps S61 and S62 to the first operation example shown in FIG. Accordingly, each step other than steps S61 and S62 shown in FIG. 12 is the same processing as each step shown in FIG. 5, and therefore detailed description thereof will be omitted here.

  That is, in step S25, when it is determined that the received command cannot be executed because the access priority is not set for the logical channel of the received command, the control unit 21 determines that the received command is a processing target. It is determined whether or not the access priority for the file to be acquired is in a state that can be acquired by the logical channel of the received command (step S61). This can be determined based on whether or not an access channel number is set in the file control information of the file.

  If it is determined by the above determination that the access priority can be acquired on the logical channel of the received command (step S61, YES), the control unit 21 indicates that the received command cannot be executed and the file Information indicating that the access priority can be acquired on the logical channel is transmitted to the IC card processing apparatus 1 as a response to the received command (step S62). If it is determined that the access priority is not available (step S61, NO), the control unit 21 indicates that the received command cannot be executed and the access priority of the file is set. Information indicating the existing logical channel may be transmitted.

Next, a specific operation example in the IC card 2 to which the above-described fourth operation example is applied will be described.
FIG. 13 is a diagram for explaining an operation that the IC card 2 that operates according to the fourth operation example executes in response to the series of commands shown in FIG. The operation for each command other than the command C8 shown in FIG. 6 is the same as the operation of the first operation example shown in FIG. 8 described above, and detailed description thereof will be omitted.

  That is, when the logical channel 1 is closed in response to the command C7, the access channel number of the file A to which the access priority is given to the logical channel 1 is cleared. In this state, when the data write request command C8 designating the logical channel 2 is received, the control unit 21 disables the execution of the command C8 as the processing of steps 21 to S26. This is because the access channel number of the current file (file A) of logical channel 2 is not set to “2” (logical channel 2).

  Furthermore, in the fourth operation example, when the execution of the command C8 is disabled, the control unit 21 determines whether or not the access channel number of the file A to be processed by the command C8 is not set. To do. Here, the access channel number of file A is cleared when the command C8 is received. Therefore, as a response to the command C8, the control unit 21 can acquire that the command C8 cannot be executed because it does not have access priority, and can acquire the access priority of the file A on the logical channel. A message to the effect is transmitted to the IC card processing apparatus 1.

  According to the fourth operation example described above, for a command that cannot be executed due to lack of access priority, if the access channel number of a file to be processed by the command is not set, the command Is transmitted as a response indicating that the file cannot be executed and that the access priority for the file can be acquired. As a result, even when it is not desired to automatically move the access priority as in the third operation example, the IC card processing device is appropriately notified whether or not the access priority can be acquired. And efficient processing becomes possible.

Next, a fifth operation example in the IC card 2 will be described.
In the fifth operation example, in addition to the first operation example, in processing on a logical channel having no access priority to a file, a command in another logical channel (logical channel having access priority) is used. Processing for notifying the IC card processing device (command transmission source) 1 of information indicating the change of the file is performed. Note that information indicating a change in the state of a file can be notified as a response to an arbitrary command in a logical channel that does not have access priority for the file. Here, if a command (for example, a data rewrite command) cannot be executed because the access priority is not set, the file to be accessed by the command has been changed by a command in another logical channel. If so, it is notified as a response to the command.

FIG. 14 is a flowchart for explaining the fifth operation example.
In the fifth operation example shown in FIG. 14, steps S71 and S72 are added to the first operation example shown in FIG. Therefore, since each step other than steps S71 and S72 shown in FIG. 14 is the same processing as each step shown in FIG. 5, detailed description thereof will be omitted here.

  That is, in step S25, if it is determined that the received command cannot be executed because the access priority to the file is not set in the logical channel of the received command, the control unit 21 It is determined whether or not a process involving a data change is being executed on another logical channel (logical channel having access priority) for the file to be processed (step S71). This is to determine whether there is a possibility that the file to be accessed by the command may have changed due to processing in another logical channel. That is, the control unit 21 determines whether or not a process in which data may change due to a command on a logical channel having access priority is being executed on the access target file of the command.

  When it is determined by the above determination that a process that may change data on another logical channel is performed on the file to be accessed by the received command (YES in step S71), the control unit 21 As a response to the received command, the IC card processing device 1 includes information indicating that the execution is not possible and information indicating that the file may be subjected to processing that may change data on another logical channel. (Step S72). When it is determined that the process that may change the data in another logical channel is not executed for the file to be accessed by the received command (step S71, NO), the control unit 21 As a response to the received command, information indicating that execution is not possible and information indicating that processing for changing data on the file is not performed may be transmitted.

  In order to realize the above processing, at least a command whose data may be changed was executed for a file for which access priority was set (or a file for which an access channel number was set) In this case, the processing contents are stored in a storage unit such as the RAM 24. This is realized, for example, by storing information indicating the executed processing content in the RAM 24 as the command processing in step S23.

Next, a specific operation example in the IC card 2 to which the above-described fifth operation example is applied will be described.
FIG. 15 is a diagram for explaining an operation executed by the IC card 2 operating according to the fifth operation example with respect to the series of commands shown in FIG. The operation for each command other than the command C8 shown in FIG. 6 is the same as the operation of the first operation example shown in FIG. 8 described above, and detailed description thereof will be omitted.

  That is, it is assumed that data rewrite processing has been executed for file A in logical channel 1 having access priority to file A in response to command C6. In this state, when the data write request command C8 designating the logical channel 2 is received, the control unit 21 disables the execution of the command C8 as the processing of steps 21 to S25. This is because the access channel number of the current file (file A) of logical channel 2 is not set to “2” (logical channel 2).

  Furthermore, in the fifth operation example, when the execution of the command C8 is disabled, the control unit 21 may change data in another logical channel with respect to the file A to be processed by the command C8. Determine whether a command is being executed. Here, when the command C8 is received, the data rewrite processing for the file A is already performed in the logical channel 1 as the processing of the command C6. For this reason, the control unit 21 responds to the command C8 with information that the command C8 cannot be executed because it does not have access priority and the data of the file A on another logical channel. Information indicating that the rewriting process is being performed is transmitted to the IC card processing apparatus 1.

  According to the fifth operation example as described above, when a command cannot be executed because there is no access priority, another logical channel (with access priority) for the file to be processed by the command. If a command that may change data on a logical channel) has been executed, the command cannot be executed and a command that may change data on another logical channel is executed for the file. The fact that it has been completed is transmitted as a response. As a result, the processing contents executed on another logical channel with access priority are appropriately notified to the IC card processing device for a file in which commands executable on the logical channel without access priority are restricted. As a result, efficient processing becomes possible.

  Note that the present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage. In addition, various inventions can be formed by appropriately combining a plurality of components disclosed in the embodiment. For example, some components may be deleted from all the components shown in the embodiment. Furthermore, you may combine the component covering different embodiment suitably.

It is a block diagram which shows roughly the structural example of an IC card processing apparatus which has a communication function with an IC card and an IC card. It is a block diagram which shows roughly the hardware structural example of an IC card. The figure which shows the structural example of a command. The figure which shows the structural example of file control information. The flowchart for demonstrating the 1st operation example with respect to various commands. It is a figure which shows the example of the command group given to an IC card. The figure for demonstrating the operation | movement which the IC card which operate | moves according to a 1st operation example performs with respect to the series of commands shown in FIG. The flowchart for demonstrating the 2nd operation example. The figure for demonstrating the operation | movement which the IC card which operate | moves according to a 2nd operation example performs with respect to a series of commands shown in FIG. The flowchart for demonstrating the 3rd operation example. The figure for demonstrating the operation | movement which the IC card which operate | moves according to a 3rd operation example performs with respect to the series of commands shown in FIG. 10 is a flowchart for explaining a fourth operation example. The figure for demonstrating the operation | movement which the IC card which operate | moves according to a 4th operation example performs with respect to the series of commands shown in FIG. 10 is a flowchart for explaining a fifth operation example. The figure for demonstrating the operation | movement which the IC card which operate | moves according to a 5th operation example performs with respect to the series of commands shown in FIG.

Explanation of symbols

  C ... Main body, M ... Module, Ca ... IC chip, 1 ... IC card processing device, 2 ... IC card, 11 ... Terminal device, 12 ... Display, 13 ... Keyboard, 14 ... Numeric keypad, 15 ... Card reader / writer, 21 ... Control unit, 22 ... communication interface, 23 ... ROM, 24 ... RAM, 25 ... nonvolatile memory.

Claims (8)

In an IC card that processes a command given from an external device,
A communication means for communicating with an external device through a plurality of channels;
Storage means for storing file definition information and file data defined by the definition information;
Setting means for setting information indicating a channel having a priority for access to the file in the definition information of the file;
When a channel of a command requesting access to the file received by the communication means is a channel having a priority for access to the file, a first process for executing processing on the file requested by the command is executed. Processing means;
If the channel of the command that requests access to the file received by the communication means is a channel that does not have priority for access to the file, whether or not the process for the command received by the communication means can be executed. A judging means for judging;
A second processing unit that executes processing for the command when the determination unit determines that processing for the command is executable;
When the determination unit determines that the process for the command is not executable, the process for the command is not executed, and a response indicating that the process cannot be executed because there is no priority for access to the file. Third processing means for transmitting to the device;
An IC card characterized by comprising: When the setting means receives a command for selecting a file by the communication means, if the priority for the file selected by the command is not set, the access priority for the file is set in the channel of the command. To
The IC card according to claim 1, wherein: Furthermore, when a command for selecting a file to be accessed is received, if the channel of the command is a channel for which priority is not given to access to the file, access to the file through the channel is restricted. Having a notification means to notify,
The IC card according to claim 1, wherein the IC card is characterized in that Furthermore, when the channel to which the priority is given is blocked, it has setting change means for changing the priority of access to the file to another channel that selects the file.
The IC card according to any one of claims 1 to 3, characterized in that: Further, when a command for requesting access to a file for which the priority is not set is received, a notification for notifying that the access priority for the file can be set in the channel of the command Having means,
The IC card according to any one of claims 1 to 4, wherein: Further, as a response to the command of the channel to which the priority is not given, a response for notifying the contents of processing executed in another channel to which the priority is given to the file to be accessed by the command is sent. Having response means to perform,
The IC card according to any one of claims 1 to 5, wherein the IC card is characterized in that An IC card control method comprising: a communication unit that communicates with an external device using a plurality of channels; and a storage unit that stores file definition information and file data defined by the definition information,
Set information indicating the channel having priority to access the file in the definition information of the file,
When the channel of the command that requests access to the file is a channel that has priority for access to the file, execute processing for the file requested by the command,
If the channel of the command requesting access to the file is a channel that does not have priority for access to the file, determine whether the process for the command can be executed,
If it is determined that the process for the command is executable by the determination, the process for the command is executed ,
If it is determined by the determination that the process for the command is not executable, the external device receives a response indicating that the process cannot be executed without executing the process for the command and the file access has no priority. Send to
An IC card control method characterized by the above. In an IC card that processes a command given from an external device,
A communication means for communicating with an external device through a plurality of channels; a storage means for storing file definition information and file data defined by the definition information; and a channel having priority for access to the file. The setting means for setting the information to be indicated in the definition information of the file, and the command channel that requests access to the file received by the communication means is a channel that has priority for access to the file. The first processing means for executing the processing for the file requested in step (1) and the command channel for requesting access to the file received by the communication means are channels for which priority is not given to access to the file. If, determine the processing to the command received by the communication means to determine whether viable Determining means, when it is determined that processing of the command can be executed by the determining means, and second processing means for executing processing for the command, the process for the command by the determining means is not executable And a third processing means for transmitting to the external device a response indicating that the processing cannot be executed without executing the processing for the command and the file access has no priority and thus cannot be executed. When,
A main body comprising the module;
An IC card characterized by comprising:

Images