JPH03198182A - Ic card data processing system - Google Patents

Abstract

PURPOSE:To improve the security of data stored in an external storage medium of a terminal equipment in the case of operating the terminal equipment by using an IC card by using confirming information to which the IC card is inputted, as key information for encipherment, and combining it with the selection of algorithm. CONSTITUTION:When confirming information to which an IC card is inputted is used as key information for encipherment, it is unnecessary to provide specially the key information, and also, by combining it with the selection of algorithm, the encipherment of two stages can be executed, therefore, the encipherment of data stored in an external storage medium 11 which can be attached and detached to and from a terminal equipment 1 can be made more complicated. Also, the confirming information which becomes the key information for encipherment and the information for selecting the algorithm for encipherment do not exist in the terminal equipment 1 but are held in the inside of the IC card 10 for managing use authority information. Accordingly, it is difficult to obtain them directly, and unless the use authority exists, the algorithm related to encipherment cannot be selected, and its key information cannot be obtained either by the terminal equipment 1. In such a way, the security of the whole system can be improved.

Description

[Detailed Description of the Invention] [Industrial Application Field] The present invention relates to an IC card data processing system, and more specifically, in a system in which a central computer of a financial institution and a terminal device exchange data, the terminal device side processes data. The present invention relates to a firm banking terminal device using an IC card that can manage data with high security when data is stored as a file in an external storage medium.

[Prior Art] Financial institutions, such as banks, install many terminal devices in their stores and connect them to a central computer via a dedicated line to make transfers, transfers, withdrawals, deposits, etc. Conventionally, data is exchanged with a central computer and processed.

The terminal device in this case is generally a so-called general-purpose terminal device in place of a personal computer, which is installed inside the financial institution and operated by an employee.

On the other hand, in recent years, customers have been able to directly operate terminal devices using their own IC cards at home or at financial institution stores to make transfers, transfers, advance payments, automatic payment processing, etc.
A computer processing system that performs balance inquiries, etc. has been proposed, and a so-called firm banking terminal device has been developed as one of its terminal devices. This type of terminal device is
Usually, important information such as amount, destination bank code, account number, etc. is recorded on an external storage medium such as a floppy disk, and communicated with the bank's host computer via a public line network.

[Problem to be solved] In farm banking terminal devices, data files that record important information such as amount, destination bank code, account number, etc. are written and managed on a removable storage medium such as a floppy disk. The data is usually processed by a general-purpose O8 or the like which is formed into a film. Therefore, if this floppy disk is inserted into another computer, workstation, etc., the important information mentioned above can be easily obtained, and there is a high risk of fraudulent acts such as checking or falsifying the information. expensive.

The present invention solves the problems of the prior art, and improves the security of data stored in an external storage medium of a terminal device when the terminal device is operated using an IC card. The purpose is to provide an IC card data processing system that can

[Means for Solving the Problems] The feature of the IC card data processing system of the present invention for achieving the above-mentioned purpose is that when the IC card collates manually generated verification information with verification information held by the IC card, transmits selection information to the terminal device when the
Input confirmation information and IC according to one encryption algorithm
From the card (and any of the confirmation information is used as key information in the encryption algorithm to perform predetermined encryption on the processed data and store it in an external storage medium,
Further, when the processed data is read from the external storage medium, either the manual confirmation information or the confirmation information obtained from the IC card is confirmed according to at least one decryption algorithm selected in response to the selection information received from the IC card. This information is used as key information in a decryption algorithm to decrypt processed data and perform data processing.

[Function] If the confirmation information is used as the key information for encryption in this way, there is no need to provide special key information, and in combination with algorithm selection, two-step encryption is possible, so it can be attached to and removed from the terminal device. Encryption of data stored on external storage media can be made more complex. Moreover, the confirmation information serving as the key information to be encrypted and the information for selecting the encryption algorithm are not stored in the terminal device, but are held in the IC card that manages usage authority information. Therefore, it is difficult to obtain these directly, and it is not possible to select algorithms related to encryption unless you have permission to use them.
The key information also cannot be acquired by the terminal device.

As a result, no matter how much you operate the terminal device, it is impossible to obtain the encrypted information, and since the contents of the recording medium that records the processing data of the terminal device are also encrypted accordingly, it is impossible to decipher it. becomes difficult. Therefore, this recording medium is another computer.

Even if it is attached to a workstation, etc., there is almost no risk of unauthorized acts such as checking or tampering with information, and the security of the entire system is improved.
I can make you do it.

[Example 1] An example of the present invention will be described below with reference to the drawings.

FIG. 1 is a block diagram of a firm banking terminal device (hereinafter referred to as a firm banking terminal) according to an embodiment to which the IC card data processing system of the present invention is applied, and FIG. 2 shows a key stored in the IC card. An explanatory diagram of a specific example of the relationship between information and processing data stored on a floppy disk. FIG. 3 is an explanatory diagram of storage of an algorithm processing program selected according to algorithm selection information stored on the IC card. It is.

In FIG. 1, l is a farm banking terminal equipped with an IC card 10 and a floppy disk 11 and used at home, etc., and a communication control unit 161 including a modem etc. is installed in a central host computer 4 of a bank or the like. Communication line 2
．． It is connected via a public line network 3 and exchanges data with a host computer 4.

The farm banking terminal 1 includes a microprocessor (C
The CPU 12 has a floppy disk drive device 1 including an IC card reader/writer 13 and a floppy disk interface via a bus 101.
4, memory section 15, communication control section 16, display 17
, are connected to the keyboard 18, etc., and exchange data with these circuits, and the IC card reader/writer 13 and floppy disk drive device 1.
4. And IC card reader writer 13
The data etc. are transferred to the IC card IO via the floppy disk drive device 1.
Data and the like are written to the floppy disk 11 via the floppy disk 11 and read from the floppy disk 11. In addition, bus 101 has
A data bus, address bus, and control bus are provided.

The memory unit 15 is composed of a RAM and a ROM, and stores a processing program for encrypting and decoding information such as file data to be stored on the floppy disk 11 in addition to the processing program in the firm banking terminal 1. . Further, the memory section 15 is backed up by a battery (not shown).

The CPU 12 also has a built-in ROM, which contains a control program that controls the hardware, and input message display processing (guidance processing) such as a personal identification code (hereinafter referred to as PIN) to confirm the authenticity of the card user. Basic processing programs for displaying work menus, etc. are stored.

In addition, including account number, balance, and other transaction data,
Various processing programs stored in the memory unit 15 and various processing programs related to the processing of work specified in the work menu etc. are executed by the CPU 1 according to the program load processing program stored in the ROM of the CPU 2.
2, the data is read in advance from the floppy disk 11 into the memory unit 15, or read each time as necessary, and stored in a predetermined area.

The display 17 is composed of an LCD display device that is controlled by the CPU 12 and displays guidance, graphics, etc., and displays data processing results, operation messages, work menus, etc. for the operator who operates the farm banking terminal 1. .

In addition, instructions to execute processing in a predetermined work menu of the farm banking terminal operator, input of various information including characters, input of PIN, etc. are performed by the operator from the keyboard 18, and the CPU 12 executes the instructions according to the input information. performs various processing.

The farm banking terminal 1 is connected to the host computer 4 of the bank and receives services from it, but the information to be communicated is once stored in the memory unit 15, and when the communication is completed, it is transferred to the floppy disk 11 and transferred to the floppy disk drive 14. It is written in an encrypted state via . Therefore, the floppy disk 11 stores transaction information data such as account numbers and balances, or various business data in an encrypted manner. Further, here, a processing program stored in the memory unit 15 of the firm banking terminal 1, O81, and a plurality of different algorithm processing programs for encrypting/decrypting various important data are stored in the floppy disk 11. ing.

For example, as shown in FIG. 2(b), file data recorded on the floppy disk 11 is managed in three sections AA, BB, and CC, and the data in these areas is stored as encrypted data. ing. These files are referred to here as transaction information files (classification AA).
, salary transfer information file (category BB), and funds transfer information file (category CC). Note that the account number and specific common information may be encrypted and stored in an area separate from these files.

The IC card 10 contains a PIN indicating the card issuer, the owner, etc., the owner's address and name, expiration date, number of errors,
This is a card that stores algorithm selection information for encryption/decryption. This IC card 10 does not store transaction information data such as account numbers and balances, or various business data, but these are encrypted and stored on the floppy disk 11 as described above. and,
It is a condition for the firm banking terminal 1 to obtain algorithm selection information and the like from the IC card 10 in order to access them. In addition, the ROM of IC card 10
A determination processing program for determining whether the PIN matches or does not match is stored in the EEPROM.
As shown in FIG. 2(a), the above sections AA, BB, C
Multiple PIN verification information PA, PR, according to C,...
An algorithm selection information table 5 is provided in which SA, SB, SC9, . . . , fist are stored as algorithm selection information in correspondence with PO2, fist, etc. and respective PIN verification information.

Now, in such a configuration, the firm banking terminal 1 is powered on and the floppy disk 11 is loaded.
When the computer is installed, a processing program necessary for operation is read into a predetermined area of the memory section 15.

Next, the IC card 10 is attached to the IC card writer 13 of the firm banking terminal 1 according to the message on the display 17, and when an operator inputs a PIN from the keyboard 18, the input PIN is stored in a predetermined location in the -I memory section 15. is stored in the area of the IC card 1 by the CPU 12 via the IC card reader/writer 13.
Sent to 0.

When the IC card 10 receives the PIN, it internally checks if the PIN matches, and as a result, sends a response signal corresponding to the match or mismatch to the CPU 12. If the result is a match, the IC card 10 sends algorithm selection information to the firm banking terminal 1. Upon receiving this, the farm banking terminal l reads one of the processing programs for the encryption/decryption algorithm as shown in FIG. Store in area. Then, the operator is allowed to select one of the work menus, and the file or part of the information of the work instructed by the operator is transferred to the floppy disk 11.
Also, if there is a necessary processing program, it is read and stored in the memory unit 15. At this time, the file information or a part of the read information is the algorithm selected based on the algorithm selection information obtained from the IC card 10 previously stored, and the input P
It is encrypted using IN as key information,
It is stored in the memory unit 15 as it is. therefore,
Even when stored in the memory unit 15, the security key is in a high state.

Next, C according to the information or instructions given manually by the operator.
The PU 12 reads the information part necessary for processing out of the information of the file stored in the memory unit 15, decrypts it using the previously read algorithm and the input PIN, and decodes it to create the original file. The data is returned to the information and exchanged with the host computer 4. Also, the host computer 4
Among the information transferred from the controller, information related to file updates, etc. is encrypted using the previously read algorithm and the input PIN, and the file information in the memory unit 15 is updated. .

Note that if the result of the verification in the IC card 10 is a mismatch, the IC card 10 updates the number of errors and sends the answer of mismatch to the firm banking terminal 1. The firm banking terminal 1 instructs the operator to input the PIN information again.

When the processing is completed in this way, the CPU 12 writes the information in the memory section 15 in the encrypted state to the floppy disk 11, and performs processing to update the original file.

FIG. 3 shows the algorithm selection information S shown in FIG. 2(a).
The algorithm processing programs are respectively selected by A, SB, and SC, and are stored on the floppy disk 11. Among them, the algorithm A processing program corresponds to the algorithm selection information SA, the algorithm B corresponds to the algorithm selection information SR, and the algorithm C corresponds to the algorithm selection information SC.

For example, the IC card 10 checks the algorithm selection information table 5 from the input PIN and determines whether the information corresponding to the PIN input from the keyboard 18 is PA if the PIN verification information is PA. Accordingly, the algorithm selection information SA for the transaction information file (category AA) for which access rights have been established by matching the PINs is transferred to the firm banking terminal 1.

In response, the firm banking terminal 1 reads the algorithm A processing program shown in FIG. 3 from the floppy disk into the memory unit 15. Furthermore, the necessary processing program or data is read from the floppy disk 11 into the memory unit 15, and the PIN (corresponding to PA) manually entered according to the decoding algorithm of the algorithm A processing program that read the necessary information is input. Decrypt as a key. Then, it performs predetermined processing instructed by the operator, assembles the information into a predetermined transfer format, and sends and receives transaction-related data to and from the center computer 4. Depending on this, the host computer 4
The information sent from is the encryption algorithm of the algorithm A processing program that was read earlier and the input PIN.
(corresponding to PA) The content of the transaction information file that has been encrypted and read into the memory section 15 is updated in an encrypted state, and is transferred to the floppy disk 11 again.

In addition, to access the salary transfer information file where account numbers, amounts, etc. are created and stored before starting work,
The PIN verification information PR is verified, and the farm banking terminal 1 acquires the algorithm selection information SR, and stores the algorithm, salary transfer information file, and floppy disk 1.
The decoding algorithm read from 1 and the input P
IN (corresponding to PB), the necessary information is decoded and transmitted to the center computer 4 via the line 3, and a predetermined service instructed by the operator is executed. Then, when the processing is completed, the previous algorithm processing program B
The file is updated by encrypting it using the encryption algorithm and the input PIN (corresponding to PR), and it is transferred to the floppy disk 11 as the latest information and stored, rewriting the original file.

Similarly, the funds transfer file is verified by the PIN verification information PC, and the firm banking terminal 1 obtains the algorithm selection information SC and obtains the algorithm selection information SC.
Algorithm C from floppy disk 11 by C
Load the processing program, obtain the encryption/decryption algorithm and the encrypted data of the file, store it in the memory unit 15, and store the necessary information in the decryption algorithm and PIN (compatible with PC). After the processing is completed, the changed information is encrypted using the encryption algorithm and the PIN (compatible with the PC), and updated and stored on the floppy disk 11.

In this way, one of the encryption/decryption algorithms is selected and read, and according to the selected decryption algorithm and the manually entered PIN, information such as the transaction information file in Figure 2 (b) is keyed. The information is decrypted and processed, and after the processing, necessary data is encrypted using the input PIN and an encryption algorithm corresponding to the decryption, and returned to the floppy disk 11 with the PIN as key information. Note that the algorithm processing program may have independent decryption processing and encryption processing. Also,
As the algorithm identification information for the above processing, address information that directly specifies the starting address where the algorithm program or information is stored, or information that is converted to become the starting address can be used.

By the way, in this embodiment, the information files are divided into groups and algorithm selection information is associated with each group, but in this case, one piece of common algorithm selection information may be provided for each information file. Also, the following (C)
A PIN-algorithm selection information correspondence table 6 which is a combination of a plurality of pieces of PIN verification information may be used, as shown in FIG.

The table 6 shown in FIG. 2(C) is configured to obtain algorithm selection information by double matching. For example, the PIN verification information PA indicates that the firm banking terminal 1 is in an operating state. However, when handling information on a specific file among the information stored on the floppy disk 11, the PIN is further input and the PIN verification information PB is matched in the IC card 10, and these two PIN verification information are matched. The IC card 10 transfers the algorithm selection information SA to the firm banking terminal 1 only under these conditions. In this case, the PIN verification information PA and the PIN verification information PB may be input consecutively in advance.

Now, in the case of -L, the processing program for each algorithm of encryption or decryption has a mathematical formula or a part of a certain function, and the PIN has a function or mathematical formula of a certain encryption algorithm or decryption algorithm. Although the PIN can be used in this way, it is also possible to use the PIN to scramble information obtained at a certain stage of the algorithm and convert it into other information. . In addition, in the case of using a mathematical formula or a function, the encrypted PIN and the decrypted PIN may be different as long as the algorithms used for encryption and decryption are different.

By the way, in this embodiment, the algorithm selection information for encryption and decryption is stored in the IC card in a table format in pairs with the PIN verification information, so that the person using the firm banking terminal 1 and the algorithm selection information It is possible to easily define PIN verification information corresponding to the business to be performed. In addition, as already mentioned, PIN verification is performed using the IC card 10.
If there is a match, access rights to the corresponding information and algorithm selection information for encryption and decryption will be given to the farm banking terminal 1.
Without the card, the firm banking terminal 1 cannot perform important processing.

As explained above, in the embodiment, the confirmation information (PIN) entered manually and the confirmation information (PIN) stored in the IC card are used.
When they match in comparison with IN verification information), algorithm selection information, etc. is sent to the farm banking terminal. It will be done.

In the embodiment, the encryption algorithm and the decryption algorithm are stored on the floppy disk, but the processing programs for these plural algorithms may be loaded in advance when the firm banking terminal 1 is started up. Further, these algorithms may be stored in the memory on the IC card side, and may be read into the memory unit 15 by the firm banking terminal. Furthermore, any encryption process may be applied to the firm banking terminal.

In the embodiment, the file information transferred from the floppy disk is stored in the memory unit 15 in an encrypted state, but the file information transferred from the floppy disk is decrypted before being stored in the memory unit 15. The data may be encoded and stored in the memory, and encrypted and returned to the floppy disk at the time of the processing path r.

Although the embodiment shows an example in which a floppy disk is used as an external storage medium, the present invention is not limited to a floppy disk, and may be a memory card or other external storage medium.

In the embodiment, a firm banking terminal is used as an example, but the present invention is not limited to such a terminal device, but can be applied to various general terminal devices that use an IC card.

[Effects of the invention] In this invention, if the verification information is used as the key information for encryption, there is no need to provide special key information, and in combination with algorithm selection, two-step encryption is possible. Therefore, it is possible to further complicate the encryption of data stored in an external storage medium that can be attached to and detached from the terminal device. Therefore, it becomes difficult to decipher it.

As a result, even if this recording medium is attached to another computer, workstation, etc., there is almost no risk of unauthorized acts such as information inquiry or falsification, improving the security of the entire system. It can cause a person to die.

[Brief explanation of drawings]

FIG. 1 is a block diagram of a firm banking terminal device according to an embodiment to which the IC card data processing system of the present invention is applied, and FIG. 2 shows key information stored in the IC card and processing stored in the floppy disk. FIG. 3 is an explanatory diagram of a specific example of the relationship with data, and is an explanatory diagram of storage of an algorithm processing program selected according to algorithm selection information stored in the IC card. l...) T-mu banking terminal, 3... public line,
4... host computer, 5... key table,
6... PIN-key table, 7... Algorithm selection information table, 10... IC card, 11... Floppy disk, 13... IC card reader/writer, 12... Microprocessor (CPU) , 14...
- Floppy disk drive, 15...Random access memory (RAM), 16...Read only memory (ROM), 17...Display, 18...Keyboard, 19...Printer.

Claims (2)

[Claims] (1) A terminal device connected to a line and having multiple encryption and decryption algorithms, and a terminal device attached to this terminal device,
an IC card that has confirmation information and selection information for selecting an algorithm related to encryption, and that collates input confirmation information sent from the terminal device with the confirmation information; The IC card includes a removable external storage medium for storing processing data, and the IC card includes:
When the input confirmation information matches the confirmation information held by the self, the selection information is sent to the terminal device, and the terminal device responds to the selection information received from the IC arm. According to at least one encryption algorithm selected from the plurality of encryption and decryption algorithms, one of the input confirmation information and the confirmation information obtained from the IC card is used as key information in the encryption algorithm. is used to encrypt the processed data in a predetermined manner and store it in the external storage medium, and when the processed data is read from the external storage medium, the processing data is encoded in accordance with the selection information received from the IC card. The processed data is decrypted using either the input confirmation information or the confirmation information obtained from the IC card as key information in the decryption algorithm according to at least one selected decryption algorithm. An IC card data processing system characterized by processing. (2) The external storage device is a floppy disk, a plurality of encryption and decryption algorithms are stored on the floppy disk, and the information read from the floppy disk remains encrypted in the internal memory of the terminal device. 2. The IC card data processing system according to claim 1, wherein the IC card data processing system is stored in the IC card data processing system.