KR20040063071A - Network Expansion Typed Smart Card and Method for Operating It - Google Patents

Abstract

PURPOSE: A smart card of a network extension type and an operating method thereof are provided to decide an accessible smart card application area from the smart card application areas in an IC chip or on the network when a smart card terminal accesses the smart card application area through an open network extension platform of the network extension typed smart card. CONSTITUTION: The network extension typed smart card provides the smart card application area storing an IC card application from an application area in the IC chip and an extension typed smart card server on the Internet. The smart card terminal stores a host application matched with the network extension typed smart card and a remote application to support the remote access to the extended smart card application area on the network. The network extension typed smart card server is equipped with the application area for the extension typed smart card linked with the smart card application area on the network.

Description

Network Expansion Typed Smart Card and Method for Operating It}

The present invention relates to a network extended smart card for expanding a smart card application area from an integrated chip (IC) chip to a network, an operation method of the network extended smart card, and an application service method using the network extended smart card. A network expandable smart card equipped with an open network expansion platform that allows an area to extend from an IC chip to a network, and an open network expansion platform mounted on the network extended smart card include a smart card application area inside an IC chip and a smart on the network. How network extended smart cards operate and manage card application areas, and smart card terminals access smart card application areas through the open network expansion platform of the network extended smart cards. In the process of determining the smart card application area to be accessed from the smart card application area in the IC chip or on the network, if the smart card application area to be accessed by the smart card terminal is a network, referring to the open network expansion platform How to access the smart card application area on the network, and post-issuance and / or transfer the smart card application (or data) to the smart card application area on the network with reference to the open network extension platform; Smart card services for network scalable smart cards, such as by loading smart card applications and / or smart card application information and data from a zone to a smart card terminal. It's about how.

The present invention also relates to a network extended smart card and a network extended smart card operating method using a network interworking platform of the network extended smart card.

The present invention also relates to a method for exchanging and moving applications (or data) stored in the network extended smart card and applications (or data) stored in the smart card application area on the network.

Smart cards, also known as integrated circuit cards or IC cards, are embedded with IC chips and a semiconductor chip containing a central processing unit.The smart card has a larger memory capacity than a conventional MS (Magnetic Stripe) card. It is a next-generation card that includes not only security functions such as encryption processing and authentication of connection targets, but also data and information management functions.

1 is a schematic diagram of a general smart card structure.

A smart card is an IC (Integrated Circuit) card in the form of a credit card that can store and compute various digital information by embedding a central processing unit and various memory devices.The IC chip mounted on the smart card is a central processing unit, ROM ( It consists of Read Only Memory (RAM), Random Access Memory (RAM), and EEPROM (Electrically Erasable and Programmable Read Only Memory) or Flash Memory, and functions as a small computer without input and output devices. .

The central processing unit of a smart card is a core component that executes and operates program instructions of the operating system (COS). It is called a CPU / MPU (Central Processing Unit / Micro Processing Unit). It interprets the commands included in the Application Protocol Data Unit (APDU) and sends them to the smart card and processes the corresponding operations.

Smart card ROM is a read-only memory that stores indelible information. The smart card operating system (COS), language interpreter, and various security codes are stored. Memory that holds the operating system, applications, and data currently in use so that all data that is executed or computed through the smart card's central processing unit is stored once in RAM.

A smart card's EEPROM or flash memory is a memory that stores smart card applications (hereinafter referred to as smart card applications or SCApps) that run on the smart card platform. Is possible. In general, most smart card applications on smart cards are stored in EEPROM or flash memory.

2 is a simple block diagram of a general smart card system.

Smart card services include smart cards with IC chips, CAD (Card Acceptance Devices) for communication between smart cards and smart card terminals, smart card terminals with host applications, and networks for communication between smart card terminals and servers. And a server that provides smart card services for smart cards.

A smart card is a smart card application loaded in the smart card application area on the IC chip. The smart card is a contact card, a contactless card, or a hybrid card according to the interface with the smart card terminal. (Hybrid Card), and Combination Card, etc., can be classified into memory cards and microprocessor cards depending on the presence or absence of a central processing unit, and single-purpose cards and multi-purpose cards depending on the application purpose of smart cards. Cards can be categorized.

The CAD connects the smart card to the smart card terminal by transmitting an APDU packet corresponding to the smart card command from the smart card terminal to the smart card and transmitting the APDU packet corresponding to the smart card response from the smart card terminal to the smart card terminal. As a device, a communication path between a smart card and a smart card terminal is made in a half-duplex method. That is, the data contained in the APDU packet is transmitted from the smart card terminal to the smart card, or transmitted from the smart card to the smart card terminal, but the above process is not performed at the same time. According to ISO-7816, in the communication method between the smart card terminal and the smart card, when the smart card terminal transmits a command to the smart card terminal through an APDU packet, the smart card performs an operation corresponding to the command, and the result It responds to the smart card terminal through the APDU packet.

The smart card terminal is a host system that transmits a smart card command to the smart card and performs a given task through a response received from the smart card. Personal Communication System (PCS), Global System for Mobile Communications (GSM), Personal Digital Cellular (PDC), Personal Handyphone System (PHS), Personal Digital Assistant (PDA) Wireless terminals including Smart Phones, Credit Authorization Terminals (CAT), Point Of Sales Terminals, Automatic Teller Machines (ATMs), Cash Dispenser (CDs), or Kiosks and the like all play the role of smart card terminals.

The host application installed in the smart card terminal is an application corresponding to at least one smart card application mounted in the smart card application area. The host card is a smart card application that is mounted on the smart card through an APDU packet. The application transmits a command, receives a smart card response generated by executing the smart card application, and processes a task corresponding to the smart card response.

The communication between the smart card and the smart card terminal is controlled by security systems such as confidentiality, authentication, integrity, and nonrepudiation of communication, as defined by ISO-7816 for smart cards. Apply.

The network that communicates the smart card terminal with the server is a path through which the host application mounted on the smart card terminal communicates with the server to perform a task corresponding to the smart card response received from the smart card terminal. Depending on the type of network, a public switched telephone network (PSTN), a value added network (VAN), or a wired or wireless Internet may be included in the network.

A server is a server that performs a practical operation on data transmitted through a network from a host application of a smart card terminal to generate a result, and stores and manages the result. The server is configured according to a type of a smart card terminal and a network and a given task. The location and role of the award will be determined. For example, if the smart card terminal is a credit card payment terminal (CAT) and the network is a VAN, the server corresponds to the credit card payment server to the credit card company. In addition, if the smart card terminal is a POS of a large discount store and the network is a local area network (LAN), the server corresponds to a product management server inside the large discount store.

Communication between the smart card terminal and the server is controlled by a security system such as Public Key Infrastructure, such as Confidentiality, Authentication, Integrity, and Nonrepudiation. Security system is applied.

Recently, a smart card is a multi-purpose combination card equipped with a central processing unit, which is capable of executing a program regardless of the card manufacturer, and is aiming at an open platform that is independent of the platform and that can be installed and deleted even after issuing a card. Representative smart card open platforms include Javacard, MULTOS, Smart Card For Windows (SCFW), and SmartTEC OS.

Javacard is a smart card platform that includes a Java Virtual Machine (JVM) on top of a COS (Chip Operating System) .It is a smart card platform that allows online downloading to modify programs inside the card, load one or more applications, and communicate with existing smart cards. It is an open smart card platform based on versatility with card terminals.

MULTOS is a smart card platform with MVM (MEL Virtual Machine) designed with MEL (Multos Executable Language), a unique interpretation language, on top of MULTOS, a multifunctional operating system developed by Mondex and supported by MAOSCO, an industry consortium led by Mondex. It is an open smart card platform that is being used for various smart card applications in Europe, and is mounted in electronic money using smart cards in Korea.

SCFW card is a smart card platform that is equipped with VBVM (Visual Basic Virtual Machine) in the MS Kernel (MicroSoft Kernel) of 8bit operating system dedicated to smart card developed by Microsoft, and through Microsoft Visual Basic. It is an open smart card platform designed to allow general developers who do not have a thorough knowledge of smart cards to approach smart card service development.

3 is a simple block diagram of the structure of an open smart card platform.

The open smart card platform has a different structure depending on the features of the language supported by the platform and the COS mounted on the smart card such as Java Card, MULTOS, or SCFW. Figure 2 generalizes the structure of each of these different open smart card platforms.

In general, the open smart card platform is equipped with a smart card operating system COS is mounted on a hardware consisting of a silicon chip, a virtual machine and a card manager (Card Manager) on top, and above the virtual machine. It has a structure in which a smart card application is mounted.

As described above, the hardware of the smart card platform includes a central processing unit, a read only memory (ROM), a random access memory (RAM), and an electrically erasable and programmable read only memory (EEPROM) or a flash memory. In some cases, a coprocessor for an Elliptic Curve Crypto system (ECC) and / or a Rivest-Shamir-Adleman (RSA) encryption operation is installed. In addition, the hardware of the smart card platform is equipped with a chip on board (COB) (8-contact plate) and / or RF (Radio Frequency) antenna to provide a communication connection with the smart terminal through the CAD.

The operating system (COS) of the smart card platform is a system program embedded in the IC chip's ROM for driving the smart card. The smart card platform has developed and used different COSs for each smart card manufacturer and smart card issuer. Even so, the COS mounted on the smart card may be different. In general, COS runs the first time a smart card is booted, and communicates between the smart card and CAD, reads and writes data from internal memory, authenticates users, and controls file access and execution of smart card applications through card management programs. Do this.

The virtual machine (VM) of the smart card platform is a program that interfaces with the central processing unit through the process of requesting service from the COS by interpreting the code of the smart card application. Each smart card platform uses a different virtual machine. For example, Java cards use the Java Virtual Machine (JVM) designed for Java, MULTOS uses the MEL Virtual Machine (MVM) designed for MEL, and SCFW for Visual Basic. Use the designed Visual Basic Virtual Machine (VBVM).

The card manager of the smart card platform works in conjunction with COS to control and manage the files stored on the smart card, to execute the smart card application, and to load the executed smart card application into RAM to load virtual machines and COS. Through the central processing unit performs a role such as to perform a given task.

The card management program may function as a sub-OS independent of the COS depending on the characteristics of the smart card platform, or may include a card management program as part of the COS. However, in the following description, in order to help the understanding of the present invention, a card management program mainly provides access control and management for a file stored in a smart card and execution of a smart card application. If the card management program is included as part of the operating system, the smart card operating system may provide access control and management of files stored in the smart card and execution of smart card applications.

In general, a card management program embedded in a smart card includes a memory map (MM) for controlling and managing a smart card application, that is, a file stored in a smart card application area, for executing and loading the smart card application into RAM or A file allocation table (FAT) and the like are mounted.

The memory map or file allocation table is information on the structure of the smart card application area inside the IC chip and information on the smart card application stored corresponding to the structure, and the card management program uses the memory map or file allocation table. Reference to control and manage the smart card application, and executes the smart card application corresponding to the smart card command transmitted from the smart card terminal through the APDU to load into the RAM.

As described above, the smart card application loaded in the RAM by the card management program is interpreted by the virtual machine and operated by the central processing unit through the operating system, and the operation result is included in the APDU packet through the operating system. Is sent to the terminal.

The smart card application of the smart card platform is an application that performs unique functions for the smart card service. The area in which the smart card application is stored or the memory space is called a smart card application area. In general, the access control and management of the smart card application area and the execution and running of the smart card application stored in the smart card application area are controlled by the card management program.

On the other hand, the characteristics of the open smart card platform as described above is characterized by the cooperation of the card issuer and the smart card application service organizations, and each of the card issuer that changes frequently even after the smart card produced by the card manufacturer is issued to the smart card user through the card issuer, It supports Post Issuance smart card application service that can share smart card application area with smart card users.

4 is a simplified block diagram of a system for post-issuing a smart card application with a smart card with an open platform.

The post-issuance server is a post issuance server for smart card applications as an open smart card application area through smart card terminals on the wired / wireless Internet and network. It is a server system that is installed in a partner of a smart issuing authority and a smart card application service organization that have been granted an access code.

The post-issuance server is equipped with a D / B storing a smart card application to be mounted on the smart card, and delivers the smart card application stored in the D / B to the smart card terminal through a network. The host application post-issues the smart card application stored in the D / B to the smart card application area through the process of mounting the transferred smart card application as the smart card application area.

Smart card application The smart card terminal and host application of the post-issuance system include the functions and roles of the smart card terminal and / or host application described in Figure 2, and the open platform is equipped with the smart card application provided by the post-issuance server. It is characterized in that it is provided with a function to issue and mount to the smart card application area.

In general, the process of post-issuing a smart card application with an open smart card having an open platform through a smart card application post-issuance system includes: (1) Linking a smart card with an open platform with a smart card terminal through CAD. (2) apply a security system through a validation process that verifies confidentiality, authentication, integrity, and nonrepudiation between the smart card terminal and the smart card based on smart card regulations including ISO-7816, ( 3) apply a security system that checks the confidentiality, authentication, integrity, and nonrepudiation of the issuance server and smart card terminal issuance based on at least one cipher system based on public key and / or symmetric key based encryption, (4) Host application of post-issuance server and / or smart card terminal Select the smart card application to be post-issued with this open smart card, and (5) the post-issuance server sends the smart card application to be post-issued to the open smart card application area to the smart card terminal, or the smart card terminal is Download the smart card application to be post-issued into the open smart card application area, and (6) the smart card application area of the smart card that is equipped with an open platform based on the post-issuance regulations by the host application of the smart card terminal. (7) The operating system and / or card management program of the smart card on which the open platform is mounted is issued to the smart card application area as described above to store information about the smart card application stored in the memory map or This is to update and manage the file allocation table.

The smart card application post-issued through the above process provides a smart card service in the same manner as the smart card application previously issued to the smart card through the smart card system as shown in FIG.

The characteristics of the above-issued smart card application in the open smart card are that if the smart card issuing company's partner and the smart card application service provider have been expanded by the smart card issuer, This means that certain smart cards can be loaded with unlimited smart card applications.

However, despite the above characteristics of the open smart card, the storage space on the IC chip capable of mounting the smart card application, that is, the capacity of the smart card application area is extremely limited.

Currently, about 16KB to 32KB of the storage capacity of IC chips installed in generalized smart cards, except for the smart card operating system (COS) and the open platform, smart card applications are actually installed. Smart card application areas can range from just a few kilobytes to tens of kilobytes.

The problem with the existing smart card as described above is that it restricts the high-level security services, financial services, and loyalty services through smart cards, as well as unlimited application services that various smart card application service organizations want to provide. .

As a result, in order to solve the problems of the existing smart card as described above, there is a need for a technology that can expand and manage the smart card application area more easily and efficiently.

An object of the present invention to solve the above problems is a network expandable smart card equipped with an open network expansion platform that allows the smart card application area from the IC chip to the network, and an open type mounted on the network extended smart card The network expansion platform provides a method for operating a network extension smart card that manages and operates the smart card application area inside the IC chip and the smart card application area on the network.

In addition, an object of the present invention is a smart card application area to be accessed from the smart card application area within the IC chip or on the network in the process of accessing the smart card application area through the open network expansion platform of the network expansion smart card. The present invention provides a method for determining a method of accessing a smart card application area on a corresponding network by referring to an open network extension platform when the smart card application area to be accessed by the smart card terminal is a network.

Another object of the present invention is to post-issue and / or transfer a smart card application (or data) to a smart card application area on a network with reference to the open network extension platform, or to a smart card terminal from a smart card application area on the network. It provides a method for loading a smart card application and / or smart card application information and data.

In addition, another object of the present invention to provide a network expansion smart card and network expansion smart card operating method as described above using a network interworking platform of the network expansion smart card.

Another object of the present invention is to provide a method for exchanging and moving an application (or data) stored in the network extended smart card and an application (or data) stored in a smart card application area on the network.

1 is a simple block diagram of a general smart card structure.

2 is a simple block diagram of a general smart card system.

3 is a simple block diagram of the structure of an open smart card platform.

4 is a simple block diagram of a system for post-issuing a smart card application with a smart card having an open platform.

5 is a simple block diagram of the structure of an open network extension platform of a network scalable smart card.

6 is a simple block diagram of a network scalable smart card system.

7 is a simple flowchart of a process for issuing a network extended smart card.

8 is a simple flowchart of a process of post-issuing a smart card application to an IC chip of a network expandable smart card or a smart card application area on a network.

FIG. 9 is a simple flowchart illustrating a process of extracting smart card application information and / or data from a smart card terminal mounted on an IC chip of a network extended smart card or a smart card application area on a network.

10 is a simple block diagram of the structure of a network interworking platform of a network expandable smart card.

11 is a simple block diagram of a network scalable smart card system.

12 is a simple flowchart of a process of issuing a network extended smart card.

FIG. 13 is a simple flowchart of a process of post-issuing a smart card application (or data) with a virtual IC chip of a network expandable smart card server that is logically interlocked with a network expandable smart card.

14 shows a smart card by extracting smart card application information and / or data from a smart card application issued and / or post-issued to an IC chip of a network extended smart card or a virtual IC chip of a network extended smart card server. A simple flow chart of the process of providing a service.

Fig. 15 is a simple flowchart for the process of moving the smart card application to the smart card application area on the IC chip.

<Description of main parts of drawing>

500: network smart card expansion platform 505: smart card application area

510: memory map / file allocation table

515: Remote Memory Map / Remote File Allocation Table

600: network smart card 605: smart card terminal

610: host application 615: remote application

620: network smart card server

625: smart card application area (network)

630: NCAD (Network CAD) 635: Network

640: post-issuance server 645: post-issuance server D / B

650: server

The present invention relates to a method of operating a network extended smart card and a network extended smart card in which a smart card application area extends from an IC (Integrated Circuit) chip to a network, and an application service method using a network extended smart card. A network expandable smart card equipped with an open network expansion platform for extending from an IC chip to a network, and an open network expansion platform mounted on the network extended smart card include a smart card application area inside an IC chip and a smart card application on a network. Based on the method of operating a network extended smart card that manages and operates an area, and the method of operating the smart card, a smart card terminal may be smartly connected through an open network expansion platform of the network extended smart card. In the process of accessing the card application area, the first step of determining a smart card application area to be accessed from the smart card application area inside the IC chip or on the network, and when the smart card application area to be accessed by the smart card terminal is a network, A second step of accessing the smart card application area on the network with reference to the open network extension platform; and post-issuance and / or smart card application (or data) to the smart card application area on the network with reference to the open network extension platform. Or a third step of transmitting or loading a smart card application and / or smart card application information and data from the smart card application area on the network to the smart card terminal.

The present invention also relates to a network extended smart card and a network extended smart card operating method using a network interworking platform of the network extended smart card.

The present invention also relates to a method for exchanging and moving applications (or data) stored in the network extended smart card and applications (or data) stored in the smart card application area on the network.

In the present invention, the network expansion smart card includes the functions and roles of the existing smart card in which the IC chip is mounted, and the smart card application area controlled and managed by the operating system and / or the card management program of the smart card is internal to the IC chip. In addition, the smart card application area on the network is included.

While the operating system and / or card management program of the existing smart card controls and manages only the smart card application area inside the IC chip, the operating system and / or card management program of the network extended smart card according to the present invention is internal to the IC chip. The smart card application area, as well as additionally characterized in that it controls and manages the smart card application area on the network.

As described above, the smart card platform in which the smart card application area controlled and managed by the smart card operating system and / or the card management program is expanded on the network is called an open network expansion platform, and the smart card application area on the network is located inside the IC chip. It is composed of the same structure and the same system as the existing smart card application area.

In the present invention, the smart card application area on the network is a space for storing a smart card application (or data) issued to a specific smart card or issuing a post-issuance. It is allocated to a specific storage space on the network, and consists of the same structure and the same file system as the smart card application area inside the IC chip, and is controlled and managed by the operating system and / or card management program of the smart card. It is done. That is, the smart card application area on the network is not a database on the network operated by a query, but a storage space having the same structure and the same file system as the smart card application area inside the IC chip, and is controlled by the database program. Rather than being managed, it is remotely controlled and managed by the operating system and / or card management program of the smart card.

In order to satisfy the conditions of the smart card application area on the network as described above, an open network extension platform such as an operating system and / or a card management program of a smart card is issued or stored in a smart card application area on the network and stored. Remote Memory Map (RMM) or Remote File Allocation Table (RFAT) for direct access to card applications (or data) is included.

In addition, an IC card application (or data) mounted in the smart card (or IC card or IC chip) application area (or application storage memory space) is an extended smart located on the network (or wired or wireless communication network). Characterized in that the transfer to the smart card application area (or application storage memory space) in the card server.

In addition, an application (or data) for an IC card mounted in a smart card application area (or application storage memory space) in an extended smart card server located on the network (or wired or wireless communication network) is the smart card (or IC). Card or IC chip) to an application area (or application storage memory space).

The IC card application (or data) is a term that includes an IC card (or smart card or IC chip) application and various data included in the application. For convenience of description, the IC card application and the IC card are described below. The application (or data) is used interchangeably, but it is also used in the same sense.

Hereinafter, the features of the present invention will be described in detail with reference to the accompanying drawings. However, the following drawings and descriptions are for representative methods among various methods for properly describing the present invention, and the present invention is not limited only to the following drawings and descriptions.

5 is a simple block diagram of the structure of an open network expansion platform 500 of a network scalable smart card.

The open network expansion platform 500 of the present invention is an open platform including information on smart card applications (or data) issued in the smart card application area on the network. The following describes the features of the open network expansion platform 500 proposed by the present invention. However, the open network expansion platform 500 of the present invention is not limited to the embodiments described below, and the open network expansion platform 500 of the present invention is issued to the smart card application area 625 on the network. It includes all kinds of open platforms that contain information about smart card applications (or data).

The open network expansion platform 500 of the network expansion smart card includes the functions of the open platform of the smart card, and additionally, access control and management of the smart card application area 505 inside the IC chip and the smart card. In addition to the memory map or file allocation table 510 for the execution of the application (or data), the smarts stored in the smart card application area 625 and the access control and management of the smart card application area 625 on the network. And a remote memory map or remote file allocation table 515 for remotely executing the card application (or data).

That is, while the card management program of the existing smart card includes only the memory map or file allocation table 510 for the smart card application area 505 of several KB to several tens of KB inside the IC chip, The remote memory map or remote file allocation table 515 of 500) includes information on the smart card application area 505 of several MB to several hundred MB exceeding the limit of the smart card application area 505 inside the IC chip. can do.

The remote memory map or remote file allocation table 515 of the open network expansion platform 500 has the same structure as the memory map or file allocation table 510 mounted on each open platform. The network extended smart card server address information including the application area 625 and the smart card application area information assigned to the corresponding network extended smart card on the network extended smart card server may be included.

For example, the structure of the memory map or file allocation table 510 may include a class byte (CLA), an instruction byte (INS), and a parameter byte (P1-P2) for each smart card application. ), And the start address of the smart card application area 505 where the smart card application is stored, the size of the smart card application, and the like, the structure of the remote memory map or the remote file allocation table 515 is also the same as the above structure. In addition, the IP address or the domain name (Domain) of the network extended smart card server including the smart card application area 505 is based on Internet Protocol version 4 (IPv4) and / or Internet Protocol version 6 (IPv6). Unique server address information, such as a name), and the corresponding network address on the network extended smart card server. Walk scalable smart card smart card application areas include information that has been assigned to in the form of a directory and / or virtual device (Virtual Device) name. In the above description, the virtual device is a file that performs the same device role as the smart card application area 505 on the IC chip of the network expansion smart card in the network expansion smart card server, and is a virtual smart such as the smart card application area 505 on the IC chip. Card application area.

However, the memory start address of the remote memory map or the remote file allocation table 515 corresponds to the address immediately after the last address of the memory address mounted in the IC chip. For example, if the last address of the memory map or file allocation table 510 inside the IC chip is 0XFFFA, the starting address of the remote memory map or file allocation table 515 for the smart card application area 505 on the network is 0XFFFB. Start with

Therefore, if the smart card application corresponding to the smart card command sent from the smart card terminal is larger than the last address of the memory map or file allocation table 510 inside the IC chip, the card management program determines that the smart card application It automatically recognizes that it is stored in the card application area 625 and accesses the smart card application area 625 on the network via the remote memory map or remote file allocation table 515.

5A is a configuration diagram of an open network expansion platform 500 in which a remote memory map or a remote file allocation table 515 is included in addition to the memory map or file allocation table 510 of an existing card management program.

When the smart card terminal transmits the smart card command to the smart card through the APDU packet, the smart card command is transmitted to the card management program through the open network expansion platform 500 as shown in FIG. The card management program refers to the class byte and command byte and / or parameter byte included in the smart card command so that the smart card application (or data) corresponding to the smart card command is stored in the smart card application area 505 of the IC chip. Is stored in the smart card application area 625 on the network.

If the smart card application (or data) is stored in the smart card application area 505 inside the IC chip, the card management program executes the smart card application inside the IC chip and loads it into RAM. Run the application. On the other hand, if the smart card application (or data) is stored in the smart card application area 625 on the network, the card management program may refer to the remote memory map or the remote file allocation table 515 to refer to the smart card application area ( Remote access to the smart card application (or data) on the network to receive the smart card application (or data).

5B is a block diagram of an open network expansion platform 500 in which a remote card management program is mounted in addition to an existing open platform.

When the smart card terminal transmits the smart card command to the smart card through the APDU packet, the smart card command is transmitted through the open network expansion platform 500 as shown in (b) of FIG. It is selected and delivered. That is, in the step in which the host application of the smart card terminal transmits the smart card command to the smart card terminal, whether the smart card command targets the smart card application area 505 inside the IC chip or the smart card application area on the network ( 625) is determined in advance and sent to the smart card, and the smart card open network expansion platform 500 transmits the smart card to the smart card application area 505 in the IC chip based on the determined contents. The command is processed by the existing card management program, and the smart card command delivered to the smart card application area 625 on the network is processed by the remote card management program.

Of course, in the case of (b) of FIG. 5, if the smart card application (or data) corresponding to the smart card command transmitted to the smart card application (or data) inside the IC chip is not stored in the IC chip, As shown in (a) of FIG. 5, a remote card management program confirms that the smart card application (or data) is stored in the smart card application area 625 on the network, and the smart card application area 625 on the network. If the smart card management program is stored, the smart card application (or data) is accessed through the remote memory map or the remote file allocation table 515 of the remote card management program.

5 (c) of FIG. 5 is an open network expansion platform 500 in which a smart card is mounted on an existing open platform and the network open network expansion platform proposed by the present invention.

5 (c) of FIG. 5 is implemented by two IC chips in hardware, namely, one IC chip supporting an existing open platform and another IC chip supporting the network open network expansion platform 500 according to the present invention. As an open network extension platform, the smart card terminal transmits each smart card command to each IC chip according to the characteristics of the smart card application to be accessed in the step of sending the smart card command to the smart card through the APDU packet. .

For example, if the existing open platform is equipped with a financial / security / payment related smart card application, the network open network expansion platform 500 is equipped with a royalty / coupon / ticket / gift certificate / reservation related smart card application On the other hand, if the smart card terminal accesses a financial / security / payment related smart card application, if the smart card terminal delivers a smart card command to an existing open platform and accesses a royalty / coupon / ticket / gift certificate / reservation related smart card application. The smart card command is transmitted to the network open network expansion platform 500.

5D is an open network expansion platform 500 configuration in which a remote memory map or a remote file allocation table 515 is stored in one or more specific smart card applications among smart card applications of an existing open platform.

Figure 5D shows a special purpose smart card application that serves as a remote memory map or remote file allocation table 515 proposed by the present invention for a smart card that already has an existing open platform. Through the process of issuing is to perform the function of the network extended smart card proposed by the present invention.

That is, the network extended smart card as shown in (d) of FIG. 5 does not issue a new smart card having a structure as shown in (a), (b), or (c) of FIG. Through the process of post-issuing the special purpose smart card application that performs the role of 515 as the smart card application of the existing open smart card, the function of the network extended smart card proposed by the present invention can be used as it is. .

When the smart card terminal transmits a smart card command to a smart card having a structure as shown in (d) of FIG. 5 through an APDU packet, the smart card command is transmitted to a card management program, and the card management program is included in the smart card command. The smart card application corresponding to the smart card command is stored in the smart card application area 505 inside the IC chip by referring to the received class byte, command byte, and / or parameter byte.

If the smart card application is stored in the smart card application area 505 inside the IC chip, the card management program runs the smart card application by executing the smart card application inside the IC chip and loading it into RAM. . On the other hand, if the smart card application is not stored in the smart card application area 505 inside the IC chip, the card management program is included in the smart card application mounted for the special purpose as shown in (d) of FIG. Referring to the remote memory map or the remote file allocation table 515, the smart card application area 625 on the network is stored in the smart card application, and the smart card application on the network is accessed remotely.

6 is a simple block diagram of a network scalable smart card system.

The network scalable smart card system according to the present invention is equipped with the open network expansion platform 500 described in FIG. 5 with respect to the existing smart card system as shown in FIG. 2 and / or the smart card application post-issuance system as shown in FIG. Smart card application area 505 corresponding to network extended smart card 600, host application 610 corresponding to network extended smart card 600, and remote memory map or remote file allocation table 515 of smart card. A remote memory map or remote included in a smart card terminal 605 equipped with a remote application 615 for remote access to the open network expansion platform 500 of the network extended smart card 600. The smart card application area 505 corresponding to the file allocation table 515 is mounted. It is configured to add a network or the like extended smart card server 620.

The network extended smart card 600 includes a remote memory map or a remote file allocation table 515 in addition to the memory map or file allocation table 510 of a card management program of an existing open smart card as shown in FIG. Open network expansion platform 500 of the type, open network expansion platform 500 of the type equipped with a remote card manager (RCM) in addition to the existing open platform as shown in (b) of FIG. An open network expansion platform 500 in which an existing open platform and a network open network expansion platform are simultaneously installed in one smart card as shown in (c), or a smart card application of an existing open platform as shown in (d) of FIG. Save the remote memory map or remote file allocation table (515) to one or more specific smart card applications. And the form of an open network platform extension 500 that is a smart card that is installed.

The network extended smart card 600 is characterized in that it is equipped with a remote memory map or a remote file allocation table 515 for controlling and managing the smart card application area 625 on the network. Remote control / manage / execute the smart card application stored in the smart card application area 625 on the network through the remote application 615 of 605 to load into the RAM of the smart card, or the smart card terminal 605 It is characterized in that the ability to transfer directly to the host application 610 of the) is added to the card management program.

The method for controlling and managing the smart card application area 625 on the network by the network expandable smart card 600 may include a remote application of the smart card terminal 605 through an APDU by a card management program of the open network expansion platform 500. In step 615, the address of the network extended smart card server 620 on which the smart card application area 625 is mounted, the location information of the unique smart card application area assigned to the smart card, and the smart card application area. When the remote memory map or the remote file allocation table 515 information, etc., located at 505 is transmitted, the remote application 615 of the smart card terminal 605 is allocated to the corresponding network extended smart card 600 based on the information. Network smart card server 620 and corresponding smart card application area 625 thereon After access to the smart card application region 625, a direct access to the smart card application to be accessed by referring to the memory map to the remote or remote file allocation table 515, information about the smart card application area 625. The

The smart card terminal 605 includes the functions and roles of the existing smart card terminal described with reference to FIGS. 2 and / or 4, and additionally, in conjunction with the network extended smart card 600, the smart card application area 625 or the network. A remote application 615 for accessing the network expandable smart card server 620 including the smart card application area 625 may be mounted.

The host application 610 of the smart card terminal 605 includes the functions and roles of the existing host application described with reference to FIGS. 2 and / or 4, and additionally, the network expansion smart card 600 and the remote application 615 are smart. It is characterized in that the role of relaying to interlock in the card terminal 605 is mounted.

After the host application 610 sends a smart card command to the network extended smart card 600, the network extended smart card server 620 from the network extended smart card 600 to the smart card application area 625 on the network. When the address, location information of the corresponding smart card application area 625, and remote memory map or remote file allocation table 515 data for the smart card application to be accessed are answered, the host application 610 sends the information to the remote application. Relay forwarding to 615 allows the remote application 615 to access the smart card application area 625 on the network.

The remote application 615 is an application additionally mounted on the smart card terminal 605 according to the present invention to support the network extended smart card system, and replaces the card management program of the network extended smart card 600. An application that accesses the smart card application area 625 on the network corresponding to the remote memory map or the remote file allocation table 515 mounted on the open network expansion platform 500 of the smart card 600.

According to the present invention, the remote application 615 is included as part of the host application 610 mounted in the smart card terminal 605 to perform the above role in the smart card terminal 605, or the smart card terminal ( 605 is mounted in the form of a standalone application communicating with the host application 610 inside.

The process of accessing the smart card application area 625 on the network by the remote application 615 includes a smart card application area 625 on the network to be remotely accessed from a card management program of the network extended smart card 600. Address of the network expandable smart card server 620, location information of the unique smart card application area 625 assigned to the smart card 600, and a remote memory map for the smart card application area 625, or When the remote file allocation table 515 data and the like are delivered to the remote application 615 via the APDU, the remote application 615 may transmit the forwarded network extended smart card server 620 address and the location of the smart card application area 625. Unique smart card application area 625 that is assigned to the network extended smart card 600 based on the information. After the access, the direct access to the smart card application to be accessed by referring to the memory map to the remote or remote file allocation table 515, information about the smart card application area 625. The

The network expandable smart card server 620 is a unique smart card application area on the network that corresponds to the remote memory map or remote file allocation table 515 of the network expandable smart card 600 on which the open network expansion platform 500 is mounted. 625 and a network CAD for recording a smart card application in the smart card application area 625 or extracting information and / or data contained in the smart card application and / or the smart card application from the smart card application ( Network CAD (hereinafter referred to as NCAD)), wherein the network expansion smart card server 620 is mounted on the smart card terminal 605 side according to the characteristics of the smart card system, or on the network. It is mounted on or on the server side.

For example, when the network expandable smart card server 620 is mounted on the smart card terminal 605 side, the network expandable smart card 600 is a membership card of a large discount store, and the smart card terminal 605 is the large discount store. If the POS terminal, the network extended smart card server 620 that stores the unique smart card application area 625 on the network for the network extended smart card 600 is a large discount store connected to the POS terminal and LAN It can be mounted inside.

Alternatively, when the network expandable smart card server 620 is mounted on a network, if the network expandable smart card 600 is a credit card, the smart card terminal 605 is CAT, and the network is a VAN, A network expandable smart card server 620 that stores a unique smart card application area 625 on the network may be mounted on the VAN.

In addition, when the network expandable smart card server 620 is mounted on the server side, if the network expandable smart card 600 is a loyalty card and the server is a royalty management server, a unique smart card application area on the network for the loyalty card is provided. The network expandable smart card server 620 storing 625 may be mounted on the royalty management server side to provide an efficient royalty service.

The network extension smart card server may be mounted on a mobile communication company server.

The network expandable smart card server 620 is equipped with a smart card application area 625 allocated to each network expandable smart car 600, and the smart card application area 625 is provided with each network expandable smart card ( The smart card application issued / post-issued to 600 is mounted, and the remote memory map or remote file allocation table 515, which is access information for the smart card application, is shown in (a), (b), or ( It is loaded in the form of a card management program of the network expansion smart card 600 as shown in FIG. 6 or a special purpose smart card application as shown in FIG.

The smart card application area 625 of the network expandable smart card server 620 has the same structure as the smart card application area on the IC chip mounted in the smart card.

For example, a smart card application for registering a guest book on a smart card of a visitor invited to a seminar is post-issued, and the guest book is post-issued to a visitor through a smart card terminal installed at the gate when the visitor enters the seminar hall. When the guestbook information of the visitor is automatically extracted from the smart card application for writing, and the guestbook information is transmitted to the server for management, the smart card application post-issued on the smart card of the visitor invited to the seminar is shown in Table 1 below. same.

Table 1 shows the logical format of the guest card entry smart card application post-issued on the smart card of the visitor invited to the seminar.

According to Table 1, the information included in the guestbook smart card application includes the visitor's name, work, and personal information, such as the visitor's name, work, title, gender, age, social security number, phone number, mobile phone number, and e-mail address. This includes your job title, job title, social security number, telephone number, mobile phone number, and e-mail address.

Therefore, the guestbook entry smart card application is a smart card application having a total size of 128 bytes. The visitor name of the guestbook information is stored in the form of a string and is represented by the size of 8 bytes in four Korean characters. It is stored in the format of 16 letters or 8 letters in Korean and is represented by the size of 16 bytes. The title is stored in the form of a string and is represented by the size of 4 bytes in 2 letters of Korean characters, and the social security number includes a hyphen (-). It is represented by 14 bytes, the telephone number and the mobile phone number are represented by 13 bytes each, and the e-mail address is represented by 32 bytes including @.

Table 1

Table 2 includes the guestbook information in the logical format of the guestbook entry smart card application shown in Table1.

Among the guestbook information included in the Guestbook entry smart card application, the visitor name was 3 characters 6 bytes of Korean characters out of 8 bytes, and the workplace used 6 characters of 12 characters of Korean characters out of 16 bytes. Two letters and four bytes were used, and the social security number was 14 bytes including 13 numeric characters and hyphens (-) among the total 14 bytes, and the telephone number was 10 numeric characters and horizontal characters () among 13 bytes. 12 bytes were used including 11 and hyphen, 13 bytes including 11 numeric characters and 2 hyphens, and 24 bytes including 21 alphabets and 3 special characters (@ ,.). It became.

Table 2

Table 3 is a logical representation of the structure of the smart card application in which the guest card writing smart card application including the guest book information shown in Table 2 in the logical format shown in Table 1 is stored in the smart card application area.

In the example of Table 3, the memory address of the smart card application area where the guest card writing smart card application is stored is assumed to be a 128-byte area of 0X10000 to 0X10070 in hexadecimal. In general, as described above, the memory address for the smart card application area may vary depending on the type of the smart card, the issuing organization and the manufacturer, and the operating system or platform installed in the smart card.

According to Table 3, the guestbook name of the guestbook entry smart card application is stored in 8 bytes of 0X10000 ~ 0X10007, the location in which the job is stored is 16 bytes of 0X10008 ~ 0X10015, and the location where the job title is stored is 0X10016 ~ 0X10019. 4 bytes, the location of the social security number is stored 14 bytes of 0X1001A ~ 0X10027, the location of the phone number is stored 13 bytes of 0X10028 ~ 0X10034, the location where the mobile phone number is stored 13 bytes of 0X10035 ~ 0X10041, electronic The location where the postal address is stored is 32 bytes from 0X10042 to 0X10062, and 28 bytes of 0X10063 to 0X1007F are currently unused and reserved.

Table 3

According to the present invention, the logical format and logical structure of the smart card application stored in the smart card application area as described above is the smart card application area (505) on the IC chip and the smart card application area (on the network expansion smart card server 620) 625 is of the same type and the same structure. Therefore, the smart card application including the information shown in Table 2 in the logical format shown in Table 1 may be stored in the smart card application area 505 on the IC chip in the logical structure shown in Table 3, or the smart card application area on the network. And may be stored at 625.

According to the present invention, the smart card application stored in the smart card application area 505 on the IC chip is transmitted to the smart card application area 625 on the network mounted in the network expansion smart card server 620 without any special conversion process. In addition, the smart card application stored in the smart card application area 625 on the network can be transferred to the smart card application area 505 on the IC chip for storage. In this case, however, the information for confirming whether the corresponding smart card application is stored in the smart card application area 505 on the IC chip or in the smart card application area 625 on the network is included in the card management program. Stored in a memory map or file allocation table 510 to control and manage access to each smart card application.

In addition, the network expansion smart card server 620 corresponds to a CAD that serves as an interface between the smart card terminal 605, the host application 610, and the physical smart card, and the network and the remote application 615 of the smart card terminal. A smart card application area 625 mounted on the extended smart card server 620 and a network CAD (NCAD) providing an interface role and reading and writing to the smart card application area 625 on the network are mounted.

The NCAD 630 of the network expandable smart card server 620 is a smart card application area 505 assigned to the network expandable smart card 600. 1) Post-issuance or post-roll a new smart card application. 3) smart card from the smart card application area 625 on the network [in case of copying SCApp to the network on the IC chip], 2) recording the smart card application information and / or data (e.g., charging electronic money). 4) extracting the application [in case of copying SCApp onto the IC chip on the network] or 4) extracting the smart card information and / or data included in the smart card application [when using a general smart card]. The program accesses the smart card application area 625 and performs a virtual CAD role.

According to the present invention, Figure 6 is a server 650 that provides a practical smart card service for the CAD, network extended smart card 600, which serves as an interface between the network extended smart card 600 and the smart card terminal 605. ), And / or a post-issuance server 640 for issuing a smart card application to the smart card application area, etc., performs the same role as that of FIGS. 2 and / or 4.

However, the post-issuance server 640 according to the request of the remote application of the smart card terminal 605 and / or the characteristics of the network extended smart card 600, the smart card application in the step of post-issuing the smart card application to the smart card application area A function of selectively post-issuing the card application to the smart card application area 505 on the IC chip and / or the smart card application area 625 on the network included in the network extended smart card server 620 is added.

7 is a simple flowchart of a process for issuing a network extended smart card 600.

Compared to the existing smart card equipped with a platform that manages only the smart card application area 505 on the IC chip, the smart card issuing policy of the smart card issuing institution issuing the network expansion smart card 600 issuing the present invention. And / or the storage capacity of the smart card application area 505 on the IC chip and the storage capacity of the smart card application area 625 on the network and the smart card application area 505 and the network on the IC chip at the request of the smart card user. The storage capacity of the physical smart card that accommodates the storage capacity of the smart card application area 625 on the above is determined.

In addition, the network extended smart card 600 and the existing smart card proposed by the present invention is a platform mounted on the smart card, that is, a smart card application area managed by an operating system including a card management program or a function of the card management program. The actual smart card structure and function are the same. That is, if the platform mounted on the smart card manages only the smart card application area 505 on the IC chip, it is an existing smart card, and the smart card platform is the smart card application area 505 on the IC chip and the smart card application area on the network ( 625) and the like, it is the network extended smart card 600 proposed by the present invention.

According to the present invention, in order to distinguish the features of the network expandable smart card 600 from the existing smart card, the platform mounted on the network expandable smart card 600 proposed by the present invention is mounted on an existing smart card. It is referred to as an open network expansion platform 500.

Therefore, the smart card issuing authority and / or smart card user or the like decides whether to issue the currently issued smart card to the network extended smart card 600 proposed by the present invention or to an existing smart card ( 700).

If the smart card issuing agency and / or the smart card user decides to issue the smart card to be issued to the existing smart card managing only the smart card application area 505 on the IC chip (705), the smart card issuing authority Manufactures a physical smart card that manages the smart card application area 505 on the IC chip (710), and goes through a series of processes such as smart card initialization and personalization according to the existing smart card issuing process. Issue the smart card.

Of course, in the case of a smart card issued as an existing smart card as described above, a specific smart card application mounted in the smart card application area 505 as shown in (d) of FIG. 5 is mounted in the network extended smart card 600. By post-issuance to perform the functions of the remote memory map or the remote file allocation table 515 included in the network expansion platform 500, the present invention can be changed to the network expansion smart card 600 proposed by the present invention. The smart card published in the above may also be a network expansion smart card by issuing a smart card application.]

On the other hand, a smart card issuer and / or a smart card user, etc., currently manages a smart card to be issued, and the network extended smart card 600 that manages the smart card application area 505 on the IC chip and the smart card application area 625 on the network. In operation 715, the smart card issuing authority and / or the smart card user, etc. may be assigned to the smart card application area 505 on the IC chip included in the network extended smart card 600 and the smart card application area on the network ( A storage capacity of 625 is determined 720.

According to the present invention, the storage capacity of the smart card application area 625 on the network is determined by the remote memory map or remote file allocation table 515 included in the open network expansion platform 500 mounted on the network expansion smart card 600. Corresponds to the size. For example, if the size of the remote memory map or remote file allocation table 515 is 1 KB, and the storage capacity of the smart card application area 625 is 1 MB, the maximum size of the remote memory map or remote file allocation table 515 is maximum. When the size is 8 KB, the maximum storage capacity of the smart card application area 625 on the network is 8 MB.

Therefore, when the smart card issuing authority and / or the smart card user determines the storage capacity of the smart card application area 505 on the IC chip and the smart card application area 625 on the network included in the network extended smart card 600, The smart card issuing authority determines the physical smart card storage capacity that can accommodate the smart card application area as described above (725). For example, if the size of the remote memory map or remote file allocation table 515 is 1 KB, and the storage capacity of the smart card application area 625 is 1 MB, the operating system on a smart card that contains 64 KB of physical storage capacity. If the storage space used by the and the platform is 32KB, and the size of the smart card application area 505 on the IC chip is 24KB, the size of the remote memory map or the remote file allocation table 515 is about 8KB. The maximum size of the 625 smart card application area on the network is 8 MB.

If the storage capacity of the smart card application area 625 determined as described above through the storage capacity of the smart card application area 625 and the actual physical smart card on the network determined by the smart card issuing authority and / or the smart card user is issued. If not possible (730), the smart card issuer and / or smart card user, etc. repeat the process of determining a smart card application area that includes a storage area within the maximum size of the smart card application area 625 on the network.

On the other hand, the storage capacity of the smart card application area 625 determined as described above through the storage capacity of the smart card application area 625 and the actual physical smart card on the network determined by the smart card issuing authority and / or the smart card user is issued. If possible (735), the smart card issuing authority and / or smart card user or the like allocates the smart card application area 625 on the network managed by the smart card to the network extended smart card server 620 (740).

When the smart card application area 625 is allocated on the network as described above, the smart card issuing authority sends information about the smart card application area 625 on the network in the form of a remote memory map or a remote file allocation table 515. By mounting the smart card, the network extended smart card 600 is initialized and the network extended smart card 600 for managing the smart card application area 505 on the IC chip and the smart card application area 625 on the network is managed. Create a physical smart card (745).

The network extended smart card 600 manufactured as described above is issued to the smart card user through a series of processes such as personalization according to the smart card issuing process (750).

Of course, even in the case of the network extended smart card 600 issued through the above process, the remote memory map or the remote file allocation table 515 in the smart card application area 505 on the IC chip as shown in FIG. By issuing a smart card application that performs the function of the smart card application area, the network expansion smart card 600 can be expanded to a larger size. [I.e. remote memory map / file allocation table in the smart card application area on the IC chip. In addition, it is possible to extend the network scalable smart card application area.]

From the process and post-issuance of the smart card application to the smart card application area on the IC chip or network of the network expansion smart card 600 through the flow chart and description, and from the smart card application mounted on the smart card application area on the IC chip or network. An operation method and a smart card service method of the network extended smart card 600 according to the present invention will be described with respect to a process of extracting smart card application information or data. However, as described above, the network expansion smart card post-issuance process and the extraction process of the smart card application information or data are not limited to the following flow charts, and the following flow charts and descriptions illustrate various network expansion smarts presented by the present invention. The most common case is how the card works and how it is serviced.

According to the present invention, the operation method and the smart card service method of the network extended smart card 600 is a smart card terminal 605 to the smart card application area through the open network expansion platform 500 of the network extended smart card 600. In the approaching process, the subject of the first step of deciding the smart card application area to be accessed from the smart card application area inside the IC chip or the network, and the smart card application area to be accessed by the smart card terminal 605 are networks. A second step of accessing the smart card application area 625 on the corresponding network and a third step of communicating information and data with the smart card application area 625 on the network by referring to the open network expansion platform 500. Various methods may be proposed according to the communication path to be used.

8 is a simple flowchart of a process of post-issuing a smart card application (or data) to an IC chip of a network extended smart card 600 or a smart card application area on a network.

According to the present invention, the process of post-issuing the smart card application (or data) to the IC chip of the network extended smart card 600 or the smart card application area 625 on the network is performed by D / B ( The subject of the first step that decides to post-issue the smart card application (or data) stored in 645 to the smart card application area 625 on the network mounted in the network expandable smart card server 620, and the smart card application (or Data in the second step in which the smart card application accesses the smart card application area 625 on the network and the D / B 645 of the post-issuance server 640 in the process of post-issuing the data to the smart card application area 625 on the network. In the third step of issuing a smart card application (or data) from the network to the smart card application area 625 on the network. After the various cases depending on the communication path that is used can result in process issues.

According to this embodiment, the subject of the first step of determining to post-issue a smart card application (or data) to the smart card application area 625 on the network is

1) The card management program and / or operating system of an open network expansion platform mounted on a network expansion smart card [Fig. 8 (a)],

2) the host application of the smart card terminal referring to the card management program and / or operating system of the open network expansion platform [Fig. 8 (b)],

3) The host application of the smart card terminal that contains the post-issuance policy for the smart card application to be post-issued [Fig. 8 (C) (d)],

4) Post-issuance server 640 that contains post-issuance policy for the smart card application (or data) to be post-issued (not in the embodiment).

Communication path of the second step of accessing the smart card application area 625 on the network and the third step of post-issuing the smart card application (or data) to the smart card application area 625 on the network.

1) the route from the post-issuance server 640 to the smart card application area 625 on the network via the smart card terminal 605 ((a) (b) (c) of FIG. 8),

2) There may be a path directly accessing the smart card application area 625 on the network from the post-issuance server 640 (Fig. 8 (D)).

Figure 8 of the present embodiment is a representative method of the various post-issuance process as described above, the smart card application (or data) to the smart card application area 625 on the IC chip or network of the network expansion smart card 600 in the present invention ) Is not limited to the flow chart and description below.

In order to post-issue a smart card application stored in the D / B 645 of the post-issuance server 640 to the IC chip of the network expansion smart card 600 or the smart card application area 625 on the network. The physical smart card providing the function of the network extended smart card 600 proposed by the present invention is interworked with the smart card terminal 605 through the CAD (800).

When the network extended smart card 600 is interlocked with the smart card terminal 605 through the CAD, the host application 610 of the smart card terminal 605, such as the PIN (Personal Identification Number) input, such as smart card regulations such as ISO-7816 Through the various methods suggested, smart card validation is performed to verify the confidentiality, authentication, integrity, and nonrepudiation of the smart card.

If the validation of the smart card fails in the above process, the host application of the smart card terminal outputs an error message and terminates the smart card application post-issuance process.

On the other hand, if the validity authentication for the smart card is successful in the process (805), the host application 610 of the smart card terminal 605 is connected to the post-issuance server 640, D / D of the post-issuance server 640 A smart card application to be post-issued is selected from the smart card applications stored in B 645 to the smart card application area 625 (810).

When the smart card application to be post-issued to the smart card application area 625 is selected through the above process, the subject and network extended smart card system for determining post-issuance of the smart card application to the smart card application area 625 on the network. The post-issuance process of the smart card application from the post-issuance server 640 to the smart card application area 625 on the IC chip of the network-expanded smart card 600 or the network according to the post-issuance path of the smart card application, etc. .

8A illustrates a card management program and / or operating system of an open network expansion platform 500 in which a subject that determines post-issuance to a smart card application area 625 on a network is mounted on a network expansion smart card 600. In this case, the post-issuance smart card application is post-issued from the post-issuance server 640 to the smart card application area 625 on the network via the smart card terminal 605.

When the smart card application to be post-issued to the smart card application area 625 is selected, the host application 610 of the smart card terminal 605 connects to the post-issuance server 640 to store the smart card stored in the D / B 645. Pull technology that downloads the application (send to: smart card terminal 605-pull technology), or post-issuance server 640 is stored in D / B 645 as smart card terminal 605. The smart card application is extracted from the post-issuance server 640 to the smart card terminal 605 by using a push technology that extracts and transmits the [transmission subject: post-issuance server 640-push technology]. Deliver the smart card application to be issued later (815).

When the smart card application to be post-issued is delivered to the smart card terminal 605 as described above, the smart card terminal 605 transfers the smart card application to the IC of the network extended smart card 600 as in the post-issuance process of the existing smart card application. In order to post-issuance to the smart card application area 505 on the chip, the smart card application transmitted as described above is transferred to the network expansion smart card 600, and the smart card application area on the IC chip of the corresponding network expansion smart card 600. Request 505 to be issued later (820).

When the smart card application to be post-issued from the smart card terminal 605 to the network extended smart card 600 is transmitted as described above, the card management program and / or operation of an open network expansion platform mounted on the network extended smart card 600. The system checks whether the corresponding smart card application can be post-issued to the smart card application area 505 on the IC chip by referring to the memory map or file allocation table 510 (825).

According to (a) of FIG. 8, the host application of the smart card terminal 605 is a card management program and / or operation that is mounted on at least one or more of the open network expansion platform 500 as shown in FIG. Check the free space of the smart card application area 505 on the IC chip to which the smart card application is to be post-issued by the corresponding smart card through the system, and the smart card application area 505 on the IC chip of the smart card. It is possible to check whether to issue a post-issuance or post-issuance to the smart card application area 625 on the network.

For example, in addition to the smart card application area 505 on the IC chip of the network expansion smart card 600, the size of the free space of the smart card application that can be post-issued is 200 bytes. If larger than 200 bytes, the smart card application cannot be post-issued to the smart card application area 505 on the IC chip. [Determine post-issuance area based on the free space on the IC chip.]

Also, for example, when the card management program and / or operating system of the network extended smart card 600 includes a smart card application post-issuance policy, the host application of the smart card terminal 605 may be post-issuance of the smart card application. Based on the policy, it is possible to determine whether to issue the smart card application to be post-issued to the smart card application area 505 on the IC chip or to the smart card application area 625 on the network. [Smart card issuer decides post-issuance area based on smart card post-issuance policy mounted on smart card]

If the current smart card application to be post-issued through the above process can be post-issued to the smart card application area 505 on the IC chip of the network expansion smart card 600 (830), smart card terminal 605 The host application 610 of the post-issuance smart card application in the smart card application area 505 on the IC chip of the network expansion smart card 600 through the same process as the existing smart card application post-issuance process (835), and the corresponding The card management program and / or operating system of the network expandable smart card 600 stores the smart card application information for the smart card application post-issued into the smart card application area 505 on the IC chip as described above. (510) and smart card application post-issuance success results The card is sent to the card terminal 605 (845).

On the other hand, if the current smart card application to be post-issued cannot be post-issued to the smart card application area 505 on the IC chip of the network extended smart card 600 (850), the open network mounted on the network extended smart card 600 The card management program and / or operating system of the expansion platform 500 may refer to the remote memory map or remote file allocation table 515 to determine whether the smart card application can be post-issued to the smart card application area 625 on the network. Check (855).

If the smart card application cannot be post-issued to the smart card application area 625 on the network in step 860, the card management program of the open network expansion platform 500 mounted on the network expansion smart card 600 and And / or the operating system transmits the post-issuance failure result to the smart card terminal 605 and terminates the smart card application post-issuance process (865).

On the other hand, it is confirmed that the card management program and / or operating system of the open network expansion platform 500 mounted in the network expansion smart card 600 may post-issue the smart card application to the smart card application area 625 on the network. On the lower surface 870, the card management program and / or operating system of the open network expansion platform 500 generates the network post-issuance information for post-issuing the smart card application to the smart card area 625 on the network. It transmits to the card terminal 605 (875).

The network post-issuance information is information for accessing the smart card application area 625 on the network for the network extended smart card 600 mounted in the network extended smart card server 620 to post-issue the smart card application. Among the network extended smart card server 620 address information, the smart card application area information for the network extended smart card 600 assigned to the network extended smart card server 620, and the smart card application area 625 on the network. The smart card application includes location information, etc. to be issued later.

The network extended smart card server 620 address information of the network post-issuance information is information that a remote application of the smart card terminal 605 can access the network extended smart card server 620 through the network, and the smart card terminal 605 If the network connecting the network extension smart card server 620 to the wired or wireless Internet, the network extension smart card server 620 address is included in the form of IPv4 and / or IPv6.

The smart card application area information 625 on the network of the network post-issuance information is the network extended smart managed by the remote memory map or the remote file allocation table 515 of the open network expansion platform 500 of the corresponding network extended smart card 600. The area information on the card server 620 is included in the form of a directory name of the network extended smart card server 620 and / or a virtual device name corresponding to the network extended smart card 600.

Smart card application of network post-issuance information Post-issuance location information is location information where the smart card application is actually post-issued and stored in the smart card application area 625 on the network, and memory and / or storage space where the smart card application is actually stored. And information corresponding to the logical format of Table 1 and / or the logical structure of Table 3 for the smart card application.

When the network post-issuance information is transmitted from the network extended smart card 600 through the above process, the host application 610 may transmit the network post-issuance information and post-issuance server 640 transferred from the network extended smart card 600. The smart card application acquired from the D / B 645 is shared and transmitted to the remote application 615 mounted in the smart card terminal 605 so that it can be post-issued to the smart card application area 625 on the network (880). ).

When the network post-issuance information and the smart card application obtained from the D / B 645 of the post-issuance server 640 are transferred to the remote application 615 as described above, the smart card terminal The remote application 615 of 605 accesses the smart card application area 625 on the network based on the network post-issuance information and post-issues the corresponding smart card application (885).

According to the present invention, the process of post-issuing the smart card application to the smart card application area 625 on the network as described above may include the NCAD 630 of the remote application 615 mounted on the network expandable smart card server 620 through the network. Except for accessing the smart card application area 625 on the network, the host application 610 post-smarts the smart card application to the smart card application area 505 on the IC chip via CAD. Same as post-issuance process.

When the smart card application is post-issued to the smart card application area 625 on the network through the above process, the remote application 615 of the smart card terminal 605 is the NCAD 630 of the network expandable smart card server 620. The smart card application post-issuance result is extracted to the smart card application area 625 on the network through the above, and the extracted smart card application post-issuance result is transferred to the network extended smart card through the APDU (890). .

The card management program and / or operating system of the smart card that has received the post-issuance result for the smart card application that is post-issued from the remote application 615 of the smart card terminal 605 to the smart card application area 625 on the network may By recording the smart card application post-issuance results in the remote memory map or remote file allocation table (515) (895), it allows to control and manage access to the post-issuance smart card applications in the network extended smart card application area (625). As described above, the post-issuance information for the smart card application that is post-issued to the smart card application area 625 on the network has been successfully recorded in the remote memory map or the remote file allocation table 515 of the network extended smart card 600. Send to smart card terminal 605.

8B illustrates a smart card application area 625 of a smart card terminal 605 that refers to a card management program and / or operating system of an open network expansion platform 500 by a subject that determines post-issuance. Host application 610, the post-issuance smart card application is a post-issuance server 640 through the smart card terminal 605 to the post-issuance to the smart card application area 625 on the network.

According to the present embodiment, (b) of FIG. 8 shows that the smart card terminal 605 checks the validity of the network extended smart card 600 and the network extended type from the D / B 645 of the post-issuance server 640. Acquiring a smart card application to be post-issued with the smart card 600 and requesting post-issuance to the smart card application area 505 on the IC chip of the network extended smart card 600 is the same as in FIG. If the smart card application can be post-issued to the smart card application area 505 on the IC chip of the network extended smart card 600, the smart card application is transferred to the smart card application area 505 on the IC chip. The process of post-issuance is also the same. [The left part of the flow chart is the same as (A) in Figure 8.]

However, (b) of FIG. 8 corresponds to a step in which the host application 610 of the smart card terminal 605 requests post-issuance to the smart card application area 505 on the IC chip of the network extended smart card 600. If the smart card application cannot be post-issued to the smart card application area 505 on the IC chip (845), the network post-issuance information is directly generated and transmitted to the smart card terminal 605 as shown in FIG. Instead, the card management program and / or operating system of the open network expansion platform 500 mounted on the network expansion smart card 600 is the smart card terminal 605 to the smart card application area 505 on the IC chip. In step 850, the post-issue failure result for the smart card application is delivered.

When the result of the smart card application post-issuance failure for the smart card application area 505 on the IC chip is transmitted from the network extended smart card 600 through the above process, the host application 610 of the smart card terminal 605 The network extension smart card 600 requests network post-issuance information for post issuing the smart card application to the smart card application area 625 on the network (855).

When the network post-issuance information is requested from the smart card terminal 605 to the network extended smart card 600 through the above process, the card management of the open network expansion platform 500 mounted on the network extended smart card 600 is performed. The program and / or operating system generates network post-issuance information for post-issuing the smart card application to the smart card area 625 on the network and transmits it to the smart card terminal 605 (860).

The network post-issuance information may access the smart card application area 625 on the network for the network extended smart card 600 mounted in the network extended smart card server 620 as described above to post-issue the smart card application. The information may include: network extended smart card server 620 address information, smart card application area information for network extended smart card 600 assigned to network extended smart card server 620, and smart card application on the network. In the area 625, the smart card application includes location information, etc., to be post-issued.

The network extended smart card server 620 address information of the network post-issuance information is information that the remote application 615 of the smart card terminal 605 can access the network extended smart card server 620 through the network, and the smart card application The zone information is the zone information on the network extended smart card server 620 managed by the remote memory map or the remote file allocation table 515 of the open network expansion platform 500 of the network extended smart card 600, and the smart card application. Post-issuance location information is location information where a smart card application is actually post-issued and stored in the smart card application area 625 on the network.

When the network post-issuance information is transmitted from the network extended smart card 600 through the above process, the host application 610 may transmit the network post-issuance information and post-issuance server 640 transferred from the network extended smart card 600. The smart card application acquired from the D / B 645 is shared and transferred to the remote application 615 mounted in the smart card terminal 605 so as to be post-issued to the smart card application area 625 on the network (865). ).

When the network post-issuance information and the smart card application obtained from the D / B 645 of the post-issuance server 640 are transferred to the remote application 615 as described above, the remote application ( 615 is connected to the network expansion smart card server 620 based on the network post-issuance information, and is assigned to the network expansion smart card 600 in the network expansion smart card server 620 through the NCAD (630) By accessing the smart card application area 625 on the network, it is checked whether the smart card application can be post-issued to the smart card application area 625 on the network (870).

For example, in addition to the smart card application area 625 on the network mounted in the network expandable smart card server 620, the size of the smart card application to be post-issued is 2 MB in size. Is less than 2 MB, the smart card application may be post-issued to the smart card application area 625 on the network.

If the smart card application cannot be post-issued to the smart card application area 625 on the network in step 875, the remote application 615 of the smart card terminal 605 may be post-issued for the smart card application. To exit.

On the other hand, if the smart card application can be post-issued to the smart card application area 625 on the network (880), the remote application 615 of the smart card terminal 605 is smart on the network based on the network post-issuance information. The smart card application is post-issued to the card application area 625 (885).

When the smart card application is post-issued to the smart card application area 625 on the network through the above process, the remote application 615 of the smart card terminal 605 is the NCAD 630 of the network expandable smart card server 620. Extract the post-issuance result of the smart card application post-issued to the smart card application area 625 on the network, and transfer the extracted smart card application post-issuance result to the network extended smart card 600 through the APDU. (890).

The card management program and / or operating system of the smart card that has received the post-issuance result for the smart card application that is post-issued from the remote application 615 of the smart card terminal 605 to the smart card application area 625 on the network may By recording the results of the smart card application post-issuance in the remote memory map or the remote file allocation table 515, it is possible to control and manage the access to the smart card application post-issued in the network extended smart card application area 625. The smart card terminal indicates that the post-issuance information for the smart card application, which is post-issued to the smart card application area 625 on the network, is successfully recorded in the remote memory map or the remote file allocation table 515 of the network-expanded smart card 600. And transmits to 605 (895).

8C shows a host application 610 of the smart card terminal 605 that includes a post-issuance policy for the smart card application to be post-issued by a subject that determines post-issuance to the smart card application area 625 on the network. ), And the post-issuance smart card application is post-issued from the post-issuance server 640 to the smart card application area 625 on the network via the smart card terminal 605.

According to the present embodiment, the smart card application area 625 where the smart card application is actually post-issued in FIG. 8C is before the smart card application is transferred from the D / B 645 of the post-issuance server 640. Or later determined automatically by a post-issuance policy included in the smart card terminal 605 or before the smart card application is delivered from the D / B 645 of the post-issuance server 640. The smart card user and / or before selecting a smart card terminal 605 operator or the like, or post-issuing the smart card application received from the post-issuance server 640 to the smart card application area 625 on the IC chip and / or network. The smart card terminal 605 is determined manually by the operator or the like. That is, the open network expansion platform 500 mounted on the network expansion smart card 600 is not involved in determining the smart card application area 625 in which the smart card application is post-issued.

The smart card terminal 605 checks the validity of the network extended smart card 600 (805), and the smart to be post-issued from the D / B 645 of the post-issuance server 640 to the network extended smart card 600. When the card application is selected (810), the host application 610 of the smart card terminal 605 is connected to the post-issuance server 640 to download the smart card application stored in the D / B (645) [transmission subject: smart card Terminal 605-Pull Technology] to transfer the full technology (Pull Technology) or post-issuance server 640 to the smart card terminal 605 to extract the smart card application stored in the D / B (645) ( 830) A smart card application to be post-issued from the post-issuance server 640 to the smart card terminal 605 by using a push technology such as a transfer [transmission subject: post-issuance server 640-push technology]. Pass 815.

When the smart card application to be post-issued is delivered to the smart card terminal 605 as described above, the smart card terminal 605 may include the smart card application post-issuance policy or the smart card user and / or included in the smart card terminal 605. Alternatively, the smart card application area 625 is determined by the operator of the smart card terminal 605 or the like, in which the smart card application is to be post-issued (820). Can be decided before]

If the smart card terminal 605 decides to post-issue the smart card application to the smart card application area on the network (825), the host application 615 of the smart card terminal 605 is the network extended smart card 600 Request the network post-issuance information for the smart card application to be post-issued, and the card management program and / or operating system of the open network expansion platform 500 mounted on the network extended smart card 600 may execute the smart card application. The network post-issuance information for the smart card application is extracted through the process of generating network post-issuance information that can be post-issued to the smart card area 625 on the network and transmitting it to the smart card terminal 605 (830).

The network post-issuance information may access the smart card application area 625 on the network for the network extended smart card 600 mounted in the network extended smart card server 620 as described above to post-issue the smart card application. The information may include: network extended smart card server 620 address information, smart card application area information for network extended smart card 600 assigned to network extended smart card server 620, and smart card application on the network. In the area 625, the smart card application includes location information, etc., to be post-issued.

The network extended smart card server 620 address information of the network post-issuance information is information that the remote application 615 of the smart card terminal 605 can access the network extended smart card server 620 through the network, and the smart card application The zone information is the zone information on the network extended smart card server 620 managed by the remote memory map or the remote file allocation table 515 of the open network expansion platform 500 of the network extended smart card 600, and the smart card application. Post-issuance location information is location information where a smart card application is actually post-issued and stored in the smart card application area 625 on the network.

When the network post-issuance information is transmitted from the network extended smart card 600 through the above process, the host application 610 may transmit the network post-issuance information and post-issuance server 640 transferred from the network extended smart card 600. The smart card application acquired from the D / B 645 is shared and transmitted to the remote application 615 mounted in the smart card terminal 605 to be post-issued to the smart card application area 625 on the network (835). ).

When the network post-issuance information and the smart card application obtained from the D / B 645 of the post-issuance server 640 are transferred to the remote application 615 as described above, the smart card terminal The remote application 615 of 605 accesses the smart card application area 625 on the network based on the network post-issuance information and post-issues the smart card application 840.

When the smart card application is post-issued to the smart card application area 625 on the network through the above process, the remote application 615 of the smart card terminal 605 is the NCAD 630 of the network expandable smart card server 620. Extracts the post-issuance result of the smart card application post-issued to the smart card application area 625 on the network, and transfers the extracted smart card application post-issuance result to the network extended smart card 600 through the APDU. (845).

The card management program and / or operating system of the smart card that has received the post-issuance result for the smart card application that is post-issued from the remote application 615 of the smart card terminal 605 to the smart card application area 625 on the network may By recording the smart card application post-issuance results in the remote memory map or remote file allocation table 515 (850), it allows to control and manage access to the post-issuance smart card applications in the network extended smart card application area 625. As described above, the post-issuance information for the smart card application that is post-issued to the smart card application area 625 on the network has been successfully recorded in the remote memory map or the remote file allocation table 515 of the network extended smart card 600. The smart card terminal 605 transmits the data to the smart card terminal 605.

On the other hand, in the step of determining a smart card application area for post-issuing the smart card application transferred from the D / B 645 of the post-issuance server 640, the smart card application is placed on the IC chip of the network expansion smart card. If it is determined to issue (860), the smart card terminal 605 is to post the smart card application to the smart card application area 505 on the IC chip of the network extended smart card 600, as in the existing smart card application post-issuance process. In order to issue, the smart card application transmitted as described above is transmitted to the network extended smart card 600, and the post-issuance is requested to the smart card application area 505 on the IC chip of the network extended smart card 600 (865). ).

When the smart card application to be post-issued from the smart card terminal 605 to the network expansion smart card 600 is transmitted as described above, the card management program of the open network expansion platform 500 mounted on the network expansion smart card 600 and The operating system checks whether the smart card application can be post-issued to the smart card application area 505 on the IC chip by referring to the memory map or file allocation table 510 (870).

If the current smart card application to be post-issued through the above process can be post-issued to the smart card application area 505 on the IC chip of the network extended smart card 600 (875), the network extended smart card 600 The open network expansion platform (500) mounted on the backplane post-smart smart card application to the smart card application area (505) on the IC chip of the network expandable smart card (600) through the same process as the existing smart card application post-issuance process. (880), the smart card application information for the smart card application post-issued to the smart card application area on the IC chip as described above is recorded in the memory map or file allocation table (885), and the smart card application post-issuance success result is smart. Transmit to card terminal 605.

On the other hand, if the smart card application cannot be post-issued to the smart card application area on the IC chip of the network expandable smart card (890), the open network expansion platform mounted on the network expandable smart card may fail the post-issue failure of the smart card application. The method transmits to the smart card terminal 605 (895).

8D shows a host application 615 of the smart card terminal 605 that includes a post-issuance policy for the smart card application to be post-issued by a subject that determines post-issuance to the smart card application area 625 on the network. ), And the post-issuance smart card application is post-issued from the post-issuance server 640 directly to the smart card application area 625 on the network.

According to the present embodiment, the smart card application area 625 in which the smart card application is actually post-issued in FIG. 8D is before the smart card application is transferred from the D / B 645 of the post-issuance server 640. Or later determined automatically by a post-issuance policy included in the smart card terminal 605 or before the smart card application is delivered from the D / B 645 of the post-issuance server 640. The smart card user and / or before selecting a smart card terminal 605 operator or the like, or post-issuing the smart card application received from the post-issuance server 640 to the smart card application area 625 on the IC chip and / or network. The smart card terminal 605 is determined manually by the operator or the like. That is, the open network expansion platform 500 mounted on the network expansion smart card 600 is not involved in determining the smart card application area in which the smart card application is post-issued.

The smart card terminal 605 checks the validity of the network extended smart card (805), and the smart card application to be post-issued from the D / B 645 of the post-issuance server 640 to the network extended smart card 600 is provided. When selected (810), the smart card terminal 605 corresponds to the smart card application post-issuance policy included in the smart card terminal 605 or by selection of the smart card user and / or smart card terminal 605 operator. The smart card application determines a smart card application area to be post-issued (815).

In the step of determining a smart card application area for post-issuing the smart card application delivered from the D / B 645 of the post-issuance server 640, the smart card application is placed on the IC chip of the network extended smart card 600. If it is decided to post-issue the network card 820, the smart card terminal 605 performs the same process as the process of post-issuing the smart card application to the smart card application area 505 on the IC chip in FIG. Post-issuance to the smart card application area 505 on the IC chip of the extended smart card 600 (820 to 850 in Fig. 8D).

On the other hand, if the smart card terminal 605 decides to post-issue the smart card application to the smart card application area 625 on the network (855), the host application 610 of the smart card terminal 605 is a network extended smart card. Request the network post-issuance information for the smart card application to be post-issued to 600, the card management program and / or operating system of the open network expansion platform 500 mounted on the network extended smart card 600 is the smart Network post-issuance information for the smart card application is extracted by generating network post-issuance information for post-issuance of the card application to the smart card area 625 on the network and transmitting it to the smart card terminal 605 ( 860).

When the network post-issuance information is transmitted from the network extended smart card 600 through the above process, the host application 610 may transmit the network post-issuance information and post-issuance server 640 transferred from the network extended smart card 600. The smart card application acquired from the D / B 645 is shared and transmitted to the remote application 615 mounted in the smart card terminal 605 so as to be post-issued to the smart card application area 625 on the network (865). ).

When the network post-issuance information and the smart card application obtained from the D / B 645 of the post-issuance server 640 are transferred to the remote application 615 as described above, the smart card terminal The remote application 615 of 605 transmits the network post-issuance information and the smart card application selection information to be post-issued to the post-issuance server 640, through the network post-issuance information and the smart card application selection information. The post-issuance server 640 extracts the smart card application from the D / B 645, and requests the post-issuance of the smart card application to the smart card application area 625 on the network based on the network post-issuance information (875). ).

The network post-issuance information may access the smart card application area 625 on the network for the network extended smart card 600 mounted in the network extended smart card server 620 as described above to post-issue the smart card application. The information may include: network extended smart card server 620 address information, smart card application area information for network extended smart card 600 assigned to network extended smart card server 620, and smart card application on the network. In the area 625, the smart card application includes location information to be issued later.

The network extended smart card server 620 address information of the network post-issuance information is information that the remote application 615 of the smart card terminal 605 can access the network extended smart card server 620 through the network, and the smart card application The zone information is the zone information on the network extended smart card server 620 managed by the remote memory map or the remote file allocation table 515 of the open network expansion platform 500 of the network extended smart card 600, and the smart card application. Post-issuance location information is location information where a smart card application is actually post-issued and stored in the smart card application area 625 on the network.

Therefore, the post-issuance server 640 uses the smart card application extracted from the D / B 645 based on the network post-issuance information to the smart card application area 625 on the network assigned to the corresponding network extended smart card 600. Post-issuance directly to (880).

If the post-issuance server 640 directly post-issues the smart card application to the smart card application area 625 on the network through the above process, the post-issuance server 640 is a remote application of the smart card terminal 605 ( In operation 885, the smart card application post-issuance result, which is post-issued to the smart card application area 625 on the network, is transmitted to the network extended smart card.

The card management program and / or operating system of the smart card that has received the post-issuance result for the smart card application that is post-issued from the remote application 615 of the smart card terminal 605 to the smart card application area 625 on the network may By recording the results of the smart card application post-issuance in the remote memory map or remote file allocation table 515 (890), it allows to control and manage access to the smart card application post-issued in the network extended smart card application area 625. As described above, the post-issuance information for the smart card application that is post-issued to the smart card application area 625 on the network has been successfully recorded in the remote memory map or the remote file allocation table 515 of the network extended smart card 600. The method transmits to the smart card terminal 605 (895).

9 is a simplified diagram of a process for the smart card terminal 605 to extract smart card application information and / or data from a smart card application (or data) mounted on an IC chip of a network extended smart card or a smart card application area on a network. It is a flow chart.

According to the present invention, the process of extracting the smart card application information or data from the smart card application (or data) mounted on the IC chip of the network extended smart card 600 or the smart card application area on the network is a smart card application area on the network. A subject of a first step of determining to extract smart card application information and / or data from a smart card application (or data) mounted at 625, a second step of accessing a smart card application area 625 on the network; Various smart card service methods may occur according to a communication path used in the third step in which the smart card application information and / or data extracted from the smart card application (or data) mounted in the smart card application area is transmitted.

According to the present embodiment, the subject of the first step of determining to extract smart card application information and / or data from the smart card application (or data) mounted in the smart card application area 625 on the network is

1) a card management program and / or operating system of the open network expansion platform 500 mounted on the network expansion smart card 600,

2) a host application of the smart card terminal 605 that references the card management program and / or operating system of the open network expansion platform 500,

3) a host application of the smart card terminal 605 including an access policy for smart card application information and / or data, and the like.

A second step of accessing the smart card application area 625 on the network, and the smart card application information and / or data extracted from the smart card application (or data) mounted in the smart card application area 625. The communication path used in step 3 is

1) a path transmitted from the smart card application area 625 on the network to the smart card terminal 605 through the network,

2) The network extended smart card application area 625 is transmitted to the network extended smart card 600 via the smart card terminal 605 and then transmitted back to the smart card terminal 605 through the APDU like the existing smart card. Route [network application area-> smart card terminal-> smart card terminal-> smart card terminal].

Figure 9 of the present embodiment relates to a representative method among the various smart card service process as described above, in the present invention, the smart card application (or data) mounted on the smart chip application area on the IC chip or network of the network expansion smart card 600 The process of providing smart card service by extracting smart card application information and / or data is not limited to the following flowchart and description.

The present invention proposes to access a smart card application mounted on an IC chip of the network expandable smart card 600 and / or a smart card application area on a network, and to extract smart card application information and / or data from the smart card application. The physical smart card that provides the function of the network extended smart card 600 is linked with the smart card terminal 605 through the CAD (900).

When a network expandable smart card is interlocked with a smart card terminal 605 through a CAD, the host application of the smart card terminal 605 may use various methods proposed by smart card regulations such as ISO-7816, such as entering a personal identification number (PIN). Smart card validation is performed to verify the confidentiality, authentication, integrity, and nonrepudiation of the smart card.

If the validation of the smart card fails in the above process, the host application 615 of the smart card terminal 605 outputs an error message and terminates the smart card service.

On the other hand, if the validity authentication for the smart card is successful in the above process, the host application 610 of the smart card terminal 605 selects a smart card service to be provided through the network extended smart card 600 from a variety of smart card services Or, the smart card service which is basically set to be provided by the smart card terminal 605 is selected (905).

When the smart card service is selected through the above process, the network extended smart card system accesses the smart card application area and extracts the smart card application information and / or data, and the smart card application area 625 on the network. Depending on the subject that decides to extract smart card application information and / or data from the onboard smart card application (or data), the smart card service process may be performed through the IC chip of the network extended smart card 600 or the smart card application area on the network. Explain.

9A is a subject that determines to extract smart card application information and / or data from the smart card application mounted in the smart card application area 625 on the network. It is a card management program and / or operating system of the expansion platform 500, and the smart card application information and / or data is for direct transmission from the smart card application area 625 on the network to the smart card terminal 605.

As described above, when the smart card service for the network extended smart card 600 is selected in the smart card terminal 605, the host application 610 of the smart card terminal 605 is the APDU like the existing smart card service. The smart card application information and / or data corresponding to the selected smart card service is requested to the network extended smart card 600 through 910.

The card management program and / or operating system of the network extended smart card 600 includes a smart card application information and / or data requested from the smart card terminal 605 via a memory map or file allocation table 510. The smart card application area in which the card application is stored is checked (915).

If the smart card application (or data) is stored in the smart card application area 505 on the IC chip like the existing smart card, the card management program and / or operating system are included in the memory map or file allocation table 510. Based on the smart card application (or data) information, the smart card application is extracted from the smart card application area 505 on the IC chip (920), and the smart card application information and / or data is extracted through the APDU. After processing in a form that can be transmitted to 605 (925), the processed smart card application information and / or data is transmitted to the smart card terminal 605 through the APDU (930).

As described above, when smart card application information and / or data capable of providing the selected smart card service to the smart card terminal 605 is transmitted, the smart card terminal 605 may include ISO-7816 or ISO-14443. All types of chip-based financial transactions regulations, including SEED and T-DES, including all types of smart card regulations, Europay-Master-VISA (EMV), Common Electric Purse Specification (CEPS), or Infrared Financial Messaging (IrFM). , Cryptographic rules of any kind, including hash, digital signature, or public key infrastructure (PKI) such as Rivest-Shamir-Adelman (RSA) and Elliptic Curve Crypto (ECC). The smart card service is provided in compliance with at least one or more rules and methods among all types of smart card service providing methods provided to the card (935).

On the other hand, if the smart card application is not stored in the smart card application area 505 on the IC chip (940), the card management program and / or operating system as shown in Figure 5 open network expansion platform 500 of the present invention The remote memory map or the remote file allocation table 515 mounted in the check whether the smart card application is mounted in the smart card application area 625 on the network (945).

In the above process, the card management program and / or the operating system mounted on the network expandable smart card 600 controls access to the smart card application area 625 on the network, and manages the smart card application area 625 on the network. The remote memory map or the remote file allocation table 515 is characterized in that made. That is, even though it is confirmed through the card management program and / or operating system installed in the network expandable smart card 600 that the smart card application is mounted in the smart card application area 625 on the network, the smart card terminal 605 And smart card application information and / or data from the smart card application area 625 on the network due to a network problem connecting the network expandable smart card server 620 equipped with the smart card application area 625 on the network. The extraction process may be stopped.

If the card management program and / or the operating system mounted on the network extended smart card as described above cannot determine that the network extended smart card 600 is mounted in the smart card application area 625 on the network (950), The card management program and / or operating system transmits a smart card application information and / or data extraction failure message to the smart card terminal 605 through an APDU, and the smart card terminal 605 outputs the failure message and the smart card. The service ends (955).

On the other hand, if the card management program and / or the operating system mounted on the network extended smart card 600 determines that the network extended smart card 600 is mounted in the smart card application area 625 on the network, the card management program and And / or the operating system is the same as network access information (network post-issuance information in the post-issuance process) that may extract the smart card application from the smart card application area 625 on the network. However, because the service is different, the name is different.] (960).

The network access information may extract smart card application information and / or data by accessing the smart card application area 625 on the network for the network extended smart card 600 mounted in the network extended smart card server 620. As information, smart card application area information for the network extended smart card server 620 address information, network extended smart card 600 assigned to the network extended smart card server 620, and a smart card application area on the network ( 625) logical location information in which the smart card application to be extracted is stored.

The network extended smart card server 620 address information of the network access information is information that the remote application 615 of the smart card terminal 605 can access the network extended smart card server 620 through a network. If the network connecting the network extension smart card server 620 and 605 is a wired or wireless Internet, the network extension smart card server 620 address is included in the form of IPv4 and / or IPv6.

The smart card application area information on the network of the network access information is the network extended smart card server 620 managed by the remote memory map or the remote file allocation table 515 of the open network expansion platform 500 of the corresponding network extended smart card 600. It is included in the form of a directory name of the network extended smart card server 620 and / or a virtual device name corresponding to the network extended smart card 600.

The logical location information of the smart card application of the network access information is logical location information on the location where the smart card application that is actually accessed in the smart card application area 625 on the network is stored. And / or an address for a storage space and information corresponding to a logical format of the form shown in Table 1 and / or a logical structure as shown in Table 3 with respect to the smart card application.

As described above, a card management program and / or an operating system mounted on a smart card may access a smart card application mounted on a smart card application area 625 on a network to extract smart card application information and / or data. When the information is generated, the generated network access information is transmitted to the smart card terminal 605 through an APDU (965), and the host application 615 of the smart card terminal 605 sends the network access information to the smart card on the network. [0109] [Network post-issuance information + smart card application] is delivered to the remote application 615 accessing the application area 625. [Network post-issuance information + smart card application] is transferred to the remote application in the post-issuance phase, or the network extension type is directly performed at the post-issuance server 640. When sending a smart card application to the smart card server 620 Include, but only after issuing the network information transfer, since the smart card service will step of extracting information and data from a smart card application, rather than after the issuance of smart card applications, is only to pass only network access information.

The remote application 615 is an application mounted on the smart card to access the smart card application area 625 on the network through the network, and the card management program and / or operation mounted on the network extended smart card 600 as described above. When the network access information is extracted from the system to the remote application 615 through the smart card terminal 605, the remote application 615 is configured to perform a network on which the smart card application area 625 on the network is mounted based on the network access information. Check whether the extended smart card server 620 is accessible.

According to the present invention, the network expansion smart card server 620 on which the smart card terminal 605 and the smart card application area 625 on the network are mounted is connected via a network, and the smart card terminal 605 and the network extension type are provided. The connection between the smart card server 620 is dependent on the network. For example, if the smart card terminal 605 and the network extended smart card server 620 are connected through the wired or wireless Internet, the remote application 615 may use the network extended smart card server 620 through the wired and wireless internet and a corresponding protocol. If the smart card terminal 605 and the network scalable smart card server 620 are connected through a private network such as a VAN, the remote application 615 can access the network extended smart card server through the VAN and its corresponding protocol. Approach approach 620.

If the remote application 615 of the smart card terminal 605 cannot access the network extended smart card server 620 in which the smart card application area 625 is mounted on the network (970). The remote application 615 of 605 outputs a message that it cannot access the smart card application area 625 on the network and terminates the smart card service (975).

On the other hand, if the remote application 615 of the smart card terminal 605 can access the network extended smart card server 620 that is equipped with the smart card application area 625 on the network, the remote application of the smart card terminal 605 The access point 615 accesses the smart card application stored in the smart card application area 625 on the network through the NCAD 630 of the network expansion smart card server 620 based on the network access information (980).

As described above, when the remote application 615 of the smart card terminal 605 approaches the smart card application stored in the smart card application area 625 on the network through the NCAD 630, the remote application 615 receives the NCAD ( In operation 630, the smart card application information and / or data included in the smart card application is extracted.

According to the present invention, the process may be performed by the host application 610 of the smart card terminal 605 to extract the smart card application information and / or data from the smart card application area 505 on the IC chip through CAD, The remote application 615 of the card terminal 605 receives the smart card application information and / or data from the smart card application area 625 on the network via the NCAD 630 mounted on the network and the network scalable smart card server 620. Corresponds to the extraction process.

If the remote application 615 of the smart card terminal 605 extracts smart card application information and / or data from the smart card application area 625 on the network, the remote application may extract the smart card application information and / or extracted as described above. Or transmits data to the host application 615 of the smart card terminal 605 (990).

According to the present invention, the host application 615 extracts smart card application information and / or data from the smart card application area 505 on the IC chip via CAD, and the remote application 615 uses the network and the network extended smart card. Extracting the smart card application information and / or data from the smart card application area 625 on the network through the NCAD 630 mounted on the server 620 to the host application 610, the smart card terminal 605 Is considered to be the same from the host application 610 point of view.

Therefore, when smart card application information and / or data capable of providing the selected smart card service from the smart card application area 625 on the network are transmitted through the above process, the smart card terminal 605 is ISO-7816. All types of smart card regulations, including ISO-14443, ISO-14443, and all kinds of chip-based finance, including Europay-Master-VISA (EMV), Common Electric Purse Specification (CEPS), or Infrared Financial Messaging (IrFM). Including trade rules, SEED, T-DES, hash, digital signature, or public key infrastructure (PKI) such as Rivest-Shamir-Adelman (RSA) and Elliptic Curve Crypto (ECC). Comply with all types of encryption regulations and at least one of the methods and methods of providing all types of smart card services for smart cards. It provides bus.

In FIG. 9, (b) is a subject that determines to extract smart card application information and / or data from the smart card application mounted in the smart card application area 625 on the network, the access policy for the smart card application information and / or data. It is the host application 610 of the smart card terminal 605, and the smart card application information and / or data is for direct transmission from the smart card application area 625 on the network to the smart card terminal 605.

As described above, when a smart card service targeting the network extended smart card 600 is selected in the smart card terminal 605 (905), the host application 610 of the smart card terminal 605 is the smart card application. The stored smart card application area is checked (910).

According to the present invention, the smart card terminal 605 may know the smart card application area in which the smart card application providing the smart card service selected as described above is stored according to the smart card service policy. For example, a smart card issuing agency may policing a financial card-related smart card application into a smart card application area 505 on a more secure and reliable IC chip, and provide smart card services related to royalty / coupon / ticket / gift certificate / reservation. Is installed in the smart card application area 625 on the easily expandable network, the smart card terminal 605 is equipped with a smart card application that is equipped with a smart card application that provides the currently selected smart card service according to the smart card service policy as described above. You can check the card application area.

If the smart card terminal 605 confirms that the smart card application providing the selected smart card service is mounted in the smart card application area 505 on the IC chip through the above process, the host application of the smart card terminal 605 In operation 915, the smart card application information and / or data corresponding to the selected smart card service is requested through the APDU as the existing smart card service through the APDU (915).

The card management program and / or operating system of the network extended smart card 600 includes a smart card application information and / or data requested from the smart card terminal 605 via a memory map or file allocation table 510. A smart card application validity authentication is performed to determine whether the card application is actually stored in the smart card application area 505 on the IC chip (920).

If the smart card application validity for the smart card application area 505 on the IC chip is authenticated, the card management program and / or operating system is based on the smart card application information contained in the memory map or file allocation table 510. After extracting the smart card application from the smart card application area 505 on the IC chip (925) and processing the smart card application information and / or data to the smart card terminal 605 through the APDU (930) In step 935, the processed smart card application information and / or data is transmitted to the smart card terminal 605 through an APDU.

As described above, when smart card application information and / or data capable of providing the selected smart card service to the smart card terminal 605 is transmitted, the smart card terminal 605 may include ISO-7816 or ISO-14443. All types of chip-based financial transactions regulations, including SEED and T-DES, including all types of smart card regulations, Europay-Master-VISA (EMV), Common Electric Purse Specification (CEPS), or Infrared Financial Messaging (IrFM). , Cryptographic rules of any kind, including hash, digital signature, or public key infrastructure (PKI) such as Rivest-Shamir-Adelman (RSA) and Elliptic Curve Crypto (ECC). The smart card service is provided in compliance with at least one or more rules and methods among all kinds of smart card service providing methods provided to the card (940).

On the other hand, if the smart card application validity for the smart card application area 505 on the IC chip is not authenticated in the above process, the card management program and / or operating system transmits error information to the smart card terminal 605, and the smart card terminal. 605 generates and outputs an error message corresponding to the error information, and terminates the smart card service.

However, in the step in which the smart card terminal 605 selects the smart card application area in which the smart card application corresponding to the smart card service is stored, the smart card application providing the selected smart card service is connected to the smart card application area 625 on the network. (945), the host application 610 of the smart card terminal 605 can access the smart card application mounted in the smart card application area 625 on the network with the corresponding network expandable smart card 600. The network access information is directly requested (950).

According to the present invention, information capable of accessing a network expandable smart card server 620 equipped with a smart card application area 625 on a network and a smart card application mounted in a smart card application area 625 on a network. Is included in the remote memory map or file allocation table 515 of the open network expansion platform 500 mounted on the network expansion smart card 600.

As described above, the smart card terminal 605 is a network expandable smart card and provides network access information for accessing the smart card application area 625 on the network and the smart card application included in the smart card application area 625. Upon request, the card management program and / or operating system mounted on the network expandable smart card 600 may refer to the remote memory map or remote file allocation table 515 to determine whether the smart card application is located on the smart card application area 625 on the network. Validation is performed on whether or not the server is actually mounted in operation 955.

If the validity authentication for the smart card application for the smart card application area 625 on the network is not confirmed as described above (960), the card management program and / or the operating system transmits error information to the smart card terminal 605. In operation 965, the smart card terminal 605 generates and outputs an error message corresponding to the error information, and terminates the smart card service.

On the other hand, if the card management program and / or operating system mounted on the network expandable smart card 600 has verified smart card application validation for the smart card application area 625 on the network, the card management program and / or operating system may Network access information for extracting the smart card application from the smart card application area 625 on the network is generated and transmitted to the host application 615 of the smart card terminal 605 through the APDU, and the host application 615 is connected to the network. The access information is shared and transmitted to the remote application (970).

The network access information may extract smart card application information and / or data by accessing the smart card application area 625 on the network for the network extended smart card 600 mounted in the network extended smart card server 620. As information, as described above, the network extension smart card server 620 address information, the network extension smart card, to which the remote application 615 of the smart card terminal 605 can access the network expansion smart card server 620 through the network. Smart card application area information, which is area information on the network extended smart card server 620 managed by the remote memory map or remote file allocation table 515 of the open network expansion platform 500 of 600, and the smart card on the network. Smart card to be extracted from the application area 625 It contains the logical location information where the application is stored.

When the network access information is extracted from the card management program and / or operating system mounted on the network extended smart card 600 to the remote application 615 through the smart card terminal 605 through the above process, the remote application 615 ) Checks whether it is accessible to the network extended smart card server 620 equipped with the smart card application area 625 on the network based on the network access information (975).

If the remote application 615 of the smart card terminal 605 cannot access the network extended smart card server 620 in which the smart card application area 625 is mounted on the network, the smart card terminal 605 may be used. The remote application 615 outputs a message that it cannot access the smart card application area 625 on the network and terminates the smart card service (980).

On the other hand, if the remote application 615 of the smart card terminal 605 can access the network extended smart card server 620 that is equipped with the smart card application area 625 on the network, the remote application of the smart card terminal 605 615 accesses the corresponding smart card application stored in the smart card application area 625 on the network through the NCAD 630 of the network expandable smart card server 620 based on the network access information (985).

As described above, when the remote application 615 of the smart card terminal 605 approaches the smart card application stored in the smart card application area 625 on the network through the NCAD 630, the remote application 615 receives the NCAD ( In operation 990, the smart card application information and / or data included in the smart card application is extracted.

According to the present invention, the process is a smart process for the host application 615 of the smart card terminal 605 to extract the smart card application information and / or data from the smart card application area 505 on the IC chip through the CAD, The remote application 615 of the card terminal 605 receives the smart card application information and / or data from the smart card application area 625 on the network via the NCAD 630 mounted on the network and the network scalable smart card server 620. Corresponds to the extraction process.

If the remote application 615 of the smart card terminal 605 extracts smart card application information and / or data from the smart card application area 625 on the network, the remote application 615 may extract the extracted smart card application as described above. The information and / or data is communicated to the host application 615 of the smart card terminal 605 (995).

According to the present invention, the host application 615 extracts smart card application information and / or data from the smart card application area 505 on the IC chip via CAD, and the remote application 615 uses the network and the network extended smart card. Extracting the smart card application information and / or data from the smart card application area 625 on the network through the NCAD 630 mounted on the server 620 to the host application 615, the smart card terminal 605 Is considered the same for the host application 615.

Therefore, when smart card application information and / or data capable of providing the selected smart card service from the smart card application area 625 on the network are transmitted through the above process, the smart card terminal 605 is ISO-7816. All types of smart card regulations, including ISO-14443, ISO-14443, and all kinds of chip-based finance, including Europay-Master-VISA (EMV), Common Electric Purse Specification (CEPS), or Infrared Financial Messaging (IrFM). Including trade rules, SEED, T-DES, hash, digital signature, or public key infrastructure (PKI) such as Rivest-Shamir-Adelman (RSA) and Elliptic Curve Crypto (ECC). Comply with all types of encryption regulations and at least one of the methods and methods of providing all types of smart card services for smart cards. It provides bus.

Hereinafter, a method for operating a network extended smart card and a network extended smart card using a network interworking platform of a network extended smart card, which is another embodiment of the present invention, will be described.

According to another embodiment of the present invention, a smart card (or IC card or IC chip) application area (or application storage memory space) in which an application (or data) for an IC card or the like is mounted is placed on a network (or wired or wireless communication network). It is provided with a smart card application area (or a virtual IC (Integrated Circuit) chip or application storage memory space) in the extended smart card server located in the virtual IC chip interworking information for interworking with the smart card application area in the extended smart card server. And / or a virtual IC chip on a network through a network expandable smart card and a network expandable smart card, characterized in that the network interworking platform including the virtual IC chip interworking information is interlocked with a smart card application area in the expandable smart card server. Provides smart card services through A network expandable smart card system consisting of a card terminal, a network expandable smart card server equipped with a virtual IC chip implemented in software, and a network expandable smart card and / or network expandable linked to a virtual IC chip on a network. How the smart card system works.

The operation method of the network extended smart card system of the present invention includes a virtual IC of a physical IC chip or a network extended smart card server in the process of accessing a smart card application area through a network interworking platform of the network extended smart card. The first step of determining the smart card application area to be accessed from the chip, if the smart card application area to be accessed by the smart card terminal is a virtual IC chip of the network expansion smart card server, referring to the network interworking platform of the network expansion smart card. Second step of accessing the virtual IC chip of the network expansion smart card server, and post-issuance and / or smart card application (or data) with the virtual IC chip of the network expansion smart card server with reference to the network interworking platform. It is a transmission or a third step of the extended network smart card loading a smart card application and / or the smart card application information and data to the smart card terminal from the IC chip of the virtual server (Load) and the like.

In the present invention, the network expandable smart card includes the functions and roles of the existing smart card in which the open smart card platform is mounted, and additionally accesses the virtual IC chip of the network expandable smart card server logically linked with the smart card. It is a smart card characterized in that the network interworking platform is mounted.

In the present invention, the network interworking platform includes the functions and roles of the open smart card platform mounted on the existing smart card as it is, and additionally accesses the network extended smart card server on the network accessible by the smart card terminal through the network. A network expansion smart card server accesses a virtual IC chip logically interlocked with a network expansion smart card equipped with a corresponding network interworking platform, and a smart card application (or data) mounted in a smart card application area on the virtual IC chip. It is an open smart card platform, characterized in that the virtual IC chip interworking information that can run and drive.

In addition, in the present invention, it is noted that the network interworking platform may be included in an existing open smart card platform or may be mounted in a simple application (or data) form.

In addition, in the present invention, the network interworking platform specifies that the virtual IC chip interworking information may be omitted when the information is independently mounted on the extended smart card. That is, in the present invention, the network interworking platform is only a tool for more clearly presenting the implementation of the present invention, and the present invention is implemented only by the virtual IC chip interworking information that supports access to the smart card application area in the extended smart card server without the network interworking platform. There is no unreasonableness.

In the present invention, the virtual IC chip interworking information is information for logically interworking a virtual IC chip implemented in software in a network expansion smart card server and a network expansion smart card according to the present invention, and a virtual IC chip of a network expansion smart card server. It works with the network expansion smart card to perform the function of the secondary smart card of the network expansion smart card equipped with the physical IC chip.

In addition, in the present invention, it is noted that the virtual IC chip interworking information may be included in the existing open smart card platform as well as the network interworking platform, or may be mounted in a simple application (or data) form.

In addition, the virtual IC chip interworking information in the present invention specifies that it can be implemented in a simple code form (or simple signal form) for the implementation of the present invention, in this case the virtual IC chip interworking information is a smart card terminal (or merchant) Terminal) provides only information that the smart card connected to the smart card terminal is associated with and / or interworked with the smart card application area (or virtual IC chip) in the network expansion smart card server as described above, or with the smart card terminal. Information that the connected smart card is associated with / or interworked with the smart card application area (or virtual IC chip) in the network extended smart card server as described above, and the smart card in the network extended smart card server linked with / or interworked with the smart card. Only access information to access the application area (or virtual IC chip) Bayida which stipulated that must be done by.

In addition, the virtual IC chip interworking information in the present invention, it is specified that can be provided from the network expansion smart card user (via input means, etc.) or from the wireless terminal of the network expansion smart card user owned.

In the present invention, the smart card terminal includes the functions and roles of the existing smart card terminal as it is, and additionally, based on the virtual IC chip interworking information extracted from the network extended smart card, the virtual IC chip of the network extended smart card server and / or the network. Alternatively, the smart card terminal is equipped with a remote application capable of providing a smart card service by accessing the smart card application area of the virtual IC chip.

In the present invention, the network expandable smart card server is a server that includes a virtual IC chip that implements the structure, function, and role of a physical IC chip mounted on a smart card issued by a card issuer, and logically the card. It is a server on the network that is equipped with each virtual IC chip that issuing agency logically interworking with the network expansion smart card and is physically connected to the smart card terminal through the network.

The virtual IC chip of the network expansion smart card server is implemented in software to provide the same structure and function as the physical IC chip issued by the card issuer. The hardware and operating system of the network expansion smart card server and the network expansion smart An IC chip emulator for a server, which emulates an IC chip virtually on the network expandable smart card server through various applications (or data) mounted on a card server.

In addition, it is noted that the virtual integrated circuit (IC) chip on the network may be represented (or written) with the same meaning as the smart card application area (or application storage memory space) in the extended smart card server described in the first embodiment. I will.

According to the present invention, unlike a physical IC chip mounted on a physical smart card, the virtual IC chip of the network expansion smart card server is not limited in storage space and / or capacity, and is issued and / or issued to the corresponding virtual IC chip. Access control and management of each of the post-issued smart card applications (or data) is performed by a virtual IC chip management program implemented in software in the corresponding virtual IC chip, and is logically linked with the virtual IC chip. The network extension smart card includes virtual IC chip interworking information for accessing the virtual IC chip.

Therefore, the network extended smart card according to the present invention merely allocates a storage space of tens of bytes to tens of kilobytes (KB) by which the virtual IC chip interworking information can be mounted on a physical IC chip. The virtual IC chip of the scalable smart card server can provide smart card services ranging from several megabytes to several tens of megabytes.

According to the present invention, a virtual IC chip of a network expandable smart card server that is logically interlocked with a network expandable smart card equipped with a network interworking platform may be used by a card issuing organization in the process of issuing a smart card equipped with a physical IC chip. In the form of (a) and / or (b) of FIG. 10, the virtual IC chip interworking information is loaded into the card management program of the open smart card platform of the smart card, or the card issuing agency uses a physical IC chip. After issuing, after issuing the smart card application (or data) including the virtual IC chip information in the form as shown in (b) of FIG. 10, the storage space is limited in connection with the physical smart card issued as above. In addition, the same smart card service as the smart card service using the physical smart card can be provided.

In addition, according to the present invention, among the smart card applications (or data) issued and / or post-issued on the physical IC chip as described above, a network-scaled smart card server that is logically linked with a specific smart card application (or data). The smart card application area on the virtual IC chip mounted in the virtual IC chip is linked to a specific smart card application area on the virtual IC chip mounted in the network card server in the smart card application (or data) as shown in FIG. By including the chip interworking information, smart card services using a physical smart card with less storage space constraints in conjunction with the smart card application (or data) that is issued and / or post-issued in the physical smart card as described above; The same smart card service can be provided.

In other words, the virtual IC chip of the network expandable smart card server, which is logically interlocked with the network expandable smart card equipped with a network interworking platform, provides an extended smart card service on the network by interworking with a smart card issued directly by a card issuer. It plays a role.

Hereinafter, the characteristics of a network extended smart card and a network extended smart card operating method using a network interworking platform of a network extended smart card according to another embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. However, the following drawings and descriptions are for representative methods among various methods for properly describing the present invention, and the present invention is not limited only to the following drawings and descriptions.

10 is a simple block diagram of the structure of the network interworking platform 1000 of the network extended smart card 1100.

The network interworking platform 1000 of the present invention is a smart card platform that interoperates a smart card equipped with a physical IC chip with a virtual IC chip 1125 of a network expansion smart card server 1120, and is equipped with a physical IC chip. The smart card platform is provided with the virtual IC chip interworking information 1015 that logically interlocks the virtual IC chip 1125 mounted in the network expansion smart card server 1120 on the smart card.

According to the present invention, the network interworking platform 1000 applies virtual IC chip interworking information 1015 of the present invention as shown in FIG. 10 (a) or (b) to all existing types of open smart card platforms. In this case, the network extended smart card 1100 equipped with the corresponding network interworking platform 1000 can access the virtual IC chip 1125 of the network extended smart card server 1120 through the network card terminal. It includes an open smart card platform.

In addition, according to the present invention, the network interworking platform 1000 is equipped with the virtual IC chip interworking information 1015 as shown in (b) of FIG. 10 while maintaining all existing types of open smart card platforms. Issuing and / or issuing a card application (or data), or virtually linking a specific smart card application (or data) with the smart card application area 1005 on the virtual IC chip 1125 as shown in FIG. By including the IC chip interworking information 1015, the network extension smart card 1100 equipped with the network interworking platform 1000 is connected to the virtual IC chip 1125 of the network expansion smart card server 1120 through the network card terminal. It includes all types of open smart card platforms that make them accessible.

According to the present invention, the network interworking platform 1000 is equipped with the virtual IC chip interworking information 1015 proposed by the present invention on all kinds of existing open smart card platforms, and thus the network interworking platform 1000 is mounted. Network extended smart card 1100 and a network card terminal to access the virtual IC chip 1125 of the network extended smart card server 1120.

The network interworking platform 1000 of the network expansion smart card 1100 includes the functions of each of the existing open platforms, and additionally, a network expansion smart card 1100 on which a physical IC chip is mounted. Chip operating system and / or an open smart card platform in which virtual IC chip interworking information 1015 is mounted in the form of a card management program or a smart card application (or data) on the smart card application area 1005.

When the virtual IC chip interworking information 1015 is mounted in a platform such as a chip operating system and / or a card management program in the network interworking platform 1000, the chip operating system and / or the card management program may be smart. In addition to the memory map or file allocation table 1010 for access control and management of the card application area 1005 and execution of the smart card application, the virtual IC chip 1125 mounted in the network extended smart card server 1120 and the virtual The virtual IC chip interworking information 1015 that accesses the smart card application area 1005 on the IC chip 1125 and links the smart card application with the network extended smart card 1100 proposed by the present invention is mounted.

In addition, when the virtual IC chip interworking information 1015 is mounted on the network interworking platform 1000 in the form of a smart card application in the smart card application area 1005 on the physical IC chip, the smart card application may be a card issuer. The smart card application including the virtual IC chip interworking information 1015 is mounted on the physical in- smart card through a process of issuing a smart card and / or post-issuing a smart card application.

The virtual IC chip interworking information 1015 included in the network interworking platform 1000 is basically logically interlocked with the network expandable smart card 1100 proposed by the present invention and is virtually software-configured on the network expandable smart card server 1120. Access information of the virtual IC chip 1125 mounted to perform an IC chip of the virtual chip 1125 and the virtual IC chip 1125 accessing the smart card application area 1005 of the virtual IC chip 1125, and the virtual For issuing a smart card application to the smart card application area 1005 of the IC chip 1125 or extracting smart card application information and / or data from the smart card application area 1005 of the virtual IC chip 1125. The virtual IC chip 1125 is composed of authentication information and the like.

According to the present invention, the access control and management for the smart card application mounted in the smart card application area 1005 of the virtual IC chip 1125 of the network expandable smart card server 1120 controls the virtual IC chip 1125. For this purpose, a virtual COS and / or a virtual IC chip 1125 management program implemented in software is performed. That is, in the present invention, the virtual IC chip 1125 is another smart card logically interlocked with the IC chip and / or the smart card on which the network interworking platform 1000 is mounted on the network. Access control and management for the issued and / or post-issued smart card application is performed by the virtual COS and / or virtual IC chip 1125 management program of the corresponding virtual IC chip 1125.

However, according to the policy of each card issuing agency, the network expansion smart card server 1120 is additionally added to the virtual IC chip interworking information 1015 including virtual IC chip 1125 access information and virtual IC chip 1125 authentication information as described above. The virtual IC chip 1125 control information and / or management information included in the virtual COS and / or the virtual IC chip 1125 management program mounted on the virtual IC chip 1125 of the virtual IC chip 1125 may be the virtual IC chip interworking information 1015. It may be copied to).

According to the present invention, since the virtual IC chip 1125 of the network expansion smart card server 1120 cannot be carried unlike a physical smart card, in order to provide a smart card service through an on-offline card terminal. Access information of the virtual IC chip 1125 for accessing the virtual IC chip 1125 of the network expansion smart card server 1120 and / or the smart card application area 1005 of the virtual IC chip 1125; Post-issuing a smart card application to the smart card application area 1005 of the virtual IC chip 1125 or extracting smart card application information and / or data from the smart card application area 1005 of the virtual IC chip 1125. In the process, virtual IC chip interworking information 1015 including virtual IC chip 1125 authentication information for authenticating the validity of the virtual IC chip 1125 is required.

The open smart card platform including the virtual IC chip interworking information 1015 including at least the virtual IC chip 1125 access information and the virtual IC chip 1125 authentication information as described above is called a network interworking platform 1000. An IC chip and / or a smart card on which the network interworking platform 1000 is mounted is referred to as a network extended smart card 1100.

Access information of the virtual IC chip 1125 of the virtual IC chip interworking information 1015 may include address information, login information, and network information for allowing the smart card terminal 1105 to access the network extended smart card server 1120 through a network. Among various access information such as location information for accessing the virtual IC chip 1125 of the extended smart card server 1120 and an access code for accessing the smart card application area 1005 of the virtual IC chip 1125, etc. Information containing at least one or more items.

In the virtual IC chip 1125 access information, the network extended smart card server 1120 address information is information that the smart card terminal 1105 can access to the network extended smart card server 1120 through a network, and the network is connected to the wired or wireless Internet. In the case of a public network such as IPv4 and / or IPv6, the network is included in the form of an Internet address, and in the case of a private network such as a value added network (VAN), it is included in the form of a server address that can be accessed through the gateway of a VAN company. . If the network interworking card server is aware of the network extended smart card server 1120 information provided by each card issuing authority, the card number or card issuing authority code corresponding to the network extended smart card server 1120 information is also networked. Extended smart card server 1120 is included in the address information.

In the virtual IC chip 1125 access information, the network extended smart card server 1120 login information may be a session in which the smart card terminal 1105 corresponds to the virtual IC chip interworking information 1015 on the network extended smart card server 1120. Login information to the network extended smart card server 1120 to obtain a session, in the form of an ID and password registered by the card issuer in the process of generating the virtual IC chip 1125 to the network extended smart card server 1120. The encryption key, the electronic signature key, and / or the public certificate included in the network extension smart card 1100 or included in the network extension smart card server 1120 may be used as login information.

In the virtual IC chip 1125 access information, the location information of the virtual IC chip 1125 of the network extended smart card server 1120 is stored in the directory structure and / or the virtual IC chip 1125 of the network extended smart card server 1120. Information for finding the virtual IC chip 1125 on a database in which the virtual IC chip 1125 is stored in a specific directory on the network expansion smart card server 1120 is included in a corresponding directory structure. When the virtual IC chip 1125 is stored on a database mounted in the network extended smart card server 1120, the virtual IC chip 1125 is included in the form of a query that queries or retrieves the virtual IC chip 1125 from the database. It is.

The access code of the smart card application area 1005 of the virtual IC chip 1125 in the access information of the virtual IC chip 1125 is a code for the smart card terminal 1105 to access the virtual IC chip 1125. Only the granted smart card terminal 1105 may access the virtual IC chip 1125 and / or the smart card application area 1005 on the IC chip of the network extended smart card server 1120.

The authentication information of the virtual IC chip 1125 of the virtual IC chip interworking information 1015 includes access authority information for accessing the virtual IC chip 1125 of the network extended smart card server 1120, and the smart card of the virtual IC chip 1125. Validation authentication information for the smart card application issued and / or post-issued in the application area 1005, and the smart card application is post-issued to the smart card application area 1005 of the virtual IC chip 1125, or Information including at least one of various authentication information such as smart card service execution information for executing a card application on the virtual IC chip 1125 to generate smart application information and / or data.

The access information of the virtual IC chip 1125 in the virtual IC chip 1125 authentication information is a post-issuance of a new smart card application to the smart card application area 1005 of the virtual IC chip 1125 of the network extended smart card server 1120. Or recording smart card application information and / or data in the smart card application area 1005, or from the smart card application issued and / or post-issued in the smart card application area 1005 and And / or information specifying the authority to extract data, the smart card terminal 1105 may access the virtual IC chip 1125 access authority information with respect to the virtual IC chip 1125 of the network extended smart card server 1120. Only the corresponding task can be performed.

The smart card application validity authentication information in the virtual IC chip 1125 authentication information is a smart card issued and / or post-issued to the smart card application area 1005 on the virtual IC chip 1125 of the network extended smart card server 1120. Information for authenticating the validity of the smart card application, which is normally issued and / or post-issued in the smart card application area 1005 on the virtual IC chip 1125 of the network extended smart card server 1120, and is usable. .

The smart card application validity authentication information is a smart card terminal 1105 in the process of post-issuing a smart card application to the smart card application area 1005 of the virtual IC chip 1125, the smart card application is the virtual IC chip 1125 Authentication or is already issued in the smart card application area 1005, or recording and updating smart card application information and / or data in the smart card application mounted in the smart card application area 1005 of the virtual IC chip 1125. Or in the process of extracting smart card application information and / or data from the smart card application, the smart card terminal 1105 issues the smart card application to the smart card application area 1005 of the virtual IC chip 1125. Information that authenticates

The smart card service execution information in the virtual IC chip 1125 authentication information may be obtained by the smart card terminal 1105 accessing the smart card application area 1005 on the virtual IC chip 1125 of the network extended smart card server 1120. Each smart card that provides a smart card service as information for executing a smart card application through a virtual smart card platform mounted on a corresponding virtual IC chip 1125 to post-issue a card application or to provide a smart card service. It is specialized for the application.

For example, if the smart card application on the virtual IC chip 1125 that provides the smart card service is a discount coupon, it is issued to the smart card application area 1005 on the virtual IC chip 1125 to provide the smart card service. All you need to do is extract the discount coupon information from the post-issued smart card application. On the other hand, if the smart card application on the virtual IC chip 1125 that provides the smart card service is a mileage point, in the step of accumulating the mileage points, it is issued to the smart card application area 1005 on the virtual IC chip 1125 and / or The smart card application that is post-issued must be updated by adding mileage points, and in the step of using the mileage points, the smart card issued and / or post-issued in the smart card application area 1005 on the virtual IC chip 1125 Mileage points must be subtracted from the application and renewed.

According to the present invention, the virtual IC chip interworking information 1015 as described above is loaded on a chip operating system and / or card management program of an existing open smart card platform mounted on a physical IC chip as shown in FIG. Or a smart card mounted on the smart card application area 1005 or issued and / or post-issued in the form of a smart card application issued and / or post-issued by a physical IC chip as shown in FIG. 10 (b). The application is included in the smart card application to interwork with the virtual IC chip 1125.

In particular, when the virtual IC chip 1125 information is loaded into an operating system and / or a card management program as shown in FIG. 10A, a card issuer issues a network-linked smart card. When issuing and / or issuing a smart card application including the virtual IC chip 1125 information, the card issuing institution changes or reissues a previously issued smart card to a network-linked smart card. When the virtual IC chip interworking information 1015 is included in the smart card application that is issued and / or post-issued as shown in (c) of FIG. 3, the access code for the smart card application is obtained from the card issuer and / or the card issuer. Authorized cooperation agencies and the like are provided on the virtual IC chip 1125 to expand the scarce areas of the smart card application to the network. Smart card to work with the application area (1005).

According to the present invention, the virtual IC chip interworking information 1015 as described above is loaded on a chip operating system and / or card management program of an existing open smart card platform mounted on a physical IC chip as shown in FIG. Or, it is mounted in the smart card application area 1005 in the form of a smart card application issued and / or post-issued by a physical IC chip as shown in (b) of FIG.

10A illustrates a network interworking platform 1000 logically interworking with a virtual IC chip 1125 of a network expansion smart card server 1120 through a chip operating system and / or a card management program of an existing open smart card platform. Is a simple schematic diagram.

When the smart card terminal 1105 transmits a smart card command to the physical smart card through the APDU packet, the smart card command transmitted as described above is physically transmitted through the network interworking platform 1000 as shown in FIG. It is delivered to the chip operating system and / or card management program of the smart card.

When the smart card command is transmitted from the smart card terminal 1105 to the chip operating system and / or card management program of the physical IC chip as described above, the chip operating system and / or the card management program is included in the smart card command. Class Byte (CLA), Instruction Byte (INS), and / or Parameter Bytes (P1, P2), etc., are included in the memory map and / or file allocation table 1010 of the card manager. Smart card application access control and / or management information to check whether it corresponds to the smart card application issued and / or post-issued inside the physical IC chip.

If the smart card application is issued and / or post-issued to the smart card application area 1005 in the physical IC chip in the above process, the chip operating system and / or the card management program may execute the smart card application in the IC chip. To load into the RAM on the IC chip. On the other hand, if the smart card application corresponding to the smart card command is not issued and / or post-issued to the smart card application area 1005 inside the physical IC chip, the chip operating system and / or the card management program may execute the card management program. The network expansion smart card server 1120 on the network accessible by the smart card terminal 1105 through the virtual IC chip interworking information 1015 mounted in the [10D] of FIG. 10. Check whether the corresponding smart card application is installed, and allows the smart card terminal 1105 to access the virtual IC chip 1125 of the network extended smart card server 1120 through the virtual IC chip interworking information 1015. .

10B illustrates a network expansion smart card server by issuing and / or issuing a smart card application including virtual IC chip interworking information 1015 in a smart card application area 1005 of an existing open smart card platform. FIG. 1 is a schematic diagram of a network interworking platform 1000 logically interworking with the virtual IC chip 1125 of FIG. 1120.

When the smart card terminal 1105 transmits the smart card command to the physical smart card through the APDU packet, the smart card command transmitted as described above is physically transmitted through the network interworking platform 1000 as shown in FIG. It is delivered to the chip operating system and / or card management program of the smart card.

When the smart card command is transferred from the smart card terminal 1105 to the card management program of the physical IC chip as described above, the chip operating system and / or the card management program may include a class byte (CLA) included in the smart card command. Command bytes (INS) and / or parameter bytes (P1, P2) and the like, and the smart card application access control and / or management information included in the memory management map and / or file allocation table 1010 of the card management program. Verify that it corresponds to the smart card application issued and / or post-issued inside the IC chip.

If the smart card application is issued and / or post-issued to the smart card application area 1005 in the physical IC chip in the above process, the chip operating system and / or the card management program may execute the smart card application in the IC chip. To load into the IC chip's RAM. On the other hand, if the smart card application corresponding to the smart card command is not issued and / or post-issued to the smart card application area 1005 inside the physical IC chip, the chip operating system and / or the card management program is linked to the virtual IC chip. The virtual IC chip interworking information 1015 is extracted from the smart card application including the information 1015 and issued and / or post-issued in the smart card application area 1005 and loaded into the RAM of the IC chip. Through the IC chip interworking information 1015 [difference between (a) and (b) in FIG. 10], the smart card application is applied to the network extended smart card server 1120 on the network accessible by the smart card terminal 1105. Check whether it is mounted, and access the virtual IC chip 1125 through the virtual IC chip interworking information 1015.

10 (c) of FIG. 10 is a virtual interface for logically interworking the smart card application with the smart card application area 1005 on the virtual IC chip 1125 for the smart card application issued and / or post-issued on the existing open smart card platform. By including the IC chip interworking information 1015, it is a simple configuration diagram for the network interworking platform 1000 and / or smart card application logically interworking with the virtual IC chip 1125 of the network expansion smart card server 1120.

When the smart card terminal 1105 transmits the smart card command to the physical smart card through the APDU packet, the smart card command transmitted as described above is the chip operating system of the network interworking platform 1000 as shown in FIG. And / or the card management program interprets through the class byte (CLA) and command byte (INS) and / or parameter byte (P1, P2), etc. included in the smart card command, and corresponds to the smart card application. Is passed to.

When the smart card command is transmitted from the smart card terminal 1105 to the corresponding smart card application through the network interworking platform 1000, the smart card application is based on the information included in the smart card command. It is checked whether the data corresponding to the command exists in the smart card application or in the smart card application area 1005 on the virtual IC chip 1125 linked with the smart card application.

If the smart card application data corresponding to the smart card command is present in the smart card application, the smart card application may interwork the smart card application data with the chip operating system and / or the card management program. Load into RAM On the other hand, if the smart card application data corresponding to the smart card command does not exist inside the smart card application, the smart card application uses the chip operating system and / or the card management program to transfer the smart card application to the virtual IC chip 1125. After loading the IC chip interworking information 1015 included therein into the RAM of the IC chip for interworking with the smart card application area 1005 on the smart card, the smart card terminal 1105 through the virtual IC chip interworking information 1015. Check whether the corresponding smart card application data exists in the smart card application area 1005 on the virtual IC chip 1125 mounted in the network expandable smart card server 1120 on the network accessible by The information 1015 is accessed to access the smart card application area 1005 on the virtual IC chip 1125.

11 is a simple block diagram of a network extended smart card system.

The network extended smart card system proposed by the present invention is a virtual IC on an existing open smart card platform as described in FIG. 10 for a conventional smart card system as shown in FIG. 2 and / or a smart card application post-issuance system as shown in FIG. A network extension smart card 1100 equipped with a network interworking platform 1000 that further includes chip interworking information 1015 and a smart device equipped with a host application 1110 that provides each smart card service through a smart card. On the card terminal 1105, the remote application 1115 accessing the virtual IC chip 1125 of the network extended smart card server 1120 based on the virtual IC chip interworking information 1015 extracted from the network extended smart card 1100. To the smart card terminal 1105 and the card issuing authority equipped with the Remote Application. It is constituted by adding the extended network smart card 1100 and the logical network is extended smart card server 1120 in the virtual IC chip 1125 which is interlocked with the like.

The network expansion smart card 1100 may allow the smart card terminal 1105 to access the virtual IC chip 1125 and / or the smart card application area 1005 on the IC chip of the network expansion smart card server 1120 through a network. Characterized in that the network interworking platform 1000 including the virtual IC chip interworking information 1015 is mounted.

In FIG. 11, the virtual IC chip interworking information 1015 included in the network interworking platform 1000 of the network extended smart card 1100 satisfies the characteristics of the virtual IC interworking information described with reference to FIG. 10.

The smart card terminal 1105 is a virtual IC chip 1125 and a virtual IC of the network extended smart card server 1120 through the network based on the virtual IC chip interworking information 1015 extracted from the network extended smart card 1100. A remote application 1115 that can access the smart card application area 1005 of the chip 1125 is mounted. However, the remote application 1115 may be included in the existing host application 1110 and mounted on the smart card terminal 1105 in some cases.

The smart card terminal 1105 includes the functions and roles of the existing smart card terminal 1105 described with reference to FIGS. 2 and / or 4, and additionally, the virtual IC chip interworking information 1015 included in the network extended smart card 1100. A remote application 1115 capable of remotely accessing the virtual IC chip 1125 of the network expandable smart card server 1120 or the smart card application area 1005 on the virtual IC chip 1125 is installed. .

The host application 1110 of the smart card terminal 1105 includes the functions and roles of the existing host application 1110 described with reference to FIGS. 2 and / or 4 as well as the virtual IC obtained from the network extended smart card 1100. The chip interlocking information 1015 is characterized in that the feature to share the transfer to the remote application 1115 is mounted.

After the host application 1110 transmits a smart card command to the network extended smart card 1100, the host application 1110 may access the virtual IC chip 1125 of the network extended smart card server 1120 from the network extended smart card 1100. When the virtual IC chip interworking information 1015 is answered, the host application 1110 shares the virtual IC chip interworking information 1015 to the remote application 1115 so that the remote application 1115 can expand the network extension smart card. The virtual IC chip 1125 of the server 1120 is accessed.

The remote application 1115 is an application additionally mounted on the smart card terminal 1105 as provided by the present invention to support a network extended smart card system, and the virtual IC chip interworking information obtained from the network extended smart card 1100. Based on (1015) to access the smart card application area 1005 on the virtual IC chip 1125 and / or the virtual IC chip 1125 of the network extended smart card server 1120 through the network to provide a smart card service Application.

According to the present invention, the remote application 1115 is included as part of the host application 1110 mounted in the smart card terminal 1105 to perform the above role in the smart card terminal 1105, or the smart card terminal ( 1105 is mounted in the form of an independent application that communicates with the host application 1110 inside.

According to the present invention, the remote application 1115 of the smart card terminal 1105 is included in the host application 1110 as described above, or the remote application 1115 and the host application 1110 are smart card terminals. (1105) Internally shared via IPC (Inter-Process Communication). Accordingly, the information and data extracted and / or generated by the host application 1110 may be transferred to the remote application 1115, and the information and data extracted and / or generated by the remote application 1115 may be transferred to the host application ( 1110).

The network expandable smart card server 1120 is equipped with a virtual IC chip 1125 logically generated by interworking with each network expandable smart card 1100 issued by a card issuing authority, and the smart card terminal 1105 through a network. ), And the like.

In addition, the network expandable smart card server 1120 is mounted on the smart card terminal 1105 side, mounted on the network, or mounted on the server side according to the characteristics of the smart card system.

For example, when the network extended smart card server 1120 is mounted on the smart card terminal 1105 side, the network extended smart card 1100 is a membership card of a large discount store, and the smart card terminal 1105 is the large discount store. Is a POS terminal, the network extended smart card server 1120 storing a unique smart card application area 1005 on the network for the network extended smart card 1100 is a large discount store connected to the POS terminal and LAN It can be mounted inside.

Alternatively, when the network expandable smart card server 1120 is mounted on a network, the network expandable smart card 1100 is a credit card, the smart card terminal 1105 is CAT, and the network is a VAN. The network expandable smart card server 1120 that stores the unique smart card application area 1005 on the network may be mounted on the VAN.

Further, when the network expandable smart card server 1120 is mounted on the server side, if the network expandable smart card 1100 is a loyalty card and the server is a royalty management server, a unique smart card application area on the network for the loyalty card is provided. The network scalable smart card server 1120 storing the 1005 may be mounted on the royalty management server side to provide an efficient royalty service.

In addition, the network extended smart card server 1120 may be mounted on a mobile communication company server.

The virtual IC chip 1125 mounted in the network expandable smart card server 1120 is network extended to satisfy at least one or more of IC chip and / or smart card specifications such as ISO7816, ISO 10536, ISO 14443, and / or EMV. A virtual IC chip implemented in software on the smart card server 1120, a virtual H / W, a physical IC chip corresponding to the hardware of the physical IC chip and / or the IC chip card, and / or Or a virtual COS corresponding to a chip operating system (COS) mounted on an IC chip card, a smart card VM corresponding to a virtual machine (VM) mounted on a physical IC chip and / or an IC chip card. (SCVM), a smart card application issued and / or post-issued to the smart card application area 1005 of the virtual IC chip 1125 in response to a card management program mounted on the physical IC chip and / or IC chip card. Performing access control and management A virtual IC chip 1125 management program that executes a smart card application to extract smart card application information and / or data to provide a smart card service, and a smart card application mounted on a physical IC chip and / or an IC card. And a smart card application area 1005 on the virtual IC chip 1125 corresponding to the area 1005.

The virtual H / W of the virtual IC chip 1125 is a software implementation of the physical IC chip and / or IC chip card on the network expansion smart card server 1120. The storage space allocated on the network expansion smart card server 1120 to store the virtual IC chip 1125 on a storage space and / or a database of the network expansion smart card server 1120. That is, the virtual IC chip 1125 of the present invention is information and / or a file stored in a storage space on a network server by software.

In order to satisfy the above conditions, the storage space that plays the role of virtual hardware on the network expansion smart card server 1120 is implemented in the same structure as the physical IC chip and / or IC chip card as shown in FIG. . That is, the storage space on the network expansion smart card server 1120 in which the virtual IC chip 1125 is stored is a master file, a dedicated file, and an element file, as in the structure of the physical IC chip and / or IC card described in FIG. In the form of a file, the files provide a feature compatible with files stored on a physical IC chip and / or an IC card.

The virtual COS of the virtual IC chip 1125 is a virtual IC chip 1125 to perform a function of a card operating system (COS) virtually from the virtual IC chip 1125 mounted in the network expansion smart card server 1120. As implemented in software, the virtual IC chip 1 on the virtual H / W of the virtual IC chip 1125, that is, the network expandable smart card server 1120 in conjunction with the operating system of the network extended smart card server 1120, may be used. The middleware on the network extended smart card server 1120 is configured to virtually perform the functions and functions of the chip operating system with respect to the files stored in the storage space allocated for 1125.

In order to provide such a function, the virtual COS operates a virtual chip for a specific storage area allocated as a virtual H / W of the virtual IC chip 1125 on an operating system mounted in the network scalable smart card server 1120. It provides the function of middleware that acts as a system, and each virtual COS provides a firewall corresponding to inter-process protection to act as a virtual chip operating system only for each virtual hardware. Provide exclusive independence.

That is, in order for the smart card terminal 1105 to access a virtual H / W allocated to a specific storage area on the network expandable smart card server 1120, the virtual card operating system provides a virtual chip operating system role to the virtual H / W. In addition, the smart card terminal 1105 may store a file for providing a smart card service to a specific storage area on the network expandable smart card server 1120 corresponding to the virtual hardware. In the updating or reading process, when the smart card terminal 1105 requests access to a file stored in the virtual H / W with each virtual COS, the virtual COS is transmitted through the operating system of the network extended smart card server 1120. A specific storage area corresponding to the virtual hardware is accessed to store, update, and / or read a file.

In detail, when the network card interworking terminal accesses the network extended smart card server 1120 through a network and requests access to the virtual H / W with the virtual COS of the virtual IC chip 1125, the virtual COS is network extended. Providing a smart card service to the virtual hardware by accessing a specific storage area managed by the virtual COS directly from the storage space of the network extended smart card server 1120 through the operating system of the smart card server 1120. Save, update, and / or read files for.

The smart card VM (SCVM) of the virtual IC chip 1125 is implemented in software to perform a function of the smart card VM virtually on the virtual IC chip 1125 mounted in the network scalable smart card server 1120. The smart card application issued and / or post-issued to the smart card application area 1005 of the virtual IC chip 1125, such as the VM of the smart card platform mounted on the IC chip and / or the IC chip card, may be a virtual IC chip ( In operation 1125 and / or to drive to provide a smart card service.

According to the present invention, since the SCVM is mounted on top of the virtual COS, the SCVM inherits the attributes of the virtual COS as it is and provides exclusive independence to the SCVM of another virtual IC chip 1125. That is, the SCVM mounted on a specific virtual COS is used only when executing and / or running a smart card application stored in the virtual H / W.

In the above process, the SCVM of the virtual IC chip 1125 executes and / or drives the smart card application, and the virtual COS executes the smart card application from the virtual H / W on the network expansion smart card server 1120. When loaded to a specific address on the memory allocated for the memory device, the SCVM of the virtual IC chip 1125 providing exclusive independence executes and / or runs the smart card application.

In order to satisfy the above conditions, the network expansion smart card server 1120 is equipped with a server VM corresponding to each SCVM. For example, if the SCVM of the virtual IC chip 1125 mounted in the network expansion smart card server 1120 corresponds to a Java card among the open smart card platforms, the server version of the JVM (Java virtual machine already has a JVM already JDK (Java Development Kit) corresponding to the server version is installed. Of course, each client already has a JDK. Therefore, JavaScript is executed through a web browser without any special software configuration.], Server version of MVM (MEL Virtual Machine) in case of MULTOS, and Visual Basic Virtual Machine (VBVM) in case of SCFW card. Server version [In the case of a server with a Windows-based operating system, the server is already equipped with VBS (Visual Basic Scripter) corresponding to the server version in VBVM. Of course, each client also has VBS. That is why Visual Basic scripts (* .vbs) are executed through web browsers or Outlook Express without special software configuration, and worm viruses using VBS are infected with servers and clients.]

That is, the process of executing and / or driving a smart card application by the SCVM of the virtual IC chip 1125 may be performed by a virtual COS that provides exclusive independence to another virtual IC chip 1125 through an operating system of a network server. When the smart card application stored in / W is loaded into the memory of the network expandable smart card server 1120 for executing the corresponding virtual IC chip 1125, the SCVM of the corresponding virtual IC chip 1125 corresponds to each SCVM. The smart card application is executed and / or driven through a server VM installed in the network expandable smart card server 1120.

In other words, when the virtual COS loads the smart card application stored in the virtual H / W, the SCVM mounted on the upper virtual COS is executed first, so that each of the network expansion smart card servers 1120 is loaded. Run and / or run the smart card application through the VM for the server. In addition, each SCVM that provides exclusive independence executes each smart card application with exclusive independence as the server VM running in the network scalable smart card server 1120 executes and / or runs the smart card application. And / or perform a function of a firewall that protects it to be driven.

The virtual IC chip 1125 management program of the virtual IC chip 1125 is configured to perform a function of a card management program virtually from the virtual IC chip 1125 mounted in the network expansion smart card server 1120. Software-implemented on the device, and issued and / or post-issued to the smart card application area 1005 of the virtual IC chip 1125, such as a card management program mounted on a physical IC chip and / or an IC chip card. It performs the functions of access control and management for running and / or running smart card applications.

In particular, the virtual IC chip management program includes information and attributes of all files stored in the storage area used by the virtual IC chip 1125, that is, the virtual hardware, among the storage spaces of the network extended smart card server 1120. In addition to the card management programs installed on the physical IC chip and / or the IC chip card, each virtual IC chip 1125 has a management function to provide exclusive independence on the network expansion smart card server 1120. Is added.

That is, the storage area used by the corresponding virtual IC chip 1125 among the storage spaces of the network extended smart card server 1120 is operated exclusively by each virtual IC chip management program that controls and manages the corresponding storage area. It is the basis on which the virtual IC chip providing exclusive independence can be mounted on the extended smart card server 1120.

The smart card application area 1005 of the virtual IC chip 1125 is a virtual IC chip (1500) so that the smart card application issued and / or post-issued to the virtual IC chip 1125 mounted in the network expansion smart card server 1120 is mounted. A software implementation on 1125 is a specific storage area on a virtual H / W that provides the same functionality as a smart card application area 1005 mounted on a physical IC chip and / or IC chip card.

That is, the smart card application issued and / or post-issued in the smart card application area 1005 is controlled by a virtual COS and / or a virtual IC chip management program that provides exclusive independence on the network expandable smart card server 1120. And all the information about the smart card application issued and / or post-issued in the smart card application area 1005 includes a virtual memory map and / or a virtual file allocation. It is included in the form of a table 1010 (Virtual File Allocation Table).

In particular, the smart card application area 1005 on the virtual IC chip of the network expandable smart card server 1120 has the same structure as the smart card application area 1005 on the IC chip of the physical smart card.

For example, a smart card application for writing a guestbook on a smart card of a visitor invited to a seminar is post-issued, and then sent back to the visitor through the smart card terminal 1105 installed at the gate in the step where the visitor enters the seminar hall. When the guestbook information of the visitor is automatically extracted from the issued guestbook entry smart card application, and the guestbook information is transmitted to the server for management, the smart card application post-issued to the smart card of the visitor invited to the seminar is As shown in Table 1, the guest book information is included in the logical form of the guest card writing smart card application shown in Table 1 as shown in Table 2.

Table 3 also logically represents the structure of the smart card application in which the guestbook writing smart card application including the guestbook information shown in Table 2 in the logical format shown in Table 1 is stored in the smart card application area 1005.

The description of Table 1, Table 2, and Table 3 is the same as the above, and will be omitted.

That is, according to the present invention, the logical format and logical structure of the smart card application stored in the smart card application area 1005 as described above is the smart card application area 1005 on the physical IC chip and the network expansion smart card server 1120. The smart card application area 1005 on the virtual IC chip 1125 mounted in the above) has the same format and the same structure. Therefore, a smart card application including information such as Table 2 in a logical format as shown in Table 1 may be stored in the smart card application area 1005 on a physical IC chip in a logical structure as shown in Table 3, and may be a network extended smart card. It may be stored in the smart card application area 1005 on the virtual IC chip 1125 of the server 1120.

In addition, the network for communication connection between the virtual IC chip 1125 mounted on the network expansion smart card server 1120 and the smart card terminal 1105 communicates the smart card with the physical IC chip and the smart card terminal 1105. It acts as a connecting CAD. That is, CAD for connecting the communication between the smart card and the smart card terminal 1105 through the COB of the physical smart card is the network extended smart card server 1120 and the smart card in the network extended smart card system according to the present invention. It is implemented via a network that connects communication between terminals 1105.

12 is a simple flowchart of a process of issuing a network extended smart card 1100.

According to the present invention, the process of issuing the network extended smart card 1100 may include issuing a corresponding smart card to the network extended smart card 1100 proposed by the present invention in the process of issuing a new smart card. There is a process of issuing to the network extended smart card 1100 proposed by the present invention through the process of post-issuing the smart card application including the virtual IC chip interworking information 1015 in the smart card.

12A illustrates a process of replacing and issuing a newly issued smart card with a network extended smart card 1100 logically linked with a virtual IC chip 1125 of the network extended smart card server 1120.

Compared to the smart card equipped with the existing open smart card platform, the card management program of the network interworking platform 1000 as shown in FIG. 10 or the smart card application area 1005 as shown in FIG. In order to issue the network extended smart card 1100 in which the virtual IC chip interworking information 1015 is loaded in the smart card application, the smart card 1100 may be manufactured, initialized and personalized before being issued to the smart card applicant. A process of generating the virtual IC chip 1125 on the network extended smart card server 1120 that is logically interworked with the smart card 1100 should be performed first.

Therefore, the card issuer and / or the smart card applicant, and the like, may use the card management program of the network interworking platform 1000 as shown in FIG. 10 or the smart card application area as shown in FIG. Whether to issue the smart card application to the network expansion smart card 1100 equipped with the virtual IC chip interworking information 1015 or to the smart card equipped with the existing open smart card platform in the 1005 smart card application. Determine (1200).

If the card issuer and / or the smart card applicant, etc., decide to issue the smart card that is currently being issued to an existing smart card that manages only the smart card application area 1005 on the IC chip (1205), A physical smart card for managing the smart card application area 1005 on the IC chip is manufactured (1210), and a series of processes for initializing and personalizing the smart card according to the existing smart card issuing process are performed. Issued after.

On the other hand, the card issuer and / or the smart card applicant, etc., issue the smart card to be issued to the network extended smart card 1100 logically linked with the virtual IC chip 1125 of the network extended smart card server 1120. In operation 1215, the card issuing authority may be equipped with a virtual IC chip 1125 logically interworking with a smart card currently issued in a storage space of the network expandable smart card server 1120 on which the virtual IC chip 1125 is mounted. The storage area, that is, the virtual H / W of the virtual IC chip 1125 described with reference to FIG. 11 is allocated to the storage space of the network extended smart card server 1120 (1220).

For example, a storage area in which a card issuer is to mount the virtual IC chip 1125 in a file system of the network extended smart card server 1120 through a kernel of the network extended smart card server 1120. And the storage area in Protected Mode, virtual H / W can be set up that provides exclusive independence to block improper access from other processes and outside of the network extended smart card server 1120. Can be.

The above process corresponds to a process of producing a physical smart card by a card issuing institution in the existing smart card issuing process in which the physical IC chip is mounted.

When the storage area on which the virtual IC chip 1125 is to be mounted, that is, the virtual H / W of the virtual IC chip 1125 is allocated to the storage space on the network expansion smart card server 1120 as described above, the card issuing authority is assigned to the virtual H / W. The virtual IC chip 1125 driving file is loaded in / W (1225). The virtual IC chip 1125 driving file is a file constituting a virtual smart card platform that drives the virtual IC chip 1125 on the network expansion smart card server 1120. The role of the virtual COS and the virtual IC chip on the virtual H / W These files play the role of management program and SCVM.

For example, a file serving as a virtual COS has a function of communicating with a smart card terminal 1105 through an application layer and a presentation layer of an Open System Interconnection 7 Layer (OSI 7 layer) and a network extended smart card server 1120. The smart card terminal 1105 transmits a command received from the smart card terminal 1105 to the virtual IC chip management program and the SCVM in association with an operating system of the smart card terminal 1105. A file that contains a function of transmitting to a virtual IC chip management program, and a file that functions as a virtual IC chip management program is a storage area allocated to virtual H / W on a disk through the file system of the network extended smart card server 1120, in particular, smart. Smart and the function that is in charge of the access control and management for the area assigned to the card application area (1005) File to load the smart card application stored in the application application area 1005 into memory, and the file serving as the SCVM is a network extended smart card server 1120 based on a language supporting the smart card. A file containing a function for analyzing, executing, and running a smart card application loaded from the smart card application area 1005 in association with a server VM mounted on the server).

The above process corresponds to the process of initializing the smart card by the card issuing institution in the existing smart card issuing process in which the physical IC chip is mounted.

When the virtual IC chip 1125 driving file is mounted in the storage space on the network expansion smart card server 1120 as described above, the card issuing agency may expand the network expansion smart card personal information that can be logically associated with the virtual IC chip 1125. And an encryption key, an electronic signature key, and a public certificate, and issue and store basic smart card applications in the smart card application area 1005 of the virtual IC chip 1125 (1230).

For example, when the virtual IC chip 1125 is mainly applied for a coupon service through a smart card coupon, the card issuer may use network extended smart card personal information, an encryption key, an electronic signature key, and a public certificate required for the coupon service. A certificate or the like is loaded, and a smart card application for smart coupon service, which is basically issued by the card issuing authority, is issued and stored in the smart card application area 1005.

The above process corresponds to the process of personalizing the smart card by the card issuing institution in the existing smart card issuing process in which the physical IC chip is mounted.

If an error occurs while the virtual IC chip 1125 is manufactured, initialized, and personalized as described above, the process of generating the virtual IC chip 1125 on the network extended smart card server 1120 fails (1235). The card issuer repeats the process of generating the virtual IC chip 1125 as described above.

On the other hand, if the process is normally performed to generate a virtual IC chip 1125 logically interlocked with the network expandable smart card 1100 on the network expandable smart card server 1120 (1240), the card issuing authority of FIG. The network expansion platform may be mounted in a card management program of the network interworking platform 1000 or included in the smart card application of the smart card application area 1005 as shown in FIG. 10B. In operation 1245, the virtual IC chip 1125 and the virtual IC chip interworking information 1015 for logically interworking the network extended smart card 1100 having the physical IC chip mounted thereon are generated.

The virtual IC chip interworking information 1015 logically interworks with the network expandable smart card 1100 to store the virtual IC chip 1125 mounted on the network expandable smart card server 1120 and the smart card on the virtual IC chip 1125. As interworking information, the smart card terminal 1105 connected to the network extended smart card 1100 connects the virtual IC chip 1125 and the smart card on the virtual IC chip 1125 of the network extended smart card server 1120 via a network. Information to link with.

As described above, a virtual IC chip 1125 is generated on the network expansion smart card server 1120 through a series of manufacturing processes, initialization and personalization processes, and logically interworking the virtual IC chip 1125 and a physical smart card. When the virtual IC chip interworking information 1015 is generated, the card issuing agency produces a physical smart card equipped with the virtual IC chip interworking information 1015 as shown in FIG. After issuing and personalizing the smart card, or after the smart card is created and initialized in the same manner as the existing smart card issuing process, the physical smart card is personalized as shown in (b) of FIG. 10. In the smart card application area 1005, the smart card application including the virtual IC chip 1125 information is mounted, thereby expanding the network extended smart proposed by the present invention. It issues a de 1100, 1255.

12 (b) shows the virtualization of the existing smart card network extended smart card server 1120 through the process of post-issuing the smart card application including the virtual IC chip interworking information 1015 to the previously issued smart card. The process of reissuing the network expansion smart card 1100 logically interworking with the IC chip 1125.

As shown in (b) of FIG. 10, the network extended smart card 1100 including the virtual IC chip interworking information 1015 in the smart card application of the smart card application area 1005 is virtual on the network extended smart card server 1120. After the IC chip 1125 is generated, the smart card including the virtual IC chip interworking information 1015 in the smart card application area 1005 of the existing smart card mounted on an open smart card platform providing post-issuance service. After issuing the card application or after issuing the smart card application including the virtual IC chip interworking information 1015 to the smart card application area 1005 of the existing smart card mounted on the open smart card platform as described above. Generating a virtual IC chip 1125 corresponding to the virtual IC chip interworking information 1015 on the network extended smart card server 1120. For example, the previously issued smart card may be reissued as the network extended smart card 1100 logically linked with the virtual IC chip 1125 of the network extended smart card server 1120.

In FIG. 12B, a card issuing agency generates a virtual IC chip 1125 on a network expansion smart card server 1120, and logically interoperates the virtual IC chip 1125 with a smart card already issued. After the virtual IC chip interworking information 1015 is generated, a process of post-issuing the smart card application including the virtual IC chip interworking information 1015 to the smart card application area 1005 of the previously issued smart card is performed. The process of re-issuing the previously issued smart card to the network expansion smart card 1100 proposed by the present invention.

Accordingly, the card issuing agency and / or the smart card applicant, etc., mount the previously issued smart card into the smart card application in the smart card application area 1005 as shown in FIG. 10B. It is determined whether to reissue to the network-expanded smart card 1100, or to use the existing smart card as it is (1200).

If the card issuer and / or the smart card applicant decides to use the already issued smart card as it is (1205), the card issuer presents the existing smart card equipped with an open smart card platform. The process of reissuing to the network extended smart card 1100 ends.

On the other hand, the existing smart card, which is issued by the card issuer and / or the smart card applicant, is logically connected to the virtual IC chip 1125 of the network expansion smart card server 1120 using the smart card application post-issuance system as shown in FIG. When the card issuer decides to reissue the network extended smart card 1100 that is interworked with each other (1210), the card issuing agency may expand the network extended smart card server 1120 on which the virtual IC chip 1125 is mounted as shown in FIG. The virtual H / W of the virtual IC chip 1125 described with reference to FIG. 11 is stored in a storage area in which the virtual IC chip 1125 logically interlocks with the currently issued smart card in the storage space of the network expansion smart card server 1120. (1215), the card issuing authority is a physical smart card in the process of issuing an existing smart card with a physical IC chip Corresponds to the process of producing.

As described above, when a storage area in which the virtual IC chip 1125 is to be mounted, that is, a virtual H / W of the virtual IC chip 1125 is allocated to the storage space on the network expansion smart card server 1120, the card issuing authority is shown in FIG. In operation 1220, the virtual IC chip 1125 driving file is mounted on the virtual H / W. The virtual IC chip 1125 driving file is a file constituting a virtual smart card platform that drives the virtual IC chip 1125 on the network expansion smart card server 1120. The role of the virtual COS and the virtual IC chip on the virtual H / W (1125) As files that perform a role of a management program and a SCVM, the process corresponds to a process of initializing a smart card by a card issuing authority in a process of issuing an existing smart card equipped with a physical IC chip.

When the virtual IC chip 1125 driving file is mounted in the storage space on the network expansion smart card server 1120 as described above, the card issuing organization logically interworks with the virtual IC chip 1125 as shown in FIG. Network extended smart card personal information, encryption key and electronic signature key, and a public certificate, etc., and the basic smart card application in the smart card application area (1005) of the virtual IC chip 1125 and stored ( 1225), the process corresponds to the process of personalizing the smart card by the card issuer in the existing smart card issuing process equipped with the physical IC chip. When a basic smart card application is issued and stored in the smart card application area 1005 of the virtual IC chip 1125, the virtual IC chip 1125 management program controls and manages the issued smart card application (1230).

If an error occurs while the virtual IC chip 1125 is manufactured, initialized, and personalized as described above, the process of generating the virtual IC chip 1125 on the network extended smart card server 1120 fails (1235). The card issuer repeats the process of generating the virtual IC chip 1125 as described above.

On the other hand, if the process is normally performed to generate a virtual IC chip 1125 logically interlocked with the network expandable smart card 1100 on the network expandable smart card server 1120 (1240), the card issuing authority of FIG. As shown in b), it is included in the smart card application that can be post-issued to the smart card application area 1005, and the network extended smart equipped with the virtual IC chip 1125 and the physical IC chip of the network expandable smart card server 1120 In operation 1245, the virtual IC chip interworking information 1015 for logically interlocking the card 1100 is generated.

As described above, a virtual IC chip 1125 is generated on the network expansion smart card server 1120 through a series of manufacturing processes, initialization and personalization processes, and logically interworking the virtual IC chip 1125 and a physical smart card. When the virtual IC chip interworking information 1015 is generated, the card issuing agency includes the generated virtual IC chip interworking information 1015, and the smart card capable of post-issuance to an existing smart card on which an open smart card platform is mounted. Create a card application (1250).

If the smart card application that can be post-issued to the existing smart card that is equipped with the open smart card platform is generated, including the virtual IC chip interworking information 1015 generated as described above, the card issuing authority is shown in FIG. The smart card application including the virtual IC chip interworking information 1015 through the issuing system is post-issued (1255) to the smart card application area 1005 of the smart card equipped with the open smart card platform (1255). Reissue to the network extended smart card 1100 proposed by the present invention.

12C shows virtual IC chips of the network expansion smart card server 1120 by including the virtual IC chip interworking information 1015 in the smart card application issued and / or post-issued in the smart card. It is about the process of replacing with the network extended smart card 1100 logically linked with the (1125).

The incorporation of the virtual IC chip interworking information 1015 in the smart card application that is already issued and / or post-issued as shown in FIG. 10 (c) is from the card issuing agency and / or the card issuing authority to the smart card application. It is made by a card cooperative agency, etc., who has been granted an access code. For example, if the card issuing authority has assigned a portion of the smart card application area 1005 to a card cooperation institution that provides a coupon service, the card cooperation authority issues a smart card application to the smart card application area 1005. And / or virtual IC chip interworking information for logically interworking the smart card application with the smart card application area 1005 on the virtual IC chip 1125 mounted in the network card server in the process of providing a coupon service after issuing a coupon ( 1015, the smart card application can be extended to the virtual IC chip 1125 on the network.

In addition, when the card issuer and / or the card cooperating agency interlocks a specific smart card application with the smart card application area 1005 on the virtual IC chip 1125 mounted in the network extended smart card server 1120 as described above, The smart card is a smart card on the virtual IC chip 1125 generated by the process such as (a) and (b) of FIG. 12 based on the network interworking platform 1000 such as (a) and (b) of FIG. A new virtual IC chip 1125 interoperating with the card application area 1005 or interworking with the smart card may be generated independently of the virtual IC chip 1125 previously generated as described above. It may work with the smart card application area 1005 on the virtual IC chip 1125.

If a smart card in which a virtual IC chip 1125 logically interoperates with a smart card platform such as (a) and (b) of FIG. C) If each virtual IC chip 1125 is newly generated to be linked with each smart card application, the smart card may include the virtual IC chip interworking information 1015 mounted on the smart card platform and each smart card application. According to the virtual IC chip interworking information 1015 mounted in the storage device, the smart card may be extended to one or more virtual IC chips 1125 logically interlocked with each other.

12 (c) shows that the card issuing agency and / or the card cooperating agency newly creates to interwork with the virtual IC chip 1125 and / or the smart card application previously created on the network expansion smart card server 1120. After generating the smart card application area 1005 on the virtual IC chip 1125 and the virtual IC chip interworking information 1015 that logically interlocks the smart card application issued and / or post-issued to the physical IC chip, The smart card application performs the same function and role as the smart card application previously issued and / or post-issued to the smart card, and additionally generates a smart card application including the virtual IC chip 1125 information generated through the above process. The smart card application is replaced with the smart card application area 1005 of the smart card that has been previously issued. It is a process for replacing the card with the network extended smart card 1100 proposed by the present invention.

Accordingly, the card issuing agency and / or the card cooperating agency and the like determine whether or not the smart card application previously issued and / or post-issued to the smart card is interworked with the smart card application area 1005 on the virtual IC chip 1125. (1200).

The process is determined by a smart card application operation policy that issuance and / or post-issuance of a card issuing agency and / or a card cooperating agency is pre-issued and / or post-issued to a smart card. If there is no need to interwork with the card application area 1005 (1205), the card issuing agency and / or the card cooperating agency may use the smart card application pre-issued and / or post-issued to the smart card. End the process of replacing with a smart card application that includes).

On the other hand, a card issuing agency and / or a card cooperating agency may use a smart card application post-issuance system as shown in Fig. 4 to convert a smart card application that is issued and / or post-issued to a smart card with a physical IC chip. If it is decided to interwork with the smart card application area 1005 on the chip 1125 (1210), the card issuing authority is connected to the smart card platform through the process as shown in (a) of FIG. 12 and / or (b) of FIG. In operation 1215, the virtual IC chip 1125 logically interworked exists.

If there is a virtual IC chip 1125 that is interoperable with the smart card platform of the smart card to which the smart card application is issued and / or post-issued (1220), the card issuing agency and / or card cooperating agency may also Again, as described above, the smart card application area 1005 on the interlocked virtual IC chip 1125 is re-associated with the smart card application, or a new virtual IC chip 1125 different from the pre-linked virtual IC chip 1125. ) And determine whether to link the smart card application area 1005 on the newly created virtual IC chip 1125 with the smart card application (1225).

If, in the above process, such as a smart card application is issued and / or post-issued, there is no virtual IC chip 1125 interworking with the smart card platform of the smart card, or the virtual IC chip 1125 is already linked Even if there exists, if the smart card application area 1005 on the virtual IC chip 1125 and the smart card application do not interoperate (1230), the card issuing agency and / or card cooperating authority and the like, the network expansion smart card server ( In the storage space of 1120, a storage area in which a new virtual IC chip 1125 logically directly interoperates with a smart card application of the smart card, that is, a virtual H / W of the virtual IC chip 1125 described in FIG. It allocates to the storage space of the extended smart card server 1120 (1235).

As described above, when a storage area on which the virtual IC chip 1125 directly interlocks with the smart card application is mounted in the storage space on the network expansion smart card server 1120, that is, the virtual H / W of the virtual IC chip 1125 is allocated. , A card issuing agency and / or a card cooperation agency, etc., mount a virtual IC chip 1125 driving file on the virtual H / W and personalize the smart card application to be linked with a smart card that is issued and / or issued. As a result, a new virtual IC chip 1125 including a smart card application area 1005 logically directly linked with the smart card application is generated on a network card server (1240).

When the virtual IC chip 1125 logically interworking with the smart card application issued and / or post-issued to the smart card is determined and / or generated through the above process, the network expansion smart card server 1120 (1245). The card issuer and / or the card cooperating agency set an area to be directly linked with the smart card application in the smart card application area 1005 on the virtual IC chip 1125 (1250).

The area set in the smart card application area 1005 on the virtual IC chip 1125 to be directly linked to the smart card application as described above is controlled by the virtual IC chip 1125 management program implemented in the corresponding virtual IC chip 1125. And managed 1255.

Determining and / or generating the virtual IC chip 1125 logically interworking with the smart card application through the above process, and an area directly interworking with the smart card application in the smart card application area 1005 on the virtual IC chip 1125. If this is set, the card issuing organization and / or the card cooperation organization generates virtual IC chip interworking information 1015 that can be included in the smart card application as shown in FIG. 10 (C) (1260).

According to the present invention, the virtual IC chip interworking information 1015 generated as described above is included in a smart card application directly interworking with the smart card application area 1005 on the virtual IC chip 1125.

Accordingly, the flowchart below performs the same function and role as the smart card application through the post-issuance system as shown in FIG. 4 and additionally includes a smart card application including the virtual IC chip interworking information 1015 generated through the above process. The network expansion smart card is used to replace the area of the smart card application issued and / or post-issued to the smart card by replacing the smart card application with the smart card application area 1005 issued and / or post-issued. It interworks with the smart card application area 1005 on the virtual IC chip 1125 mounted in the server 1120.

That is, a card issuing agency and / or a card cooperation agency may perform the same functions and roles as the smart card application, and may be stored in the smart card application and the smart card application area 1005, and additionally generated through the above process. After the smart card application including the virtual IC chip interworking information 1015 is generated (1265), the smart card application generated as described above is issued to the smart card using the post-issuance system described in FIG. It replaces the issued smart card application and post-issues it to the same smart card application area 1005 as the area where the smart card application is stored (1270).

However, the method of including the virtual IC chip interworking information 1015 generated as described above in the smart card application issued and / or post-issued to the smart card may be variously performed according to the method of the present invention.

For example, the specific data area of the smart card application issued and / or post-issued to the smart card may be deleted, and the virtual IC chip interworking information 1015 may be included in the deleted data area, or the smart card If there is a preliminary data area that is not used for the smart card application issued and / or post-issued, the virtual IC chip interworking information 1015 may be included as the preliminary data area.

FIG. 13 is a simple flowchart illustrating a process of post-issuing a smart card application (or data) with the virtual IC chip 1125 of the network expandable smart card server 1120 that is logically interlocked with the network expandable smart card 1100.

According to the present invention, the process of post-issuing a smart card application (or data) with the virtual IC chip 1125 of the network expandable smart card server 1120 logically interworking with the network expandable smart card 1100 may be post-issuance. The subject of the first step of deciding to issue the smart card application (or data) stored in the D / B of the server 1135 to the virtual IC chip 1125 mounted in the network expansion smart card server 1120 and the smart card. In the process of post-issuing an application (or data) to the virtual IC chip 1125 of the network extended smart card server 1120, the smart card terminal 1105 performs a virtual IC chip of the network extended smart card server 1120 through the network ( Network extension smart by extracting the smart card application (or data) from the D / B of the second stage and post-issuance server 1135 accessing 1125; The post-issuance process in various cases may occur depending on the communication path used in the third step, such as post-issuance to the virtual IC chip 1125 of the card server 1120.

According to the present embodiment, the subject of the first step of deciding to issue the smart card application to the virtual IC chip 1125 of the network extended smart card server 1120 is:

1) a card management program and / or a chip operating system of the network interworking platform 1000 mounted in the network extended smart card 1100 [Fig. 13 (a)],

2) the host application 1110 of the smart card terminal 1105 referring to the card management program and / or the chip operating system of the network interworking platform 1000 (Fig. 13 (b)),

3) the host application 1110 of the smart card terminal 1105 including the post-issuance policy for the smart card application to be post-issued (Fig. 13 (C) (d)),

4) Post-issuance server 1135 containing post-issuance policy for the smart card application to be issued [not present embodiment].

The second step of accessing the virtual IC chip 1125 of the network extended smart card server 1120 and the virtual IC chip 1125 of the network extended smart card server 1120 may be used to post-issue the smart card application. The third stage of the communication path

1) the path from the post-issuance server 1135 to the virtual IC chip 1125 of the network expansion smart card server 1120 via the smart card terminal 1105 and (Fig. 13 (a) (b) (c) ],

2) There may be a path directly accessing the virtual IC chip 1125 of the network expansion smart card server 1120 from the post-issuance server 1135 (Fig. 13 (D)).

Figure 13 of this embodiment is for a representative method of the various post-issuance process as described above, in the present invention to the IC chip of the network expansion smart card 1100 or the virtual IC chip 1125 of the network expansion smart card server 1120 The process of issuing a smart card application is not limited to the following flowchart and description.

The smart card application stored in the D / B of the post-issuance server 1135 may be replaced by the IC chip of the network expansion smart card 1100 or the virtual IC chip 1125 of the network expansion smart card server 1120. In order to issue a smart card, which is equipped with a physical IC chip that provides a function of the network extended smart card 1100 of the present invention, is communicatively connected with the smart card terminal 1105 through CAD (1300).

When the network extended smart card 1100 is linked with the smart card terminal 1105 through CAD, the host application 1110 of the smart card terminal 1105 performs the smart card through a series of processes such as input of a personal identification number (PIN). Perform smart card validation to verify confidentiality, authentication, integrity, and nonrepudiation.

If the validation of the smart card fails in the above process, the host application 1110 of the smart card terminal 1105 outputs an error message and terminates the smart card application post-issuance process.

On the other hand, if the validity authentication for the smart card succeeds in the process (1305), the host application 1110 of the smart card terminal 1105 is connected to the post-issuance server 1135, D / D of the post-issuance server 1135 A smart card application to be issued to the smart card application area 1005 is selected from the smart card applications stored in B (1310).

When the smart card application to be post-issued is selected through the above process, the subject that determines the IC chip to be post-issued by the smart card application selected as the above among the physical IC chip and the virtual IC chip 1125 and the network extended smart The IC chip of the network expansion smart card 1100 or the virtual IC chip 1125 of the network expansion smart card server 1120, or the like, depending on a communication path that accesses or post-issues the virtual IC chip 1125 of the card server 1120. Initiate a process of issuing a smart card application.

FIG. 13A shows a card management in which a subject deciding to issue a virtual IC chip 1125 of a network expandable smart card 1100 server is mounted on a network interworking platform 1000 of a network expandable smart card 1100. Program and / or chip operating system, and the like, and the smart card application is post-issued from the post-issuance server 1135 to the virtual IC chip 1125 of the network extended smart card server 1120 via the smart card terminal 1105. It's about the path.

When the smart card application to be post-issued to the smart card application area 1005 is selected, the smart card terminal 1105 connects to the post-issuance server 1135 and downloads the smart card application stored in the D / B. Terminal 1105-Pull technology to transfer] Pull technology or post-issuance server 1135 to the smart card terminal 1105 to extract the smart card application stored in the D / B [transmission subject] : Post-issuance server 1135-using a push technology (transfer to push technology), etc. from the post-issuance server 1135 to the smart card terminal 1105 to deliver a smart card application to be issued (1315). .

When the smart card application to be post-issued is delivered to the smart card terminal 1105 as described above, the smart card terminal 1105 uses the smart card application as an IC of the network extended smart card 1100 as in the post-issuance process of the existing smart card application. A command to post-issue is issued to the smart card application area 1005 on the chip (1320).

As described above, when the smart card application is issued from the smart card terminal 1105 to the network extended smart card 1100, the card management program of the network interworking platform 1000 mounted on the network extended smart card 1100 and / or Alternatively, the chip operating system checks whether the smart card application can be post-issued to the smart card application area 1005 on the IC chip by referring to the memory map or the file allocation table (1326).

According to (a) of FIG. 13, the host application 1110 of the smart card terminal 1105 is a card management program that is mounted on at least one or more expansion platforms among the network interworking platform 1000 as shown in FIG. Or check the free space of the smart card application area 1005 on the IC chip to post-issuing the smart card application with the smart card through the chip operating system, the smart card application area on the IC chip of the smart card It is possible to check whether it is possible to post-issue at 1005 or to the virtual IC chip 1125 of the network expansion smart card server 1120. COS is in charge]

For example, in addition to the smart card application area 1005 on the IC chip of the network expansion smart card 1100, the size of the free space of the smart card application that can be post-issued is 200 bytes. If larger than 200 bytes, the smart card application cannot be post-issued to the smart card application area 1005 on the IC chip. [Post-issuance area determination based on the free space on the IC chip]

Alternatively, when the smart card application post-issuance policy is included in the card management program and / or the chip operating system of the network extended smart card 1100, the host application 1110 of the smart card terminal 1105 is after the smart card application. Based on the issuance policy, whether the current smart card application to be post-issued is post-issued to the smart card application area 1005 on the IC chip or post-issued to the virtual IC chip 1125 of the network extended smart card server 1120. Can determine the post-issuance area based on the smart card post-issuance policy that the smart card issuing agency put on the smart card.

If the current smart card application to be post-issued through the above process can be post-issued to the smart card application area 1005 on the IC chip of the network expansion smart card 1100 (1330), the smart card terminal 1105 The host application 1110 performs post-issuance of the smart card application in the smart card application area 1005 on the IC chip of the network expandable smart card 1100 through the same process as the existing smart card application post-issuance process (1335). The card management program and / or chip operating system of the network expandable smart card 1100 allocates a memory map or file for the smart card application information for the smart card application post-issued to the smart card application area 1005 on the IC chip as described above. Record in the table (1010) (1340), the success of the smart card application post-issuance Responds to the smart card terminal 1105 (1345).

On the other hand, if the current smart card application to be post-issued cannot be post-issued to the smart card application area 1005 on the IC chip of the network extended smart card 1100 (1350), the network interworking mounted on the network extended smart card 1100 is performed. The card management program and / or the chip operating system of the platform 1000 may be post-issued to the virtual IC chip 1125 of the network extended smart card server 1120 with reference to the virtual IC chip interworking information 1015. Check whether it can be (1355).

If the smart card application cannot be post-issued to the virtual IC chip 1125 of the network expansion smart card server 1120 in the above process (1360), the network interworking platform 1000 mounted on the network expansion smart card 1100. The card management program and / or the chip operating system in response to the post-issuance failure result to the smart card terminal 1105 (1365), the smart card terminal 1105 ends the smart card application post-issuance process.

On the other hand, the card management program and / or the chip operating system of the network interworking platform 1000 mounted in the network expansion smart card 1100 refers to the virtual IC chip interworking information 1015 to convert the smart card application to the network expansion smart card server ( If it is confirmed that the virtual IC chip 1125 of 1120 may be post-issued (1370), the card management program and / or the chip operating system of the network interworking platform 1000 may transmit the virtual IC chip interworking information 1015. Respond to the host application 1110 of the smart card terminal 1105 via the CAD (1375).

When the virtual IC chip interworking information 1015 is transmitted from the network extended smart card 1100 through the above process, the host application 1110 of the smart card terminal 1105 is transferred from the network extended smart card 1100. In order to post-issue the smart card application extracted from the D / B of the IC chip interworking information 1015 and the post-issuance server 1135 to the virtual IC chip 1125 of the network expansion smart card server 1120, the smart card terminal ( Sharing is delivered to the remote application 1115 mounted in 1105 (1380).

When the smart card application acquired from the D / B of the virtual IC chip interworking information 1015 and the post-issuance server 1135 transferred from the network expansion smart card 1100 as described above is shared and transferred to the remote application 1115, the smart The remote application 1115 of the card terminal 1105 accesses the virtual IC chip 1125 of the network expansion smart card server 1120 based on the virtual IC chip interworking information 1015 and post-issues the corresponding smart card application. (1385).

According to the present invention, the process of post-issuing the smart card application with the virtual IC chip 1125 of the network extended smart card server 1120 as described above, the remote application 1115 through the network network extended smart card server 1120 The process of accessing the virtual IC chip 1125 mounted on the smart card terminal and the host application 1110 of the existing smart card terminal 1105 is an existing smart card that post-smarts the smart card application with the IC chip mounted on the smart card through CAD. Same as application post-issue process.

When the smart card application is post-issued to the virtual IC chip 1125 of the network expandable smart card server 1120 through the above process, the remote application 1115 of the smart card terminal 1105 is a network expandable smart card server 1120. After extracting the post-issuance result of the smart card application post-issued by the virtual IC chip 1125, the smart card application post-issuance result is included in the virtual IC chip interworking information 1015 included in the network expansion smart card 1100. Instruct to update (1390).

Smart card card management program and / or commanded to update the post-issuance result for the smart card application post-issued by the virtual IC chip 1125 of the network expansion smart card server 1120 with the virtual IC chip interworking information 1015. The chip operating system further updates the smart card application post-issuance result to the virtual IC interworking information (1395).

As described above, the post-issuance information for the smart card application post-issued by the virtual IC chip 1125 of the network extended smart card server 1120 is successfully added to the virtual IC chip interworking information 1015 of the network extended smart card 1100. When the card management program and / or the chip operating system of the smart card is updated, the virtual IC chip interworking information 1015 is updated to the smart card terminal 1105, so that the post-issuance process is successfully performed. Reply (1345).

FIG. 13B shows a host application 1110 of the smart card terminal 1105 that determines the post-issuance of the virtual IC chip 1125 of the network expansion smart card server 1120, and the post-issuance of the smart card application. The server 1135 passes through the smart card terminal 1105 to the virtual IC chip 1125 of the network expansion smart card server 1120.

However, in FIG. 13B, the host application 1110 of the smart card terminal 1105, which is the determining agent of the post-issuance location, receives information returned from the card management program and / or the chip operating system of the network interworking platform 1000. Refer to this to determine where the smart card application will be issued.

FIG. 13B illustrates that the smart card terminal 1105 checks the validity of the network extended smart card 1100 and post-issues it from the D / B of the post-issuance server 1135 to the network extended smart card 1100. The step of obtaining a smart card application and instructing a post-issuance to the smart card application area 1005 on the IC chip of the network extended smart card 1100 is the same as in FIG. 13A, and the corresponding network extended smart card 1100. If the smart card application can be post-issued to the smart card application area 1005 on the IC chip, the process of post-issuing the smart card application to the smart card application area 1005 on the IC chip is also the same.

However, (b) of FIG. 13 corresponds to a step in which the host application 1110 of the smart card terminal 1105 requests post-issuance to the smart card application area 1005 on the IC chip of the network extended smart card 1100. When the smart card application cannot be post-issued to the smart card application area 1005 on the IC chip (1350), the virtual IC chip interworking information 1015 is directly generated as shown in FIG. Instead of transmitting to 1105, the card management program and / or chip operating system of the network interworking platform 1000 mounted on the network extended smart card 1100 is the smart card terminal 1105 and the smart card application area on the IC chip ( In step 1355, the post-issuance failure result for the smart card application is transmitted.

When the smart card application post-issuance failure result for the smart card application area 1005 on the IC chip is transmitted from the network expansion smart card 1100 through the above process, the host application 1110 of the smart card terminal 1105 In operation 1360, the virtual IC chip interworking information 1015 that is accessible to the virtual IC chip 1125 of the network extended smart card server 1120 is extracted. That is, when the smart card terminal 1105 cannot post-issue the smart card application to the smart card application area 1005 on the physical IC chip mounted on the smart card, the smart card terminal 1105 is mounted on the network expandable smart card server 1120. In order to check whether it is possible to post-issue to the smart card application area 1005 on the virtual IC chip 1125, the network extension smart card 1100 is commanded to extract the virtual IC chip interworking information 1015.

When the extraction of the virtual IC chip interworking information 1015 is commanded from the smart card terminal 1105 to the network expansion smart card 1100 through the above process, the network interworking platform mounted on the network expansion smart card 1100 ( The card management program and / or the chip operating system of 1000 extracts and generates the virtual IC chip interworking information 1015 from the smart card application including the card management program or the virtual IC chip interworking information 1015 in response to the command. The smart card terminal 1105 responds (1365).

When the virtual IC chip interworking information 1015 is transmitted from the network extended smart card 1100 through the above process, the host application 1110 transmits the virtual IC chip interworking information 1015 transferred from the network extended smart card 1100. And a remote card mounted on the smart card terminal 1105 so that the smart card application acquired from the D / B of the post-issuance server 1135 can be post-issued to the virtual IC chip 1125 of the network expansion smart card server 1120. Share transfer to application 1115 (1370).

When the smart card application acquired from the D / B of the virtual IC chip interworking information 1015 and the post-issuance server 1135 delivered from the network expansion smart card 1100 as described above is transferred to the remote application 1115, the remote application 1115 determines whether the smart card application can be post-issued by accessing the upper IC chip mounted in the network expansion smart card server 1120 based on the virtual IC chip interworking information 1015 (1375). .

For example, a size of 2 MB of free space of a smart card application that can be post-issued in addition to the virtual IC chip 1125 of the network-expanded smart card server 1120 mounted on the network expandable smart card server 1120 is post-issued. If the size of the smart card application to be smaller than 2MB, the smart card application may be post-issued to the virtual IC chip 1125 of the network expandable smart card server 1120.

If it is not possible to post-issue the smart card application with the virtual IC chip 1125 of the network expandable smart card server 1120 in the above process, the remote application 1115 of the smart card terminal 1105 may be configured for the smart card application. End the post-issuance process.

On the other hand, if it is possible to post-issue the smart card application with the virtual IC chip 1125 of the network expansion smart card server 1120 (1380), the remote application 1115 of the smart card terminal 1105 is shown in FIG. As described above, the smart card application is post-issued to the virtual IC chip 1125 of the network expansion smart card server 1120 based on the virtual IC chip interworking information 1015 (1385).

When the smart card application is post-issued to the virtual IC chip 1125 of the network expandable smart card server 1120 through the above process, the remote application 1115 of the smart card terminal 1105 is a network expandable smart card server 1120. After extracting the post-issuance result of the smart card application post-issued by the virtual IC chip 1125 of FIG. Instruct to update (1390).

Smart card card management program and / or commanded to update the post-issuance result for the smart card application post-issued by the virtual IC chip 1125 of the network expansion smart card server 1120 with the virtual IC chip interworking information 1015. The chip operating system further updates the smart card application post-issuance result to the virtual IC interworking information (1395).

As described above, the post-issuance information for the smart card application post-issued by the virtual IC chip 1125 of the network extended smart card server 1120 is successfully added to the virtual IC chip interworking information 1015 of the network extended smart card 1100. When the card management program and / or the chip operating system of the smart card is updated, the virtual IC chip interworking information 1015 is updated to the smart card terminal 1105, so that the post-issuance process is successfully performed. Reply (1345).

13C is a host application 1110 of the smart card terminal 1105 that determines the post-issuance of the virtual IC chip 1125 of the network expansion smart card server 1120, and the post-issuance of the smart card application. The server 1135 passes through the smart card terminal 1105 to the virtual IC chip 1125 of the network expansion smart card server 1120.

However, in FIG. 13C, the host application 1110 of the smart card terminal 1105, which determines the post-issuance location, automatically executes the smart card application through the post-issuance policy included in the smart card terminal 1105. This post-issuance location is determined, or the smart card application is post-issued manually according to the decision of the smart card user [= customer] and / or the smart card terminal 1105 operator [store clerk].

In (c) of FIG. 13, the smart card application area 1005 in which the smart card application is actually post-issued is transferred to the smart card terminal 1105 before or after the smart card application is delivered from the D / B of the post-issuance server 1135. Automatically determined by the included post-issuance policy, or selected by the smart card user and / or smart card terminal 1105 operator before the smart card application is delivered from the D / B of the post-issuance server 1135, or The smart card user and / or smart card terminal 1105 before the smart card application received from the post-issuance server 1135 is post-issued to the virtual IC chip 1125 of the IC chip and / or the network expansion smart card server 1120. It is determined manually by the operator's selection or the like. That is, the network interworking platform 1000 mounted in the network extension smart card 1100 is not involved in determining the smart card application area 1005 where the smart card application is post-issued.

When the network extended smart card 1100 is interlocked with the smart card terminal 1105 through CAD (1300), the smart card terminal 1105 is the network extended smart card 1100 as shown in (a) or (b) of FIG. If the smart card application is selected to be post-issued from the D / B of the post-issuance server 1135 to the network extended smart card 1100 (1310), the host of the smart card terminal 1105 is checked (1305). The application 1110 connects to the post-issuance server 1135 and downloads the smart card application stored in the D / B (transmission subject: smart card terminal 1105-pull technology). Issuing server 1135 extracts and transmits the smart card application stored in the D / B to the smart card terminal 1105 [transmission subject: post-issuance server 1135-push technology] push technology (Push Technology) After using From the issuing server 1135, the smart card application 1530 is transferred to the smart card terminal 1105 (1315).

When the smart card application to be post-issued is delivered to the smart card terminal 1105 as described above, the smart card terminal 1105 is a smart card application post-issuance policy or smart card user and / or included in the smart card terminal 1105; Alternatively, the smart card application area 1005 to which the smart card application is to be post-issued is determined by selection of the operator of the smart card terminal 1105, etc. (1320). Can be decided before]

If the smart card terminal 1105 decides to post-issue the smart card application automatically and / or manually to the virtual IC chip 1125 of the network extended smart card server 1120 (1325), the smart card terminal 1105 Host application 1110 instructs the extraction of the virtual IC chip interworking information 1015 for the smart card application to be post-issued to the network extended smart card 1100 (1330), and to the corresponding network extended smart card 1100. The card management program and / or chip operating system of the on-board network interworking platform 1000 allows the smart card terminal 1105 to access the virtual IC chip 1125 of the network expansion smart card server 1120. The interworking information 1015 is extracted and generated and responded to the smart card terminal 1105 (1335).

When the virtual IC chip interworking information 1015 is transmitted from the network extended smart card 1100 through the above process, the host application 1110 of the smart card terminal 1105 is transferred from the network extended smart card 1100. The smart card terminal may be post-issued to the virtual IC chip 1125 of the network expansion smart card server 1120 from the smart card application acquired from the D / B of the IC chip interworking information 1015 and the post-issuance server 1135 ( The information is shared and transmitted to the remote application 1115 mounted at 1105 (1340).

When the smart card application acquired from the D / B of the virtual IC chip interworking information 1015 and the post-issuance server 1135 delivered from the network expansion smart card 1100 as described above is transferred to the remote application 1115, the smart card. The remote application 1115 of the terminal 1105 accesses the virtual IC chip 1125 of the network expansion smart card server 1120 based on the virtual IC chip interworking information 1015 and post-issues the corresponding smart card application. 1345).

When the smart card application is post-issued to the virtual IC chip 1125 of the network expandable smart card server 1120 through the above process, the remote application 1115 of the smart card terminal 1105 is a network expandable smart card server 1120. After extracting the post-issuance result of the smart card application post-issued by the virtual IC chip 1125, the smart card application post-issuance result is included in the virtual IC chip interworking information 1015 included in the network expansion smart card 1100. Instruct to update (1350).

The card management program of the smart card commanded to update the post-issuance result for the smart card application post-issued by the virtual IC chip 1125 of the network expansion smart card server 1120 to the virtual IC chip interworking information 1015 and / or The chip operating system further updates the smart card application post-issuance result to the virtual IC interworking information (1355).

As described above, the post-issuance information for the smart card application post-issued by the virtual IC chip 1125 of the network extended smart card server 1120 is successfully added to the virtual IC chip interworking information 1015 of the network extended smart card 1100. When the card management program and / or the chip operating system of the smart card is updated, the virtual IC chip interworking information 1015 is updated to the smart card terminal 1105, so that the post-issuance process is successfully performed. Respond (1360).

On the other hand, in the step of determining the smart card application area 1005 to post-issuing the smart card application delivered from the D / B of the post-issuance server 1135, the smart card application IC chip of the network expansion smart card 1100 If it is decided to post-issue the image on the smart card terminal 1105, the smart card terminal 1105 uses the smart card application area 1005 on the IC chip of the network extended smart card 1100 as in the existing smart card application post-issuance process. Ordered to be issued afterward (1370).

When the post-issuance of the smart card application is commanded from the smart card terminal 1105 to the network extended smart card 1100, the card management program of the network interworking platform 1000 mounted on the network extended smart card 1100 and / Alternatively, the chip operating system determines whether the smart card application can be post-issued to the smart card application area 1005 on the IC chip by referring to the memory map or the file allocation table (1375).

If the smart card application to be post-issued through the above process can be post-issued to the smart card application area 1005 on the IC chip of the network extended smart card 1100 (1380), the network extended smart card (1100). The network interworking platform 1000 mounted on the backend post-issues the smart card application to the smart card application area 1005 on the IC chip of the network expandable smart card 1100 through the same process as the existing smart card application post-issuance process ( 1385), recording the smart card application information for the smart card application post-issued to the smart card application area 1005 on the IC chip as described above in the memory map or file allocation table 1010 (1390), and after the smart card application. The issuing success result is returned to the smart card terminal 1105 (1360).

On the other hand, if the smart card application cannot be post-issued to the smart card application area 1005 on the IC chip of the network extended smart card 1100, the network interworking platform 1000 mounted on the network extended smart card 1100 is the smart card. In response to the post-issuance failure result for the application to the smart card terminal 1105 (1395), the smart card terminal 1105 ends the process of post-issuing the smart card application.

FIG. 13D illustrates a host application 1110 of the smart card terminal 1105 that determines the post-issuance of the virtual IC chip 1125 of the network expansion smart card server 1120, and the post-issuance smart card. The application is post-issued from the post-issuance server 1135 directly to the virtual IC chip 1125 of the network expansion smart card server 1120.

The smart card application area 1005 in which the smart card application is actually post-issued in (d) of FIG. 13 is before or after the smart card application is delivered from the D / B of the post-issuance server 1135 as shown in (c) of FIG. The smart card user and / or smart card terminal may be automatically determined by a post-issuance policy included in the smart card terminal 1105 or before the smart card application is delivered from the D / B of the post-issuance server 1135. 1105) The smart card user and the smart card application before the post-issuance of the smart card application received from the post-issuance server 1135 to the virtual IC chip 1125 of the IC chip and / or the network expansion smart card server 1120. And / or manually selected by the operator of the smart card terminal 1105 or the like. That is, the network interworking platform 1000 mounted in the network extension smart card 1100 is not involved in determining the smart card application area 1005 where the smart card application is post-issued.

According to this embodiment, the smart card application is directly post-issued from the post-issuance server 1135 to the virtual IC chip 1125 of the network expansion smart card server 1120 through the post-issuance path as shown in FIG. In this case, the subject that determines the post-issuance as described above may be in charge of the card management program and / or the chip operating system of the network extended smart card 1100 as shown in (a) of FIG. 13, and (b) of FIG. 13. As described above, the smart card terminal 1105 may be responsible for referring to the card management program and / or the chip operating system of the network extended smart card 1100.

When the network extended smart card 1100 is interlocked with the smart card terminal 1105 through CAD (1300), the smart card terminal 1105 checks the validity of the network extended smart card 1100, and the post-issuance server 1135. If a smart card application to be post-issued from the D / B to the network-expanded smart card 1100 is selected (1305), the smart card terminal 1105 is a post-issuance of the smart card application included in the smart card terminal 1105. The smart card application area 1005 to which the corresponding smart card application is post-issued is determined by the policy or the selection of the smart card user and / or the smart card terminal 1105 operator (1310).

In the step of determining the smart card application area 1005 to post-issue the smart card application delivered from the D / B of the post-issuance server 1135, the smart card application is configured to use the physical IC of the network extended smart card 1100. If it is decided to post-issue on the chip, the smart card terminal 1105 undergoes the same process as that of post-issuing the smart card application to the smart card application area 1005 on the IC chip in FIG. Post-issuance to the smart card application area 1005 on the IC chip of the smart card 1100 (1315 ~ 1335).

On the other hand, if the smart card terminal 1105 decides to post-issue the smart card application to the virtual IC chip 1125 of the network expansion smart card server 1120 (1340), the host application 1110 of the smart card terminal 1105. ) Is a network extended smart card 1100 to command the extraction of the virtual IC chip interworking information 1015 that allows the smart card terminal 1105 to access the virtual IC chip 1125 of the network extended smart card server 1120. In operation 1345, the card management program and / or chip operating system of the network interworking platform 1000 mounted in the network extended smart card 1100 may include a smart card management program or virtual IC chip interworking information 1015. The virtual IC chip interworking information 1015 is extracted from the card application and responds to the smart card terminal 1105 (1350).

When the virtual IC chip interworking information 1015 is transmitted from the network extended smart card 1100 through the above process, the host application 1110 of the smart card terminal 1105 is transferred from the network extended smart card 1100. The smart card terminal may be post-issued to the virtual IC chip 1125 of the network expansion smart card server 1120 from the smart card application acquired from the D / B of the IC chip interworking information 1015 and the post-issuance server 1135 ( The information is shared and forwarded to the remote application 1115 mounted at 1105 (1355).

When the smart card application acquired from the D / B of the virtual IC chip interworking information 1015 and the post-issuance server 1135 delivered from the network expansion smart card 1100 as described above is transferred to the remote application 1115, the smart card. The remote application 1115 of the terminal 1105 transmits the virtual IC chip interworking information 1015 and the smart card application selection information to be post-issued through the network to the post-issuance server 1135 (1360), and the virtual IC chip interworking. After the post-issuance server 1135 extracts the smart card application from the D / B through the information 1015 and the smart card application selection information, the smart card application is network-expanded smart based on the virtual IC chip interworking information 1015. A request is made to post-issuance directly to the virtual IC chip 1125 of the card server 1120 (1365).

Through the above process, the virtual IC chip interworking information 1015 and the smart card application selection information to be post-issued are transferred to the post-issuance server 1135, and the network expansion smart card is extracted by extracting the smart card application based on the information. When it is requested to post-issue directly to the virtual IC chip 1125 of the server 1120, the post-issuance server 1135 extracts the smart card application to be post-issued from the D / B, and extracts the virtual IC chip interworking information 1015. On the basis of this, the virtual IC chip 1125 of the network extended smart card server 1120 is accessed through the network and directly post-issues the extracted smart card application as described above (1370).

When the post-issuance server 1135 is directly post-issued by the virtual IC chip 1125 of the network expansion smart card server 1120 through the above process, the post-issuance server 1135 is a smart card terminal ( 1105, the post-issuance result of the corresponding smart card application is returned (1375), and the remote application 1115 of the smart card terminal 1105 is post-issued to the virtual IC chip 1125 of the network extended smart card server 1120. In operation 1380, the smart card application post-issuance result is updated to the virtual IC chip interworking information 1015 included in the network extended smart card 1100.

The card management program of the smart card commanded to update the post-issuance result for the smart card application post-issued by the virtual IC chip 1125 of the network expansion smart card server 1120 to the virtual IC chip interworking information 1015 and / or The chip operating system further updates the smart card application post-issuance result to the virtual IC interworking information (1385).

As described above, the post-issuance information for the smart card application post-issued by the virtual IC chip 1125 of the network extended smart card server 1120 is successfully added to the virtual IC chip interworking information 1015 of the network extended smart card 1100. When the card management program and / or the chip operating system of the smart card is updated, the virtual IC chip interworking information 1015 is updated to the smart card terminal 1105, so that the post-issuance process is successfully performed. Respond (1335).

14 shows a smart card application 1105 from a smart card application issued and / or post-issued to an IC chip of the network expansion smart card 1100 or a virtual IC chip 1125 of the network expansion smart card server 1120. A simple flow diagram of a process of extracting card application information and / or data to provide a smart card service.

According to the present invention, a process of extracting smart card application information and / or data from the smart card application mounted on the IC chip of the network extended smart card 1100 or the virtual IC chip 1125 of the network extended smart card server 1120. Is the subject of the first step of determining to extract smart card application information and / or data from the smart card application issued and / or post-issued to the virtual IC chip 1125 of the network extended smart card server 1120, Smart card application information and / or data from the second step of accessing the virtual IC chip 1125 of the network expansion smart card server 1120 and the smart card application issued and / or post-issued in the smart card application area 1005. Smart car according to the communication path used in the third step of extracting How the service can occur.

According to the present embodiment, the subject of the first step of determining to extract the smart card application information and / or data from the smart card application mounted on the virtual IC chip 1125 of the network extended smart card server 1120 is:

1) the card management program and / or chip operating system of the network interworking platform 1000 mounted on the network expansion smart card 1100,

2) a smart card application issued and / or post-issued in the smart card application area 1005 of the smart card,

3) the host application 1110 of the smart card terminal 1105 containing an access policy for the smart card application information and / or data

Smart card from the second step of accessing the virtual IC chip 1125 of the network extended smart card server 1120 and the smart card application issued and / or post-issued to the smart card application area 1005. The communication path used in the third step of extracting application information and / or data is

1) a path transmitted from the virtual IC chip 1125 of the network extended smart card server 1120 to the smart card terminal 1105 through a network;

2) In the network extended smart card application area 1005, the smart card terminal 1105 is transmitted to the network extended smart card 1100, and then transmitted to the smart card terminal 1105 through an APDU like an existing smart card. Route (network application area-> smart card terminal-> smart card terminal-> smart card terminal).

Figure 14 of the present embodiment is a representative method of the various smart card service process as described above, in the present invention, the IC chip of the network expansion smart card 1100 or the virtual IC chip 1125 of the network expansion smart card server 1120 The process of providing smart card service by extracting smart card application information and / or data from the smart card application issued and / or post-issuance of is not limited to the following flowchart and description.

Access the smart card application issued and / or post-issued to the IC chip of the network expansion smart card 1100 and / or the virtual IC chip 1125 of the network expansion smart card server 1120, and from the smart card application. In order to extract application information and / or data, the network extended smart card 1100 equipped with the network interworking platform 1000 is connected to the smart card terminal 1105 (1400), and a PIN (Personal Identification Number) input and Likewise, a series of authentication processes are used to validate smart cards to verify the confidentiality, authentication, integrity, and nonrepudiation of smart cards.

If the validation of the smart card fails in the above process, the host application 1110 of the smart card terminal 1105 outputs an error message and terminates the smart card service.

On the other hand, if the validity authentication for the smart card is successful in the above process, the host application 1110 of the smart card terminal 1105 selects a smart card service to be provided through the network extended smart card 1100 among various smart card services. Alternatively, the smart card terminal 1105 automatically selects a smart card service which is basically set to be provided (1405).

When the smart card service is selected through the above process, the smart card application information and / or data is extracted from the smart card application issued and / or post-issued to the virtual IC chip 1125 of the network expandable smart card server 1120. The network decision smart card system and the network extension smart card system are configured to access the smart card application area 1005 and extract the smart card application information and / or data. The smart card application information and / or data is extracted through the virtual IC chip 1125 of the card server 1120 to provide the selected smart card service.

14A is a subject that determines where the card management program and / or chip operating system of the network interworking platform 1000 of the network expansion smart card 1100 extracts smart card application information and / or data, When the smart card application is issued and / or post-issued to the virtual IC chip 1125, the smart card application information and / or data extracted from the smart card application is a virtual IC chip of the network extended smart card server 1120. In the case of direct transmission from the smart card terminal 1105 at 1125.

As described above, when the smart card service for the network extended smart card 1100 is selected in the smart card terminal 1105, the host application 1110 of the smart card terminal 1105 is connected to the network as in the existing smart card service. The extended smart card 1100 instructs the extraction of smart card application information and / or data for providing the selected smart card service (1410).

When the smart card application information and / or data extraction command is transmitted to the network expandable smart card 1100 as described above, the card management program and / or the chip operating system of the network expandable smart card 1100 may use a memory map or a file allocation table. Check whether the smart card application including the smart card application information and / or data requested from the smart card terminal 1105 is issued and / or post-issued to the smart card application area 1005 of the IC chip through 1010. (1415).

If the smart card application is issued and / or post-issued to the smart card application area 1005 on the IC chip, such as an existing smart card, the card management program and / or the chip operating system may use a memory map or file allocation table 1010. The smart card application is extracted from the smart card application area 1005 on the IC chip on the basis of the smart card application information included in 1420, and the smart card application information and / or data obtained as described above are extracted from the smart card terminal. Answer 1105 (1425).

As described above, when smart card application information and / or data capable of providing the selected smart card service to the smart card terminal 1105 are transmitted, the smart card terminal 1105 is provided with all kinds of smart card regulations and all kinds of smart card applications. The chip-based financial transaction regulations, all kinds of encryption regulations, and all kinds of smart card service provision methods for smart cards are provided in compliance with at least one or more rules and methods, and provide smart card services (1430).

On the other hand, if the smart card application is not stored in the smart card application area 1005 on the IC chip (1435), the card management program and / or the chip operating system is mounted on the network interworking platform 1000, or the smart card After extracting the virtual IC chip interworking information 1015 included in the application, the smart card application area on the virtual IC chip 1125 of the network extended smart card server 1120 based on the extracted virtual IC chip interworking information 1015. Check whether the selected smart card application is issued and / or post-issued at 1005 (1440).

If the card management program and / or the chip operating system mounted in the network extended smart card 1100 as described above, the virtual IC chip 1125 of the network extended smart card server 1120 based on the virtual IC chip interworking information 1015. If the smart card application cannot be confirmed that the smart card application is issued and / or post-issued (1445), the card management program and / or the chip operating system sends a smart card application information and / or data extraction failure message to the smart card terminal 1105. In step 1450, the smart card terminal 1105 outputs the failure message and then ends the process of providing the selected smart card service.

On the other hand, a smart card management program and / or a chip operating system mounted on the network extended smart card 1100 is selected on the virtual IC chip 1125 of the network extended smart card server 1120 based on the virtual IC chip interworking information 1015. If it is confirmed that a smart card application capable of providing a card service is issued and / or post-issued (1455), the card management program and / or the chip operating system may allow the smart card terminal 1105 to perform the network extension. The virtual IC chip interworking information 1015 that can access the virtual IC chip 1125 of the smart card server 1120 is extracted and responded to the smart card terminal 1105 (1460).

Virtual IC chip interworking information 1015 that allows the card management program and / or the chip operating system mounted in the network extended smart card 1100 to access the virtual IC chip 1125 of the network extended smart card server 1120 as described above. ) And respond to the smart card terminal 1105, the host application 1110 of the smart card terminal 1105 sends the virtual IC chip interworking information 1015 to the virtual IC chip of the network extended smart card server 1120. Share transfers to remote application 1115 accessing 1125 (1465).

The remote application 1115 is an application additionally mounted on the smart card to access the virtual IC chip 1125 of the network expandable smart card server 1120 through a network. The remote application 1115 is connected to the smart card terminal 1105 from the network expandable smart card. When the virtual IC chip interworking information 1015 is shared and transmitted, the remote application 1115 is connected to the virtual IC chip 1125 of the network expandable smart card server 1120 based on the virtual IC chip interworking information 1015. Check if it is accessible.

According to the present invention, the network expansion smart card server 1120 in which the smart card terminal 1105 and the virtual IC chip 1125 are mounted is connected through a network, and the smart card terminal 1105 and the network expansion smart card server are installed. The connection between 1120 is dependent on the network. For example, if the smart card terminal 1105 and the network extended smart card server 1120 are connected through the wired or wireless Internet, the remote application 1115 may use the network extended smart card server 1120 through the wired and wireless Internet and a corresponding protocol. If the smart card terminal 1105 and the network expandable smart card server 1120 are connected through a private network such as a VAN, the remote application 1115 uses the VAN and a corresponding protocol to connect the network extended smart card server. Approach approach (1120).

If the remote application 1115 of the smart card terminal 1105 cannot access the network expandable smart card server 1120 on which the virtual IC chip 1125 of the network expandable smart card server 1120 is mounted in the above process ( 1470, the remote application 1115 of the smart card terminal 1105 outputs a message indicating that the virtual IC chip 1125 of the network extended smart card server 1120 cannot be accessed and terminates the smart card service (1475).

On the other hand, if the remote application 1115 of the smart card terminal 1105 can access the network expandable smart card server 1120 equipped with the virtual IC chip 1125 of the network expandable smart card server 1120 (1480), The remote application 1115 of the smart card terminal 1105 uses the smart card application area 1005 on the network expansion smart card virtual IC chip 1125 and / or the virtual IC chip 1125 based on the virtual IC chip 1125 interworking information. Access the smart card application that is issued and / or post-issued (1485).

As described above, when the remote application 1115 of the smart card terminal 1105 approaches a smart card application stored in the virtual IC chip 1125 of the network extended smart card server 1120 through a network, the remote application 1115 is accessed. Extracts and acquires smart card application information and / or data from the smart card application area 1005 through the virtual IC chip 1125 (1490), and the smart card application information and / or data extracted as described above are networked. Is transmitted to the smart card terminal 1105 (1495).

According to the present invention, as described above, the process of extracting and obtaining smart card application information and / or data from the smart card application area 1005 on the virtual IC chip 1125 of the network expansion smart card server 1120 may include a smart card terminal. The host application 1110 of 1105 corresponds to a process of extracting and obtaining smart card application information and / or data from the smart card application area 1005 on the physical IC chip through CAD.

As described above, when smart card application information and / or data capable of providing the selected smart card service to the smart card terminal 1105 are transmitted, the smart card terminal 1105 is provided with all kinds of smart card regulations and all kinds of smart card applications. It provides smart card services in compliance with at least one of the rules and methods of chip-based financial transactions, all kinds of encryption rules, and all kinds of smart card service provision methods for smart cards.

14B is a subject that determines where the smart card terminal 1105 extracts smart card application information and / or data, and the smart card application is issued and / or post-issued to the virtual IC chip 1125. In this case, the smart card application information and / or data extracted from the smart card application is directly transmitted from the virtual IC chip 1125 of the network extended smart card server 1120 to the smart card terminal 1105. .

The network extended smart card 1100 equipped with the network interworking platform 1000 is connected to the smart card terminal 1105 (1400), and the confidentiality, authentication, integrity, and non-repudiation of the smart card through a series of authentication processes. After the smart card validity authentication to confirm the etc., as described above, when the smart card service targeting the network extended smart card 1100 is selected in the smart card terminal 1105 (1405), the smart card terminal 1105 The host application 1110 checks the smart card application area 1005 where the smart card application is stored (1410).

According to the present invention, the smart card terminal 1105 may know the smart card application area 1005 in which the smart card application providing the smart card service selected as described above is stored according to the smart card service policy. For example, a smart card issuing agency may policing a financial card-related smart card application into a smart card application area 1005 on a safer and more reliable IC chip, and provide smart card services for royalty / coupon / ticket / gift certificate / reservation. Is mounted on the virtual IC chip 1125 of the network expansion smart card server 1120, which is easy to expand, the smart card terminal 1105 provides a smart card that provides the currently selected smart card service according to the smart card service policy as described above. The smart card application area 1005 in which the application is mounted can be checked.

If the smart card application is issued and / or post-issued to the smart card application area 1005 on the IC chip like the existing smart card (1415), the host application 1110 of the smart card terminal 1105 is an existing smart card. In operation 1420, the smart card application information and / or data for providing the selected smart card service is provided to the network extended smart card 1100, such as a service. The card management program and / or the chip operating system extracts the corresponding smart card application from the smart card application area 1005 on the IC chip based on the smart card application information included in the memory map or file allocation table 1010 (1425). In operation 1430, the smart card application information and / or data extracted and obtained as described above are returned to the smart card terminal 1105.

As described above, when smart card application information and / or data capable of providing the selected smart card service to the smart card terminal 1105 are transmitted, the smart card terminal 1105 is provided with all kinds of smart card regulations and all kinds of smart card applications. The smart card service is provided in compliance with at least one or more of the chip-based financial transaction regulations, all kinds of encryption regulations, and all kinds of smart card service provision methods provided for smart cards (1435).

On the other hand, when the smart card terminal 1105 selects the smart card application area 1005 in which the smart card application corresponding to the smart card service is stored, the smart card application providing the selected smart card service is network extended. If it is mounted on the virtual IC chip 1125 of the smart card server 1120 (1440), the smart card terminal 1105 is a network expansion smart card 1100, the virtual IC chip 1125 of the network expansion smart card server 1120 Command to extract the virtual IC chip interworking information 1015 (1445).

When the extraction of the virtual IC chip interworking information 1015 is ordered from the smart card terminal 1105 to the network expansion smart card 1100 through the above process, the network interworking platform mounted on the network expansion smart card 1100 ( The card management program and / or the chip operating system of 1000 extracts and generates the virtual IC chip interworking information 1015 from the smart card application including the card management program or the virtual IC chip interworking information 1015 in response to the command. The smart card terminal 1105 responds (1450).

When the virtual IC chip interworking information 1015 is transmitted from the network extended smart card 1100 through the above process, the host application 1110 of the smart card terminal 1105 is transferred from the network extended smart card 1100. The IC chip interworking information 1015 is shared and transmitted to the remote application 1115.

Through the above process, the virtual IC chip interworking information 1015 is transferred from the card management program and / or the chip operating system mounted in the network extended smart card 1100 to the remote application 1115 through the smart card terminal 1105. In operation 1455, the remote application 1115 may generate a smart card on the virtual IC chip 1125 and / or the virtual IC chip 1125 of the network expansion smart card server 1120 based on the virtual IC chip interworking information 1015. Check whether the smart card application issued and / or post-issued in the application area 1005 is accessible.

In the above process, the remote application 1115 of the smart card terminal 1105 is connected to the smart card application area 1005 on the virtual IC chip 1125 and / or the virtual IC chip 1125 of the network expansion smart card server 1120. If it is not possible to access the issued and / or post-issued smart card application (1460), the remote application 1115 of the smart card terminal 1105 accesses the virtual IC chip 1125 of the network extended smart card server 1120. It outputs a message that it cannot be done and terminates the smart card service (1465).

On the other hand, the remote application 1115 of the smart card terminal 1105 is issued and / or issued to the smart card application area 1005 on the virtual IC chip 1125 and / or the virtual IC chip 1125 of the network extended smart card server 1120. Alternatively, if it is possible to access the post-issued smart card application (1470), the remote application 1115 of the smart card terminal 1105 is based on the virtual IC chip interworking information 1015 network extended smart card server ( The smart card application issued and / or post-issued to the virtual IC chip 1125 of 1120 is accessed (1475).

As described above, when the remote application 1115 of the smart card terminal 1105 approaches a smart card application stored in the virtual IC chip 1125 of the network extended smart card server 1120 through a network, the remote application 1115 is accessed. Extracts and acquires smart card application information and / or data from the smart card application area 1005 through the virtual IC chip 1125 (1480), and the smart card application information and / or data extracted as described above is networked. Is transmitted to the smart card terminal 1105 (1485).

As described above, when smart card application information and / or data capable of providing the selected smart card service to the smart card terminal 1105 are transmitted, the smart card terminal 1105 is provided with all kinds of smart card regulations and all kinds of smart card applications. It provides smart card services in compliance with at least one of the rules and methods of chip-based financial transactions, all kinds of encryption rules, and all kinds of smart card service provision methods for smart cards.

(C) of FIG. 14 is a subject that determines where to extract smart card application information and / or data from the smart card application issued and / or post-issued to the smart card, and the smart card application is a virtual IC chip 1125. Smart card application information and / or data extracted from the smart card application, the smart card application area on the virtual IC chip 1125 mounted in the network extended smart card server 1120. In case of transmitting directly from the smart card terminal 1105 at 1005.

The network extended smart card 1100 equipped with the network interworking platform 1000 is connected to the smart card terminal 1105 (1400), and the confidentiality, authentication, integrity, and non-repudiation of the smart card through a series of authentication processes. After the smart card validity authentication to confirm the etc., as described above, when the smart card service targeting the network extended smart card 1100 is selected in the smart card terminal 1105 (1405), the smart card terminal 1105 Host application 1110 instructs the extraction of smart card application information and / or data for providing the selected smart card service with the network extended smart card 1100 like the existing smart card service (1410).

When the smart card application information and / or data extraction command is transmitted to the network expandable smart card 1100 as described above, the card management program and / or the chip operating system of the network expandable smart card 1100 may use a memory map or a file allocation table. In operation 1015, the smart card application information and / or data extraction command is transmitted from the smart card terminal 1105 to the smart card application including the requested smart card application information and / or data.

When the smart card application information and / or data extraction command is provided to provide the smart card service to the smart card application as described above, the smart card application may transmit the smart card application information and / or the data area inside the smart card application. Alternatively, it is checked whether data exists (1420).

If the smart card application information and / or data is present in the data area of the smart card application (1425), the smart card application is smart to provide the smart card service through the chip operating system and / or card management program. The card application information and / or data is extracted (1430), and the smart card application information and / or data extracted as described above is returned to the smart card terminal 1105 (1435).

Then, when the smart card application information and / or data that can provide the selected smart card service to the smart card terminal 1105 through the above process, the smart card terminal 1105 and all kinds of smart card regulations, and Providing smart card services in compliance with at least one of the rules and methods of all kinds of chip-based financial transactions, all kinds of encryption regulations, and all kinds of smart card service provision methods for smart cards (1440) .

On the other hand, if the smart card application information and / or data does not exist in the data area inside the smart card application (1445), the smart card application is processed through the process as shown in (12) of FIG. After extracting the virtual IC chip interworking information 1015 included in the smart card application as shown above, the virtual IC chip interlocking information 1015 extracted as described above through the chip operating system and / or card management program is smart card terminal Answer 1105 (1450).

As described above, the smart card application mounted on the smart card extracts the virtual IC chip interworking information 1015, and the virtual IC chip interlocking information 1015 is extracted through a card management program and / or a chip operating system. In response to 1105, the host application 1110 of the smart card terminal 1105 transmits the virtual IC chip interworking information 1015 to the virtual IC chip 1125 of the network extended smart card server 1120. 1115, the remote application 1115 transmits the smart card on the virtual IC chip 1125 mounted in the network expandable smart card server 1120 through the network based on the virtual IC chip interworking information 1015. In the application area 1005, it is checked whether the area directly linked with the smart card application is accessible.

If the remote application 1115 of the smart card terminal 1105 cannot access the smart card application area 1005 on the virtual IC chip 1125 in the above process (1460), the remote application of the smart card terminal 1105 ( 1115 outputs a message indicating that the virtual IC chip 1125 of the network extended smart card server 1120 cannot be accessed and terminates the smart card service (1465).

On the other hand, if the remote application 1115 of the smart card terminal 1105 can access the smart card application area 1005 on the virtual IC chip 1125 (1470), the remote application 1115 of the smart card terminal 1105 The smart card application area 1005 on the virtual IC chip 1125 directly linked with the smart card application is accessed based on the virtual IC chip 1125 interworking information (1475).

As described above, when the remote application 1115 of the smart card terminal 1105 approaches the smart card application area 1005 on the virtual IC chip 1125 directly linked with the smart card application through the network, the remote application 1115 ) Extracts and acquires smart card application information and / or data directly linked to the smart card application from the smart card application on the virtual IC chip 1125 (1480), and extracts and obtains the smart card application information and / or extracted as described above. Or data is transferred (1485) to the smart card terminal 1105 via the network.

As described above, when smart card application information and / or data capable of providing the selected smart card service to the smart card terminal 1105 are transmitted, the smart card terminal 1105 is provided with all kinds of smart card regulations and all kinds of smart card applications. It provides smart card services in compliance with at least one of the rules and methods of chip-based financial transactions, all kinds of encryption rules, and all kinds of smart card service provision methods for smart cards.

Hereinafter, a method of exchanging and moving an application stored in the network extended smart card 1100 and an application stored in the smart card application area 1005 on the network will be described.

According to the present invention, a smart card application stored in the smart card application area 1005 on the network is transferred (or copied or moved) to the network extended smart card 1100 or stored in the network extended smart card 1100. The smart card application is transferred (or copied or moved) to the smart card application area 1005 on the network.

According to the present invention, a smart card application issued and / or post-issued to a network extended smart card 1100 directly issued by a card issuing authority is logically interlocked (or linked) with the network extended smart card 1100. The smart card application issued and / or post-issued in the smart card application area 1005 of the virtual IC chip 1125 of the network extended smart card server 1120 having the same structure and provides mutual compatibility.

Therefore, the smart card application issued and / or post-issued to the network extended smart card 1100 directly issued by the card issuing agency may be a network extended smart card logically linked with the network extended smart card 1100 in some cases. It can move and copy to the smart card application area 1005 of the virtual IC chip 1125 of the server 1120, and conversely, the smart card application area 1005 of the virtual IC chip 1125 of the network extended smart card server 1120. The smart card application issued and / or post-issued may also be copied to the smart card application area 1005 of the network extended smart card 1100 on which the physical IC chip is mounted.

In addition, some or all of the smart card application information and / or data included in the smart card application issued and / or post-issued on the smart card may be stored on the virtual IC chip 1125 mounted in the network extended smart card server 1120. Part of the smart card application information and / or data included in the smart card application area 1005 on the virtual IC chip 1125 mounted in the network smart card server, and vice versa. You can also move everything inside a smart card application that is issued and / or post-issued to a smart card.

Hereinafter, a feature of a method of exchanging and moving an application stored in the network extended smart card 1100 and an application stored in the smart card application area 1005 on the network will be described in detail with reference to the accompanying drawings and description. However, the following drawings and descriptions are for representative methods among various methods for properly describing the present invention, and the present invention is not limited only to the following drawings and descriptions.

Hereinafter, an embodiment through the accompanying drawings and the description will be described in the network extended smart card 1100 and the network extended smart card 1100 operating method using the network interworking platform 1000 of the network extended smart card 1100. An embodiment in which a method of exchanging and moving an application (or data) stored in 1100 and an application (or data) stored in the smart card application area 1005 on the network is applied. The same applies to.

According to FIG. 15, the smart card application (or data) issued and / or post-issued on the IC chip of the network extended smart card 1100 and the virtual IC chip 1125 of the network extended smart card server 1120 as described above. In order to move the smart card application (or data) issued and / or post-issued on each other, the network extended smart card 1100 is connected to the smart card terminal 1105 through CAD (1500), and the PIN Smart Card Validation is performed through a series of processes, such as entering a Personal Identification Number, to verify the confidentiality, authentication, integrity, and nonrepudiation of the smart card.

If the validation of the smart card fails in the above process, the host application 1110 of the smart card terminal 1105 outputs an error message and terminates the smart card application moving process.

On the other hand, if the validity authentication for the smart card in the process is successful (1505), the smart card application issued and / or post-issued on the IC chip of the network extended smart card 1100 to the network extended smart card server 1120 The process of moving to the smart card application area 1005 on the mounted virtual IC chip 1125 and / or reversely issued and / or post-issued on the virtual IC chip 1125 of the network extended smart card server 1120. A process of moving the smart card application to the smart card application area 1005 on the IC chip mounted in the network extended smart card 1100 is described.

15A is a smart card application issued and / or post-issued on the IC chip of the network extended smart card 1100 for smart on the virtual IC chip 1125 mounted in the network extended smart card server 1120. A simple flow chart of the process of moving to the card application area 1005.

If the validity authentication for the smart card is successful, the smart card terminal 1105 may determine the issuance and / or post-issuance information of the smart card application issued and / or post-issued on the IC chip of the network extended smart card 1100. Order extraction (1510).

According to the present invention, the smart card application issuance and / or post-issuance information issued and / or post-issued to the IC chip of the smart card may be issued and / or post-issuance of each smart card application to the network extended smart card 1100. It is generated in the process and included in the card management program and / or chip operating system of the smart card, and is generally managed through the memory map or the file allocation table 1010 of the card management program. The smart card application issuance and / or post-issuance information extraction command is a command to extract information on the smart card application managed through the card management program and / or the chip operating system of the smart card as described above.

When the smart card terminal 1105 is instructed to extract issuance and / or post-issuance information for the smart card application issued and / or post-issued on the IC chip of the network extended smart card 1100, the corresponding network extended smart card The card management program and / or the chip operating system of 1100 extracts smart card application issuance and / or post-issuance information included in the memory map or file allocation table 1010 and the smart card terminal 1105 may recognize it. It responds by processing it into a form that can be done (1515).

When the smart card application issuance and / or post-issuance information is extracted from the network extended smart card 1100 through the above process, a list of the smart card application is output to the smart card terminal 1105 and the smart card user and / or The operator of the smart card terminal 1105 selects at least one smart card application to be moved to the virtual IC chip 1125 of the network extended smart card server 1120 from the smart card list (1520).

When the smart card application to be moved from the smart card terminal 1105 to the virtual IC chip 1125 of the network extended smart card server 1120 is selected, the smart card terminal 1105 is networked to the network extended smart card 1100. Instructs the extraction of the virtual IC chip interworking information 1015 that can access the virtual IC chip 1125 of the extended smart card server 1120 and the smart card application to be moved to the virtual IC chip 1125 of the smart card server 1 1525).

When the extraction of the smart card application to be moved with the virtual IC chip interworking information 1015 from the smart card terminal 1105 to the network extended smart card 1100 through the above process, the network extended smart card 1100 The card management program and / or chip operating system of the on-board network interworking platform 1000 extracts and generates virtual IC chip interworking information 1015 in response to the command, and issues and / or posts it to the smart card application area 1005. The smart card application to be moved to the virtual IC chip 1125 of the network expansion smart card server 1120 is extracted from the issued smart card application and responds to the smart card terminal 1105 (1530).

When the smart card application to be moved and the virtual IC chip interworking information 1015 is transferred from the network extended smart card 1100 to the smart card terminal 1105 through the above process, the host application 1110 of the smart card terminal 1105 is transferred. ) Shares and transfers the virtual IC chip interworking information 1015 and the smart card application transmitted from the network extended smart card 1100 to the remote application 1115 (1535).

When the virtual IC chip interworking information 1015 and the smart card application are extracted to the smart card terminal 1105 and / or the remote application 1115 of the smart card terminal 1105 through the above process, the remote of the smart card terminal 1105 is extracted. The application 1115 may be configured on the virtual IC chip 1125 and / or the virtual IC chip 1125 of the network scalable smart card server 1120 through the process described in (a), (b), or (c) of FIG. 13. After accessing the smart card application area 1005, the smart card application extracted from the network expansion smart card 1100 as described above is post-issued to the smart card application area 1005 on the virtual IC chip 1125 (1540). ).

If the process of post-issuing the smart card application extracted from the network extended smart card 1100 to the smart card application area 1005 on the virtual IC chip 1125 of the network extended smart card server 1120 fails in the above process ( 1545, the smart card terminal 1105 outputs a smart card application movement failure message, and the smart card application issued and / or post-issued on the IC chip of the network extended smart card 1100 is a network extended smart card server ( The process of moving to the smart card application area 1005 on the virtual IC chip 1125 mounted in 1120 ends (1550).

On the other hand, if a process of post-issuing the smart card application extracted from the network expansion smart card 1100 to the smart card application area 1005 on the virtual IC chip 1125 of the network expansion smart card server 1120 succeeds (1555), The smart card terminal 1105 deletes the smart card application moved from the network extended smart card 1100 to the virtual IC chip 1125 of the network extended smart card server 1120 in the smart card application area 1005 on the IC chip. Order 1560.

According to the present invention, a process of post-issuing the smart card application extracted from the network extended smart card 1100 as described above to the smart card application area 1005 on the virtual IC chip 1125 of the network extended smart card server 1120. If the smart card application is not moved but the backup or copy is performed, the smart card application moved from the network extended smart card 1100 to the virtual IC chip 1125 of the network extended smart card server 1120 as described above. The process of deleting from the smart card application area 1005 on the IC chip may be omitted.

The network extended smart card 1100 commanded to delete the smart card application moved from the smart card terminal 1105 to the virtual IC chip 1125 of the network extended smart card server 1120 from the IC chip of the network extended smart card 1100. The card management program and / or the chip operating system in accordance with the above-described method may execute a smart card application that is moved from the smart card application area 1005 on the corresponding IC chip to the virtual IC chip 1125 of the network extended smart card server 1120 according to the command. In operation 1565, the smart card terminal 1105 responds to the smart card terminal 1105.

15B shows smart card applications issued and / or post-issued on the virtual IC chip 1125 of the network extended smart card server 1120 on the IC chip mounted on the network extended smart card 1100. A simple flow chart of the process of moving to the card application area 1005.

If the validation of the smart card succeeds (1500), the smart card terminal 1105 is a network extended smart card 1100 that allows the smart card terminal 1105 to access the network extended smart card server 1120. The extraction of the IC chip interworking information 1015 is ordered (1505).

When the extraction of the virtual IC chip interworking information 1015 is commanded from the smart card terminal 1105 to the network expansion smart card 1100 through the above process, the network interworking platform mounted on the network expansion smart card 1100 ( The card management program and / or the chip operating system of 1000 extracts and generates the virtual IC chip interworking information 1015 from the smart card application including the card management program or the virtual IC chip interworking information 1015 in response to the command. The smart card terminal 1105 responds (1510).

When the virtual IC chip interworking information 1015 is transmitted from the network extended smart card 1100 through the above process, the smart card terminal 1105 is a network extended smart card server based on the virtual IC chip interworking information 1015. The smart card application area 1005 on the virtual IC chip 1125 and / or the virtual IC chip 1125 of 1120 is accessed and issued to and / or issued to the smart card application area 1005 on the virtual IC chip 1125. The issue and / or post-issuance information of the post-issued smart card application is extracted (1515).

According to the present invention, the smart card application issuance and / or post-issuance information issued and / or post-issued to the virtual IC chip 1125 may be transferred to the virtual IC chip 1125 of the network expansion smart card server 1120. The application is generated in the process of issuance and / or post-issuance, and is included in the virtual IC chip 1125 management program and / or virtual COS on each virtual IC chip 1125, and generally, the virtual IC chip 1125 is managed. The program is managed through a memory map or file allocation table 1010 of the program. The smart card application issuance and / or post-issuance information extraction process extracts information on the smart IC application managing the virtual IC chip 1125 and / or the virtual COS of the virtual IC chip 1125 as described above. It is.

To provide issuance and / or post-issuance information for the smart card application that is issued and / or post-issued on the virtual IC chip 1125 of the network extended smart card server 1120 from the smart card terminal 1105 via a network. The virtual IC chip 1125 management program and / or virtual COS of the requested virtual IC chip 1125 extracts smart card application issuance and / or post-issuance information included in the memory map or file allocation table 1010, The smart card terminal 1105 is processed into a form that can be recognized and transmitted to the smart card terminal 1105 through a network, and the smart card terminal 1105 outputs a list for the smart card application, and then a smart card user And / or network in the virtual IC chip 1125 of the network extended smart card server 1120 through selection of the smart card terminal 1105 operator. At least one smart card application to be moved to the IC chip of the card expansion smart card 1100 is selected (1520).

When a smart card application to be moved from the smart card terminal 1105 to the IC chip of the network extended smart card 1100 is selected, the smart card terminal 1105 is mounted on the network extended smart card server 1120 via a network. The smart card application to be moved from the smart card application area 1005 on the IC chip 1125 to the smart card application area 1005 on the IC chip mounted in the network extended smart card 1100 is extracted (1525). The above process is performed through a network, and a method and process for transmitting the smart card application from each virtual IC chip 1125 mounted in the network expandable smart card server 1120 to the smart card terminal 1105 is performed in each network. It depends on the characteristic.

When the smart card application to be moved to the smart card application area 1005 on the IC chip of the network expansion smart card 1100 through the above process is transmitted to the smart card terminal 1105, the smart card terminal 1105 is an existing smart card application. As in the post-issuance process, the smart card application is commanded to post-issue the smart card application to the smart card application area 1005 on the IC chip of the network expansion smart card 1100 (1530).

When the issuance of the smart card application is commanded from the smart card terminal 1105 to the network extended smart card 1100 as described above, the card management program of the network interworking platform 1000 mounted on the network extended smart card 1100 and / Alternatively, the chip operating system checks whether the smart card application can be post-issued to the smart card application area 1005 on the IC chip by referring to the memory map or the file allocation table (1535).

If the current smart card application to be post-issued cannot be post-issued to the smart card application area 1005 on the IC chip of the network extended smart card 1100 (1540), the network extended smart card 1100 is after the smart card application. Responding to the smart card terminal 1105, the message of failure to send the smart card application from the virtual IC chip 1125 of the network extended smart card server 1120 to the IC chip of the network extended smart card 1100 is issued. (1545).

On the other hand, if the smart card application that is currently intended to be post-issued through the above process can be post-issued to the smart card application area 1005 on the IC chip of the network extended smart card 1100 (1550), the network extended smart card (1100). The network interworking platform 1000 mounted on the backend post-issues the smart card application to the smart card application area 1005 on the IC chip of the network expandable smart card 1100 through the same process as the existing smart card application post-issuance process ( 1555), the smart card application information for the smart card application post-issued to the smart card application area 1005 on the IC chip as described above is recorded in the memory map or file allocation table 1010 (1560), and after the smart card application The issuing success result is returned to the smart card terminal 1105 (1565).

Result of successful smart card application post-issuance from the network expansion smart card 1100, that is, the movement of the smart card application from the virtual IC chip 1125 of the network expansion smart card server 1120 to the IC chip of the network expansion smart card 1100. If the result is answered, the smart card terminal 1105 accesses the smart card application area 1005 on the virtual IC chip 1125 and / or the virtual IC chip 1125 via the network, and the network extended smart card server 1120. The smart card application moved from the virtual IC chip 1125 of the network expansion smart card 1100 to the IC chip is deleted (1570).

Of course, the process of post-issuing the smart card application extracted from the virtual IC chip 1125 of the network extended smart card server 1120 to the smart card application area 1005 on the IC chip of the network extended smart card 1100 as described above. If the smart card is not moved, but the backup recovery or copy is performed, the virtual IC chip 1125 of the network expansion smart card server 1120 is moved from the virtual IC chip 1125 of the network expansion smart card 1100 as described above. The process of deleting the smart card application from the smart card application area 1005 on the virtual IC chip 1125 may be omitted.

15C illustrates a virtual IC chip 1125 in which some of the smart card application information and data included in the smart card application issued and / or post-issued in the smart card are directly linked to the smart card application. Is a flow chart for the process of moving to the smart card application area 1005 on the top.

If validation of the smart card is successful (1500), the smart card terminal 1105 extracts issuance and / or post-issuance information for the smart card application issued and / or post-issued on the smart card's IC chip. When instructed (1505), the card management program and / or chip operating system of the smart card extracts the smart card application issuance and / or post-issuance information included in the memory map or file allocation table 1010, and the smart card terminal. The response is processed (1510) into a form that can be recognized (1105).

When the smart card application issuance and / or post-issuance information is extracted from the network extended smart card 1100 through the above process, a list of the smart card application is output to the smart card terminal 1105 and the smart card user and / or The smart card terminal 1105 selects at least one smart card application to be moved from the smart card list to the virtual IC chip 1125 of the network extended smart card server 1120 (1515), and the smart card selected as described above. The smart card application information and / or data to be moved and stored in the smart card application area 1005 on the virtual IC chip 1125 is selected from the smart card information and data included in the application (1520).

For example, the process may select a smart card application providing a mileage point service from a list of smart card applications output to the smart card terminal 1105, and among mileage points included in the smart card application for the mileage point service, The mileage point to be moved to and stored in the smart card application area 1005 on the virtual IC chip 1125 is selected.

A smart card to be moved and stored in the smart card application area 1005 on the virtual IC chip 1125 directly linked with the smart card application among the smart card application information and / or data included in the selected smart card application through the above process. When the application information and / or data is selected, the smart card terminal 1105 and the virtual IC chip interworking information 1015 that can access the smart card application area 1005 on the virtual IC chip 1125 with the smart card. In operation 1525, the smart card application information and / or data to be moved to the smart card application area 1005 on the virtual IC chip 1125 is extracted.

When the extraction of the smart card application information and / or data to be moved and stored in the virtual IC chip interworking information 1015 from the smart card terminal 1105 to the smart card through the above process, the smart card mounted on the smart card The application extracts the virtual IC chip interworking information 1015 and the smart card application information and / or data to be moved within the smart card application in response to the command, and executes the smart card terminal through a card management program and / or a chip operating system. Answer 1105 (1530).

When the smart card application information and / or data to be moved from the smart card to the smart card terminal 1105 and the smart card application information and / or data to be transferred are transferred through the above process, the host application 1110 of the smart card terminal 1105 is transmitted. ) Shares and transfers the virtual IC chip interworking information 1015 and smart card application information and / or data transmitted from the network extended smart card 1100 to the remote application 1115 (1535).

When the virtual IC chip interworking information 1015 and the smart card application information and / or data are extracted to the smart card terminal 1105 and / or the remote application 1115 of the smart card terminal 1105 through the above process, the smart card terminal The remote application 1115 of 1105 is a smart card application area 1005 on the virtual IC chip 1125 directly linked with the smart card application based on the virtual IC chip interworking information 1015. Move and store the information and / or data (1540).

According to the present invention, since the smart card application area 1005 of the smart card and the smart card application area 1005 on the virtual IC chip 1125 have the same structure, the smart card application information and / or data as described above can be obtained. The movement storage process is a process of moving and copying data stored in the smart card to the smart card application area 1005 on the virtual IC chip 1125 mounted in the network card server, such as a client server-based network.

If the process of moving and storing the smart card application information and / or data extracted from the smart card in the smart card application area 1005 on the virtual IC chip 1125 fails in operation 1545, the smart card terminal 1105 Outputs the smart card application information and / or data movement storage failure message and displays the smart card application information and / or data included in the smart card application issued and / or post-issued on the smart card on the virtual IC chip 1125. The process of moving and storing the smart card application area 1005 ends (1550).

On the other hand, if the process of moving and storing the smart card application information and / or data extracted from the smart card to the smart card application area 1005 on the virtual IC chip 1125 is successful (1555), the smart card terminal 1105 is a smart card. By deleting the smart card application information and / or data moved from the network expansion smart card server 1120 to the virtual IC chip 1125, it is instructed to empty part of the area used by the smart card application (1560).

According to the present invention, the smart card application information and / or data included in the smart card application issued and / or post-issued in the smart card as described above are moved and stored in the smart card application area 1005 on the virtual IC chip 1125. If the process of backup or copying is performed, the process of deleting the smart card application information and / or data transferred and stored in the virtual IC chip 1125 in the smart card application as described above may be omitted.

The smart card application commanded to delete the stored smart card application information and / or data from the smart card terminal 1105 to the smart card application area 1005 on the virtual IC chip 1125 may be a card management program and a program according to the command. / Or move to the smart card application area 1005 on the virtual IC chip 1125 through the chip operating system to delete the stored smart card application information and / or data, and the smart card application information and / or data deletion result Answer 1105 (1565).

According to the present invention, a network expansion smart card equipped with an open network expansion platform for extending a smart card application area from an IC chip to a network, and an open network expansion platform mounted on the network extended smart card are provided inside the IC chip. In the process of accessing the smart card application area through the network expansion smart card operating method for managing and operating the smart card application area and the smart card application area on the network, and the smart card terminal through the open network expansion platform of the network expansion smart card. A method of determining a smart card application area to be accessed from a smart card application area within a chip or on a network. When the smart card application area to be accessed by the smart card terminal is a network, it is opened. Refer to the network extension platform to access the smart card application area on the network, and refer to the open network extension platform to post-issue and / or transmit the smart card application to the smart card application area on the network, By providing a smart card service for the network-scaled smart card through a method of loading the smart card application and / or smart card application information and data from the card application area to the smart card terminal, There are various advantages.

From the point of view of smart card issuers, the first, open network expansion platform extends tens of kilobytes to hundreds of kilobytes of smart card applications over the network, enabling them to operate like a few megabytes to tens of megabytes at a low cost. The advantage is that network smart cards can be issued.

Second, the open network expansion platform has the advantage that the smart card application area can be extended over the network without limiting the amount of physical memory capacity and / or storage space of the smart card. .

Third, the smart card application area can be allocated on the network without additional issuance of a new smart card, and the corresponding remote memory map or remote file allocation table 1010 can be easily loaded onto the smart card's open network expansion platform. The advantage is that the capacity of the card can be expanded.

Fourth, by post-issuing the smart card application including the remote memory map or the remote file allocation table 1010 in the existing smart card, the smart card application area of the pre-issued smart card without additional cost of issuing the smart card is placed on the network. The advantage is that it can be extended to smart card applications.

In addition, from the smart card user's point of view, the first, there is an advantage that can be provided a variety of smart card services without limiting the capacity through the network smart card to the smart card application area on the network.

Second, in order to own a high-capacity smart card, there is an advantage in that an additional smart card is not required to be paid or a new smart card is not issued.

Third, even if the smart card is lost, royalty, coupon, ticket, gift certificate, and reservation information stored in the smart card application area of the network smart card will not be lost. The advantage is that (copy or move) is possible.

Fourth, the applications stored in the network expansion smart card and the applications stored in the smart card application area on the network can be interchanged and moved at any time according to the user's needs, thereby providing convenience and efficiency to the smart card user.

Claims (104)

The smart card (or IC card or IC chip) application area (or storage memory space) in which the application (or data) for the IC card is mounted is mounted on the internal area of the smart card and the network (or wired / wireless communication network). A network expansion smart card operating method comprising a network expansion smart card and a smart card terminal for performing data communication with the network expansion smart card, wherein the network expansion smart card is connected and provided to a smart card application area in an expansion smart card server located at To A first step of mounting on the smart card an open network expansion platform including information data for extending a smart card application area from an IC chip to a network; In the process of accessing the smart card application area through the open network expansion platform of the network expansion smart card, the smart card terminal selects a smart card application area to be accessed from the smart card application area in the IC chip of the smart card or on the network. Determining a second step; A third step of accessing a smart card application area on the network with reference to the open network extension platform when the smart card application area to which the smart card terminal is to be accessed is a network; And Post-issuance and / or transfer of smart card applications (or data) from the smart card terminal to the smart card application area on the network with reference to the open network extension platform, or the smart card application area in the smart card application area on the network. And loading the smart card application and / or smart card application information (and / or data) into the card terminal. The method of claim 1, wherein the first step, Determining the storage capacity of the smart card application area on the IC chip and the storage capacity of the smart card application area on the network. The information data of claim 1, wherein the smart card application area is extended from an IC chip to a network. And at least one remote memory map or a remote file allocation table of the open network extension platform. The network extension information (remote memory map or remote file allocation table of an open network extension platform) of the smart card application area is a memory map or file allocation table of an existing card management program in the smart card. If included in addition to Transmitting, by the smart card terminal, a smart card command to the card management program (or card manager) in the smart card; The smart card application (or data) corresponding to the smart card command is referred to by the card management program by referring to at least one or more class bytes, command bytes, and / or parameter bytes included in the smart card command. Checking whether it is stored in an application area or a smart card application area on a network; And If the smart card application (or data) is not stored in the smart card application area inside the IC chip, the card management program refers to the remote memory map or the remote file allocation table to the smart card application area on the network. Inducing a card terminal to remote access; Network extended smart card operating method comprising a. The network extension information (remote memory map or remote file allocation table of the open network expansion platform) of the smart card application area together with a memory map or file allocation table of an existing card management program in the smart card. When it is equipped with remote card management program (or card manager) including), Transmitting, by the smart card terminal, a smart card command to the card management program (or card manager) in the smart card; The smart card application (or data) corresponding to the smart card command is referred to the smart card application area inside the IC chip by referring to the class byte, command byte, and / or parameter byte included in the smart card command in the card management program. Checking whether it is stored or in a smart card application area on the network; And If the smart card application (or data) is not stored in the smart card application area inside the IC chip, the card management program refers to the remote memory map or remote file allocation table in the remote card management program (or card manager). Inducing the smart card terminal to remotely access the smart card application area on the network. The network extension information (remote memory map or remote file allocation table of the open network expansion platform) of the smart card application area together with a memory map or file allocation table of an existing card management program in the smart card. When it is equipped with remote card management program (or card manager) including), Transmitting, by the smart card terminal, a smart card command to a remote card management program (or card manager) in the smart card; The smart card application (or data) corresponding to the smart card command is stored in the IC chip by referring to the class byte, command byte, and / or parameter byte included in the smart card command in the remote card management program (or card manager). Determining whether it is stored in the smart card application area of the network or in the smart card application area of the network; And If the smart card application (or data) is not stored in the smart card application area inside the IC chip, the remote card management program (or card manager) may be located in the remote memory map or in the remote card management program (or card manager). And inducing the smart card terminal to remotely access the smart card application area on the network with reference to a remote file allocation table. The network extension information (remote memory map or remote file allocation table of the open network expansion platform) of the smart card application area together with a memory map or file allocation table of an existing card management program in the smart card. When it is equipped with remote card management program (or card manager) including), Transmitting, by the smart card terminal, a smart card command to a remote card management program (or card manager) in the smart card; And Inducing the smart card terminal to remotely access the smart card application area on the network with reference to the remote memory map or the remote file allocation table in the remote card management program (or card manager). Network extended smart card operation method. The IC chip according to claim 1 or 3, further comprising an IC chip for mounting an existing open platform and network extension information (remote memory map or remote file allocation table for an open network expansion platform) of the smart card application area. If you are mounting the chip at the same time, Selecting an IC chip in which a smart card application (or data) to be accessed by the smart card terminal is stored; And When the area in which the smart card application (or data) to which the smart card terminal attempts to access is stored is a network extension area, the smart card terminal is network extension information (remote memory map or remote file allocation table of an open network extension platform). Delivering a smart card command to the IC chip mounted with; Network extended smart card operating method comprising a. The method according to claim 1 or 3, further comprising: issuing network extension information (remote memory map or remote file allocation table of an open network extension platform) of the smart card application area to a smart card application (or data) in the smart card. Occation, Transmitting, by the smart card terminal, a smart card command to the card management program (or card manager) in the smart card; The smart card application (or data) corresponding to the smart card command is referred to by the card management program by referring to at least one or more class bytes, command bytes, and / or parameter bytes included in the smart card command. Checking whether it is stored in an application area or a smart card application area on a network; And If the smart card application (or data) is not stored in the smart card application area inside the IC chip, the card management program may include network extension information of the smart card application area (or data) included in the smart card application (or data). Inducing the smart card terminal to remotely access the smart card application area on the network with reference to a remote memory map or a remote file allocation table of an open network expansion platform. . The smart card application area (or application storage memory space) of the extended smart card server located on the network (or wire / wireless communication network) is: A method for operating a network extended smart card, comprising the same structure and function as an application area (or application storage memory space) inside the IC chip of the smart card. The smart card application area (or application storage memory space) of the extended smart card server located on the network (or wire / wireless communication network) is: The method of operating a network extended smart card, characterized in that initialized and personalized in the same manner as the application area (or application storage memory space) inside the IC chip of the smart card to provide the same function. The smart card application area (or application storage memory space) of the extended smart card server located on the network (or wire / wireless communication network) is: A method for operating a network extended smart card, wherein the storage space for storing a smart card application (or data) issued to or issued to a smart card is remotely controlled by the smart card operating system and / or a card management program. . The smart card of claim 1, wherein the network extended smart card includes: Remote Memory Map (RMM) or Remote File Allocation Table (RFAT) for direct access to smart card applications (or data) issued or post-issued and stored in the smart card application area on the network. Network extended smart card operating method comprising an open network expansion platform comprising at least one. The system of claim 13, wherein the remote memory map or remote file allocation table of the open network extension platform comprises: A network extended smart card server address information including a smart card application area on the network and at least one smart card application area information allocated to a corresponding network extended smart card on a network extended smart card server How smart cards work. The system of claim 13, wherein the remote memory map or remote file allocation table of the open network extension platform comprises: And a memory start address of the remote memory map or the remote file allocation table comprises an address immediately after the last address of a memory address mounted in the smart IC chip. The method according to claim 13 or 15, wherein the network extended smart card, If the smart card application (or data) corresponding to the smart card command sent from the smart card terminal is larger than the last address in the memory map or file allocation table inside the smart card IC chip, And the smart card terminal automatically recognizes that the smart card application (or data) is stored in a smart card application area on a network. The system of claim 13, wherein the remote memory map or remote file allocation table of the open network extension platform comprises: Network expansion smart card operating method, characterized in that it is additionally included in the memory map or file allocation table of the existing card management program in the smart card. The smart card of claim 1, wherein the network extended smart card comprises: And a remote card management program (or card manager) including a remote memory map or a remote file allocation table of the open network expansion platform together with a memory map or file allocation table of an existing card management program in the smart card. Network extended smart card operation method. The smart card of claim 1, wherein the network extended smart card includes: A method for operating a network extended smart card, comprising: remotely controlling, managing, and executing a smart card application (or data) stored in a smart card application area on the network through a smart card terminal. 20. The system of claim 19, wherein the network extended smart card controls and manages a smart card application area on a network. An address of a network extended smart card server in which the smart card application area is mounted from the network extended smart card to the smart card terminal; Location information of a unique smart card application area assigned to the smart card, Method of operating a network extended smart card, characterized in that to provide at least one remote memory map or remote file allocation table information for the smart card application area to control and manage the smart card application area on the network through the smart card terminal. . The smart card of claim 1, wherein the network extended smart card comprises: Network expansion smart card operating method, characterized in that the existing open platform and open network expansion platform is mounted at the same time in the smart card. The smart card of claim 1, wherein the network extended smart card comprises: Network smart card operating method, characterized in that the smart card to mount the IC chip mounted on the existing open platform and the IC chip mounted on the open network expansion platform at the same time. The system of claim 13, wherein the remote memory map or remote file allocation table of the open network extension platform comprises: Method of operating a network extended smart card, characterized in that included in at least one or more specific smart card application (or data) of the smart card application (or data) of the existing open platform in the smart card. The method of claim 1, further comprising: issuing and / or transmitting a smart card application (or data) from the smart card terminal to the smart card application area on the network with reference to the open network extension platform. And transmitting post-issuance information for post-issuance and / or transmission of a smart card application (or data) to the smart card terminal from the network extended smart card to the smart card application area on the network. Network extended smart card operation method. The method of claim 24, wherein the post-issuance information is Network extended smart card server address information, Smart card application area information about the network extended smart card assigned to the network extended smart card server; And at least one or more location information of the smart card application (or data) in the smart card application area on the network. The method of claim 1, further comprising: issuing and / or transmitting a smart card application (or data) from the smart card terminal to the smart card application area on the network with reference to the open network extension platform. The subject that determines to post-issue the smart card application (or data) to the smart card application area on the network comprises a card management program and / or operating system of an open network expansion platform mounted on the network extended smart card. Network extended smart card operation method. The method of claim 1, further comprising: issuing and / or transmitting a smart card application (or data) from the smart card terminal to the smart card application area on the network with reference to the open network extension platform. A subject that determines to post-issue the smart card application (or data) to a smart card application area on the network comprises a smart card terminal referencing a card management program and / or operating system of the open network extension platform Network extended smart card operation method. The method of claim 1, further comprising: issuing and / or transmitting a smart card application (or data) from the smart card terminal to the smart card application area on the network with reference to the open network extension platform. The subject that decides to post-issue the smart card application (or data) to the smart card application area on the network is assigned to the post-issued smart card application (or data) set by the smart card user and / or smart card terminal operator. Network extended smart card operating method, characterized in that consisting of a smart card terminal referring to the post-issuance policy. The method of claim 1, further comprising: issuing and / or transmitting a smart card application (or data) from the smart card terminal to the smart card application area on the network with reference to the open network extension platform. The subject that decides to post-issue the smart card application (or data) to the smart card application area on the network is assigned to the post-issued smart card application (or data) set by the smart card user and / or smart card terminal operator. Method for operating a network extended smart card, characterized in that consisting of the post-issuance application providing server (or post-issuance server) referring to the post-issuance policy. The method of claim 1, further comprising: issuing and / or transmitting a smart card application (or data) from the smart card terminal to the smart card application area on the network with reference to the open network extension platform. A smart card application on the network via the smart card terminal in a post-issuance server that post-issues the smart card application (or data) to a communication path for issuing a smart card application (or data) to the smart card application area on the network. The path to the area, And at least one path that directly accesses the smart card application area on the network from the post-issuance server. The method of claim 1, wherein the fourth step of post-issuance and / or transfer of the smart card application (or data) to the smart card application area on the network with reference to the open network extension platform, Providing post-issuance result data for the smart card application (or data) post-issued from the smart card terminal to the smart card application area on the network, to the network extended smart card; And The post-issuance result data of the network expansion smart card is recorded (or changed) in the network expansion information (remote memory map or remote file allocation table of the open network expansion platform) of the smart card application area through a card management program and / or an operating system. The network expansion smart card operating method comprising a. The method of claim 1, wherein the fourth step of post-issuance and / or transfer of the smart card application (or data) to the smart card application area on the network with reference to the open network extension platform, The post-issuance result data for the smart card application (or data) post-issued from the smart card terminal to the smart card application area on the network is displayed as network extension information (remote memory map or remote of the open network expansion platform). Recording (or modifying) the file allocation table). The method of claim 1, further comprising: loading a smart card application and / or smart card application information (and / or data) from the smart card terminal to the smart card terminal by referring to the open network extension platform. To The subject that decides to load the smart card application and / or smart card application information (and / or data) loaded in the smart card application area on the network to the smart card terminal is an open type mounted on the network extended smart card. Network expansion smart card operating method, characterized in that consisting of a card management program and / or operating system of the network expansion platform. The method of claim 1, further comprising: loading a smart card application and / or smart card application information (and / or data) from the smart card terminal to the smart card terminal by referring to the open network extension platform. To A card management program of an open network extension platform is determined by a subject that determines to load the smart card application and / or smart card application information (and / or data) loaded in the smart card application area on the network to the smart card terminal. And / or a smart card terminal referencing an operating system. The method of claim 1, further comprising: loading a smart card application and / or smart card application information (and / or data) from the smart card terminal to the smart card terminal by referring to the open network extension platform. To The subject that determines to load the smart card application and / or smart card application information (and / or data) loaded in the smart card application area on the network to the smart card terminal is the smart card user and / or smart. And a smart card terminal referencing an access policy for the smart card application and / or smart card application information (and / or data) set by a card terminal operator. The method of claim 1, further comprising: loading a smart card application and / or smart card application information (and / or data) from the smart card terminal to the smart card terminal by referring to the open network extension platform. To A path for transmitting a smart card application and / or smart card application information (and / or data) to the smart card terminal from a smart card application area on the network to a smart card terminal through a network. Wow, And at least one path from the network extended smart card application area to the network extended smart card once transmitted to the network extended smart card from the network extended smart card application area and then transmitted from the network extended smart card to the smart card terminal. How your card works. The method of claim 1, further comprising: loading a smart card application and / or smart card application information (and / or data) from the smart card terminal to the smart card terminal by referring to the open network extension platform. To Transmitting network access information from the network extended smart card to the smart card terminal to access the smart card application area on the network to extract the smart card application and / or smart card application information (and / or data). Network extended smart card operating method characterized in that it further comprises. The method of claim 37, wherein the network access information, Network extended smart card server address information, Smart card application area information about the network extended smart card assigned to the network extended smart card server; And at least one location information in which the smart card application and / or smart card application information (and / or data) are stored in the smart card application area on the network. The smart card (or IC card or IC chip) application area (or application storage memory space) in which the application (or data) for the IC card is mounted is connected to the application area (or wire / wireless communication network) of the IC chip in the smart card. A network expandable smart card for providing a cooperative process to a smart card application area (or an application storage memory space) in an expandable smart card server located on the network; A smart card terminal equipped with a remote application for remote access to a host application corresponding to the network extended smart card and an extended smart card application area located on the network (or wired or wireless communication network); And Network extended smart card including; network extended smart card server for mounting the application area of the extended smart card located on the network (or wired and wireless communication network) associated with the smart card (or IC card or IC chip) application area; Card system. 40. The method of claim 39, wherein the network extended smart card, And remote control / manage / execute the smart card application (or data) stored in the smart card application area on the network through the remote application of the smart card terminal. 41. The system of claim 40 wherein the network scalable smart card controls and manages smart card application areas on a network. An address of a network extended smart card server in which the smart card application area is mounted from the network extended smart card to the smart card terminal; Location information of a unique smart card application area assigned to the smart card, And providing at least one remote memory map or remote file allocation table information for the smart card application area to control and manage the smart card application area on the network through the smart card terminal. 40. The method of claim 39, wherein the host application of the smart card terminal, And relaying the network expandable smart card and a remote application to interwork within the smart card terminal. 40. The method of claim 39, wherein the remote application of the smart card terminal, Network expansion smart card system, characterized in that included as part of the host application mounted on the smart card terminal, or in the form of an independent application to communicate with the host application inside the smart card terminal. 40. The method of claim 39, wherein the network extended smart card server, The network extended smart card application area, A network for recording a smart card application (or data) in the network extended smart card application area, or extracting information (and / or data) included in the smart card application and / or smart card application in the network extended smart card application area. Network extended smart card system comprising a smart card terminal. 40. The method of claim 39, wherein the network extended smart card server, Network extended smart card system, characterized in that mounted on the smart card terminal side, mounted on the network, or mounted on the server side in accordance with the characteristics of the smart card system. 40. The method of claim 39, wherein the network extended smart card server, Mounted on a smart card terminal and / or server side such as a department store, a large discount store, or Mounted on a card company server or VAN, or A network scalable smart card system featured on a loyalty management server. The method of claim 44, wherein the network smart card terminal, Post-issue a new smart card application (or data) to the network scalable smart card application area, or Recording new smart card application information and / or data into the network extended smart card application area, or Extract a smart card application (or data) from the smart card application area on the network, or Extracting smart card information (and / or data) included in the smart card application from the smart card application area on the network. 40. The smart card application area (or application storage memory space) of an extended smart card server located on the network (or wired or wireless communication network), wherein: A network expansion smart card system, comprising the same structure and function as the application area (or application storage memory space) inside the IC chip of the smart card. 40. The smart card application area (or application storage memory space) of an extended smart card server located on the network (or wired or wireless communication network), wherein: The network extended smart card system, characterized in that initialized and personalized in the same manner as the application area (or application storage memory space) inside the IC chip of the smart card to provide the same function. 40. The smart card application area (or application storage memory space) of an extended smart card server located on the network (or wired or wireless communication network), wherein: A storage space for storing a smart card application (or data) issued to or issued to a smart card, the network extended smart card system characterized in that the remote control by the operating system and / or card management program of the smart card. 40. The method of claim 39, wherein the network extended smart card, Remote Memory Map (RMM) or Remote File Allocation Table (RFAT) for direct access to smart card applications (or data) issued or post-issued and stored in the smart card application area on the network Network expansion smart card system comprising an open network expansion platform comprising at least one). 52. The system of claim 51 wherein the remote memory map or remote file allocation table of the open network extension platform is: A network extended smart card server address information including a smart card application area on the network and at least one smart card application area information allocated to a corresponding network extended smart card on a network extended smart card server Smart card system. 52. The system of claim 51 wherein the remote memory map or remote file allocation table of the open network extension platform is: And a memory start address of the remote memory map or the remote file allocation table comprises an address immediately after the last address of a memory address mounted in the smart IC chip. 52. The system of claim 51 wherein the remote memory map or remote file allocation table of the open network extension platform is: Network expansion smart card system, characterized in that included in at least one or more specific smart card application (or data) of the smart card application (or data) of the existing open platform in the smart card. 54. The method of claim 51 or 53, wherein the network extended smart card is If the smart card application (or data) corresponding to the smart card command sent from the smart card terminal is larger than the last address in the memory map or file allocation table inside the smart card IC chip, And the smart card terminal automatically recognizes that the smart card application (or data) is stored in a smart card application area on a network. 52. The system of claim 51 wherein the remote memory map or remote file allocation table of the open network extension platform is: Network expansion smart card system, characterized in that it is additionally included in the memory map or file allocation table of the existing card management program in the smart card. 52. The method according to claim 39 or 51, wherein the network extended smart card, And a remote card management program (or card manager) including a remote memory map or a remote file allocation table of the open network expansion platform together with a memory map or file allocation table of an existing card management program in the smart card. Network scalable smart card system. 52. The method according to claim 39 or 51, wherein the network extended smart card, Network expansion smart card system, characterized in that the existing open platform and open network expansion platform is mounted at the same time in the smart card. 52. The method according to claim 39 or 51, wherein the network extended smart card, Network expansion smart card system, characterized in that the smart card to mount the IC chip mounted on the existing open platform and the IC chip mounted on the open network expansion platform at the same time. The smart card (or IC card or IC chip) application area (or application storage memory space) in which the application (or data) for the IC card is mounted, Network expansion smart card, characterized in that the smart card application area in the extended smart card server located on the network (or wired or wireless communication network) and the IC chip internal application area of the smart card. 61. The smart card application area (or application storage memory space) of an extended smart card server located on the network (or wired or wireless communication network), wherein: Network extended smart card, characterized in that it provides the same structure and function as the application area (or application storage memory space) inside the IC chip of the smart card. 61. The smart card application area (or application storage memory space) of an extended smart card server located on the network (or wired or wireless communication network), wherein: Network extended smart card, characterized in that initialized and personalized in the same manner as the application area (or application storage memory space) inside the IC chip of the smart card to provide the same function. 61. The smart card application area (or application storage memory space) of an extended smart card server located on the network (or wired or wireless communication network), wherein: A network expandable smart card, wherein the storage space for storing a smart card application (or data) issued to or issued to a smart card is controlled by the smart card's operating system and / or a card management program. 61. The method of claim 60, wherein the network extended smart card, Remote Memory Map (RMM) or Remote File Allocation Table (RFAT) for direct access to smart card applications (or data) issued or post-issued and stored in the smart card application area on the network Network expandable smart card comprising an open network expansion platform comprising at least one). 65. The system of claim 64 wherein the remote memory map or remote file allocation table of the open network extension platform comprises: A network extended smart card server address information including a smart card application area on the network and at least one smart card application area information allocated to a corresponding network extended smart card on a network extended smart card server Smart card. 65. The system of claim 64 wherein the remote memory map or remote file allocation table of the open network extension platform comprises: And a memory start address of the remote memory map or the remote file allocation table comprises an address immediately after the last address of a memory address mounted in the smart IC chip. 67. The method of claim 64 or 66, wherein the network extended smart card is If the smart card application (or data) corresponding to the smart card command sent from the smart card terminal is larger than the last address in the memory map or file allocation table inside the smart card IC chip, And the smart card terminal automatically recognizes that the smart card application (or data) is stored in a smart card application area on a network. 65. The system of claim 64 wherein the remote memory map or remote file allocation table of the open network extension platform comprises: Network expansion smart card, characterized in that further included in the memory map or file allocation table of the existing card management program in the smart card. The method of claim 60 or 64, wherein the network extended smart card, And a remote card management program (or card manager) including a remote memory map or a remote file allocation table of the open network expansion platform together with a memory map or file allocation table of an existing card management program in the smart card. Network scalable smart card. The method of claim 60 or 64, wherein the network extended smart card, Network expansion smart card, characterized in that the existing open platform and open network expansion platform is mounted at the same time in the smart card. The method of claim 60 or 64, wherein the network extended smart card, Network expansion smart card, characterized in that the smart card to mount the IC chip mounted on the existing open platform and the IC chip mounted on the open network expansion platform at the same time. 65. The system of claim 64 wherein the remote memory map or remote file allocation table of the open network extension platform comprises: Network extension smart card, characterized in that included in at least one or more specific smart card application (or data) of the smart card application (or data) of the existing open platform in the smart card. 61. The method of claim 60, wherein the network extended smart card, A smart card terminal, characterized in that for remote control / management / execution of the smart card application (or data) stored in the smart card application area on the network. 74. The system of claim 73 wherein the network scalable smart card controls and manages smart card application areas on a network. An address of a network extended smart card server in which the smart card application area is mounted from the network extended smart card to the smart card terminal; Location information of a unique smart card application area assigned to the smart card, And providing at least one remote memory map or remote file allocation table information for the smart card application area to control and manage the smart card application area on the network through the smart card terminal. 61. The application (or data) for an IC card according to claim 60, wherein the IC card application (or data) mounted in the smart card (or IC card or IC chip) application area (or application storage memory space) is: The network extended smart card, characterized in that the transfer (copy or move) to the smart card application area (or application storage memory space) in the extended smart card server located on the network (or wired and wireless communication network). 61. The application (or data) for an IC card according to claim 60, wherein the IC card application (or data) mounted in the smart card application area (or application storage memory space) in the extended smart card server located on the network (or wired / wireless communication network), And transfer (copy or move) the smart card (or IC card or IC chip) to an application area (or application storage memory space). The smart card (or IC card or IC chip) application area (or application storage memory space) in which the application (or data) for the IC card is mounted, Network expansion smart card, characterized in that provided by separating or divided into the smart card application area of the smart card server located on the IC chip internal application area and the network (or wired or wireless communication network) of the smart card. The IC card application (or data) according to claim 1, wherein the IC card application (or data) mounted in the smart card (or IC card or IC chip) application area (or application storage memory space), A method for operating a network extended smart card, characterized in that it is transferred (copyed or moved) to a smart card application area (or application storage memory space) in an extended smart card server located on the network (or wired or wireless communication network). The IC card application (or data) installed in the smart card application area (or application storage memory space) of the extended smart card server located on the network (or wired / wireless communication network). And operating (copying or moving) the smart card (or IC card or IC chip) to an application area (or application storage memory space). The application (or data) for an IC card according to claim 39, wherein the IC card application (or data) mounted in the smart card (or IC card or IC chip) application area (or application storage memory space) is provided. And move (copy or move) to a smart card application area (or an application storage memory space) in an expandable smart card server located on the network (or wired or wireless communication network). 40. The application (or data) for an IC card according to claim 39, wherein the IC card application (or data) mounted in the smart card application area (or application storage memory space) in the expandable smart card server located on the network (or wired / wireless communication network), And move (copy or move) the smart card (or IC card or IC chip) application area (or application storage memory space). A smart card (or IC card or IC chip) in which an IC card application (or data) is mounted, or an (network) expansion smart card in which an application area (or application storage memory space) is located on a network (or wired or wireless communication network). Virtual IC chip interworking information and / or provided with a smart card application area (or a virtual IC (Integrated Circuit) chip or application storage memory space) in the server and interworking with the smart card application area in the (network) extended smart card server. The network extended smart card, characterized in that it is interlocked with the smart card application area in the extended smart card server through a network interworking platform that contains the virtual IC chip interworking information. The smart card application area (or a virtual integrated circuit (IC) chip or an application storage memory space) in an extended smart card server located on the network (or wired or wireless communication network). Network extended smart card, characterized in that initialized and personalized in the same manner as the application area (or application storage memory space) inside the IC chip of the smart card to provide the same function. The system of claim 82, wherein the network extended smart card comprises: Network expansion smart card, characterized in that the existing open platform and the network interworking platform is mounted at the same time in the smart card. 84. The IC card application (or data) of claim 82, wherein the IC card application (or data) mounted in the smart card (or IC card or IC chip) application area (or application storage memory space), The network extended smart card, characterized in that the transfer (copy or move) to a smart card application area (or application storage memory space) in the extended smart card server located on the network (or wired and wireless communication network). 83. The IC card application of claim 82, wherein the IC card application is mounted in a smart card application area (or a virtual integrated circuit (IC) chip or an application storage memory space) in an extended smart card server located on the network (or wired or wireless communication network). (Or data), And transfer (copy or move) the smart card (or IC card or IC chip) to an application area (or application storage memory space). 83. The method of claim 82, wherein the virtual IC chip interworking information, Virtual IC chip access information to support access to the smart card application area in the extended smart card server, In the process of post-issuing a smart card application (or data) to the smart card application area in the extended smart card server or extracting the smart card application information and / or data from the smart card application area in the extended smart card server. Network extended smart card, characterized in that it comprises at least one or more virtual IC chip authentication information for authenticating the validity of the virtual IC chip. 88. The method of claim 82 or 87, wherein the virtual IC chip access information of the virtual IC chip interworking information, The network extended smart card server address information and / or login information for supporting a smart card terminal to access the extended smart card server through a network; And at least one location information and / or access code for accessing the smart card application area of the extended smart card server. The virtual IC chip authentication information of the virtual IC chip interworking information according to claim 82 or 87, Access right information for accessing the smart card application area of the extended smart card server; Validation authentication information for the smart card application (or data) issued and / or post-issued in the smart card application area, Smart card service execution information for issuing the smart card application (or data) to the smart card application area or executing the smart card application in the smart card application area to generate smart application information and / or data. Network extended smart card comprising at least one. 86. The method of claim 82 or 87, wherein the virtual IC chip interworking information, Network expansion smart card comprising the virtual IC chip control information and / or management information of the network expansion smart card server. 83. The method of claim 82, wherein the virtual IC chip interworking information, Embedded in the chip operating system and / or card management program of the existing open smart card platform, or Is mounted in the form of an application (or data) for the smart card that is issued and / or post-issued to the network expansion smart card, or Network expansion smart card, characterized in that mounted in the application for smart card issued and / or post-issued by the network expansion smart card. 92. The method of claim 82 or 91, wherein the virtual IC chip interworking information, Delete a specific data area of the smart card application issued and / or post-issued to the smart card, and include in the deleted data area, or Network expansion smart card, characterized in that it is included in the preliminary data area not used in the smart card application issued and / or post-issued to the network expansion smart card. 83. The method of claim 82, wherein the virtual IC chip interworking information, Code form (or code) for providing a smart card terminal (or merchant terminal) information in which a smart card connected to the smart card terminal is linked to or linked with a smart card application area (or virtual IC chip) in the network extended smart card server. Network expansion smart card, characterized in that consisting of a simple signal form). 83. The method of claim 82, wherein the virtual IC chip interworking information, The smart card terminal (or merchant terminal) information that the smart card connected to the smart card terminal is associated with or linked with the smart card application area (or virtual IC chip) in the network extended smart card server and the network extended smart card server Network extended smart card, characterized in that the form of code (or simple signal) to provide access information for access to the smart card application area (or virtual IC chip). 83. The method of claim 82, wherein the virtual IC chip interworking information, Network extended smart card, characterized in that received from the network expandable smart card user. 97. The method of claim 95, wherein the virtual IC chip interworking information is provided from the network extension smart card user. Receive the virtual IC chip interworking information from the network extension smart card user, or And the virtual IC chip interworking information is provided from a wireless terminal owned by the network extended smart card user. Smart card in smart card (or IC card or IC chip) application area (or application storage memory space) where IC card application (or data) is mounted on network (or wired / wireless communication network) And a virtual IC chip interworking information and / or the virtual IC chip interworking information for interworking with a smart card application area in the expandable smart card server, provided as a card application area (or a virtual IC chip or application storage memory space). Network extended smart card, characterized in that it is interlocked with the smart card application area in the extended smart card server through a network interworking platform equipped with; A smart card terminal that supports access to an extended smart card application area (or a virtual integrated chip (IC) chip or an application storage memory space) located on the network (or wired or wireless communication network) through the virtual IC chip interworking information; And Application area (or virtual integrated circuit (IC) chip or application storage memory space) of an extended smart card located on the network (or wired or wireless communication network) interworking with the smart card (or IC card or IC chip) application area. Network expandable smart card server that includes; Network extended smart card system comprising a. The system of claim 97, wherein the network extended smart card server comprises: Network extended smart card system, characterized in that mounted on the smart card terminal side, mounted on the network, or mounted on the server side in accordance with the characteristics of the smart card system. The system of claim 97, wherein the network extended smart card server comprises: Mounted on a smart card terminal and / or server side such as a department store, a large discount store, or Mounted on a card company server or VAN, or Mounted on a loyalty management server, or Network expansion smart card system, characterized in that mounted on the carrier server. The method of claim 1, wherein the application (or data) for the IC card, An IC card (or smart card or IC chip) application and / or a network expansion smart card operating method comprising a variety of data contained in the application. 40. The method of claim 39, wherein the application (or data) for the IC card, A network extended smart card system comprising an application for an IC card (or a smart card or an IC chip) and / or various data included in the application. 61. The method of claim 60, wherein the application (or data) for the IC card, A network extended smart card comprising an application for an IC card (or a smart card or an IC chip) and / or various data included in the application. 84. The method of claim 82, wherein the application (or data) for the IC card, A network extended smart card comprising an application for an IC card (or a smart card or an IC chip) and / or various data included in the application. 98. The method of claim 97, wherein the application (or data) for the IC card, A network extended smart card system comprising an application for an IC card (or a smart card or an IC chip) and / or various data included in the application.