Classifications

• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
  • G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
  • G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
  • G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
• • G—PHYSICS
  • G06—COMPUTING OR CALCULATING; COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
  • G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
  • G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
• • G—PHYSICS
  • G06—COMPUTING OR CALCULATING; COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
  • G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
  • G06Q20/357—Cards having a plurality of specified features
  • G06Q20/3576—Multiple memory zones on card
  • G06Q20/35765—Access rights to memory zones

Definitions

• the present invention relates to methods which make it possible to distribute the content of the memory of an integrated circuit between several applications, themselves possibly assigned to different users. It applies more particularly to integrated circuits intended to be mounted in memory cards called "smart" cards. It is particularly useful for integrated circuits which do not include a microprocessor, but only a few logic circuits which make it possible to exploit the content of the memory.
• the invention proposes a method for distributing the memory of an integrated circuit between several applications, characterized in that the memory is divided into several zones each corresponding to an application, and which is associated with each zone a code intended to be presented to the circuit by the user to authorize when it is recognized the access to the zone with which it is associated.
• the invention also applies to integrated circuits fitted with a microprocessor by implementing the method of the invention in the software, which gives the corresponding software part a reduced size and remarkable efficiency.
• each application located in the circuit memory is assigned an access code, which can be a secret code reserved for the authorized user, which opens access to a particular area of the memory where the user resides. 'corresponding application.
• the user who can be the manufacturer responsible for developing a particular application, or the individual end user of the smart card containing the integrated circuit, begins in a step 101 by entering a code in the circuit.
• This code is decoded in a step 102 to obtain authorization to access one of the areas of the memory 103, and from this moment the user is free to use the content of this area, that is to install the use it has developed, either to operate it. Access to other areas is, in the simplest and most common cases, prohibited, but it is possible to authorize partial access, for example to use a subroutine contained in another application.
• An interesting improvement consists in organizing the logic of the circuit, or the software of the microprocessor, so that the addresses from the start of the zone, and the following ones until the end if they are of identical lengths, are the same, seen from the user. .
• the physical addresses will be different, but this will not be seen on the user side, which will in fact use the invisible equivalent for it of relative addressing.
• security is increased by preventing access to prohibited addresses by a roundabout route, possibly possible following a programming or specification bug. If the recognition of a particular code and the selection of the corresponding memory area are easily done with a microprocessor, these actions require in the case of wired logic relatively heavy hardware compared to that strictly necessary for memory management in the absence of a microprocessor.
• the invention proposes to use a code formed of 2 pieces, as shown in FIG. 2.
• This code will therefore include a first part 201, formed by x bits, designating the usable zone number, and a second part 202, formed by y bits and comprising the secret (or confidential) code necessary to access the zone designated by the code.
• the total length of the code to be presented by the user will therefore be x + y bits and this length will preferably be equal to that of a word from memory, to facilitate the creation of the logic circuits of the integrated circuit.
• the zone number will preferably be placed at the head of the code, referring to the direction by which the user enters it into the circuit in serial mode, which is the most frequent case, in particular in smart cards due the low number of contacts available on the input / output connector.
• the first x bits are read first and indicate which is the internal secret code stored in the circuit which must be compared to the external secret code formed by the y bits of the second part of the code entered by the user.
• the internal pointer of the circuit selects the memorized secret code then, if the comparison is positive, it gives access to the area of the memory designated by the number forming the first part of the code. Of course, if the comparison is negative, access will be refused, except possibly to a zone delivering for example an error message.
• the memorized secret codes will for example be contained in a special table, but preferably they will be placed in the memory at the head of the zones to which they give access, which again makes it possible to simplify the internal circuits of the integrated circuit.
• the internal pointer under the command of the zone number, directly addresses the first word of the memory and the application can start without delay as soon as the secret code is recognized.
• the circuits necessary to form such a table and its interfaces with the rest of the integrated circuit are saved.
• this table makes it possible, by decoding them, to lead to a common addressing part which plays a role of selection for the memory areas to which the secret codes give access.
• the total length of the code (secret + zone number) is equal to that of a word in the memory, you can either neutralize the bits corresponding to the number, or put this number itself and make a total comparison of the word and the code, thus obtaining additional security by redundancy of the verification of the zone number.
• the selection is made by software. After extraction of the first x bits of the code presented, the software directs the internal pointer to the first word in the zone corresponding to the number indicated by these x bits, it causes the reader of this word, then the comparison of the last y bits with the word thus read, and finally starting the application if the comparison is positive.
• the code entered by the user arrives via a "code entry" connection in a register 301 where it is stored.
• the first x bits are applied to a zone logic 302 where they are decoded to obtain a signal which indicates on a "selection" connection the zone concerned. This logic memorizes this signal until the end of the application.
• the selection signal thus obtained is applied to the addressing members 303 of the memory 304 of the integrated circuit. These selection members also receive by an "address input" connection the addresses of the words to be read in the application.
• the first address, 0 by convention, is always the same, and combined with the ⁇ selection signal it allows the first word in the designated area to be read from the memory, which contains the stored internal secret code.
• This internal code is applied, with the external secret code coming from the register 301, to a comparator 305 which delivers, if this comparison is positive, a read validation signal which opens a door 306 which allows the words read in the memory to exit to the other organs of the integrated circuit.
• This validation signal also makes it possible, if necessary, to unlock all or part of these other organs, for example to authorize writing to the memory.
• the "selection" signal makes it possible, in combination with the address signal, to read the content of the zone as if it were at the head of the memory. It is the same of course for other applications.
• each confidential code it is not absolutely necessary for each confidential code to be placed at the beginning of its memory area.
• the structure of the invention is also particularly interesting if, after the presentation of the code, all the zones are the same size. Otherwise, an organization is used in which the secret codes are stored in a small area.
• FIG. 4 the simple logic circuit which makes it possible to dispense with the existence, in the integrated circuit, of a microprocessor, while authorizing, according to the invention, the setting in work of several applications with the smart card.
• the addressing of the memory words is sequential.
• a clock causes, by means of a counter internal to the memory, an address counting.
• a validation signal emitted from outside the circuit, validates the state of the counter to designate the address of the word to be reached.
• a validation signal emitted from outside the circuit, validates the state of the counter to designate the address of the word to be reached.
• such a system is used to, in addition, implement the security linked to the different applications.
• the number of the zone where the secret code is stored is coded on four bits so that a partition of the memory into sixteen parts (2 4 ) is imposed. Any other number other than four is however possible.
• the first four bits of the secret code (which represent its address) are sent by an input pin IN of the integrated circuit on four shift registers 401 to 404 connected in cascade.
• an APL signal delivered by the zone logic 302, prior to zero changes to a state one. It then invalidates the transmission of the clock pulses to the registers 401-404. These remain in the state in which they were. They therefore deliver during all of the following use, at the output, each a signal, respectively A3 to A0, constituting a given bit of weight of an address.
• This address is decoded in a zone predecoder 405 having sixteen outputs. Each ⁇ of these sixteen outputs leads to an input of a word line decoder 406 from memory 407. This outcome is also authorized by an AND gate assembly such as 408 receiving the signal from the predecoder 406 and the signal APL.
• the decoder 406 Before the fifth bit of the clock, the decoder 406 is therefore supplied with the sixteen signals from the predecoder 405. The other inputs of the decoder 406 still remain at zero.
• the decoder 406 is therefore configured to allow access to the first word of the addressed partition (one among sixteen). This word, which precisely contains the secret code, is then read to be compared as indicated above.
• the secret code CODE No. 1, CODE No. 2, etc.
• the usable partition of the memory 407 for example the partition 409, attached to the first word of the area 410 which contains the secret code CODE N ° 1, is physically close to this word 410.
• This physical proximity s ' explains by the fact that the memory words of the partition 409 of the memory 407 have moments of address A0 and A3 which are the same as those of the secret code which governs this zone 409.
• the addressing of the different memory words in the partition 409 is then carried out as follows. Part of the address is supplied to the decoder 406 by the predecoder 405 (frozen in this state throughout the application). Another part is conventionally supplied by a counter 411 receiving CLKV clock signals validated (to arrive at the correct memorized word) and connected to a predecoder 412. This latter link is of the same type as that which connects the registers 401-404 to the predecoder 405.
• the predecoder 412 transforms the count of the counter 411 into address signals. For example, the counter can count from 0 to 2 n and the predecoder 412 therefore has n connections and output. These n connections lead to n inputs of the decoder 406.
• n-1 are useful for accessing all the memory words of the partition 409. Once this access has been made, the counter 411 is counted up to not. We then arrive at a fictitious memory word at the output of the decoder 406.
• the fictitious memory word consists of a connection 413 connected to a reset input of the counter 411. We can then start another account to access an address again of partition 409. You cannot access other words than those of this partition.

Landscapes

• Engineering & Computer Science (AREA)
• Business, Economics & Management (AREA)
• Physics & Mathematics (AREA)
• General Physics & Mathematics (AREA)
• Microelectronics & Electronic Packaging (AREA)
• Computer Networks & Wireless Communication (AREA)
• Accounting & Taxation (AREA)
• Strategic Management (AREA)
• General Business, Economics & Management (AREA)
• Theoretical Computer Science (AREA)
• Storage Device Security (AREA)

Priority Applications (1)

Applications Claiming Priority (2)

Publications (1)

Family

ID=9401057

Family Applications (1)

Country Status (5)

Cited By (13)

Families Citing this family (4)

Citations (2)

• 1990
  • 1990-10-09 FR FR9012439A patent/FR2667714A1/fr active Granted
• 1991
  • 1991-10-08 JP JP3516443A patent/JPH06502032A/ja active Pending
  • 1991-10-08 CA CA002093524A patent/CA2093524A1/fr not_active Abandoned
  • 1991-10-08 EP EP91917979A patent/EP0553163A1/fr not_active Ceased
  • 1991-10-08 WO PCT/FR1991/000786 patent/WO1992006451A1/fr not_active Application Discontinuation

Patent Citations (2)

Also Published As

Similar Documents

Legal Events