WO2001016759A1 - Systeme et procede de gestion de memoire de carte a puce - Google Patents

Systeme et procede de gestion de memoire de carte a puce Download PDF

Info

Publication number
WO2001016759A1
WO2001016759A1 PCT/US2000/000080 US0000080W WO0116759A1 WO 2001016759 A1 WO2001016759 A1 WO 2001016759A1 US 0000080 W US0000080 W US 0000080W WO 0116759 A1 WO0116759 A1 WO 0116759A1
Authority
WO
WIPO (PCT)
Prior art keywords
memory
data
record
read
smart card
Prior art date
Application number
PCT/US2000/000080
Other languages
English (en)
Inventor
Todd Carper
David Hemmo
Original Assignee
Cryptec Systems, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/386,286 external-priority patent/US6480935B1/en
Application filed by Cryptec Systems, Inc. filed Critical Cryptec Systems, Inc.
Publication of WO2001016759A1 publication Critical patent/WO2001016759A1/fr

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/0223User address space allocation, e.g. contiguous or non contiguous base addressing
    • G06F12/023Free address space management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • G06Q20/3576Multiple memory zones on card
    • G06Q20/35765Access rights to memory zones

Definitions

  • the present invention relates to the field of portable tokens, such as smart cards. More particularly, the present invention relates to a management system and method for memory in a smart card.
  • Smart cards are increasingly used in financial and commercial transactions in the place of credit/debit cards and stored value cards.
  • smart cards include a microprocessor with a memory element embedded within a some physical form. With a microprocessor, smart cards interact with terminals across a broader range of transactions and are able to communicate a broader and a more detailed range information regarding the cardholder, a cardholder account, transaction authorization, or other information.
  • Fig 1 shows an exemplary smart card 10. Roughly the size of a credit card, smart card 10 includes a microprocessor 12 with an integral memory element and conductive contacts 13. Microprocessor 12 is typically a single wafer integrated circuit (IC) mounted on, or embedded within the otherwise plastic smart card. Conductive contacts 13 interface with a terminal to electrically transfer data between the terminal and the smart card. Other smart card embodiments do not include conductive contacts 13. Such "contactless " smart cards receive information via proximately coupling, such as magnetic coupling, or via remote coupling, such as radio communication.
  • proximately coupling such as magnetic coupling
  • remote coupling such as radio communication.
  • microprocessor 12 and conductive contacts 13 of Fig 1. are shown in some additional detail in Fig 2. Conductive contacts variously include power contacts, at least one input/output (I/O) port, a reset port, and a clock (elk) signal port.
  • Microprocessor 12 comprises a central processing unit (CPU) 21 which is generically control logic including
  • I/O circuitry 23 Terminal signals variously interface with CPU 21 through the conductive contacts 13 and I/O circuitry 23.
  • Microprocessor 12 further comprises a memory element 20, typically including Random Access Memory (RAM) 22. Read Only Memory (ROM) 24, and Electrically Erasable Programable Read Only Memory (EEPROM) 26.
  • RAM Random Access Memory
  • ROM Read Only Memory
  • EEPROM Electrically Erasable Programable Read Only Memory
  • Operating power, a user input keypad, and a display for the smart card microprocessor are provided by the terminal; i.e., an ATM, merchant point-of-sale device, or security control device, etc.
  • the terminal includes a mechanism detecting the presence of a properly positioned smart card. Upon detecting the smart card, the terminal provides power to the microprocessor, and typically sends a reset (RST) signal to the smart card. The smart card uses the RST signal to reset itself or to initiate an internal reset function. After reset, the smart card returns an answer-to-reset (ATR) signal
  • ATR signal communicates basic information concerning the smart card to the terminal. Once such basic information is successfully recognized by the terminal, communication, i.e.. data transfer, between the smart card and the terminal can be established.
  • smart cards can be designed to operate as personal identity cards, critical record storage devices, security IDs. etc. In these varied capacities, a smart card may be designed to perform any number, or any combination of data processing functions including, access. storage, transfer, exchange, authorization, etc.
  • European patent document 0 292 248 discloses one conventional smart card memory management technique.
  • a so-called “operating system.” is stored in ROM. and a movable boundary separates a write only portion of EPROM storing applications from a read/write portion of EPROM storing other data types.
  • the present invention provides a single memory manager, preferably part of a true operating system (OS), through which smart card memory is allocated and deallocated. Since all requests for smart card memory definition (allocation and deallocation) are controlled by the memory manager, memory integrity and security are assured.
  • OS true operating system
  • the smart card memory may be efficiently used, and need not be pre-allocated or defined by arbitrary boundaries.
  • the memory manager references a memory management record, typically a bitmap or similar record.
  • the memory management record is preferably stored in RAM. Accordingly, the memory management record must be recreated in RAM upon smart card initialization. This may be done by recopying a copy of the memory management record previously stored in non-volatile memory by a previous transaction ending in a controlled shut-down, or by poling a file directory stored in non-volatile memory following a transaction ending in an uncontrolled shut-down.
  • the memory management record may include a broad array of information relating memory to various data objects stored in memory. Primarily, however, it indicates memory availability.
  • the present invention makes full use of a predictable data record format and an efficient file directory structure. While subject to variation and programmer definition, the data record format provides a basis by which the memory management record may be recreated upon smart card initialization by interrogation of the various data object stored in read/write memory.
  • the file directory is flexible and able to accurately identify all data objects persistent in read write memory, while occupying a minimum of memory space itself.
  • a file manager also preferred as part of the OS, is used to access data records in the file directory. Together with the memory manager, the file manager allows read/write memory to be efficiently allocated and deallocated. Read/write memory space may, in fact, be recycled once a former data object is no longer needed.
  • the present invention in it multiple aspects provides a system and method by which memory in a smart card is securely and effectively used, as between multiple applications running on the smart card.
  • FIG. 1 illustrates an exemplary conventional smart card
  • Fig. 2 illustrates the integrated circuit portion of the conventional smart card is some additional detail
  • Fig. 3 illustrates one example of a memory management record according to the present invention:
  • Fig. 4 illustrates one example of a data record format according to the present invention:
  • Fig. 5 illustrates one example of a file directory structure according to the present invention:
  • Fig. 6 is a flowchart illustrating a method for forming a memory management record in RAM upon smart card initialization:
  • Fig. 7 is a flowchart illustrating a method for allocating memory and forming a data record in the file directory: and.
  • Fig. 8 is a flowchart illustrating a method for deleting a data record from the file director.' and deallocating the associated memory.
  • the present invention provides a single manager for all memory space on a smart card. Every request for the allocation or deallocation of memory space, whether made by an operating system or by an application, is made through this single memory manager. No other agent can access or define memory space on the smart card.
  • the code implementing the memory management capabilities is resident in the smart card operating system (OS).
  • the OS is preferably stored in ROM. but may be stored, wholly or in part in read/write memory.
  • the OS is a • 'true " OS in the sense that it does not execute any command received from a terminal. Rather, the OS provides an I/O routine by which commands are transferred from the terminal to an application running on the smart card, and provides a number of functions which may be called by any one of the smart card applications.
  • the memory manager of the present invention is preferably one such OS function.
  • the term "memory manager" is used to denote the code providing at least the memory allocation, deallocation, and accounting capabilities discussed in greater detail below.
  • the memory manager manages all data stored in read/write memory and RAM. including, as examples, scratch pad data, file/record data, and applications.
  • the term "read/write memory” is used to generically refer to those forms of memory into which data may be written and read. All forms of electrically programmable read only memory (EPROM ) and flash memory are contemplated by the term read/write memory.
  • the single memory manager of the present invention implements a flexible. controlled memory access capability for the OS and all applications on the smart card at the lowest level of read/write memory.
  • applications are stored in efficiently allocated memory space. There are no requirements for memory space to be pre-allocated to an application when it is installed, as is often the case with conventional smart cards.
  • the entirety of read/write memory may be used by the memory manager to dynamically store records, files and data objects for the operating system and the applications on the smart card
  • Memory allocation is made by the memory manager on an "as needed" basis, such that records, files, and data objects are stored in a minimum of memory space.
  • OS or an application requests the desired amount from the memorv manager
  • the memory manager identifies and allocates the smallest available block of read write memory capable of satisfying the request This process reduces memory space fragmentation and allows optimal use of the memory space
  • Effective memory management requires a reference. At any given moment, the reference must accurately indicate which portions of memory are in use and which portions are available for allocation Alternatively, an accounting or a poling algorithm might be used to monitor memory use
  • A. memory management reterence can take advantage of the fact that commercial memory devices are often divided into data blocks having a minimum or nominal size For example. EPROM is nominally divided into N data blocks At present, commercially available EPROM is divided into data blocks of 16 bytes per block, but EPROMs having
  • 32 and 64 byte data blocks are readily foreseen.
  • 16 bytes data blocks are assumed as a convenient granularity for the definition of read/write memory space.
  • a hacker will monitor the memory state of a smart card du ⁇ ng c ⁇ tical periods of a financial transaction in which data is being w ⁇ tten to the smart card Within such periods, the memory may. in whole or in part, transition through an undefined state Once potential periods of undefined memory state are identified, the hacker terminates the transaction during these periods in an attempt to acquire an undefined memory state, which will later be interrupted m a subsequent transaction as having a substantially higher value than that otherwise authorized had the interrupted transaction run to completion.
  • the present invention precludes such attacks by never allowing an erroneous or undefined memory state to arise from the memory management reference
  • this reference in whatever form it is actually implemented, will be termed a "memory management record"
  • the memory management record is preferably stored in RAM RAM is preferred because it may be accessed (read to or written from) in a single data transfer cycle (The exact timing for this cycle is defined by the microprocessor and the memory device used on the smart card)
  • read/write memory requires multiple cycles to write data, and is thus susceptible to card yanks
  • Other "fast " memory elements may be used to store the memory management record, such as the SRAM associated with the smart card microprocessor
  • single cycle data access is generally required to insure the accuracy and security of the memory management record
  • the memorv management record may take many forms At present, a bitma ⁇ table is preterr ⁇ . but a set ot tables or an algorithm might also be used Reter ⁇ ng to Fig 3. an exemplar* bitmap table 30 is illustrated in three columns Each column represents a data field ha ⁇ mg N entries Each entry (0. 1. N-l . N) corresponds to a data block witnin the read/wnte memory
  • a first data field 31 includes N ent ⁇ es. each entry indicating whether an associated data block is currently in use. Use or non-use may be indicated by a single bit
  • a second data field 32 also includes N entries. Each second data field entry indicates ownership for the associated data block
  • ownership denotes an access authorization or relationship between one or more smart card programs (the OS or an application) and the data block That is. each entry in the second data field mclu ⁇ es unique ownership information identifying which program(s) on the smart card are aole to access the data block For example, assuming a single, 8-bit ownership byte. F0 might indicate that a data block is owned by the OS Whereas, data block "3" in the example shown in Fig.
  • a third data field 33 also includes N ent ⁇ es. Each entry in the third data field indicates an access type for the associated data block.
  • the range of possible access types includes, for example. Read-Only. Read/W ⁇ te. Lock, and Free Further, the access ty pe may indicate a security access condition for the data block.
  • the memory manager uses the memory management record to efficiently allocate, account for. and deallocate memory space. For example, when requiring additional memory space, the OS or an application will "call” the memory manager.
  • the term “call” or “calling” is used throughout to broadly describe a relationship between two pieces of code in which one piece invokes the other.
  • the memory manager receives a request for a block of read/write memory. Based on the size of the requested space, the present availability of read/write memory space, and the nature of the requesting program, the memory manager will allocate the requested space. With benefit of the memory management record, memory allocation and deallocation are straight forward. Using the example illustrated in Fig. 3. the memory manager simply updates the information stored in the second (ownership) data field, and changes the use indicator in the first data field for each data block allocated/deallocated by a request. Further, the memory manager may monitor or account for memory space by interrogating the memory management record.
  • the application having an ownership byte indication of "62" requested an additional 32 bytes of memory space.
  • the memory manager determines to allocate data blocks 4 and 5, each block being 16 bytes in size, to fill the request. Accordingly, the memory manager changes the data in the first data field to indicate that data blocks 4 and 5 are now in use. and changes the ownership byte in the second data field from "FO.” the ownership indicator for the OS. to "62.” the application ' s unique ownership indicator. At this time, the memory manager might aiso change the access type indication in the third data field.
  • Memory space deallocation is similarly performed. Once data blocks in read write memory are returned to OS ownership and their "not-in-use " status indicated, they may be reallocated during subsequent requests for memory space. In this manner, memory space may be intelligently and securely allocated and deallocated between the OS and any number of smart card applications.
  • the RAM-based, memory management record thus provides an ideal vehicle for the memory management. Since RAM is fast, the memory management record may be readily updated in a single access cycle to reflect any change in memory use. ownership. and or access type for one or more read/write data blocks. Unfortunately, RAM is also a volatile memory incapable of retaining data when the smart card loses power. By their nature and use. smart cards often lose power. In fact, at the end of many transactions, a terminal will unceremoniously terminate power to the smart card without warning. Thus. the presence of a memory management record in volatile memory requires additional considerations.
  • the memory management record may be easily preserved by copying it into read write memory. Upon being subsequently reactivated, the memory management record will be recopied into RAM as part of a smart card initialization routine.
  • a controlled shut-down is any transaction ending event which communicates the impending loss of power to the smart card with sufficient remaining time for the smart card to copy the memory management record into read/ write memory.
  • the OS may include a security signature with the file in order to authenticate the file before it is recopied into
  • reconstruction of the memory management record is performed during a subsequent initialization routine by the memory- manager which draws upon information stored in non-volatile memory to accurately reconstruct the memory management record before the smart card memory is accessed.
  • a data record may be an application, a file, a record, a data object or any other type of persistent data.
  • Fig. 4 illustrates an exemplary 16-byte data record structure comprising a 2-byte ID field, a 1-byte ownership field, a 1-byte type field, a 4-byte data field, a 2-byte data length field, and a 6-byte label field.
  • the type field and the label field are user definable. That is. an application's programmer may use these data record fields for any purpose whatsoever.
  • the memory manager, and the OS in general, do not care what these fields contain. They are merely variable data fields associated with a data record.
  • the type field might indicate whether the data record is an application, a file, or some other data object.
  • the label field might indicate an access type or condition for the data record.
  • the ID field identifies the data record within the file system administered by the OS.
  • the ownership field includes ownership information.
  • the ownership field of the data record contains the unique ownership byte previously- described. Only the OS may access and define the ID and ownership fields in each data record.
  • the data field and the data length field are related within each data record.
  • the data length field specifies the size of the data field. In one preferred embodiment, the data field is allocated 4 bytes, it's maximum data size. Thus, if the data length field indicates that the data is 4 bytes or less in size, then the data field stores the actual data associated with the data record. If, however, the data length field indicates that the data field is greater than 4 bytes in size, the data field stores a 4-byte data pointer indicating the beginning address, elsewhere in read write memory at which the actual data may be found.
  • a smart card By interpreting these fields for each data record, the ownership, data length, and data fields in particular, the memory manager is able to reconstruct the memory- management record from the data records stored in read/write memory.
  • the foregoing capability requires that all data records be stored or referenced within the read/write memory.
  • a smart card organizes and manages data records by use of a "file manager " in conjunction with one or more file directories.
  • the file manager is another function resident in the OS. and may be called by the OS or by an application running on the smart card.
  • the file manager provides general data record storage and retrieval serv ices. The file manager often works in cooperation with the memory manager to accomplish a variety of tasks.
  • a table or tree defining a file directory is presently preferred as a file management reference but other programming devices might be used.
  • Fig. 5 illustrates a file directory.
  • the file directory comprises N ent ⁇ es. Ten are shown as an example. Each entry is able to store a 16 byte data record having the structure previously described.
  • a first (or root) file directory is created in read/write memory.
  • the OS or a boot-program application stored in ROM creates a 160 byte long root file directory in read/write memory before the OS or an application defines a first data record.
  • the file manager stores the first N-l data records defined on the smart card as the first N-l entries. If an Nth data record is required. the root file directory is linked to a second file directory in read/write memory via a
  • END and LINK are special types data records which are used by the file manager to effectively interrogate and manage file directories in read/write memory.
  • the ID or type data fields in the END and LINK data records may be used to indicate their special nature to the file manager.
  • the data field may be used to store a pointer to the beginning address of the next file directory and the data length field will indicate the data length - 160 bytes in the working example.
  • me OS will always own the Nth entry of each file directory, which will contain either an END data record or a LINK data record.
  • the file manager calls the memory manager requesting allocation of another 160 bytes of read/ write memory.
  • the 160 bytes are defined as a second file directory, and the starting address of the second file directory is linked to the root file directory by changing the Nth entry of the root file directory from an END data record to a LINK data record, and by storing the starting address for the second file directory in the data field of the LINK data record.
  • File directories may be searched or queried by the file manager. That is. the file manager may search a file directory using any one or more of the data record fields.
  • a specific data record may be located by searching for its ID field, or all data records owned by a particular application may be readily located by their ownership field.
  • an application developer may define a specific record access mechanism based on a unique security requirement in the application. Such a mechanism may then be implemented and controlled using the fiie manager.
  • the smart card Upon receiving power, the smart card begins a start-up routine 60.
  • the start-up routine may begin with receipt of a RST signal from the terminal.
  • an ATR signal is returned to the terminal.
  • bitmap copy is stored in EPROM.
  • the memory manager must recreate the bitmap from the data records stored in EPROM. To do this, the memory manager calls the file manager 68. and the file manager begins with the first entry in the root file directory and obtains a data record 70. The ownership and type fields are identified from the obtained record 71.
  • the memory manager then writes this information to RAM as one bitmap entry 74.
  • the memory manager again calls the file manager 68 and the process continues until the END data record is found.
  • the three data fields of the bitmap shown in Fig. 3 may be created in RAM. More or less information may be transferred from the data records to the memory management record depending on the nature and content of the memory management record.
  • a command is received 78.
  • the OS controls the I/O routine, and upon receiving a command the OS seeks to identify the application owning the received command 79. This might be done by comparing an ownership byte communicated in the command with the ownership byte for each application type data record stored in the file directory.
  • the application receives a command to "Store Data. " where the data to be stored is 100 bytes in size 81.
  • the application In order to store the data, the application must first be allocated sufficient memory space by the memory manager. Thus, the application calls the memory manager 82.
  • the error routine is called to indicate this fact to the terminal 83.
  • the memory management record is updated to allocate the space to the requesting application 85.
  • the file manager is called 86. and inserts the data into the allocated memory space in order to create the requested data record 87.
  • the file manager then defines the appropriate data fields in the next available file directory entry to reflect the nature of the new data record 88. At this point, the new data record is persistent in memory, and the OS ends the routine 89.
  • Data records may be deleted for any number of reasons. For example, an application might be wholly deleted from the smart card taking every associated data record with it. Some data records may be time sensitive. That is. some data records may be valid for only a limited period of time, or a limited number of transactions. Once the time period or other condition expires the data record is deleted.
  • the file manager locates the data record in the file directory by. for example. looking for a specific ID field 92a. changes the information in the ownership data field for the located data record from its present state to one indicating OS ownership 92b. and changes the type field of the located data record to indicate that the associated file directory entry in now empty 92c.
  • the memory manager is called 93.
  • the memory manager updates the memory management record 93a to reflect the deallocation of memory space previously associated with the deleted data record. For example, taking the bitmap example of Fig 3. for each data block once allocated to the deleted data record, the first data field is changed to indicate "not in use.” the second data field is changed to indicate OS ownership, and any type access information in the third data field is cleared to indicate "free " access.
  • a memory manager and a file manager used in conjunction with a memory management record and one or more file directories may efficiently allocate, account for. and deallocate memory space in an environment where integrity of the memory at any moment is ensured.
  • the file manager and the file directory replace the unwieldy file tree structure suggested by ISO 7816, part 4. Scarce memory space may be recycled for use by the smart card.
  • the present invention provide a platform upon which a smart card may- download and run a multiplicity of applications from different sources, without beaching data security between the applications, and without inefficiently partitioning memory according to application.

Abstract

L'invention concerne un système et un procédé destinés à la gestion de mémoire dans une carte à puce (10). Le gestionnaire de mémoire, de préférence élément d'un vrai système de fonctionnement, est le seul dispositif par l'intermédiaire duquel la mémoire de la carte à puce (10) est attribuée et libérée. On réalise l'attribution de mémoire pour des nouveaux objets de données et sa libération en conséquence de la suppression d'objet de données en prenant en référence un enregistrement de gestion de mémoire (30), de préférence une table de bits, qui est stockée dans une mémoire vive (22) et constituée suite à l'initialisation de la carte à puce (10).
PCT/US2000/000080 1999-08-31 2000-01-05 Systeme et procede de gestion de memoire de carte a puce WO2001016759A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/386,286 US6480935B1 (en) 1999-01-15 1999-08-31 Smart card memory management system and method
US09/386,286 1999-08-31

Publications (1)

Publication Number Publication Date
WO2001016759A1 true WO2001016759A1 (fr) 2001-03-08

Family

ID=23524964

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/000080 WO2001016759A1 (fr) 1999-08-31 2000-01-05 Systeme et procede de gestion de memoire de carte a puce

Country Status (1)

Country Link
WO (1) WO2001016759A1 (fr)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002050661A2 (fr) * 2000-12-21 2002-06-27 Cp8 Technologies Procede d'allocation dynamique de memoire par blocs de memoire elementaires a une structure de donnees, et systeme embarque correspondant
WO2003032116A2 (fr) 2001-10-05 2003-04-17 Mastercard International Incorporated Systeme et procede pour stockage de donnees sur carte a circuit integre
WO2003065298A1 (fr) 2002-01-25 2003-08-07 Sony Corporation Systeme et procede de communication proche, dispositif et procede de gestion de donnees, support d'enregistrement et programme informatique
EP1347384A2 (fr) * 2002-03-20 2003-09-24 Kabushiki Kaisha Toshiba Microprocesseur inviolable à mémoire interne et à fonction de protection de secret
EP1403761A1 (fr) * 2001-06-27 2004-03-31 Sony Corporation Dispositif a circuit integre, dispositif de traitement de l'information, procede de gestion de memoire de support d'information, terminal mobile, dispositif a circuit integre a semi-conducteur, et procede de communication par terminal mobile
US6824064B2 (en) 2000-12-06 2004-11-30 Mobile-Mind, Inc. Concurrent communication with multiple applications on a smart card
WO2005043468A2 (fr) * 2003-10-30 2005-05-12 Matsushita Electric Industrial Co., Ltd. Systeme de radiocommunications, dispositif terminal mobile, dispositif serveur, carte memoire et programme lisible par informatique
FR2879319A1 (fr) * 2004-12-14 2006-06-16 Gemplus Sa Procede de positionnement de donnees elementaires d'une structure de donnees dans une memoire
WO2008009095A1 (fr) * 2006-07-19 2008-01-24 Research In Motion Limited Procédé, système et lecteur de carte à puce pour gérer l'accès à une carte à puce
EP1967949A1 (fr) * 2007-03-07 2008-09-10 Gemplus Procédé pour exécuter un programme relatif à plusieurs services, système et dispositif électroniques correspondants
EP2073125A1 (fr) * 2007-12-17 2009-06-24 Electronics and Telecommunications Research Institute Appareil et procédé pour gérer la mémoire utilisateur d'une étiquette RFID
US7766243B2 (en) 2006-07-19 2010-08-03 Research In Motion Limited Method, system and smart card reader for management of access to a smart card
US7853987B2 (en) 2006-10-10 2010-12-14 Honeywell International Inc. Policy language and state machine model for dynamic authorization in physical access control
US8166532B2 (en) 2006-10-10 2012-04-24 Honeywell International Inc. Decentralized access control framework
US8799574B2 (en) 2008-03-10 2014-08-05 Nxp, B.V. Method and devices for installing and retrieving linked MIFARE applications
US9607189B2 (en) 2015-01-14 2017-03-28 Tactilis Sdn Bhd Smart card system comprising a card and a carrier
US10037528B2 (en) 2015-01-14 2018-07-31 Tactilis Sdn Bhd Biometric device utilizing finger sequence for authentication
US10395227B2 (en) 2015-01-14 2019-08-27 Tactilis Pte. Limited System and method for reconciling electronic transaction records for enhanced security

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4882474A (en) * 1986-05-16 1989-11-21 American Telephone And Telegraph Company Security file system and method for securing data in a portable data carrier
US5740349A (en) * 1993-02-19 1998-04-14 Intel Corporation Method and apparatus for reliably storing defect information in flash disk memories

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4882474A (en) * 1986-05-16 1989-11-21 American Telephone And Telegraph Company Security file system and method for securing data in a portable data carrier
US5740349A (en) * 1993-02-19 1998-04-14 Intel Corporation Method and apparatus for reliably storing defect information in flash disk memories

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"SMART CART DEVELOPER'S KIT, PASSAGE", SMART CARD DEVELOPER'S KIT, XX, XX, 1 January 1998 (1998-01-01), XX, pages 01/02 + 175/176 + 219/220, XP002927894 *
RANKL, ET AL.: "SMART CARD HANDBOOK, PASSAGE", SMART CARD HANDBOOK, XX, XX, 1 January 1998 (1998-01-01), XX, pages 01 + 14 + 91 + 103 + 107 - 110 + 127/128, XP002927893 *

Cited By (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6824064B2 (en) 2000-12-06 2004-11-30 Mobile-Mind, Inc. Concurrent communication with multiple applications on a smart card
FR2818771A1 (fr) * 2000-12-21 2002-06-28 Bull Cp8 Procede d'allocation dynamique de memoire par blocs de memoire elementaires a une structure de donnees, et systeme embarque correspondant
WO2002050661A3 (fr) * 2000-12-21 2002-08-22 Cp8 Technologies Procede d'allocation dynamique de memoire par blocs de memoire elementaires a une structure de donnees, et systeme embarque correspondant
WO2002050661A2 (fr) * 2000-12-21 2002-06-27 Cp8 Technologies Procede d'allocation dynamique de memoire par blocs de memoire elementaires a une structure de donnees, et systeme embarque correspondant
US7024535B2 (en) 2000-12-21 2006-04-04 Cp8 Technologies Method for dynamically allocating memory workspace by elementary memory blocks to a data structure, and corresponding onboard system
US7508946B2 (en) 2001-06-27 2009-03-24 Sony Corporation Integrated circuit device, information processing apparatus, memory management method for information storage device, mobile terminal apparatus, semiconductor integrated circuit device, and communication method using mobile terminal apparatus
US9384618B2 (en) 2001-06-27 2016-07-05 Sony Corporation Integrated circuit device, information processing apparatus, memory management method for information storage device, mobile terminal apparatus, semiconductor integrated circuit device, and communication method using mobile terminal apparatus
EP1403761A1 (fr) * 2001-06-27 2004-03-31 Sony Corporation Dispositif a circuit integre, dispositif de traitement de l'information, procede de gestion de memoire de support d'information, terminal mobile, dispositif a circuit integre a semi-conducteur, et procede de communication par terminal mobile
EP1403761A4 (fr) * 2001-06-27 2004-11-17 Sony Corp Dispositif a circuit integre, dispositif de traitement de l'information, procede de gestion de memoire de support d'information, terminal mobile, dispositif a circuit integre a semi-conducteur, et procede de communication par terminal mobile
EP1433043A2 (fr) * 2001-10-05 2004-06-30 Mastercard International, Inc. Systeme et procede pour stockage de donnees sur carte a circuit integre
WO2003032116A2 (fr) 2001-10-05 2003-04-17 Mastercard International Incorporated Systeme et procede pour stockage de donnees sur carte a circuit integre
EP1433043A4 (fr) * 2001-10-05 2010-06-09 Mastercard International Inc Systeme et procede pour stockage de donnees sur carte a circuit integre
US7694882B2 (en) 2001-10-05 2010-04-13 Mastercard International Incorporated System and method for integrated circuit card data storage
EP1469419A1 (fr) * 2002-01-25 2004-10-20 Sony Corporation Systeme et procede de communication proche, dispositif et procede de gestion de donnees, support d'enregistrement et programme informatique
WO2003065298A1 (fr) 2002-01-25 2003-08-07 Sony Corporation Systeme et procede de communication proche, dispositif et procede de gestion de donnees, support d'enregistrement et programme informatique
EP1469419A4 (fr) * 2002-01-25 2008-12-17 Sony Corp Systeme et procede de communication proche, dispositif et procede de gestion de donnees, support d'enregistrement et programme informatique
EP1347384A3 (fr) * 2002-03-20 2004-08-11 Kabushiki Kaisha Toshiba Microprocesseur inviolable à mémoire interne et à fonction de protection de secret
EP1347384A2 (fr) * 2002-03-20 2003-09-24 Kabushiki Kaisha Toshiba Microprocesseur inviolable à mémoire interne et à fonction de protection de secret
US7219369B2 (en) 2002-03-20 2007-05-15 Kabushiki Kaisha Toshiba Internal memory type tamper resistant microprocessor with secret protection function
WO2005043468A2 (fr) * 2003-10-30 2005-05-12 Matsushita Electric Industrial Co., Ltd. Systeme de radiocommunications, dispositif terminal mobile, dispositif serveur, carte memoire et programme lisible par informatique
WO2005043468A3 (fr) * 2003-10-30 2005-12-29 Matsushita Electric Ind Co Ltd Systeme de radiocommunications, dispositif terminal mobile, dispositif serveur, carte memoire et programme lisible par informatique
WO2006063911A1 (fr) * 2004-12-14 2006-06-22 Gemplus Procede de positionnement de donnees elementaires d'une structure de donnees dans une memoire
FR2879319A1 (fr) * 2004-12-14 2006-06-16 Gemplus Sa Procede de positionnement de donnees elementaires d'une structure de donnees dans une memoire
US7766243B2 (en) 2006-07-19 2010-08-03 Research In Motion Limited Method, system and smart card reader for management of access to a smart card
US8240578B2 (en) 2006-07-19 2012-08-14 Research In Motion Limited Method, system and smart card reader for management of access to a smart card
WO2008009095A1 (fr) * 2006-07-19 2008-01-24 Research In Motion Limited Procédé, système et lecteur de carte à puce pour gérer l'accès à une carte à puce
US8944336B2 (en) 2006-07-19 2015-02-03 Blackberry Limited Method, system and smart card reader for management of access to a smart card
US8485449B2 (en) 2006-07-19 2013-07-16 Research In Motion Limited Method, system and smart card reader for management of access to a smart card
US7871010B2 (en) 2006-07-19 2011-01-18 Research In Motion Limited Method, system and smart card reader for management of access to a smart card
EP2341464A1 (fr) * 2006-07-19 2011-07-06 Research In Motion Limited Procédé, système et lecteur de cartes intelligentes pour la gestion de l'accès à une carte intelligente
US8047444B2 (en) 2006-07-19 2011-11-01 Research In Motion Limited Method, system and smart card reader for management of access to a smart card
US8079530B2 (en) 2006-07-19 2011-12-20 Research In Motion Limited Method, system and smart card reader for management of access to a smart card
EP2450822A3 (fr) * 2006-07-19 2012-07-11 Research In Motion Limited Procédé, système et lecteur de carte intelligente pour la gestion d'un accès à une carte intelligente
US8166532B2 (en) 2006-10-10 2012-04-24 Honeywell International Inc. Decentralized access control framework
US7853987B2 (en) 2006-10-10 2010-12-14 Honeywell International Inc. Policy language and state machine model for dynamic authorization in physical access control
EP1967949A1 (fr) * 2007-03-07 2008-09-10 Gemplus Procédé pour exécuter un programme relatif à plusieurs services, système et dispositif électroniques correspondants
WO2008107438A1 (fr) * 2007-03-07 2008-09-12 Gemalto Sa Procede pour executer un programme relatif a plusieurs services, systeme et dispositif electroniques correspondants
EP2073125A1 (fr) * 2007-12-17 2009-06-24 Electronics and Telecommunications Research Institute Appareil et procédé pour gérer la mémoire utilisateur d'une étiquette RFID
US8799574B2 (en) 2008-03-10 2014-08-05 Nxp, B.V. Method and devices for installing and retrieving linked MIFARE applications
US9607189B2 (en) 2015-01-14 2017-03-28 Tactilis Sdn Bhd Smart card system comprising a card and a carrier
US10037528B2 (en) 2015-01-14 2018-07-31 Tactilis Sdn Bhd Biometric device utilizing finger sequence for authentication
US10147091B2 (en) 2015-01-14 2018-12-04 Tactilis Sdn Bhd Smart card systems and methods utilizing multiple ATR messages
US10223555B2 (en) 2015-01-14 2019-03-05 Tactilis Pte. Limited Smart card systems comprising a card and a carrier
US10229408B2 (en) 2015-01-14 2019-03-12 Tactilis Pte. Limited System and method for selectively initiating biometric authentication for enhanced security of access control transactions
US10275768B2 (en) 2015-01-14 2019-04-30 Tactilis Pte. Limited System and method for selectively initiating biometric authentication for enhanced security of financial transactions
US10395227B2 (en) 2015-01-14 2019-08-27 Tactilis Pte. Limited System and method for reconciling electronic transaction records for enhanced security

Similar Documents

Publication Publication Date Title
US6480935B1 (en) Smart card memory management system and method
WO2001016759A1 (fr) Systeme et procede de gestion de memoire de carte a puce
EP0985202B1 (fr) Carte a circuit integre a plusieurs applications et dotee d'un mecanisme de delegation
US5754762A (en) Secure multiple application IC card using interrupt instruction issued by operating system or application program to control operation flag that determines the operational mode of bi-modal CPU
US6390374B1 (en) System and method for installing/de-installing an application on a smart card
US6256690B1 (en) System and method for facilitating multiple applications on a smart card
US7281101B2 (en) Memory device storing data relating to specific application programs
KR100484485B1 (ko) 비휘발성 메모리에의 데이터 저장 방법 및 장치
AU681754B2 (en) Data exchange system comprising portable data processing units
EP0981805A1 (fr) Carte a circuit integre avec fonction interpreteur
JP4742469B2 (ja) 複数のosを用いるicカード、icカード処理装置および処理方法
EP1573517B1 (fr) Procede et appareil de traitement de transactions dans un systeme de traitement de donnees
US6736325B1 (en) Codelets
WO2001016874A1 (fr) Gestionnaire de transactions de carte a puce
GB2350703A (en) Smart devices
WO2001016707A1 (fr) Système d'exploitation de cartes à puce doté d'interfaces
EP1384197B1 (fr) Procédé de fabrication de cartes à puce
WO2001016865A1 (fr) Systeme et procede d'installation/desinstallation d'une application sur une carte a puce
JP3701571B2 (ja) 集積回路、及びicカード
JP3195122B2 (ja) Icカードに与える命令フォーマットのチェック方法
US20030150913A1 (en) IC card terminal
JP2006293706A (ja) アプリケーションの更新機能を有するマルチアプリケーションicカード
JP7322923B2 (ja) セキュアエレメント,トランザクション制御方法およびデバイス
JP7438432B1 (ja) 電子情報記憶媒体、icチップ、icカード、レコード書き込み方法、及びプログラム
JP7334566B2 (ja) 電子情報記憶媒体、及びプログラム

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): SG

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase