WO2002003271A1 - Carte a circuit integre, procede de duplication d'une carte a circuit integre et procede de restitution - Google Patents

Carte a circuit integre, procede de duplication d'une carte a circuit integre et procede de restitution Download PDF

Info

Publication number
WO2002003271A1
WO2002003271A1 PCT/JP2000/004447 JP0004447W WO0203271A1 WO 2002003271 A1 WO2002003271 A1 WO 2002003271A1 JP 0004447 W JP0004447 W JP 0004447W WO 0203271 A1 WO0203271 A1 WO 0203271A1
Authority
WO
WIPO (PCT)
Prior art keywords
card
data
encryption key
backup
encryption
Prior art date
Application number
PCT/JP2000/004447
Other languages
English (en)
Japanese (ja)
Inventor
Masatoshi Haraguchi
Original Assignee
Hitachi, Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hitachi, Ltd. filed Critical Hitachi, Ltd.
Priority to AU2000255731A priority Critical patent/AU2000255731A1/en
Priority to PCT/JP2000/004447 priority patent/WO2002003271A1/fr
Publication of WO2002003271A1 publication Critical patent/WO2002003271A1/fr

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor

Definitions

  • the present invention relates to an IC card, and more particularly to a method for backing up and restoring the memory contents of an IC card.
  • IC cards are being used in a wide range of social life fields such as finance, distribution, telecommunications, transportation, entertainment, and government due to the expansion of memory capacity and the improvement of CPU capabilities with the advancement of IC chip technology.
  • Ic card that is, to install multiple applications.
  • users it is also necessary for users to be able to load and delete applications themselves.
  • a single IC card is used for multiple purposes, and the more important information that is stored, the more convenient it becomes.
  • the loss of the IC card due to damage, loss, etc. poses a major problem.
  • a first object of the present invention is to encrypt information (program code, data, program control information, and the like) stored in the memory of an Ic card, pack it up in a device outside the card, and make the same when necessary. The purpose of this is to realize a secure backup in terms of security by decrypting and restoring the data in another card or another card.
  • a second object of the present invention is to reduce the processing time and the storage medium capacity by enabling backup and restoration of only the changed part of the memory to be backed up. .
  • a third object of the present invention is to provide a card application (AP) which handles values such as electronic money and points as a backup target, so that the AP initializes the value by itself before handling the gallery.
  • AP card application
  • the present invention provides a method of encrypting and backing up using a card-specific encryption key that exists only in the card, and decrypting and restoring the backed up data in the same card. adopt. This method is highly secure because it does not require decryption outside the card.
  • the card-specific encryption key is encrypted using the same card common encryption key between cards that exist only in the card, and the card is backed up as part of the backup data.
  • the unique encryption key is decrypted using the card common encryption key in a separate card, and the backup data is further decrypted in the separate card using the card unique encryption key. In this way, even when restoring to a separate drive, the method does not require decryption outside the card, so the safety is high.
  • the present invention includes means for determining whether or not there is a change in the memory content for each fixed length (page) unit. Realize page-only backup and restore. As a result, the processing time for backup and restoration can be reduced, and the storage medium capacity can be reduced.
  • the function of backing up the data is defined as 0S function. Realize. As a result, it is possible to perform backup with only 0S without imposing a burden on a plurality of APs. Also, when restoring an AP that handles data that has a value such as electronic money or points, a means for 0S to notify the AP that the restoration has been performed, and a method for reading the value before the AP handles the value. A means for initializing to zero, for example, is provided.
  • the method of initializing the value in the IC card when executing this restoration is based on the idea that if the user loses the real wallet, the money inside will be lost, and in the case of restoring to the same card, the user himself before restoration It is based on the idea that the remaining value in the IC card can be used up once or transferred to another medium, so that the loss caused by initializing the value can be avoided.
  • the IC card stores an encryption key, an encryption function for performing encryption processing and decryption processing, and an encryption function for encryption function using the encryption key in a memory of the IC force.
  • the IC card also includes: an encryption key unique to the IC card; an encryption key common to a plurality of Ic cards; an encryption function for performing encryption processing and decryption processing; Unique encryption that is encrypted by encryption processing of the encryption function using a common encryption key and backup data obtained by encrypting information stored in the memory of the Ic card by encryption processing using a key.
  • An IC card provides a decryption process using a first encryption key and an encryption key.
  • a decryption function for decrypting a second encryption key from the received encrypted information using a first encryption key, and a second encryption key for decrypting the received encrypted information.
  • the IC card further includes an encryption key unique to the IC card, an encryption key common to a plurality of IC cards, an encryption function for performing encryption processing and decryption processing, and an encryption key unique to the IC card.
  • the backup data may include identification information unique to each IC card for identifying the IC card.
  • the IC card according to one aspect of the present invention can include an operating system having a function of holding information indicating that restoration has been performed and notifying the information to a force application.
  • Information indicating that the restoration has been performed can be held by, for example, a flag.
  • the application handles data (value) whose value itself has economic value, it is preferable that the application initialize the value when it receives information indicating that the restoration has been executed.
  • the IC card according to one embodiment of the present invention also includes an encryption key unique to the IC card, an encryption key common to a plurality of IC cards, an encryption function for performing encryption processing and decryption processing, and a common encryption key.
  • a key export function that exports a unique encryption key that was encrypted by the encryption function using the encryption function, and a decryption process that uses the common encryption key from the imported information.
  • An IC card backup method is directed to an IC card backup method for backing up the contents of an IC card memory to a device outside the IC card. It is characterized in that the contents of the memory are encrypted using an encryption key unique to the IC card that exists only in the IC card, and are then transferred to a device outside the IC card as backup data.
  • the method for restoring the memory contents of an IC card is a method for restoring the memory contents of an IC card backed up to an external device to the memory of an IC card. It is characterized in that the encrypted backup data is decrypted using an encryption key unique to the IC card that exists only in the IC card and is restored in the memory.
  • the backup data may include identification information for identifying the IC card, and when restoring, it may be possible to check whether the identification information included in the backup data matches the identification information of the IC card to be restored.
  • a method of backing up the memory content of a first IC card to an external device and restoring the backed up memory content to a memory of a second IC card exists only in the first IC card.
  • the data obtained by encrypting the unique encryption key of the first IC card using the encryption key common to the first and second IC cards in the first IC card, and the memory content of the first IC card Transferring backup data including data encrypted in the first IC card using an encryption key unique to the first IC card from the first IC card to an external device; Loading the backup data from an external device by using a shared encryption key that exists only in the IC card, and from the loaded backup data to the first IC card in the second IC card.
  • a method of backing up the memory content of an Ic card to an external device and restoring the backed up memory content to a memory of an IC card is based on a method of dividing the memory to be backed up into memory division units. Page), and back up and restore only the changed pages.
  • the external device stores the backup sequence number and information on whether the backup is a whole backup or a partial backup of only the changed page as management information of the backup data, and uses this management information to perform a series of backup backups. Data can be restored collectively.
  • a method of backing up the memory content of an IC card to an external device and restoring the backed up memory content to the memory of the IC card includes the steps of transferring a program in the IC card to an operating system and an application program.
  • the backup function and the restore function are realized as the functions of the operating system.
  • the application program has the value of electronic money, points, etc.
  • the operating system executes backup and restore, the operating system notifies the application program of the execution of the restore and is notified of the execution of the restore. It is preferable that the application program initializes the value before using the value.
  • a method of storing a program in an IC card includes the steps of: when storing a program stored outside the IC card into the Ic card, recognizing that the program is read from outside the Ic card. It is characterized by receiving information indicating that from the program, and setting a specific value in a predetermined area in the IC card based on the information.
  • the program stored from the outside of the IC card is an application program that handles values such as electronic money and points
  • the value read together with the program from the outside of the IC card is invalidated, and By setting the value to be set to a specific value, for example, an initial value such as zero, it is possible to prohibit the generation of an illegal value.
  • a method of storing a program on an Ic card comprising: recognizing that, when a program stored outside the IC card is stored on the Ic card, the program is read from outside the IC card. Information indicating that fact may be received from the circuit, and a specific value may be set in a predetermined area in the IC card based on the information. Even with this method, when the program stored from the outside of the IC card is an application program that handles values such as electronic money and points, the value read with the program from outside the IC card is invalidated, and the value is stored in the IC card. By setting the value to be set as a specific value, for example, an initial value such as zero, it is possible to prohibit the generation of an illegal value.
  • a method for restoring an application program on an IC card is a method for restoring an application holding data items stored outside the IC card to the IC card when the application program is restored to the IC card.
  • the application program receives information indicating that the application program is an application program read from outside the IC card from the operating system of the IC card, and the application program converts the data into a predetermined data item based on the information. It is characterized in that a specific value is set.
  • the program according to one aspect of the present invention is a program stored in an IC card for performing processing, and means for obtaining information indicating that the program has been stored in the IC card, and a program in the IC card based on the information.
  • a means for setting a specific value in a predetermined area of the data means to set a value such as an electronic money or a point to zero, for example. According to this method, it is possible to prohibit the generation of an illegal value in the IC card by an operation of externally storing the application program handling the value in the IC card.
  • ADVANTAGE OF THE INVENTION it is possible to securely back up the memory contents of an IC card to a device outside the IC card by using an encryption function in terms of security, and to restore not only the own card but also another card. .
  • a method of storing data on an Ic card includes the steps of: When data stored outside the IC card is stored in the IC card, information indicating this fact is received from a program that recognizes that the data has been read from outside the IC card, and the information is stored in the information.
  • the management information of the data is set in a predetermined area based on the data.
  • an area for writing data for example, value data such as electronic money
  • an IC card memory and an area for storing the value data writing history information are set as separate areas, and the data is written. Management history and the like.
  • the method of storing data in an IC card is further characterized in that, when data stored outside the IC card is stored in the IC card, the data is read from outside the IC card. Receiving information indicating the fact from a circuit for recognizing the data, and setting management information of the data in a predetermined area based on the information.
  • an area for writing data for example, value data such as electronic money
  • an IC card memory and an area for storing value data write history information are set as separate areas, and the data is stored in the IC card memory. It manages the writing history and the like.
  • a program stored in an IC card and performing processing includes: a unit for obtaining information indicating that data is stored in the IC card; and a program for storing information in a predetermined area in the IC card based on the information. It is characterized by realizing means for setting data management information.
  • FIG. 1 is an overall configuration diagram showing an example of the function and information flow of an IC card according to the present invention and an external device for backing up its contents.
  • Fig. 2 is a functional block diagram of the key export and import functions.
  • FIG. 3 is a functional configuration diagram of the differential backup function and the restore function.
  • FIG. 4 is a data structure diagram of a changed memory management table.
  • Fig. 5 is a data structure diagram of stored data.
  • FIG. 6 is a functional configuration diagram of the card AP coordination function.
  • FIG. 7 is a data structure diagram of backup data.
  • FIG. 8 is a data structure diagram of a record constituting the backup data.
  • FIG. 9 is a data structure diagram of the restorer data for another card.
  • FIG. 10 is a diagram showing the data structure of the backup target memory.
  • FIG. 11 is a data structure diagram of an AP management table.
  • FIG. 12 is a flowchart of the entire execution procedure.
  • FIG. 13 is a flowchart of a card initialization command process.
  • FIG. 14 is a flowchart of the backup command processing.
  • FIG. 15 is a flowchart of backup data transfer command processing.
  • FIG. 16 is a flowchart of the backup completion command processing.
  • FIG. 17 is a flowchart of the restore command process.
  • FIG. 18 is a flowchart of a restore data transfer command process.
  • FIG. 19 is a flowchart of a restore completion command process.
  • FIG. 20 is a flowchart of the value initialization processing of the card AP.
  • FIG. 21 is a schematic diagram showing an example of the relationship between an IC card and an IC card issuer.
  • the IC card is equipped with an IC chip, and the IC chip for this IC card is usually
  • the three types of memory are non-rewritable non-volatile memory ROM (read only memory) and rewritable non-volatile memory E E
  • PROM electrically erasable and programmable read only memory
  • RAM rewritable volatile memory
  • the IC force exchanges information with external devices such as a portable terminal and a PC by a command and a command response via a device usually called an IC card reader / writer.
  • the data passed to the card by the command is called command data, and the command response that the card passes as a command processing result includes response data and response code.
  • a method for transferring and retrieving information between an IC card and an IC card reader / writer There are contact type, non-contact type, and hybrid type that can exchange information whether it is contact type or non-contact type.
  • the present invention is applicable to any of these types of IC cards. it can.
  • FIG. 1 is an overall configuration diagram showing an example of the flow of information and the functions of an external device such as an IC card for backing up the contents of an IC card according to the present invention.
  • the encrypted information is indicated by a broken line
  • the unencrypted information is indicated by a solid line.
  • a backup function (003) that backs up the contents of the EEPR ⁇ M (002) to an external device (040) such as a personal computer (PC) is stored in the IC card (001).
  • the backup data is stored from the external device. It has a restorer function (004) for restoring and an encryption function (005) for encrypting and decrypting pack-up data. It also has a card-specific encryption key (008) that exists only in the card to encrypt and decrypt the backup data.
  • the encryption key unique to the card may be generated in the card, or a means for securely receiving the key from an external device may be provided. However, by keeping the card-specific encryption key (008) only in the card, the security of the backup data can be further enhanced.
  • the data backed up in this way can be secured by encrypting it in the card and providing a means that can be decrypted only in the card. That is, the IC card (001) according to the present invention holds the card-specific encryption key (008) in the card, and uses the encryption key (008) to encrypt information (006) and information. Equipped with an encryption function (005) that performs the decryption process (007), and the backup data (010) is extracted to the outside in a state of being encrypted with the encryption key (008) unique to the force, and is encrypted during restoration. The decrypted information is decrypted in the card using the card-specific encryption key (008) and restored. Note that the restore function (004) can be implemented at a higher speed by realizing it with a circuit instead of a program.
  • a key unloading function (011) and a key importing function [012] are provided as means for passing the card-specific encryption key to another card (1 @ card 13).
  • a storage function (041) is provided as a function of storing the backup data in a disk device (043) or the like on an external device, and an extraction function (042) is provided as a function of extracting the stored backup data.
  • FIG. 2 shows a configuration of a key carry-out function (011) and a key carry-in function (012) for transferring the card-specific encryption key (008) shown in FIG. 1 to another card.
  • the same common encryption key (009) is provided between cards in order to encrypt and pass the encryption key (008) unique to the card to another card.
  • This common encryption key may be generated in the card, as in the case of the encryption key unique to the card, or a means for securely receiving the key from an external device may be provided. Also, by keeping the data only in the card, the security of the backup data can be further enhanced.
  • the encryption key (008) unique to the card is encrypted with the common encryption key (009) at the time of backup and transferred to an external device as part of the backup data (010) for storage.
  • the card-specific encryption key (008) is transferred by decrypting the card-specific encryption key transferred from the external device (040) and passed as pack-up data with the common encryption key (009). Further, by using the decrypted card-specific encryption key (008) to decrypt the backup data (010), restoration within another card is realized.
  • Figure 3 shows the configuration of the differential backup function and differential restore function that back up only the changed memory contents.
  • the IC card (001) has a differential backup function (020) and a differential restore function (021) for backing up and restoring only the changed memory contents.
  • the changed memory management table (022) is provided in the EEPROM (002) at a location not to be backed up as a means of checking the memory that has been changed since the previous backup or restoration.
  • FIG. 4 shows the data structure of the change memory management table.
  • the change memory management table (022) divides the EEPROM C002) into fixed-length (page) (090) units and holds a flag (091) that can determine whether there is a change for each page. You.
  • the means for setting this flag is prepared by hardware or a program. After the card is initialized, backed up, and restored, the flag is reset.
  • This differential backup is highly effective when used in combination with a full backup.
  • Backup sequence number stored as f- data management information
  • the external device (040) is provided with a means for sequentially extracting them and restoring them in the order in which the restoration can be executed efficiently.
  • FIG. 5 shows the data structure of backup data stored on an external device.
  • a card number unique to the card (060), backup sequence number (061), backup date (062), backup type (063), etc. are generated or obtained from the card as management information of the backup data. And store it in correspondence with the pack update data.
  • the backup sequence number (061) is a number assigned in sequence for each backup execution.
  • the backup type (063) identifies a full backup and a differential backup.
  • FIG. 6 shows the configuration of a card AP coordination function (032) that provides value initialization means by AP.
  • This figure shows an example where the program in the IC card (001) is configured separately for 0S (030) and AP (031), and this backup is realized as a function of 0S (030). .
  • An AP restore execution flag (086) is set in 0S, as shown in the table below, and the AP provides a means for notifying the AP of the flag status and a means for the AP to reset this flag. (032).
  • An AP that has value such as electronic money must first check whether restoration has been performed before using the stored value, and take action such as initializing the value if restoration has been performed. After that, it is necessary to process the value. In addition, once the AP has initialized the value, it is necessary to request 0 S to reset the restore execution flag (086).
  • FIG. 7 shows the data structure of the backup data transferred to the external device.
  • the backup data (010) consists of a card-specific encryption key (008), backup control information (050), and a data part (053) that is the actual memory content to be backed up.
  • the backup control information (050) has a card number (051) unique to the card that has been backed up, and a backup type (052) that identifies a full backup and a differential backup.
  • the card number is used to check for a match when restoring to the own card. Work errors that are likely to occur due to this card number match check can be prevented. Only the card-specific encryption key (008) is encrypted with the card-common encryption key (009), and the rest is encrypted with the card-specific encryption key (006).
  • the data part (053) is composed of a plurality of records (054).
  • FIG. 8 shows the data structure of the record (054) constituting the data part (053).
  • Each record consists of the backed-up memory contents (056) and a field (055) indicating the location of the memory contents on the EEPROM.
  • Each record may consist of a single page or multiple pages.
  • FIG. 9 shows the data structure of the restorer data when restoring data to another card.
  • Figure 10 shows the data structure of the EE PROM (002) to be backed up.
  • the program in the IC card is configured separately for the OS and the AP.
  • the EEPROM is the system area (080) used by the OS and the AP area where the program code and data of the AP are stored. (081).
  • the system area (080) consists of an area for 0S itself and an area for the AP management table (082) used by 0S to manage and execute the AP.
  • FIG. 11 shows the data structure of the AP management table.
  • the AP management table (082) is provided with the position and size (085) of each AP on the EE PROM and a flag (086) indicating whether or not the AP has executed the restore for each AP.
  • On EE PROM The AP location and size are used to determine if each AP has performed a restore.
  • FIG. 12 shows a flow chart of the overall execution procedure of backup and restore according to the present invention.
  • an IC card is initialized by a card initialization function (105) before the card is issued.
  • the card has an initialization command processing (100).
  • the backup command is a command for requesting execution of a backup.
  • the backup data transfer command is a command for dividing and transferring backup data.
  • the backup completion command is a command for notifying the card that the backup processing on the external device has been completed normally.
  • the restore command is a command for requesting execution of a restore.
  • the restore data transfer command is a command for dividing and transferring the backup data to be restored.
  • the restore completion command is a command for notifying the card that the restoration processing on the external device has been completed normally.
  • the card Upon receiving the card initialization command (106), the card generates a card-specific encryption key for backup and stores it in the system area of the EPROM (120). In addition, it generates a backup common encryption key for backup and stores it in the system area of EEPR 0 (121).
  • the original card initialization processing is executed (122), and thereafter, the changed memory management table is initialized (123).
  • the backup processing in progress flag is set to avoid updating the PROM (131).
  • a pointer indicating the backup position of the EEPROM is initialized (132).
  • the card-specific encryption key and the backup control information, which are part of the backup data are extracted into a buffer and encrypted with the force common encryption key and the card-specific encryption key, respectively (133, 134, 135, 136).
  • the encrypted data is transmitted as command response data (137).
  • the card receives the backup data transfer command (108), it determines whether or not the request is a differential backup request (140). If the request is not a differential backup request, the card buffers data in page units from the backup start pointer set in the backup command processing. (141). If the request is a differential backup request, the data of the page changed in page units is fetched from the backup start pointer into the buffer with reference to the change memory management table (022) (142). Next, the backup start pointer is updated to retrieve the next page (143). Next, the data extracted to the buffer is encrypted with an encryption key unique to the card (144). Next, the encrypted data is transmitted as command response data (146). In addition, when the backup process for all the target pages is completed, the fact is transmitted as a command response code along with the transmission of the encrypted data (147).
  • the card When the card receives the backup completion command (109), it initializes the change memory management table (022) (150) and resets the backup processing flag (151). The processing result is transmitted as a command response code (152).
  • the card Upon receiving the restore command (110), the card first checks the authentication of the command in the same manner as the backup command processing (160). Next, during the restore process
  • the in-restore flag is set (161). Next, it is determined whether or not a restore to the drive is requested (162). If a restore to the drive is requested, the backup control information passed as command data is decrypted with the card-specific encryption key. (163), obtain information necessary for the restoration process. The card number obtained from this control information and the card number of the card performing this restoration The validity of the restorer process is confirmed by checking the matching of the numbers (164).
  • the card receives the restore data transfer command (111)
  • the backup data read into the buffer as command data is used.
  • the card uses its own card-specific encryption key. If it is restored, decryption is performed with the given encryption key unique to the hand of another card (170).
  • the decrypted data is written into the backup position added to the data in page units (171).
  • the request is a differential restore request
  • the AP management table is referenced and the restorer execution flag of the AP to which the restored page belongs from the position and size of the AP is set (174).
  • the processing result is transmitted as a command response code (175).
  • the card Upon receiving the restore completion command (112), the card sets the restore execution flags of all APs unless a differential restore request is made (181).
  • the change memory management table is initialized (182), and the restore processing flag is reset (183).
  • the processing result is transmitted as a command response code (184).
  • the change memory management table is initialized (182), the restore processing flag is reset (183), and the processing result is transmitted as a command response code (184).
  • the AP Upon receiving a command for the AP, the AP normally checks the validity of the re-command by performing a command authentication check using the authentication function of the AP (190). Next, it is checked whether or not restoration has been executed for the AP using the card AP link function provided by OS (191). If a restore has been performed, The value of the electronic money, points, etc. held by the AP is initialized (193), and the restorer execution flag for the AP is reset using the AP linking function (194). Thereafter, normal command processing is executed (195), and the processing result is transmitted (196). 0 Use the card AP link function provided by S to check whether or not restoration has been executed for the AP (191). If restoration has not been executed, execute normal command processing (195). ), And sends the processing result (196).
  • a command response code is used to notify the requester that the restoration is being executed, and the requester sends the AP a request. Another way is to reissue the command to set the value of Also, although not illustrated in the figure, the AP registers the value initialization routine at 0 S, and when the restore is executed, the AP is registered at the next time the AP is executed. There is also a method of executing an initialization routine to execute an initialization process.
  • FIG. 21 is a schematic diagram showing an example of a relationship between an IC card, an application stored therein, and an IC card issuer.
  • the IC card (001) shown in this example has multiple applications related to electronic money (201), credit (202), identification card (203), medical service (204), member service (205), etc. One is stored.
  • the IC card issuer provides a backup service of the memory contents of the IC card as one of the services.
  • the card issuer's host computer (210) stores programs (211 and 213) for backing up the IC card and restoring it to the IC card, and a database (212) for backup. I have.
  • the backup of the memory contents of the IC card (001) is performed periodically or irregularly by the IC card owner by causing the card issuer's terminal to read the IC card owned by the card issuer, and performing the communication with the terminal of the application service provider.
  • the card issuer's host computer (210) is connected via a communication network, and when the IC card holder uses the IC card, the backup data is transferred from the service provider's terminal to the card issuer's host computer (210). Can be executed. If the IC card owner loses his or her own IC card, he / she must follow the prescribed procedures Offer to the publisher. Then, the card issuer issues a backup database
  • a service for issuing a new IC card (214) using the backup data of the IC card stored in (212) is performed.
  • the backup method and the restore method of the IC card have been described in detail above.
  • the present invention uses the functions of the 0S and the AP in the IC card described above or the circuit built in the IC card.
  • data management information such as the storage date and the number of times of storage of the data is written in a predetermined area of the IC card.
  • This method is used, for example, when an AP that handles electronic money is loaded on an IC card and the electronic money is stored from outside the IC card, the electronic money is stored in an area other than the writing area of the electronic money. It enables storage of writing history information, and can be used to manage the writing history of electronic money.
  • the IC card is encrypted and backed up using the card-specific encryption key that exists only in the card, and the backed up data has the same IC power.
  • the card-specific encryption key that exists only in the card
  • the backed up data has the same IC power.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne une carte à circuit intégré présentant une protection de sécurité, laquelle carte est dupliquée. Des données sont chiffrées (005) à l'aide d'une clé de chiffrement (008) unique qui est octroyée à une carte (001) et qui est placée seulement à l'intérieur de la carte (001) de manière à dupliquer (003) les données. Les données dupliquées sont décodées dans la même carte, puis restituées. La clé de chiffrement unique susmentionnée est chiffrée à l'aide d'une clé de chiffrement commune placée uniquement dans des cartes et commune à celles-ci, puis dupliquée avec les données. La clé de chiffrement unique est décodée à l'aide de la clé de chiffrement commune aux cartes dans une autre carte, et les données dupliquées sont décodées dans une autre carte, puis restituées.
PCT/JP2000/004447 2000-07-04 2000-07-04 Carte a circuit integre, procede de duplication d'une carte a circuit integre et procede de restitution WO2002003271A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2000255731A AU2000255731A1 (en) 2000-07-04 2000-07-04 Ic card, method for backing up ic card, and restoring method
PCT/JP2000/004447 WO2002003271A1 (fr) 2000-07-04 2000-07-04 Carte a circuit integre, procede de duplication d'une carte a circuit integre et procede de restitution

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2000/004447 WO2002003271A1 (fr) 2000-07-04 2000-07-04 Carte a circuit integre, procede de duplication d'une carte a circuit integre et procede de restitution

Publications (1)

Publication Number Publication Date
WO2002003271A1 true WO2002003271A1 (fr) 2002-01-10

Family

ID=11736224

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2000/004447 WO2002003271A1 (fr) 2000-07-04 2000-07-04 Carte a circuit integre, procede de duplication d'une carte a circuit integre et procede de restitution

Country Status (2)

Country Link
AU (1) AU2000255731A1 (fr)
WO (1) WO2002003271A1 (fr)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004030532A (ja) * 2002-06-28 2004-01-29 Dainippon Printing Co Ltd Icカード及びicカードプログラム
JP2004355251A (ja) * 2003-05-28 2004-12-16 Tkc Corp データベースバックアップ方法およびデータベースバックアップシステム
JP2005006177A (ja) * 2003-06-13 2005-01-06 Sharp Corp データ処理装置
JP2006504309A (ja) * 2002-10-28 2006-02-02 ノキア コーポレイション 装置鍵
JP2006218036A (ja) * 2005-02-09 2006-08-24 Sankyo Kk 電子マネーシステム、および、携帯端末
JP2006237689A (ja) * 2005-02-22 2006-09-07 Kyocera Mita Corp データ管理装置およびそのプログラム
EP1764699A1 (fr) * 2004-06-14 2007-03-21 Sony Corporation Dispositif de gestion d'informations et procede de gestion d'informations
KR100731242B1 (ko) 2004-04-13 2007-06-22 가부시키가이샤 히타치세이사쿠쇼 암호화 백업 방법 및 복호화 복원 방법
JP2008236091A (ja) * 2007-03-16 2008-10-02 Ricoh Co Ltd データ復旧方法、画像処理装置、コントローラボード及びデータ復旧プログラム
JP2011010325A (ja) * 2010-07-27 2011-01-13 Nokia Corp 装置鍵
US7925895B2 (en) 2005-02-22 2011-04-12 Kyocera Mita Corporation Data management apparatus, data management method, and storage medium
US8055911B2 (en) 2005-03-15 2011-11-08 Beijing Lenovo Software Ltd. Method for backing up and restoring an encryption key
JP2021039705A (ja) * 2019-09-03 2021-03-11 エイエスディ株式会社 指紋認証機能付きデータ記憶装置および復元用データの作成方法

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH02195377A (ja) * 1989-01-24 1990-08-01 Matsushita Electric Ind Co Ltd 鍵共有機能付きicカード
JPH11168461A (ja) * 1997-12-04 1999-06-22 Nippon Conlux Co Ltd 情報通信方法および装置
JPH11194964A (ja) * 1998-01-05 1999-07-21 Hitachi Ltd データ記録システム
JPH11259565A (ja) * 1998-03-11 1999-09-24 Dainippon Printing Co Ltd Icカード
EP0949595A2 (fr) * 1998-03-30 1999-10-13 Citicorp Development Center, Inc. Méthode et système pour la gestion des applications pour une carte à puce multifonctionnelle
JP2000011101A (ja) * 1998-06-19 2000-01-14 Hitachi Ltd Icカードおよび記録媒体

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH02195377A (ja) * 1989-01-24 1990-08-01 Matsushita Electric Ind Co Ltd 鍵共有機能付きicカード
JPH11168461A (ja) * 1997-12-04 1999-06-22 Nippon Conlux Co Ltd 情報通信方法および装置
JPH11194964A (ja) * 1998-01-05 1999-07-21 Hitachi Ltd データ記録システム
JPH11259565A (ja) * 1998-03-11 1999-09-24 Dainippon Printing Co Ltd Icカード
EP0949595A2 (fr) * 1998-03-30 1999-10-13 Citicorp Development Center, Inc. Méthode et système pour la gestion des applications pour une carte à puce multifonctionnelle
JP2000011101A (ja) * 1998-06-19 2000-01-14 Hitachi Ltd Icカードおよび記録媒体

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004030532A (ja) * 2002-06-28 2004-01-29 Dainippon Printing Co Ltd Icカード及びicカードプログラム
JP2006504309A (ja) * 2002-10-28 2006-02-02 ノキア コーポレイション 装置鍵
JP4668619B2 (ja) * 2002-10-28 2011-04-13 ノキア コーポレイション 装置鍵
US7920706B2 (en) 2002-10-28 2011-04-05 Nokia Corporation Method and system for managing cryptographic keys
JP2004355251A (ja) * 2003-05-28 2004-12-16 Tkc Corp データベースバックアップ方法およびデータベースバックアップシステム
JP2005006177A (ja) * 2003-06-13 2005-01-06 Sharp Corp データ処理装置
JP4666892B2 (ja) * 2003-06-13 2011-04-06 シャープ株式会社 データ処理装置
KR100731242B1 (ko) 2004-04-13 2007-06-22 가부시키가이샤 히타치세이사쿠쇼 암호화 백업 방법 및 복호화 복원 방법
EP1764699A4 (fr) * 2004-06-14 2010-07-28 Sony Corp Dispositif de gestion d'informations et procede de gestion d'informations
EP1764699A1 (fr) * 2004-06-14 2007-03-21 Sony Corporation Dispositif de gestion d'informations et procede de gestion d'informations
JP2006218036A (ja) * 2005-02-09 2006-08-24 Sankyo Kk 電子マネーシステム、および、携帯端末
JP4717460B2 (ja) * 2005-02-09 2011-07-06 株式会社三共 電子マネーシステム、および、携帯端末
JP4498946B2 (ja) * 2005-02-22 2010-07-07 京セラミタ株式会社 データ管理装置およびそのプログラム
JP2006237689A (ja) * 2005-02-22 2006-09-07 Kyocera Mita Corp データ管理装置およびそのプログラム
US7925895B2 (en) 2005-02-22 2011-04-12 Kyocera Mita Corporation Data management apparatus, data management method, and storage medium
US8055911B2 (en) 2005-03-15 2011-11-08 Beijing Lenovo Software Ltd. Method for backing up and restoring an encryption key
JP2008236091A (ja) * 2007-03-16 2008-10-02 Ricoh Co Ltd データ復旧方法、画像処理装置、コントローラボード及びデータ復旧プログラム
JP2011010325A (ja) * 2010-07-27 2011-01-13 Nokia Corp 装置鍵
JP2021039705A (ja) * 2019-09-03 2021-03-11 エイエスディ株式会社 指紋認証機能付きデータ記憶装置および復元用データの作成方法
JP7071319B2 (ja) 2019-09-03 2022-05-18 エイエスディ株式会社 指紋認証機能付きデータ記憶装置および復元用データの作成方法

Also Published As

Publication number Publication date
AU2000255731A1 (en) 2002-01-14

Similar Documents

Publication Publication Date Title
AU736325B2 (en) Multi-application IC card system
US8458473B2 (en) Information processing apparatus, method for switching cipher and program
EP0981807B1 (fr) Carte a circuit integre a liste d'historique d'applications
EP1130528B1 (fr) Systeme de secours pour information electronique
EP0976114B1 (fr) Procede et systeme protege de carte a applications multiples
US5694471A (en) Counterfeit-proof identification card
AU755458B2 (en) Personalization of smart cards
JP2004272400A (ja) メモリカード
JP2003519420A (ja) セキュリティを確保した取り引きシステム
CA2365644A1 (fr) Dispositif electronique portable de facturation et procede associe
WO2002003271A1 (fr) Carte a circuit integre, procede de duplication d'une carte a circuit integre et procede de restitution
CN110880113A (zh) 区块链交易的认证服务器及认证方法
US8983072B2 (en) Portable data carrier featuring secure data processing
Schaumüller-Bichl IC-Cards in High-Security Applications
TW498284B (en) Card memory apparatus
US20020044655A1 (en) Information appliance and use of same in distributed productivity environments
EP1053536A1 (fr) Systeme et procede de commande d'acces a un code d'ordinateur dans une carte a circuit integre (ic)
JPH09185658A (ja) 電子現金システム
JPH09265254A (ja) 情報記憶媒体の相互認証システム
US8276188B2 (en) Systems and methods for managing storage devices
JPH025158A (ja) 拡張icカード及びそのアクセス法
JP3640141B2 (ja) データ処理方法および装置
Kose et al. A SECURE DESIGN ON MIFARE CLASSIC CARDS FOR ENSURING CONTACTLESS PAYMENT AND CONTROL SERVICES
JPH09179949A (ja) 携帯可能情報記録媒体とそのリーダライタ装置
Kose et al. ADVANCES IN CYBER-PHYSICAL SYSTEMS Vol. 7, Num. 1, 2022 A SECURE DESIGN ON MIFARE CLASSIC CARDS FOR ENSURING CONTACTLESS PAYMENT AND CONTROL SERVICES

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AU JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): DE FR GB

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase