WO2017163686A1 - 情報処理装置及び情報処理方法 - Google Patents
情報処理装置及び情報処理方法 Download PDFInfo
- Publication number
- WO2017163686A1 WO2017163686A1 PCT/JP2017/005809 JP2017005809W WO2017163686A1 WO 2017163686 A1 WO2017163686 A1 WO 2017163686A1 JP 2017005809 W JP2017005809 W JP 2017005809W WO 2017163686 A1 WO2017163686 A1 WO 2017163686A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- card
- service
- information processing
- program
- Prior art date
Links
- 230000010365 information processing Effects 0.000 title claims abstract description 60
- 238000003672 processing method Methods 0.000 title claims description 4
- 238000012545 processing Methods 0.000 claims abstract description 127
- 238000000034 method Methods 0.000 claims abstract description 46
- 230000008569 process Effects 0.000 claims abstract description 21
- 238000004891 communication Methods 0.000 claims description 28
- 238000004148 unit process Methods 0.000 claims description 8
- 230000006870 function Effects 0.000 description 14
- 238000001514 detection method Methods 0.000 description 12
- 230000004044 response Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 3
- 230000008929 regeneration Effects 0.000 description 3
- 238000011069 regeneration method Methods 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 239000003990 capacitor Substances 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000013478 data encryption standard Methods 0.000 description 2
- 230000005674 electromagnetic induction Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000001151 other effect Effects 0.000 description 2
- 230000003213 activating effect Effects 0.000 description 1
- 230000005669 field effect Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 229910044991 metal oxide Inorganic materials 0.000 description 1
- 150000004706 metal oxides Chemical class 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/0013—Methods or arrangements for sensing record carriers, e.g. for reading patterns by galvanic contacts, e.g. card connectors for ISO-7816 compliant smart cards or memory cards, e.g. SD card readers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/067—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
- G06K19/07—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/352—Contactless payments by cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/356—Aspects of software for card payments
- G06Q20/3563—Software being resident on card
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/357—Cards having a plurality of specified features
- G06Q20/3574—Multiple applications on card
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/357—Cards having a plurality of specified features
- G06Q20/3576—Multiple memory zones on card
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/0826—Embedded security module
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0833—Card having specific functional components
- G07F7/084—Additional components relating to data transfer and storing, e.g. error detection, self-diagnosis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
Definitions
- the present disclosure relates to an information processing apparatus and an information processing method.
- Patent Document 1 discloses a technique in which a terminal (reader / writer or the like) or a server appropriately controls a plurality of applications when a plurality of applications perform processing on an IC card.
- an object of the present disclosure is to provide a new and improved information processing apparatus capable of interlocking data and processing related to a plurality of services. There is to do.
- an information processing apparatus including a processing unit that processes data related to a service corresponding to each of a plurality of services associated with each other in a storage medium.
- data and processing related to a plurality of services can be linked.
- First Example> 1-1 Overview of information processing system 1-2. Configuration of IC card 100 1-3. Association of data in the IC card 100 1-4. Program setting in the IC card 100 1-5. Operation of IC card 100 and reader / writer 200 ⁇ 2. Second Embodiment> ⁇ 3. Hardware configuration example of information processing apparatus>
- FIG. 1 is an explanatory diagram illustrating an example of an information processing system according to the present embodiment.
- the information processing system in this embodiment includes an IC card 100 and a reader / writer 200, and the IC card 100 and the reader / writer 200 are connected by a communication path 300.
- the IC card 100 in the present embodiment is a non-contact type IC card used for near field communication (NFC).
- NFC near field communication
- the non-contact type IC card is an information processing apparatus that has been widely used in recent years by being used in electronic money systems, security systems, and the like. IC cards are roughly classified into contact type IC cards and non-contact type IC cards.
- the contact type IC card is a type of IC card that communicates with a reader / writer via the module terminal by bringing the module terminal into contact with the reader / writer.
- the non-contact type IC card is a type of IC card that includes a wireless communication module and performs wireless communication with a reader / writer.
- non-contact type IC cards when a user uses an IC card, it is not necessary to take out the IC card from a wallet, a card case, etc. Cases are increasing.
- the IC card 100 in the embodiment of the present disclosure is a non-contact type IC card as an example, but is not limited to the non-contact type IC card.
- the IC card 100 according to the embodiment of the present disclosure includes, for example, a contact type IC card, various communication devices (cell phone, wristwatch, PDA (Personal Digital Assistant), portable game machine, mobile phone with a built-in IC card. Type video / audio player) and various information processing devices such as servers. That is, the embodiment of the present disclosure is not limited to the form of a card.
- one IC card 100 can correspond to a plurality of services such as a ticket sales service provided by a transportation facility, a merchandise sales service provided by a retailer, and a personal authentication service provided by a financial institution. . Then, since the user does not need to have a dedicated IC card in order to use each service, it becomes easier to manage the IC card.
- the reader / writer 200 is an information processing apparatus that reads / writes data from / to the IC card 100 by performing non-contact communication with the IC card 100 when the IC card 100 is held by the user.
- the reader / writer 200 may read / write data from the IC card 100.
- the reader / writer 200 and the IC card 100 perform contactless communication with each other, so that a user who uses the IC card 100 can enjoy various services.
- the reader / writer 200 in the embodiment of the present disclosure is merely an example, and the embodiment of the present disclosure is not limited to the reader / writer 200.
- the reader / writer 200 according to the embodiment of the present disclosure includes, for example, an automatic ticket gate for transportation, a register device for retail stores, a vending machine for various products, an ATM (Automated / Automatic Teller Machine) of a financial institution, and the like. It may be embodied by an information processing apparatus such as various servers.
- the communication path 300 is a transmission path for near field communication (NFC). If the IC card 100 and the reader / writer 200 are replaced with an information processing apparatus such as various servers, the communication path 300 may be a public wireless LAN (Local Area Network), Bluetooth (registered trademark), infrared communication, or the like.
- a public line network such as a short-range wireless communication network, the Internet, a telephone line network, and a satellite communication network, various LANs including Ethernet (registered trademark), a WAN (Wide Area Network), and the like may be included.
- the communication path 300 may include a dedicated network such as an IP-VPN (Internet Protocol-Virtual Private Network).
- FIG. 2 is an explanatory diagram illustrating a configuration of the IC card 100 according to the present embodiment
- FIG. 3 is an explanatory diagram illustrating a hierarchical structure of data and the like included in the IC card 100.
- the IC card 100 includes a processing unit 101, a storage unit 102, a communication unit 103, an encryption unit 104, and a decryption unit 105.
- the communication unit 103 is an interface for the reader / writer 200, and receives various requests such as a polling request, an authentication message request, and a data read / write request from the reader / writer 200. Further, the communication unit 103 transmits various replies such as a polling reply, an authentication message reply, and a data read / write reply in response to various requests.
- the communication unit 103 includes, for example, a modulation / demodulation circuit, a front-end circuit, a power regeneration circuit, and the like.
- the modem circuit modulates and demodulates data using, for example, an ASK (Amplitude Shift Keying) modulation method.
- the power regeneration circuit generates an electric power by electromagnetic induction from an RF (Radio Frequency) operating magnetic field of a carrier wave received from the reader / writer 200 using an antenna unit (not shown), and takes it as an electromotive force of the IC card 100.
- the front-end circuit receives a carrier wave transmitted from the reader / writer 200 using the antenna unit, demodulates the carrier wave, acquires a command or data from the reader / writer 200, and processes the processing unit 101 via the decoding unit. To supply. Further, the front end circuit modulates the carrier wave according to a command or data related to a predetermined service generated by the processing unit 101, and transmits the carrier wave from the antenna unit to the reader / writer 200.
- the encryption unit 104 and the decryption unit 105 can be configured by hardware such as an encryption coprocessor (Co-Processor) having an encryption processing function.
- the encryption unit 104 and the decryption unit 105 according to the present embodiment are configured by a coprocessor corresponding to a plurality of encryption algorithms such as DES (Data Encryption Standard) and AES (Advanced Encryption Standard).
- DES Data Encryption Standard
- AES Advanced Encryption Standard
- the processing unit 101 controls the storage unit 102, the communication unit 103, the encryption unit 104, and the decryption unit 105, and performs predetermined arithmetic processing, program execution, and the like. For example, when the processing unit 101 communicates with the reader / writer 200 regarding a predetermined service, the processing unit 101 processes the data regarding the service stored in the storage unit 102 or processes the data by executing a program. Or do.
- the storage unit 102 stores data relating to a plurality of services supported by the IC card 100. Specifically, as illustrated in FIG. 3, the storage unit 102 stores a system, a directory, data, and the like that form a hierarchical structure.
- the system is a concept of bundling the entire hierarchical structure, and there is one system per hierarchical structure.
- a directory is also called an “area” and is a concept of bundling subordinate data, and a plurality of directories can exist per one hierarchical structure. Directories may be placed under the system or other directories.
- data includes information necessary for providing various services, and a plurality of data can exist per one hierarchical structure. Data can be located under the system or directory.
- data related to one service may be included under one directory, or may be included in a state of being divided under a plurality of directories.
- one service may be made up of a single piece of data or a plurality of pieces of data.
- various settings of the system and higher-level directories can affect the directories and data arranged under them.
- the various settings include, for example, an authentication key, an authentication method, an access right, and the like for the system, directory, or data.
- the setting of the access right to a directory arranged at a higher level can be set as the default setting of the access right to other directories and data arranged under the directory. That is, when the access right to the other directory and data is not set separately, the access right setting to the upper directory can be inherited. With this function, it is not necessary to individually make various settings for the directory and data, and the management load on the directory and data can be reduced.
- the storage unit 102 can store data related to each of a plurality of services in a state in which the services are associated with each other.
- data association methods link association (hereinafter referred to as “association” refers to link association) and program association.
- the processing unit 101 associates data existing in different directories, or associates data existing in the same directory as in association 3. Can be related.
- the association is an association by a link.
- the processing unit 101 can associate data with each other by a program set in the data as in association 4.
- the association is an association by a program.
- data may be associated between three or more data (or between services).
- the storage unit 102 is a storage medium provided in the IC card 100. Details regarding the association between data will be described in “1-3. Association of Data in IC Card 100”.
- the storage unit 102 can store these programs in a state where the programs are set for the system, directory, or data. Specifically, as shown in FIG. 3, it is possible to set a default program in the system 1, a program 1 in the directory 1, a program 2 in the data 1-1, and the like. Further, as in the case of the program 5, the above-described data association can be performed by setting a program for a plurality of data.
- the default program is a program that is set for each system, and is a program that processes directories, data, and programs arranged under the system. However, the default program may operate as a single default program without processing data or the like.
- a program set in a directory and data processes a directory, data, and program arranged under the directory and data. Good.
- various settings such as system, directory, or data access rights can affect programs set under them.
- the setting of the access right to a directory arranged at a higher level can be set as the default setting of the access right to a program set under the directory. That is, when the access right to the program is not set separately, the access right setting to the upper directory can be inherited.
- Such a function eliminates the need to individually make various settings for the program, thereby reducing the management load. Details regarding the program settings will be described in “1-4. Program Settings in the IC Card 100”.
- the storage unit 102 can store data related to each of a plurality of services in a state in which the services are associated with each other.
- the processing unit 101 of the IC card 100 can perform processing not only on the data A but also on the data B when performing processing related to the service A.
- the processing unit 101 of the IC card 100 can perform processing not only on the data B but also on the data A when processing related to the service B is performed.
- the access right when the processing unit 101 of the IC card 100 processes the data A and the data B can be set flexibly.
- the access right to the data A may be set to “read / write”, “read / write (for example, only predetermined operations)”, “read”, and the like. it can.
- the access right to the data B “read / write”, “read / write (for example, only a predetermined calculation)”, “read” can be set.
- the access rights set for the data A and the data B may be different.
- a program can be set for the data. Then, the access right to the program can be set flexibly. For example, it is assumed that program A is set for data A and program B is set for data B.
- the processing unit 101 can set whether the program A and the program B can be executed, whether only the program A or the program B can be executed, or the like. it can.
- FIG. 4 is a processing flow for associating data A related to service A with data B related to service B.
- the reader / writer A in FIG. 4 is a reader / writer corresponding to the service A
- the reader / writer B is a reader / writer corresponding to the service B.
- the subject in the processing flow is not necessarily limited to the reader / writer A and the reader / writer B.
- the subject in the processing flow can be replaced by various servers such as the external system A and the external system B having the same functions as the reader / writer A and the reader / writer and B.
- the reader / writer A and the reader / writer B may be integrated.
- the reader / writer A creates shared information A (S400), and encrypts the shared information with a predetermined algorithm (S404). Further, the data sharing person B creates the sharing information B (S408) and encrypts the sharing information (S412).
- the shared information is various information necessary for associating data, and the shared information includes information on setting of access rights between services.
- the shared information A includes access right setting information regarding data A and data B
- the shared information B also includes access right setting information regarding data A and data B.
- the processing unit 101 associates the data A and the data B by matching the shared information A and the shared information B. For example, when the contents of the shared information A and the shared information B match, the processing unit 101 determines that both the service A and the service B have been agreed, and associates the data A and the data B. Note that the shared information A and the shared information B do not need to match in order to perform the association.
- the shared information can include information on access rights related to program A and program B.
- the processing unit 101 determines whether to share the program A and the program B with respect to both services by matching information regarding the access right included in the shared information A and the shared information B. Further, the hash value of the program can be included in the shared information. Then, when the processing unit 101 matches the shared information A and the shared information B, the hash values included in each other match so that the program A and the program B can be shared with both services.
- the IC card 100 passes the carrier wave emitted by the reader / writer A. Then, the power regeneration circuit included in the communication unit 103 of the IC card 100 generates power. Then, the IC card 100 is activated using the power as an electromotive force (S416).
- the reader / writer A transmits a polling request to the IC card 100 (S420). Specifically, the reader / writer 200 may continuously send a polling request before the IC card 100 approaches.
- the polling request includes identification information for specifying the type of the IC card 100.
- the identification information may be any identification information as long as it can identify the type of the IC card 100, and may be a system code or an ID. In the present embodiment, the system code will be described as identification information.
- the reader / writer 200 can perform a polling reply by reacting only the desired IC card type by performing polling in which the desired IC card type to be processed is designated by a system code. . That is, except for the desired IC card, even if the polling is received, the polling reply is not transmitted because the system code included in the polling is different.
- processing can be performed only on a desired IC card.
- the IC card 100 holds the system code A.
- the IC card 100 that has received the polling request transmits a polling reply to the reader / writer A (S424).
- the reader / writer A creates an authentication message request and transmits the authentication message request to the IC card 100 (S428).
- the IC card 100 creates an authentication message reply and sends the authentication message reply to the reader / writer A (S432).
- mutual authentication between the IC card 100 and the reader / writer A is completed.
- the reader / writer A transmits a shared information A arrangement request (S436) to the IC card 100, and the IC card 100 stores the shared information A in the storage unit 102 in response to the request. Then, the IC card 100 transmits a shared information A arrangement reply to the reader / writer A (S440).
- the reader / writer B stores the shared information B in the storage unit 102 of the IC card 100 by the processes of S444 to S464.
- the contents of the process are the same as the contents of the process (S420 to S440) in the reader / writer A described above, and thus the description thereof is omitted.
- either reader / writer A or reader / writer B makes a data sharing request.
- the reader / writer B corresponding to the service B requests the IC card 100 to share the data A related to the service A (S468).
- the processing unit 101 of the IC card 100 collates the shared information A and the shared information B (S472). If the match is successful, data A relating to service A and data B relating to service B are associated (S476). On the other hand, if the matching is not successful, data association is not performed.
- data association between service A and service B has been described, data association in three or more services may be performed. Furthermore, it is also possible to associate a plurality of data relating to the same service.
- the processing flow for associating data described in FIG. 4 is performed when the IC card 100 is approached to the reader / writer by the user.
- the association between data is not limited to the method described with reference to FIG. 4 and can be performed as long as the IC card 100 can communicate with an external system.
- the storage unit 102 can store these in a state where a program is set for the system, directory, or data. Then, for example, the processing unit 101 can perform processing on the data by executing a program set in the data. With this function, the object to be processed by the program can be set flexibly, so that services can be provided more flexibly and IC cards can be operated compared to conventional IC cards. For example, in the conventional IC card, since the authentication method is determined uniformly, it is difficult to change and revise the authentication method for some services. On the other hand, in the present embodiment, the authentication program can be changed to a system, a directory, or a data unit. Then, each service can select an authentication method corresponding to each service. Furthermore, each service can select a different authentication method or change the authentication method independently. Of course, the same authentication method may be selected for each service.
- a program including key information for data of each service can be set for data associated with different services.
- the key information for the data of both services included in the program is encrypted so that the contents of the key information cannot be decrypted.
- the processing unit 101 executes the program including the key information, the processing unit 101 can perform processing on the data of both services. That is, each service provider can perform processing on data associated with each other without teaching the contents of the key information.
- the key information does not need to be encrypted, and may be set in the program in a state where the key information is disclosed between services.
- the key information may be any information as long as it is some information for realizing authentication.
- the reader / writer illustrated in FIG. 5 is merely an example, and the subject in the processing flow is not necessarily limited to the reader / writer. Specifically, the subject in the processing flow can be replaced by various servers such as an external system having the same function as the reader / writer.
- FIG. 5 is an explanatory diagram showing a flow for setting a program in the present embodiment.
- the reader / writer creates a program (S500) and encrypts the program with a predetermined algorithm (S504).
- the encrypted program is set in the IC card 100 through steps S508 to S524.
- the contents of the processes of S508 to S524 are the same as the contents of the processes of S416 to S432 described above, and thus the description thereof is omitted.
- a program placement request is transmitted from the reader / writer to the IC card 100 (S528).
- the IC card 100 Upon receiving the program placement request, the IC card 100 stores the encrypted program in the storage unit 102. Then, the IC card 100 transmits the program placement reply to the external system (S532), thereby completing the program placement.
- the program arrangement method is not limited to the method described with reference to FIG. 5, and any program can be used as long as the IC card 100 can communicate with an external system. Of course, it is possible to arrange a program when the IC card 100 is manufactured.
- the contents of the processing of S600 to S616 in FIG. 6 are the same as the contents of the processing of S416 to S432 in FIG.
- the reader / writer 200 can transmit a data read / write request (S620) to the IC card 100, and the IC card 100 performs processing according to the request. Can do. Further, the IC card 100 transmits a data read / write reply to the reader / writer 200 as a result of the execution of the process according to the request (S624).
- the storage unit 102 can store data relating to each of a plurality of services in a state in which the different services are associated with each other.
- the processing unit 101 of the IC card can perform processing not only on data related to one service, but also on data related to other services associated with the data. For example, when processing the data 1-1 described in FIG. 3, the processing unit 101 recognizes that the data 1-1 and the data 1-1-1 are related by the association 1. Then, the processing unit 101 can perform processing on the data 1-1-1. Further, for example, the processing unit 101 executes the program 5 shown in FIG. When processing is performed, since processing for data 2-5 is defined in the program 5, processing can be performed for data 2-5.
- the storage unit 102 can store these programs in a state where the programs are set for the system, the directory, or the data.
- the program it is possible to set the program more flexibly as compared with the case where the program can be set only in the IC card or system unit. Then, for example, when a new program is set, it is not necessary to apply the new program to the entire IC card, and the program can be set only for data related to the required service. Further, when the program is revised, it is not necessary to revise the program of the entire IC card, and only the individual program set for the service can be revised. Therefore, with this configuration, it is possible to limit risks associated with the installation of a new program and the revision of the program. Specifically, a different authentication method (such as an authentication key encryption method) can be set for each service, and the authentication method can be easily changed for each service.
- a different authentication method such as an authentication key encryption method
- the program set for the system, directory or data can operate in various patterns.
- the program can execute processing by itself (without processing the directory or data).
- the program generates a random number used for authentication.
- the program can also execute processing on directories and data. For example, when making a payment from electronic money stored in an IC card when purchasing a product.
- the program can be automatically executed when authenticating with a directory or data, or when performing some processing on the directory or data. For example, when a coupon is issued for a certain product and the user purchases the product, the coupon program is automatically executed and the sales price is reduced.
- Various services can be provided using the IC card 100 by processing the program in various patterns as described above.
- A is a pattern in which no program is set for the associated data (association 3 in FIG. 3).
- B and C are patterns in which programs are set for some of the associated data (association 2 and program 4 in FIG. 3).
- D is a pattern in which programs are set for all of the associated data (association 1 and programs 2 and 3 in FIG. 3).
- the processing unit 101 of the IC card can perform processing on the associated data by executing a program, and thus can perform processing on different services. Accordingly, since it is not necessary to perform polling, authentication processing, and program execution for each service in order to perform processing on data related to different services, the load caused by processing of the reader / writer 200 can be reduced, and processing speed can be improved. be able to.
- FIG. 8 is an explanatory diagram showing the configuration of the logical card in the present embodiment.
- a logical card is an IC card virtually created in a physical card. In other words, it means that the resources (storage area, etc.) of one physical card are divided and assigned to a plurality of logical cards.
- the physical card in this embodiment holds a physical card type as identification information, and has a logical card 1 and a logical card 2.
- the logical card 1 holds a logical card type 1 as identification information and has a security model 1.
- the logical card 2 also holds the logical card type 2 and has a security model 2.
- the security model refers to the hierarchical structure and program structure composed of the system, directory, data, etc. described in the “first embodiment”. That is, in the second embodiment, a hierarchical structure and a program configuration are provided for each logical card. With this configuration, services can be provided more flexibly than when the physical card does not have a plurality of logical cards. For example, since a hierarchical structure of data or the like can be formed for each service, it is possible to set a data structure and a program suitable for each service provider company.
- the storage area in FIG. 9 corresponds to the logical card in FIG. 8
- the system code in FIG. 9 corresponds to the logical card type in FIG.
- the storage unit 102 of the IC card 100 has a plurality of storage areas. As in the first embodiment, each storage area stores a hierarchical structure such as a system, directory, or data, a program, and the like.
- the storage unit 102 can store data related to each of a plurality of services in a state of being associated between different services, and sets a program for the system, directory, or data. can do.
- the processing unit 101 can associate data related to each of a plurality of services in different storage areas in each storage area (association 5). Specifically, the processing unit 101 can perform association by link or program even between different storage areas.
- FIG. 9 illustrates a state in which data is associated between two storage areas, data may be associated between three or more storage areas. Furthermore, the data associated between the storage areas may be further associated with other data in the storage area (not shown).
- the processing unit 101 of the IC card can perform processing on the associated data, and thus can perform processing on different storage areas. For example, when the processing unit 101 performs processing on the data 2-4 in the storage area 1, it recognizes that the data 2-4 and the data 1-1-2 in the storage area 2 are related by the association 5. To do. Then, the processing unit 101 can also process the data 1-1-2 in the storage area 2. Further, for example, when the processing unit 101 executes the program 5 shown in FIG. 9 to perform processing on the data 2-4, the processing unit 101 transfers the data 2-5 to the data 1-1-2 in the storage area 2 in the program 5. Therefore, the process can be performed on the data 2-5 and the data 1-1-2 in the storage area 2 as well.
- the IC card 100 is divided to create not only the storage area 1 but also the storage area 2 (S700).
- the storage area 1 holds the system code A as identification information
- the storage area 2 holds the system code B as identification information.
- the identification information may be any identification information as long as it is information that can specify the storage area, and may be an ID or the like.
- the system code 2 as the second system code is assigned to the storage area (S704).
- the storage area to which the system code 2 is assigned can not only behave as a storage area to which the system code 1 is assigned, but can also behave as a storage area to which the system code 2 is assigned.
- the processing unit 101 since the system code A is assigned to the storage area 2 as the system code 2, the processing unit 101 sends a polling request in which the system code A is designated from the reader / writer 200 to the communication unit 103. When received, not only the storage area 1 but also the storage area 2 is specified and activated.
- the antenna 172 includes a resonance circuit including a coil (inductor) L1 having a predetermined inductance and a capacitor C1 having a predetermined capacitance, and generates an induced voltage by electromagnetic induction in response to reception of a carrier wave. . Then, the antenna 172 outputs a reception voltage obtained by resonating the induced voltage at a predetermined resonance frequency.
- the resonance frequency in the antenna 172 is set in accordance with the frequency of the carrier wave such as 13.56 [MHz], for example.
- the antenna 172 receives a carrier wave and transmits a response signal by load modulation performed in the load modulation circuit 186 provided in the IC chip 170.
- the IC chip 170 includes a carrier detection circuit 176, a detection circuit 178, a regulator 180, a demodulation circuit 182, an MPU 184, and a load modulation circuit 186.
- the IC chip 170 may further include a protection circuit (not shown) for preventing an overvoltage or overcurrent from being applied to the MPU 184, for example.
- a protection circuit for example, a clamp circuit constituted by a diode or the like can be cited.
- the IC chip 170 includes, for example, a ROM 188, a RAM 190, and a nonvolatile memory 192.
- the MPU 184, the ROM 188, the RAM 190, and the nonvolatile memory 192 are connected by, for example, a bus 194 as a data transmission path.
- ROM 188 stores control data such as programs and calculation parameters used by MPU 184.
- the RAM 190 temporarily stores programs executed by the MPU 184, calculation results, execution states, and the like.
- the non-volatile memory 192 stores various data such as encryption key information used for mutual authentication in NFC, electronic value, and various applications.
- examples of the nonvolatile memory 192 include an EEPROM (Electrically Erasable and Programmable Read Only Memory), a flash memory, and the like.
- the nonvolatile memory 192 has tamper resistance, for example, and corresponds to an example of a secure recording medium.
- the carrier detection circuit 176 generates, for example, a rectangular detection signal based on the reception voltage transmitted from the antenna 172, and transmits the detection signal to the MPU 184.
- the MPU 184 uses the transmitted detection signal as a processing clock for data processing, for example.
- the detection signal is based on the reception voltage transmitted from the antenna 172, it is synchronized with the frequency of the carrier wave transmitted from the external device such as the reader / writer 200. Therefore, by providing the carrier detection circuit 176, the IC chip 170 can perform processing with an external device such as the reader / writer 200 in synchronization with the external device.
- the detection circuit 178 rectifies the reception voltage output from the antenna 172.
- the detection circuit 178 includes, for example, a diode D1 and a capacitor C2.
- the regulator 180 smoothes and constants the received voltage and outputs a drive voltage to the MPU 184.
- the regulator 180 uses the direct current component of the received voltage as the drive voltage.
- the demodulation circuit 182 demodulates the carrier wave signal based on the received voltage, and outputs data corresponding to the carrier wave signal included in the carrier wave (for example, a binarized data signal of high level and low level).
- the demodulation circuit 182 outputs the AC component of the reception voltage as data.
- the MPU 184 is driven by using the drive voltage output from the regulator 180 as a power source, and processes the data demodulated by the demodulation circuit 182.
- the MPU 184 includes, for example, one or more processors configured with arithmetic circuits such as an MPU, various processing circuits, and the like.
- the MPU 184 selectively generates a control signal for controlling load modulation related to a response to an external device such as the reader / writer 200 according to the processing result. Then, the MPU 184 selectively outputs a control signal to the load modulation circuit 186.
- the load modulation circuit 186 includes, for example, a load Z and a switch SW1, and performs load modulation by selectively connecting (enabling) the load Z according to a control signal transmitted from the MPU 184.
- the load Z is composed of a resistor having a predetermined resistance value, for example.
- the switch SW1 includes, for example, a p-channel MOSFET (Metal Oxide Semiconductor Field Effect Transistor) or an n-channel MOSFET.
- the IC chip 170 can process the carrier wave signal received by the antenna 172 and transmit a response signal to the antenna 172 by load modulation with the above configuration.
- the IC chip 170 and the antenna 172 for example, have the configuration shown in FIG. 11, and perform NFC communication with an external device such as the reader / writer 200 using a carrier wave having a predetermined frequency.
- the configuration of the IC chip 170 and the antenna 172 according to the present embodiment is not limited to the example shown in FIG.
- the MPU 184 functions as the processing unit 101 of the IC card 100 shown in FIG.
- the ROM 188, the RAM 190, or the nonvolatile memory 192 functions as the storage unit 102.
- the antenna 172, the carrier detection circuit 176, the detection circuit 178, the regulator 180, the demodulation circuit 182, and the load modulation circuit 186 function as the communication unit 103.
- the encryption unit 104 and the decryption unit 105 are the MPU 184.
- the configuration of the IC card 100 can be provided outside the IC card.
- the encryption unit 104 and the decryption unit 105 may be included in an external information processing apparatus. Further, the encryption unit 104 and the decryption unit 105 may not be provided.
- the processing unit 101 may realize the functions of the storage unit 102, the communication unit 103, the encryption unit 104, and the decryption unit 105.
- the processing unit 101 may realize the functions of the storage unit 102, the communication unit 103, the encryption unit 104, and the decryption unit 105.
- some functions of the IC card 100 may be implemented by the processing unit 101.
- a processing unit that processes data related to a service corresponding to each of a plurality of services associated in a storage medium; Information processing device.
- the processing unit processes data related to the service stored in a different storage area.
- the processing unit specifies the storage area in which data related to the associated service is stored based on identification information for identifying the storage area.
- (4) In the storage area one or more of the identification information is set, The processing unit identifies the storage area in which the one or more identification information is set that matches the acquired identification information.
- the different storage areas have different security models;
- the processing unit processes data related to the service based on key information corresponding to each of the services or each of the data.
- the key information corresponding to each of the services or the data is different for each service or for each data.
- the processing unit processes data related to the service based on an authentication method corresponding to each of the services.
- the authentication method corresponding to each service is different for each service.
- An access right is set for each of the data related to the service in the data related to the service associated with the data.
- the information processing apparatus according to any one of (1) to (9).
- (11) When data related to a service corresponding to each of a plurality of services is associated by a program associated with the data related to the service, The processing unit processes data related to the associated service by executing the program.
- the information processing apparatus according to any one of (1) to (10).
- (12) Data related to a service corresponding to each of a plurality of services is associated by shared information associated with each of the data related to the service,
- the information processing apparatus according to any one of (1) to (11).
- the information processing apparatus is a non-contact IC card or a communication apparatus.
- the information processing apparatus according to any one of (1) to (12).
- (14) Processing data relating to a service corresponding to each of a plurality of services associated in a storage medium; An information processing method executed by an information processing apparatus.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Software Systems (AREA)
- Mathematical Physics (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Artificial Intelligence (AREA)
- Storage Device Security (AREA)
- Hardware Redundancy (AREA)
- Stored Programmes (AREA)
Abstract
Description
<1.第1の実施例>
1-1.情報処理システムの概要
1-2.ICカード100の構成
1-3.ICカード100におけるデータの関連付け
1-4.ICカード100におけるプログラムの設定
1-5.ICカード100およびリーダライタ200の動作
<2.第2の実施例>
<3.情報処理装置のハードウェア構成例>
[1-1.情報処理システムの概要]
まず、図1を参照し、本開示の実施形態における情報処理システムの概要を説明する。図1は、本実施形態における情報処理システムの一例を示す説明図である。図1に示すように、本実施形態における情報処理システムは、ICカード100とリーダライタ200を備え、ICカード100とリーダライタ200は、通信路300により接続される。本実施形態におけるICカード100は、近距離無線通信(NFC:Near Field Communication)に用いる非接触型ICカードである。
上記では、本実施形態における、情報処理システムの概要を説明した。続いて、図2、3を用いて、ICカード100の構成を説明する。図2は、本実施形態におけるICカード100の構成を示す説明図であり、図3は、ICカード100に含まれるデータ等の階層構造を示す説明図である。図2に示すように、ICカード100は、処理部101、記憶部102、通信部103、暗号部104、復号部105、を備える。
上記では、ICカード100の構成について説明した。図3で示した通り、記憶部102は、複数のサービスの各々に関するデータを、異なるサービス間で関連付けた状態で記憶することができる。
以上では、記憶部102が記憶するデータ同士の関連付けについて説明した。続いて、システム、ディレクトリまたはデータに対してプログラムが設定できる機能について説明する。
以上では、システム、ディレクトリまたはデータに対してプログラムを設定する方法を説明した。続いて、図6を用いて、本実施形態におけるICカード100とリーダライタ200の動作について説明する。
へ処理を行う際、プログラム5中にデータ2-5への処理が定義されているため、データ2-5に対しても処理を行うことができる。
以降では、第2の実施例として、ICカード100である物理カードが、複数の論理カードを有する例を、図8を参照しながら説明する。図8は、本実施形態における論理カードの構成を示す説明図である。
以上、本開示の実施形態における情報処理システムについて説明した。上述した情報処理システムにおける情報処理は、ソフトウェアと、以下に説明するICカード100のハードウェアとの協働により実現される。以下では、図11を用いて、本実施形態におけるICカード100のハードウェア構成を説明する。
(1)
記憶媒体にて関連付けられている、複数のサービスそれぞれに対応するサービスに関するデータを処理する処理部を備える、
情報処理装置。
(2)
関連付けられている前記サービスに関するデータが、前記記憶媒体における異なる記憶領域に記憶されている場合、
前記処理部は、異なる前記記憶領域に記憶されている前記サービスに関するデータを処理する、
前記(1)に記載の情報処理装置。
(3)
前記処理部は、前記記憶領域を識別する識別情報に基づいて、関連付けられている前記サービスに関するデータが記憶されている前記記憶領域を、特定する、
前記(2)に記載の情報処理装置。
(4)
前記記憶領域には、1または2以上の前記識別情報が設定され、
前記処理部は、取得された識別情報と一致する、前記1または2以上の前記識別情報が設定された前記記憶領域を、特定する、
前記(3)に記載の情報処理装置。
(5)
異なる前記記憶領域は、異なるセキュリティモデルを有する、
前記(2)~(4)のいずれか1項に記載の情報処理装置。
(6)
前記処理部は、前記サービスそれぞれ、または、前記データそれぞれに対応する鍵情報に基づいて、前記サービスに関するデータを処理する、
前記(1)~(5)のいずれか1項に記載の情報処理装置。
(7)
前記サービスそれぞれ、または、前記データそれぞれに対応する鍵情報は、前記サービスごと、または、前記データごとに異なる、
前記(6)に記載の情報処理装置。
(8)
前記処理部は、前記サービスそれぞれに対応する認証方式に基づいて、前記サービスに関するデータを処理する、
前記(1)~(7)のいずれか1項に記載の情報処理装置。
(9)
前記サービスそれぞれに対応する認証方法は、前記サービスごとに異なる、
前記(8)に記載の情報処理装置。
(10)
関連付けられている前記サービスに関するデータには、前記サービスに関するデータごとにアクセス権が設定される、
前記(1)~(9)のいずれか1項に記載の情報処理装置。
(11)
複数のサービスそれぞれに対応するサービスに関するデータが、前記サービスに関するデータに対応付けられているプログラムにより関連付けられている場合、
前記処理部は、前記プログラムを実行することによって、関連付けられている前記サービスに関するデータを処理する、
前記(1)~(10)のいずれか1項に記載の情報処理装置。
(12)
複数のサービスそれぞれに対応するサービスに関するデータが、前記サービスに関するデータそれぞれに対応付けられている共有情報により関連付けられる、
前記(1)~(11)のいずれか1項に記載の情報処理装置。
(13)
前記情報処理装置は、非接触ICカード又は通信装置である、
前記(1)~(12)のいずれか1項に記載の情報処理装置。
(14)
記憶媒体にて関連付けられている、複数のサービスそれぞれに対応するサービスに関するデータを処理することを有する、
情報処理装置により実行される情報処理方法。
101 処理部
102 記憶部
103 通信部
104 暗号部
105 復号部
200 リーダライタ
300 通信路
Claims (14)
- 記憶媒体にて関連付けられている、複数のサービスそれぞれに対応するサービスに関するデータを処理する処理部を備える、
情報処理装置。 - 関連付けられている前記サービスに関するデータが、前記記憶媒体における異なる記憶領域に記憶されている場合、
前記処理部は、異なる前記記憶領域に記憶されている前記サービスに関するデータを処理する、
請求項1に記載の情報処理装置。 - 前記処理部は、前記記憶領域を識別する識別情報に基づいて、関連付けられている前記サービスに関するデータが記憶されている前記記憶領域を、特定する、
請求項2に記載の情報処理装置。 - 前記記憶領域には、1または2以上の前記識別情報が設定され、
前記処理部は、取得された識別情報と一致する、前記1または2以上の前記識別情報が設定された前記記憶領域を、特定する、
請求項3に記載の情報処理装置。 - 異なる前記記憶領域は、異なるセキュリティモデルを有する、
請求項2に記載の情報処理装置。 - 前記処理部は、前記サービスそれぞれ、または、前記データそれぞれに対応する鍵情報に基づいて、前記サービスに関するデータを処理する、
請求項1に記載の情報処理装置。 - 前記サービスそれぞれ、または、前記データそれぞれに対応する鍵情報は、前記サービスごと、または、前記データごとに異なる、
請求項6に記載の情報処理装置。 - 前記処理部は、前記サービスそれぞれに対応する認証方式に基づいて、前記サービスに関するデータを処理する、
請求項1に記載の情報処理装置。 - 前記サービスそれぞれに対応する認証方法は、前記サービスごとに異なる、
請求項8に記載の情報処理装置。 - 関連付けられている前記サービスに関するデータには、前記サービスに関するデータごとにアクセス権が設定される、
請求項1に記載の情報処理装置。 - 複数のサービスそれぞれに対応するサービスに関するデータが、前記サービスに関するデータに対応付けられているプログラムにより関連付けられている場合、
前記処理部は、前記プログラムを実行することによって、関連付けられている前記サービスに関するデータを処理する、
請求項1に記載の情報処理装置。 - 複数のサービスそれぞれに対応するサービスに関するデータが、前記サービスに関するデータそれぞれに対応付けられている共有情報により関連付けられる、
請求項1に記載の情報処理装置。 - 前記情報処理装置は、非接触ICカード又は通信装置である、
請求項1に記載の情報処理装置。 - 記憶媒体にて関連付けられている、複数のサービスそれぞれに対応するサービスに関するデータを処理することを有する、
情報処理装置により実行される情報処理方法。
Priority Applications (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP17769733.1A EP3435237B1 (en) | 2016-03-23 | 2017-02-17 | Information processing device and information processing method |
JP2018507131A JP6947166B2 (ja) | 2016-03-23 | 2017-02-17 | 情報処理装置及び情報処理方法 |
CN201780017339.4A CN108885581B (zh) | 2016-03-23 | 2017-02-17 | 信息处理设备和信息处理方法 |
US16/073,866 US20190042808A1 (en) | 2016-03-23 | 2017-02-17 | Information processing device and information processing method |
KR1020187025715A KR20180123026A (ko) | 2016-03-23 | 2017-02-17 | 정보 처리 장치 및 정보 처리 방법 |
HK19100956.1A HK1258597A1 (zh) | 2016-03-23 | 2019-01-18 | 信息處理設備和信息處理方法 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2016059082 | 2016-03-23 | ||
JP2016-059082 | 2016-03-23 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017163686A1 true WO2017163686A1 (ja) | 2017-09-28 |
Family
ID=59901182
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2017/005809 WO2017163686A1 (ja) | 2016-03-23 | 2017-02-17 | 情報処理装置及び情報処理方法 |
Country Status (8)
Country | Link |
---|---|
US (1) | US20190042808A1 (ja) |
EP (1) | EP3435237B1 (ja) |
JP (1) | JP6947166B2 (ja) |
KR (1) | KR20180123026A (ja) |
CN (1) | CN108885581B (ja) |
HK (1) | HK1258597A1 (ja) |
TW (1) | TWI774663B (ja) |
WO (1) | WO2017163686A1 (ja) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000503157A (ja) * | 1997-06-26 | 2000-03-14 | ブル・セー・ペー・8 | メインファイルと補助ファイルとの間にリンク生成手段を備えたセキュリティモジュール |
JP2003016403A (ja) * | 2001-06-27 | 2003-01-17 | Sony Corp | 情報記憶媒体、メモリ領域を備えたicチップ、メモリ領域を備えたicチップを有する情報処理装置、並びに、情報記憶媒体のメモリ管理方法 |
JP2010176352A (ja) * | 2009-01-29 | 2010-08-12 | Sony Corp | 非接触通信装置、非接触通信システム、非接触通信方法およびプログラム |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2514954B2 (ja) * | 1987-03-13 | 1996-07-10 | 三菱電機株式会社 | Icカ−ド |
DE19834515C1 (de) * | 1998-07-31 | 2000-03-16 | Deutsche Telekom Ag | Elektronische Erkennungsmarke |
US6705520B1 (en) * | 1999-11-15 | 2004-03-16 | Satyan G. Pitroda | Point of sale adapter for electronic transaction device |
US20040193482A1 (en) * | 2001-03-23 | 2004-09-30 | Restaurant Services, Inc. | System, method and computer program product for user-specific advertising in a supply chain management framework |
CN100347667C (zh) * | 2001-06-27 | 2007-11-07 | 索尼公司 | 集成电路器件、信息处理设备、信息存储器件的存储管理方法、移动终端设备、半导体集成电路器件、以及使用移动终端设备的通信方法 |
US20040164142A1 (en) * | 2002-12-11 | 2004-08-26 | Wolfgang Flugge | Methods and systems for user media interoperability with data integrity |
US20060005237A1 (en) * | 2003-01-30 | 2006-01-05 | Hiroshi Kobata | Securing computer network communication using a proxy server |
JPWO2005121976A1 (ja) * | 2004-06-14 | 2008-04-10 | ソニー株式会社 | 情報管理装置及び情報管理方法 |
US7445156B2 (en) * | 2005-10-03 | 2008-11-04 | Mcdonald James A | Memory card magazine system |
JP4631935B2 (ja) * | 2008-06-06 | 2011-02-16 | ソニー株式会社 | 情報処理装置、情報処理方法、プログラム及び通信システム |
US8196131B1 (en) * | 2010-12-17 | 2012-06-05 | Google Inc. | Payment application lifecycle management in a contactless smart card |
US9575777B2 (en) * | 2011-03-08 | 2017-02-21 | Sony Corporation | Information processing device for performing contactless communication with an external device using multiple communication standards |
US10026078B1 (en) * | 2011-04-26 | 2018-07-17 | Jpmorgan Chase Bank, N.A. | System and method for accessing multiple accounts |
JP5204290B1 (ja) * | 2011-12-02 | 2013-06-05 | 株式会社東芝 | ホスト装置、システム、及び装置 |
KR102067474B1 (ko) * | 2012-08-29 | 2020-02-24 | 삼성전자 주식회사 | 공유 파일 관리 방법 및 이를 이용하는 가입자 인증 장치 |
US9342699B2 (en) * | 2013-11-06 | 2016-05-17 | Blackberry Limited | Method and apparatus for controlling access to encrypted data |
-
2017
- 2017-02-17 KR KR1020187025715A patent/KR20180123026A/ko not_active Application Discontinuation
- 2017-02-17 WO PCT/JP2017/005809 patent/WO2017163686A1/ja active Application Filing
- 2017-02-17 JP JP2018507131A patent/JP6947166B2/ja active Active
- 2017-02-17 US US16/073,866 patent/US20190042808A1/en active Pending
- 2017-02-17 EP EP17769733.1A patent/EP3435237B1/en active Active
- 2017-02-17 CN CN201780017339.4A patent/CN108885581B/zh active Active
- 2017-03-14 TW TW106108360A patent/TWI774663B/zh active
-
2019
- 2019-01-18 HK HK19100956.1A patent/HK1258597A1/zh unknown
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000503157A (ja) * | 1997-06-26 | 2000-03-14 | ブル・セー・ペー・8 | メインファイルと補助ファイルとの間にリンク生成手段を備えたセキュリティモジュール |
JP2003016403A (ja) * | 2001-06-27 | 2003-01-17 | Sony Corp | 情報記憶媒体、メモリ領域を備えたicチップ、メモリ領域を備えたicチップを有する情報処理装置、並びに、情報記憶媒体のメモリ管理方法 |
JP2010176352A (ja) * | 2009-01-29 | 2010-08-12 | Sony Corp | 非接触通信装置、非接触通信システム、非接触通信方法およびプログラム |
Also Published As
Publication number | Publication date |
---|---|
TWI774663B (zh) | 2022-08-21 |
EP3435237B1 (en) | 2022-08-31 |
JPWO2017163686A1 (ja) | 2019-01-31 |
HK1258597A1 (zh) | 2019-11-15 |
JP6947166B2 (ja) | 2021-10-13 |
US20190042808A1 (en) | 2019-02-07 |
CN108885581B (zh) | 2023-08-18 |
TW201738775A (zh) | 2017-11-01 |
EP3435237A4 (en) | 2019-01-30 |
KR20180123026A (ko) | 2018-11-14 |
EP3435237A1 (en) | 2019-01-30 |
CN108885581A (zh) | 2018-11-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101632465B1 (ko) | 무선 주파수 신호의 증폭 | |
US10600298B1 (en) | Exit-code-based RFID loss-prevention system | |
US8909144B2 (en) | Communications devices comprising NFC communicators | |
US9740847B2 (en) | Method and system for authenticating a user by means of an application | |
CN101727603B (zh) | 信息处理装置、用于切换密码的方法以及程序 | |
US10783514B2 (en) | Method and apparatus for use in personalizing identification token | |
CN101127071B (zh) | 信息处理***,以及信息处理设备和方法 | |
US20070279190A1 (en) | Method of authentication and secure exchange of data between a personalised chip and a dedicated server, and assembly for implementing the same | |
KR101492054B1 (ko) | 카드 리더, 단말기 및 그를 이용한 결제 정보 처리 방법 | |
CN101809977A (zh) | 使用附加元件更新移动设备 | |
US11005302B1 (en) | Using the NFC field from a phone to power card to phone bluetooth communications | |
CN211787195U (zh) | Ic卡以及信息处理*** | |
KR101583156B1 (ko) | 카드 리더, 단말기 및 그를 이용한 결제 정보 처리 방법 | |
US8259946B2 (en) | Communication apparatus, reader/writer, communication system, and communication method | |
JP6929830B2 (ja) | 情報処理装置、管理装置、情報処理方法、および情報処理システム | |
WO2017163686A1 (ja) | 情報処理装置及び情報処理方法 | |
KR101426223B1 (ko) | 스마트카드와 스마트 단말을 이용한 보안정보 조회 방법 및 이를 위한 컴퓨터로 판독가능한 기록매체 | |
KR100772444B1 (ko) | 신용카드, 이를 관리하는 시스템 및 방법 | |
JP2010045440A (ja) | 通信装置、リーダ/ライタ、通信システム、および通信方法 | |
KR20160001345A (ko) | 위조품 식별 방법 | |
WO2016009722A1 (ja) | 情報処理装置、情報処理方法、およびプログラム | |
Hakamäki et al. | Security of RFID-based technology |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 2018507131 Country of ref document: JP |
|
ENP | Entry into the national phase |
Ref document number: 20187025715 Country of ref document: KR Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 201780017339.4 Country of ref document: CN |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2017769733 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2017769733 Country of ref document: EP Effective date: 20181023 |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17769733 Country of ref document: EP Kind code of ref document: A1 |