1. Field of the Invention
The present invention relates to an information processing device and an information processing method, and to an information processing device and an information processing method which can safely add and change management information to manage a memory contained in an IC (Integrated Circuit) card, for example without withdrawing the IC card.
2. Description of the Related Art
For example, an IC card (smart card) which is expected to be used in an electronic money system, a security system, etc. has been developed. The IC card has a CPU for performing various processing and a memory for storing data necessary for the processing, and data transmission/reception to/from the IC card is performed while it is electrically connected to a predetermined reader/writer (R/W) or under a non-contact state by using electromagnetic wave. An IC card which performs data transmission/reception with R/W under non-contact state by using electromagnetic wave is generally supplied with necessary power through electromagnetic wave.
In a case where the IC card is used in the electronic money system, the security system or the like, secrecy of data and security such as prevention of forgery, etc. are important. In general, an access to an IC card is allowed by a key given from the manager (operator) of a system. That is, restriction is imposed on an access to an IC card by a person having no key.
Further, the security is defined in ISO (International Organization For Standardization) 7816 which defines the standardization of contact type IC cards, and according to it, by locking DF (Dedicated File) corresponding to a director or folder, an access to DF belonging to the layer of the DF or EF (Elementary File) corresponding to a file is restricted.
In general, IC cards which have been issued to users and thus distributed in the market are withdrawn by managers or makers of the IC cards, and a so-called card issuing work of newly adding each IC card with a file in which data for supplying new services are held or changing a key necessary for data access is generally carried out by them in facilities or the like for which the security is highly managed.
That is, in general, an issuer of IC cards performs a primary issuing work as shown in FIG. 1 and issues IC cards having no function (IC cards for which data read/write operation cannot be performed) to a registered card issuing dealer who performs a registered card issuing work. The registered card issuing dealer performs the registered card issuing work (secondary issuing work) so that a manager #1 who wishes to issues services through the IC cards can use the IC cards. That is, the registered card issuing dealer keeps in each IC card a storage area to be used by the manager #1 (the area of the manager #1), and writes a key necessary to access the storage area and other information in each IC card. Here, the registered card issuing work is carried out at a place for which the security is highly managed, such as facilities of the registered card issuing dealer or the like (hereinafter referred to as “proper and safe place”). Further, in FIG. 1, the registered card issuing dealer and the manager #1 are frequently the same person.
The IC cards which have been subjected to the registered card issuing work are put on the market and distributed to users. The IC cards are used to supply services by the manager #1. That is, users can use the IC cards as electronic passes or purses.
When the IC cards which are put on the market as described above are multifunctional IC cards and a manager #2 other than the manager #1 wishes to supply a service through the multifunctional IC cards, the registered card issuing dealer temporarily withdraws the IC cards which have been put on the market as shown in FIG. 2. The registered card issuing dealer performs the registered card issuing work so that the manager #2 can use the IC cards. That is, the registered card issuing dealer keeps a storage area to be used by the manager #2 (the area of the manager #2) in each IC card and further writes in each IC card a key which is necessary for the manager #2 to access the storage area, and other information. Thereafter, the IC cards which have been subjected to the registered card issuing work are put on the market again.
For example, a key written in an IC card through the registered card issuing work is information which is important in security of the IC card, and it is undesirable that such information is distributed to places such as the market, etc. in which unjust actions such as tapping, tampering, etc. are carried out with high probability and for which the security management is not carried out (hereinafter referred to as “improper and unsafe places”). Therefore, the IC cards are withdrawn from the market and the registered card issuing work is carried out at a safe place as described above.
Accordingly, the IC cards must be withdrawn every time the registered card issuing work is wished to be carried out, and this is cumbersome.