1. Field of the Invention
The present invention relates to a data communication apparatus including relatively large memory space and a method for managing the memory in the same. In particular, the present invention relates to a data communication apparatus including memory space in which one or more applications are allocated and a method for managing the memory in the same.
More specifically, the present invention relates to a data communication apparatus in which an access right is managed and restricted for each of applications allocated in memory space and a method for managing the memory in the same. In particular, the present invention relates to a data communication apparatus for providing a plurality of access methods to each service memory field allocated to an application and a method for managing the memory in the same.
2. Description of the Related Art
Contactless IC cards can be used as wireless communication units which can be applied only locally.
This type of wireless communication is generally realized based on the principle of electromagnetic induction. That is, this system includes an IC card having a memory function and a card reader/writer for reading/writing data from/in the memory of the IC card. A loop coil in the IC card, which serves as a primary coil, and an antenna in the card reader/writer, which serves as a secondary coil, form a transformer system. In this system, the card reader/writer transmits power and information by electromagnetic induction to the IC card, so that the IC card is driven by the supplied power so as to respond to a question signal from the card reader/writer.
When the card reader/writer modulates a current flowing through the antenna, an induced voltage in the loop coil of the IC card is modulated. Accordingly, the card reader/writer can transmit data to the IC card. On the other hand, variation in the load between terminals of the loop coil of the IC card causes change in the impedance between antenna terminals of the IC card reader/writer, so that a current and voltage in the antenna changes. Accordingly, the IC card responds to the card reader/writer.
Contactless proximity communication system typified by IC cards has become widespread for its simple operation. For example, by storing personal authentication information such as a PIN code and valuable information such as a electronic ticket in an IC card, a card reader/writer provided in a cash dispenser, or at an entrance/exit of a concert hall or a ticket gate in a station can access the IC card put by a user in a contactless manner, so as to perform an authentication process.
Recently, IC cards having relatively large memory space have been emerged with an improvement in a miniaturization technique. An IC card including a large memory can store a plurality of applications therein, and thus the single IC card can be used for a plurality of uses. For example, by storing many applications, such as electronic money used for electronic payment and an electronic ticket for a specific concert hall, in an IC card, the IC card can be applied to various uses. Herein, the electronic money and electronic ticket mean a system of making settlement (electronic payment) through electronic data issued according to money provided by a user, or the electronic data itself.
Further, by providing a wired interface (not shown) for connecting to an external apparatus as well as a wireless contactless interface in the IC card or the card reader/writer, any one of or both of functions of the IC card and the card reader/writer can be provided in a device, such as a mobile phone, a personal digital assistant (PDA), or a personal computer.
In this case, the IC card technique can be used as a multi-purpose bidirectional proximity communication interface. For example, when a proximity communication system is realized by computers or information appliances, one-to-one communication is performed. Alternatively, an apparatus can communicate with another device, such as a contactless IC card. In that case, the apparatus may communicate with a plurality of cards.
Various applications using an IC card, such as transmission/reception of electronic valuable information including electronic money to/from an external apparatus, can be performed in an information processing terminal. For example, user interaction with an IC card can be performed in the information processing terminal by using a user interface in the information processing terminal, such as a keyboard and display. When the IC card is connected to a mobile phone, data stored in the IC card can be transmitted through a telephone network. Further, by connecting the mobile phone to the Internet, charges for usage can be paid by using the IC card.
An IC card is usually used by putting it over a card reader/writer. The card reader/writer constantly polls IC cards, and when the card reader/writer detects an external IC card, communication between them starts.
In this case, a personal identification number (PIN) is already input to the IC card reader/writer by the user. The input PIN is compared with a PIN stored in the IC card, so that identification or authentication is performed between the IC card and the IC card reader/writer (PIN is a code used for accessing the IC card). When the identification or authentication is successfully done, the user can use an application stored in the IC card, that is the user can access a service memory field allocated to the application (in this specification, a memory field allocated to an application is called a “service memory field”). Access to a service memory field is adequately performed by encryption communication in accordance with the security level of the application.
In this specification, use of an application, that is, a process of accessing a corresponding service memory field, is called a “service”. The service includes reading/writing of data from/in a memory, and addition/subtraction of value to/from valuable information such as electronic money.
As described above, when one IC card is used for a plurality of applications, an access right must be controlled for each application. In order to control access, a PIN code is allocated for each application, so that verification is performed in units of applications.
The types of services which can be applied to each application vary depending on attribute information of the application, such as a characteristic and a required security level of the application. Other than that, there is a requirement for controlling a service according to an access right allocated to each user of the application. For example, a requirement for discrimination of users: a full-access to a service memory field can be allowed to user A, but user B is allowed to perform only a reading operation.
However, this method of controlling access simply by allocating a PIN code to each application causes inconvenience. That is, after passing through a verification process by using a PIN code, anyone can uniformly use a service defined by the application. In other words, even if a right for using an application should be changed depending on users so as to discriminate users (available service differs depending on users: someone is allowed to read/write data from/in a service memory field, and another is only allowed to read data), a uniform service is provided to every user.