A method controls access to a data file of an IC card and includes storing a plurality of access conditions to be evaluated for accessing the data file and evaluating the access condition for enabling or denying access to the data file. The access is enabled if the access conditions are satisfied or otherwise it is denied.
With reference to FIG. 1, a data file 2 to be accessed includes a body portion 2b which stores data and a header portion 2a including a field 9 storing a file identifier 03 of the data file 2. The access conditions are stored in a logic file 6, which is schematically represented in FIG. 2, including a respective header portion 6a having a first field 7, which stores a file identifier 07 of the logical file 6 and a body portion 6b comprising the access conditions 66, 67 to be evaluated.
As it is schematically represented in FIG. 1, another field 8 of the header portion 2a of the data file 2 stores the file identifier 7 of the logic file 6 in order to retrieve the corresponding access conditions 66, 67 when an access to the data file 2 is requested, for example, by an IC card program or file.
According to this method, the evaluation of the access conditions is executed by reading the file identifier 03 of the data file 2, reading from the header portion 2a of such data file 2 the file identifier 07 of the logic file 6 and the corresponding access conditions 66, 67, and evaluating the access conditions. More particularly, the access conditions of the logic file 6 are in the form of Boolean operands A, B and a Boolean operator & and the step of evaluating the access conditions “A & B” substantially provides to apply the Boolean operator & to the Boolean operands A, B and to calculate a resulting value which enable or deny access. For example, the method may allow access to the data file 2 if the result of the evaluation “A & B” corresponds to the value 1, i.e. both A=1 and B=1. The data file 2 may be associated to a plurality of access conditions, for example, the access conditions “((A & B)∥C) & D” schematically represented in FIG. 3.
The parenthesis “(” and “)” specify the order or precedence in which the access conditions may be evaluated, i.e. initially the access conditions “A & B” may be evaluated, resulting in a corresponding Boolean operand or value X. The result X may be evaluated with C and operator ∥, i.e. “X∥C,” and the corresponding resulting Boolean operand Y may be evaluated with & operator and D, i.e. “Y & D.”
With reference to the example given above, in order to specify the precedence of the access conditions to be evaluated, the method provides to store the access condition “A & B” to be evaluated firstly, in a first logic file 60a which is schematically represented in FIG. 3a, having file identifier 05 and body portion 6b storing the access condition “A & B.” Since the result of the evaluation of the access condition “A & B” may be evaluated with C and operator ∥, the method may further provide to store in the body portion 6b of a second logic file 60b, schematically represented in FIG. 3b, the file identifier 05 wherefrom it may retrieve the result X of the evaluation of the access condition “A & B” and the access conditions to be evaluated with such result X, i.e. C and operator ∥. The header portion 6a of the second logic file 60b comprises the corresponding file identifier 06.
Substantially as described above, the method further stores in the body portion 6b of a third logic file 60c, schematically represented in FIG. 3c, the file identifier 06 wherefrom it may retrieve the result Y of the evaluation of the access condition “05∥C” and the access condition to be evaluated with such result, i.e. D and operator &. The header portion 6a of the third logic file 60c comprises the corresponding file identifier 07.
Thus, the evaluation of the access conditions associated to the data file of FIG. 1, i.e. the evaluation of “((A & B)∥C) & D”, may be executed by only reading all the logic files 60a-60c thereto associated, i.e. reading the file identifier 03 of the data file 2 and reading from the header portion 2a of such data file 2 the file identifier 07 of the third logic file 60c and the corresponding access conditions (“06 & D”). Before executing the step of evaluating, since an access condition 06 of the third file 60c corresponds to the file identifier 06 of the second logic file 60b, the access conditions (“05∥C”) of such second logic file 60b are read. Moreover, since an access condition 05 of the second file 60b corresponds to another file identifier 05 of the first logic file 60a, the access conditions (“A∥B”) of such first logic file 60a are read.
Only at this stage, the method for controlling access includes evaluating the access condition “A & B”, calculating the corresponding result X, returning back to the evaluation of access conditions “X∥C” and to the evaluation of access conditions “Y & D”.