The present disclosure relates to an information processing apparatus, an information processing method, a program, and an information processing system.
In recent years, information processing apparatuses which are capable of noncontact communication with a reader/writer (or an apparatus with the reader/writer function) have become popular. Such readers/writers (or such apparatuses with the reader/writer function) includes noncontact IC (Integrated Circuit) cards, RFID (Radio Frequency Identification) tags, and mobile phones with noncontact IC chips, for example.
A magnetic field to which a particular frequency, such as 13.56 MHz, is given (carrier) is used for communication between a reader/writer and an information processing apparatus, such as a noncontact IC (Integrated Circuit) card, a mobile phone, etc. Specifically, a reader/writer and an information processing apparatus may communicate with each other as follows: the reader/writer sends a carrier that carries a carrier signal, and the information processing apparatus receives the carrier, then the information processing apparatus responds to the received carrier signal by sending back a response signal generated by load modulation.
Moreover, for example, such information processing apparatuses that are capable of noncontact communication with readers/writers can safely send/receive and update data which would cause a terrible disaster if manipulated, such as electrical money, by including a tamper-resistant IC chip therein. Accordingly, various services by use of the information processing apparatuses with such IC chips installed therein have been widely provided in society. As the services are provided more and more widely, the information processing apparatuses, such as IC cards, mobile phones, etc., with noncontact IC chips installed therein have then become much more popular.
Furthermore, in recent years, more and more functions are given to the information processing apparatuses as described above. There have even appeared, for example, information processing apparatuses that are capable of both contact and noncontact communication, or that are capable of communication with external apparatuses in different multiple communication protocols.
In such circumstances, there have been developed techniques related to information processing apparatuses with multiple operating systems that compatible with different communication schemes. For example, JP 2007-087120 (A) describes a technique for multiple operating systems to delegate issuance processes to each other.
For example, an internal memory of an IC chip included in an information processing apparatus, such as an IC card, a mobile phone, etc., becomes accessible for a user, by processes, so-called issuance processes, carried out by, for example, a service provider firm which manages services via the IC chip. Now, the issuance processes are classified in multiple levels: 0th issuance, 1st issuance, 2nd issuance, for example. The 0th issuance is an initialisation process for initialising an internal memory by setting up an encryption key for encrypted communication, initialising a memory area, etc. And the 1st issuance is a process for defining a memory area in the internal memory for which the 0th issuance is made. Then the 2nd issuance is a process for writing service data for use in the services into the memory area defined by the 1st issuance. The 0th issuance of the issuance processes is a process for setting, onto the internal memory, information (data), such as the encryption key, which might cause a grave trouble if stolen by a malicious third party. Accordingly, the 0th issuance is at least made at somewhere enough secured, such as factories for manufacturing IC chips to be installed into IC card or mobile phones. Now, with the 0th issuance made already, the information processing apparatus may safely make the 1st issuance and 2nd issuance by communicating cryptographically with an administrative server for managing the issuance processes by use of the encryption key stored in the internal memory, for example.
On the other hand, in recent years, there exists a need for information processing apparatuses compatible with a particular communication scheme to get into compatibility with another new communication scheme (e.g., communication under a new communication protocol) even after 0th issuance. In order to meet the need, for example, the issuance processes may be executed on the internal memories of the IC chips included in the information processing apparatuses for the other communication scheme.
Now, for example, a way of meeting the need is to bring the information processing apparatuses to somewhere enough secured, such as factories, with the 0th issuances for them already made, to execute again the issuance processes on them. However, this way is not practical because the information processing apparatuses, such as IC cards, mobile phones, etc., which now belong to users, may need to be brought to factories.
Moreover, another way of meeting the need is, for example, to execute new issuance processes on the information processing apparatuses via contact/non-contact communication between the information processing apparatuses and external apparatuses, such as the administrative server. However, in this way, the information processing apparatuses may not be capable of encrypting the contact/non-contact communication between the external apparatuses and them because they have no encryption key for the other new communication scheme yet. Accordingly, if the new issuance processes are executed via the contact/non-contact communication between the information processing apparatuses and external apparatuses, newly set-up encryption keys might be stolen by a malicious third party.
According to a technique (which may be simply referred to as the “related art” hereinafter) related to an information processing apparatus with multiple operating systems (which will be referred to as “OS”s hereinafter) compatible with different communication schemes, issuance processes are delegated between the OSs provided with a common kernel. More specifically, the related art enables processes cooperating with each other between the OSs by use of the kernel. Then, the issuance processes are implemented by delegation between OSs, where an OS corresponding to issuance data received by one communication means handles the process based on the issuance data. Thus, according to the related art, one communication scheme by which communication may be implemented cryptographically is used for issuance processes on the other communication schemes. It might be possible to meet the above need by use of the related art.
However, in the related art, OSs depend upon each other because multiple OSs are in cooperation via a common kernel at any time. Thus, if an encryption key for a particular communication scheme is stolen by a malicious third party, an information processing apparatus according to the related art might suffer a wretched situation as follows, for example:
The malicious third party sends unauthorised issuance data for cracking to the related-art information processing apparatus, using the stolen encryption key;
In the related-art information processing apparatus, an OS corresponding to the unauthorised issuance data received handles issuance processes according to the unauthorised issuance data; and
Amongst the OSs of the related-art information processing apparatus, the OS, by which the issuance processes according to the unauthorised issuance data have been handled, is then got cracked by the malicious third party.
As described above, in the related art, the OSs of the related-art information processing apparatus depend upon each other; thus, the possibility that such a wretched situation as described above arises should not be overlooked. Consequently, even by use of the related art, it is not expected safe deposit (safe setup) of an encryption key for a new communication scheme into the internal memory of an information processing apparatus. And furthermore, in the related art, even the OS on which the issuance processes are executed legitimately at a factory or the like may be cracked by a malicious third party by cracking as described above because multiple OSs are in cooperation via a common kernel at any time.
In light of the foregoing, it is desirable to provide an information processing apparatus, an information processing method, a program, and an information processing system, which are improved, and which can safely set up an encryption key via contact/non-contact communication with an external apparatus.