1. Field of the Invention
The present invention relates to an information management apparatus, an information management method, and a program. More particularly, the present invention relates to an information management apparatus capable of generating commands corresponding to a plurality of different types of IC chips in response to a request from one server, an information management method for use therewith, and a program for use therewith.
2. Description of the Related Art
In recent years, it has been getting popular that electronic money is charged (deposited) in a non-contact IC chip, such as a credit card or FeliCa (registered trademark) embedded in a cellular phone and that the price when a commodity is purchased is paid using the charged electronic money.
When the price is paid, it is only necessary to hold the user's credit card or cellular phone up to a terminal (reader/writer) disposed in a shop. Thus, it is possible for the user to quickly pay the price.
Such an electronic money system is configured, for example, as shown in FIG. 1.
A server side of the electronic money system includes a server device 1 and a SAM (Secure Application Module) 2. A client side of the electronic money system includes a client device 3 and an R/W (reader/writer) 4. The server device 1 and the client device 3 are connected to each other via a network 5.
In the example of FIG. 1, a cellular phone 6, in which a non-contact IC chip 13 is incorporated, is positioned close to the R/W 4 on the client side, and the cellular phone 6 is connected to the client device 3 through short-distance communication using electromagnetic induction.
A server application 11 implemented in the server device 1 performs communication with a client application 12 implemented in the client device 3, and outputs, to the SAM 2, a command (command executed by the non-contact IC chip 13) generated in response to a request from the client application 12. When the command on which encryption is performed is supplied from the SAM 2, the server application 11 transmits it to the client application 12 of the client device 3 via the network 5.
The SAM 2 is a tamper-resistant device, and manages encryption processing and keys used in the encryption processing. The SAM 2 performs encryption on the command supplied from the server application 11, and outputs the encrypted command to the server application 11. The SAM 2 and the non-contact IC chip 13 each have a common key, and encryption communication is realized between the SAM 2 and the non-contact IC chip 13 by transmitting and receiving the encrypted information using the key.
The client application 12 of the client device 3 transmits a predetermined request to the server application 11 of the server device 1. Also, when a command is transmitted from the server application 11, the client application 12 transmits it to the non-contact IC chip 13 via the R/W 4 so that the command is executed by the non-contact IC chip 13.
The non-contact IC chip 13 decrypts the encryption performed on the command transmitted from the SAM 2 via the R/W 4, etc., and executes it. When the content of the command is the rewriting of electronic money, this command contains, for example, information of the amount of money to be rewritten.
For example, in the electronic money system having such a configuration, when the user of the cellular phone 6 pays the price of the purchased commodity by using the electronic money stored in the non-contact IC chip 13, the client application 12 of the client device 3 transmits a request for paying the price of the commodity to the server application 11 of the server device 1. The server application 11 receiving the request generates a command (read command) for requesting the non-contact IC chip 13 to read the balance of the electronic money.
The read command generated by the server application 11 is subjected to encryption by the SAM 2, and thereafter, the read command is transmitted to the non-contact IC chip 13 via the server application 11 of the server device 1, the network 5, the client application 12 of the client device 3, and the R/W 4. After the read command is decrypted by the non-contact IC chip 13, it is executed. The balance that is read as a result of the read command being executed is subjected to encryption by the non-contact IC chip 13. Thereafter, the balance is transmitted as a response for the server application 11 to the SAM 2 via the R/W 4, the client application 12 of the client device 3, the network 5, and the server application 11 of the server device 1. In the SAM 2, the encryption performed on the balance transmitted from the non-contact IC chip 13 is decrypted, and the decrypted balance is transmitted to the server application 11.
As a result, the server application 11 is able to confirm the current balance of the electronic money, which is stored in the non-contact IC chip 13.
When the balance is confirmed, the server application 11 of the server device 1 generates a command (write command) for requesting the non-contact IC chip 13 to rewrite the balance of the electronic money (rewriting to the balance that is subtracted by the amount of the price of the commodity).
Similarly to the read command that was transmitted previously, the write command generated by the server application 11 is subjected to encryption by the SAM 2. Thereafter, the write command is transmitted to the non-contact IC chip 13 via the server application 11 of the server device 1, the network 5, the client application 12 of the client device 3, and the R/W 4. The write command is decrypted in the non-contact IC chip 13, and then it is executed. This write command also contains information indicating how much the balance should be. As a result, the balance of the electronic money, which is stored in the non-contact IC chip 13, is subtracted by the amount of the price of the commodity.
For example, processing such as a message reporting that the subtraction of the balance is completed being transmitted from the non-contact IC chip 13 to the server application 11 is performed, and the series of processing is completed. Such series of processing makes it possible to realize the payment of the price of the commodity.
In addition to the payment of the price of the commodity as described above, the server/client system having such a configuration makes it possible to realize, for example, the management of points issued by shops, and the payment of fares when the client device 3 is provided as a ticket gate of a railway station. For the management of points and the payment of fares, basically, processing similar to the case of the above-described payment of the price is performed by each device of FIG. 1.
The server/client system having the configuration shown in FIG. 1 is disclosed in Japanese Unexamined Patent Application Publication No. 2003-141063.