The present invention relates to an access management method and apparatus by which an electronic device such as an IC card incorporating an IC chip having a nonvolatile memory and a control device such as a CPU receives a command massage having both setting and changing functions, performs corresponding processing, and transmits the result to an external apparatus, and a portable electronic device used therefor.
Recently, an IC card incorporating an IC chip having a nonvolatile data memory and a control device such as a CPU (Central Processing Unit) for controlling the memory has attracted attention as a portable data storage medium as a kind of portable electronic device.
In an IC card of this sort, an internal data memory is divided into a plurality of files, and each file stores data and the like required by an application to operate. When an application identification name or the like is input from an external apparatus, only a corresponding file is selectively made usable.
Since a plurality of application data are divided into files and stored in one IC card, the card can be used for various purposes.
This multi-purpose IC card is required to clearly distinguish between the authorization of a card issuer and that of an application provider.
This authorization can be realized by clearly determining a permitted range of access to an IC card when a password assigned to each party concerned is collated.
When a card issuer of a conventional IC card provides a file to an application provider, a transport key for the application provider is set in the file.
The application provider receives the card and rewrites the transport key to a provider key that this provider alone can know. After that, the application provider can manage the file provided to the provider.
A general example of information for defining an environment in which a file can be managed is an access condition given to the file.
That is, a file that a card issuer provides to an application provider must be given an access condition requiring collation of an application provider key.
When conventional data element commands are used, data element setting access and data element changing access are performed by the same command.
If, therefore, access permission is determined only on the basis of the access condition of each command, the setting and changing access conditions become the same.
As described above, when conventional data element commands are used, data element setting access and data element changing access are performed by the same command. Hence, if access permission is determined only on the basis of the access condition of each command, the setting and changing access conditions become the same.