At present, attention is focused on an IC card as a security device. A multi-application compatible card to allow an application to be downloaded thereto after the card is issued is developed for the purpose of improving the convenience of users and lowering barriers to entry of businesses wanting to provide IC card service.
Recently, a device including large-capacity memory in an IC chip available as an IC card expansion memory protection area (hereinafter, secure memory card) has been proposed, and it has been made possible to meet the need for a larger capacity of IC card application data. Since the secure memory card can be fitted to the size of a mobile machine, it can be expected that the secure memory card will be inserted directly into a mobile machine with a slot for development to use as EC (Electronic Commerce) service using the mobile machine.
Here, the hardware configuration of an IC card will be briefly reviewed.
FIG. 30 is a functional block diagram concerning the hardware of an IC card. An IC card 3001 includes a CPU (Central Processing Unit) 3002, ROM (Read Only Memory) 3003, volatile memory (for example, RAM: Random Access Memory) 3004, volatile memory (for example, EEPROM: Electrically Erasable Programmable Read Only Memory) 3005, and an I/O IF 3006. The CPU 3002 performs computation. The ROM 3003 is read-only memory that cannot be rewritten. The storage contents of the ROM 3003 are determined when the IC card is manufactured, and cannot later be changed. The RAM 3004 is memory that can be read and written. The contents of the EEPROM 3005 are retained if power is turned off. The I/O IF 3006 takes charge of data exchange between the IC card and an external system. A program executed in the CPU 3002 usually is called “application” (which will be hereinafter referred to as app). A code to execute the application is stored in the ROM 3003 or the EEPROM 3005. In addition to the components shown in FIG. 30, the IC card may include a cryptographic coprocessor for cryptographic operation.
The application installed in the IC card and an external system (reader) exchange data using an APDU (Application Protocol Data Unit) defined in ISO/IEC 7816-4. The APDU is made up of a command given to the IC card by the reader and a response returned from the IC card to the reader.
FIG. 31 shows an APDU command 3101 and is made up of a header and a main body. The main body has any desired length and may not exist if it is blank. The header is made up of a class (CLA), an instruction (INS), and parameters 1 and 2 (P1 and P2).
FIG. 32 shows an APDU response command 3201 and is made up of a data part and a Status Word (SW).
The IC card has a feature of an application fire wall. The application fire wall means that when a plurality of applications exist together in the IC card, one application cannot call a function of a different application or make data access to an object of a different application unless the different application explicitly gives an interface for access.
Sharable Interface Object (SIO) is known as an object sharing method between apps. (Refer to patent document 1.)
Hereinafter, an application for providing the SIO will be referred to as server application and an application using the SIO will be referred to as server application.
For example, proposed is a method effective for displaying the use result of an IC card having no display by inserting an IC card (chip) installing two types of applications into a mobile telephone, passing through the ticket examination by conducting noncontact communications between a ticket examining machine and a ticket examining application, passing the result to a display application by the ticket examining application in the card, and displaying the result on a screen of the mobile telephone by conducting contact communications with the display application by the mobile telephone.
In this example, the ticket examining application functions as a client application and the display application functions as a server application.    Patent document 1: International Patent Publication No. 2003-522988