In recent years, a semiconductor memory card provided with a plurality of areas having different security levels and access techniques on a single card is under development. For example, a conventional technology described in the Unexamined Japanese Patent Publication No. 2001-14441 discloses a semiconductor memory card having an authenticated area accessible to only authenticated devices and a non-authenticated area accessible without any authentication as a storage area.
As shown in FIG.1, this memory card incorporates an IC chip of a flash memory 303 making up a storage area and a control IC 302 that controls write/read to/from the storage area, and the flash memory 303 is provided with an authenticated area 332 that permits access only to devices authenticated as licensed devices and a non-authenticated area 331 that permits access without any such authentication.
Furthermore, the control IC 302 is provided with an authentication section 321 that authenticates the validity of another party device attempting to access this memory card 109, a command decision control section 322 that decides the type of a command input through a command pin and controls various components according to the type, an authenticated area access control section 325 that executes data write/read to/from the authenticated area 332 of the flash memory 303 and a non-authenticated area access control section 326 that executes data write/read to/from the non-authenticated area 331.
A terminal which accesses the authenticated area 332 of this memory card 109 performs authentication with the authentication section 321 of the memory card 109 and when the authentication is completed successfully, the terminal is allowed to perform data write/read to/from the authenticated area 332 through the authenticated area access control section 325. Furthermore, data write/read to/from the non-authenticated area 331 can be freely performed through the non-authenticated area access control section 326.
The non-authenticated area 331 and authenticated area 332 of this memory card 109 are delimited at a certain address in the flash memory 303 as a boundary and the size of each area can be made variable by changing the boundary address. When the area is changed, an apparatus accessing the memory card 109 performs authentication with the memory card 109 and then sends the size of the non-authenticated area 331 to the memory card 109 using an area change dedicated command. Upon reception of the area change command, the memory card 109 saves the value in a non-volatile work area in the memory card 109 and executes access control over the authenticated area 332 and non-authenticated area 331 using the value as a new boundary address in subsequent accesses.
However, in such a conventional information storage apparatus having a plurality of partitioned areas, a memory area is already partitioned based on the intention of a card issuer at a stage at which the card is issued to a user. Thus, even when the mode of use of the information storage apparatus differs from one user to another, each user cannot help but acquire an information storage apparatus having only a preplanned partitioned area.