The present invention relates to a system and method for providing services by an information processor and more particularly to an information processor-based service providing system and method which is suitably used on a method that shares resources such as IC cards or Smart cards and prevents illicit access to resources and which is capable of sharing resources among a plurality of applications.
Since IC cards and Smart cards (hereinafter referred to simply as “Smart card”) have a limitation on their memory capacity, there is a growing demand for sharing the same resources (data and functions) among a plurality of applications (hereinafter referred to simply as “applications”) to effectively utilize the limited resources.
In the case of Smart cards, however, the applications are isolated from one another by firewalls for security and therefore normally unable to share the resources.
To meet the above requirement, there has been known a technology to access shared resources beyond firewalls among applications (see, for example, Sun Microsystems Inc., “Runtime Environment Specification Java Card™ Platform, Version 2.2.1”, [online], Internet <URL: http:/java.sun.com/products/javacard/specs.html>). When one wishes to use these functions, a side that provides the shared resources (hereinafter referred to as a “common application”) needs to authenticate a side that utilizes the shared resources (hereinafter referred to as a “service application”) to prevent an access by an unauthorized service application.
The common application holds management information on the service application and, based on this information, authenticates the service application. Further, a technology is known which, even when a service application is newly added to the Smart card, can deal with this situation by updating the shared management information of the applications without replacing the common application itself (for example, see JP-A-2002-73196).
A method for efficiently referencing the resources within the Smart card from a plurality of applications is known. This method realizes its function by storing in the Smart card those applications that manage the resources within the Smart card (e.g., JP-A-2003-216585). A management application (management application 51) in JP-A-2003-216585 is designed to select an authenticating application that is run in the Smart Card.
Further, a technology is also available which determines whether the functions of the operating system in the Smart card can be used, by holding in the operating system an access flag for each application and referencing the access flag to limit the functions used by the associated application (e.g., U.S. Pat. No. 6,742,120).