Secure device, information processing terminal, integrated circuit, terminal application generation apparatus, application authentication method
First Claim
1. A secure device that stores an application to be processed by an information processing terminal, the secure device comprising an application issuer that embeds, in the application, information for an authentication of said application, and issues this application to the information processing terminal.
4 Assignments
0 Petitions
Accused Products
Abstract
The present invention is designed to enable a secure device to authenticate a terminal application that operates on an information processing terminal and that accesses the secure device. An application issue request transmitter (301) of the information processing terminal (30) sends a request for issue of a terminal application to an application issuer (101). The application issuer (101) of an secure device (10) reads a terminal application (31) from an application storage (105) and embeds authentication information in the terminal application (31), associates an ID and the authentication information of the terminal application (31) and save them in an issue information storage (106), and sends the terminal application (31) to an application receiver (302) of the information processing terminal through an application transmitter (102). The application receiver (302) starts the terminal application (31). An application authenticator (311) of the terminal application (31) performs an authentication with the secure device (10) by means of the application authentication information.
51 Citations
32 Claims
- 1. A secure device that stores an application to be processed by an information processing terminal, the secure device comprising an application issuer that embeds, in the application, information for an authentication of said application, and issues this application to the information processing terminal.
-
21. An information processing terminal comprising:
-
an application issue request transmitter that, upon starting an application, requests a secure device to issue the application with authentication information embedded in said application;
an application receiver that receives the application issued by the secure device with authentication information embedded in said application; and
an application executor that executes the application, wherein, when the application executor starts and executes the application, the application and the secure device perform an authentication of the application using the authentication information.
-
-
22. An information processing terminal comprising:
-
an application issue request transmitter that requests issue of an application;
a receiver that receives an application issued by a secure device; and
an application executor that executes the application, wherein the application issue request transmitter requests issue of an MTA that has a function to substitute part of processing of the secure device to the secure device and receives the MTA issued by the secure device, and the application executor starts and performs an authentication between the secure device and the MTA using the authentication information embedded in the MTA; and
wherein, subsequently, the application issue request transmitter requests the MTA to issue a non-MTA application, the MTA requests the secure device to issue the non-MTA application, receives and starts the non-MTA application issued by the secure device, and performs an authentication between the secure device and the non-MTA application using authentication information embedded in the non-MTA application. - View Dependent Claims (23)
-
-
24. An information processing terminal comprising:
-
an encrypted application storage that stores an encrypted application, said encrypted application being decodable by means of an application encryption key stored in a secure device;
an application issue request transmitter that requests issue of the application; and
an application executor that executes the application, wherein the application issue request transmitter requests issue of an MTA that has a function to substitute part of processing of the secure device to the secure device and receives the MTA issued by the secure device, and the application executor starts and performs an authentication between the secure device and the MTA using the authentication information embedded in the MTA; and
wherein, subsequently, the application issue request transmitter requests the MTA to issue a non-MTA application, and the MTA requests an application encryption key from the secure device, receives the application encryption key from the secure device, and decodes and executes the encrypted application stored in the encrypted application storage. - View Dependent Claims (25)
-
-
26. A terminal application generation apparatus that generates an application to be processed by an information processing terminal and has a secure device store the application, the terminal application generation apparatus comprising:
-
an embedment preparator that receives a source code of the application, prepares for an embedment of authentication information, and outputs the source code, in which the authentication information can be embedded, and an instruction template that comprises a prototype of an instruction specifying a method of the embedment of the authentication information;
a compiler that compiles the source code, in which the authentication information can be embedded, into a bytecode that is executable on the information processing terminal; and
an instruction generator that receives the bytecode and the instruction template and generates the instruction, wherein the bytecode and instruction are transmitted to and stored in the secure device.
-
-
27. An application authentication method, comprising:
-
having a secure device store an application that operates on an information processing terminal;
having the secure device generate authentication information in response to an application issue request from the information processing terminal, embed the authentication information in the application, and transmit the application to the information processing terminal;
having the information processing terminal start the application and perform an authentication of the application with the secure device using the authentication information; and
having the secure device authenticate the application.
-
-
30. An integrated circuit in an information processing terminal, comprising:
-
an application executor that executes an application on the information processing terminal, an application issue request transmitter that, upon starting the application, requests a secure device to issue the application with authentication information embedded in said application; and
an application receiver that receives the application issued by the secure device with authentication information embedded in said application, wherein, upon execution of the application, an authentication of the application is performed with the secure device using the authentication information.
-
-
31. An integrated circuit in an information processing terminal, comprising:
-
an application executor that executes an application on the information processing terminal;
an application issue request transmitter that requests issue of the application; and
,an application receiver that receives the application issued by the secure device, wherein the application issue request transmitter requests issue of an MTA (Master Trusted Agent) that has a function to substitute part of processing of the secure device to the secure device, receives and starts the MTA issued by the secure device, and performs an authentication of the MTA with the secure device using the authentication information embedded in the MTA; and
wherein, subsequently, the application issue request transmitter requests the MTA to issue a non-MTA application, the MTA requests the secure device to issue the non-MTA application, receives and starts the non-MTA application issued by the secure device, and performs an authentication with the secure device using authentication information embedded in the non-MTA application.
-
-
32. An integrated circuit in an information processing terminal, comprising:
-
an application executor that executes an application on an information processing terminal;
an application issue request transmitter that request issue of the application;
wherein the application issue request transmitter requests issue of an MTA (Master Trusted Agent) that has a function to substitute part of processing of a secure device to the secure device, receives and starts the MTA issued by the secure device, and performs an authentication of the MTA with the secure device using the authentication information embedded in the MTA; and
wherein, subsequently, the application issue request transmitter requests the MTA to issue a non-MTA application, and the MTA requests an application encryption key from the secure device, receives the application encryption key from the secure device, and decodes and executes an encrypted application.
-
Specification