INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, PROGRAM AND COMMUNICATION SYSTEM

US 20090307491A1
Filed: 06/04/2009
Published: 12/10/2009
Est. Priority Date: 06/06/2008
Status: Abandoned Application

First Claim

Patent Images

1. An information processing device, comprising:

a data storage portion that is capable of storing user data used in a particular service using non-contact communication and management information used to manage the user data in different storage areas for each of a plurality of different encryption methods and that has at least a first storage area storing first management information corresponding to a first encryption method;

an issuing information receiver that receives issuing information that is encrypted using the first encryption method from an issuing device that delivers the issuing information to issue second management information corresponding to a second encryption method;

an issuing information decryption portion that decrypts the received issuing information with the first encryption method, based on the first management information corresponding to the first encryption method that is stored in the first storage area of the data storage portion; and

a management information issuing portion that, based on the decrypted issuing information, issues the second management information corresponding to the second encryption method and stores the second management information in a second storage area in the data storage portion.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information processing device includes: a data storage portion that can store user data used in a particular non-contact communication service and management information to manage the user data in different storage areas corresponding to different encryption methods and that has a first storage area storing management information corresponding to a first encryption method; an issuing information receiver that receives issuing information encrypted with the first encryption method from an issuing device delivering the issuing information to issue management information corresponding to a second encryption method; an issuing information decryption portion that decrypts the received issuing information with the first encryption method, based on the management information corresponding to the first encryption method stored in the first storage area; and a management information issuing portion that, based on the decrypted issuing information, issues the management information corresponding to the second encryption method and stores it in a second storage area.

Citations

14 Claims

1. An information processing device, comprising:
- a data storage portion that is capable of storing user data used in a particular service using non-contact communication and management information used to manage the user data in different storage areas for each of a plurality of different encryption methods and that has at least a first storage area storing first management information corresponding to a first encryption method;
  
  an issuing information receiver that receives issuing information that is encrypted using the first encryption method from an issuing device that delivers the issuing information to issue second management information corresponding to a second encryption method;
  
  an issuing information decryption portion that decrypts the received issuing information with the first encryption method, based on the first management information corresponding to the first encryption method that is stored in the first storage area of the data storage portion; and
  
  a management information issuing portion that, based on the decrypted issuing information, issues the second management information corresponding to the second encryption method and stores the second management information in a second storage area in the data storage portion.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The information processing device according to claim 1, whereinthe storage area of the data storage portion has a hierarchical structure formed of a section definition area that is established for at least each of the plurality of encryption methods with which the information processing device is compatible, and of at least one area definition area that belongs to the section definition area,the management information includes at least section definition information that is stored in the section definition area, and area definition information that is stored in the area definition area,the first storage area of the data storage portion includes at least a first section definition area that stores first section definition information corresponding to the first encryption method,the first management information includes at least the first section definition information,the first section definition information includes a first key used for authentication to access the first section definition area and identification information for the first encryption method,the issuing information, as the second management information, is section issuing information used to issue second section definition information corresponding to the second encryption method,the section issuing information includes a second key used for authentication to access a second section definition area, and identification information for the second encryption method, andthe information processing device further comprises:
    - a mutual authentication portion that performs mutual authentication with the issuing device with the first encryption method, using the first encryption method identification information stored in the first section definition area, whereinwhen the mutual authentication performed by the mutual authentication portion is successful, the issuing information receiver receives the section issuing information from the issuing device, the section issuing information being encrypted with the first encryption method using the first key,the decryption portion uses the first key stored in the first section definition area to decrypt the received section issuing information with the first encryption method, andthe management information issuing portion, based on the decrypted section issuing information, issues the second section definition information that includes the second key and the second encryption method identification information, and stores the second section definition information in the second section definition area that is the second storage area of the data storage portion.
  - 3. The information processing device according to claim 2, whereinthe first storage area and the second storage area of the data storage portion respectively store the first encryption method identification information and the second encryption method identification information, andthe information processing device further comprises:
    - a communication portion that performs non-contact communication with a service provider device that delivers the particular service; and
      
      a mutual authentication portion that, when an authentication request is received from the service provider device by the communication portion, based on one of the first and the second encryption method identification information stored in one of the first and the second storage area, selects the storage area corresponding to an encryption method specified by the authentication portion, and uses the management information stored in the selected storage area to perform mutual authentication with the service provider device with the encryption method specified in the authentication request.
  - 4. The information processing device according to claim 3, further comprising:
    - a communication portion that performs non-contact communication with an external device; and
      
      an encryption processing portion compatible with the plurality of encryption methods that encrypts and decrypts, with one of the plurality of encryption methods, data communicated by non-contact communication by the communication portion;
      
      whereinthe issuing information decryption portion, using the encryption processing portion, decrypts the issuing information received from the issuing device with the first encryption method.
  - 5. The information processing device according to claim 4, whereinthe first encryption method is a single representative encryption method that is selected from among the encryption methods with which the encryption processing portion is compatible, and the first encryption method is more reliable than the second encryption method.
  - 6. The information processing device according to claim 5, whereinthe information processing device is one of an IC card and a mobile terminal equipped with an IC card portion capable of non-contact communication with an external device.

7. An information processing device, comprising:
- a data storage portion that is capable of storing user data used in a particular service using non-contact communication and management information used to manage the user data in different storage areas for each of a plurality of different encryption methods and that has at least a first storage area storing first management information corresponding to a first encryption method;
  
  an issuing information receiver that receives issuing information that is encrypted using the first encryption method from an issuing device that delivers the issuing information to issue second management information corresponding to the first encryption method;
  
  an issuing information decryption portion that decrypts the received issuing information with the first encryption method, based on the first management information corresponding to the first encryption method that is stored in the first storage area of the data storage portion; and
  
  a management information issuing portion that, based on the decrypted issuing information, issues the second management information corresponding to the first encryption method and stores the second management information in a second storage area in the data storage portion.
- View Dependent Claims (8)
- - 8. The information processing device according to claim 7, whereinthe storage area of the data storage portion has a hierarchical structure formed of at least a system definition area established corresponding to each of a non-contact communication system with which the information processing device is compatible, at least one section definition area for each of the plurality of encryption methods with which the information processing device is compatible, the section definition area belonging to the system definition area, and at least one area definition area belonging to the section definition area,the management information includes at least system definition information that is stored in the system definition area, section definition information that is stored in the section definition area, and area definition information that is stored in the area definition area,the first storage area of the data storage portion includes at least a first system definition area that stores a first system definition information corresponding to a first non-contact communication system and a first section definition area that stores a first section definition information corresponding to the first encryption method, the first section definition area belonging to the first system definition area,the first management information includes at least the first system definition information and the first section definition information,the first system definition information includes a first system code indicating the first non-contact communication system, and the first section definition information includes a first key used for authentication to access the first section definition area and identification information for the first encryption method,the issuing information, as the second management information, is system issuing information to issue second system definition information corresponding to a second non-contact communication system and second section definition information that belongs to the second system definition information and that corresponds to the first encryption method,the system issuing information includes a second system code indicating the second non-contact communication system and a second key used for authentication to access a second section definition area, andthe information processing device further comprises:
    - a key storage portion that stores an authorization key to newly issue the system definition information; and
      
      a mutual authentication portion that performs mutual authentication with the issuing device with the first encryption method, using the first encryption method identification information stored in the first section definition area, whereinwhen the mutual authentication performed by the mutual authentication portion is successful, the issuing information receiver receives the system issuing information encrypted with the first encryption method using one of the first key and the authorization key from the issuing device,the issuing information decryption portion uses one of the first key stored in the first section definition area and the authorization key stored in the key storage portion to decrypt the received system issuing information with the first encryption method, andthe management information issuing portion, based on the decrypted system issuing information, issues the second system definition information that includes the second system code and the second section definition information that includes the second key and the first encryption method identification information, and stores the second system definition information and the second section definition information in the second system definition area and the second section definition area respectively, the second system definition area and the second section definition area being the second storage area of the data storage portion.

9. An information processing method, comprising the steps of:
- storing, by an information processing device, first management information corresponding to a first encryption method in a first storage area of a data storage portion that is capable of storing user data used in a particular service using non-contact communication and management information used to manage the user data in different storage areas for each of a plurality of different encryption methods;
  
  receiving, by the information processing device, issuing information that is encrypted using the first encryption method from an issuing device that delivers the issuing information to issue second management information corresponding to a second encryption method;
  
  decrypting, by the information processing device, the received issuing information using the first encryption method, based on the first management information corresponding to the first encryption method stored in the first storage area of the data storage portion; and
  
  issuing, by the information processing device, based on the decrypted issuing information, the second management information corresponding to the second encryption method, and storing the second management information in a second storage area of the data storage portion.

10. An information processing method, comprising the steps of:
- storing, by an information processing device, first management information corresponding to a first encryption method in a first storage area of a data storage portion that is capable of storing user data used in a particular service using non-contact communication and management information used to manage the user data in different storage areas for each of a plurality of different encryption methods;
  
  receiving, by the information processing device, issuing information that is encrypted using the first encryption method from an issuing device that delivers the issuing information to issue second management information corresponding to the first encryption method;
  
  decrypting, by the information processing device, the received issuing information using the first encryption method, based on the first management information corresponding to the first encryption method stored in the first storage area of the data storage portion; and
  
  issuing, by the information processing device, based on the decrypted issuing information, the second management information corresponding to the first encryption method, and storing the second management information in a second storage area of the data storage portion.

11. A program that comprises instructions that command a computer to perform the steps of:
- storing first management information corresponding to a first encryption method in a first storage area of a data storage portion that is capable of storing user data used in a particular service using non-contact communication and management information used to manage the user data in different storage areas for each of a plurality of different encryption methods;
  
  receiving issuing information that is encrypted using the first encryption method from an issuing device that delivers the issuing information to issue second management information corresponding to a second encryption method;
  
  decrypting the received issuing information using the first encryption method, based on the first management information corresponding to the first encryption method stored in the first storage area of the data storage portion; and
  
  issuing, based on the decrypted issuing information, the second management information corresponding to the second encryption method, and storing the second management information in a second storage area of the data storage portion.

12. A program that comprises instructions that command a computer to perform the steps of:
- storing first management information corresponding to a first encryption method in a first storage area of a data storage portion that is capable of storing user data used in a particular service using non-contact communication and management information used to manage the user data in different storage areas for each of a plurality of different encryption methods;
  
  receiving issuing information that is encrypted using the first encryption method from an issuing device that delivers the issuing information to issue second management information corresponding to the first encryption method;
  
  decrypting the received issuing information using the first encryption method, based on the first management information corresponding to the first encryption method stored in the first storage area of the data storage portion; and
  
  issuing, based on the decrypted issuing information, the second management information corresponding to the first encryption method, and storing the second management information in a second storage area of the data storage portion.

13. A communication system, comprising:
- an issuing device; and
  
  an information processing device that is capable of communication with the issuing device;
  
  whereinthe issuing device includesan issuing information encryption portion that encrypts with a first encryption method issuing information used to issue second management information corresponding to a second encryption method, andan issuing information transmitter that transmits the issuing information encrypted with the first encryption method to the information processing device, andthe information processing device includesa data storage portion that has at least a first storage area storing first management information corresponding to the first encryption method and that is capable of storing user data used in a particular service using non-contact communication and management information used to manage the user data in different storage areas for each of a plurality of different encryption methods,an issuing information receiver that receives the issuing information encrypted with the first encryption method from the issuing device,an issuing information decryption portion that decrypts the received issuing information using the first encryption method, based on the first management information corresponding to the first encryption method stored in the first storage area of the data storage portion, anda management information issuing portion that, based on the decrypted issuing information, issues the second management information corresponding to the second encryption method and stores the second management information in a second storage area of the data storage portion.

14. A communication system, comprising:
- an issuing device; and
  
  an information processing device that is capable of communication with the issuing device;
  
  whereinthe issuing device includesan issuing information encryption portion that encrypts with a first encryption method issuing information used to issue second management information corresponding to the first encryption method,an issuing information transmitter that transmits the issuing information encrypted with the first encryption method to the information processing device, andthe information processing device includesa data storage portion that has at least a first storage area storing first management information corresponding to the first encryption method and that is capable of storing user data used in a particular service using non-contact communication and management information used to manage the user data in different storage areas for each of a plurality of different encryption methods,an issuing information receiver that receives the issuing information encrypted with the first encryption method from the issuing device,an issuing information decryption portion that decrypts the received issuing information using the first encryption method, based on the first management information corresponding to the first encryption method stored in the first storage area of the data storage portion, anda management information issuing portion that, based on the decrypted issuing information, issues the second management information corresponding to the first encryption method and stores the second management information in a second storage area of the data storage portion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.)
Original Assignee
Sony Corporation (Sony Group Corp.)
Inventors
Chiba, Miki, Morita, Tadashi, Zhu, Yinglin, Kurita, Taro, Nakatsugawa, Yasumasa, Nakamura, Mitsuhiro, Higashikawa, Toshimitsu, Takemura, Toshiharu, Hamada, Hiroaki, Kanemoto, Toshinori

Application Number

US12/478,459
Publication Number

US 20090307491A1
Time in Patent Office

Days
Field of Search
US Class Current

713/169
CPC Class Codes

G06F 21/60   Protecting data

G06F 21/604   Tools and structures for ma...

G06F 21/62   Protecting access to data v...

G06F 21/77   in smart cards

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/35765   Access rights to memory zones

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

H04W 12/08   Access security

INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, PROGRAM AND COMMUNICATION SYSTEM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, PROGRAM AND COMMUNICATION SYSTEM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links