PARTITIONING THE NAMESPACE OF A CONTACTLESS SMART CARD
First Claim
1. A computer-implemented method for partitioning the namespace of a secure element into at least two storage types by a control software application within the secure element, the method comprising:
- defining, in the control software application, at least a first access type, a second access type, a first access key, and a second access key for a plurality of memory blocks within the secure element namespace,wherein each of the first access key and the second access key provides one of the first access type, or the second access type to the plurality of memory blocks within the secure element namespace,wherein the first access type comprises surrender of control for memory blocks controlled by the first access type such that an initial owner of the memory blocks controlled by the first access type cannot reclaim the memory blocks controlled by the first access type without cooperation of a current user of the memory blocks controlled by the first access type, andwherein the second access type comprises a surrender of control by an initial owner of the memory blocks controlled by the second access type to a current user such that the initial owner of the memory blocks controlled by the second access type can reclaim the memory blocks controlled by the second access type without cooperation of the current user of the memory blocks controlled by the second access type;
selecting, by the control software application, from the plurality of memory blocks within the secure element namespace, at least a first group of memory blocks, a second group of memory blocks, and access types for each of the selected groups of memory blocks, wherein at least one memory block in each of the selected groups of memory blocks is an access memory block for providing the selected access type for a software application or application data within data memory blocks of the selected groups of memory blocks to an external data requesting device; and
transmitting, from the control software application, for storage in the access memory block for each of the selected groups of memory blocks appropriate ones of and the second access key to provide the selected access type for each respective selected groups of memory blocks, thereby partitioning the namespace of the secure element into at least two storage types.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, computer programs, and devices are disclosed herein for partitioning the namespace of a secure element in contactless smart card devices and for writing application data in the secure element using requests from a software application outside the secure element. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. A control software application resident in the same or a different secure element provides access types and access bits, for each access memory block of the secure element namespace, thereby portioning the namespace into different access types. Further, a software application outside the secure element manages the control software application by passing commands using a secure channel to the secure element, thereby enabling an end-user of the contactless smart card device or a remote computer to control the partitioning and use of software applications within the secure element.
68 Citations
25 Claims
-
1. A computer-implemented method for partitioning the namespace of a secure element into at least two storage types by a control software application within the secure element, the method comprising:
-
defining, in the control software application, at least a first access type, a second access type, a first access key, and a second access key for a plurality of memory blocks within the secure element namespace, wherein each of the first access key and the second access key provides one of the first access type, or the second access type to the plurality of memory blocks within the secure element namespace, wherein the first access type comprises surrender of control for memory blocks controlled by the first access type such that an initial owner of the memory blocks controlled by the first access type cannot reclaim the memory blocks controlled by the first access type without cooperation of a current user of the memory blocks controlled by the first access type, and wherein the second access type comprises a surrender of control by an initial owner of the memory blocks controlled by the second access type to a current user such that the initial owner of the memory blocks controlled by the second access type can reclaim the memory blocks controlled by the second access type without cooperation of the current user of the memory blocks controlled by the second access type; selecting, by the control software application, from the plurality of memory blocks within the secure element namespace, at least a first group of memory blocks, a second group of memory blocks, and access types for each of the selected groups of memory blocks, wherein at least one memory block in each of the selected groups of memory blocks is an access memory block for providing the selected access type for a software application or application data within data memory blocks of the selected groups of memory blocks to an external data requesting device; and transmitting, from the control software application, for storage in the access memory block for each of the selected groups of memory blocks appropriate ones of and the second access key to provide the selected access type for each respective selected groups of memory blocks, thereby partitioning the namespace of the secure element into at least two storage types. - View Dependent Claims (3, 5, 6, 7, 8, 9, 10, 24, 25)
-
-
2. (canceled)
-
4. (canceled)
-
11. A computer-implemented system, comprising:
-
a secure element; and a control software application within the secure element, the control software application having defined therein at least a first access type, a second access type, a first access key, and a second access key for a plurality of memory blocks within the secure element namespace, wherein each of the first access key and the second access key provides one of the first access type, or the second access type to the plurality of memory blocks within the secure element, wherein the first access type comprises surrender of control for memory blocks controlled by the first access type such that an initial owner of the memory blocks controlled by the first access type cannot reclaim the memory blocks controlled by the first access type without cooperation of a current user of the memory blocks controlled by the first access type, and wherein the second access type comprises a surrender of control by an initial owner of the memory blocks controlled by the second access type to a current user such that the initial owner of the memory blocks controlled by the second access type can reclaim the memory blocks controlled by the second access type without cooperation of the current user of the memory blocks controlled by the second access type. - View Dependent Claims (12, 14, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
13. (canceled)
-
15. (canceled)
Specification