Integrated circuit card with application history list
First Claim
1. A method of loading an application copy onto an integrated circuit card, wherein said application cop'"'"'y comprises application code and application data and a portion of said application data comprises units of value that may be exchanged for goods or services, andwherein said application copy is one of a plurality of copies of an application, said application copy having an associated application identifier that uniquely identifies said application from other applications and an application copy number that is unique for each copy of said application, said integrated circuit card comprising a microprocessor and memory coupled to said microprocessor, said memory comprising an application history list area for storing application identifiers and application copy numbers of applications that have been previously loaded onto said integrated circuit card, said method comprising:
- receiving by said integrated circuit card said application copy, said application identifier, and said application copy number;
determining by said integrated circuit card whether said application identifier and said application copy number are contained in said application history list area; and
failing to load said application copy by said integrated circuit card if said application identifier and said application copy number are contained in said application history list area;
transmitting said application copy, said application identifier, and said application copy number to said integrated circuit card by an application provider;
encrypting by said application provider at least a portion of said application copy before transmitting said application copy to said integrated circuit card;
transmitting by said application provider a key transformation unit comprising information relating to the encryption of said portion of said application copy;
wherein said integrated circuit card has a first public key pair, and further comprising the steps of;
encrypting said key transformation unit by said application provider with the public key of said first public key pair before transmitting said key transformation unit to said integrated circuit card;
decrypting by said integrated circuit card said encrypted key transformation unit with the secret key of said first public key pair; and
decrypting said application copy using the information contained in said decrypted key transformation unit;
wherein said application provider has a second public key pair, and further comprising the steps of;
forming a signed application copy by said application provider by encrypting said application copy with the secret key of said second public key pair; and
transmitting by said application provider said signed application copy to said integrated circuit card;
registering the public key of said second public key pair with a certification authority, which has a third public key pair;
providing a certificate by said certification authority to said application provider by encrypting the public key of said second public key pair with the secret key of said third public key pair; and
transmitting said certificate by said application provider to said integrated circuit card;
obtaining the public key of said second key pair by said integrated circuit card by decrypting said certificate using the public key of said third public key pair;
verifying by said integrated circuit card said signed application copy using the public key of said second public key pair; and
failing to load said application copy by said integrated circuit card if said signed application copy is not verified.
1 Assignment
0 Petitions
Accused Products
Abstract
There is provided an integrated circuit card for loading an application copy thereon and a method of loading an application copy onto the integrated circuit card, wherein the application copy is one of a plurality of copies of an application. The application copy has an associated application identifier that uniquely identifies the application from other applications and an application copy number that is unique for each copy of the application. The integrated circuit card includes a microprocessor and a memory coupled to the microprocessor. The memory includes an application history list area for storing application identifiers and application copy numbers of applications that have been previously loaded onto the integrated circuit card. The method includes receiving by the integrated circuit card the application copy, the application identifier, and the application copy number; determining by the integrated circuit card whether the application identifier and the application copy number are contained in the application history list area; and failing to load the application copy by the integrated circuit card if the application identifier and the application copy number are contained in the application history list area.
-
Citations
5 Claims
-
1. A method of loading an application copy onto an integrated circuit card, wherein said application cop'"'"'y comprises application code and application data and a portion of said application data comprises units of value that may be exchanged for goods or services, and
wherein said application copy is one of a plurality of copies of an application, said application copy having an associated application identifier that uniquely identifies said application from other applications and an application copy number that is unique for each copy of said application, said integrated circuit card comprising a microprocessor and memory coupled to said microprocessor, said memory comprising an application history list area for storing application identifiers and application copy numbers of applications that have been previously loaded onto said integrated circuit card, said method comprising: -
receiving by said integrated circuit card said application copy, said application identifier, and said application copy number;
determining by said integrated circuit card whether said application identifier and said application copy number are contained in said application history list area; and
failing to load said application copy by said integrated circuit card if said application identifier and said application copy number are contained in said application history list area;
transmitting said application copy, said application identifier, and said application copy number to said integrated circuit card by an application provider;
encrypting by said application provider at least a portion of said application copy before transmitting said application copy to said integrated circuit card;
transmitting by said application provider a key transformation unit comprising information relating to the encryption of said portion of said application copy;
wherein said integrated circuit card has a first public key pair, and further comprising the steps of;
encrypting said key transformation unit by said application provider with the public key of said first public key pair before transmitting said key transformation unit to said integrated circuit card;
decrypting by said integrated circuit card said encrypted key transformation unit with the secret key of said first public key pair; and
decrypting said application copy using the information contained in said decrypted key transformation unit;
wherein said application provider has a second public key pair, and further comprising the steps of;
forming a signed application copy by said application provider by encrypting said application copy with the secret key of said second public key pair; and
transmitting by said application provider said signed application copy to said integrated circuit card;
registering the public key of said second public key pair with a certification authority, which has a third public key pair;
providing a certificate by said certification authority to said application provider by encrypting the public key of said second public key pair with the secret key of said third public key pair; and
transmitting said certificate by said application provider to said integrated circuit card;
obtaining the public key of said second key pair by said integrated circuit card by decrypting said certificate using the public key of said third public key pair;
verifying by said integrated circuit card said signed application copy using the public key of said second public key pair; and
failing to load said application copy by said integrated circuit card if said signed application copy is not verified. - View Dependent Claims (2, 3, 4, 5)
allocating a predetermined portion of said memory for said application history list area;
determining by said integrated circuit card whether said application history list area is full; and
failing to load said application copy if said application history list is full.
-
-
3. The method of claim 1, further comprising the step of:
adding said application identifier and said application copy number to said application history list area if said application identifier and said application copy number are not contained in said application history list area.
-
4. The method of claim 1, further including the step of:
adding said application identifier and said application copy number to said application history list area if said application identifier and said application copy number are not contained in said application history list area and said application copy number is not zero.
-
5. The method of claim 1, wherein said application copy comprises application code and application data and wherein said application identifier and said application copy number are contained in said application data.
Specification