摘要 |
A programmable smartcard device (10) carries a file system (22, 24) and operating software enabling the on-device file system to interface with at least one off-device file and/or application. It also has a script engine (32) capable of running one or more Application Protocol Data Units (1APDUs') associated with a particular form of transaction so as to modify the structure and/or content of the file system, or the commands to be used for accessing the file system or any security conditions associated therewith. The smartcard device (10) is provided with comparator means (34) configurable by a security APDU run by the script engine (32) so that it operates in use to compare the commands carried out in implementing the transaction with one or more reference commands and to restrict or prevent further access or modifications to the on-device data, file system, commands or security conditions in dependence on the outcome of the comparison carried out by the comparator means (34). Thus, the smartcard device can, because the comparator (34) is configured for each different kind of transaction to be carried out, provide improved security within the contraints of memory storage and processing power available on the smartcard device itself. |