Patent attributes
A method of managing access rights in a smart card, to subordinating execution of a command (Cmd1, Cmdk) such as reading or writing to an event (Evt1′, Evtk′) being valid, such as authentication by verifying a code. The state of validation events is stored in a register, and the access rights are stored in a command list (List_Cmd) made up of couples (Cpl1, Cplk), each associating a command with an event. On receiving a request to execute a command, a search is made in the command list (List_Cmd) for the couple (Cpl1, Cplk) that includes the requested command, and execution is refused if the search is unsuccessful. If the search is successful, then it is determined from the register (referred to as the card security state register) whether the event associated with the command is or is not valid, in order to authorize or refuse execution thereof. The invention is for use in any smart card application that involves access rights.
