MXPA06005280A - Method for writing data and applications into identification media - Google Patents

Abstract

The invention relates to a method for writing data into identification media of various types (IM-X, IM-Y) via assigned write/read stations WR. According to said method, a virtual, identification media-independent reference file system RFS is defined. All access keys RKi are replaced by a file system key FSK and all access rights ACi of subsections Bi are suspended and a file system FS, corresponding to the reference file system RFS, is initialized or written into the identification media:(FS(IM-X), FS(IM-Y)). In doing so, a file system starting point (FS-S(IM-X), FS-S(IM-Y)) is defined in the identification media (IM(FS) and in the assigned read/write stations WR(RFS) so that applications (App(RFS) corresponding to the virtual reference file system RFS can be written into the identification media and executed. The inventive method allows for the writing into or execution of generally defined applications (App(RFS) into initialized identification media of various types (IM-X(FS), IM-Y(FS)) without adapting them.

Description

METHOD FOR RECORDING DATA AND APPLICATIONS IN MEANS OF IDENTIFICATION DESCRIPTION OF THE INVENTION The invention relates to a method for recording an organization of data respectively corresponding data, associated with a data organization, in identification means, according to the preamble of claim 1, as well as with an identification means with a data organization according to the preamble of claim 22. Standard identification means of different types are known, for example contact-free identification means, chip cards or value cards, etc., of different manufacturers, which are used in a multiplicity of uses in applications of access control and security, for example, for access to services and merchandise, access to protected areas and buildings, access to data facilities, time management, etc. Such identification means correspond to different industry standards and have different memory organizations, a standard identification means is known, for example, from WO 01/01258 'which indicates a method for accessing a memory of identification means. , being that for each application you must define at least one access key and one access right. These data memories have different memory sizes and different access codes in an access area as well as access rights for partial areas. Applications must be written to conform to this memory structure. WO 97/34265 discloses, on the other hand, a system comprising special means of identification, owners and free of contact whose structure corresponds to a system of hierarchical authorization, so that several applications of different users can be recorded in the memories of these and being that the hierarchical system of authorization guarantees that independent applications can be defined and executed by independent users and being that different independent applications can not be mutually affected. In these known systems it is necessary that the means of identification (and its data organization or "File System") correspond to the organization of special data of the applications respectively of the authorization system. For this, however, special means of identification are required which are often very expensive in comparison with standard identification means.

Objective of the present invention is, therefore, to overcome the current limitations and disadvantages and facilitate access to memories of different types of identification (standard) means in a uniform manner, so that the definition and execution of applications become simpler and expand its possibilities of use. This objective is achieved inventively by a method according to claim 1 and by means of identification means according to claim 22. The dependent claims are related to improvements of the invention comprising an extension of the options for the conditioning and execution of applications for different users . The invention is explained below in more detail by means of figures and examples. The figures show: Fig. 1 the inventive method for recording an FS system of files in means (IM) of identification according to a RFS system of reference files, Fig. 2a-2c shows the functions: Initialization of a FS system of files, record and run an App application through write / read stations WR (RFS),. Fig. 3a mr standard identification medium IM comprising an application area according to the prior art, Fig. 3b an inventive identification means IM (FS) comprising an FS file system and a file system FSK key, Fig. 4 a identification means comprising a standard Adt-Ar area and a file system FS-Ar area, Fig. 5 an identification means IM (FS) comprising an authorization system A, Fig. 6 a determination of physical addresses pAd in the identification medium IM (FS) consisting of virtual vAd addresses in relation to the RFS system of reference files and the FS file system, Fig. 7 an installation (respectively a system of communication) comprising an RFS system of reference files and a host H with the applications App (RFS), writing / reading stations WR (RFS) and corresponding associated identification means IM (FS), Fig. 8 an AR search function and automatic reading reading ("Auto Read"). Fig. 1 (with Figs 3a, 3b) shows the inventive method for data recording respectively writing to IM-X, IM-Y means of identifying different types by means of associated WR write / read stations, being that the identification means have an App-Ar area of free access application for App applications with several access RKi keys and ACi access rights in each case for a partial Bi area of the application App-Ar area, being that records respectively initializes a FS file system corresponding to an RFS system of defined virtual reference files, independent of the means of identification (stage 1), all RKi access keys being replaced by an FSK file system key ( stage 2) and all the access rights ACi of the partial Bi areas (3) are suspended and then the FS file system is recorded correspondingly to the means of identification in these F S (IM-X), FS (IM-Y) (4) and in this case defined in each case a FS-S (IM-X), FS-S (IM-Y) starting point of the file system in the identification means IM (FS) (5), which is also defined in the writing / reading stations WR (RFS) corresponding to the RFS system of reference files (6), so that the App (RFS) applications defined According to the RFS system of virtual reference files, they can be recorded and executed in the IM-X (FS), IM-Y (FS) identification means through associated WR (RFS) write / read stations. Associated with the RFS system of reference files there are preferably ru rules (RFS) that determine the relationships between the different data of the reference file system. Essential elements of this new method are the RFS system of universal reference files, independent of means of identification, virtual, as well as the FS system of files dependent on identification means that is recorded according to the RFS system of virtual universal reference files in the real memories of the IM means of identification (means of 'identification standards). In short, in the inventive method the memory of the standard identification means is first emptied, then the FS system of files is recorded in an adapted manner so that the RFS App-RFS applications can then be recorded and executed. FS file system means: a system for the construction, organization and administration of data in certain memories. RFS system of reference files means: an abstract, virtual model of a file system (independent of real memories) for the organization of data in a data carrier, so that this data is available to a user for the definition and execution of applications within the framework of a communication system. Data recording according to the inventive method means on the one hand the overwriting of physical memory addresses pAd of recordable physical memory one or more times and on the other the recording of data in non-recorded physical memory addresses pAd that are recordable once or several times. Fig. 1 shows in this two types X, Y of IM-Z, IM-Y standard identification means with different data organization of RKi, access RKj keys respectively, Bi areas, partial Bj and rights ACi, ACj of access (as they are also represented in Fig. 3a). For this, an RFS system of virtual reference files is defined, preferably with ru rules (RFS) comprising a FS-S (IM-X), FS-S (IM-Y) starting point of the file system, as well as comprising an associated file system FSK key. Through an associated write / read station WR (RFS), the IM-X, IM-Y standard identification means are initialized via steps 1 to 5 with the file system FS system and converted into IM-X media (FS), IM-Y (FS) identification. In this the file system FSK key is recorded, the points FS-S (IM-X), FS-S (IM-Y). file system and systems FS (IM-X), FS (IM-Y) files according to type X, Y of the means of identification and suspend or delete the keys RKi, RKj-, access, so that access to the entire FS area of the file system is possible with the FSK key. The corresponding application (RFS) applications, for example from a host H using the write / read station WR (RFS) in steps 6, 7, 8 as App / RFS-, can then be recorded in the RFS system of reference files. FS (IM-X), App (RFS) -FS (IM-Y) on the means of identification and execute. Fig. 1 also shows that the file system FS is performed in a differentiated manner according to the type X, Y of the identification means, that is, it adapts optimally to the type and memory structure of the identification means. The access to an application is done in this by the file system key FSK (in step 20) and the file system start point FS-S (step 21) to the application (in step 22). Fig. 2a-c show, as a complement to Fig. 1, how three different functions of the associated writing / reading stations differ in the inventive method: initializing a FS file system, recording an application and executing an application . a) The initialization of the identification means IM by a write / read station WR (RFS) corresponds to steps 1-5 (of Fig. 1). Prerequisite for this is a WR (RFS) -Ini write / read station having this function Ini "initialize" that knows the type of IM-X media, IM-Y identification and its access RKi key, and that it contains the RFS system of reference files and the FSK file system key. This results in the IM-X (FS), IM-Y (FS) identification means initialized with the FS-S (IM-X), FS-S (IM-Y) points of file system start points. b) Recording an App (RFS) application below requires a WR (RFS) -WAPP write / read station with a "record" WApp function, corresponding to step 7. Previous condition is again the knowledge of FSK and FS-S (according to step 6) as well as the App application (RFS), From this results an IM (FS) means of identification with the App application ( RFS). c) The execution of an application App (RFS) requires a WR (RFS) -RApp write / read station with an "execute" RApp function, according to step 8. The associated write / read stations WR (RFS) can, therefore, provide yourself with the functions required to initialize. (Ini), record (WApp) and / or execute (RApp) according to your intended applications.

The initialization of all means of identification of an entire system of a system owner can be limited, in principle, to a single station WR (RFS) -Initialization-writing / reading. This Ini function corresponds to a maximum hierarchy stage. The WApp "record" function of applications can be entered, respectively initialized to a lower next hierarchy stage in the write / read station WR (RFS) -WApp, for example, by an independent SSC user according to its independent App application. And the RApp function "execute" of an application can be introduced again in a lower hierarchy stage. Practically, the writing / reading stations WR contain with the function to record generally also the corresponding function of executing an application. The initialization or introduction or release of these functions Ini, WApp and RApp in the writing / reading stations WR (RFS) can be performed, and also modified, by means of AM authorization facilities or appropriate authorization means AIM, that is, by equipment or .program (code) appropriate. The access to the FS file system is preferably done through the file system start point FS-S, .- The FS-S (IM-X), FS-S (IM-Y) system start point can be detected by the associated write / read stations WR (RFS) by recognizing the type (X, Y) of the identification means, for example, in the frame of the communication by the evaluation (analysis) of the UID number of unique identification, and defined in this way (step 6) in case it is not yet known in the writing / reading station, for the execution of the applications. A great advantage of the inventive method is that an application App (RFS) defined according to the RFS system determinations of reference files can be registered without adaptation in any IM (FS) initialized standard identification medium that is contained in the FS file system . Thanks to this it is possible that also a back-end system / host H or a write / read station WR (RFS) executes an application App (RFS) thus defined in discrete initialized identification means (FS) without adaptation to the means of identification Fig. 3a shows a standard identification means IM which is transformed into an inventively initialized identification means IM (FS) - according to Fig. 3b. The IM means of, standard identification according to Fig. 3a has a Man area of the manufacturer fixedly established with a unique identification number ÜID and possibly other manufacturer data, for example, memory size and other indications; as well as a standard Std-Ar area. The standard area consists of an access key RK-Ar area comprising access RKi keys and a standard application Std-App-Ar area comprising partial Bi areas and Appi applications, which in each case have ACi access rights. The identification means IM (FS) initialized according to Fig. 3b, on the other hand, has a file system area F? -Ar comprising a file system key FSK and a larger file system area FS compared to the standard application Std-App-Ar area comprising a .FS-S file system start point, here with a FS-H file system header and an FS-App-Ar area of file system application with Appl applications - App3 of independent SSC1 -SSC3 users. All access rights ACi of the standard IM identification medium are suspended respectively canceled, so that access to the entire file system FS area and applications can be made directly using the FSK file system key. The RK-Ar area of access code is available here, therefore, also for applications. In this example, the file system respectively the system FS area of files are subdivided into a Header FS-H file system that sets the organization to the file system area and an FS-App-Ar area of file system application. The access to the applications App (RFS) is done through stages 20 - 22: by means of the file system FSK key to the file system start FS-S point respectively to the file system FS-H header and then to the App application. The FS-H file system header contains in this IMI information about the means of identification as manufacturer and memory size, if these are not found in the Man area of the manufacturer, and through the FS system of files such as file system FSv version, data organization, access rights and cryp coding functions (in accordance with security requirements) . Preferably, the file system start point FS-S is found here in the FS-H file system header. Depending on the desirable organization of the application and its rights, it can be determined that with the file system key FSK, access is only had to the FS-S starting point of the file system-or to the FS-H file system header - and not to the application FS-App-Ar area. In this case, for example, for an application and / or a separate SSC user, an associated FSK-App key controlling access to a corresponding application can be introduced, in the example of Fig. 3b to the Appl application (via steps 22a from FS-H to FSK-App and 22b from FSK-App to Appl). As additional information a control signal (Flag) fl can be placed after recording the FS system of files in the medium IM (FS) identification signaling the initialization. In addition, control conditions can be recorded in addition to initialization information: Control conditions that, for example, determine a number of accesses - to the file system or an expiration date and initialization information that indicate under what conditions, when , how, with which WR (RFS) -Ini write / read station and by whom an FS initialization was performed. The control conditions fls or the initialization information fli allow, for example, also a flexible use of the application area FS-App-Ar. When recording the FS file system (initialization) it is certainly written in the entire application FS-App-Ar area, pro can also be released only a partial area for use (to record) by a first SSCl user that the user requires and for which he pays. This first user or a second independent user SSC2 can then obtain the release of a second partial area by subsequent recording (subsequent initialization) to extend an existing or new application. In this way it is possible to dispense IM identification means with memory areas of different sizes (and corresponding FS-Ar areas of different size file systems). An ID medium with a large memory area can be sold to SSC users as a means of identification with a small memory area. The manufacturer respectively the seller of IM identification means take advantage of this way of "economies of scale" for the IM identification means. with large memory area, while the SSC user does not have to pay a higher price, compared to the means of identification with small memory area, for a means of identification with large memory area but FS-App-Ar area of application released only partially. The size of the application FS-App-Ar area released can be part of the information >IM? By means of the control fie conditions or the initialization fli information it can also be defined if a subsequent recording is allowed respectively within what period and under what conditions this is allowed. Another security condition can be introduced allowing SSCi users to record and run Appi applications can access the file system FS-H header only in read mode respectively only partial write, for example, to record once a right Access specific to the application or the user, so that users can not change or affect the organization of the FS system of files, being that these can be set only by the owner of the system (at the highest level of hierarchy). Compared to the access rights ACi of the standard identification IM means, the access rights of the file system have the same function, but are organized in a flexible manner. thus offering a great advantage. This allows, for example, the definition of keys respectively of access rights or RM administrations of flexible full rights (in contrast to the fixed FSK-App keys), for example in the form of "stamps" for accessing an application Appi that can be composed of the following parts: - of independent parts of the FS-H file system header application, that is, of parts that are determined by the RFS system of reference files respectively the ru rules (RFS) and / or authorization system A and that can not be modified, - of specific parts for the FS-H file system header application, such as access rights that can be recorded one or more times, of specific parts for the application (recordable once or several times) of an App in the application area FS-App-Ar, for example, an application start point App-S according to Fig. 3b. An essential advantage of such flexible keys is that it is not necessary to exchange keys between the write / read station and the identification means. According to the rules of the ru system (RFS) of reference files, it is determined what a write / read station WR (RFS) must read in an IM (FS) identification means and compare respectively evaluate as -key. The ru rules (RFS) of the reference file system determine the architecture and data structure as well as the access rights to the file system and the applications respectively determine the corresponding keys (stamps). The determination of applications by means of an RFS system of reference files respectively Ru rules (RFS) allows - in comparison with the determination of standard identification means - a virtual rights management RM, independent of the means of identification in the Write / read WR (RFS) device based on the virtual vAd addresses of the RFS system of reference files. Due to the fact that in the WR (Write / Read) devices WR (RFS) are respectively managed only by virtual vAd addresses, respectively by the corresponding virtual Li lists (Fig. 6) and not by lists of physical rights of rights (keys), it can be dispensed with. the adaptation of the RM administration of rights when changing an application, that is, it is not necessary to record updated lists with new physical addresses pAd in the writing / reading station WR (RFS). An extremely important advantage lies in the fact that, thanks to the rules ru (RFS) of the reference file system, it can be ensured that independent SSC1, SSC2 users, who can not influence each other, can be recorded and exercise standard identification means Autonomous and independent initialized, that is, independent applications of independent users can be designed, modified and recorded in initialized IM (FS) identification media and also exercised independently of each other, without any agreement, and - only determined by the rules ru (RFS) of the reference file system. This is not possible with known standard identification means - in the case of these it is required a coordination respectively an agreement between different users in relation to access rights. The standard identification means needed to record the FS file system can be specified for the SSCi users by the highest hierarchical level that is responsible, for example, for the use control of the WR (RFS) stations - initialization write / read or they can also be distributed exclusively. But it is also possible for an SSCi user to specify a certain type of standard identification means to record the FS file system. Fig. 3b shows, as another advantageous embodiment of the invention, also the introduction of an application start point App-S for application App3 with steps 22c, 22d. Based on the RFS system of reference files and their rules ru (RFS) is defined by the initialization and determination of a FS-S starting point of file system respectively by recording a FS-H header system file also at least one - App-S application start point (implicitly also as virtual address or explicitly as-physical address). With regard to this point App-S of application start can be recorded and executed (and for this also to be found) then an application. As shown in the example of Fig. 3b, access using the file system start point FS-S or also through another point of a file system FS-H header to an application start point App3-S for the App3 application via steps 20, 21 , 22c, 22d. There is also the option of entering a list of App-S application start points in a file system FS-H header or in a selected reading station WR (RFS) (as shown in Fig. 6) . Then you can have a direct (fast) access to the application start points and with this also to the application and it is no longer necessary to carry out the calculation of the application initiation points (for example based on the type of application). application) . If, for example, a first Appl-S application start point of a first Appl application is determined at the initialization of the identification means, then it is no longer possible to select it within the framework of the recording of a first Appl application. For other applications App2, App3, however, your points can be fixed, .. App2-S, Application initiation App3-S also with the recording of the application and included in a 'list of application start points ( see Fig. 6). Applications recorded in relation to an application start point App-S can be privileged during execution, being that they are called first or directly, independently how many applications have been previously recorded. Fig. 4 shows an IM + IM (FS) identification means having both a standard Std-Ar area with access RKi keys and access rights ACi for partial Bi areas and with standard App (Std) applications of known type, as well as a file system FS-Ar area that contains App (RFS) applications that correspond to the reference file system. With this, combined IM + IM (FS) identification means can be used both for conventional standard App (Std) applications and also for the new inventive App (RFS) applications in each case in stations WR (Std) respectively WR (RFS) of corresponding writing / reading. In a communication system or in an installation with existing known App (Std) applications, new inventive applications (RFS) with the writing / reading stations and associated identification means can be introduced in stages, as desired and at discretionary times. corresponding. You can save the same application during a transition time in a medium, identification of both the conventional type and App (Std) in the Std-Ar standard area and also corresponding to the RFS system of reference files such as App (RFS) in the file system FS-Ar area. Correspondingly, the application can be executed with a conventional write / read station WR (Std) and also with the new reference file system write / read station WR (RFS). It is thus possible to replace a conventional standard system with a new RFS system in stages. This is also shown in FIG. 7. It is thus possible to also transform such combined IM + IM (FS) identification means by initialization of the standard area into completely initialized IM (FS) identification means. As already mentioned, the mutual independence of independent applications of independent users can be guaranteed by ru rules (RFS) of the system of reference files configured accordingly. But it is also possible to introduce a hierarchical authorization system A with rules ru (A) for this purpose, as shown, for example, in Fig. 5. It can be ensured in this by the rules ru (RFS, A) combined , that correspond, with the RFS system of reference files and with the authorization system A, that different independent applications of different independent users can be carried out independently and that they can not influence each other. At first, the RFS system of reference files for the initialization of identification means with the corresponding file system FS system and the concept of an authorization system A are independent of each other. A system of hierarchical authorization A is manifested, for example, in WO 97/34265 comprising the introduction of different levels of organization, being that the highest level of organization is associated with the owner of the system and by means of which a stamp is introduced (which determines access rights in accordance with organization levels 1, 2, 3, 4) in the means of identification according to desirable applications. As a combination of both RFS and A systems, the reference file system may be of a higher rank in this and the authorization system A may be made only within the framework of the applications that are recorded: RFS (A), as corresponds to the example shown in Fig. 5. In this case two different authorization systems could also be subordinated to the RFS system of reference files: RFS (Al,, A2), for example an older authorization system and a newer one.

Conversely, it would also be possible for the system A authorization has a higher rank than the RFS system of reference files: A (RFS), being that for example the file system FSK key or also the FS-H file system header was independent of A, for example, being that the FSK file system key or parts of the FS-H file system header, such as the control fls conditions or the initialization fli information, are associated with organizational levels of the system owner or a user • SSC. Thus, hierarchical systems can be realized, among other possibilities, also with the help of FSK file system keys. Of course it is also possible that independent users, if both wish, make some applications together. J The access to an application is made in the example according to Fig. 5 through a stamp that determines the rights of access in the levels 1, 2, 3, 4 of organization associated with the application. The access to the file system area FS respectively the area FS-App-Ar of the identification means' is determined here according to the specifications and rules ru (A) of system A of hierarchical authorization.

Such co- 'shows Fig. 6 how to determine and find the physical address pAd (IM) in an identification medium IM (FS) from the virtual vAd (FS (IM)) address in the identification means with reference to the FS (IM) file system and through - the physical address of a reference point, preferably with the physical address pAd (FS-S (IM)) of the starting FS-S point as the reference address in the middle of identification. By means of the functions f, g the link of the addresses is defined: the function f: vAd (FS (IM)) = f (vAd (RFS), FS (IM)) links the vAd address (FS (IM)) virtual in the identification means IM with reference to the file system according to the function f and the physical address pAd (FS-S (IM)) of the starting point FS-S (according to steps 12, 13, 14). The physical address searched for can be a pAd (IM) address in the FS-H file system header or also a pAd (IM) -App address in the application FS-App-Ar area. Functions f and g are preferably executed in a write / read station WR (RFS) such as f (WR (RFS)), g (WR (RFS)), whereby logical intelligence, for example a microprocessor uP, is bicated in the WR write / read station. Completely or alternatively, it is possible to execute the functions f and g also in a host H as f (WR (RFS), H), g (WR (RFS), H) respectively f (H (RFS)), g (H (RFS)), where in the latter case there must be an in-line connection between WR and H. The identification means usually serves as memory for the application data. But it is also possible to execute the function g partially in the identification means, when it contains a corresponding processor intelligence (a microprocessor uP), according to a function g (WR (RFS), IM (FS)). In the framework of the initialization of the file system in the identification means, the functions f and g are executed for the FSK file system key, the FS-S system start point and / or a FS-H file system header . Only until the recording and execution of an application do the f and g functions encompass the complete FS file system including the FS-App-Ar area. The definition of an application (of the data structure and the meaning of the individual addresses) is made based on the virtual vAd (RFS) addresses of the reference file system. An adaptation of an application to the respectively virtual physical addresses of identification means respectively to the FS (IM-X), FS (IM-Y) system of files is no longer necessary, since this is carried out automatically by means of the initialization (the recording) of a 1M means of identification with an FS (IM) system of files and with the recording of an application in the corresponding identification means. Fig. 6 further shows that the addresses can be recorded by App-S application start points in a file system FS-H header or in a selected write / read WR (RFS) station., that is, here in a list Li preferably comprising virtual vAd addresses. App-S application start points can execute applications more directly and quickly. Fig. 7 shows a communication system respectively an installation comprising an RFS system of virtual reference files, independent of identification means, with initialized identification means IM (FS), with associated write / read stations WR (RFS), as well as with applications App (RFS) that correspond to the RFS system of reference files and their rules ru (RFS). 'Appl, App2, App3 independent of independent SSC1, SSC2, SSC3 users are also represented here as an example, since there is more than one reference file system, here RFS1 and RFS2, in each case with ru rules (RFSl ), ru (RFS2) and with associated FSK1, FSK2 keys. These could also be different RFSv versions of a reference file system, for example, an old version and a new version. The Appl, App2, AppT applications of the SSCl and SSC2 users correspond to the RFSl file system and the App3 application of the SSC3 user to the RFS2 reference file system. These different applications can be executed through corresponding associated write / read stations WR (RFS-App) corresponding with corresponding associated identification means IM (FS). Two types of initialized IM-X (FS) and IM-Y (FS) identification media are represented which may contain, in principle, arbitrary combinations of corresponding reference file system applications. It is also possible to limit the initialization of the FS system of files in the identification means IM to these additionally to a certain type. For example, different types of users are initialized with it, that is, an IT type of the user SSCl and a type T2 of the user SSC2, that is, an information that depends on the type is determined by initialization. A type of function can consist, for example, of counting cards that determine a number of executions, of use, the duration time or an expiration date, etc., preferably based on a control sign fl, a control condition fie and / or initialization fli information, that is, as T (fl, fie, fli). An example IM-X-T (FS) identification means that is limited to a certain type, here as the SSCl user type, and that is accessible only to him, is shown below. The applications can be recorded through a host H or also through an AM means of authorization respectively AIM means of identification and authorization by the corresponding write / read stations in the desirable identification means or executed with these. The communication system of Fig. 7 may also contain standard App (Std) applications with standard write / read stations WR (Std). Here is an example of a. IM + IM (FS) combination identification medium containing both a standard Std-Ar area with App (Std) applications and an FS-Ar area with App applications (RFS). It is possible, therefore, to realize communication systems with different industrial standards and with RFS systems for a multiplicity of different applications. Fig. 8_,. shows as an advantageous development of the invention an automatic "Auto Read" AR search and reading function, which allows searching and reading a series of RFS system data of reference files of identification means (information) of different type and compiling them by means of a DFG generator of freely configurable data format. This is carried out in 3 steps: 1. Search of the information respectively desirable data according to defined Q search criteria. 2. Reading of the data and eventually conversion to RFS. 3. Compilation of the data in the desirable format and broadcast to a host interface. For this, a search and read function defined according to the RFS system of reference files is defined, being that with this it is possible to issue a search command AR (Q) according to search criteria Q for the reading of certain determined data of the means (IM-X (FS), IM-Y (FS)) by means of a Write / read station WR (RFS) and the AR (IM (FS) (data)) data searched on the identification means is read as a response and processed in the write / read station by compiling an AR set (RFS) (data) of data corresponding to the AR (Q) search command. This processing to compile an AR set (RFS) of data can preferably be done by a DFG generator of data format. The data format generator DFG can be part of the uP microprocessor of the write / read station WR or integrated into it or can form a separate component. The AR (IM (FS) (data)) data searched for the means of identification may also contain data from the Man area of the producer and the AR (RFS) (data) set of response data may also contain data WR (data) from the writing / reading station. The searched IM (FS) data may comprise several applications (Appl (FS), App2 (FS)). Data of write / read station WR and parameters such as search criteria Q that define the AR function of Auto Read may be contained in an IDB bank of information data. The Q search criteria can be freely configurable within the framework of the RFS respectively of an App App (RFS). But they can also be saved in the form of a preconfiguration in the write / read station WR (RFS) in an IDB bank of information data and called by the AR Auto function Read. The AR data (IM (FS) (data)) searched in the information media can comprise data from different applications (Appl, App2, App3), from the FS-Ar area of the file system (for example, access rights, control fl signs) and the manufacturer's Man area (for example, UID).

The entire AR (RFS) set of responses can also comprise WR data (data) from the WR. As an additional variant, Fig. 8 shows an additional proprietary M system that does not correspond to the RFS system, here for example a system with magnetic IM-M cards, magnetic card reader WR (M), AppM applications and with AppM data (data ) (or analogously with this, for example, also a system with Wiegand data format). With the AR function of search and reading and with the DFG data generator, AR sets (RFS) of response data corresponding to the AppM (data) can be generated. For this, the AppM application is integrated as a search QR (Q, AppM) command to the communication system comprising the RFS system of reference files, without it being necessary to re-write the AppM application in a host. This allows a stepwise migration of such systems (M) up to now owners to an RFS communication system. Automatic auto search and reading function Read AR represents, in principle, a special App (RFS) application according to the RFS system of reference files. Important advantages of the invention lie in the fact that users have standard identification means of different types according to different ISO standards and from different manufacturers that can all be used in a uniform manner for applications defined according to an identical reference file system. Identical applications run, therefore, in the different means of identification without requiring adaptation to these means, as was necessary until now. And it allows users to define, record and execute these applications completely independently of each other. This allows an essential simplification and also an extension of the possibilities of application. In the description the following designations are used: 1-8, 10-14, 20-22 stages (of the method) IM identification means IM-X, IM-Y IM standard de. different type X, Y IM (FS) IM with FS RKi access key RK-Ar access area ACi access rights Bi partial areas, Man blocks Manufacturer area App-Ar application area FS-Ar file system area? td-Ar standard area RFS, RFSl, RFS2-.system, virtual reference files RFSv version of RFS FS file system corresponding to RFS FSv File system version FSK file system key (access key) FS (IM) file system in the middle of identification FS (IM-X), FS (IM-Y) file system corresponding to IM-X , IM-Y FS-S file system start point FS-S (IM-X), FS-S (IM-Y) file system start point in the corresponding IM FS-H file system header (header) FS-App-Ar application area of FS Std -App-Ar standard application area WR write / read station WR (RFS) WR corresponding to RFS Ini, WApp, RApp functions of the WR RM 'rights management (Rights Management) App App App (Std) standard application App ( RFS) corresponding application to RFS App-S application start point T, TI, T2, Ti IM types (FS) H background system, host A authorization system ru RFS rules respectively A aci RFS access rights respectively A fl control sign, indicator control conditions fli initialization information cryp encryption SSC independent user IMI information about IM and FS UID unique identification number (ünique Identifition Number) vAd virtual address pAd physical address Li list with addresses f, g functions in WR, H AM medium or authorization code AIM means of authorization, identification AR search and read function (Auto Read) AR (Q) '- command ... search Q search criteria DFG data format generator AR (IM (FS) (data)) data searched for IM WR (data) data from WR AR (RFS) (data) response data set IDB data bank information at WR uP microprocessor in WR IM-M, WR (M) means of identification, stations reading AppM, AppM (data) applications and System application data without RFS

Claims (15)

1. Method for recording data in different type of identification means through associated writing / reading stations, the identification means comprising an application area freely accessible for applications with several access codes and access rights in each case for partial areas of the application area, characterized in that a file system is initialized, respectively, that corresponds to a defined, virtual reference file system, independent of the identification means (1), because all the access codes are replaced with a system key of files (2) and all the access rights of the partial areas are suspended (3) and then the file system is recorded corresponding to the means of identification in these (4) and in this respectively a starting point of file system is defined in the means of identification (5) being that it is also defined in the associated writing / reading stations corresponding to the reference file system (6), so that applications defined according to the reference file system can be recorded on the identification means by means of writing / reading stations associated and executed . Method according to claim 1, characterized in that the reference file system comprises rules. Method according to claim 2, characterized in that the rules of the reference file system correspond to a hierarchical authorization system. Method according to claim 2, characterized in that the rules of the reference file system ensure that independent users can independently record and exercise independently independent applications that can not influence each other. Method according to claim 1, characterized in that it is applied respectively to record more than one system, of reference files with the corresponding file system keys and file system start points (respectively several RFSv versions). Method according to claim 1, characterized in that the identification means comprise a standard area with access keys and access rights for partial areas. Method according to claim 1, characterized in that access to the file system is carried out through the file system start point. The method according to claim 1, characterized in that the file system is subdivided into a file system Header and a file system application area and / or because the file system start point is located in a file system. the file system header. Method according to claim 8, characterized in that the file system key can only be accessed at the file system start point or the file system header. Method according to claim 1, characterized in that at least one application start point is defined in the identification means. Method according to claim 10, characterized in that a first application start point is defined with the definition of the starting point of the file system or with the recording of a file system header. Method according to claim 1, characterized in that a background / host system or a writing / reading station can execute an application defined according to the specifications of the reference file system on arbitrary identification means with the file system without adaptation to the means of identification. Method according to claim 1, characterized in that the starting point of the file system is detected in the write / read stations by the recognition of the type of the identification means and thus defined. Method according to claim 1, characterized in that after recording the file system in the identification means a control sign or a control condition is placed or an initialization information is recorded. 15. Method according to claim 14, characterized in that the size of the free (available) application area is determined by the control condition or the initialization information. 16. Method according to claim 1, characterized in that a physical address in an identification means is determined in the following manner: from a virtual address in the identification means with reference to the file system and the physical address of the point pAd ( FS-S (IM)) start as reference address in the identification medium. Method according to claim 1, characterized in that .. the identification means are restricted to a certain type by the initialization of the file system. Method according to claim 17, characterized in that the restriction of an identification means to a determined type is carried out by means of a control sign, a control condition and / or an initialization information or because the identification means are initialized as a type of a specific user or as functional types such as counting cards that, for example, detect the number of accesses or the duration or also determine an expiration date. 19. Method according to claim 1, characterized in that a search and read function is defined Auto Read defined according to the reference file system that allows issuing a search command according to search criteria to read certain data that is searched in media of identification by a write / read station and being that, in response, these searched data are extracted from the identification means and processed in the write / read station by means of a data format generator to form a corresponding data set, to the search command. The method according to claim 19, characterized in that the searched data of the information means also contain data from the manufacturer area and that the response data set also contains data from the write / read station. The method according to claim 19, characterized in that the searched data comprises several applications. 2

2. Identification means for associated writing / reading stations comprising an accessible application area for applications with several access keys and access rights in each case for partial areas of the application area, characterized in that it contains a file system corresponding to a defined, virtual reference file system, independent of means of identification, being that all the access codes are replaced by a file system access code and all the access rights of the partial areas are suspended and the system of files is recorded correspondingly to the identification means in these and in this a starting point of file system is defined in the identification means which is also defined in the associated write / read stations corresponding to the file system of reference, so that some applications defined according to the file system of virtual reference can be- ", recorded in the means of identification through the writing and reading stations associated and executed. 2

3. Communication system comprising a defined, virtual reference file system, independent of identification means comprising identification means according to claim 22 with associated writing / reading stations and with applications corresponding to the reference file system.