JP2002344620A - User identification module - Google Patents

Abstract

(57) [Summary] To provide a user identification module with high security. SOLUTION: An ID information storage area of a UIM stores ID information for specifying an external device to which access is permitted. When the mobile device connected to the UIM receives the connection request from the external device connected to the mobile device (Step C3, Step C7), the mobile device connected to the UIM receives the connection request from the external device.
D information is output to the UIM and an authentication request is made (step C
4. Step C8). The UIM compares the ID information received from the mobile device with the ID information stored in the ID information storage area, performs authentication, and determines whether to permit an access request from the external device.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to a user identification module storing subscriber information and the like.

[0002]

2. Description of the Related Art In recent years, mobile devices using modules for storing subscriber information such as subscriber numbers and memory dial information (user identification modules; hereinafter abbreviated as UIMs) have been developed. Thus, by storing the subscriber information in the UIM without storing it in the memory area in the mobile device, the user can use a plurality of mobile devices with one UIM.

[0003]

As described above, the conventional UIM allows use with any mobile device that can use the UIM. For this reason, when the UIM is stolen or the like, the UIM may be used improperly, and there has been a problem that security cannot be maintained. The present invention has been made in view of the circumstances described above, and has as its object to provide a user identification module that can prevent unauthorized use of a UIM.

[0004]

According to a first aspect of the present invention, there is provided a user identification module, comprising: a first storage unit for storing user-specific information; and an external storage for the first storage unit. A second storage unit for storing an access condition for determining whether or not access from the first storage unit is permitted; and a second storage unit when the first storage unit is externally accessed. Access determination means for determining whether or not to allow access from the outside by referring to access conditions stored in the means.

According to a second aspect of the present invention, in the user identification module according to the first aspect, the access condition includes ID information for specifying an external device to which the access is permitted. .

According to a third aspect of the present invention, in the user identification module according to the first aspect, the access condition includes ID information for specifying a type of an external device to which the access is permitted. And

According to a fourth aspect of the present invention, in the user identification module according to the first aspect of the present invention, a third storage means for storing a password;
When there is a write request for the access condition to the second storage means from the outside, a password input is requested to the outside, and the password supplied from the outside and the password stored in the third storage means are inputted. And an access condition write determining unit that determines whether to permit the write request of the access condition to the second storage unit by comparing the access condition write request.

According to a fifth aspect of the present invention, in the user identification module according to any one of the first to fourth aspects, the external access request is transmitted from a server via a network. It is characterized by that.

[0009]

Embodiments of the present invention will be described below to make the present invention easier to understand. Such an embodiment shows one aspect of the present invention, and does not limit the present invention, and can be arbitrarily changed within the scope of the present invention.

A. First Embodiment (1) Configuration of the Embodiment FIG. 1 is a block diagram showing a configuration of a mobile device 100 to which a UIM 200 according to the present embodiment can be attached. The mobile device 100 shown in FIG.
0 and an external device such as a personal computer (hereinafter abbreviated as PC) can be connected.
The mobile device 100 includes a control unit 110 and a storage unit 120
, Operation unit 130, UIM interface unit 140
, An external device interface unit 150, and a communication unit 160
Is provided. The control unit 110 controls each unit of the mobile device 100 based on a control program or the like stored in the storage unit 120, and controls a UI connected to the mobile device 100.
It reads and writes information from and to external devices such as the M200 and a PC.

The storage unit 120 includes a ROM, a RAM, an EEP
It is constituted by a ROM or the like, and has a plurality of storage areas such as a program storage area for storing various programs and a data storage area for storing various data. Operation unit 130
Is composed of operation buttons (not shown), and in addition to inputting information such as a telephone number, the mode of the mobile device 100 can be switched according to the operation of the operation buttons. The UIM interface unit 140 supplies the information output from the control unit 110 to the UIM 200 connected to the mobile device 100, and transmits the information output from the UIM 200 to the control unit 11
Supply 0.

The external device interface unit 150 has a plurality of interface mechanisms, and the plurality of interface mechanisms include a PC interface mechanism for connecting to a PC. Voice input / output unit 15
Reference numeral 5 denotes a microphone for inputting voice, a communication unit 16
0 and a speaker for outputting the voice received. The communication unit 160 transmits various data such as voice and text message via the antenna 161 under the control of the control unit 110,
And various data transmitted to the mobile device 100 via.

FIG. 2 is a block diagram showing the configuration of the UIM 200 according to this embodiment. UIM200 is a CPU
210, external I / F 215, ROM 220, RA
M225 and an EEPROM 230 are provided. C
The PU 210 has a role of controlling each unit of the device based on a control program or the like stored in the ROM 220. The external I / F 215 is an interface for connecting to the mobile device 100. The ROM 220 is a non-volatile memory, and stores programs for performing analysis, execution, response, data management, and the like of commands supplied from the mobile device 100 in addition to the control programs.

The RAM 225 is a rewritable memory, and temporarily stores data and the like supplied from the mobile device 100. The EEPROM 230 is a rewritable nonvolatile memory, and stores information necessary for communicating with the mobile device 100, a server, an external device, and the like (hereinafter, these are collectively referred to as a mobile device, etc.).

FIG. 3 is a diagram showing a memory space of the EEPROM 230. The ID information storage area 232 contains a UIM
200 and ID information of devices permitted to exchange information. When a mobile device or the like is connected to the outside of the UIM 200, the CPU 210 refers to the ID information stored in the ID information storage area and determines whether or not to permit communication with the mobile device or the like by performing authentication. In addition, this EEPROM
230 further includes a storage area for storing user-specific personal information (subscriber information) such as a subscriber number, outgoing call history information, incoming call history information, and call time information. Since the purpose is not directly related, the explanation is omitted.

(2) Operation of Embodiment a. ID Information Writing Operation FIG. 4 shows the mobile device 100 having the UIM 200, PC1, and PC.
FIG. 5 is a diagram showing a state in which the UIM 20 is connected.
FIG. 9 is a sequence diagram for describing an operation of writing ID information to 0. The user first enters U at an electronic store or the like.
When the IM 200 is purchased, the mobile device 100, PC1 and PC2 to be registered in the UIM 200 are connected, and then the UIM 200 is mounted on the mobile device 100. Here, the ID information storage area 232 at the time of UIM purchase is empty. The user is the mobile device 10 on which the UIM 200 is mounted.
By operating the operation unit 130 of “0”, the setting mode of the mobile device 100 is switched from the voice communication mode or the like to the ID information writing mode.

When the mobile device 100 is set to the ID information write mode, the mobile device 100
A write request for D information is made (step S1). UIM
200 receives the request from the mobile device 100,
An initialization process for writing the ID information in the information storage area 232 is performed, and a response is returned (step S2). Mobile device 1
00 receives a response from the UIM 200 indicating that writing of ID information is permitted,
0 is issued to each of the PCs 1 and 2 connected to the PC 0 (step S3, step S3).
4).

PC1 and PC2 are connected from mobile station 100 to I
Upon receiving the read request for the D information, the product number assigned at the time of manufacturing and shipping is output to the mobile device 100 as ID information (steps S5 and S6). In the following description, for convenience of explanation, ID information output from PC1 is referred to as ID1, and ID information output from PC2 is referred to as ID2.
And In the present embodiment, a unique product number assigned to each hardware device is used as ID information (ie,
Although the external device corresponding to the ID information of 1 is used as only 1), for example, a predetermined operation may be performed on the product number, and a number obtained as a result of the operation may be used as the ID information.

When the mobile device 100 receives ID1 and ID2 from PC1 and PC2, respectively, it receives the ID1 and ID2.
D2 and ID information (hereinafter, referred to as ID3) corresponding to the product number assigned to the mobile device 100 itself, in the UIM20.
0 is output (step S7). When the UIM 200 receives the ID information (ID1, ID2, and ID3) corresponding to each of the PC1, PC2, and the mobile device 100 from the mobile device 100, the ID received in the ID information storage area 232 is received.
Write information (see FIG. 6). In this way, UIM
The ID information of the hardware device that can access the 200 is registered in the UIM 200.

B. Authentication Operation FIGS. 7 and 8 are sequence diagrams for describing the authentication operation of UIM 200. FIG. In the sequence shown in FIG. 8, the portions corresponding to those in FIG. 7 are denoted by the same reference numerals, and description thereof will be omitted. The following description is based on the IIM 200
ID1 to ID3 are stored in the D information storage area 232 (see FIG. 6 described above), and PC1 (ID information registered) and PC3 (ID information unregistered) are physically connected to the mobile device 100. I assume.

1) When PC1 or PC3 issues a connection request to the mobile device 100 (see FIG. 7) The user can use the mobile device 100 to which the PC1 and PC3 are connected.
After the UIM 200 is mounted on the mobile device 100, the power of the mobile device 100 is turned on. When the power is turned on, the mobile device 100 becomes the UIM2
The UIM 200 is activated by supplying an external voltage or the like to the 00. When the mobile device 100 receives a response indicating that the mobile device 100 has been normally started from the UIM 200, the mobile device 100
The ID information (ID3) of 0 is output, and a line connection request or a communication request (hereinafter, collectively referred to as a connection request) is performed (step C1). The UIM 200 performs authentication by comparing the ID information received from the mobile device 100 with the ID information stored in the ID information storage area 232. As described above, since ID1 to ID3 are stored in the ID information storage area, the UIM 200 returns a response indicating that the request is permitted based on the authentication result (step C2).

On the other hand, the PC 1 (ID information registered) connected to the external device interface 150 transmits a product number given at the time of manufacture and shipment to the mobile device 100 in order to make a connection request to the ID information (ID1). Is output to the mobile device 100 (step C3). The mobile device 100 requests to determine whether to permit the connection request from the PC 1.
The ID information (ID1) received from PC1 is transferred to UIM20.
0 to make an authentication request (step C4). UIM
200 is the ID information received from the mobile device 100 and I
Authentication is performed by comparing the ID information stored in the D information storage area 232 with the ID information. As described above, the ID information storage area 2
32 stores ID1 to ID3, the UIM
200 returns a response to the effect that the authentication was successful to the mobile device 100 (step C5). The mobile device 100 returns a response to the effect that access is permitted to the PC 1 based on the response received from the UIM 200 (step C6).

As described above, the external device interface 1
The PC 3 (ID information not registered) connected to 50 outputs a product number assigned at the time of manufacture and shipment to the mobile device 100 as ID information (ID4) in order to make a connection request to the mobile device 100. (Step C7). Mobile device 100
Is the ID information (ID) received from the PC 3 in order to request whether the connection request from the PC 3 should be permitted.
4) is output to the UIM 200, and an authentication request is made (step C8). The UIM 200 stores the ID information received from the mobile device 100 and the ID information stored in the ID information storage area 232.
Authentication is performed by comparing with D information. ID information storage area 2
32 is ID1 to ID3, whereas the received ID information is ID4, the UIM 200 sends a response indicating that the authentication has failed to the mobile device 1.
Return to 00 (step C9). The mobile device 100 is a UIM
On the basis of the response received from 200, a response to the effect that access should be denied is returned to PC1 (step C10).

After such authentication is performed, the mobile station 10
When 0 requests the UIM 200 to read the subscriber information and the like, the UIM 200 returns a response to the effect that the request is permitted based on the authentication result, and supplies the requested subscriber information and the like to the mobile device 100. Further, the PC 1 is connected to the mobile device 10.
When the UIM 200 requests the UIM 200 to read the subscriber information or the like via 0, the UIM 200 similarly supplies the requested subscriber information or the like to the PC 1. On the other hand, when the PC 3 not permitted to access the UIM 200 requests the UIM 200 to read the subscriber information or the like via the mobile device 100, the UIM 200 returns a response indicating that the request is rejected based on the authentication result. .

2) When the mobile device 100 issues a connection request to the PC1 or PC3 (see FIG. 8) In step CS4, the mobile device 100 obtains the I / O acquired from the PC1 connected to the external device interface 150.
D information (ID1) is output to UIM 200, and an authentication request is made. The UIM 200 receives the I
The authentication is performed by comparing the D information with the ID information stored in the ID information storage area 232. As described above, since ID1 to ID3 are stored in the ID information storage area 232, the UIM 200 returns a response to the effect that authentication was successful to the mobile device 100 (step C5). The mobile device 100 has a UI
Based on the response received from M200, a connection request is made to PC1 (step CS6).

On the other hand, in step CS8, the mobile station 1
00 is the P connected to the external device interface 150
The ID information (ID4) acquired from C3 is output to UIM 200, and an authentication request is made. The UIM 200 is a mobile device 10
0 and the ID information storage area 232
The authentication is performed by comparing with the ID information stored in. ID
The ID information stored in the information storage area 232 is
1 to ID3, while the received ID information is I
Since it is D4, the UIM 200 returns a response to the effect that the authentication has failed to the mobile device 100 (step C9). Mobile device 10
0 is based on the response received from UIM 200,
Abandon connection with 3. Note that the subsequent operation can be described in the same manner as in the case described above.
Omitted.

As described above, U according to this embodiment is
According to the IM 200, communication with only the specific mobile device 100 becomes possible. That is, the UIM 200 is the UIM 20
No communication is established with mobile devices other than the mobile device 100 registered in the UIM 200, and the UIM 200
Can be suppressed, and the security of the UIM 200 can be improved. Also, UI
The mobile device 100 mounted on the M200 can communicate only with a specific external device (for example, a PC). That is,
An external device different from the specific external device is
When the connection is made, the user can be rejected by authentication by the UIM 200. Therefore, the user can use the mobile device 10
It is possible to limit the use of 0 (that is, with which external device connection is allowed) and use it.

B. Application Examples of Embodiments An embodiment of the present invention has been described above. However, the above embodiment is merely an example, and various modifications can be made to the above embodiment without departing from the spirit of the present invention. is there. <Modification 1> In the above-described embodiment, a unique product number assigned to each hardware device is used as ID information (that is, only one external device corresponding to one ID information). A number commonly assigned to the same type of product may be used as ID information. Specifically, a number common to PCs of the B-type model manufactured by Company A is used as ID information, and the ID information is
Register it in M200. Such ID information is
By registering the UIM 200 in any of the PCs of the B-type model manufactured by the A company,
0 can be accessed.

Of course, without limiting external devices that allow access to the UIM 200 to products of the same type,
It is also possible to expand to external devices of the same company, etc.
The range in which access to the IM 200 is permitted may be extended to products of the same type. It should be noted that access to the UIM 200 is permitted in a range (access condition), that is, under what kind of external device (PC, printer, etc.) and under what condition (ID information, access time zone, etc.). This can be appropriately changed according to a request of a user who uses the UIM 200 or a request of a designer who designs the UIM 200.

<Modification 2> FIG. 9 is a sequence diagram for explaining an operation of writing ID information to UIM 200. The sequence shown in FIG. 9 is different from the sequence shown in FIG. 5 in that steps Sa1 to Sc1 are provided. The other processes are the same as those shown in FIG. 5, and the corresponding parts are denoted by the same reference numerals and description thereof will be omitted.

When a write request for ID information is made from the mobile station 100 to the UIM 200 (step S1), the UIM 200
200 returns a response indicating that the password should be input based on the request (step Sa1). The mobile device 100 has a UI
Upon receiving the response from M200, it prompts the user to enter a password. When the user operates the operation unit 130 to input a password, the password is supplied from the mobile device 100 to the UIM 200 (step Sb1). This password is stored in the UIM 200 in advance (for example, EEPR
OM 230).

The UIM 200 collates the password supplied from the mobile device 100 with the password stored inside the UIM 200. When the UIM 200 succeeds in the password verification (step Sc1; YES), the UIM 200
A response indicating that ID information can be written to the information storage area 232 is returned (step S2). On the other hand, if the password verification fails (step Sc1; NO), the UI
M200 returns to step Sa1, and returns a response to the effect that a password should be input to mobile device 100 again. Thereafter, when the password verification is successful (step Sc1; YE
S), the UIM 200 returns a response indicating that the ID information can be written to the ID information storage area 232 (step S2). Note that the subsequent processing is the same as that in FIG.

As described above, when there is a request to write ID information from the mobile device 100, the input of the password is requested, and only when the input password is correct, the ID is written.
By configuring to allow writing of information, the UI
The security of the M200 can be further enhanced. In the above description, a password input request is made when there is a request for writing ID information, but a password input request may be made when there is a request to read ID information, for example. Further, with respect to the above-described password input operation, for example, if the verification fails three times in succession, the password input thereafter may be set to be invalid.

<Modification 3> FIGS. 10 and 11 are sequence diagrams for explaining a case where authentication is performed in Modification 3 of the present embodiment. In the sequence shown in FIG. 11, parts corresponding to those in FIG.
Description is omitted. 10 and 11, for convenience of description, the mobile device 100, the UIM 200, the first server 30
0, only the second server 400 is illustrated, and external devices connected to the mobile device 100 (for example, the above-described PC1, PC2
Etc.) are omitted.

1) First server 300 or second server 40
0 issues a connection request to the mobile device 100 (see FIG. 10). The user first operates the operation unit 130 of the mobile device 100 to switch the setting mode from the voice communication mode or the like to the ID information writing mode. When the setting mode is switched by the user, the mobile device 100
Is requested to write ID information (step A
1). Upon receiving the request from the mobile device 100, the UIM 200 performs settings for writing ID information in the ID information storage area 232, and returns a response (Step A2).

The user operates the display unit (not shown) of the mobile device 100.
When it is determined that the ID information can be written to the UIM 200 with reference to the above, the operation unit 130 is operated,
The server-side ID information to be registered in the UIM 200 is selected. For the server-side ID information, for example, an IP address unique to each server can be used. When the user operates the operation unit 130 of the mobile device 100, the storage unit 120
When the ID information to be registered is selected from the plurality of server-side ID information stored in the
00 is output to the UIM 200 (step A3).
Here, since the ID information selected by the user is the ID information (ID20) corresponding to the first server 300, the ID information storage area 232 of the UIM 200 stores ID2.
0 is written (see FIG. 12).

After that, the first server 300
(Step A4), the mobile station 1
00 requests the UIM 200 to determine whether or not the connection request from the first server 300 should be permitted, and transmits the ID information (ID20) of the first server included in the connection request to the UIM 200.
200, and an authentication request is made (step A5). U
The IM 200 sends the I of the first server 300 from the mobile device 100.
Upon receiving the D information (ID 20), the authentication is performed by comparing the received ID information with the ID information stored in the ID information storage area 232. Here, the ID information storage area 23
2 stores an ID 20 (see FIG. 12). Therefore, the UIM 200 sends a response indicating that the authentication has succeeded to the mobile device 1.
00 (step A6), and the mobile device 100
Based on the response received from the server 200, a response to the effect that access should be permitted is returned to the PC 1 (step A7).

As described above, when the second server 400 not registered in the UIM 200 makes a connection request to the mobile device 100 (step A8), the mobile device 100 permits the connection request from the second server 400. In order to request the UIM 200 to determine whether or not to do so, the second
It outputs the ID information (ID30) of the server 400 to the UIM 200 and makes an authentication request (step A9). UIM20
0, when the ID information (ID20) of the second server 400 is received from the mobile device 100, the received ID information and the ID
Authentication is performed by comparing the ID information stored in the information storage area 232 with the ID information.

In this case, in the ID information storage area 232,
Since the ID information (ID30) corresponding to the second server 400 is not stored, the UIM 200 returns a response indicating that the authentication has failed to the mobile device 100 (step A10). Then, a response to the effect that access should be denied is returned to the PC 1 (step A11). Note that the operation after such authentication is performed can be described in substantially the same manner as in the above-described embodiment, and will not be described.

2) When the mobile device 100 makes a connection request to the first server 300 or the second server 400 (see FIG. 11) In step AS5, the mobile device 100 obtains ID information (ID20) obtained from the first server 300. To UIM20
0 to make an authentication request. The UIM 200 stores the ID information received from the mobile device 100 and the ID information storage area 2.
The authentication is performed by comparing the ID information stored in the P.32 with the ID information.
As described above, the ID information storage area 232 stores the ID 20
Is stored (see FIG. 12), the UIM 200 returns a response to the effect that authentication was successful to the mobile device 100 (step A6). The mobile device 100 issues a connection request to the first server 300 based on the response received from the UIM 200 (Step AS7).

On the other hand, in step AS9, the mobile station 1
00 is the ID information (ID
30) is output to the UIM 200, and an authentication request is made. UI
M200 is the ID information received from the mobile device 100,
Authentication is performed by comparing with the ID information stored in the ID information storage area 232. The ID information stored in the ID information storage area 232 is ID1 to ID3 and ID20, whereas the received ID information is ID30.
Return to 00 (step A10). The mobile device 100 has a UI
Based on the response received from M200, the second server 40
Abandon the connection with 0. Note that the subsequent operation can be described in the same manner as in the case described above.
Omitted.

As described above, according to the third modification,
The mobile device 100 mounted on the UIM 200 is
Communication with only a specific server registered as 0 is possible. That is, when there is a connection request from a server different from the specific server (that is, a server not registered in the UIM 200), the connection request can be rejected by authentication by the UIM 200. Therefore, the user can restrict the use of the mobile device 100 (that is, which external device is allowed to connect, etc.) and use the mobile device 100.
As a result, the subscriber information and the like stored in the UIM 200 are
The problem of being rewritten in response to an access request from a malicious server can be prevented beforehand.

<Modification 4> In the above-described embodiment, a case where ID information is written in the UIM 200 purchased at an electric store or the like has been described as an example. For example, already registered ID information is updated. The case is also applicable. As described above, by enabling the update of the ID information registered in the UIM 200, the user can connect and use the UIM 200 to a desired external device.

<Fifth Modification> In the above-described embodiment, the case where the PC1 to PC3 are connected to the mobile device 100 has been described as an example. However, for example, the mobile device 100 may be connected to various devices such as a car navigation system and a memory card. It is also possible to connect and use electronic devices. In the present embodiment, the UIM 200
A mobile phone has been exemplified as the mobile device 100 connectable to the UIM 200. However, for example, a PHS (Personal
Handyphone System), PDA, (Personal Digital As
The present invention can be applied to a sistant, a pager, and the like, and can be applied not only to the mobile device 100 but also to any electronic device that can be connected to the UIM 200 (such as a car navigation device that can be connected to the UIM 200).

[0045]

As described above, according to the present invention,
Even if UIM was stolen, U was stolen
Since improper use of the IM can be suppressed, security can be improved.

[Brief description of the drawings]

FIG. 1 is a block diagram illustrating a configuration of a mobile device according to the present embodiment.

FIG. 2 is a block diagram showing a configuration of a UIM according to the embodiment.

FIG. 3 is a diagram showing a memory space of an EEPROM.

FIG. 4 is a diagram illustrating a connection state of a mobile device.

FIG. 5 is a diagram for explaining an operation of writing ID information to a UIM.

FIG. 6 is a diagram illustrating data stored in an ID information storage area.

FIG. 7 is a diagram for explaining a UIM authentication operation.

FIG. 8 is a diagram for explaining a UIM authentication operation.

FIG. 9 is a diagram for explaining an operation of writing ID information to a UIM.

FIG. 10 is a diagram for explaining an operation of writing ID information on the server side to the UIM and an authentication operation.

FIG. 11 is a diagram for explaining an operation of writing ID information on the server side to the UIM and an authentication operation.

FIG. 12 illustrates an example of data stored in an ID information storage area.

[Explanation of symbols]

200: UIM, 230: EEPROM, 23
2 ... ID information storage area, 210 ... CPU, 10
0: mobile device, 300: first server, 400 ...
A second server;

──────────────────────────────────────────────────の Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) H04L 9/00 673B (72) Inventor Higashi Akihiro 2-1-1 Nagatacho, Chiyoda-ku, Tokyo N Co., Ltd.・ TI DoCoMo (72) Inventor Chie Noda 2-1-1 Nagatacho, Chiyoda-ku, Tokyo, Japan NTT Docomo Co., Ltd. (72) Inventor Masahiro Furuse 2-chome, Nagatacho, Chiyoda-ku, Tokyo No. 11 NTT DoCoMo, Inc. (72) Inventor Makoto Ueda 2-1-1 Nagatacho, Chiyoda-ku, Tokyo, Japan No. 11 1 NTT Docomo, Inc. (72) Inventor Wakabayashi Tatsuaki 2-11-1, Nagatacho, Chiyoda-ku, Tokyo NTT DoCoMo, Inc. (72) Inventor Takaro Hiramatsu Nagatacho, Chiyoda-ku, Tokyo No. 11-1 F-term in NTT DOCOMO, INC. (Reference) 5K067 AA32 BB04 DD17 EE02 EE16 FF02 HH23 HH24 KK15

Claims (5)

[Claims] A first storage unit for storing user-specific information; and a second storage unit for storing an access condition for determining whether an external access to the first storage unit is permitted. Means for determining whether to permit external access by referring to the access condition stored in the second storage means when the first storage means is externally accessed. A user identification module comprising: 2. The user identification module according to claim 1, wherein the access condition includes ID information for specifying an external device to which the access is permitted. 3. The user identification module according to claim 1, wherein the access condition includes ID information for specifying a type of an external device to which the access is permitted. 4. A third storage means for storing a password, and when an external access request to the second storage means is received, a request for input of a password is made to the outside, and the password is supplied from the outside. Access condition writing determining means for checking whether a request for writing an access condition to the second storage means is permitted by comparing the password stored in the third storage means with a password stored in the third storage means. The user identification module according to any one of claims 1 to 3, wherein: 5. The user identification module according to claim 1, wherein the external access request is transmitted from a server via a network.