TWM540327U - Smart hardware safety carrier - Google Patents

Smart hardware safety carrier Download PDF

Info

Publication number
TWM540327U
TWM540327U TW106201379U TW106201379U TWM540327U TW M540327 U TWM540327 U TW M540327U TW 106201379 U TW106201379 U TW 106201379U TW 106201379 U TW106201379 U TW 106201379U TW M540327 U TWM540327 U TW M540327U
Authority
TW
Taiwan
Prior art keywords
electronic device
control module
code
communication unit
connector
Prior art date
Application number
TW106201379U
Other languages
Chinese (zh)
Inventor
Chien-Kang Yang
Original Assignee
Chien-Kang Yang
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chien-Kang Yang filed Critical Chien-Kang Yang
Priority to TW106201379U priority Critical patent/TWM540327U/en
Priority to CN201710187668.5A priority patent/CN108345782B/en
Publication of TWM540327U publication Critical patent/TWM540327U/en
Priority to US15/645,364 priority patent/US10425821B2/en
Priority to EP17189761.4A priority patent/EP3355231B1/en
Priority to JP2017214369A priority patent/JP6622275B2/en
Priority to HK19101398.5A priority patent/HK1259233A1/en

Links

Description

智慧型硬體安全載具 Smart hardware safety carrier

本新型是有關於一種隨身裝置,特別是指一種智慧型硬體安全載具。 The present invention relates to a portable device, and more particularly to a smart hardware safety carrier.

現有配置連接器的隨身裝置,例如USB隨身碟能讓使用者藉由其連接器與一電子裝置電連接,以供該電子裝置讀取其中儲存的資料或儲存電子裝置寫入的資料並隨身攜帶,可謂相當地方便。然而該隨身裝置本身通常不具有使用權限控管功能,而易遭有心人士不當竊取或更動其中儲存的資料。因此,若能賦予隨身裝置本身權限控管的能力,將能防止隨身裝置在未通過其驗證程序的情況下被不當地存取。 The existing portable device of the connector, such as a USB flash drive, allows the user to electrically connect with an electronic device through the connector, so that the electronic device can read the data stored therein or store the data written by the electronic device and carry it with them. It is quite convenient. However, the portable device itself usually does not have the use permission control function, and is susceptible to the intentional person to steal or modify the stored data. Therefore, if the ability to control the authority of the portable device itself can be given, it will be possible to prevent the portable device from being improperly accessed without passing the verification procedure.

因此,本新型的目的,即在提供一種能對使用者進行身份驗證及權限控管之智慧型硬體安全載具。 Therefore, the purpose of the present invention is to provide a smart hardware safety carrier capable of authenticating and controlling the user.

於是,本新型智慧型硬體安全載具,能與一電子裝置電耦接,並包括一通訊單元、一儲存模組及一控制模組,該控制模組與該通訊單元及該儲存模組電連接,並具有一權限控管資 料表及一密碼表,該權限控管資料表記錄一使用者識別碼及其使用該儲存模組的一使用權限,該密碼表記錄該使用者識別碼及其對應的一使用者密碼;該電子裝置能透過該通訊單元傳送一認證資訊給該控制模組,且該控制模組判斷該認證資訊合法後,允許該電子裝置透過該連接器與其建立連線,並接受該電子裝置傳來的一使用者識別碼及一使用者密碼,該控制模組根據該權限控管資料表查詢該使用者識別碼的一使用權限,並判斷該使用者密碼與記錄在該密碼表的該使用者密碼相符時,允許該電子裝置在該使用權限範圍內使用該儲存模組。 The smart hardware security device can be electrically coupled to an electronic device and includes a communication unit, a storage module and a control module, the control module and the communication unit and the storage module Electrical connection, and has a privilege control a permission table and a password table, the permission control data table records a user identification code and a usage right of using the storage module, the password table records the user identification code and a corresponding user password; The electronic device can transmit an authentication information to the control module through the communication unit, and after the control module determines that the authentication information is legal, the electronic device allows the electronic device to establish a connection with the electronic device through the connector, and accepts the electronic device. a user identification code and a user password, the control module queries a usage right of the user identification code according to the permission control data table, and determines the user password and the user password recorded in the password table. In the case of matching, the electronic device is allowed to use the storage module within the scope of the usage authority.

在本新型的一些實施態樣中,該電子裝置執行一應用程式,並透過該應用程式傳送該應用程式的該認證資訊給該控制模組,而該控制模組記錄有該應用程式的一識別碼及一密碼,且該控制模組判斷該認證資訊中包含的一識別碼及一密碼與該控制模組記錄的該識別碼及密碼相符時,即判定該應用程式合法。 In some implementations of the present invention, the electronic device executes an application and transmits the authentication information of the application to the control module through the application, and the control module records an identification of the application. The code and a password, and the control module determines that an identification code and a password included in the authentication information match the identification code and password recorded by the control module, and determines that the application is legal.

在本新型的一些實施態樣中,該儲存模組具有一隱密資料區,且該控制模組判斷該使用權限允許存取該隱密資料區時,允許該電子裝置存取該隱密資料區。 In some implementations of the present invention, the storage module has a hidden data area, and the control module determines that the usage right allows access to the hidden data area, allowing the electronic device to access the hidden data Area.

在本新型的一些實施態樣中,該控制模組判斷該使用權限允許規劃該隱密資料區時,該電子裝置能透過該控制模組對該隱密資料區規劃多個私密空間,且該控制模組判斷該使用權限允許存 取該等私密空間至少其中之一時,允許該電子裝置存取該私密空間,並將該電子裝置傳來的資料進行加密後再存入該私密空間,或者將該電子裝置需要的資料從該私密空間讀出並對其解密後,再傳送給該電子裝置。 In some implementations of the present invention, the control module determines that the usage permission allows the privacy data area to be planned, and the electronic device can plan a plurality of private spaces for the hidden data area through the control module, and the The control module determines that the usage permission is allowed to be saved. When at least one of the private spaces is taken, the electronic device is allowed to access the private space, and the data transmitted by the electronic device is encrypted and then stored in the private space, or the information required by the electronic device is from the private The space is read out and decrypted, and then transmitted to the electronic device.

在本新型的一些實施態樣中,該控制模組判斷該使用權限允許設定與更新該權限控管資料表及/或該密碼表時,允許該電子裝置對該權限控管資料表及/或該密碼表進行設定及更新。 In some implementations of the present invention, the control module determines that the usage permission allows setting and updating the rights control data table and/or the password table, allowing the electronic device to control the data table and/or The password table is set and updated.

在本新型的一些實施態樣中,該控制模組還包含一金融晶片,其中儲存一密鑰及一押碼程式,且該控制模組判斷該使用權限允許該電子裝置存取該金融晶片時,將該電子裝置透過該通訊單元傳來的一要被押碼的資料傳送給該金融晶片,使執行該押碼程式,以該密鑰對該要被押碼的資料押碼而產生一交易押碼,並透過該通訊單元回傳該交易押碼給該電子裝置。 In some implementations of the present invention, the control module further includes a financial chip, wherein a key and a code program are stored, and the control module determines that the usage right allows the electronic device to access the financial chip. Transmitting, by the electronic device, a data to be hacked by the communication unit to the financial chip, causing the execution of the escrow program, and vouching the data to be hacked by the key to generate a transaction The code is sent, and the transaction code is returned to the electronic device through the communication unit.

在本新型的一些實施態樣中,該隱密資料區存有一密鑰,該控制模組具有一押碼程式,且該控制模組判斷該使用權限允許存取該隱密資料區時,讀取儲存於該隱密資料區的該密鑰,且接受該電子裝置透過該通訊單元傳來的一要被押碼的資料,並執行該押碼程式,以該密鑰對該要被押碼的資料押碼而產生一交易押碼,並透過該通訊單元回傳該交易押碼給該電子裝置。 In some implementations of the present invention, the secret data area stores a key, the control module has a code execution program, and the control module determines that the usage right allows access to the hidden data area, and reads Taking the key stored in the hidden data area, and accepting a data of the code to be spoofed transmitted by the electronic device through the communication unit, and executing the pledge code, and the code is to be ridden by the key The data is encoded and a transaction code is generated, and the transaction code is returned to the electronic device through the communication unit.

在本新型的一些實施態樣中,該控制模組還包含一儲存 一押碼程式的金融晶片,該隱密資料區存有一密鑰,且該控制模組判斷該使用權限允許該電子裝置存取該金融晶片及該隱密資料區時,該控制模組讀取儲存於該隱密資料區的該密鑰,並將該密鑰及該電子裝置透過該通訊單元傳來的一要被押碼的資料提供給該金融晶片,使執行該押碼程式,以該密鑰對該要被押碼的資料押碼而產生一交易押碼,並透過該通訊單元回傳該交易押碼給該電子裝置。 In some implementations of the present invention, the control module further includes a storage a financial chip of the code program, wherein the secret data area stores a key, and the control module determines that the usage right allows the electronic device to access the financial chip and the hidden data area, the control module reads Storing the key in the hidden data area, and providing the key and the data to be debited by the electronic device through the communication unit to the financial chip, so that the code execution program is executed. The key generates a transaction code for the data to be hacked, and returns the transaction code to the electronic device through the communication unit.

在本新型的一些實施態樣中,該通訊單元是一連接器;或者,該通訊單元包含一連接器及一短距離無線通訊介面,且該連接器與該電子裝置電連接時,該電子裝置透過該連接器與該控制模組通訊,該連接器未與該電子裝置電連接時,該電子裝置透過該短距離無線通訊介面與該控制模組通訊;又或者,該通訊單元包含一連接器及一與該連接器電連接的短距離無線通訊介面,且該連接器與該電子裝置電連接時,該電子裝置透過該連接器與該控制模組通訊,並透過該連接器與該短距離無線通訊介面電連接,以透過該短距離無線通訊介面收發一無線訊號,而該連接器未與該電子裝置電連接時,該電子裝置透過該短距離無線通訊介面與該控制模組通訊。 In some implementations of the present invention, the communication unit is a connector; or the communication unit includes a connector and a short-range wireless communication interface, and the connector is electrically connected to the electronic device Communicating with the control module through the connector, when the connector is not electrically connected to the electronic device, the electronic device communicates with the control module through the short-range wireless communication interface; or the communication unit includes a connector And a short-range wireless communication interface electrically connected to the connector, and when the connector is electrically connected to the electronic device, the electronic device communicates with the control module through the connector, and transmits the short distance through the connector The wireless communication interface is electrically connected to transmit and receive a wireless signal through the short-range wireless communication interface, and the electronic device communicates with the control module through the short-range wireless communication interface when the connector is not electrically connected to the electronic device.

在本新型的一些實施態樣中,該隨身裝置還包括一電路板,該連接器設置在該電路板上,且該儲存模組與該控制模組被整 合於一晶片中並設置在該電路板上;或者,該控制模組是一設置在該電路板上的第一晶片,該儲存模組是一設置在該電路板上的第二晶片。 In some implementations of the present invention, the portable device further includes a circuit board, the connector is disposed on the circuit board, and the storage module and the control module are integrated And being disposed in a chip and disposed on the circuit board; or, the control module is a first chip disposed on the circuit board, and the storage module is a second chip disposed on the circuit board.

本新型的功效在於:藉由設置在隨身裝置中的控制模組對要存取隨身裝置的儲存模組(尤其是隱密資料區)之電子裝置進行存取權限的控管,而達成本新型對隨身裝置的使用者進行身份驗證及權限控管。 The utility model has the advantages that the invention is realized by controlling the access authority of the electronic device of the storage module (especially the hidden data area) of the portable device to be accessed by the control module disposed in the portable device. Authenticate and control the user of the portable device.

1‧‧‧隨身裝置 1‧‧‧ portable device

2‧‧‧電子裝置 2‧‧‧Electronic devices

10、10’‧‧‧電路板 10, 10'‧‧‧ boards

11‧‧‧通訊單元 11‧‧‧Communication unit

111‧‧‧連接器 111‧‧‧Connector

112‧‧‧短距離無線通訊介面 112‧‧‧Short-range wireless communication interface

120‧‧‧金融晶片 120‧‧‧Financial Chip

121‧‧‧控制器晶片 121‧‧‧ Controller chip

12‧‧‧控制模組 12‧‧‧Control Module

13‧‧‧儲存模組 13‧‧‧ Storage Module

14‧‧‧權限控管資料表 14‧‧‧Permission Control Data Sheet

15‧‧‧密碼表 15‧‧‧ Password Table

122‧‧‧控制韌體 122‧‧‧Control firmware

123‧‧‧應用程式介面 123‧‧‧Application Interface

131‧‧‧系統資料區 131‧‧‧System data area

132‧‧‧隱密資料區 132‧‧‧Hidden Information Area

本新型的其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中:圖1是一電路方塊圖,說明本新型隨身裝置的一實施例主要包含的電路方塊;圖2是一電路方塊圖,說明本實施例的通訊單元的一實施態樣;圖3是一電路方塊圖,說明本實施例的通訊單元的另一實施態樣;圖4是一電路方塊圖,說明本實施例的控制模組及儲存模組主要包含的電路方塊;圖5是一示意圖,說明本實施例的控制模組及儲存模組以整合於一晶片的方式設置在電路板上;及 圖6是一示意圖,說明本實施例的控制模組及儲存模組以各自獨立的晶片型式設置在電路板上。 Other features and effects of the present invention will be apparent from the following description of the drawings. FIG. 1 is a circuit block diagram illustrating a circuit block mainly included in an embodiment of the present portable device; FIG. FIG. 3 is a circuit block diagram showing another embodiment of the communication unit of the embodiment; FIG. 4 is a circuit block diagram illustrating the present embodiment; The control module and the storage module of the embodiment mainly include a circuit block; FIG. 5 is a schematic view showing that the control module and the storage module of the embodiment are disposed on the circuit board in a manner integrated in a chip; FIG. 6 is a schematic diagram showing the control module and the storage module of the embodiment are disposed on the circuit board in separate wafer types.

在本新型被詳細描述之前,應當注意在以下的說明內容中,類似的元件是以相同的編號來表示。 Before the present invention is described in detail, it should be noted that in the following description, similar elements are denoted by the same reference numerals.

參閱圖1,是本新型智慧型硬體安全載具的一實施例,本實施例的隨身裝置1外觀尺寸類似隨身碟(或行動碟)而可隨身攜帶,但並不以此為限。其主要包括一用以與一電子裝置2通訊的通訊單元11,一與通訊單元11電連接的控制模組12及一與控制模組12電連接的儲存模組13。其中電子裝置2可以是例如智慧型手機、平板電腦、筆記型電腦、個人電腦等主動式電子設備。通訊單元11可以是現有的連接器111,例如一般的USB連接器插頭、一mini USB連接器插頭、一micro USB連接器插頭或其組合,並不以此為限,舉凡現行用於連接一外接周邊裝置或隨身裝置至一主動式電子裝置的連接器規格皆適用於本實施例。 Referring to FIG. 1 , it is an embodiment of the smart hardware security carrier of the present invention. The portable device 1 of the present embodiment can be carried by a portable disk (or a mobile disk), but is not limited thereto. It mainly includes a communication unit 11 for communicating with an electronic device 2, a control module 12 electrically connected to the communication unit 11, and a storage module 13 electrically connected to the control module 12. The electronic device 2 can be an active electronic device such as a smart phone, a tablet computer, a notebook computer, or a personal computer. The communication unit 11 can be an existing connector 111, such as a general USB connector plug, a mini USB connector plug, a micro USB connector plug, or a combination thereof, and is not limited thereto, and is currently used for connecting an external connection. The connector specifications of the peripheral device or the portable device to an active electronic device are applicable to the present embodiment.

此外,如圖2所示,通訊單元11除了連接器111之外,還可包含一短距離無線通訊介面112,例如NFC(近場通訊)介面,藉此,當該連接器111與電子裝置2電連接時,該電子裝置2能透過該連接器111與該控制模組12通訊,當該連接器111未與該電子裝置2電連接時,該電子裝置2若具有短距離無線通訊功能(例 如NFC功能),即能藉由與隨身裝置1相互靠近,而透過該短距離無線通訊介面112與隨身裝置1的該控制模組12通訊。 In addition, as shown in FIG. 2, the communication unit 11 may include a short-range wireless communication interface 112, such as an NFC (Near Field Communication) interface, in addition to the connector 111, whereby the connector 111 and the electronic device 2 are When electrically connected, the electronic device 2 can communicate with the control module 12 through the connector 111. When the connector 111 is not electrically connected to the electronic device 2, the electronic device 2 has a short-range wireless communication function (for example) For example, the NFC function can communicate with the control module 12 of the portable device 1 through the short-range wireless communication interface 112 by being in close proximity to the portable device 1.

或者,如圖3所示,該通訊單元11除了包含連接器111以外,還包含一與該連接器111電連接的短距離無線通訊介面112,例如NFC介面;藉此,當該連接器111與該電子裝置2電連接時,該電子裝置2能透過該連接器111與該控制模組12通訊,且若該電子裝置2不具有短距離無線通訊功能(例如NFC功能),電子裝置2則可以透過該連接器111與該短距離無線通訊介面112電連接,以透過該短距離無線通訊介面112與另一電子裝置(圖未示)進行短距離無線通訊;而當該連接器111未與該電子裝置2電連接時,若該電子裝置2具有短距離無線通訊功能(例如NFC功能),則該電子裝置2即能透過隨身裝置1的該短距離無線通訊介面112與該控制模組12通訊。 Alternatively, as shown in FIG. 3, the communication unit 11 includes, in addition to the connector 111, a short-range wireless communication interface 112 electrically connected to the connector 111, such as an NFC interface; thereby, when the connector 111 is When the electronic device 2 is electrically connected, the electronic device 2 can communicate with the control module 12 through the connector 111, and if the electronic device 2 does not have a short-range wireless communication function (for example, an NFC function), the electronic device 2 can The short-range wireless communication interface 112 is electrically connected to the short-range wireless communication interface 112 to perform short-range wireless communication with another electronic device (not shown) through the short-range wireless communication interface 112; and when the connector 111 does not When the electronic device 2 is electrically connected, if the electronic device 2 has a short-range wireless communication function (for example, an NFC function), the electronic device 2 can communicate with the control module 12 through the short-range wireless communication interface 112 of the portable device 1 .

如圖1所示,該控制模組12具有一權限控管資料表14及一密碼表15。其中該權限控管資料表14記錄至少一使用者的使用者識別碼及其使用該儲存模組13的一使用權限,該密碼表15記錄該使用者識別碼及其對應的一使用者密碼。藉此,當隨身裝置1透過通訊單元11與電子裝置2電連接後,電子裝置2為了存取儲存模組13內的資料而執行一應用程式時,該應用程式需先透過通訊單元11傳送一認證資訊給該控制模組12,由該控制模組12 根據該認證資訊判斷該應用程式合法時,才允許該應用程式(即電子裝置2)與其建立連線,然後該電子裝置2透過該應用程式傳送一使用者識別碼及一使用者密碼給該控制模組12,該控制模組12根據該權限控管資料表14查詢該使用者識別碼的一使用權限,並判斷該使用者密碼與記錄在該密碼表15的該使用者密碼是否相符,若是,才允許該電子裝置2的該應用程式在該使用權限範圍內使用該儲存模組13。藉此,達到對欲使用隨身裝置1的使用者進行身份驗證及權限控管,而達到防止隨身裝置1被不當地任意存取的目的。 As shown in FIG. 1 , the control module 12 has an authority control data table 14 and a password table 15 . The permission control data table 14 records at least one user identification code of the user and a usage right of the storage module 13 , and the password table 15 records the user identification code and a corresponding user password. When the electronic device 2 executes an application for accessing the data in the storage module 13 after the electronic device 2 is electrically connected to the electronic device 2, the application first transmits the application through the communication unit 11. Authentication information to the control module 12, by the control module 12 When the application is legal according to the authentication information, the application (ie, the electronic device 2) is allowed to establish a connection with the application, and then the electronic device 2 transmits a user identifier and a user password to the control through the application. The module 12, the control module 12 queries a usage right of the user identification code according to the rights control data table 14, and determines whether the user password matches the user password recorded in the password table 15, if The application of the electronic device 2 is allowed to use the storage module 13 within the scope of the usage rights. Thereby, the user who wants to use the portable device 1 is authenticated and the authority is controlled, so as to prevent the portable device 1 from being improperly accessed arbitrarily.

具體而言,如圖4所示,本實施例的控制模組12主要包含一控制器晶片121及燒錄於控制器晶片121中的一控制韌體122以及一應用程式介面(application program interface;API)123,且該權限控管資料表14及該密碼表15被燒錄儲存在控制韌體122中。其中如下表1所示,密碼表15存有隨身裝置1之使用者的使用者識別碼(例如ID1、ID2、ID3等)與使用者密碼(例如CODE1、CODE2、CODE3等),供驗證使用者的身份。且實際上儲存在密碼表15中的密碼,是經過加密而以亂碼化方式儲存的密碼,以確保密碼不會遭到非法竊取。此外,密碼表15還存有被控制模組12認可且合法的每一個應用程式的一識別碼及其對應的一密碼。 Specifically, as shown in FIG. 4, the control module 12 of the present embodiment mainly includes a controller chip 121 and a control firmware 122 programmed in the controller chip 121 and an application program interface; API) 123, and the rights control data table 14 and the password table 15 are burned and stored in the control firmware 122. As shown in Table 1 below, the password table 15 stores the user identification code (such as ID1, ID2, ID3, etc.) of the user of the portable device 1 and the user password (for example, CODE1, CODE2, CODE3, etc.) for verifying the user. identity of. And the password actually stored in the password table 15 is a password that is encrypted and stored in a garbled manner to ensure that the password is not illegally stolen. In addition, the password table 15 also stores an identification code of each application that is recognized and legal by the control module 12 and a corresponding password.

儲存模組13主要包括一系統資料區131及一隱密資料區132。系統資料區131主要儲存隨身裝置1的基本操作資訊(basic operation information)。而隱密資料區132並無法被電子裝置2存取,亦即電子裝置2在未經控制模組12的授權下,並不能對隱密資料區132儲存的檔案或資料進行讀取、寫入或修改。相反地,電子裝置2只有在完成控制模組12特定的驗證及授權程序之後,才能透過控制模組12的控制器晶片121中的控制韌體122存取儲存模組13的隱密資料區132。所以,電子裝置2與隨身裝置1電連接後,並無法顯示隨身裝置1的隱密資料區132給使用者,且只有當使用者藉由電子裝置2通過所述驗證及授權程序後,使用者才能透過電子裝置2存取隱密資料區132。 The storage module 13 mainly includes a system data area 131 and a hidden data area 132. The system data area 131 mainly stores basic operation information of the portable device 1. The hidden data area 132 cannot be accessed by the electronic device 2, that is, the electronic device 2 cannot read or write the file or data stored in the hidden data area 132 without the authorization of the control module 12. Or modify. Conversely, the electronic device 2 can access the hidden data area 132 of the storage module 13 through the control firmware 122 in the controller chip 121 of the control module 12 only after completing the verification and authorization process specified by the control module 12. . Therefore, after the electronic device 2 is electrically connected to the portable device 1, the hidden data area 132 of the portable device 1 cannot be displayed to the user, and only after the user passes the verification and authorization program by the electronic device 2, the user The hidden material area 132 can be accessed through the electronic device 2.

因此,如下表2所示,該權限控管資料表14主要儲存使用者的使用者識別碼(例如ID1、ID2、ID3等)與其對應的一使用權限,例如使用者識別碼ID1的權限為可對隱密資料區132進行讀取及寫入,使用者識別碼ID2的權限為可讀取隱密資料區132,使用者識別碼ID3的權限為可對隱密資料區132進行讀取、寫入 及刪除等,故該權限控管資料表14主要供驗證使用者是否具有對隱密資料區132進行讀取、更新及/或刪除的使用權限。 Therefore, as shown in Table 2 below, the privilege control data table 14 mainly stores the user identification code (for example, ID1, ID2, ID3, etc.) of the user and a corresponding usage right thereof, for example, the authority of the user identification code ID1 is The hidden data area 132 is read and written. The user identification code ID2 has the right to read the hidden data area 132, and the user identification code ID3 has the right to read and write the hidden data area 132. Enter And deletion, etc., the permission control data table 14 is mainly used to verify whether the user has the right to read, update and/or delete the hidden data area 132.

舉例來說,假設隱密資料區132儲存有一密鑰,且該密鑰是被用於一行動支付作業,則當電子裝置2欲使用該密鑰以執行一行動支付時,電子裝置2會執行一應用程式(例如一種行動支付軟體)並要求使用者輸入其使用者識別碼及/或使用者密碼(或者該應用程式也可以使用先前已記錄的使用者識別碼及使用者密碼,而不需要使用者輸入)。接著電子裝置2的該應用程式將其包含有一識別碼及一密碼的認證資訊、該使用者密碼以及與該行動支付相關的一要被押碼的資料傳送給控制模組12,則控制模組12的應用程式介面123會先執行一建立連線功能,根據密碼表15,判斷該應用程式提供的識別碼及密碼是否有記錄在密碼表15中,若是,則判定該應用程式合法。接著,應用程式介面123執行一權限控管管理功能,根據權限控管資料表14的記錄,確認該應用程式提供的使用者識別碼,例如ID2的使用權限為讀取,並判斷該應用程式提供的使用者密碼,例如CODE2與密碼表16中記錄的一使用者密 碼相符,則允許該應用程式透過控制韌體122讀取儲存於隱密資料區132的該密鑰,且由控制韌體122根據該密鑰及該要被押碼的資料產生一交易押碼並透過該通訊單元11回傳給電子裝置2,使電子裝置2能據以進行後續的行動支付作業。 For example, if the secret data area 132 stores a key and the key is used for a mobile payment operation, when the electronic device 2 wants to use the key to perform a mobile payment, the electronic device 2 performs An application (such as a mobile payment software) and requiring the user to enter their user ID and/or user password (or the application can also use the previously recorded user ID and user password without the need User input). Then, the application of the electronic device 2 transmits the authentication information including an identification code and a password, the user password, and a data to be debited related to the mobile payment to the control module 12, and the control module The application interface 123 of 12 first performs a connection establishment function, and according to the password table 15, it is judged whether the identification code and password provided by the application are recorded in the password table 15, and if so, it is determined that the application is legal. Then, the application interface 123 performs an privilege management function, and according to the record of the privilege control data table 14, confirms the user identification code provided by the application, for example, the usage right of the ID2 is read, and determines that the application provides User password, such as CODE2 and a user record recorded in password table 16. The code matches, the application is allowed to read the key stored in the secret data area 132 through the control firmware 122, and the control firmware 122 generates a transaction code based on the key and the data to be hacked. And transmitted back to the electronic device 2 through the communication unit 11, so that the electronic device 2 can perform subsequent action payment operations.

此外,如圖4所示,本實施例的控制模組12還可包含一金融晶片120,其中儲存有一發行該金融晶片120之金融機構的密鑰及一押碼程式。因此,當電子裝置2欲使用該密鑰執行一行動支付,並通過上述控制模組12的身份及權限驗證後,控制模組12的應用程式介面123會將電子裝置2透過應用程式經由該通訊單元11傳來的一要被押碼的資料傳送給金融晶片120,使執行押碼程式,以該密鑰對要被押碼的資料押碼而產生一交易押碼,並透過應用程式介面123經由該通訊單元11回傳給電子裝置2,使電子裝置2能據以進行後續的行動支付作業。有關上述金融晶片120應用於行動支付的細節可參見台灣第I537851號專利。 In addition, as shown in FIG. 4, the control module 12 of the present embodiment may further include a financial chip 120 in which a key of a financial institution that issues the financial chip 120 and a code program are stored. Therefore, when the electronic device 2 wants to perform a mobile payment using the key and the identity and authority of the control module 12 is verified, the application interface 123 of the control module 12 transmits the electronic device 2 through the application through the communication. A data to be debited from the unit 11 is transmitted to the financial chip 120, so that the code execution program is executed, and the transaction code is generated by using the key for the data to be debited, and the application interface 123 is generated through the application interface 123. The electronic unit 2 is returned to the electronic device 2 via the communication unit 11, so that the electronic device 2 can perform subsequent action payment operations. For details on the application of the above financial chip 120 to mobile payment, see Taiwan Patent No. I537851.

因此,當控制模組12不論是否包含金融晶片120,若電子裝置2要用於行動支付的該密鑰儲存在儲存模組13的隱密資料區132時,則由控制韌體122讀取儲存於隱密資料區132的該密鑰,並執行預存於控制控制器晶片121內的該押碼程式,使根據該密鑰及電子裝置2提供之該要被押碼的資料產生一交易押碼。有關此行動支付的細節可參見台灣第I509542專利。 Therefore, when the control module 12 includes the financial chip 120, if the key to be used for the mobile payment by the electronic device 2 is stored in the hidden data area 132 of the storage module 13, the storage is read by the control firmware 122. The key in the secret data area 132, and executing the code program pre-stored in the control controller chip 121, so that a transaction code is generated according to the key and the data to be coded provided by the electronic device 2. . Details of the payment for this action can be found in Taiwan's I509542 patent.

或者,當控制模組12內包含金融晶片120,但行動裝置1要用於行動支付的該密鑰(由非發行金融晶片120之金融機構提供)是儲存在隱密資料區132時,則由控制韌體122讀取儲存於隱密資料區132的該密鑰,並將該密鑰及要被押碼的資料傳送給金融晶片120,由金融晶片120執行該押碼程式,以該密鑰對要被押碼的資料押碼而產生一交易押碼。 Alternatively, when the control module 12 includes the financial chip 120, but the key to be used for the mobile payment by the mobile device 1 (provided by the financial institution of the non-issued financial chip 120) is stored in the secret data area 132, The control firmware 122 reads the key stored in the secret data area 132, and transmits the key and the data to be hacked to the financial chip 120, and the financial chip 120 executes the code program to use the key. A transaction code is generated for the code of the code to be debited.

又或者,若電子裝置2要用於行動支付的該密鑰是儲存在金融晶片120內時,則控制模組12的控制韌體122會將要被押碼的資料傳送給金融晶片120,由金融晶片120執行該押碼程式,以該密鑰對要被押碼的資料押碼而產生一交易押碼。因此金融晶片120可視實際應用所需而被包含於控制模組12中或者省略。 Or, if the key to be used for the mobile payment by the electronic device 2 is stored in the financial chip 120, the control firmware 122 of the control module 12 transmits the data to be hacked to the financial chip 120 by the financial The wafer 120 executes the code-up program, and generates a transaction code by using the key to code the data to be coded. Therefore, the financial wafer 120 can be included in the control module 12 or omitted as needed for practical applications.

再者,本實施例至少具有身份識別、權限控管、私密空間及個資保護四種功能。針對身份識別功能,該儲存模組13的隱密資料區132可記錄一使用者的一身份識別資料,藉此,當電子裝置2執行一應用程式要讀取該身份識別資料,而自動提供或者由使用者輸入一使用者識別碼及其使用者密碼給控制模組12時,應用程式介面123以如同上述程序驗證應用程式合法後,根據權限控管資料表14判斷該使用者識別碼具有存取該隱密資料區132的權限,並判斷該使用者密碼與該密碼表15記錄的使用者密碼相符 時,則允許該電子裝置2透過控制韌體122讀取儲存於隱密資料區132的該身份識別資料,以供電子裝置2進行後續身份識別的應用。 Furthermore, the embodiment has at least four functions of identity recognition, rights control, private space, and personal protection. For the identity recognition function, the secret data area 132 of the storage module 13 can record an identification data of a user, thereby automatically providing or when the electronic device 2 executes an application to read the identification data. When the user inputting a user identification code and its user password to the control module 12, the application interface 123 determines that the user identification code has been stored according to the permission control data table 14 after verifying that the application is legal as described above. The permission of the hidden data area 132 is taken, and the user password is determined to be consistent with the user password recorded in the password table 15. The electronic device 2 is allowed to read the identification data stored in the secret data area 132 through the control firmware 122 for the electronic device 2 to perform subsequent identification applications.

而針對權限控管功能,主要是在使用者取得隨身裝置1之前,將預先建立的權限控管資料表14及密碼表15透過應用程式介面123燒錄在控制韌體122中,其中密碼表15主要記錄使用隨身裝置1之每一使用者的使用者識別碼及其對應的使用者密碼,權限控管資料表14主要記錄每一使用者識別碼及其對儲存模組13之隱密資料區132中的資料讀取、更新及刪除等權限,因此不同的使用者對於隱密資料區132的使用權限將會有所不同。 For the privilege control function, the pre-established privilege control data table 14 and password table 15 are burned in the control firmware 122 through the application interface 123, wherein the password table 15 is used before the user obtains the portable device 1. The main record uses the user identification code of each user of the portable device 1 and its corresponding user password. The permission control data table 14 mainly records each user identification code and its hidden data area to the storage module 13. The permissions of the data in 132 are read, updated, and deleted, so different users may have different access rights to the secret data area 132.

且應用程式介面123除了上述建立連線功能及權限控管管理功能外,還具有線上個人化作業(Preso)管理功能,其能讓電子裝置2執行一應用程式與應用程式介面123建立連線後,並通過上述權限控管管理功能的驗證及授權,讓使用者根據實際應用所需,對權限控管資料表14及密碼表15進行設定與更新。 In addition to the above-mentioned connection connection function and the rights management management function, the application interface 123 also has an online personalization (Preso) management function, which enables the electronic device 2 to execute an application and the application interface 123 to establish a connection. And through the above-mentioned authority control management function verification and authorization, the user can set and update the authority control data table 14 and the password table 15 according to the actual application requirements.

而針對私密空間功能,當電子裝置2執行的一應用程式與控制模組12的應用程式介面123已建立連線,並通過上述權限控管管理功能的驗證及授權,控制模組12的應用程式介面123能根據電子裝置2的該應用程式下達的指令,利用線上個人化作業(Preso)管理功能將隱密資料區132切割出多個私密空間,以供存放不同種類的私密資料,例如行動支付相關資料、個人醫療(就醫) 資料、各種身份或會員憑證等。並且控制模組12可在權限控管資料表14中針對不同的使用者識別碼(即不同的使用者)設定其對該等私密空間的存取權限。 For the private space function, when an application executed by the electronic device 2 and the application interface 123 of the control module 12 are connected, and the verification and authorization of the permission management function is performed, the application of the control module 12 is controlled. The interface 123 can use the online personalization (Preso) management function to cut the hidden data area 132 into a plurality of private spaces according to the instructions issued by the application of the electronic device 2, so as to store different kinds of private information, such as mobile payment. Related materials, personal medical care (for medical treatment) Information, various identities or membership vouchers, etc. And the control module 12 can set the access rights of the private space to the different user identifiers (ie different users) in the rights control data table 14.

針對個資保護功能,控制模組12的應用程式介面123會建置一加解密功能,而能使用3DES(Triple Data Encryption Algorithm symmetric-key block cipher)、AES(Advanced Encryption Standard)或RSA等演算法對資料進行加密或解密。例如當電子裝置2執行的一應用程式與控制模組12的應用程式介面123已建立連線,並且通過上述權限控管管理功能的驗證,且該應用程式要寫入一筆個資資料至隱密資料區132的一個資保護區塊(由上述線上個人化作業(Preso)管理功能規劃的一私密空間,圖未示)時,應用程式介面123會以該加解密功能對該個資資料進行加密,再透過控制韌體122將加密後的該個資資料寫入隱密資料區132的該個資保護區塊。而若電子裝置2的該應用程式要讀取存於隱密資料區132的該個資保護區塊的資料時,控制韌體122會將資料從該個資保護區塊讀出並傳送給應用程式介面123,使應用該加解密功能對該資料解密後,再透過控制韌體122將解密後的資料傳送給電子裝置2。 The application interface 123 of the control module 12 is configured to perform an encryption and decryption function, and can use an algorithm such as 3DES (Triple Data Encryption Algorithm symmetric-key block cipher), AES (Advanced Encryption Standard), or RSA. Encrypt or decrypt the data. For example, when an application executed by the electronic device 2 is connected to the application interface 123 of the control module 12, and the verification of the function is managed by the above-mentioned authority, the application must write a piece of information to the secret. In the data protection area of the data area 132 (a private space planned by the online personalization operation (Preso) management function, not shown), the application interface 123 encrypts the information data by using the encryption and decryption function. And encrypting the encrypted information into the protected area of the hidden data area 132 through the control firmware 122. If the application of the electronic device 2 is to read the data of the protected area stored in the hidden data area 132, the control firmware 122 reads the data from the protected area and transmits the data to the application. The program interface 123 is configured to decrypt the data by applying the encryption and decryption function, and then transmit the decrypted data to the electronic device 2 through the control firmware 122.

此外,在本實施例中,如圖5所示,該隨身裝置1具有一電路板10,且通訊單元11、控制模組12及儲存模組13是設置 在該電路板10上,且該儲存模組13與該控制模組12是被整合於一晶片中,再透過電路板10與通訊單元11電連接。 In addition, in this embodiment, as shown in FIG. 5, the portable device 1 has a circuit board 10, and the communication unit 11, the control module 12, and the storage module 13 are disposed. On the circuit board 10, the storage module 13 and the control module 12 are integrated into a chip, and then electrically connected to the communication unit 11 through the circuit board 10.

或者,在本實施例中,如圖6所示,控制模組12及儲存模組13也可以各自獨立地設置在隨身裝置1的電路板10’上,且控制模組12是以一第一晶片的型態實現,儲存模組13是以一第二晶片的型態實現。 Alternatively, in this embodiment, as shown in FIG. 6, the control module 12 and the storage module 13 may also be independently disposed on the circuit board 10' of the portable device 1, and the control module 12 is first. The implementation of the wafer, the memory module 13 is implemented in the form of a second wafer.

綜上所述,本新型藉由設置在隨身裝置1中的控制模組12,對要存取隨身裝置1的儲存模組13(尤其是隱密資料區132)之電子裝置2進行存取權限的控管,而達成本新型對隨身裝置1的使用者進行身份驗證及權限控管的功效與目的。 In summary, the present invention accesses the electronic device 2 of the storage module 13 (especially the hidden data area 132) of the portable device 1 by the control module 12 disposed in the portable device 1. The control and the purpose and purpose of the present invention for the identity verification and authority control of the user of the portable device 1.

惟以上所述者,僅為本新型的實施例而已,當不能以此限定本新型實施的範圍,凡是依本新型申請專利範圍及專利說明書內容所作的簡單的等效變化與修飾,皆仍屬本新型專利涵蓋的範圍內 However, the above is only the embodiment of the present invention. When the scope of the novel implementation cannot be limited thereto, all simple equivalent changes and modifications according to the scope of the patent application and the contents of the patent specification are still Within the scope covered by this new patent

1‧‧‧隨身裝置 1‧‧‧ portable device

2‧‧‧電子裝置 2‧‧‧Electronic devices

11‧‧‧通訊單元 11‧‧‧Communication unit

12‧‧‧控制模組 12‧‧‧Control Module

13‧‧‧儲存模組 13‧‧‧ Storage Module

14‧‧‧權限控管資料表 14‧‧‧Permission Control Data Sheet

15‧‧‧密碼表 15‧‧‧ Password Table

Claims (13)

一種智慧型硬體安全載具,能與一電子裝置電耦接,並包括:一通訊單元;一儲存模組;及一控制模組,其與該通訊單元及該儲存模組電連接,並具有一權限控管資料表及一密碼表,該權限控管資料表記錄一使用者識別碼及其使用該儲存模組的一使用權限,該密碼表記錄該使用者識別碼及其對應的一使用者密碼;藉此,該電子裝置能透過該通訊單元傳送一認證資訊給該控制模組,且該控制模組判斷該認證資訊合法後,允許該電子裝置透過該連接器與其建立連線,並接受該電子裝置傳來的一使用者識別碼及一使用者密碼,該控制模組根據該權限控管資料表查詢該使用者識別碼的一使用權限,並判斷該使用者密碼與記錄在該密碼表的該使用者密碼相符時,允許該電子裝置在該使用權限範圍內使用該儲存模組。 An intelligent hardware security device, which can be electrically coupled to an electronic device, and includes: a communication unit; a storage module; and a control module electrically connected to the communication unit and the storage module, and Having a rights control data table and a password table, the rights control data table records a user identification code and a usage right of using the storage module, the password table records the user identification code and a corresponding one thereof a user password; the electronic device can transmit an authentication information to the control module through the communication unit, and the control module determines that the authentication information is legal, and allows the electronic device to establish a connection with the electronic device through the connector. And accepting a user identifier and a user password sent by the electronic device, the control module queries a usage right of the user identifier according to the rights control data table, and determines that the user password and the record are When the user password of the password table matches, the electronic device is allowed to use the storage module within the scope of the usage right. 如請求項1所述智慧型硬體安全載具,其中該電子裝置執行一應用程式,並透過該應用程式傳送該應用程式的該認證資訊給該控制模組,而該控制模組記錄有該應用程式的一識別碼及一密碼,且該控制模組判斷該認證資訊中包含的一識別碼及一密碼與該控制模組記錄的該識別碼及密碼相符時,即判定該應用程式合法。 The smart hardware security vehicle of claim 1, wherein the electronic device executes an application and transmits the authentication information of the application to the control module through the application, and the control module records the An application identifier and a password, and the control module determines that an identification code and a password included in the authentication information match the identification code and password recorded by the control module, and determines that the application is legal. 如請求項1所述智慧型硬體安全載具,其中該儲存模組具有一隱密資料區,且該控制模組判斷該使用權限允許存取該隱密資料區時,允許該電子裝置存取該隱密資料區。 The smart hardware security carrier of claim 1, wherein the storage module has a hidden data area, and the control module determines that the usage right allows access to the hidden data area, allowing the electronic device to save Take the hidden data area. 如請求項3所述智慧型硬體安全載具,其中該控制模組判斷該使用權限允許規劃該隱密資料區時,該電子裝置能透過該控制模組對該隱密資料區規劃多個私密空間,且該控制模組判斷該使用權限允許存取該等私密空間至少其中之一時,允許該電子裝置存取該私密空間,並將該電子裝置傳來的資料進行加密後再存入該私密空間,或者將該電子裝置需要的資料從該私密空間讀出並對其解密後,再傳送給該電子裝置。 The intelligent hardware security vehicle of claim 3, wherein the control module determines that the usage permission allows the hidden data area to be planned, and the electronic device can plan the hidden data area through the control module. a private space, and the control module determines that the usage right allows access to at least one of the private spaces, allows the electronic device to access the private space, encrypts the data transmitted by the electronic device, and then deposits the data into the private device. The private space, or the data required by the electronic device is read out from the private space and decrypted, and then transmitted to the electronic device. 如請求項1所述智慧型硬體安全載具,其中該控制模組判斷該使用權限允許設定與更新該權限控管資料表及/或該密碼表時,允許該電子裝置對該權限控管資料表及/或該密碼表進行設定及更新。 The intelligent hardware security vehicle of claim 1, wherein the control module determines that the usage permission allows setting and updating the permission control data table and/or the password table, and allows the electronic device to control the authority. The data sheet and/or the password table are set and updated. 如請求項1所述智慧型硬體安全載具,其中該控制模組還包含一金融晶片,其中儲存一密鑰及一押碼程式,且該控制模組判斷該使用權限允許該電子裝置存取該金融晶片時,將該電子裝置透過該通訊單元傳來的一要被押碼的資料傳送給該金融晶片,使執行該押碼程式,以該密鑰對該要被押碼的資料押碼而產生一交易押碼,並透過該通訊單元回傳該交易押碼給該電子裝置。 The smart hardware security carrier of claim 1, wherein the control module further comprises a financial chip, wherein a key and a code program are stored, and the control module determines that the usage permission allows the electronic device to save When the financial chip is taken, the data to be debited transmitted by the electronic device through the communication unit is transmitted to the financial chip, so that the code execution program is executed, and the data to be debited is pressed by the key. The code generates a transaction code, and returns the transaction code to the electronic device through the communication unit. 如請求項3所述智慧型硬體安全載具,其中該隱密資料區存有一密鑰,該控制模組具有一押碼程式,且該控制模組 判斷該使用權限允許存取該隱密資料區時,讀取儲存於該隱密資料區的該密鑰,且接受該電子裝置透過該通訊單元傳來的一要被押碼的資料,並執行該押碼程式,以該密鑰對該要被押碼的資料押碼而產生一交易押碼,並透過該通訊單元回傳該交易押碼給該電子裝置。 The smart hardware security carrier of claim 3, wherein the secret data area has a key, the control module has a code execution program, and the control module Determining that the usage right allows access to the hidden data area, reading the key stored in the hidden data area, and accepting a data to be hacked by the electronic device through the communication unit, and executing The charge code program generates a transaction code by using the key to code the data to be coded, and returns the transaction code to the electronic device through the communication unit. 如請求項3所述智慧型硬體安全載具,其中該控制模組還包含一儲存一押碼程式的金融晶片,該隱密資料區存有一密鑰,且該控制模組判斷該使用權限允許該電子裝置存取該金融晶片及該隱密資料區時,該控制模組讀取儲存於該隱密資料區的該密鑰,並將該密鑰及該電子裝置透過該通訊單元傳來的一要被押碼的資料提供給該金融晶片,使執行該押碼程式,以該密鑰對該要被押碼的資料押碼而產生一交易押碼,並透過該通訊單元回傳該交易押碼給該電子裝置。 The smart hardware security carrier of claim 3, wherein the control module further comprises a financial chip storing a code program, the secret data area storing a key, and the control module determining the usage right When the electronic device is allowed to access the financial chip and the hidden data area, the control module reads the key stored in the hidden data area, and transmits the key and the electronic device through the communication unit. The information to be escorted is provided to the financial chip, so that the escrow code program is executed, and the data of the code to be hacked is coded by the key to generate a transaction code, and the code is returned through the communication unit. The transaction is escorted to the electronic device. 如請求項1所述智慧型硬體安全載具,其中該通訊單元是一連接器。 The smart hardware security carrier of claim 1, wherein the communication unit is a connector. 如請求項1所述智慧型硬體安全載具,其中該通訊單元包含一連接器及一短距離無線通訊介面,且該連接器與該電子裝置電連接時,該電子裝置透過該連接器與該控制模組通訊,該連接器未與該電子裝置電連接時,該電子裝置透過該短距離無線通訊介面與該控制模組通訊。 The smart hardware security carrier of claim 1, wherein the communication unit comprises a connector and a short-range wireless communication interface, and when the connector is electrically connected to the electronic device, the electronic device transmits through the connector The control module communicates, and when the connector is not electrically connected to the electronic device, the electronic device communicates with the control module through the short-range wireless communication interface. 如請求項1所述智慧型硬體安全載具,其中該通訊單元包含一連接器及一與該連接器電連接的短距離無線通訊介面,且該連接器與該電子裝置電連接時,該電子裝置透過 該連接器與該控制模組通訊,並透過該連接器與該短距離無線通訊介面電連接,以透過該短距離無線通訊介面收發一無線訊號;該連接器未與該電子裝置電連接時,該電子裝置透過該短距離無線通訊介面與該控制模組通訊。 The smart hardware security carrier of claim 1, wherein the communication unit comprises a connector and a short-range wireless communication interface electrically connected to the connector, and when the connector is electrically connected to the electronic device, Electronic device transmission The connector is in communication with the control module, and is electrically connected to the short-range wireless communication interface through the connector to transmit and receive a wireless signal through the short-range wireless communication interface; when the connector is not electrically connected to the electronic device, The electronic device communicates with the control module through the short-range wireless communication interface. 如請求項1至11其中任一項所述智慧型硬體安全載具,還包括一電路板,該通訊單元設置在該電路板上,且該儲存模組與該控制模組被整合於一晶片中並設置在該電路板上。 The smart hardware security carrier of any one of claims 1 to 11, further comprising a circuit board, the communication unit is disposed on the circuit board, and the storage module and the control module are integrated into one The chip is placed on the circuit board. 如請求項1至11其中任一項所述智慧型硬體安全載具,還包括一電路板,該通訊單元設置在該電路板上,且該控制模組是一設置在該電路板上的第一晶片,該儲存模組是一設置在該電路板上的第二晶片。 The smart hardware security carrier of any one of claims 1 to 11, further comprising a circuit board, the communication unit is disposed on the circuit board, and the control module is disposed on the circuit board The first chip, the storage module is a second chip disposed on the circuit board.
TW106201379U 2017-01-25 2017-01-25 Smart hardware safety carrier TWM540327U (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
TW106201379U TWM540327U (en) 2017-01-25 2017-01-25 Smart hardware safety carrier
CN201710187668.5A CN108345782B (en) 2017-01-25 2017-03-27 Intelligent hardware safety carrier
US15/645,364 US10425821B2 (en) 2017-01-25 2017-07-10 Mobile data storage device with access control functionality
EP17189761.4A EP3355231B1 (en) 2017-01-25 2017-09-07 Mobile data storage device with access control functionality
JP2017214369A JP6622275B2 (en) 2017-01-25 2017-11-07 Mobile data storage device with access control function
HK19101398.5A HK1259233A1 (en) 2017-01-25 2019-01-28 Mobile data storage device with access control functionality

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW106201379U TWM540327U (en) 2017-01-25 2017-01-25 Smart hardware safety carrier

Publications (1)

Publication Number Publication Date
TWM540327U true TWM540327U (en) 2017-04-21

Family

ID=59255357

Family Applications (1)

Application Number Title Priority Date Filing Date
TW106201379U TWM540327U (en) 2017-01-25 2017-01-25 Smart hardware safety carrier

Country Status (1)

Country Link
TW (1) TWM540327U (en)

Similar Documents

Publication Publication Date Title
CN108345782B (en) Intelligent hardware safety carrier
CN108345785B (en) Built-in intelligent safety action device
US8051052B2 (en) Method for creating control structure for versatile content control
US8601283B2 (en) Method for versatile content control with partitioning
US8966580B2 (en) System and method for copying protected data from one secured storage device to another via a third party
US8504849B2 (en) Method for versatile content control
EP2189922A2 (en) Memory system with versatile content control
US20060242151A1 (en) Control structure for versatile content control
US20100077214A1 (en) Host Device and Method for Protecting Data Stored in a Storage Device
US20060242150A1 (en) Method using control structure for versatile content control
US20060242066A1 (en) Versatile content control with partitioning
US20090276474A1 (en) Method for copying protected data from one secured storage device to another via a third party
JP2004040717A (en) Equipment authentication system
EP1836641A2 (en) Versatile content control with partitioning
US20060242067A1 (en) System for creating control structure for versatile content control
WO2020020329A1 (en) Digital wallet allowing anonymous or real-name offline transaction and usage method
EP1836643A2 (en) System for creating control structure for versatile content control
WO2006069311A2 (en) Control structure for versatile content control and method using structure
TWM540328U (en) Built-in intelligence security mobile device
TWI651624B (en) Smart hardware safety carrier
TWI673667B (en) Built-in smart security mobile device
TWM540327U (en) Smart hardware safety carrier
TWI733590B (en) Identity recognition system and method using active nfc tag and tokenization