EP0382811A1 - Systeme de module informatique independant - Google Patents

Systeme de module informatique independant

Info

Publication number
EP0382811A1
EP0382811A1 EP89907474A EP89907474A EP0382811A1 EP 0382811 A1 EP0382811 A1 EP 0382811A1 EP 89907474 A EP89907474 A EP 89907474A EP 89907474 A EP89907474 A EP 89907474A EP 0382811 A1 EP0382811 A1 EP 0382811A1
Authority
EP
European Patent Office
Prior art keywords
icm
interface unit
division
program
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP89907474A
Other languages
German (de)
English (en)
Inventor
John N. Hait
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of EP0382811A1 publication Critical patent/EP0382811A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10544Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation by scanning of the records by radiation in the optical part of the electromagnetic spectrum
    • G06K7/10821Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation by scanning of the records by radiation in the optical part of the electromagnetic spectrum further details of bar or optical code scanning devices
    • G06K7/1097Optical sensing of electronic memory record carriers, such as interrogation of RFIDs with an additional optical interface
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/123Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/002Specific input/output arrangements not covered by G06F3/01 - G06F3/16
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Definitions

  • the present invention is related to the safe and secure operation of computer software.
  • the programs to be run are taken from a recording devise such as a disk drive and copied into the Random Access Memory (RAM) of a host computer for processing, or they are programmed into Read Only Memory (ROM) which is either wired directly to the Central Processing Unit (CPU) or is encased in a separate module which has a connector for providing direct connection between the CPU and the ROM.
  • RAM Random Access Memory
  • ROM Read Only Memory
  • CPU Central Processing Unit
  • search programs can set up the registers in the CPU for loading data from a target program in a target memory bank, and storing data in a common data area or an area of easy access by the search program; then make multiple jumps throughout the target program until a standard data-moving routine (now corrupted by the new information in the CPU) is encountered. In this way the security of many programs can be violated, programs copied, keys or secret codes can be accessed.
  • Search programs often called "virus” or “worms” hidden in operating systems, unused areas of the host computer's memory, or even on diskettes from other sources can write themselves into operating systems and into programs being legitimately copied, allowing search programs to compromise the security of anything that passes through that host computer.
  • Diskettes and disk drives contain delicate mechanical and electrical parts that fail in the presents of dirt or moisture. Thus the prior art does not permit such devices to be used underwater, in outer space, in dirty, chemical-filled, or other hazardous environments.
  • Prior art provides for the distribution of software on diskettes, magnetic tapes or similar devices.
  • the software must be coded for use with a particular CPU, and often for a particular host computer. Therefore a means is needed for software distribution that is both secure, and can operate with a wide variety of host computers regardless of the CPU in the host.
  • the present invention solves these problems and provides form many more usefu functions.
  • the present invention is an Independent Computer Module (hereafter called an ICM and several types of Interface Units, a generic, a Modular and a Remote.
  • the ICM contain a CPU, ROM and/or RAM memory, a rechargable battery or other energy storage device a specialized energy supply method, a specialized memory division switching capability specialized data input and specialized data output method.
  • the combination of an ICM and one of the Interface Units comprise an ICM Syste that can function in a multitude of hostile environments, while maintaining strict securit over the programs loaded into the ICM
  • the specialized housing maintains the physica security of the programs inside.
  • the specialized input, output and power supply maintai the electronic security over the programs loaded into the ICM by the fact that the program themselves do not load into a host computer where they could be compromised, but rathe are operated upon by the CPU located within the ICM housing.
  • Program control, and thus all information transfer from the ICM to the host and back are always under the strict control of the CPU and the pre-loaded program within the ICM Therefore, only data authorized by the ICM program for transmittal will actually be transferred. Such data is transferred to and from the host computer via one of the interface units.
  • Such data would then be routed by an operating system type program to, or from, any of the peripherals available to the host computer, such as mass data storage devices, CRT video displays, keyboards, printers, etc. Therefore the program inside the ICM can access all of the needed peripherals while maintaining the security of the program, pre-loaded into the ICM Therefore a separation of function is provided in the present invention.
  • Applications programs are loaded into and operated in the ICM rather than the host, and the host computer is used to operate the usual peripherals.
  • the programs requiring security would be loaded into the ICMs at the time of manufacture, or ICMs manufactured with a minimum, security-controlling program operating system would be provided to the software vendor.
  • the software vendor would load in the software needing security, and in turn, the ICM would be sold to the end user who would be able to use, but not copy, any of the software.
  • the ICM is constructed inside a portable, conveniently sized housing.
  • the ICM When another secure program is to be run, one merely removes the ICM form the interface unit, replacing it with another...much the same way one would remove a video game cartridge and replace it with another.
  • the specialized housing is an integral part of the security arrangement of the ICM system, since the housing is completely sealed, with the programs sealed inside making it difficult to mechanically access the secure programs, while the ICMs electrical arrangement maintains the electronic security.
  • the specialized input and output arrangement as it relates to the housing.
  • Input, and output sensors and emitters, along with the power supply receptors are sealed into the surface of the housing.
  • the housing prevents someone from connecting in a secondary input and output, such as a direct memory access, that could be used to override the other security measures.
  • the connectorless method chosen for communications and power transfer between the Interface Unit (which is connected to the host computer,) and the ICM can be inductive, capacitive, optical or radio frequency emitters, sensors, and receptors. These methods provide the needed data communications and power supply to the ICM while eliminating the need for plugs or connectors, and allowing for remote access to the ICM as they can be sealed into the surface of the housing, and in many cases just under the surface of the housing and still function properly.
  • an inductor comprising the primary of a transformer can be mounted in the Interf ce Unit, and the Secondary of the transformer can be mounted in the ICM
  • the metal surface of one side of a capacitor can be mounted in the Interface Unit, and the other surface of th capacitor mounted in the ICM.
  • LEDs light emitting diodes
  • phototransistors phototransistors
  • photovoltaics can be used in the ICM and Interface Units.
  • Radio Frequency is chosen, then RF receivers and transmitters, simple or sophisticated ca be used to supply the needed communications and power supply.
  • communications signals to and from the emitters and sensors mounte in the housing are provided to the CPU, while energy from the power-supplying recepto is then rectified (if needed), filtered, and supplied to all powered components including rechargable battery.
  • the ICM can continue to operate without the need for a plug or direct connection, is easily removable from the Interface Unit, and will continue t operate for a time after removal from the input power source, so that the ICM can be use to transfer authorized data from one host computer to another.
  • the Interface Unit need only have a matching set of emitters and sensors, conventiona signal matching electronics (if needed) and a direct connection to the host computer and power source (often from the host computer itself.)
  • a secondary benefit is derived by so sealing into the housing the input, output, an power supply sensors, emitters and receptors. An environmental seal is maintained, whil permitting the communications and energy transference required to operate the interna components.
  • the housing is provided with conventional metallic RF shielding, either on it surface or below surface, and the materials selected for the housing are chosen to operat within an expected hostile environment.
  • an underwater ICM could b completely encapsulated in plastic with the sensors, emitters and receptors encased at or nea the sur ace. While the usefulness of an underwater ICM may not at irst seem apparent, th ICM is also immune to coffee, soda pop and other office hazards.
  • the IC could be used in very highly humid environments where the danger of exposure t electronics-damaging items would be a potential possibility such as when computers are i use in submarines, or on board ship.
  • Another secondary benefit of this communications and power supply arrangement is that the ICM can be inserted and removed from its Interface Unit without causing the arcing that would occur if conventional plugs were in use. This feature makes the use of the ICM especially attractive in potentially explosive environments such as certain industrial environments, in or near equipment used to transfer fuels, or in enriched oxygen environments such as would be common in space stations.
  • the availability of an additional processor to a host computer, or the availability of a multiple group of ICMs operating from a single host computer provide the opportunity for parallel processing.
  • a user may wish to operate a program using the type of processor that is available within the ICM, but is not available in the host computer.
  • such user programs can be loaded into the ICM and operated by the current user, but such programs must be prevented from accessing any previously loaded program.
  • occasions may arise whereby the ICM is to be loaded with several secure programs from several users while allowing each user to use each program, but preventing each user from copying any of the previously-loaded programs. Therefore the ICM is fitted with a specialized memory division switching arrangement.
  • the Central Processing Unit CPU
  • program-filled Read Only Memory ROM
  • Random Access Memory RAM
  • the specialized input and output, and power supply sections inside the ICM constitute a complete computer that can operate programs loaded into memory in the standard fashion. All of this memory is divided into sections and division switched by a specialized division switching arrangement that prevents the programs in one division from accessing the programs in any other division.
  • One section of memory is designated as a Common Area and is memory mapped so that it is available to all divisions.
  • the division switched sections of memory are divided into two types, the Executive Division (EXEC) and the Selected Divisions.
  • the Executive Division has complete control and access to all other areas for security and controlling transfer of data between Divisions.
  • the Selected memory Divisions are provided for user programs, and are restricted so that user programs with in a Selected Division cannot copy directly any data from any other Division (except the Common data storage Area).
  • a division switching apparatus is provided that causes the Executive Division to be operative after a reset of the CPU.
  • the division switching apparatus is connected to the control bus so that commands taken from the Executive Division can cause both reads and writes of data in any memory division, while fetching its instructions from the Executive Division only.
  • a means is provided for transferring program control to any of the other divisions either directly, or with an accompanying maskable or non- maskable interrupt.
  • the Selected Divisions have the capability of fetching, reading and writing to its own division, and the Common Area only. Transfer of program control, to any other division is always accompanied by a non-maskable interrupt (NMI), which causes a hardware interrupt, and program control to a designated place in the newly-switched-on memory. (Or if a maskable interrupt is used, the division switching is prevented unless an interrupt acknowledge signal is received from the CPU indicating that an interrupt is actually in progress, thus preventing the execution of a division switch without an accompanying interrupt.)
  • NMI non-maskable interrupt
  • These designated entry points are programmed to be operating system entry points, so that information exchange between the divisions is always controllable. This method even allows the loading of any outside program while maintaining the security of the programs in the other memory divisions.
  • the result is that the individual programs loaded into each of the Selected Divisions can be loaded directly into Programmable Read Only Memories (PROMs), Erasable Read Only Memories (EPROMs), or even RAM, but are still unable to copy any information from any of the other divisions, but any needed data can be provided by the program in th Executive bank.
  • the host computer may, at the discretion of the program in the IC Executive, load programs into the ICM for operation, in any of the Selected Divisions. Th host may receive input and output from those programs.
  • the Executive progra can effectively prevent any outside loaded program form copying any data that th Executive does not permit, even though each of the programs may have direct access to th ICM input and output to the host.
  • Permanently stored programs can thus be accessed an used at any time by inserting the ICM into an Interface Unit, or accessing it with a Remot Inter ace Unit.
  • the ICM can accept outside programs, even temporary ones loaded into th ICM RAM, without compromising the previously stored programs.
  • the first code i the Division Selection code which is loaded into a code storage device upon command fro the CPU.
  • the second code is the Mode Select code, also loaded into a code storage devic upon command from the CPU.
  • the third is the Address Bus, for memory mapping th Common Data Area.
  • the fourth is the Control Bus.
  • Th security arrangement is, in part, functional because the Executive Division is switched o by a selection of a mode rather than the selection of a Selected division, (which is the prior art way.) Since the Executive Division is part of the mode selection, any other memory may be accessed by the Executive Division simply by changing the Selected Division code.
  • the selection of a mode that causes command fetches to come from the Executive Division, and reads and writes to be operative on other divisions allows the Executive program to use fewer CPU commands to move data from one division to another, by using a standard move routine as would be used within a single division, but causing the reads to come from one division and the writes to another. This feature is especially useful when the Executive program is working as an operating system to shuttle information back and forth between an applications program and the host computer.
  • the ICM housing is also fitted with a physical damage security system consisting of a damage sensor made of a maze of wires located just under the surface of the housing. Attached to these wires is a method for measuring the wire's resistance, which, in turn, is connected to the CPU. Also connected to the CPU is a self-destruct mechanism, of any convenient kind, that is capable of destroying the memory sections of the ICM In the event that someone should try to either cut into the ICM, and thus through the wires or try to defeat this security mechanism by shorting it out, the CPU would sense the change in resistance, and would then activate the self- destruct mechanism.
  • the ICM is interfaced with a host computer or other electronic device through a specialized Interface Unit.
  • This unit also has a specialized housing that is completely sealed to prevent damage to the components from a hostile environment. It is provided with a port, or other device for holding the ICM so that its sensors, emitters and receptors are adjacent to corresponding emitters and sensors in the Interface Unit.
  • the Interface Unit is fitted with a cable or similar wiring for connecting it directly to a host computer. Room is provided in the housing for any interfacing circuitry needed to operate the sensors and emitters, and connect them properly to the host.
  • a specialized Modular Interface Unit is provided.
  • the MIU has all of the features of a generic Interface Unit, but is also fitted with two connectors, front and back, so that a number of interface units may be connected together to be operated by a single host computer.
  • a Remote Interface Unit is also provided.
  • the ICM can also be interfaced with a host computer through a specialized interface unit that can operate over a longer distance than would be usual with the generic or modular interface units.
  • the RIU has emitters, and sensors selected for the range and type of communications and power to be supplied.
  • the RIU may have infrared LEDs and phototransistors for communicating with the ICM, or several ICMs at a time from across the room.
  • modulated lasers and 9 focusing collectors may be required to communicate with an ICM at a considerable distance or in a different hostile environment such as under the sea. The types needed for a particular task are simply chosen and installed during manufacture.
  • the RIU housing may also be sealed for operation in a hostile environment, and is fitted with cables, and interfacing electronics just as any of the Interface Units would be.
  • Remote interfacing of the ICMs with a host computer allows for the multiple access of many ICMs by the same Remote Interface Unit, while allowing ICMs made for use in one hostile environment to be accessed by a RIU and host in a different environment. This remote capability also allows several users with separate hosts and RIUs to use common ICMs while still maintaining security of the programs.
  • the versatility of the ICM System makes it a safer, applications- program-running, processor-independent, remotely-accessible, parallel- processing, hostile-environment-proof, completely-secure, all-electronic, replacement for the conventional floppy disk.
  • FIG. 1 A cross section view of a Modular Interface Unit (MIU) with an ICM inserted, and showing the positions of additional MIUs if used.
  • MIU Modular Interface Unit
  • FIG. 3 A perspective view of an ICM being accessed by a Remote Interface Unit (RIU).
  • ROU Remote Interface Unit
  • FIG. 4 A detailed block diagram of an ICM and an Interface Unit, showing the memory division switching method, the specialized input, output and energy supply method, along with the mechanical access security system.
  • FIG. 1 depicts an exploded perspective of the ICM being inserted into a generic INTERFACE UNIT.
  • the ICM is contained in its specialized housing that is completely sealed using materials selected for protection in the particular environment that it is intended to be used. For example, to make the ICM useable underwater, it could be completely encapsulated in plastic.
  • the ICM is inserted into the INTERFACE UNIT for connecting the ICM to a host computer through wire H.
  • Input power, and data communications ar accomplished through a connectorless energy and data transfer arrangement using sensors emitters, and receptors H,l,01,0,P1,and P.
  • the ICM is held in place by the INTERFACE UNIT, so that the respective emitters are held adjacent to their counterpart sensors etc.
  • Input power to the ICM for recharging its batteries is provided from the host through an emitter, P1, which transfers energy to receptor, P.
  • Data communications is provided through an input and an output set of emitter/ sensor pairs 11 and I for the input to the ICM, along with 01 and 0 for the output.
  • a sufficient number of emitter/sensor sets is provided to accommodate all the data and handshaking signals of a standard serial or parallel data port.
  • the type of emitter/sensor pair is selected to match the type of energy transfer needed for a particular application with one of each pair in the INTERFACE UNIT and the other in the ICM.
  • the primary portion of a split transformer (manufactured in two mechanically separate sections) would be located in one unit and the secondary portion in the other.
  • one capacitive surface of a split capacitor (also manufactured in two mechanically separate sections) would be located in one unit and the matching capacitive surface in the other.
  • a light source would be provided in the INTERFACE UNIT for power, and photovoltaic cells in the ICM, while data transfer could be by light emitting diodes (LEDs) and phototransistors.
  • LEDs light emitting diodes
  • radio frequency energy and data transfer the emitter would be a radio transmitter, and the sensor or receptor would be a radio receiver.
  • emitters, sensors and receptors are sealed into the surface, or just under the surface of the ICM housing so they can operate normally while maintaining the hazardous environment protection.
  • the INTERFACE UNIT likewise can be sealed with the sensors and emitters sealed into the interior surface of the Interface Unit housing.
  • Figure 2 depicts a cross section of a Modular Interface Unit, MIU, having a port, PORT, for holding the ICM so that its emitters, sensors and receptor are held adjacent to a matching set of emitters and sensors (P1 near P, 11 near I, and 01 near 0) for supplying power and communications to the ICM Just as describe for Fig. 1.
  • MIU Modular Interface Unit
  • the Modular Interface Unit has the additional feature of connectors C1 on one side and C2 of the other side. These connectors allow the addition of more Modular Interface Units MIU1 and MIU2 (dotted lines) so that a number of ICMs can be operated by a single host computer.
  • Wire and connector H is the connecting wires to the host computer that must come from at least one of the MIUs.
  • a seal, S is provided to prevent damage to the connectors C1 and C2 from a hostile environment.
  • Standard interface electronics, IE mounted on a conventional printed circuit board, is provided to connect the emitters and sensors to the host.
  • FIG. 3 depicts an ICM being accessed and operated through a Remote Interface Unit, RIU.
  • the RIU has input (to the ICM) emitters 11 and output (from the ICM) sensors 01. Power output (to the ICM) emitter P1 along with the connecting wires to the host. Just as described in Fig. 1. Emitters and sensors in the RIU are positioned so as to be directed toward the ICM
  • the RIU housing is also tightly sealed and made of selected materials so that it may be used in a hostile environment, possibly a different environment from the environment that the ICM is operating in.
  • AH of the Interface Units function exactly alike; they serve to provide an connectorless interface between a host and one or more ICMs.
  • the different types are provided to give greater versatility to the operation of the basic ICM System.
  • FIG. 4 is a block diagram of a typical ICM and an Interface Unit
  • Energy is supplied from the host computer through wires,H, and standard interface electronics IE1, through the power emitters Pt of the Interface Unit (any of the types) to the power receptors P in the ICM.
  • EC is a material selected to provide hazardous environment protection to the component while permitting the energy form in use for power and data transfer to pass through.
  • clear plastic or fiber optics would be provided to pass light from an emitter to the surface of one unit, then rom the surface of the other unit to . the sensor inside, if the emitters and sensors are optical.
  • a thin plastic cover could be provided to pass energy using induction, capacitive, or radio transfer, depending on the expected hazardous environment to be encountered.
  • ICM input power from P is rectified (if needed) and filtered in the power supply section PWR, and then distributed to all powered components in the ICM (labeled TO ALL) plus the rechargable battery B.
  • Data input and output from the host computer is supplied through wires, H, and standard interfacing electronics IE2 to the emitters and sensors 11 and 01 of the Interface Unit to the matching emitters and sensors I and O in the ICM These are in turn connected through a standard input/output interface, I O, to the CPU.
  • This arrangement of emitters, sensors, and receptors provide connectorless communications and power supply between the host and the ICM.
  • Non-Executive Division Select Latch and Mode Select Latch store the division selection and mode codes output from the CPU upon receiving a strobe from R0M1.
  • R0M2 decodes the address, control, mode, and division select signals to provide the instantaneous division selection required among the memory divisions designated as: The Executive Division, EXEC; the Common Data Division, Com; and individually Selected Divisions Mem 1 through Mem n.
  • ROM1 also has an input feed back line, FB, taken from the output of the Mode Select Latch.
  • FB input feed back line
  • This line is on or off depending on whether the Executive memory division is currently in program control or not. This line determines the modes that will be permitted to be loaded depending upon the memory division which has program control. It is this line that provides the ICM with the ability to provide a secure operating system in the EXEC Division while preventing programs in the other divisions from instituting modes that would allow unauthorized data copying; along with the fact that the EXEC Division is not selected as one of the Selected Divisions, but its selection is one of the Modes.
  • ROM1 also has an output to the CPU non-maskable interrupt, NMI.
  • NMI non-maskable interrupt
  • ROM1 is also programmed to allow the simultaneous loading of a mode 0 while causing an NMI. This command is permitted whenever FB indicates that the Selected Divisions have program control. This command is used to switch to the Executive program whenever operating system type functions are desired. By choosing the best fetch/read/write functions to take place within a given CPU command sequence for mode 0, the most rapid transfer of data can be accomplished by the Executive program.
  • ROM1 also has an output connected to the CPU maskable interrupt, INTR. This line is operative only when the EXEC Division has program control, as indicated by line FB. Maskable interrupts (depending upon the CPU chosen) often have a software programmable interrupt entry point. If available, this would make the Executive program much more versatile. Otherwise, the Executive program can select the program control beginning address in a Selected Division by simply changing modes from a position in the Common Data Division, and jumping to the desired starting point. Selected divisions would be prohibited from doing this by FB, ROM1 and the NMI. I*.
  • the Mode Select Latch is CLEARed by the RESET signal from the CPU, the EXEC Division is designated by ROM1 as having program control in mode 0. Therefore, upon receiving a reset signal, mode 0 is selected, so the EXEC Division has initial program control.
  • ROM2 decodes the four major codes, the Division Select code, the Mode Select code, the ADDRES BUS code, and the CONTROL BUS code to provide the selection of memory divisions that produce the following fetching, reading and writing sequences based on the following modes:
  • Common memory Com is memory mapped by ROM2 into an address space accessible from all memories, while other required memory operational signals will also be timed and provided properly, such as refresh for dynamic RAMs.
  • ROM1 is specially programmed to provide the following command decoding and control functions:
  • a physical entry security system is also provided.
  • a maze of wires (labeled MAZE) is located just under the surface of the entire ICM housing. These wires are connected to a resistance detector, DET., which, in turn, is connected as an input to the CPU.
  • DET. is a self destruct mechanism located so as to be able to destroy the memory divisions if activated by the output from the CPU. If a cut is made in the housing, of if someone attempts to defeat this security device by shorting out the wires, the resistance detector will indicate the change in resistance to the CPU which can then activate the self destruct mechanism to prevent the information stored in them from being accessed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Electromagnetism (AREA)
  • Multimedia (AREA)
  • Remote Sensing (AREA)
  • Technology Law (AREA)
  • Human Computer Interaction (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Toxicology (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Storage Device Security (AREA)
  • Hardware Redundancy (AREA)
  • Debugging And Monitoring (AREA)

Abstract

Module informatique indépendant (''Independent Computer Module'' ou ICM) portatif, complété par plusieurs unités d'interface permettant de brancher l'ICM sur un ordinateur central ou sur un autre appareil électronique extérieur. Ledit ICM comporte un processeur central, une mémoire, un moyen de communication spécialisé sans connecteur, un moyen d'alimentation en énergie sans connecteur spécialisé, un moyen spécialisé de commutation entre parties de la mémoire assurant la sécurité des données et des programmes, tous ces éléments étant contenus dans un boîtier spécialisé. Avec l'une des unités d'interface, l'ICM constitue un système ICM qui présente de nombreux avantages en tant que méthode portative, programmable et sûre de décentralisation et d'utilisation de logiciel informatique, un substitut entièrement électronique pour les disquettes, et une méthode, indépendante de l'unité centrale, d'utilisation des programmes d'application sur plusieurs ordinateurs centraux, le traitement en parallèle avec l'ordinateur central étant également possible. Les unités d'interface modulaires permettent de relier plusieurs ICM à un seul ordinateur central, et les unités d'interface à distance permettent aux ordinateurs centraux d'accéder à plusieurs ICM situés à une distance considérable.
EP89907474A 1988-06-14 1989-06-02 Systeme de module informatique independant Withdrawn EP0382811A1 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US20600188A 1988-06-14 1988-06-14
US206001 1988-06-14
CA000602434A CA1340351C (fr) 1988-06-14 1989-06-12 Systeme independant de module d'ordinateur

Publications (1)

Publication Number Publication Date
EP0382811A1 true EP0382811A1 (fr) 1990-08-22

Family

ID=25672802

Family Applications (1)

Application Number Title Priority Date Filing Date
EP89907474A Withdrawn EP0382811A1 (fr) 1988-06-14 1989-06-02 Systeme de module informatique independant

Country Status (4)

Country Link
EP (1) EP0382811A1 (fr)
AU (1) AU3840689A (fr)
CA (1) CA1340351C (fr)
WO (1) WO1989012864A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AT501651B1 (de) * 2000-09-27 2007-02-15 Omnikey Gmbh Elektronisches modul mit einem steckverbinder zu einer übergeordneten recheneinheit
WO2023140826A1 (fr) * 2022-01-20 2023-07-27 Игорь Николаевич СИДОРЕНКО Dispositif et procédés de protection de systèmes informatiques contre un accès non autorisé

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4328542A (en) * 1979-11-07 1982-05-04 The Boeing Company Secure implementation of transition machine computer
US4521853A (en) * 1982-06-30 1985-06-04 Texas Instruments Incorporated Secure microprocessor/microcomputer with secured memory
US4652990A (en) * 1983-10-27 1987-03-24 Remote Systems, Inc. Protected software access control apparatus and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO8912864A1 *

Also Published As

Publication number Publication date
WO1989012864A1 (fr) 1989-12-28
CA1340351C (fr) 1999-01-26
AU3840689A (en) 1990-01-12

Similar Documents

Publication Publication Date Title
US5396617A (en) Module for extending the functions of an electronic data processing machine
JP3600266B2 (ja) 非接触icカードインタフェース装置及びそれを用いた通信システム
US6650254B1 (en) Computer input device with individually positionable and programmable switches
US6064374A (en) Cordless electronic pen with cartridge
KR100505103B1 (ko) 범용 직렬 버스용 메모리 스틱
US6536670B1 (en) PCMCIA interface card for coupling input devices such as barcode scanning engines to personal digital assistants and palmtop computers
US5860001A (en) Computer system having at least two boot sequences
US4497036A (en) Portable computer
KR940001756B1 (ko) 컴퓨터 데이타 및 소프트웨어의 보호를 위한 시스템과 방법
US5987536A (en) Computer system having flash memory bios which can be accessed while protected mode operating system is running
CA2415230A1 (fr) Circuit integre specifique pour phare
JP2010182285A (ja) 暗号化データボックス
US5020999A (en) Personal computer with connector assembly having integral retainer
EP0382811A1 (fr) Systeme de module informatique independant
US5737610A (en) System and method for providing data and program code to a card for use by a reader
JPS63187353A (ja) バスを介して信号を伝送することを阻止するためのデータ保護回路
US20040143693A1 (en) Data storage apparatus of multiple serial interfaces
CN110472443A (zh) 一种数据安全方法和带开关的本地设备
CA2018213A1 (fr) Methode de transmission d'instructions exclues d'un ensemble d'instructions predefini
CA1247238A (fr) Cartouche de memoire a semiconducteur
EP0516324A1 (fr) Ordinateur personnel avec un contrôleur alternatif de système
CN213400547U (zh) 多任务硬盘拷贝装置
KR900702457A (ko) 독립 컴퓨터 모듈시스템
CN206162556U (zh) 一种自感应二维条码扫描器
US20020101768A1 (en) Enhanced compact memory card with write protaction

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): BE CH DE FR GB LI

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 19900315