EP0740037A1 - Sicherheitsvorrichtung - Google Patents

Sicherheitsvorrichtung Download PDF

Info

Publication number
EP0740037A1
EP0740037A1 EP95302889A EP95302889A EP0740037A1 EP 0740037 A1 EP0740037 A1 EP 0740037A1 EP 95302889 A EP95302889 A EP 95302889A EP 95302889 A EP95302889 A EP 95302889A EP 0740037 A1 EP0740037 A1 EP 0740037A1
Authority
EP
European Patent Office
Prior art keywords
security device
security
signal
station
challenge
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP95302889A
Other languages
English (en)
French (fr)
Inventor
Graeme John Proudler
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HP Inc
Original Assignee
Hewlett Packard Co
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett Packard Co filed Critical Hewlett Packard Co
Priority to EP95302889A priority Critical patent/EP0740037A1/de
Priority to JP8107191A priority patent/JPH08305461A/ja
Publication of EP0740037A1 publication Critical patent/EP0740037A1/de
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G08SIGNALLING
    • G08BSIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
    • G08B13/00Burglar, theft or intruder alarms
    • G08B13/02Mechanical actuation
    • G08B13/14Mechanical actuation by lifting or attempted removal of hand-portable articles
    • G08B13/1409Mechanical actuation by lifting or attempted removal of hand-portable articles for removal detection of electrical appliances by detecting their physical disconnection from an electrical system, e.g. using a switch incorporated in the plug connector
    • G08B13/1418Removal detected by failure in electrical connection between the appliance and a control centre, home control panel or a power supply

Definitions

  • This invention relates to a security device for deterring theft of the apparatus or equipment to which it is fitted or into which it is incorporated.
  • Some automobile audio systems include a feature whereby on interruption of the power supply, for example due to temporary or permanent removal from the automobile, the audio system will not function properly until a code is keyed in.
  • an automobile is fitted with an immobiliser which is activated on receipt of an instruction from a remote security centre.
  • an immobiliser which is activated on receipt of an instruction from a remote security centre.
  • this invention provides a security device for use with apparatus and for allowing continued operation of said apparatus dependent on a specific instruction signal from a security station, said device including signal receiving means for receiving a specific instruction signal from said security station and interrupt means responsive to said signal receiving means in a validation routine for inhibiting, preventing, or interfering with operation of said apparatus if said specific instruction signal is not received.
  • the security station will ensure that the appropriate instruction is not transmitted in the next validation routine and so the apparatus will not function properly thereafter. Also, if for any reason the apparatus is not in communication with the remote centre during a validation routine, it will not function properly.
  • the device preferably implements a challenge/response routine, whereby the specific instruction signal issued by said security station is a specific response to said challenge signal, and the security device includes means for authenticating said specific response signal.
  • the challenge and response signals are preferably encrypted on transmission and decrypted on receipt.
  • the security device preferably includes secure memory means, such as a Write Once Read Many (WORM) memory accessible only internally by the security device for storing one or more keys for use in the encryption/decryption process.
  • WORM Write Once Read Many
  • the encryption/decryption process may be any one of several suitable types, for example public key or symmetric key systems.
  • communication between said security device and said security station is via a communications network
  • said challenge signal includes data identifying the network address of said security device, whereby the security centre may determine the logical location of a security device, and send the response signal to that location.
  • the security device is preferably incorporated in an integrated circuit which in use exerts at least a major part of the control function of the equipment.
  • integrated circuit technology develops further, so more and more functionality is integrated into larger and larger chips, and preferred embodiments take advantage of this by incorporating the security device into an application specific integrated circuit (ASIC) together with circuits representing most of the functionality of the equipment.
  • ASIC application specific integrated circuit
  • a further point is that it is highly desirable that a security system does not interfere with routine maintenance and repair of equipment, for example by restricting supply of replacement chips to legitimate owners or service personnel.
  • the security device is securely embedded into the ASIC, ready availability of replacement ASICs should not significantly degrade security of the system, because by their design the replacement ASICs will also require periodic permission from the security station, to function properly.
  • the device preferably includes a timer and initiates a validation routine each time the timer times out.
  • the device may include a non volatile counter means which increments each time the apparatus is operated or powered up, the device initiating a validation routine every time the counter means reaches a predetermined number or multiple thereof.
  • Communication between the security device and the security station may be set up in a variety of ways.
  • communications may be via the plain old telephone system (POTS).
  • POTS plain old telephone system
  • communication may be via a cellular telephone network, radio, infra-red data links and so on, or combinations of these, and suitable communication systems will be apparent to those skilled in the art.
  • the security device 16 is incorporated in a video tape recorder (VTR) 10, semi-permanently connected to a power supply by lead 12.
  • VTR 10 follows conventional design except that most of the functionality of the apparatus is integrated into an application specific integrated circuit (ASIC) 11.
  • ASIC application specific integrated circuit
  • the ASIC has a collection of functional circuit elements 14 which control most of the mechanical and electrical functions such as tape and cassette transport, tuning, programming, timing, etc operations, to the extent that the VTR 10 has minimal resale value without a fully functional ASIC 11.
  • the ASIC 11 also includes a security device 16 which is capable of disrupting operation of at least some of the functional circuit elements 14, if certain security conditions are not met, to be described in further detail below.
  • the disruption may take the form of inhibiting some or all of the responses to controls and disabling some or all outputs of the functional circuit elements. This may be done, for example, by forcing internal signals to a quiescent state, removal of scanning waveforms, forcing incoming control signals to their quiescent state, forcing outputs to their quiescent sate, removing clock or power from certain internal circuits, or stopping a microprocessor from executing normal operations by the use of a conditional test input or interrupt input. These actions may be forced at various functional circuit elements 14 within the ASIC 11 by control signals.
  • ASIC conductors are usually difficult to isolate and it is usually difficult to make an electrical connection to those conductors. However, in this embodiment they may be buried within the volume of the ASIC 11, so that they cannot be accessed without irreparably damaging other elements of the ASIC 11, further to enhance security.
  • Each functional circuit element may contain a communication element for communication with the security device 16, such that each communication element may requires a waveform, rather than a simple logic level, to allow operation. Each communication element may require a different waveform so that active inputs, rather than logic levels, are required to override the 'stop' signal.
  • the level of complexity, and thus immunity to interference may be selected according to the level of perceived threat.
  • circuit elements 14 are shown discrete from the security device 16, in practice the circuit elements may be interspersed, to minimize the possibility of successfully circumventing the operation of the security device 16, as discussed above.
  • the security device 16 has a transceiver 18, capable of transmitting and receiving signals to and from a remote security centre 20, by any suitable communication medium, here the POTS system. Although shown on the ASIC 11, the transceiver 18 may be separate.
  • the security device 16 also includes circuitry 22 for implementing a challenge/response scheme based on cryptographic techniques, and storing the associated encryption data.
  • Such encryption systems are well known, see for example page 357 - "Peer Entity Authentication” in "Security for Computer Networks” Davies and Price, John Wiley and Sons, 2nd Edition, 1989, and ISO 9798 "Peer Entity Authentication Mechanism Using An n-bit Secret Key". There are many possible challenge/response mechanisms.
  • the remote security centre 20 decrypts the challenge with the key K1, encrypts it with a second key, K2, and sends it back to the security device. This is the response.
  • the security device decrypts the response with key K2 and checks that the decrypted number is the same as the original random number. This proves to the security device that the message came from an entity with knowledge of the keys K1 and K2, presumed to be the remote security centre 20.
  • the remote security centre 20 provides the response only if the security device 16 is authorized to continue operation.
  • encryption systems such as public key, symmetric key etc. may be used.
  • the security device 16 also includes power-up detect circuitry 24 which detects power up of the ASIC 11, a timer 26 and a non-volatile counter 28.
  • the ASIC 11 contains a write once read many memory (WORM), which is preferably a fusible link device, although it could be an EPROM in a non-transparent package.
  • WORM write once read many memory
  • the remote security centre 20 serves many units in an area and includes a transceiver 27 for transmitting and receiving signals to and from the units containing the ASIC 11 via the POTS system. It also includes circuitry 30 for implementing cryptographic techniques and for storing the associated encryption data, and an operator interface 32 which allows the operator to prevent transmission of response signals to a selected unit, if that unit has been identified as stolen.
  • the ASIC 11 is programmed with a key pair preferably in the WORM and the associated key pair is registered with a central agency which runs the remote security centre 20.
  • the non-volatile counter 28 is incremented and the device determines whether the counter has reached the predetermined number or a multiple thereof (Steps 40, 42).
  • the device initiates a validation routine by calling up the remote security centre 20, issuing a challenge and requesting a response using the encryption and decryption steps referred to above. Unless the remote security centre 20 has been advised that the VTR 10 has been stolen, the centre will respond with a response which is then checked by the security device 16 to ensure that it is as expected and, if so, the device allows the VTR 10 to continue to operate. The timer 26 and counter 28 are then reset at step 44, and the device goes into a timed routine 46.
  • non-arrival of the response triggers the safety device 16 at step 48 to stop normal operation of the VTR 10 using one of the disruption techniques described above, and to wait for possible manual initiation of the validation routine.
  • the counter 28 If on detection of power up, the counter 28 does not reach the preset number, then it goes into the timed routine 46. Here the timer 26 runs until it times out, whereupon the security device 16 initiates the validation routine by calling up the remote centre 20.
  • the challenge issued by the security device 16 may include data representing the identity or location of the user, such as the source network address of the security device (for example the user's telephone number, if communications are via the POTS).
  • the remote security centre 20 would then send the response back to that same network address, possibly after a deliberate break in communication. This would allow the remote security centre 20 to monitor the logical location of the security device 16, and possibly provide a tracking facility.
EP95302889A 1995-04-28 1995-04-28 Sicherheitsvorrichtung Withdrawn EP0740037A1 (de)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP95302889A EP0740037A1 (de) 1995-04-28 1995-04-28 Sicherheitsvorrichtung
JP8107191A JPH08305461A (ja) 1995-04-28 1996-04-26 セキュリティデバイス

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP95302889A EP0740037A1 (de) 1995-04-28 1995-04-28 Sicherheitsvorrichtung

Publications (1)

Publication Number Publication Date
EP0740037A1 true EP0740037A1 (de) 1996-10-30

Family

ID=8221178

Family Applications (1)

Application Number Title Priority Date Filing Date
EP95302889A Withdrawn EP0740037A1 (de) 1995-04-28 1995-04-28 Sicherheitsvorrichtung

Country Status (2)

Country Link
EP (1) EP0740037A1 (de)
JP (1) JPH08305461A (de)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998004967A1 (en) * 1996-07-25 1998-02-05 Peter David Collins Immobilisation protection system for electronic components
WO2000070564A1 (de) * 1999-04-29 2000-11-23 Uwe Luboch Verfahren und einrichtung zur betriebsunterbrechung eines gerätes sowie anwendung des verfahrens oder der einrichtung
WO2001025884A1 (en) * 1999-10-07 2001-04-12 Critical Devices, Inc. Method and system for device tracking
US6477667B1 (en) 1999-10-07 2002-11-05 Critical Devices, Inc. Method and system for remote device monitoring
US6636983B1 (en) 1999-10-07 2003-10-21 Andrew E. Levi Method and system for uniform resource locator status tracking
US6658586B1 (en) 1999-10-07 2003-12-02 Andrew E. Levi Method and system for device status tracking
US6658585B1 (en) 1999-10-07 2003-12-02 Andrew E. Levi Method and system for simple network management protocol status tracking
US6950946B1 (en) * 1999-03-30 2005-09-27 International Business Machines Corporation Discovering stolen or lost network-attachable computer systems
EP1983461A2 (de) 2007-04-18 2008-10-22 Hitachi, Ltd. Externe Speichervorrichtung und Vorrichtung zur Verhinderung von Informationslecks
US7945709B2 (en) 1994-11-15 2011-05-17 Absolute Software Corporation Security apparatus and method
US8601606B2 (en) 2002-11-25 2013-12-03 Carolyn W. Hafeman Computer recovery or return
US9547780B2 (en) 2005-03-28 2017-01-17 Absolute Software Corporation Method for determining identification of an electronic device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2843819B1 (fr) 2002-08-21 2006-11-10 Thomson Licensing Sa Appareil electrique securise contre le vol, systeme antivol comportant un tel appareil et procede d'appariement d'appareils electriques

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0135783A2 (de) * 1983-08-18 1985-04-03 Nec Corporation Funkkommunikationsgerät abgeschaltet nach Empfang einer bestimmten Nachricht
US4794268A (en) * 1986-06-20 1988-12-27 Nissan Motor Company, Limited Automotive keyless entry system incorporating portable radio self-identifying code signal transmitter
DE3927024A1 (de) * 1988-08-16 1990-02-22 Nissan Motor Schluessellose sicherungsvorrichtung, insbesondere zur ver- und entriegelung von kraftfahrzeugtueren
EP0387581A2 (de) * 1989-03-11 1990-09-19 Blaupunkt-Werke GmbH Anlage zur Sicherung von Fahrzeugen vor Diebstahl
GB2262640A (en) * 1991-12-21 1993-06-23 Intelligent Locking Sys Ltd Security installation and operating method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0135783A2 (de) * 1983-08-18 1985-04-03 Nec Corporation Funkkommunikationsgerät abgeschaltet nach Empfang einer bestimmten Nachricht
US4794268A (en) * 1986-06-20 1988-12-27 Nissan Motor Company, Limited Automotive keyless entry system incorporating portable radio self-identifying code signal transmitter
DE3927024A1 (de) * 1988-08-16 1990-02-22 Nissan Motor Schluessellose sicherungsvorrichtung, insbesondere zur ver- und entriegelung von kraftfahrzeugtueren
EP0387581A2 (de) * 1989-03-11 1990-09-19 Blaupunkt-Werke GmbH Anlage zur Sicherung von Fahrzeugen vor Diebstahl
GB2262640A (en) * 1991-12-21 1993-06-23 Intelligent Locking Sys Ltd Security installation and operating method

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7945709B2 (en) 1994-11-15 2011-05-17 Absolute Software Corporation Security apparatus and method
WO1998004967A1 (en) * 1996-07-25 1998-02-05 Peter David Collins Immobilisation protection system for electronic components
US6950946B1 (en) * 1999-03-30 2005-09-27 International Business Machines Corporation Discovering stolen or lost network-attachable computer systems
WO2000070564A1 (de) * 1999-04-29 2000-11-23 Uwe Luboch Verfahren und einrichtung zur betriebsunterbrechung eines gerätes sowie anwendung des verfahrens oder der einrichtung
US6658585B1 (en) 1999-10-07 2003-12-02 Andrew E. Levi Method and system for simple network management protocol status tracking
US6658586B1 (en) 1999-10-07 2003-12-02 Andrew E. Levi Method and system for device status tracking
US6636983B1 (en) 1999-10-07 2003-10-21 Andrew E. Levi Method and system for uniform resource locator status tracking
US6833787B1 (en) 1999-10-07 2004-12-21 Asap Software Express, Inc. Method and system for device tracking
US6477667B1 (en) 1999-10-07 2002-11-05 Critical Devices, Inc. Method and system for remote device monitoring
WO2001025884A1 (en) * 1999-10-07 2001-04-12 Critical Devices, Inc. Method and system for device tracking
US8601606B2 (en) 2002-11-25 2013-12-03 Carolyn W. Hafeman Computer recovery or return
US9547780B2 (en) 2005-03-28 2017-01-17 Absolute Software Corporation Method for determining identification of an electronic device
EP1983461A2 (de) 2007-04-18 2008-10-22 Hitachi, Ltd. Externe Speichervorrichtung und Vorrichtung zur Verhinderung von Informationslecks
EP1983461A3 (de) * 2007-04-18 2008-11-19 Hitachi, Ltd. Externe Speichervorrichtung und Vorrichtung zur Verhinderung von Informationslecks
US8065523B2 (en) 2007-04-18 2011-11-22 Hitachi, Ltd. External storage apparatus and method of preventing information leakage

Also Published As

Publication number Publication date
JPH08305461A (ja) 1996-11-22

Similar Documents

Publication Publication Date Title
US20030149666A1 (en) Personal authentication system
EP0912919B1 (de) Schutzsystem zum blockieren von elektronischen geräten und bauteilen und verfahren hierfür
CA2400204C (en) Method and apparatus for providing secure control of software or firmware code downloading and secure operation of a computing device receiving downloaded code
US7205883B2 (en) Tamper detection and secure power failure recovery circuit
US4596898A (en) Method and apparatus for protecting stored and transmitted data from compromise or interception
EP0740037A1 (de) Sicherheitsvorrichtung
KR100483293B1 (ko) 보안 시스템
US20030065934A1 (en) After the fact protection of data in remote personal and wireless devices
US5982894A (en) System including separable protected components and associated methods
US5952937A (en) System and method of updating communications in a security system
US7281134B2 (en) Method and system for authenticating a security device
KR100688433B1 (ko) 도난방지 시스템
JP2002511811A (ja) 遠隔送信機用の学習モード
EP1352368B1 (de) Diebstahlsicherung mittels positionsbestimmung
US7808399B2 (en) Electronic device enabling hardware and methods
US7510580B2 (en) Method and apparatus to eliminate theft of electronic equipment using existing telephone jack
JP2007515100A (ja) ネットワーク内の装置に対する盗用保護のための方法及び装置
CN105718761A (zh) 一种软件试用期的控制方法及装置
KR100245442B1 (ko) 무선 호출 수신기 및 수신 방법
RU2686610C1 (ru) Автомобильное противоугонное устройство (варианты)
WO1987005175A1 (en) Method and apparatus for distributing and protecting encryption key codes
KR102411797B1 (ko) 하드웨어 기반의 차량 사이버보안시스템
GB2407458A (en) Preventing use of lost/stolen article by transmission of blocking code
JP4608857B2 (ja) 接続確認情報管理システム
KR20100012398A (ko) 이모빌라이져 시스템 강화를 위한 전자 제어 장치 간의통신 방법

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): DE FR GB

K1C3 Correction of patent application (complete document) published

Effective date: 19961030

RBV Designated contracting states (corrected)

Designated state(s): DE FR GB

17P Request for examination filed

Effective date: 19970423

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Withdrawal date: 19981103