EP1118054A1 - Configuration informatique assurant l'interface avec un corps de donnees protegees - Google Patents
Configuration informatique assurant l'interface avec un corps de donnees protegeesInfo
- Publication number
- EP1118054A1 EP1118054A1 EP99948937A EP99948937A EP1118054A1 EP 1118054 A1 EP1118054 A1 EP 1118054A1 EP 99948937 A EP99948937 A EP 99948937A EP 99948937 A EP99948937 A EP 99948937A EP 1118054 A1 EP1118054 A1 EP 1118054A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- configuration
- physical link
- controller means
- controller
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 230000002457 bidirectional effect Effects 0.000 claims abstract description 12
- 238000012546 transfer Methods 0.000 claims abstract description 4
- 238000013500 data storage Methods 0.000 claims abstract 7
- 239000000872 buffer Substances 0.000 claims description 10
- 238000000034 method Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 claims description 5
- 230000011664 signaling Effects 0.000 claims description 5
- 238000012545 processing Methods 0.000 claims description 4
- 230000004888 barrier function Effects 0.000 claims description 3
- 238000009877 rendering Methods 0.000 claims description 3
- 230000000704 physical effect Effects 0.000 claims 1
- 239000000243 solution Substances 0.000 description 19
- 241000700605 Viruses Species 0.000 description 5
- 230000006870 function Effects 0.000 description 3
- 238000012790 confirmation Methods 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 239000000969 carrier Substances 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000015654 memory Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000000392 pressure-controlled scanning calorimetry Methods 0.000 description 1
- 229940036310 program Drugs 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/85—Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
Definitions
- the invention relates to a system as recited in the preamble of Claim 1.
- smart cards and other secure data carriers are being used in relatively uncontrolled environments, such as Personal Computer configurations based at customer premises, and which configurations find application for transferring confidential information to remote places.
- trusted hardware has been designed. The precise locating of such trusted hardware is a problem that should be subject to require- ments for high security and low cost.
- the amending as well as the acquiring of such secret information by non-entitled parties should be avoided with a very high probability, while still allowing a user person to enter secret informations such as PIN codes on a standard keyboard by rendering secure all communication between the keyboard and higher-level data-processing facilities.
- the invention can in principle be applied with magstripe cards as well. In such case, there is a security barrier within a reader to avoid leakage of secret information. Smart cards have such barrier on the card itself to block external presentation of the card's PIN code
- the invention is characterized according to the characterizing part of Claim 1.
- the invention also relates to a Method for Operating such Configuration, and to
- Figures 1 A- ID various possible system configurations;
- Figure 2A a solution with a low-cost external card reader;
- Figure 2B a solution with a fully qualified external card reader;
- Figure 3 an embodiment of the invention realized in special hardware;
- Figure 4 an integrated solution with integration in the Super I/O
- Figure 5 a solution embodiment detailed on a wires-and-gates level
- Figure 6 a flow chart pertaining to the operation of the inventioa
- Smart-cards are a secure and widespread computing platform well- suited to provide high security and privacy functionality for applications running in general purpose computing environments such as Personal Computers. Smart-cards store sensitive information such as private keys, account numbers, passwords and other. They also provide isolated processing facility to use this information without exposing it within a PC environment where it is at risk from hostile code.
- Smart-cards in a PC environment is hampered by a lack of interoperability at several levels.
- the industry lacks standards for interfacing PCs to Smart-card Readers. This has made it difficult to create applications that can work with Smart-card Readers from a variety of vendors. Furthermore, an existing Smart-card Reader may not work with future applications.
- standardizing efforts, as well as the introduction of the "electronic wallet" will increase the demand for a low-cost smart-card interface on the PC.
- the following implementations for a card reader are feasible: 1. Smart card reader in a Floppy drive form factor, interfacing via a serial port. This solution is expensive and needs a drive bay and an interface card slot. 2. Smart card reader in a Keyboard, interfacing via PS2 or USB.
- the PCSC spec defines an option for interfacing a smart card.
- a smart card For effecting smart card supported payments over the WEB, present requirements forbid to enter a PIN code directly into the PC, which necessitates a special keypad for PIN code entry. This may be integrated into a standard keyboard, but will necessitate a display for reading the transferred amount of money. It has been specified to let a separate controller, such as a keyboard controller, handle these functions, instead of the main CPU. However, this solution is tedious in Europe, because of the many different keyboard versions in use.
- Readers are available in the market. Low cost readers do not have an integrated display or a keyboard, and are not acceptable for payments over the Internet. In such application it is necessary to enter the PIN code, the amount of money to be transferred, and possibly, other security quantities, and a confirmation display of the transferred sum is necessary.
- readers featuring a display and a keyboard are not trusted hardware such as shown in Figure 1 A.
- the PC is used as interface with the application software running thereon. The latter can be affected by a virus program and get the PIN code from the user. Also the amount of money to be transferred may be changed. Even the confirmation button can be simulated by a virus program.
- Figure 2A shows a solution with a low-cost external card reader. Data go from the PC-keyboard via the Keyboard controller, ISA bus, south bridge, and the PCI bus to the north bridge. Subsequently, the data will be processed by the application running on the CPU and Mem- ory. The application will send information back via the PCI, ISA and the Serial I/O to the micro-controller on the Smart card reader and thence to the Smart-card itself. With this method the data may be manipulated by a virus program
- Figure 2B presents a solution with a fully qualified external card reader. Now, the data will be entered on the keyboard of the reader. The data will go into the microcontroller and then to the smart-card. Here, the data going towards the Smart- card cannot be manipulated by a Virus Program running on the main CPU.
- Figure 3 shows an embodiment of the invention realized in special hard- ware.
- a request by the smart-card for data input will get known in the Smart-card controller, which will switch-over the PC-keyboard signals from the PC-keyboard controller to the Smart-card controller.
- Data may be entered into the keyboard and will go through the smart-card controller and towards the Smart-card itself. Now a virus pro- gram running on the main CPU can no more manipulate the data. If the data have been entered, an appropriate control signal will switch the data path from the PC-keyboard back to the normal keyboard controller.
- compatibility problems viz a viz the software may occur.
- Figure 4 shows a solution with integration in the Super I/O. Switchover can be effected without compatibility problems. The only complication is that data being sent to the keyboard by another application running on the main CPU may be lost. So a good solution is to integrate this together in the Super I/O. Then it is possible to apply the same control signal also to the keyboard controller to put the data path from the input registers in the keyboard controller on hold to avoid loosing data. Compati- bility problems are less than in other solutions.
- Figure 1 A shows the present solution where the reader requires an extra keyboard.
- Figure IB shows the configuration where the reader is in the PC, and the PC has a LED for signaling a security operation being actually performed.
- Figure 1C shows the smart card reader integrated in the keyboard.
- Figure ID has a separate smart card reader. None of the solu- tions of the Figures IB- ID needs an additional keyboard; all of these configurations will be rendered secure through the teachings of the invention.
- Next to the display of the single bit in Figure IB it is possible to display as a representation of the PIN code digits being entered, a string of dummy digits such as asterisks on the display for signaling the progress of the entering. Also, in certain configurations, actual screen dis- play of digital data pertaining to the security operations, not being the PIN code, may be judged advantageous for enhancing user trust.
- the indicator means may be joined to the controller housing, such as shown actually in Figure ID.
- Various elements of the configurations shown, such as separate keyboard, PC, smart card reader, or semiconductor product may actually embody the invention as disclosed and claimed, for sepa- rate commercial exploitation.
- Figure 5 presents an embodiment of the invention detailed on a wires-and- gates level. For simplicity, only one physical wire and associated circuitry has been shown. A full implementation needs one clock wire, as well as one data wire, that may have identical circuitry as the one shown. The solution may have a handshake implemented between the keyboard and Super I/O controllers. A software solution would be complex, but the configuration as shown causes no operating problems if the smart card is not active, so that a high level of compatibility is effected.
- the PC 60 at left comprises output buffer 64 and input buffer 66, line 68 being connected by pull-up resistor 62 to an appropriate voltage level.
- the secure hardware has been realized in a TDA8006 Microcontroller from Philips Electronics, of which the general purpose I/O driver has been symbolized by block 82.
- the microcontroller is housed in an appropriate package that can also contain a conventional berth, such as a slit, for entering a smart card.
- items 74, 76 represent a bidirectional buffer stage.
- items 78, 80 represent a bidirectional buffer stage that attaches to line 70. The latter attaches in keyboard 90 via bidirectional buffer pair 86, 88.
- Left and right wire parts 68, 70 have been separated by gate 72 that can be a FET-based switch of known design. Control is through line 94 driven by hardware 82.
- the set-up can be simplified if processing speed in controller 82 is large enough: this would allow to do away with switch 72 and have controller 82 take up to internally interrupt the line: for standard communication, the controller then operates as a transparent bidirectional buffer, while still monitoring for any forthcoming smart card operation. Furthermore, buffer 78 in many cases may be omitted due to the low load repre- sented by keyboard 90, in combination with transport speed used. Redesign of the controller with larger internal buffers can make most of the external buffers superfluous.
- LED 92 that signals when certain secrecy-related procedures are being executed in microcontroller 82. This is one of various user-interface- related features that lets a user person appreciate the actual running of secrecy-related pro- Waits.
- a higher-level solution is to provide a multi-digit display to signal various transaction parameters such as money amounts.
- the additional controller IC may be located in the PC, in the keyboard, or as add-on hardware such as shown in Figure 5. This would upgrade an existing combination, such as one that up to now was not used for per- forming the kind of secret operations described.
- the invention can be packaged in a WEB TV set or in a so-called settop box that is an extension facility to certain standard TV sets.
- Figure 6 is a flow chart pertaining to the operation of the invention. In block 100 the process is started and the necessary hardware and software facilities are claimed. In block 102 the standard handshaking is operated, which is irrelevant to the present invention and will not be detailed further hereinafter. In block 104 the signalizing for a forthcoming security operation is detected, such as a specific initial control signal.
- loop 102/104 is continually traversed.
- an interrupt is activated in block 106, when a security operation between the smart card controller and the keyboard is detected to be forthcoming, respectively in block 114, when a security operation between the smart card controller and the PC is detected to be forth- coming.
- the handshaking will be interrupted, and the associated transfer stopped, because the smart card controller can now determine the operations on the physical link.
- the logical link for the security operations can be activated on the same physical link, and the security operations proper executed in block 108, respectively block 116. By themselves, these operations can be conventional.
- a "ready" situation is awaited in block 110, respectively block 118, through a specific code, through a predetermined time lapse, or otherwise.
- the loop 108/110 respectively the loop 116/118, prevails.
- the system clears the interrupt in block 112, respectively block 120, and goes back to block 102.
- the invention may also be used for security operations between the smart card controller and the keyboard only, i.e. without executing blocks 114-120 in the flowchart.
- the interruption facility may alternatively comprise controller means for recognizing said control signalizing and for then executing a controlling protocol for managing an execution of said exchanging.
- Such protocol may include a temporary master function viz-a-viz said logical link, and furthermore a terminating feature with respect to said master function and said interruption facility.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Input From Keyboards Or The Like (AREA)
Abstract
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP99948937A EP1118054A1 (fr) | 1998-09-30 | 1999-09-23 | Configuration informatique assurant l'interface avec un corps de donnees protegees |
Applications Claiming Priority (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP98203317 | 1998-09-30 | ||
EP98203317 | 1998-10-01 | ||
EP99200131 | 1999-01-19 | ||
EP99200131 | 1999-01-19 | ||
EP99200433A EP0990971A1 (fr) | 1998-09-30 | 1999-02-16 | Configuration d'un ordinateur pour interfacer à un suppport de données sécurisé |
EP99200433 | 1999-02-16 | ||
PCT/EP1999/007392 WO2000019298A1 (fr) | 1998-09-30 | 1999-09-23 | Configuration informatique assurant l'interface avec un corps de donnees protegees |
EP99948937A EP1118054A1 (fr) | 1998-09-30 | 1999-09-23 | Configuration informatique assurant l'interface avec un corps de donnees protegees |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1118054A1 true EP1118054A1 (fr) | 2001-07-25 |
Family
ID=27239403
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP99200433A Withdrawn EP0990971A1 (fr) | 1998-09-30 | 1999-02-16 | Configuration d'un ordinateur pour interfacer à un suppport de données sécurisé |
EP99948937A Withdrawn EP1118054A1 (fr) | 1998-09-30 | 1999-09-23 | Configuration informatique assurant l'interface avec un corps de donnees protegees |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP99200433A Withdrawn EP0990971A1 (fr) | 1998-09-30 | 1999-02-16 | Configuration d'un ordinateur pour interfacer à un suppport de données sécurisé |
Country Status (2)
Country | Link |
---|---|
EP (2) | EP0990971A1 (fr) |
WO (1) | WO2000019298A1 (fr) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004072833A2 (fr) * | 2003-02-13 | 2004-08-26 | Koninklijke Philips Electronics N.V. | Dispositif de carte a puce securise |
EP1980983A1 (fr) * | 2007-04-12 | 2008-10-15 | Siemens Schweiz AG | Procédé de communication pour transactions en ligne et appareil de communication correspondant |
US9111401B2 (en) * | 2012-11-29 | 2015-08-18 | Hid Global Gmbh | Interactive reader commander |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4847867A (en) * | 1986-09-01 | 1989-07-11 | Nec Corporation | Serial bus interface system for data communication using two-wire line as clock bus and data bus |
IL103062A (en) * | 1992-09-04 | 1996-08-04 | Algorithmic Res Ltd | Data processor security system |
CA2078020C (fr) * | 1992-09-11 | 2000-12-12 | Rodney G. Denno | Clavier et terminal connexes |
US5517569A (en) * | 1994-03-18 | 1996-05-14 | Clark; Dereck B. | Methods and apparatus for interfacing an encryption module with a personal computer |
KR0160682B1 (ko) * | 1995-03-14 | 1998-12-15 | 김광호 | 칩인 카드에 의한 사용방지 기능을 가진 퍼스널 컴퓨터 |
US5742756A (en) * | 1996-02-12 | 1998-04-21 | Microsoft Corporation | System and method of using smart cards to perform security-critical operations requiring user authorization |
-
1999
- 1999-02-16 EP EP99200433A patent/EP0990971A1/fr not_active Withdrawn
- 1999-09-23 EP EP99948937A patent/EP1118054A1/fr not_active Withdrawn
- 1999-09-23 WO PCT/EP1999/007392 patent/WO2000019298A1/fr not_active Application Discontinuation
Non-Patent Citations (1)
Title |
---|
See references of WO0019298A1 * |
Also Published As
Publication number | Publication date |
---|---|
WO2000019298A1 (fr) | 2000-04-06 |
EP0990971A1 (fr) | 2000-04-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5682027A (en) | System and method for performing transactions and a portable intelligent device therefore | |
KR100285111B1 (ko) | 카드 인터페이스 | |
US6151647A (en) | Versatile interface smart card | |
US6199128B1 (en) | Smart card system for use with peripheral devices | |
US6945454B2 (en) | Smart card device used as mass storage device | |
US8239592B2 (en) | Smart card with self-detachment features and related methods | |
EP1457901A2 (fr) | Système et procédé pour la simulation de cartes à puce USB connexes avec USB-hote | |
JP2003532936A (ja) | 汎用インターフェースicカード | |
IES960815A2 (en) | Computer keyboard with integral encoded device reader | |
US7328849B2 (en) | Smart card providing data mapping for multiple applications and related methods | |
US7823133B2 (en) | Smart card device and method for debug and software development | |
US6769620B2 (en) | IC card reader with improved man-machined interface | |
US7942325B2 (en) | Optimized smart card driver performance | |
US7904607B2 (en) | Smart card with self-reconfiguration features and related methods | |
EP0990971A1 (fr) | Configuration d'un ordinateur pour interfacer à un suppport de données sécurisé | |
KR100426302B1 (ko) | 범용 직렬 버스 인터페이스 기능이 포함된 스마트 카드 | |
US6866192B2 (en) | IC card terminal | |
KR100411584B1 (ko) | 접촉식 및 비접촉식 스마트카드를 지원하는 카드 단말기와그 제어방법 | |
US20030150913A1 (en) | IC card terminal | |
AU700628B2 (en) | A system and method for performing transactions and an intelligent device therefor | |
US20030149877A1 (en) | Smart card with keypro function | |
CA2686687A1 (fr) | Reponses anticipees a des instructions | |
JP2003187193A (ja) | カードリーダ及びカードリーダの通信制御方法 | |
AU5332194A (en) | A system and method for performing transactions and a portable intelligent device therefor | |
KR20060030562A (ko) | 유에스비 구동 저장정보를 구비하는 아이씨 카드 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20010410 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20050401 |
|
REG | Reference to a national code |
Ref country code: HK Ref legal event code: WD Ref document number: 1037034 Country of ref document: HK |