EP1855254A1 - Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès - Google Patents
Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès Download PDFInfo
- Publication number
- EP1855254A1 EP1855254A1 EP06113897A EP06113897A EP1855254A1 EP 1855254 A1 EP1855254 A1 EP 1855254A1 EP 06113897 A EP06113897 A EP 06113897A EP 06113897 A EP06113897 A EP 06113897A EP 1855254 A1 EP1855254 A1 EP 1855254A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- record
- code
- memory carrier
- memory
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/29—Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
Definitions
- the present invention relates to the technical field of memory carriers for access control systems.
- Such memory carriers comprising a unique, read-only serial code and a plurality of records, comprising a memory carrier identification record and at least one contract identification record, for access control.
- contactless cards such as CALYPSO® or MIFARE® have already been proposed as a versatile means of providing both logical and physical access control to a variety of facilities, such as public transportation, telecommunications or monetary transaction facilities.
- a single such card can contain information about a plurality of contracts, thus providing access to several different facilities.
- such cards already usually comprise in-built security features, they do not, by themselves, provide comprehensive security, as the structure of the contract information and the method of reading it may leave loopholes and backdoors allowing potential abuse.
- the authentication code of the memory carrier identification record ensures that copying the records from a valid memory carrier to a blank will not produce another valid memory carrier, since it is linked to both the memory carrier identification record, and the unique, read-only serial code of each memory carrier through an opaque encryption.
- the authentication code of the at least one contract identification record ensures that copying the contract identification records of one valid memory carrier to another valid memory carrier will not produce valid contract identification records in the second memory carrier, since this other authentication code is linked to the memory carrier serial code and identification record, and to the specific contract identification record.
- the authentication code of the at least one contract identification record also ensures that no authorisation to proceed with operations related to a given contract can be given by a reader not having access to the specific product key associated with that contract.
- the memory carrier of the invention comprises a record allocation table pointing to the memory addresses of at least some of the plurality of records.
- the record allocation table is dynamic, so that each record can be stored in the first available memory address, and said record allocation table comprises a record allocation table authentication code, so as to allow a data integrity check of said record allocation table.
- a dynamic record allocation table enables a much faster authorisation process, a critical aspect in applications such as car parking access cards.
- the record allocation table authentication code ensures that this does not affect the security of the card and that the pointers to the memory addresses of the records can not be tampered with.
- the potential application of this secure dynamic record table is not limited to the memory carrier of the invention, and could also be applied to other memory carriers.
- the plurality of records also comprises other records, such as a life cycle record.
- other records such as a life cycle record. This has the advantage of allowing further security measures against, for instance, the used of expired or stolen memory carriers.
- the invention also provides a method for using said memory carrier for the authorisation of operations associated with one of the at least one contract identification record of said memory carrier, said method comprising the steps of:
- this method when using a memory carrier comprising a record allocation table pointing to the memory addresses of at least some of the plurality of records, this method also comprises the step of finding in the record allocation table the memory addresses of each memory carrier record to be read. Still more preferably, when using a memory carrier comprising a dynamic record allocation table with a record allocation table authentication code, this method also comprises the step of performing said data integrity check on said dynamic record allocation table.
- this method when using a memory carrier comprising a life cycle record, also comprises the step of reading said life cycle record.
- this method when using a memory carrier comprising at least one record other than the memory carrier identification record and the at least one contract identification record, wherein said other record comprises a record authentication code, this method also comprises the steps of:
- a product table contains a plurality of potential product keys, each one of them individually identified by a product identification code, said one of the at least one contract identification record contains a particular product identification code, and the step of obtaining the product key involves reading a product identification code contained in said contract identification record and extracting from said product table the product key identified by said particular product identification code.
- the operations associated with the at least one contract identification record comprise logical access to an information system.
- the operations associated with the at least one contract identification record comprise physical access to an enclosed space, comprising, for example, a secure building or at least one car parking space.
- the operations associated with the at least one contract identification record comprise monetary transactions.
- the operations associated with the at least one contract identification record comprise access to services comprising, for example, transportation or telecommunication services.
- the invention also provides a reader for performing said method for using said memory carrier for the authorisation of operations associated with one of the at least one contract identification record of said memory carrier, wherein the reader preferably comprises local memory storage means for containing at least part of one of said security and/or product keys.
- the invention also provides a network comprising at least one such reader connected to at least one other such reader and/or a remote memory storage means for containing at least part of one of said security and/or product keys.
- the invention also provides an access control system comprising at least one such memory carrier and one such reader and/or network.
- a memory carrier 1 that contains a serial code 2, a record allocation table 3, comprising a record allocation table authentication code 3a, a memory carrier identification record 4, comprising a memory carrier identification record authentication code 4a, a life cycle record 5, comprising a life cycle record authentication code 5a, and at least one contract identification record 6, comprising a corresponding contract identification record authentication code 6a and a product key 6b.
- serial code 2 is unique to each memory carrier 1 and read-only, meaning that it can not be altered, erased or overwritten without destroying the memory carrier 1.
- the record allocation table 3 contains the memory address of each individual record in the memory carrier 1. So, for reading and/or writing in a given record, the record allocation table 3 needs to be consulted first in order to ascertain the memory address, that is, the actual position within the memory carrier, of that particular record.
- the record allocation table 3 is dynamic, that is, it can reassign a given record to a different memory address than its original one. This accelerates the read/write process, which is very advantageous in time-critical applications, such as car parking access cards. To ensure, however, that this capability is not misused to tamper with its content, the record allocation table 3 also comprises a record allocation table authentication code 3a, which can be used to perform a data integrity check of the record allocation table 3 every time that it is to be consulted.
- the memory carrier identification record 4 serves to identify each individual memory carrier 1.
- the memory carrier identification record authentication code 4a ensures that a given memory carrier 1 cannot be falsified by copying it straight onto another, blank, memory carrier.
- the life cycle record 5 contains information regarding the life cycle of each individual memory carrier 1, that is for instance, when it was produced, when it was activated, whether it has been previously locked or cancelled, whether it has been unlocked or reactivated, the expiration date, etc.
- the life cycle record 5 also contains an authentication code 5a to ensure, for instance, that a stolen memory carrier 1 is not illegitimately reactivated.
- Each contract identification record 6 contains information identifying a contract related to certain operations which the memory carrier 1 can authorize to perform. These operations may comprise logical access to an information system, physical access to an enclosed space, monetary transactions or access to services. In this way, a single memory carrier 1 can be used, for instance, to get entrance to a parking near an entertainment arena, to access the public transportation system so as to go from the parking to the arena, to get entrance to the arena, to pay for goods bought within the arena, etc. each one of these operations being actually related to a different contract with a different contractor.
- Each contract identification record 6 also comprises a contract identification record authentication code 6a and a product identification code 6b, to ensure not only that spurious contract identification records cannot be added to a memory carrier 1, but also that a given contractor can only perform those operations related to its corresponding contract identification record, that is for instance, in the example given above, that the memory card reader of the arena access system cannot illegitimately charge the electronic wallet within the same memory carrier 1.
- the memory carrier 1 could be a card and could also comprise data processing means and/or a contactless interface.
- Contactless smart cards are particularly advantageous for realising the memory carrier 1, because of their capabilities, ease of use and practicality.
- other types of memory carriers such as telephone SIM cards, should not be excluded.
- the first step 10 of the method consists in reading the serial code 2 of the memory carrier 1.
- the record allocation table 3 is read, and in step 30 its data integrity is checked using the record allocation table authentication code 3a. If this data integrity check fails, the authorisation process can be interrupted.
- the memory carrier identification record 4 is read.
- the memory carrier identification record authentication code 4a is contained, for example, as a two-digit trailer, in the memory carrier identification record.
- This memory carrier identification record authentication step 50 comprises several smaller steps, illustrated in Fig. 3:
- a security key is extracted from a security key table containing a plurality of potential security keys, each one identified by one key offset code.
- Table 1 Example of security key table Key offset code Security key ... 26 523401 27 142035 28 420153 ...
- step 90 Using this security key in a predefined encryption algorithm, it is then possible in step 90 to encrypt the above mentioned combination of at least part of the memory carrier identification record 4 and at least part of the serial code 2 to obtain a memory carrier security code.
- step 100 the authentication code 4a of the memory carrier identification record 4 is verified by means of a check, in this case a redundancy check, in which this authentication code 4a is compared with the result of a predetermined calculation on the memory carrier security code. If that result does not match the authentication code 4a, the process of reading the memory carrier can be interrupted.
- a check in this case a redundancy check, in which this authentication code 4a is compared with the result of a predetermined calculation on the memory carrier security code. If that result does not match the authentication code 4a, the process of reading the memory carrier can be interrupted.
- step 110 will be to read the life cycle record 5.
- Authenticating the life cycle record in step 120 will comprise a number of smaller steps, illustrated in turn in Fig. 4:
- the next step 170 will be to read a contract identification record 6, followed by the step 180 of authenticating said contract identification record 6.
- the contract identification record authentication step 180 in turn comprises several smaller steps, illustrated in Fig. 5:
- the product key can be used in step 210 to encrypt the result of step 190 with yet another encryption algorithm to produce a business security code.
- this business security code will then be compared in yet another check 220, in the form of a redundancy check, using yet another predefined calculation, with the authentication code 6a of said contract identification record 6. If this check 220 failed, the process could also be interrupted, but if the contract identification record 6 is authenticated, then the operations related to said contract could be authorised.
- An access control system 11 comprises several memory carriers 1 as illustrated in Fig. 1, in this case in the form of contactless smart cards.
- the access control system 11 also comprises several readers 12, each one of them capable of performing the method illustrated in Figs. 2-5 using the memory carriers 1.
- Some of these readers 12 can be autonomous and contain the security key and product tables in local memory storage means, whereas some other of these readers 12 can be integrated in a network 13 connecting them to each other and to a remote memory storage means 14, and the security key and product key tables can be contained in the remote memory storage means 14 or distributed throughout the network 13.
- the network 13 can be a local network in turn connected to a remote network (not illustrated) connected to several such local networks.
- Each reader 12 can have access to product tables containing different selections of product keys, therefore enabling them to authorise operations related to different selections of contracts. So, some readers 12 can be associated, for example, to a parking access, other readers 12 to a payment system, whereas other readers 12 may be associated to public transportation services.
- a reader 12 could either read all the contract information records 6 present in a memory carrier 1, or a selection thereof, such as only those contract information records 6 for which it has access to the corresponding product keys.
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
- Lock And Its Accessories (AREA)
- Communication Control (AREA)
Priority Applications (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP06113897A EP1855254A1 (fr) | 2006-05-12 | 2006-05-12 | Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès |
AT07729015T ATE443305T1 (de) | 2006-05-12 | 2007-05-11 | Speicherträger, autorisierungsverfahren, leser, netzwerk und zugangskontrollsystem |
DE602007002495T DE602007002495D1 (de) | 2006-05-12 | 2007-05-11 | Speicherträger, autorisierungsverfahren, leser, netzwerk und zugangskontrollsystem |
ES07729015T ES2332022T3 (es) | 2006-05-12 | 2007-05-11 | Portador de memoria, metodo de autorizacion, lector, red y sistema de control de acceso. |
EP07729015A EP2018632B1 (fr) | 2006-05-12 | 2007-05-11 | Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès |
PCT/EP2007/054563 WO2007131952A1 (fr) | 2006-05-12 | 2007-05-11 | Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP06113897A EP1855254A1 (fr) | 2006-05-12 | 2006-05-12 | Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès |
Publications (2)
Publication Number | Publication Date |
---|---|
EP1855254A1 true EP1855254A1 (fr) | 2007-11-14 |
EP1855254A8 EP1855254A8 (fr) | 2008-04-02 |
Family
ID=37103125
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP06113897A Withdrawn EP1855254A1 (fr) | 2006-05-12 | 2006-05-12 | Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès |
EP07729015A Active EP2018632B1 (fr) | 2006-05-12 | 2007-05-11 | Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP07729015A Active EP2018632B1 (fr) | 2006-05-12 | 2007-05-11 | Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès |
Country Status (5)
Country | Link |
---|---|
EP (2) | EP1855254A1 (fr) |
AT (1) | ATE443305T1 (fr) |
DE (1) | DE602007002495D1 (fr) |
ES (1) | ES2332022T3 (fr) |
WO (1) | WO2007131952A1 (fr) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4816653A (en) * | 1986-05-16 | 1989-03-28 | American Telephone And Telegraph Company | Security file system for a portable data carrier |
US5721781A (en) * | 1995-09-13 | 1998-02-24 | Microsoft Corporation | Authentication system and method for smart card transactions |
US5768379A (en) * | 1994-07-13 | 1998-06-16 | La Poste | System for the checking of limited access to authorized time slots renewable by means of a portable storage device |
WO2002005482A1 (fr) * | 2000-07-06 | 2002-01-17 | Drexler Technology Corporation | Transactions securisees avec support de stockage passif |
-
2006
- 2006-05-12 EP EP06113897A patent/EP1855254A1/fr not_active Withdrawn
-
2007
- 2007-05-11 WO PCT/EP2007/054563 patent/WO2007131952A1/fr active Application Filing
- 2007-05-11 AT AT07729015T patent/ATE443305T1/de active
- 2007-05-11 ES ES07729015T patent/ES2332022T3/es active Active
- 2007-05-11 DE DE602007002495T patent/DE602007002495D1/de active Active
- 2007-05-11 EP EP07729015A patent/EP2018632B1/fr active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4816653A (en) * | 1986-05-16 | 1989-03-28 | American Telephone And Telegraph Company | Security file system for a portable data carrier |
US5768379A (en) * | 1994-07-13 | 1998-06-16 | La Poste | System for the checking of limited access to authorized time slots renewable by means of a portable storage device |
US5721781A (en) * | 1995-09-13 | 1998-02-24 | Microsoft Corporation | Authentication system and method for smart card transactions |
WO2002005482A1 (fr) * | 2000-07-06 | 2002-01-17 | Drexler Technology Corporation | Transactions securisees avec support de stockage passif |
Also Published As
Publication number | Publication date |
---|---|
ATE443305T1 (de) | 2009-10-15 |
EP2018632A1 (fr) | 2009-01-28 |
EP2018632B1 (fr) | 2009-09-16 |
WO2007131952A1 (fr) | 2007-11-22 |
EP1855254A8 (fr) | 2008-04-02 |
DE602007002495D1 (de) | 2009-10-29 |
ES2332022T3 (es) | 2010-01-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5900606A (en) | Method of writing information securely in a portable medium | |
US5185798A (en) | Ic card system having a function of authenticating destroyed data | |
US6249869B1 (en) | Integrated circuit card, secure application module, system comprising a secure application module and a terminal and a method for controlling service actions to be carried out by the secure application module on the integrated circuit card | |
US9208493B2 (en) | Credit card security system and method | |
Sherman et al. | Secure network access using multiple applications of AT&T's smart card | |
JP2002512715A (ja) | 安全なマルチアプリケーションカードシステムおよびプロセス | |
CN1811836A (zh) | 调整许可使用信用卡的特许权的方法与信用卡 | |
US20060200674A1 (en) | Method for securing rfid charge value media via cryptographic signing and block locking | |
CN113450092A (zh) | 一种基于区块链网络的物品安全高效交易方法、系统及存储介质 | |
CN1158635C (zh) | 卡存储设备 | |
KR20000069703A (ko) | 칩카드 및 이것의 사용을 위한 방법 | |
MXPA05013842A (es) | Procedimiento de escritura de actualizacion de seleccion de memoria aplicado a la escritura de archivos sobre un soporte de memoria en forma de una tarjeta de microcircuitos integrados. | |
US8276814B1 (en) | System and method for carrying out secure transactions | |
JP2001525088A (ja) | インテリジェント・データキャリヤのデータの安全な読み取りおよび処理のためのシステム | |
US7562050B2 (en) | Aging of electronic payment units | |
RU2412484C2 (ru) | Защищенный переносной терминал для электронных транзакций и защищенная система электронных транзакций | |
EP2018632B1 (fr) | Support de mémoire, procédé d'autorisation, lecteur, réseau et système de contrôle d'accès | |
JPH0822517A (ja) | ハイブリッドカードの改ざん防止方式 | |
JP2532063B2 (ja) | Icカ−ド | |
JP2003108530A (ja) | 認証システム | |
JP6270005B1 (ja) | 磁気記録カード及び情報照合システム | |
Kose et al. | A SECURE DESIGN ON MIFARE CLASSIC CARDS FOR ENSURING CONTACTLESS PAYMENT AND CONTROL SERVICES | |
JPH09106456A (ja) | カード利用における本人確認方法及びicカードを用いた本人確認システム並びに当該システムに用いるicカード | |
US7928831B1 (en) | System and method for handling user keys and user passwords in a tagging system where the tag itself is capable of carrying only a single key or password | |
Kose et al. | ADVANCES IN CYBER-PHYSICAL SYSTEMS Vol. 7, Num. 1, 2022 A SECURE DESIGN ON MIFARE CLASSIC CARDS FOR ENSURING CONTACTLESS PAYMENT AND CONTROL SERVICES |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA HR MK YU |
|
AKX | Designation fees paid | ||
REG | Reference to a national code |
Ref country code: DE Ref legal event code: 8566 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20080515 |