FR2969343A1 - Access control device for removable storage medium of host device, has processing unit adapted to compare acquired authentication data with reference authentication data by acquisition module to authorize or prohibit access of memory space - Google Patents

Abstract

The device has a connection module (115) connecting a removable storage medium (10) of data transmission units (114, 120, 121) with a host device (200). A processing unit (112) is adapted to compare acquired authentication data (DA) with reference authentication data (DAF) by an acquisition module (119) to authorize or prohibit access of the data or a memory space (11) of the removable storage medium based on the comparison result. A microcircuit card (30) comprises an encryption/decryption key (K1) for encrypting/decrypting the reference authentication data. Independent claims are also included for the following: (1) a method for controlling access of a removable storage medium of a host device (2) a computer program comprising a set of instructions for controlling access of a removable storage medium of a host device (3) a readable recording medium comprising a set of instructions for controlling access of a removable storage medium of a host device.

Description

Background of the invention

The present invention relates to securing access to read and write data on removable mass memories microSD card type ("Micro Secure Digital Card") or USB key for example. Currently, the reading and / or writing of data on a removable mass memory is performed by connecting said mass memory, via a suitable reader, to a computer or device (audio player, camera, etc.) for controlling reading and / or writing on the memory. When it is desired to protect access to the mass memory, for example by encrypting / decrypting the data, software must be installed on each computer or device from which it is desired to read and / or write data on the memory of the memory. removable mass, which is not always possible or at least complicates the use of this type of mass memory which, by definition, is intended to be used in a mobility situation and on various types of device.

Object and brief description of the invention

The present invention aims to overcome these disadvantages by providing a solution for secure access to read and write on a removable mass memory, and reliably, simple and fast for the user. To this end, the invention relates to a device for controlling access to a removable mass memory by a host device, cc: a device comprising: a module for connecting to said removable mass memoi, means for transmitting data with the host device, an authentication data acquisition module, a processing unit able to compare an authentication datum acquired by said acquisition module with at least one reference authentication datum and to allow or forbid access to at least a portion of the data or the memory space of the removable mass memory according to the result of said comparison. Thus, thanks to the device according to the invention, no security software needs to be installed in the host device, the authentication and the access control according to the authentication being carried out by the device of the invention. The latter can easily be in the form of a compact and portable device, it can be worn everywhere by the user as well as the removable mass memory and allow the latter to control access to the mass memory on any host device. According to one aspect of the invention, the device comprises a microcircuit card containing the reference authentication data. In this way, the reference authentication data or data used to authenticate the user can be stored on a dedicated medium that can be issued by a certified authority for greater security. According to a first particular characteristic of the invention, at least a portion of the data stored on the removable mass memory is encrypted, the microcircuit card containing at least one encryption / decryption key. This increases the security level by encrypting the data stored on the memory. According to a second particular characteristic of the invention, the processing unit or the microcircuit card comprise means for decrypting the data stored in encrypted form on the mass memory, said decryption means using the encryption / decryption key present on the microcircuit card when the comparison between the authentication datum acquired by the self-healing module and the reference authentication datum is posdtl \, Er subordinating the data cleciriprade to the result of the authentication, the level of authentication is further increased. security in reading the data. According to a third particular characteristic of the invention, the processing unit comprises means for sending, in decrypted form, data stored on the removable mass memory to the host device. According to a fourth particular characteristic of the invention, the processing unit or the microcircuit card comprise data encryption means to be stored in encrypted form on the mass memory, said decryption means using the encryption / decryption key present. on the microcircuit card. According to a fifth particular characteristic of the invention, the processing unit comprises means for recording in encrypted form data in the removable mass memory. According to a sixth particular characteristic of the invention, the processing unit or the microcircuit card are able to scramble or unscramble an access address to at least a part of the data or the memory space of the removable mass memory. . The invention also relates to a system for accessing a removable storage medium comprising a host device in connection with an access control device according to the invention. Correlatively, the invention also relates to a method of access control by a host device to a removable mass memory connected to an access control device in connection with said host device comprising the following steps: acquisition of a authentication data by the access control device, comparison of the acquired authentication data with at least one reference authentication data, authorization or refusal of access to at least a part of the data or the data; memory space of the removable mass memory according to the result of said comparison. As well as for the access control device of the invention, the method makes it possible to secure the reading or writing of data on the T'ému Ire cfe masé e removable lahl, and to put into action which According to a first particular feature of the invention, the method further comprises a step of encrypting or decrypting the data on said removable mass memory using an encryption / decryption key when the comparison between the acquired authentication data and said at least one authentication data is positive. According to a second particular characteristic of the invention, the method further comprises a step of sending, in decrypted form, data stored on said removable mass memory to the host device. According to a third particular feature of the invention, the method further comprises a step of recording, in encrypted form, data on said removable mass memory. According to a fourth particular characteristic of the invention, the method comprises a step of scrambling or descrambling an access address to at least a portion of the data or the memory space of said removable mass memory. In a particular embodiment, the various steps of the access control method are determined by instructions from computer programs. Consequently, the invention also relates to a computer program on an information medium, this program being capable of being implemented in a computer or the like, this program comprising instructions adapted to the implementation of the steps of FIG. an access control method as described above. This program can use any programming language, and be in the form of source code, object code, or intermediate code between source code and object code, such as in a partially compiled form, or in any other form desirable form. The invention also relates to a computer-readable information medium, comprising instructions of a computer program as mentioned above, ie of the form, or of any other type of computer. For example, a storage medium such as a ROM, for example a CD ROM or a microelectronic circuit ROM, or a magnetic recording means, for example a floppy disk (floppy), may be provided. disc) or a hard disk.

On the other hand, the information medium may be a transmissible medium such as an electrical or optical signal, which may be conveyed via an electrical or optical cable, by radio or by other means. The program according to the invention can be downloaded in particular on an Internet type network.

Alternatively, the information carrier may be an integrated circuit in which the program is incorporated, the circuit being adapted to execute or to be used in the execution of the method in question (for example an ASIC circuit).

Brief description of the drawings

The features and advantages of the present invention will become more apparent from the following description, given by way of non-limiting indication, with reference to the appended drawings, in which: FIG. 1 is a schematic diagram of an architecture or system in which the In accordance with one embodiment of the invention, FIG. 2 is a flowchart showing the steps performed when a user accesses data stored on a removable mass memory in accordance with an embodiment of the invention. FIG. 3 is a flowchart showing the steps performed when reading data stored in encrypted form in a removable mass memory according to one embodiment of the invention, FIG. 4 is a flowchart showing the steps performed when writing data in encrypted form in a single, if msi;,;, removable in accordance with a mo of dei.ilisatlori of 35 ri.

DETAILED DESCRIPTION OF THE EMBODIMENTS OF THE INVENTION

Figure 1 illustrates an architecture or system in which the invention may be implemented. This system comprises a mass memory 10, a microcircuit card 30, an access control device 100 and a host station 200 of PC personal computer type. As hereinafter described in detail, the removable mass memory 10 which can be, as illustrated in FIG. 1, a microSD card, is connected to the access control device 100 which is itself connected to the host station 200 via a wired link 201. According to an alternative embodiment, the access control device can be directly connected to the host station 200 by means of a suitable connector, the wired link 201 is no longer necessary in this case. By "mass memory" is meant herein a nonvolatile large capacity memory that can be read and / or written by a host device such as a computer. By "high capacity" is meant here a rewritable non-volatile storage capacity of at least 100 MB, which is greater for example the storage capacity of a smart card 20 card chip or SIM card. The mass memory 10 is preferably in the form of a card of the type comprising a plastic body supporting an integrated electronic circuit which includes in particular a high capacity memory component as defined above, the card further comprising contacts flush electrical connectors 25 for connecting the electronic circuit of said card to an external device such as the access control device of the invention. The mass memory 10 may also be a USB key or any other mass memory as defined above. The mass memory comprises a memory space 11 organized for example in a plurality of addressable blocks 1101 to 110N. The access control device 100 is preferably in the form of a stand-alone portable device. As shown in FIG. 1, the access control diode 100 generally presents the hardware-based arch of a computer and comprises at least one of the following: a nonvolatile memory 111, a processing or a microprocessor 112, a volatile memory 113, a wired communication interface 114, a microcircuit card connector 30, a microSD card connector 116, a USB key connector 117 associated with a USB controller 118, an interface of authentication data entry 119, a short-range wireless communication circuit 120, a medium-range wireless communication circuit 121, a control key pad 122, light-emitting diodes 123, a stand-alone power supply 124. The host station 200 presents the hardware architecture of a computer, Thus, the host station 200 comprises a nonvolatile memory 221, a microprocessor 222, a volatile memory 223, a communication interface 224, a display screen 225 and a keyboard 226. The microprocessor 222 allows the execution of computer programs stored in the non-volatile memory 221, using the volatile memory 223. The interface 224 makes it possible to communicate, by the connection 201, with the access control device 100. The host station 200 is for example in the form of a personal computer (PC), a tablet or a mobile phone type Smartphone. The wired communication interface 114 allows the access control device 100 to exchange data and instructions with the host station 200 via the wired link 201. However, the communication between the access control device 100 and the The host station may also be wirelessly connected, for example by a radio frequency link using the short-range or medium-range wireless communication circuits 121 if the host station is equipped with equivalent wireless communication means. The short-range wireless communication circuit 120, which may be by e, prints a communication module of NEC, COMpH, 1,11 ctrc, 1201, and an antenna 1202 formed by a signal. [0019] The circuit 110, for example of the Zigbee or Bluetooth type, comprises an electronic circuit 1211 and an antenna 1212. The data acquisition interface 119 can correspond to any component or circuit capable of entering authentication data such as in particular a biometric data sensor such as, for example, a fingerprint, retinal or voice, or a keyboard for entering a code. In the example described here, the authentication data entry interface 119 is a fingerprint sensor.

The microcircuit card 30 corresponds in particular to a smart card in ID_000 format, such as for example a SIM card or "Smart Card" containing processing means (microcontroller) and storage means (not shown in FIG. several DAF reference authentication data are stored in the microcircuit card 30 and / or in the mass memory 10. This or these reference authentication data are used during the authentication of the user to enable him to reading and / or writing access to data stored on the mass memory 10 as described in detail below.

With reference to FIG. 2, a method of access by a user to the data recorded on the removable mass memory 10 from the host station 200 in accordance with the invention will now be described. Initially, for example when starting the access control device 100 or when connecting the mass memory 10 to the latter, the access control device 100 asks the user to for example, to authenticate by flashing one or more light-emitting diodes provided on the device 100 (step S1). The user enters a DA authentication data by means of the authentication data entry interface 119 (step S2). In the example described here, the user enters his fingerprint on the interface 119. authentication data of the user input DA, here his fingerprint, is temporarily stored in the volatile memory 113 and compared by the microprocessor 112 to the or reference data authentication DAI stocr, s in the CHI a rilirirocircuit or in the mass memory 10 (step S3). If the authentication data entry DA corresponds to a reference authentication data, the microprocessor 112 assigns to an authentication indicator IA stored in the volatile memory 113 the value "OK" (step S4). In the opposite case, the microprocessor 112 assigns the authentication flag IA the value "NOK", which is the default value before any new authentication (step S5). The access control device may then again request the user to authenticate by flashing one or more light-emitting diodes 123 again. The authentication flag may be stored in the microcircuit card 30 or in the volatile memory 113 of the access control device 100. The user then connects the access control device 100 to the host station 200 via the wired link 201. When the authentication has succeeded (IA = OK), the microprocessor 112 identifies itself to the host station 200 as a mass storage device ("MASS STORAGE") device representing the removable mass memory 10, a corresponding icon that can be displayed on the screen 225 of the host station to alert the user (step S6). The microprocessor 112 can of course also identify itself with the host station 200 as one or more other types of devices representing other resources of the access control device 100. According to a known process, several exchanges of information involved between the microprocessor 112 of the access control device 100 and the microprocessor 222 of the host station 200 in particular to indicate to the latter the characteristics of the mass memory 10 such as the size of the stored data, the number of blocks data, the size of each block, and possibly the block or blocks with encrypted data and / or whose access address must be scrambled, the size of the available memory, etc. (step S7). At the end of these steps, the read access to the unencrypted data as well as the write access to at least a portion of the available memory space on the removable mass memory 10 by the host station 200 is allowed. The figure. 3 illustrates the steps implemented during read access the station notes to data stored in encrypted form in mass memory 10 according to a proc of the invention.

In a first step S10, the host station 200 sends a read request to the access control device 100 via the link 201, said request containing a start address and a memory space width value or a corresponding end address. to one or more blocks of data stored in encrypted form in the removable mass memory 10. The microprocessor 112 interprets the request as a read request for encrypted data in the mass memory 10 and requests the microcircuit card 30 a key Ki decryption (step S11). If the authentication flag has the value "OK", the microcircuit card 30 sends the key KI to the microprocessor 112 which stores it in the volatile memory 113 (step S12). The microprocessor 112 then reads the stored data at the location corresponding to the start address and the memory space width or end address value indicated in the request and decrypts them using the key. decryption KI stored in the memory 113 (step S13). The microprocessor 112 then sends the data in decrypted form to the processor 222 of the host station 200 (step S14). FIG. 4 illustrates the steps implemented in accordance with a method of the invention during a write access of the host station to the memory space 11 of the mass memory 10 in order to record data in encrypted form in the mass memory 10. In a first step S20, the host station 200 sends a write request to the access control device 100 via the link 201, said request containing the data to be recorded in encrypted form and a start address and a memory space width value or an end address corresponding to the memory location where the data is to be stored in the removable mass memory 10. The microprocessor 112 interprets the request as a form data request. encrypted in the mass memory 10 and requests the microcircuit card 30 the encryption key (step S21). If the authentication flag IA has the value "OK", the microcircuit card 30 sends the key Ki to the microprocessor 112 which stores it in the volatile memory 11. (step S22). The microprocessor 112 then encrypts the data in the receiver at the key's location. in the memory 113 Lape S23) 1 enieupatic at the location corresponding to the start address and the memory space width or end address value indicated in the request (step S24). Encryption and decryption of the data are preferably performed by means of a symmetric cryptographic block ciphering algorithm, working on 64 bytes or 128 bytes for example. According to an alternative embodiment of the invention, the addressing elements of the memory space 11 of the mass memory 10 may be present in scrambled form in the read and write requests sent to the microprocessor 112 in the sense that the read or write address indicated in the request does not correspond to the exact address of the memory space 11 to which the data must be read or written. In this case, the address indicated in the request, or more precisely the addressing elements, are processed by the microprocessor 112 in order to be converted into data making it possible to define the exact address of reading or writing data in the mass memory 10. For example, for a read or write request containing a start address DEB and a width value L which corresponds in fact to the access of L blocks to the addresses DEB1, DEB2, ... , DEBL, the microprocessor 112 will actually access the memory space 11 of the mass memory 10 to the blocks f (DEB1), F (DEB2), f (DEBL), with f (x) being a decryption / encryption function using a key K2 stored in the microcircuit card 30. Other types of scrambling function can be used, for example, a scrambling table stored in the microcircuit card 30 which allows to find the exact address of the memory space 11 from the address ind in the request. The scrambling and descrambling of addresses can also be performed directly in the microcircuit card. When connecting to the access control device 100 of a removable mass memory, for example a microSD card or a USB key, which contains data recorded in readable (ie unencrypted) form, the microprocessor 112 can, on request from the user made from the access control device 100 (for example using the keyboard hard keys 122) or from the host station, encrypt these data using the key KI recorded on the microcircuit card , and possibly scramble their addresses as described above. According to an alternative embodiment of the invention, the non-volatile memory 111, the volatile memory 113, the microprocessor 112 and the microcircuit card 30 are implemented in the same secure component, for example a validated FIPS component. The microcircuit card 30 can store several data encryption / decryption keys, such as, for example, a different encryption / decryption key for each removable mass memory, the microcircuit card containing in this case a correspondence table between the numbers of series of removable mass memories and the encryption key / decryption associated with each mass memory. The steps described above and in particular the steps S1 to S5, S11 to S14 and S21 to S24 correspond to computer program instructions which are stored preferably, but not exclusively, in the non-volatile memory 111 in order to be executed by the microprocessor 112 using the volatile memory 113.

Claims (16)

REVENDICATIONS1. Device for controlling access (100) to a removable mass memory (10) by a host device (200), said device comprising: - a connection module (115) to said removable mass memory (10), means data transmission system (114; 120; 121) with the host device (200); - an authentication data acquisition module (119); - a processing unit (112) capable of comparing an authentication data item; acquired (DA) by said acquisition module (119) with at least one reference authentication data (DAF) and to allow or prohibit access to at least a portion of the data or memory space (11) of the removable mass memory (10) according to the result of said comparison. 2. Device according to claim 1, characterized in that it comprises a microcircuit card (30) containing said at least one reference authentication data (DAF). 3. Device according to claim 2, characterized in that at least a portion of the data stored on the removable mass memory (10) is encrypted and in that the microcircuit card (30) contains at least one encryption key / decryption (KI). 4. Device according to claim 3, characterized in that the processing unit (112) or the microcircuit card (30) comprises means for decrypting the data stored in encrypted form on the mass memory (10), said means decryption using the encryption / decryption key (Ki) present on the microcircuit card (30) when the comparison between the acquired authentication data (DA) by the acquisition module (119) and the authentication data of reference (DAF) is positive. 5. Device according to claim 4, characterized in that the processing unit (112) comprises means for sending, in decrypted form, data stored on the removable mass memory (10) to the host device (200). 6. Device according to any one of claims 3 to 5, characterized in that the processing unit (112) or the microcircuit card (30) comprise data encryption means to be stored in encrypted form on the memory of mass (10), said decryption means using the encryption key (KI) present on the microcircuit card (30) when the comparison between the acquired authentication data (DA) by the acquisition module (119) and the Reference Authentication Data (DAF) is positive. 7. Device according to claim 6, characterized in that the processing unit (112) comprises means for recording in encrypted form data in the removable mass memory (10). 8. Device according to any one of claims 2 to 7, characterized in that the processing unit (112) or the microcircuit card (30) are capable of scrambling or unscrambling an access address to at least a part data or memory space of the removable mass memory (10). A removable storage medium access system (10) comprising a host device (200) in connection (201) with an access control device (100) according to any one of claims 1 to 8. A method of controlling access by a host device (200) to a removable mass memory (10) connected to an access control device (100) in connection (201) with said host device comprising the steps of: acquisition of an authentication data item (DA) by the access control device (100), comparison of the acquired authentication data item (DA) with at least one reference authentication data item (DAF), authorizing or denying access to at least a portion of the data or the memory space (11) of the removable mass memory (10) according to the result of said comparison. 11. Method according to claim 10, characterized in that it further comprises a step of encrypting or decrypting the data on said removable mass memory (10) using an encryption / decryption key (Ki) when the comparison between the acquired authentication data (DA) and said at least one reference authentication data (DAF) is positive. 12. The method of claim 11, characterized in that it further comprises a step of sending, in decrypted form, data stored on said removable mass memory (10) to the host device (200). 13. Method according to claim 11 or 12, characterized in that it further comprises a step of recording, in encrypted form, data on said removable mass memory (10). 14. Method according to any one of claims 10 to 13, characterized in that it comprises a step of scrambling or descrambling an access address to at least a part of the data or the memory space (11). ) of said removable mass memory (10). 15. A computer program comprising instructions for executing the steps of the access control method according to any one of claims 10 to 14 when said program is executed by a computer. 16. A computer-readable recording medium on which is recorded a computer program comprising instructions for executing the steps of the access control method according to any one of claims 10 to 14.