125〇762 九、發明說明: 【發明所屬之技術領域】 本發明涉及電腦環境的安全性,更具體的是涉及在一個 不依賴於查詢電腦的安全環境下接收並驗證個人身份資 料。 、 【先前技術】 當今社會,電腦安全問題變得越來越重要。隨著個人電 腦的迅速增長,電腦駭客和身份盜竊者的數量也急劇增 長。身份盜竊已經成為個人電腦用戶的主要顧慮和最可怕 的事情。公司擔心電腦駭客使用例如假冒員工身份等方法 闖入公司的内部網路。 在保全個人身份識別領域,主要的可信方法是採用便攜 技術儲存個人身份資訊,以便個人不管走到哪裡都可以攜帶 其身份識別資訊。採用這些便攜技術對電腦進行存取與傳$ 的人工輸入用戶名和密碼對電腦進行存取相比更為安全。 圖1所示為一種使用智慧卡104來安全儲存個人資訊(例 如,生物識別貪訊、PIN(個人身份號碼)等)的方法。智慧卡 104包括一個微處理器和記憶體。儲存在智慧卡1〇4記憶體 裏的個人之貧訊只能由智慧卡丨04的微處理器對其進行存 取。智慧卡1〇4插入至一個讀卡器103,該讀卡器與個人電 腦(PC) 101相連並對個人電腦存取。資訊通過讀卡器在 個人電腦101和智慧卡104之間進行通信,而讀卡器1〇3使用 一種標準的通信協定。 個人電腦101可使用一種生物識別裝置1〇5來讀取用戶的 97167.doc 1250762 生物識別圖案,或者個人電腦101可要求用戶通過鍵盤 輸入PIN碼,並驗證其身份。這些類型資料的有效值 智慧卡104中。 一旦用戶通過鍵盤102或生物識別裝置1〇5輸入所要求的 資訊,個人電腦1〇1根據個人電腦使用的資訊輸入裝置之類 型,把從這些資訊輸入裝置獲得的輸入資訊傳輸到智慧卡 104中。智慧卡1〇4的微處理器把身份識別資訊和儲存在智 慧卡104的記憶體中的資訊進行比較。若輸人的身份識別資 訊與儲存在智慧卡104中的身份識別資訊相匹配,則智慧卡 1〇4向個人電腦101發送一個通過指示信號。若輸入二身份 識別信號與儲存在智慧卡1G4中的身份識別資訊不匹配,則 智慧卡104向個人電腦1〇1發送一個失敗指示信號。 這種方法的問題在於任何輸人至輸人裝置的身份識別資 訊首先被發送給個人電腦⑻。這就存在一個嚴重的安全風 險二㈣個人電腦1G1中所輸人的身份識別資訊容易受到監 測k種貝之程式的檢測。個人電腦igi中或者網路中的監 測程式能夠監測個人電腦⑼和智慧卡1G4之間、個人電滕 =和鍵盤102之間或個人電腦⑻和生物識別裝置ι〇5之間 的貝DfUa ’並準確地獲知哪些身份識別資訊是有效的。 ^ 、,之4點在於提供一種保全個人身份識別登錄系 :亚為個人身份識別資訊的登錄和驗證提供一個安全的 以°本發明之另一優點在於提供一種在驗證過程中不需 依賴電腦的—種保全個人身份識別登錄系統。 【發明内容】 97167.doc 1250762 本發明提供了-種保全個人身份識別登錄系統。該系統 為個人身份識別資訊的登錄和驗證提供了 一種安全的環 境。另外,本發明提供了—種在驗證過程巾不需依賴於查 詢電腦的系統。 — 本發明的—個較佳的實施例提供了-種完整的安全身份 識別資料登錄方法。-個安全PIN碼智慧卡鍵盤包括:_個 控制器,-個數字小鍵區和一個智慧卡讀卡器。本發明的 $位小鍵區有兩個功能:第一個功能是作為鍵盤的一個正 常小鍵區’第二個功以作為—個安全piN碼輸人小鍵區。 用戶將智慧卡插入至智慧卡讀卡器。用戶的piN碼資訊館 存在该智慧卡的記憶體中。在個人電腦上運行的應用程式 需要用戶的安全身份識別資訊,並請求用戶使用鍵盤的小 鍵區輸入其PIN碼。 控制器接收PIN碼請求,將小鍵區從正常模式切換到㈣ 碼輸入模式,並打㈣N碼輸人模式“器。小鍵區被切換 到專門用於PIN碼輸入的模式,並與控制器進行通信。用戶 料HN碼輸人到小鍵區中。控制器接收碼並把⑽碼 發送到智慧卡中。 智慧卡查詢儲存在記憶體中的m碼,並驗證刚碼。若 7石馬是有效的’則智慧卡將向控制器發送_個通過指示信 碼是無效的,則智慧卡將向控制器發送—個失敗 ♦曰不信號。 ,制器把通過/失敗指示信號發送給在個人電腦上運行 詢程式。控制器把小鍵區切回到正常模式,並關閉剛 97167.doc 1250762 碼輸入模式指示器。 本發明的另一個較佳的實施例將生物識別裝置與鍵盤相 連。用戶的生物識別資訊儲存在智慧卡的記憶體中。 虽在個人電腦上運行的一應用程式要求用戶使用生物識 別裝置以輸入其生物識別資訊(例如,視網膜掃描、指紋等) 日守’控制裔接收該生物識別資訊,啟動生物識別裝置以接 收用戶的生物識別資訊,並打開PIN碼輸入模式指示器。控 制器接收來自生物識別裝置的生物識別資訊,並把生物識 別資訊發送給智慧卡。 智慧卡查詢儲存在記憶體中的生物識別資訊,並對輸入 勺生物識別資汛進行驗證。如上所述,一個通過/失敗指示 “唬破送至控制器和個人電腦。控制器關閉PIN碼輸入模式 指示器。 【實施方式】 本發明實現了 一種保全個人身份識別登錄系統。本發明 的一種系統為個人身份識別資訊的登錄和驗證提供了一個 2全的環境。另外,本發明還提供了一種在驗證過程中不 需依賴於查詢電腦的系統。 本發明提供了 一種不需依賴查詢主機的保全個人身份識 別系統。本發明可被集成在一包括一智慧卡讀卡器的鍵盤 輪入衣置中,或其他的安全輸入裝置(如生物識別裝置)。用 :身份識別資訊的輸人和驗證不會使任何敏感的身份識別 資訊輪入到查詢主機中。 個人電腦(PC)在允許用戶進行操作或存取其他功能(例 97167.doc 】〇- 1250762 如電子商務購物)之前,通常需要用戶於 而茺用戶輸入其安全資訊(例如 用戶名和密碼)。個人電腦安全车絲 系為取近才開始使用智慧 卡、專用PIN碼輸入小鍵區和生物螂 王物識別裝置以識別有效用 戶。 目前,各種安全存取電腦之方法的㈣在於敏感的個人 身份驗證資訊(例如PIN碼或生物識別資訊(視網膜掃描,指 紋等)是由一主機(例如一台個人電腦)來管理或操作的。 通常’用戶使用主機或程式時,應用程式會要求用戶輸 入某種類型的身份識別資訊。錢主機接收來自輸入裝置 的身份識別資訊並進行某種類型的驗證。 一旦敏感的身份識別資訊到達主機,將形成一安全風 險。例如,當採用—智慧卡以驗證身份識別:#訊時,該身 份識別貧訊從輸入裝置傳送到個人電腦,接著從個人電腦 傳送到智慧卡。身份識別資訊报容易被正在主機或網路上 運行的程式所監控…個監控程式可以監控個人電腦和智 慧卡之間的資料交換。當—個有效的身份識別資訊在交換 日τ,監控程式可為電腦駭客或身份盜竊者記錄有效的份 識別資訊。 圖2所示為本發明的一個典型實施例,它提供了一種安全 身份識別貧料登錄的完整方法。本發明的控制器2〇6在一安 全PIN碼智慧卡鍵盤2()2上,該鍵盤還包括—個數位小鍵區 2 0 3和一個智慧卡讀卡器2 〇 4。本發明的數位小鍵區有兩個 功能··第一個功能是作為鍵盤的一個正常小鍵區;第二個 功能是作為一個安全PIN碼輸入小鍵區。 97167.doc -11 - 1250762 用戶將智慧卡205插入至集成在鍵盤202内的智慧卡讀卡 器204中。智慧卡205包括了 一微處理器和記憶體。只有微 處理器能夠存取記憶體,這樣使智慧卡205上的資料很安 全。用戶的PIN碼資訊被儲存在智慧卡2〇5的記憶體中。 應用程式在個人電腦201上執行。一在個人電腦2〇 1上執 行,並要求用戶輸入安全身份識別資訊的應用程式要求用 戶使用鍵盤202的小鍵區203來輸入其PIN碼。 控制器206接收PIN碼輸入請求,並將小鍵區203從正常模 式切換到PIN碼輸入模式。小鍵區2 0 3在邏輯上(功能上)脫 離於鍵盤202和個人電腦201之間的通信,而專門用於PIN 碼輸入和與控制器206進行通信。控制器206可選擇使用一 可視化指示器(例如一個LED或LCD顯示器207)來提示用戶 系統已進入了 PIN碼輸入模式。用戶將其pin碼輸入到小鍵 區203中。控制器206接收來自於小鍵區203的PIN碼,並將 PIN碼發送給智慧卡讀卡器204内的智慧卡205。 智慧卡205查詢儲存在其記憶體中的PIN碼,並驗證PIN 碼。若PIN碼是有效的,則智慧卡205向控制器206發送一個 通過指示信號;若PIN碼是無效的,則智慧卡205向控制器 206發送一個失敗指示信號。 控制器206將通過/失敗指示信號發送給在個人電腦2〇1 上執行的查詢程式。控制器206將小鍵區203切換回正常模 式,可選之可視化指示器207提示用戶已經不處在PIN碼輸 入模式。這個過程可由控制器206本身或個人電腦201的程 式啟動。用戶PIN碼多次輸入失敗或藉由向個人電腦201請 97167.doc 12 1250762 求’控制器206也能夠使小鍵區無效。 圖3所示為本發明另一個較佳的實施例,它提供了 一種安 全身份識別資料登錄的集線器(hub)方法。鍵盤3〇2包括控制 器303, 一個智慧卡讀卡器3〇6和其他裝置(例如,一個用於 連接生物識別裝置304和鍵盤302的USB集線器)。對小鍵區 3 0 7的控制如上所述。 用戶將其智慧卡305插入至集成於鍵盤3〇2上的智慧卡讀 卡器306中。用戶的生物識別資訊儲存在智慧卡3〇5上的記 憶體中。 一個正在個人電腦301上運行,並要求用戶輸入安全身份 識別資訊的應用程式要求用戶使用生物識別裝置3〇4來輸 入其生物識別資訊(例如,視網膜掃描、拇指紋等)。 控制為303接收生物識別輸入請求,並啟動生物識別裝置 3 04以接收來自用戶的生物識別資訊。控制器3 μ可選擇使 用一可視化指示器(例如,一個LED或LCD顯示器308),來 提示用戶生物識別裝置進入了資料登錄模式。用戶將其生 物識別資訊輸入於生物識別裝置304中。控制器3〇3接收來 自生物識別I置304的生物識別資訊,並把生物識別資訊發 送給智慧卡讀卡器306内的智慧卡305。 智慧卡305查詢其記憶體中的生物識別資訊,並驗證該生 物識別資訊。若生物識別資訊是有效的,則智慧卡3〇5向控 制器303發送一個通過指示信號。若生物識別資訊是無效 的,則智慧卡305向控制器303發送一個失敗指示信號。控 制為' 3 03將通過/失敗指示信號發送給正在個人電腦3 〇 1上 97167.doc -13- Ϊ250762 執仃的查詢程式。控制器303改 的顯示,提亍用冷p , k之可視化指示器3〇8 徒不用戶已經不處在資料登錄模式。 在圖2和圖3中,身份識別#訊從輸 的控制器,接著傳送到智慧卡中。資科=傳达到本發明 因為個人、科傳輪路徑报安全, 人^看不到在輸人裝置和控制器之間交換的 ;'、,從而’任何在個人電腦上或網路 可能監控或發現敏感資料。 式都不 ^領域的技術人員將發現本發㈣容易地助於 仏以及其他裝置上,這些裝置可能存在有執行於背景或 網路中’用以監測身份識別資訊資料的不道德的程式。 圖4所不為控制晶片的三大模組,這些模組實現了安全身 份登錄和驗證的功能·· 安全指令解碼器403 •通過集線器402接收一來自個人電腦4〇1的安全ρΐΝ碼 輸入指令。 •對女全PIN碼輸入指令進行解碼,並將用以啟動安全 PIN碼輸入模式的致能信號發送給piN碼處理器4〇5和 代碼管理器406。 •與PIN碼模式顯示器(LED顯示器)404通過介面連接,提 示進入PIN碼輸入模式狀態。 •當PIN碼驗證狀態代碼被送回到個人電腦401後,使PIN 碼輸入模式無效。 2.PIN碼處理器405 •暫時儲存來自安全PIN碼輸入指令的智慧卡IS07816認 97167.doc 14 1250762 證PIN碼指令和一個空的PIN碼區域。 •接收來自代碼管理器406的PIN碼資料。 •根據安全PIN碼輸入指令的PIN碼配置資料區域中所規 定的格式,更新認證PIN碼指令裏的PIN碼區域,並把 該指令和PIN碼資料一起發送到智慧卡412進行驗證。 •當智慧卡412對PIN碼進行驗證後,接收來自智慧卡412 的狀態位元組SW1和SW2。 •把讀卡器回應指令和狀態位元組SW1、SW2封裝在一 起,並通過集線器402把它們發送回個人電腦401。 •當狀態位元組被發送回至個人電腦401之後,終止安全 PIN碼模式。 •當從代碼管理器406接收到<〇&11〇61〉按鍵,終止安全?]^ 碼模式。 3.代碼管理器406 在安全PIN碼模式下: •接收來自輸入裝置控制器(鍵盤控制器)409的鍵碼。 •提取來自所接收到的資訊包的HID(用戶介面裝置)鍵 碼,當用戶按下<Enter>鍵之後,將資料傳輸至PIN碼 處理器405。 •按照PIN碼配置資料接收按鍵的準確數目,忽略任何多 餘的按鍵。 •按鍵採用USB鍵盤資料格式(或者其他標準的週邊通信 格式)並通過集線器402同樣地被逆向發送至個人電腦 401,資料區域用鍵來代替每個按鍵。 97167.doc 15 1250762 •當按下<cancel>鍵時,<cancel>鍵的代碼就被發送至 PIN碼處理器405,並終止安全PIN碼輸入模式。 於正常鍵盤操作模式下或安全PIN碼輸入模式無效時: •所有按鍵通過集線器402發送至個人電腦401,如同正常 的鍵盤操作一樣。 •沒有資料傳輸至PIN碼處理器405。 當個人電腦401開啟,且一個安全PIN碼智慧卡鍵盤和其 USB連接器(或其他標準連接器和週邊通信格式)連接後,一 個智慧卡資源管理器(個人電腦/智慧卡應用編程介面庫 (APILibrary))和一個讀卡器驅動器被載入到作業系統(例 如,WindowsXP)上。 當智慧卡412插入至智慧卡連接器411時,智慧卡讀卡器 407讀取智慧卡412。當智慧卡412被啟動後,智慧卡412發 送ATR(重設應答)至智慧卡讀卡器407開始協定談判,其中 ATR是在智慧卡啟動後,由智慧卡發送的。一旦協定建立, 智慧卡讀卡器407進入指令狀態,並等待來自個人電腦401 的指令。 一種使用要求PIN碼輸入的應用程式的典型情況如下: a. 個人電腦401上的應用軟體通過請求用戶輸入其PIN碼 或生物識別資訊的方式來啟動安全PIN碼過程。 b. 個人電腦401將安全PIN碼輸入指令發送至安全指令解 碼器403。安全PIN碼輸入指令為: 讀卡器指令 智慧卡認證 空的PIN碼 PIN碼配置 PIN碼指令 區域 資料 97167.doc -16- 1250762 C.安全指令解碼器403對安全PIN碼輸入指令進行解碼, 並發送致能信號給PIN碼處理器405和代碼管理器406 來啟動安全PIN碼模式。安全指令解碼器403並對來自 安全PIN碼輸入指令的PIN碼配置資料進行解碼。 d. PIN碼模式顯示器(LED顯示器)404被點亮,並提示進入 安全PIN碼模式。 e. 當用戶通過用戶介面物理裝置(小鍵區或生物識別裝 置)410輸入其PIN碼時,代碼管理器406提取來自輸入 裝置控制器409所發送資訊包中的用戶介面裝置的鍵 碼,並在用戶按下<Enter〉鍵之後,把這些代碼發送至 PIN碼處理器405。 f. 代碼管理器406僅接收PIN碼配置資料所規定的按鍵數 目。 g. 根據安全PIN輸入指令中PIN碼配置資料所規定的格 式,PIN碼處理器405把認證PIN碼指令和更新過的PIN 區域封裝在一起。 h. PIN碼處理器405把PIN碼指令及PIN碼發送至智慧卡: 智慧卡認證PIN碼指令 PIN碼區域000 12345 i. 代碼管理器406用USB鍵盤資料報告格式,通過集線器 402把按鍵發送至個人電腦401,並在個人電腦顯示幕 上用表示所有按鍵。 j. 智慧卡412將狀態字1和狀態字2(SW1和SW2)的狀態位 97167.doc 1250762 元、、且务送回兔慧卡讀卡菇407。這些狀態位元組提示認 證指令成功與否: SW1 SW2 k·智慧卡讀卡器407把狀態位元組發送至piN碼處理器 405^IN碼處理器4〇5把狀態位元組和讀卡器的回應指 令4戈石馬圭十一起,並發送回主機個人電腦4〇 1 : 圖5所示為本發明的一個任務圖。一正執行在主機個人電 腦上的應用程式向接收個人電腦指令模組5〇1發送一個 碼輸入的指令。接收個人電腦命令模組5〇1向管理身份序列 模組503發送指令資訊。 管理身份序列模組503通知輸入裝置控制器5〇4準備好 PIN碼輸入或生物資訊輸入。對於piN碼輸入,輸入裝置 控制器504向小鍵區介面模組5〇5發送一個指令,令小鍵區 進入PIN碼輸入模式。小鍵區介面模組5〇5把小鍵區從正常 鍵盤操作切換至專用的PIN碼輸入,並點亮這些資訊或將這 些資訊顯示於PIN碼輸入模式指示器上,以告知用戶開始輸 入PIN碼。 用戶將PIN碼輸人到小鍵區中,當用戶完成piN碼輸入 後,小鍵區介面模組505把輸入的piN碼發送到輸入裝置控 制器504。管理身份序列模組5〇3也通知輸入裝置控制器 終止PIN碼輸入或生物識別資訊輸入。輸入裝置控制器 向小鍵區介面模組505發送一指令,以把小鍵區切換回正常 97】67.doc 1250762 的鍵^模式。並且’小鍵區介面模組5〇5清除或改變piN碼 輸入模式指示器上所顯示的資訊,以告知用戶已經不處在 PIN碼輸入模式。 如果用戶在一段預先設置的時間内沒有向小鍵區輸入任 何數字,那麼管理身份序列模組5〇3會通知輸入裝置控制器 504終止PIN碼輸入或生物識別資訊輸入。輸入裝置控制器 504向小鍵區介面模組5〇5發送一指令,以把小鍵區切換回BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to the security of a computer environment, and more particularly to receiving and verifying personal identity information in a secure environment independent of the querying computer. [Prior Art] In today's society, computer security issues are becoming more and more important. With the rapid growth of personal computers, the number of computer hackers and identity thefts has also increased dramatically. Identity theft has become a major concern and the most horrible thing for PC users. The company is concerned that computer hackers use the methods such as impersonating employees to break into the company's internal network. In the area of secure personal identification, the primary trusted method is to use portable technology to store personally identifiable information so that individuals can carry their identification information wherever they go. It is safer to use these portable technologies to access and transfer the computer by manually entering the user name and password to access the computer. Figure 1 shows a method for securely storing personal information (e.g., biometric greed, PIN (Personal Identification Number), etc.) using smart card 104. The smart card 104 includes a microprocessor and memory. The personal information stored in the smart card memory can only be accessed by the smart card's microprocessor. The smart card 1〇4 is inserted into a card reader 103 which is connected to a personal computer (PC) 101 and accessed by a personal computer. The information is communicated between the personal computer 101 and the smart card 104 via a card reader, and the card reader 101 uses a standard communication protocol. The personal computer 101 can use a biometric device 1〇5 to read the user's 97167.doc 1250762 biometric pattern, or the personal computer 101 can ask the user to enter a PIN code via the keyboard and verify his identity. The valid values for these types of data are in the smart card 104. Once the user inputs the requested information through the keyboard 102 or the biometric device 1〇5, the personal computer 101 transmits the input information obtained from the information input devices to the smart card 104 according to the type of the information input device used by the personal computer. . The microprocessor of the smart card 1-4 compares the identification information with the information stored in the memory of the smart card 104. If the identity information of the input matches the identification information stored in the smart card 104, the smart card 1.4 sends a pass indication signal to the personal computer 101. If the input two identification signals do not match the identification information stored in the smart card 1G4, the smart card 104 transmits a failure indication signal to the personal computer 101. The problem with this approach is that any identification information that is input to the input device is first sent to the personal computer (8). There is a serious safety risk. (4) The identification information of the person who is input in the personal computer 1G1 is easily detected by the program of monitoring K. The monitoring program in the personal computer igi or in the network can monitor the DfUa between the personal computer (9) and the smart card 1G4, between the personal electric device and the keyboard 102, or between the personal computer (8) and the biometric device ι〇5. Accurately know which identification information is valid. ^ , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , - A security personal identification login system. SUMMARY OF THE INVENTION 97167.doc 1250762 The present invention provides a security personal identification login system. The system provides a secure environment for login and verification of personally identifiable information. Additionally, the present invention provides a system in which the verification process towel does not have to rely on a query computer. - A preferred embodiment of the present invention provides a complete method of logging in secure identification data. - A secure PIN code smart card keyboard includes: _ controllers, - a small keypad and a smart card reader. The $bit small keypad of the present invention has two functions: the first function is as a normal small keypad of the keyboard, and the second function is as a secure piN code input keypad. The user inserts the smart card into the smart card reader. The user's piN code information library is stored in the memory of the smart card. An application running on a personal computer requires the user's secure identification information and asks the user to enter their PIN using the keypad's keypad. The controller receives the PIN code request, switches the small keypad from the normal mode to the (four) code input mode, and plays the (four) N code input mode ". The small keypad is switched to the mode dedicated to the PIN code input, and the controller The user feeds the HN code into the small keypad. The controller receives the code and sends the (10) code to the smart card. The smart card queries the m code stored in the memory and verifies the code. If it is valid, then the smart card will send _ to the controller to indicate that the signal is invalid, then the smart card will send a failure to the controller. ??? No signal. The controller sends the pass/fail indication signal to The interrogator is run on the personal computer. The controller switches the keypad down to normal mode and turns off the input mode indicator just in the 97167.doc 1250762. Another preferred embodiment of the present invention connects the biometric device to the keyboard. The user's biometric information is stored in the memory of the smart card. An application running on a personal computer requires the user to use a biometric device to input biometric information (eg, retinal scanning). , fingerprint, etc.) The control party receives the biometric information, activates the biometric device to receive the biometric information of the user, and opens the PIN code input mode indicator. The controller receives the biometric information from the biometric device and The biometric information is sent to the smart card. The smart card queries the biometric information stored in the memory and verifies the input scoop biometrics. As mentioned above, a pass/fail indication is “smashed to the controller and the individual. computer. The controller turns off the PIN code input mode indicator. [Embodiment] The present invention implements a security personal identification login system. A system of the present invention provides a two-in-one environment for the registration and verification of personal identification information. In addition, the present invention also provides a system that does not rely on querying a computer during the verification process. The present invention provides a secure personal identification system that does not rely on a query host. The invention can be integrated into a keyboard wheeled garment that includes a smart card reader, or other secure input device (e.g., a biometric device). Use: The identification and verification of identification information does not cause any sensitive identification information to be rounded into the query host. A personal computer (PC) typically requires the user to enter their security information (such as a username and password) before allowing the user to operate or access other functions (eg, 97167.doc 〇 - 1250762 e-commerce shopping). The PC security car is used to access the smart card, the special PIN code to enter the small keypad and the biometric device to identify valid users. Currently, various methods of securely accessing a computer (4) are sensitive personal authentication information (eg, PIN code or biometric information (retina scan, fingerprint, etc.) is managed or operated by a host (eg, a personal computer). Usually, when a user uses a host or a program, the application asks the user to enter some type of identification information. The money host receives the identification information from the input device and performs some type of verification. Once the sensitive identification information arrives at the host, A security risk will be formed. For example, when a smart card is used to verify the identity: #, the identity message is transmitted from the input device to the personal computer, and then transmitted from the personal computer to the smart card. The identification information message is easily Monitored by a program running on the host or on the network... A monitor can monitor the exchange of data between the PC and the smart card. When a valid identification message is exchanged, the monitor can be used for computer hacking or identity theft. Recording valid identification information. Figure 2 shows a code of the invention. A preferred embodiment of the present invention provides a complete method for secure identity identification and poor material registration. The controller 2〇6 of the present invention is on a secure PIN code smart card keyboard 2() 2, which also includes a digital keypad. 2 0 3 and a smart card reader 2 〇 4. The digital keypad of the present invention has two functions. The first function is as a normal small keypad of the keyboard; the second function is as a security PIN. The code is input into the small keypad. 97167.doc -11 - 1250762 The user inserts the smart card 205 into the smart card reader 204 integrated in the keyboard 202. The smart card 205 includes a microprocessor and memory. The device can access the memory so that the information on the smart card 205 is safe. The user's PIN code information is stored in the memory of the smart card 2. The application is executed on the personal computer 201. The application executing on 〇1 and requiring the user to enter secure identification information requires the user to enter their PIN code using the keypad 203 of the keyboard 202. The controller 206 receives the PIN code input request and sets the keypad 203 from the normal mode. Switch to P IN code input mode. The small keypad 2 0 3 is logically (functionally) detached from communication between the keyboard 202 and the personal computer 201, and is dedicated to PIN code input and communication with the controller 206. The controller 206 can A visual indicator (e.g., an LED or LCD display 207) is selected to prompt the user that the system has entered the PIN code entry mode. The user enters his pin code into the keypad 203. The controller 206 receives the keypad 203. The PIN code is sent to the smart card 205 in the smart card reader 204. The smart card 205 queries the PIN code stored in its memory and verifies the PIN code. If the PIN code is valid, then the smart code The card 205 sends a pass indication signal to the controller 206; if the PIN code is invalid, the smart card 205 sends a failure indication signal to the controller 206. The controller 206 transmits a pass/fail indication signal to the inquiry program executed on the personal computer 2〇1. Controller 206 switches keypad 203 back to normal mode, and optional visual indicator 207 prompts the user that he is no longer in the PIN code entry mode. This process can be initiated by the controller 206 itself or by the personal computer 201. The user PIN code failed to be input multiple times or by requesting the personal computer 201 to request the controller 206 to also invalidate the small keypad. FIG. 3 shows another preferred embodiment of the present invention, which provides a hub method for secure identity identification data logging. The keyboard 3〇2 includes a controller 303, a smart card reader 3〇6 and other devices (e.g., a USB hub for connecting the biometric device 304 and the keyboard 302). The control of the small keypad 3 0 7 is as described above. The user inserts his smart card 305 into the smart card reader 306 integrated on the keyboard 3〇2. The user's biometric information is stored in the memory on the smart card 3〇5. An application running on the personal computer 301 and requiring the user to enter secure identification information requires the user to enter biometric information (e.g., retinal scan, thumbprint, etc.) using the biometric device 3〇4. Control 303 receives the biometric input request and activates biometric device 340 to receive biometric information from the user. The controller 3 μ can optionally use a visual indicator (e.g., an LED or LCD display 308) to prompt the user that the biometric device has entered the data entry mode. The user inputs his biometric identification information into the biometric device 304. The controller 3〇3 receives the biometric information from the biometric I-set 304 and transmits the biometric information to the smart card 305 in the smart card reader 306. The smart card 305 queries the biometric information in its memory and verifies the biometric information. If the biometric information is valid, the smart card 3〇5 sends a pass indication signal to the controller 303. If the biometric information is invalid, the smart card 305 sends a failure indication signal to the controller 303. The control is '3 03. The pass/fail indication signal is sent to the query program that is executing on the personal computer 3 〇 1 97167.doc -13- Ϊ250762. The controller 303 displays the change, and the visual indicator 3〇8 of the cold p, k is used to prevent the user from being in the data registration mode. In Figures 2 and 3, the identity is transmitted from the controller to the smart card.资科= conveyed to the present invention because the personal and family transmission path reports security, the person can't see the exchange between the input device and the controller; ', and thus 'anything on the personal computer or the network may monitor or Discover sensitive information. Those skilled in the art will find that the present invention (4) is easily assisted by 仏 and other devices that may have unethical programs that are executed in the background or on the network to monitor identification information. Figure 4 is not the three modules of the control chip, these modules implement the function of secure identity login and verification. · Security command decoder 403. Receive a secure ΐΝ code input command from the personal computer 4〇1 through the hub 402. . • Decode the female full PIN code input command and send an enable signal to activate the secure PIN code input mode to the piN code processor 4〇5 and the code manager 406. • Connect to the PIN code mode display (LED display) 404 via the interface to prompt entry into the PIN code input mode. • When the PIN code verification status code is sent back to the personal computer 401, the PIN code input mode is invalidated. 2. PIN code processor 405 • Temporarily store the smart card IS07816 from the secure PIN code input command. 97167.doc 14 1250762 Certificate PIN code command and an empty PIN code area. • Receive PIN code data from code manager 406. • Update the PIN code area in the authentication PIN code command according to the format specified in the PIN code configuration data area of the security PIN code input command, and send the command and PIN code data to the smart card 412 for verification. • When the smart card 412 verifies the PIN code, it receives the status bytes SW1 and SW2 from the smart card 412. • Encapsulate the card reader response command and status bits SW1, SW2 and send them back to the personal computer 401 via hub 402. • When the status byte is sent back to the personal computer 401, the secure PIN code mode is terminated. • When the <〇&11〇61> button is received from the code manager 406, the security is terminated? ]^ code mode. 3. Code Manager 406 In the secure PIN mode: • Receives a key code from the input device controller (keyboard controller) 409. • The HID (User Interface Device) key code from the received packet is extracted, and when the user presses the <Enter> key, the data is transmitted to the PIN code processor 405. • Configure the exact number of data reception buttons according to the PIN code, ignoring any excess keys. • The buttons are in the USB keyboard data format (or other standard peripheral communication format) and are also reversely transmitted to the personal computer 401 via the hub 402, with the data area replacing each button with a key. 97167.doc 15 1250762 • When the <cancel> key is pressed, the code for the <cancel> key is sent to the PIN code processor 405, and the secure PIN code input mode is terminated. In normal keyboard operation mode or when the secure PIN code input mode is invalid: • All buttons are sent to the personal computer 401 via the hub 402 as if it were a normal keyboard operation. • No data is transferred to the PIN code processor 405. When the personal computer 401 is turned on and a secure PIN code smart card keyboard is connected to its USB connector (or other standard connector and peripheral communication format), a smart card resource manager (PC/Smart Card application programming interface library ( APILibrary)) and a card reader drive are loaded onto the operating system (for example, Windows XP). When the smart card 412 is inserted into the smart card connector 411, the smart card reader 407 reads the smart card 412. When the smart card 412 is activated, the smart card 412 sends an ATR (Reset Answer) to the smart card reader 407 to initiate a negotiation negotiation, wherein the ATR is sent by the smart card after the smart card is activated. Once the agreement is established, the smart card reader 407 enters the command state and waits for an instruction from the personal computer 401. A typical use of an application requiring a PIN code entry is as follows: a. The application software on the personal computer 401 initiates the secure PIN code process by requesting the user to enter their PIN code or biometric information. b. The personal computer 401 sends a secure PIN code input command to the secure command decoder 403. The security PIN code input command is: card reader command smart card authentication empty PIN code PIN code configuration PIN code command area data 97167.doc -16- 1250762 C. security command decoder 403 decodes the security PIN code input command, and The enable signal is sent to the PIN code processor 405 and code manager 406 to initiate the secure PIN code mode. The security command decoder 403 decodes the PIN code configuration data from the secure PIN code input command. d. The PIN mode display (LED display) 404 is illuminated and prompted to enter the secure PIN mode. e. When the user enters their PIN code through the user interface physical device (small keypad or biometric device) 410, the code manager 406 extracts the key code from the user interface device in the information packet sent by the input device controller 409, and These codes are sent to the PIN code processor 405 after the user presses the <Enter> key. f. The code manager 406 only receives the number of keys specified by the PIN code configuration data. g. The PIN code processor 405 encapsulates the authentication PIN code command and the updated PIN area in accordance with the format specified by the PIN code configuration data in the security PIN entry command. h. The PIN code processor 405 sends the PIN code command and the PIN code to the smart card: Smart Card Authentication PIN Code Command PIN Code Area 000 12345 i. The code manager 406 uses the USB keyboard data report format to send the button through the hub 402 to The personal computer 401 is used to display all the keys on the display screen of the personal computer. j. The smart card 412 returns the status bits of the status word 1 and the status word 2 (SW1 and SW2) to 97167.doc 1250762, and returns the rabbit card to the card 407. These status bytes indicate whether the authentication command succeeds or not: SW1 SW2 k. The smart card reader 407 sends the status byte to the piN code processor 405^IN code processor 4〇5 status byte and card reading The device responds with instructions 4 Ge Shimagui 10 together and sends it back to the host PC 4〇1: Figure 5 shows a task map of the present invention. An application that is executing on the host personal computer sends a code input command to the receiving personal computer command module 5〇1. The receiving personal computer command module 5〇1 sends command information to the management identity sequence module 503. The management identity sequence module 503 notifies the input device controller 5〇4 that the PIN code input or biometric information input is ready. For piN code input, the input device controller 504 sends an instruction to the small keypad interface module 5〇5 to cause the small keypad to enter the PIN code input mode. The small keypad interface module 5〇5 switches the small keypad from the normal keyboard operation to the dedicated PIN code input, and lights up the information or displays the information on the PIN code input mode indicator to inform the user to start entering the PIN. code. The user enters the PIN code into the small keypad. When the user completes the piN code input, the keypad interface module 505 sends the input piN code to the input device controller 504. The management identity sequence module 5〇3 also notifies the input device controller to terminate the PIN code input or biometric information input. The input device controller sends an instruction to the small keypad interface module 505 to switch the small keypad back to the normal key mode of the 67.67.doc 1250762. And the 'small keypad interface module 5〇5 clears or changes the information displayed on the piN code input mode indicator to inform the user that the PIN code input mode is not present. If the user does not enter any number into the keypad for a predetermined period of time, the management identity sequence module 5〇3 notifies the input device controller 504 to terminate the PIN code entry or biometric information input. The input device controller 504 sends an instruction to the small keypad interface module 5〇5 to switch the small keypad back
正系的鍵盤模式。並且,小鍵區介面模組5〇5清除或改變piN 碼輸入模式指示器上所顯示的資訊,以告知用戶已經不處 在PIN碼輸入模式。 對於生物識別資訊輸入,輸入裝置控制器5〇4向生物識別 裝置介面模組506發送一指令,以開始登錄用戶生物識別資 料生物識別裂置介面模組506啟動生物識別輸入裝置,並 等待用戶το成生物識別資料的輸入。小鍵區介面模組 點亮這些資訊或將這些資訊顯示於PIN碼輸入模式指示器 ^以口知用戶開始輸入生物識別資料。當用戶完成了資 料之登錄,生物識別裝置介面模組把生物識別資訊發送 、、、口輸入I置控制H 5〇4。為了終止生物識別資訊輸入,輸入 裝置控制器504向生物識別裝置介面模組5〇6發送一指令, 使生物識別輸人裝置無效。然後小鍵區介面模組5G5清除或 文义PIN馬輸人模式指示器上所顯示的資訊,以告知用戶已 經不處在生物識別資料登錄模式。 、輸入裝置控制器5〇4向管理身份序列模組5()3發送娜馬 或生物識別資訊。管理身份序列模組5()3將piN碼或生物識 97167.doc 19 1250762 別資訊打包,並發送至智慧卡讀卡器介面模組507對其進行 驗證。 接著,智慧卡讀卡器介面模組507把資訊發送至智慧卡, 該智慧卡係插在鍵盤的智慧卡讀卡器中。智慧卡的微處理 為將身份識別資訊和儲存在智慧卡記憶體中的資訊進行比 對。智慧卡根據身份驗證比對較後係通過還是失敗,而向 智慧卡讀卡1§介面模組507發送一個通過或失敗指示資訊。 备慧卡項卡為介面模組5〇7將通過或失敗資訊發送至管 理身份序列模組503,管理身份序列模組5〇3把指示資訊送 至發送通過/失敗指示模組5〇2。發送通過/失敗指示模組5〇2 把指不信號儲存在通信包,並將其發送給個人電腦。 管理身份序列模組503藉由個人電腦的指令可使小鍵區 鎖在PIN碼輸人模式下,或在多次驗證失敗的情況下藉由個 人電細之扣令使PIN碼輸入模式無效;若用戶在預先規定的 輸入-人數内或預先設定的一段時間内未能輸入正確的身份 識別貝說’該模組本身也可使小鍵區無效。如果身份識別 資訊驗證成功或藉由個人電腦的指令,管理身份序列模組 503也可釋放小鍵區,使其回到正常鍵盤使用模式。 雖然=裏描述的是本發明的較佳實施例,本領域的技術 人貝將谷易發現還有„些並不脫離本發明的精神和範圍 的、可以替代前面所述的其他應用。因此,本發明僅由如 下所述的請求項限定。 【圖式簡單說明】 圖1所不為本發明的一種使用PIN碼輸入和生物識別裝置 97167.doc 1250762 的電配置的先前技術示意圖; 圖2所示為本發明的一個典型實施例示意圖,該實施例採 用鍵盤的小鍵區以實現安全PIN碼輸入; 圖3所示為本發明的-個典型實施例示意圖,該實_採 用鍵盤和生物識別裳置以實現安全身份識別資訊的輸入; 立=4所不為本發明的—個典型實施例的各功能模組的示 圖5所示為—個從任務角度觀察本發 明典型實施例的示Positive keyboard mode. Moreover, the small keypad interface module 5〇5 clears or changes the information displayed on the piN code input mode indicator to inform the user that the PIN code input mode is not present. For the biometric information input, the input device controller 5〇4 sends an instruction to the biometric device interface module 506 to start logging into the user biometric data biometric splitting interface module 506 to activate the biometric input device and wait for the user το. Input into biometric identification data. The small keypad interface module lights up the information or displays the information in the PIN code input mode indicator. ^ The user is prompted to enter the biometric data. When the user completes the registration of the data, the biometric device interface module transmits the biometric information, and the port is input to the I control H 5〇4. In order to terminate the biometric information input, the input device controller 504 sends an instruction to the biometric device interface module 5〇6 to invalidate the biometric input device. Then the small keypad interface module 5G5 clears or displays the information displayed on the PIN horse input mode indicator to inform the user that the biometric data registration mode is not present. The input device controller 5〇4 sends Nama or biometric information to the management identity sequence module 5()3. The management identity sequence module 5()3 packs the piN code or the biometric information and sends it to the smart card reader interface module 507 for verification. Next, the smart card reader interface module 507 sends the information to the smart card, which is inserted into the smart card reader of the keyboard. Smart card micro-processing is to compare the identification information with the information stored in the smart card memory. The smart card sends a pass or fail indication message to the smart card reader 1 s interface module 507 based on whether the authentication pass or failed. The backup card is sent to the management identity sequence module 503 by the interface module 5〇7, and the management identity sequence module 5〇3 sends the indication information to the transmission pass/fail indication module 5〇2. The transmission pass/fail indication module 5〇2 stores the fingerless signal in the communication packet and transmits it to the personal computer. The management identity sequence module 503 can lock the small keypad in the PIN code input mode by the instruction of the personal computer, or invalidate the PIN code input mode by the personal power fine deduction when the multiple verification fails; If the user fails to enter the correct identification within a predetermined input-number of people or a predetermined period of time, the module itself can also invalidate the small keypad. The management identity sequence module 503 can also release the small keypad to return to the normal keyboard usage mode if the authentication information is verified successfully or by the instructions of the personal computer. Although the preferred embodiment of the present invention is described in the specification, those skilled in the art will find that other applications that do not depart from the spirit and scope of the invention may be substituted for the foregoing. The present invention is limited only by the claims described below. [Simplified Schematic] FIG. 1 is a prior art diagram of an electrical configuration using a PIN code input and biometric device 97167.doc 1250762; A schematic diagram of an exemplary embodiment of the present invention, which uses a small keypad of a keyboard to implement a secure PIN code input; FIG. 3 is a schematic diagram of an exemplary embodiment of the present invention, which uses a keyboard and biometric identification The display is performed to realize the input of the security identification information; the diagram of the functional modules of the exemplary embodiment which is not the present invention is shown in FIG. 5 as an illustration of an exemplary embodiment of the present invention from a task perspective.
【主要元件符號說明】 101 個人電腦 102 鍵盤 103 讀卡器 104 105 201 202 203 智慧卡 生物識別裝置 個人電腦 鍵盤 小鍵區 204 智慧卡1買卡器 205 智慧卡 206 控制器 207 指示器 301 個人電腦 302 鍵盤[Main component symbol description] 101 Personal computer 102 Keyboard 103 Card reader 104 105 201 202 203 Smart card biometric device Personal computer keyboard small keypad 204 Smart card 1 card purchaser 205 Smart card 206 Controller 207 Indicator 301 Personal computer 302 keyboard
97167.doc -21 . 控制器 生物識別裝置 智慧卡 智慧卡讀卡器 小鍵區 可視化指示器 個人電腦 集線器97167.doc -21 . Controller Biometric device Smart card Smart card reader Small keypad Visual indicator Personal computer Hub
W 安全指令解碼器 PIN碼模式顯示器 PIN碼處理器 代碼管理器 智慧卡讀卡器 輸入裝置控制器 用戶介面物理裝置 智慧卡連接器 0 智慧卡 個人電腦指令模組 發送通過/失敗指示模組 管理身分序列模組 _ 輸入裝置控制器 小鍵區介面模組 生物識別裝置介面模組 智慧卡讀卡器介面模組 -22-W Security Command Decoder PIN Mode Display PIN Code Processor Code Manager Smart Card Reader Input Device Controller User Interface Physical Device Smart Card Connector 0 Smart Card PC Command Module Send Pass/Fail Indication Module Management Identity Sequence Module _ Input Device Controller Keypad Interface Module Biometric Device Interface Module Smart Card Reader Interface Module-22-