WO1988008176A1 - Installation protegee contre une intervention non-autorisee - Google Patents

Installation protegee contre une intervention non-autorisee Download PDF

Info

Publication number
WO1988008176A1
WO1988008176A1 PCT/CH1988/000052 CH8800052W WO8808176A1 WO 1988008176 A1 WO1988008176 A1 WO 1988008176A1 CH 8800052 W CH8800052 W CH 8800052W WO 8808176 A1 WO8808176 A1 WO 8808176A1
Authority
WO
WIPO (PCT)
Prior art keywords
housing
functional unit
key element
chip card
data
Prior art date
Application number
PCT/CH1988/000052
Other languages
German (de)
English (en)
Inventor
Wolfgang Loy Von Thurnher
Kurt Schmid
Bernhard Schnabl
Original Assignee
Ido Ag
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ido Ag filed Critical Ido Ag
Publication of WO1988008176A1 publication Critical patent/WO1988008176A1/fr

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • G06F21/87Secure or tamper-resistant housings by means of encapsulation, e.g. for integrated circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/23Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder by means of a password
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/29Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0806Details of the card
    • G07F7/0813Specific details related to card security
    • G07F7/082Features insuring the integrity of the data on or in the card

Definitions

  • the invention relates to a system protected against unauthorized access according to the preamble of patent claim 1.
  • Such security devices are intended to allow unauthorized access to computers, such as personal computers or host computers, unauthorized access to stored data stocks, unauthorized access to data transmission, unauthorized access to rooms or security areas, and time recording to control access to protected rooms or systems to be protected, as well as movement in these areas and intervention in control devices for process control in production plants, and to perform further special security functions.
  • the object of the invention is to make such a system safe while avoiding the disadvantages mentioned.
  • a key component of the key element is a microprocessor.
  • the microprocessor can be formed, for example, by a large number of silicon wafers and can be manipulated, for example, by the action of electrical energy in such a way that the stored program is fixed immutable. The microprocessor enables the user to be identified correctly and unambiguously, so that unauthorized access is excluded.
  • the embodiment according to claim 2 offers a special safeguard against unauthorized access to data memories and the intervention in stored programs, in particular their inadmissible modification, since an unauthorized, in particular violent, opening of the housing or its destruction, be it by drilling or tearing open , in which the conductor tracks arranged on the inner wall of the housing or the lines integrated in the housing wall are at least partially interrupted, for complete deletion of all important functional units in the housing, for example a data carrier, stored data or programs.
  • the software contained therein is almost completely destroyed, so that only an unusable, non-reactivable rest and a completely unusable hardware remain. This represents a particular advantage over conventional devices in which the deletion of stored data was often only incomplete, so that this data could be reactivated by unauthorized users.
  • one or more capacitance films can be accommodated in the housing.
  • the film or the films are damaged when the housing is opened without authorization, which leads to a change in the capacitance and / or the resistance, as a result of which information stored in the functional unit in the housing is deleted or destroyed.
  • the embodiment according to claim 4 makes it possible to determine and prove an unauthorized intervention, since the photosensitive film material is exposed when the housing is opened.
  • the embodiment according to claim 5 represents a further possibility of preventing unauthorized access to the information stored in the functional unit.
  • the plastic mass into which the wire loops are cast connects to the housing and the functional unit in such a way that the wire loops, which are advantageously formed from very fine wire, are damaged when the housing is opened violently. This damage causes the functions of the functional unit to be interrupted.
  • the safety devices according to the designs according to claims 2 to 5 can each be provided individually, but expediently in combination of two or more.
  • the design of the key element as a chip card according to claim 6 enables particularly high ease of use.
  • the embodiment according to claim 7 represents a further safety factor, since the electrical fixation of the program once entered, for example by the action of electrical impulses, through which silicon chips which form the microprocessor and which are placed one on top of the other burned out or made conductive, a subsequent change of the program entered into the microprocessor is made impossible by unauthorized users.
  • a secret code for example a password and / or a personal identification number
  • the cryptographic security which can be carried out using known methods, of at least parts of the data and / or programs stored in the stationary functional unit and / or the key element can furthermore prevent unauthorized access to data in the course of the transmission because the data accessible at interfaces is completely unusable for third parties because it is encrypted and cannot be decrypted by outsiders.
  • Figure 1 shows a key element in a schematic representation
  • Figure 2 - a functional diagram of the key element of Figure 1;
  • Figure 3 shows a housing for receiving data carriers
  • Figure 4 shows another design of a housing
  • FIG. 1 shows the diagram of a key element in the form of a chip card 2.
  • the chip card 2 has a computing unit, for example a microprocessor 4, a memory area 6 with a working memory 8 which allows random access, a program memory 10 and a data memory 12.
  • the program memory 10 is advantageously a read-only memory (ROM) and contains programs or program parts required for the function of the microprocessor 4, for example for calculating and storing a secret key which cannot be influenced from outside and cannot be changed.
  • the data memory 12 is expediently a conditionally programmable read-only memory (PROM) and can, for example, contain a decryption key or a stored PIN.
  • PROM conditionally programmable read-only memory
  • the chip card 2 has an input / output 14 which can be connected to the EDP system via a contact point 15.
  • the modules 4, 8, 10, 12 and 14 together form a central processing unit (CPU), for example a CP8 circuit, which represents a microcomputer which has all the important components of a computer
  • FIG. 2 shows a schematic representation of the function of a key element, for example a chip card 2 according to FIG. 1. - 8th
  • a memory e.g. Data in the memory area 6 can only be accessed via a computer, corresponding to the microprocessor 4 of FIG. 1, which has a decision function 16.
  • the decision function 16 is connected to an EDP system 20 via the input / output 14 and lines 18 and 19. Via lines 18 and 19, it requests the authorization codes stored in the EDP system 20, e.g. PIN, and compares this with the stored data queried via lines 22 and 26 from the memory 6 of the key element. If the decision function does not determine a match, it informs the system 20 of the mismatch and thus of the refusal to use the computer system 20 via the input / output 14 and the lines 19 and 24.
  • the decision function determines the correspondence, it issues a corresponding release command to the memory 6 via a line 26, which then forwards the corresponding data required for use to the EDP system 20 via a line 28.
  • the release is always carried out via the computer 4, which is connected to the system via the input / output 14 and the lines 18 and 24 and the input / output line 19.
  • FIG. 3 shows a housing 30 for receiving data carriers 32, consisting of hardware and software stored therein.
  • the housing 30 has a part designed as a hollow body 34 and a closure element 36.
  • the walls of the housing consist, for example, of plastic.
  • Strip-shaped conductor tracks 38 made of electrically conductive material are applied, for example printed, on the inner surface of the wall of the hollow body 34 and the closure element 36 and can be attached parallel to one another or in a grid-like manner. to be in order.
  • wire-shaped conductors 40 are integrated into the walls of the hollow body 34 and of the closure element 34.
  • the conductor tracks 38 and the wire-shaped conductors 40 are connected to the data carrier 32 via lines 42 and 44.
  • the wire-shaped conductors 40 are expediently arranged in such a way that when the housing 30 is opened without authorization, for example by tearing or breaking open, the wire-shaped conductors 40 and / or the lines 42 and 44 are at least partially destroyed and thus a power interruption.
  • a violent opening of the housing 30, for example by drilling likewise leads to the destruction of the conductor tracks 38 and thus to a power interruption.
  • the power interruption caused by the destruction of the conductor tracks 38 and / or the wire-shaped conductors 40 has the effect that the power supply to the data carrier 32 is interrupted and consequently leads to the deletion of almost all of the data present in the data carrier 32 in the housing 30 .
  • the software contained in the data carrier 32 is almost completely destroyed, so that only hardware that is completely unusable for third parties remains.
  • FIG. 4 shows another embodiment of the housing 30.
  • Wire loops 46 made of thin metal wire are arranged between the housing 30 and the data carrier 32 accommodated therein.
  • the wire loops 46 are firmly connected to the data carrier 32 at fastening points 48 on the surface thereof, for example by soldering or welding.
  • the wire loops 46 can either be fastened on the surface of the data carrier 32 opposite the closure element 36 or on the surfaces opposite the hollow body 34 or both as well as.
  • the wire loops 46 are in a plastic compound 50 is poured in, the plastic compound filling the cavity between the housing 30 and the data carrier 32 and has formed a firm connection both with the housing 30 and with the data carrier 32.
  • the wire loops 46 are damaged, as a result of which the functions of the data carrier 32, which forms an electronic functional unit or a part thereof, are interrupted. In this way, access to information stored in data carrier 32 or access to systems or rooms secured by the functional unit is prevented.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

L'élément essentiel de l'installation consiste en un moyen de chiffrage (2) associé à un microprocesseur (4), l'installation comporte en outre une mémoire de travail (8), une mémoire de programme (10), une mémoire de données programmable (12) et une entrée-sortie (14) qui est en relation avec l'élément chiffré de sécurité. L'accès aux données mémorisées n'est possible que par l'intermédiaire du microprocesseur (4) de l'élément de chiffrage.
PCT/CH1988/000052 1987-04-14 1988-03-03 Installation protegee contre une intervention non-autorisee WO1988008176A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CH144787 1987-04-14
CH1447/87-2 1987-04-14

Publications (1)

Publication Number Publication Date
WO1988008176A1 true WO1988008176A1 (fr) 1988-10-20

Family

ID=4210675

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CH1988/000052 WO1988008176A1 (fr) 1987-04-14 1988-03-03 Installation protegee contre une intervention non-autorisee

Country Status (3)

Country Link
AU (1) AU1341688A (fr)
ES (1) ES2007813A6 (fr)
WO (1) WO1988008176A1 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0467208A1 (fr) * 1990-07-11 1992-01-22 Hitachi, Ltd. Système numérique d'information
WO1999005601A1 (fr) * 1997-07-22 1999-02-04 James Edward Green Systeme de securite
WO1999040501A1 (fr) * 1998-02-04 1999-08-12 Spyrus, Inc. Effacement actif de donnees stockees electroniquement lors de la detection d'acces frauduleux
EP0863489A3 (fr) * 1997-03-07 2001-06-13 Motz Computer Service & Vertriebs GmbH Sceau destiné à un boítier divisible
WO2001063994A2 (fr) * 2000-02-23 2001-08-30 Iridian Technologies, Inc. Boite inviolable destinee a des dispositifs electroniques equipes de memoires contenant des informations sensibles
WO2002025411A1 (fr) * 2000-09-21 2002-03-28 Giesecke & Devrient Gmbh Module de securite

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE2224937A1 (de) * 1972-05-23 1974-02-21 Gretag Ag Einrichtung zum individuellen identifizieren einer mehrzahl von individuen
US4211919A (en) * 1977-08-26 1980-07-08 Compagnie Internationale Pour L'informatique Portable data carrier including a microprocessor
DE3023427A1 (de) * 1979-06-28 1981-01-08 Gretag Ag Mobiler datenbehaelter
US4453074A (en) * 1981-10-19 1984-06-05 American Express Company Protection system for intelligent cards
WO1984004614A1 (fr) * 1983-05-13 1984-11-22 Ira Dennis Gale Dispositif de protection des donnees
EP0142013A2 (fr) * 1983-10-14 1985-05-22 Every-Sys Ag Mémoire portable pour l'enregistrement, le stockage et la reproduction d'information
WO1986005613A1 (fr) * 1985-03-14 1986-09-25 Toppan Moore Company, Ltd. Carte d'identification
EP0151714B1 (fr) * 1983-12-29 1989-05-03 GAO Gesellschaft für Automation und Organisation mbH Dispositif pour garantir des informations secrètes

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE2224937A1 (de) * 1972-05-23 1974-02-21 Gretag Ag Einrichtung zum individuellen identifizieren einer mehrzahl von individuen
US4211919A (en) * 1977-08-26 1980-07-08 Compagnie Internationale Pour L'informatique Portable data carrier including a microprocessor
DE3023427A1 (de) * 1979-06-28 1981-01-08 Gretag Ag Mobiler datenbehaelter
US4453074A (en) * 1981-10-19 1984-06-05 American Express Company Protection system for intelligent cards
WO1984004614A1 (fr) * 1983-05-13 1984-11-22 Ira Dennis Gale Dispositif de protection des donnees
EP0142013A2 (fr) * 1983-10-14 1985-05-22 Every-Sys Ag Mémoire portable pour l'enregistrement, le stockage et la reproduction d'information
EP0151714B1 (fr) * 1983-12-29 1989-05-03 GAO Gesellschaft für Automation und Organisation mbH Dispositif pour garantir des informations secrètes
WO1986005613A1 (fr) * 1985-03-14 1986-09-25 Toppan Moore Company, Ltd. Carte d'identification

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0467208A1 (fr) * 1990-07-11 1992-01-22 Hitachi, Ltd. Système numérique d'information
EP0863489A3 (fr) * 1997-03-07 2001-06-13 Motz Computer Service & Vertriebs GmbH Sceau destiné à un boítier divisible
WO1999005601A1 (fr) * 1997-07-22 1999-02-04 James Edward Green Systeme de securite
WO1999040501A1 (fr) * 1998-02-04 1999-08-12 Spyrus, Inc. Effacement actif de donnees stockees electroniquement lors de la detection d'acces frauduleux
US6292898B1 (en) 1998-02-04 2001-09-18 Spyrus, Inc. Active erasure of electronically stored data upon tamper detection
WO2001063994A2 (fr) * 2000-02-23 2001-08-30 Iridian Technologies, Inc. Boite inviolable destinee a des dispositifs electroniques equipes de memoires contenant des informations sensibles
WO2001063994A3 (fr) * 2000-02-23 2002-04-18 Iridian Technologies Inc Boite inviolable destinee a des dispositifs electroniques equipes de memoires contenant des informations sensibles
WO2002025411A1 (fr) * 2000-09-21 2002-03-28 Giesecke & Devrient Gmbh Module de securite

Also Published As

Publication number Publication date
ES2007813A6 (es) 1989-07-01
AU1341688A (en) 1988-11-04

Similar Documents

Publication Publication Date Title
DE60014362T2 (de) Schlüssel und schlossvorrichtung
EP0355372B1 (fr) Terminal commandé par support de données dans un système d'échange de données
EP0281057B1 (fr) Circuit pour la sécurité de l'accès à un ordinateur à l'aide d'une carte à circuit intégré
DE69531278T2 (de) Verfahren und Vorrichtung zum Laden einer geschützten Speicherzone in einem Datenverarbeitungsgerät
DE69729557T2 (de) Verfahren und gerät zum softwarezugriff auf eine mikroprozessorseriennummer
EP0337185B1 (fr) Support de données portatif
EP0283432B1 (fr) Procédé et dispositif de protection des éléments secrets dans un réseau d'appareils de chiffrage à administration ouverte des clés
DE69635868T2 (de) Verfahren und vorrichtung zum kryptographisch gesteuerten betrieb eines zusatzgeräts
EP1276033B1 (fr) Dispositif de mémoire ayant la protection de données dans un processeur
DE2621271C2 (de) Tragbarer Datenträger
DE3407642C2 (fr)
EP0993653B1 (fr) Procede et dispositif pour proteger des unites de calcul electroniques, notamment des cartes a puce
DE3023427A1 (de) Mobiler datenbehaelter
DE3390018T1 (de) Verfahren und Vorrichtung zum Schutz von Software
DE2253275B2 (de) Verfahren und Vorrichtung zum Betreiben einer gegen unbefugten Zugang gesicherten Nachrichtenübertragungsanlage
EP0965076A1 (fr) Dispositif et systeme de traitement electronique de donnees
DE4303620A1 (de) Schreib-Lese-Einheit für elektronische Geräte
DE3803357A1 (de) Elektrisches geraet
EP0224639A1 (fr) Procédé pour contrôler l'accès à la mémoire d'une carte à circuit intégré et dispositif mettant en oeuvre ledit procédé
EP0280035B1 (fr) Procédé de protection de programmes et de contrôle d'intégrité de programme protégé
WO1988008176A1 (fr) Installation protegee contre une intervention non-autorisee
EP0276450A1 (fr) Circuit de protection de données pour le blocage de la transmission de signaux sur un bus
EP0411185B1 (fr) Dispositif pour introduction de données
EP0794306A2 (fr) Système de contrÔle d'accès et de sécurité électronique
DE3342651A1 (de) Verfahren zur absicherung des zugriffs an terminals

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AU DK FI JP NO US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE FR GB IT LU NL SE