WO1988008176A1 - Installation protegee contre une intervention non-autorisee - Google Patents
Installation protegee contre une intervention non-autorisee Download PDFInfo
- Publication number
- WO1988008176A1 WO1988008176A1 PCT/CH1988/000052 CH8800052W WO8808176A1 WO 1988008176 A1 WO1988008176 A1 WO 1988008176A1 CH 8800052 W CH8800052 W CH 8800052W WO 8808176 A1 WO8808176 A1 WO 8808176A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- housing
- functional unit
- key element
- chip card
- data
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/86—Secure or tamper-resistant housings
- G06F21/87—Secure or tamper-resistant housings by means of encapsulation, e.g. for integrated circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/357—Cards having a plurality of specified features
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/22—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
- G07C9/23—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder by means of a password
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/29—Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/082—Features insuring the integrity of the data on or in the card
Definitions
- the invention relates to a system protected against unauthorized access according to the preamble of patent claim 1.
- Such security devices are intended to allow unauthorized access to computers, such as personal computers or host computers, unauthorized access to stored data stocks, unauthorized access to data transmission, unauthorized access to rooms or security areas, and time recording to control access to protected rooms or systems to be protected, as well as movement in these areas and intervention in control devices for process control in production plants, and to perform further special security functions.
- the object of the invention is to make such a system safe while avoiding the disadvantages mentioned.
- a key component of the key element is a microprocessor.
- the microprocessor can be formed, for example, by a large number of silicon wafers and can be manipulated, for example, by the action of electrical energy in such a way that the stored program is fixed immutable. The microprocessor enables the user to be identified correctly and unambiguously, so that unauthorized access is excluded.
- the embodiment according to claim 2 offers a special safeguard against unauthorized access to data memories and the intervention in stored programs, in particular their inadmissible modification, since an unauthorized, in particular violent, opening of the housing or its destruction, be it by drilling or tearing open , in which the conductor tracks arranged on the inner wall of the housing or the lines integrated in the housing wall are at least partially interrupted, for complete deletion of all important functional units in the housing, for example a data carrier, stored data or programs.
- the software contained therein is almost completely destroyed, so that only an unusable, non-reactivable rest and a completely unusable hardware remain. This represents a particular advantage over conventional devices in which the deletion of stored data was often only incomplete, so that this data could be reactivated by unauthorized users.
- one or more capacitance films can be accommodated in the housing.
- the film or the films are damaged when the housing is opened without authorization, which leads to a change in the capacitance and / or the resistance, as a result of which information stored in the functional unit in the housing is deleted or destroyed.
- the embodiment according to claim 4 makes it possible to determine and prove an unauthorized intervention, since the photosensitive film material is exposed when the housing is opened.
- the embodiment according to claim 5 represents a further possibility of preventing unauthorized access to the information stored in the functional unit.
- the plastic mass into which the wire loops are cast connects to the housing and the functional unit in such a way that the wire loops, which are advantageously formed from very fine wire, are damaged when the housing is opened violently. This damage causes the functions of the functional unit to be interrupted.
- the safety devices according to the designs according to claims 2 to 5 can each be provided individually, but expediently in combination of two or more.
- the design of the key element as a chip card according to claim 6 enables particularly high ease of use.
- the embodiment according to claim 7 represents a further safety factor, since the electrical fixation of the program once entered, for example by the action of electrical impulses, through which silicon chips which form the microprocessor and which are placed one on top of the other burned out or made conductive, a subsequent change of the program entered into the microprocessor is made impossible by unauthorized users.
- a secret code for example a password and / or a personal identification number
- the cryptographic security which can be carried out using known methods, of at least parts of the data and / or programs stored in the stationary functional unit and / or the key element can furthermore prevent unauthorized access to data in the course of the transmission because the data accessible at interfaces is completely unusable for third parties because it is encrypted and cannot be decrypted by outsiders.
- Figure 1 shows a key element in a schematic representation
- Figure 2 - a functional diagram of the key element of Figure 1;
- Figure 3 shows a housing for receiving data carriers
- Figure 4 shows another design of a housing
- FIG. 1 shows the diagram of a key element in the form of a chip card 2.
- the chip card 2 has a computing unit, for example a microprocessor 4, a memory area 6 with a working memory 8 which allows random access, a program memory 10 and a data memory 12.
- the program memory 10 is advantageously a read-only memory (ROM) and contains programs or program parts required for the function of the microprocessor 4, for example for calculating and storing a secret key which cannot be influenced from outside and cannot be changed.
- the data memory 12 is expediently a conditionally programmable read-only memory (PROM) and can, for example, contain a decryption key or a stored PIN.
- PROM conditionally programmable read-only memory
- the chip card 2 has an input / output 14 which can be connected to the EDP system via a contact point 15.
- the modules 4, 8, 10, 12 and 14 together form a central processing unit (CPU), for example a CP8 circuit, which represents a microcomputer which has all the important components of a computer
- FIG. 2 shows a schematic representation of the function of a key element, for example a chip card 2 according to FIG. 1. - 8th
- a memory e.g. Data in the memory area 6 can only be accessed via a computer, corresponding to the microprocessor 4 of FIG. 1, which has a decision function 16.
- the decision function 16 is connected to an EDP system 20 via the input / output 14 and lines 18 and 19. Via lines 18 and 19, it requests the authorization codes stored in the EDP system 20, e.g. PIN, and compares this with the stored data queried via lines 22 and 26 from the memory 6 of the key element. If the decision function does not determine a match, it informs the system 20 of the mismatch and thus of the refusal to use the computer system 20 via the input / output 14 and the lines 19 and 24.
- the decision function determines the correspondence, it issues a corresponding release command to the memory 6 via a line 26, which then forwards the corresponding data required for use to the EDP system 20 via a line 28.
- the release is always carried out via the computer 4, which is connected to the system via the input / output 14 and the lines 18 and 24 and the input / output line 19.
- FIG. 3 shows a housing 30 for receiving data carriers 32, consisting of hardware and software stored therein.
- the housing 30 has a part designed as a hollow body 34 and a closure element 36.
- the walls of the housing consist, for example, of plastic.
- Strip-shaped conductor tracks 38 made of electrically conductive material are applied, for example printed, on the inner surface of the wall of the hollow body 34 and the closure element 36 and can be attached parallel to one another or in a grid-like manner. to be in order.
- wire-shaped conductors 40 are integrated into the walls of the hollow body 34 and of the closure element 34.
- the conductor tracks 38 and the wire-shaped conductors 40 are connected to the data carrier 32 via lines 42 and 44.
- the wire-shaped conductors 40 are expediently arranged in such a way that when the housing 30 is opened without authorization, for example by tearing or breaking open, the wire-shaped conductors 40 and / or the lines 42 and 44 are at least partially destroyed and thus a power interruption.
- a violent opening of the housing 30, for example by drilling likewise leads to the destruction of the conductor tracks 38 and thus to a power interruption.
- the power interruption caused by the destruction of the conductor tracks 38 and / or the wire-shaped conductors 40 has the effect that the power supply to the data carrier 32 is interrupted and consequently leads to the deletion of almost all of the data present in the data carrier 32 in the housing 30 .
- the software contained in the data carrier 32 is almost completely destroyed, so that only hardware that is completely unusable for third parties remains.
- FIG. 4 shows another embodiment of the housing 30.
- Wire loops 46 made of thin metal wire are arranged between the housing 30 and the data carrier 32 accommodated therein.
- the wire loops 46 are firmly connected to the data carrier 32 at fastening points 48 on the surface thereof, for example by soldering or welding.
- the wire loops 46 can either be fastened on the surface of the data carrier 32 opposite the closure element 36 or on the surfaces opposite the hollow body 34 or both as well as.
- the wire loops 46 are in a plastic compound 50 is poured in, the plastic compound filling the cavity between the housing 30 and the data carrier 32 and has formed a firm connection both with the housing 30 and with the data carrier 32.
- the wire loops 46 are damaged, as a result of which the functions of the data carrier 32, which forms an electronic functional unit or a part thereof, are interrupted. In this way, access to information stored in data carrier 32 or access to systems or rooms secured by the functional unit is prevented.
Landscapes
- Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Finance (AREA)
- Storage Device Security (AREA)
Abstract
L'élément essentiel de l'installation consiste en un moyen de chiffrage (2) associé à un microprocesseur (4), l'installation comporte en outre une mémoire de travail (8), une mémoire de programme (10), une mémoire de données programmable (12) et une entrée-sortie (14) qui est en relation avec l'élément chiffré de sécurité. L'accès aux données mémorisées n'est possible que par l'intermédiaire du microprocesseur (4) de l'élément de chiffrage.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CH144787 | 1987-04-14 | ||
CH1447/87-2 | 1987-04-14 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1988008176A1 true WO1988008176A1 (fr) | 1988-10-20 |
Family
ID=4210675
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CH1988/000052 WO1988008176A1 (fr) | 1987-04-14 | 1988-03-03 | Installation protegee contre une intervention non-autorisee |
Country Status (3)
Country | Link |
---|---|
AU (1) | AU1341688A (fr) |
ES (1) | ES2007813A6 (fr) |
WO (1) | WO1988008176A1 (fr) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0467208A1 (fr) * | 1990-07-11 | 1992-01-22 | Hitachi, Ltd. | Système numérique d'information |
WO1999005601A1 (fr) * | 1997-07-22 | 1999-02-04 | James Edward Green | Systeme de securite |
WO1999040501A1 (fr) * | 1998-02-04 | 1999-08-12 | Spyrus, Inc. | Effacement actif de donnees stockees electroniquement lors de la detection d'acces frauduleux |
EP0863489A3 (fr) * | 1997-03-07 | 2001-06-13 | Motz Computer Service & Vertriebs GmbH | Sceau destiné à un boítier divisible |
WO2001063994A2 (fr) * | 2000-02-23 | 2001-08-30 | Iridian Technologies, Inc. | Boite inviolable destinee a des dispositifs electroniques equipes de memoires contenant des informations sensibles |
WO2002025411A1 (fr) * | 2000-09-21 | 2002-03-28 | Giesecke & Devrient Gmbh | Module de securite |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE2224937A1 (de) * | 1972-05-23 | 1974-02-21 | Gretag Ag | Einrichtung zum individuellen identifizieren einer mehrzahl von individuen |
US4211919A (en) * | 1977-08-26 | 1980-07-08 | Compagnie Internationale Pour L'informatique | Portable data carrier including a microprocessor |
DE3023427A1 (de) * | 1979-06-28 | 1981-01-08 | Gretag Ag | Mobiler datenbehaelter |
US4453074A (en) * | 1981-10-19 | 1984-06-05 | American Express Company | Protection system for intelligent cards |
WO1984004614A1 (fr) * | 1983-05-13 | 1984-11-22 | Ira Dennis Gale | Dispositif de protection des donnees |
EP0142013A2 (fr) * | 1983-10-14 | 1985-05-22 | Every-Sys Ag | Mémoire portable pour l'enregistrement, le stockage et la reproduction d'information |
WO1986005613A1 (fr) * | 1985-03-14 | 1986-09-25 | Toppan Moore Company, Ltd. | Carte d'identification |
EP0151714B1 (fr) * | 1983-12-29 | 1989-05-03 | GAO Gesellschaft für Automation und Organisation mbH | Dispositif pour garantir des informations secrètes |
-
1988
- 1988-03-03 AU AU13416/88A patent/AU1341688A/en not_active Abandoned
- 1988-03-03 WO PCT/CH1988/000052 patent/WO1988008176A1/fr unknown
- 1988-04-14 ES ES8801154A patent/ES2007813A6/es not_active Expired
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE2224937A1 (de) * | 1972-05-23 | 1974-02-21 | Gretag Ag | Einrichtung zum individuellen identifizieren einer mehrzahl von individuen |
US4211919A (en) * | 1977-08-26 | 1980-07-08 | Compagnie Internationale Pour L'informatique | Portable data carrier including a microprocessor |
DE3023427A1 (de) * | 1979-06-28 | 1981-01-08 | Gretag Ag | Mobiler datenbehaelter |
US4453074A (en) * | 1981-10-19 | 1984-06-05 | American Express Company | Protection system for intelligent cards |
WO1984004614A1 (fr) * | 1983-05-13 | 1984-11-22 | Ira Dennis Gale | Dispositif de protection des donnees |
EP0142013A2 (fr) * | 1983-10-14 | 1985-05-22 | Every-Sys Ag | Mémoire portable pour l'enregistrement, le stockage et la reproduction d'information |
EP0151714B1 (fr) * | 1983-12-29 | 1989-05-03 | GAO Gesellschaft für Automation und Organisation mbH | Dispositif pour garantir des informations secrètes |
WO1986005613A1 (fr) * | 1985-03-14 | 1986-09-25 | Toppan Moore Company, Ltd. | Carte d'identification |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0467208A1 (fr) * | 1990-07-11 | 1992-01-22 | Hitachi, Ltd. | Système numérique d'information |
EP0863489A3 (fr) * | 1997-03-07 | 2001-06-13 | Motz Computer Service & Vertriebs GmbH | Sceau destiné à un boítier divisible |
WO1999005601A1 (fr) * | 1997-07-22 | 1999-02-04 | James Edward Green | Systeme de securite |
WO1999040501A1 (fr) * | 1998-02-04 | 1999-08-12 | Spyrus, Inc. | Effacement actif de donnees stockees electroniquement lors de la detection d'acces frauduleux |
US6292898B1 (en) | 1998-02-04 | 2001-09-18 | Spyrus, Inc. | Active erasure of electronically stored data upon tamper detection |
WO2001063994A2 (fr) * | 2000-02-23 | 2001-08-30 | Iridian Technologies, Inc. | Boite inviolable destinee a des dispositifs electroniques equipes de memoires contenant des informations sensibles |
WO2001063994A3 (fr) * | 2000-02-23 | 2002-04-18 | Iridian Technologies Inc | Boite inviolable destinee a des dispositifs electroniques equipes de memoires contenant des informations sensibles |
WO2002025411A1 (fr) * | 2000-09-21 | 2002-03-28 | Giesecke & Devrient Gmbh | Module de securite |
Also Published As
Publication number | Publication date |
---|---|
AU1341688A (en) | 1988-11-04 |
ES2007813A6 (es) | 1989-07-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE60014362T2 (de) | Schlüssel und schlossvorrichtung | |
EP0355372B1 (fr) | Terminal commandé par support de données dans un système d'échange de données | |
EP0281057B1 (fr) | Circuit pour la sécurité de l'accès à un ordinateur à l'aide d'une carte à circuit intégré | |
DE69531278T2 (de) | Verfahren und Vorrichtung zum Laden einer geschützten Speicherzone in einem Datenverarbeitungsgerät | |
DE69729557T2 (de) | Verfahren und gerät zum softwarezugriff auf eine mikroprozessorseriennummer | |
EP0337185B1 (fr) | Support de données portatif | |
EP0283432B1 (fr) | Procédé et dispositif de protection des éléments secrets dans un réseau d'appareils de chiffrage à administration ouverte des clés | |
DE69635868T2 (de) | Verfahren und vorrichtung zum kryptographisch gesteuerten betrieb eines zusatzgeräts | |
EP0993653B1 (fr) | Procede et dispositif pour proteger des unites de calcul electroniques, notamment des cartes a puce | |
DE3023427A1 (de) | Mobiler datenbehaelter | |
DE3390018T1 (de) | Verfahren und Vorrichtung zum Schutz von Software | |
DE2253275B2 (de) | Verfahren und Vorrichtung zum Betreiben einer gegen unbefugten Zugang gesicherten Nachrichtenübertragungsanlage | |
EP0965076A1 (fr) | Dispositif et systeme de traitement electronique de donnees | |
DE4303620A1 (de) | Schreib-Lese-Einheit für elektronische Geräte | |
DE3803357A1 (de) | Elektrisches geraet | |
EP0224639A1 (fr) | Procédé pour contrôler l'accès à la mémoire d'une carte à circuit intégré et dispositif mettant en oeuvre ledit procédé | |
EP0280035B1 (fr) | Procédé de protection de programmes et de contrôle d'intégrité de programme protégé | |
WO1988008176A1 (fr) | Installation protegee contre une intervention non-autorisee | |
EP0276450A1 (fr) | Circuit de protection de données pour le blocage de la transmission de signaux sur un bus | |
DE3788567T2 (de) | Bedienungskonsole für Datenkommunikationszwecke. | |
EP0411185B1 (fr) | Dispositif pour introduction de données | |
EP0794306A2 (fr) | Système de contrÔle d'accès et de sécurité électronique | |
DE3342651A1 (de) | Verfahren zur absicherung des zugriffs an terminals | |
DE202004008380U1 (de) | Sicherer Kartenleser | |
EP2060988B1 (fr) | Module de sécurité |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AU DK FI JP NO US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH DE FR GB IT LU NL SE |