WO2008078333A1 - Intelligent system to protect confidential information from unauthorized duplication - Google Patents

Intelligent system to protect confidential information from unauthorized duplication Download PDF

Info

Publication number
WO2008078333A1
WO2008078333A1 PCT/IN2007/000551 IN2007000551W WO2008078333A1 WO 2008078333 A1 WO2008078333 A1 WO 2008078333A1 IN 2007000551 W IN2007000551 W IN 2007000551W WO 2008078333 A1 WO2008078333 A1 WO 2008078333A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
security
confidential data
unit
computer
Prior art date
Application number
PCT/IN2007/000551
Other languages
French (fr)
Inventor
George John Thekkethil
Original Assignee
Trinity Future-In Private Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Trinity Future-In Private Limited filed Critical Trinity Future-In Private Limited
Publication of WO2008078333A1 publication Critical patent/WO2008078333A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Definitions

  • TITLE Intelligent System to Protect Confidential Information from
  • the present invention provides an Intelligent system, wherein confidential informations (data) are delivered to a computer system in a much-secured manner, so that the confidential informations are not allowed for unauthorized usage and duplication.
  • the present invention provides an electronic or electromechanical system to allow the usage of the confidential informations securely, wherein copying techniques such as copying of distribution media, keys and passwords, hard drives, system fingerprinting, and other common privacy concerns are prohibited.
  • the present invention provides an effective means to use such confidential informations by suppressing the end computing system's copying methods and creating a secure environment.
  • the present invention provides both passive and active protection to the confidential informations from unauthorized usage.
  • the range of confidential data threatened by attackers is huge, such as, information related to the private life of individuals (e.g., agenda, address book, bookmarks, medical records, household expenses, education records), epassport details, credit card numbers, patents, business strategies, prison or military secrets, sensitive or confidential business information in Corporate, digital certificates and other confidential data in Banking sector, administrative confidential data, passwords, e-mail, finances data, Customer information in e- commerce and ebusiness applications, social security numbers, etc.
  • the four types of data considered to be most at risk in an organization are intellectual property, business confidential information, customer and consumer data, and employee data.
  • Conventional methods and techniques for protecting data typically involve one or more layers of protection designed to prevent access to data.
  • layers of protection may include identification cards, passwords, firewalls, biometric identification, and other techniques to verify that an entity (e.g., an individual or other electronic device) attempting to access the data is allowed to view, use, and/or obtain that data.
  • an entity e.g., an individual or other electronic device
  • a thief often gains access to data that is easily copied and interpreted. This is because conventional data security techniques often only protect access to data, but leave the data itself as plaintext (i.e., unencrypted).
  • Data storage medium used in this prior art is the hard drive kind of unit. But it checks or access key to access the data in the partitioned data storage area. Once the access key is entered and verified by the controller, all the data in the secure portion of the storage medium will be given to the end computing machine and from there user can do unauthorized activities on the data. It will be stored in the temporary memory of the computing system but it doesn't provide any other security measures to protect confidential data in this temporary memory. Also a part of the temporary memory area is erased when the control program is closed or the computer is turned off, whereas in the present invention all the contents will be erased when the control program is closed or the computer is turned off.
  • the present invention provides protection against a full range of security threats from sophisticated system due to careless storage of user passwords.
  • the present invention gives both passive and active protection for the confidential information stored.
  • Passive protection is designed to prevent physical access to the information within the apparatus. Active protection will render the information unreadable if the passive protection fails.
  • the present invention gives hardware protection for confidential data within the gadget, hence totally avoiding unauthorized usage of confidential data.
  • the main object of the present invention is to provide security system by way of an encryption and memory mapping and by hardware mechanism to protect confidential data from unauthorized duplication which obviates the drawbacks of the prior art.
  • the present invention provides a software encryption and memory mapping mechanism for avoiding confidential data from being getting duplicated by computing systems like computers, laptops, other digital systems.
  • the present invention also provides software encryption mechanism to allow the usage of the confidential data effectively and securely, wherein copying techniques such as copying of distribution media, keys and passwords, hard drives, system fingerprinting, and other common privacy concerns are prohibited.
  • Still another object of the present invention is to provide a software encryption mechanism and memory mapping mechanism to prevent the unauthorized copying of confidential data to a computer.
  • Still another object of the present invention provides an electronic or electromechanical system, which executes the confidential informations in the well-protected environment within the end machine without allowing the user to do unauthorized activities on the confidential informations.
  • One important salient feature of this invention is that the stored data can be protected against unauthorized access and manipulation by restricting access to an interface that is controlled by an operating system and security Unit.
  • Confidential data can thus be written to the mentioned invention device and : stored in a manner that prevents the data from ever being read by a device external to the invention device.
  • Fig (1) represents the Intelligent System to Protect Confidential Data from unauthorized duplication wherein (11) is an intelligent device disposed in electronic communication with an associated computing system (12).
  • This Intelligent device (11) contains Formatting Interface (2) which converts all the data which should be secured, given by Input Source (1) into a secured unique format automatically, a storage device (3), this may be hard drive, CD- ROM, DVD-ROM, PCMCIA Flash Cards, Flash IC Chips, etc. Formatting Interface is the major element that gives the main part of the security offered by this device. This element receives the confidential data from the input source and converts into a unique secured encrypted mapped format automatically using any of the advanced encryption algorithms.
  • Data storage security may also be desirable for system integrity purposes to prevent damage to data, for example caused by a computer virus or other damaging or parasitic code.
  • This storage device (3) is interfaced with Security Unit (5), via ATA, IDE, SATA,
  • Security Unit (5) takes care of all the required security issues. They receive commands from Computer System and act accordingly.
  • This Security Unit (5) includes executable codes, which will be always active when the device is connected to Computing System. These executable codes prevent the end computing system operating system to access the storage device
  • This Security Unit (5) is interfaced with Computing System through ISA,
  • PCI/PCI-X PCI/PCI-X, PCI-E, VME, USB, Network, etc.
  • Security Unit connects Storage Device to an appropriate IDE, ATA, SATA,
  • User Authentication Unit (3A) is responsible for authenticating the authorized user of the device. It stores all the user authentication details such as fingerprint, retinal pattern, DNA sequence, voice recognition, and other techniques. When the user connects the device to end computing unit, it ask for personal identifications. Then user has to provide his identications to the Personal Identifier Unit (7) of the Computing Section. Now these identification characters provided by the user are compared with the identification characters stored in the User Authentication Unit (5A) of the device section (12). If the idenfication characters provided by the user matches with the identification characters stored in the User Authentication Unit (5A), the security Unit (5) of the device will send the confidential data to the end-computing unit.
  • Biometrics technology is applied to measure the physical characteristics such as fingerprints, eye retinas and irises, facial patterns, hand measurements and other measurements of the authorized user.
  • MEMS sensors also play a major role in authenticating the authorized user.
  • Data received from the Device will be decrypted by Decrypt Engine (7), and then it is reformatted by Re-Formatting Engine (8), which prepares data for further execution.
  • This Re-Formatting Engine (8) recovers data from the original unique encrypted format. Now the data is ready for further required processing in the internal RAM (9) of the computing device.
  • This data retrieved from the secure portion of the storage device (3) is stored and accessed by the control program, which is part of the Application Software, in a temporary memory Internal RAM (9).
  • This control program will be running on the computer, and it is executed in a temporary memory Internal RAM (9) of the computing Device.
  • This control program comprising: a set of executable instruction codes that coordinates the access by a computing device to data storage device; a set of executable instruction codes, when the control program is closed or computing system is turned off, will remove the confidential data that will be stored in the temporary memory Internal RAM (9) of the computing device during running time; a set of executable instruction codes that will take control of the unauthorized activities set by the computing device during running time, example, completely disabling the copy, cut, paste, print screen and other undesired activities.
  • AU confidential data are stored within the present invention device in a unique secured format which will be encrypted by using any of the encryption algorithms etc.
  • the user connects the device to the end-computing unit, he has to authorize himself for the device to access the confidential data within the device by biometrics technology. Once the authorization is assured, the device will send the confidential data to the end-computing unit
  • the informations cannot be copied in any manner that would later be functional on any other computer system; instead they only can view the confidential information on the computer display.
  • Requested data are retrieved from the mentioned invention device, stored in temporary memory of the computing machine during the time of its usage, and displayed to the user or used to complete a task. During this time of usage all copying and other unwanted activities are not allowed. Once the Application program is closed or the task is completed, the retrieved data in temporary memory is completely erased and not available to the user after that.
  • This device gives security for the confidential informations both inside and outside of the device.
  • the present invention device contains the confidential data such as the passport details, Electronic Medical Records (EMR), etc.
  • EMR Electronic Medical Records
  • details of the e-passport contain your digitized photograph, name, gender, date of birth, nationality, passport number, and the passport expiry date. All these confidential data are stored within the device in a unique secured format.
  • the user connects the device to the end-computing unit, he has to authorize himself for the device to access the epassport details within the device by biometrics technology. Once the authorization assured the device will send the confidential data to the end-computing unit.
  • the data displayed on the end-computing unit are not allowed for any unauthorized activities by completely disabling the copy, cut, paste, print screen and other undesired activities. He can just use the epassport details for the authorized activities.

Abstract

System for protecting confidential data from unauthorized duplication, identifying authorized users using biometrics technology (5A) and utilizing encryption algorithms to ensure security. An external device (11 ) is used to store confidential data. It contains a security unit (5) which processes requests from a computing device (12). The security unit (5) sends data to the computing device (12) in such a way that only a specific application software can access data in well-defined restricted ways, e.g. for viewing. All unwanted activities, e.g. copying of the confidential data in clear text are made infeasible.

Description

TITLE: Intelligent System to Protect Confidential Information from
Unauthorized Duplication
Field of the Invention:
The present invention provides an Intelligent system, wherein confidential informations (data) are delivered to a computer system in a much-secured manner, so that the confidential informations are not allowed for unauthorized usage and duplication.
Particularly the present invention provides an electronic or electromechanical system to allow the usage of the confidential informations securely, wherein copying techniques such as copying of distribution media, keys and passwords, hard drives, system fingerprinting, and other common privacy concerns are prohibited.
More particularly, the present invention provides an effective means to use such confidential informations by suppressing the end computing system's copying methods and creating a secure environment.
Still more particularly, the present invention provides both passive and active protection to the confidential informations from unauthorized usage.
BACKGROUND ART:
The range of confidential data threatened by attackers is huge, such as, information related to the private life of individuals (e.g., agenda, address book, bookmarks, medical records, household expenses, education records), epassport details, credit card numbers, patents, business strategies, diplomatic or military secrets, sensitive or confidential business information in Corporate, digital certificates and other confidential data in Banking sector, administrative confidential data, passwords, e-mail, finances data, Customer information in e- commerce and ebusiness applications, social security numbers, etc.
Theft of confidential data is common now days for one simple reason: the data is exceptionally valuable. Hackers will always steal what's valuable. Now a day's individuals hesitate to use networks or systems they do not trust. Hence, they say no to disclose personal information, or they will give false information.
The four types of data considered to be most at risk in an organization are intellectual property, business confidential information, customer and consumer data, and employee data.
Secure management of personal information, especially credit card and account numbers, is increasingly important. To prevent unauthorized access to these personal informations, companies and business have invested significant resources in providing access protection to computer systems and also to the data stored on and transferred between the computer systems.
Conventional methods and techniques for protecting data typically involve one or more layers of protection designed to prevent access to data. Such layers of protection may include identification cards, passwords, firewalls, biometric identification, and other techniques to verify that an entity (e.g., an individual or other electronic device) attempting to access the data is allowed to view, use, and/or obtain that data. However, if these layers of protection are circumvented, a thief often gains access to data that is easily copied and interpreted. This is because conventional data security techniques often only protect access to data, but leave the data itself as plaintext (i.e., unencrypted).
Traditional database security policies rely on user authentication, server enforced access controls, etc. Unfortunately, these mechanisms are inoperative against most insider attacks and particularly against database administrator attacks. Several attempts have been made recently to strengthen server-based database security policies.
Technical Challenges that the present data security devices facing are:
Software is large and complex, security policies are complex, requires tools & automation, existing mechanisms are crucial.
Reference can be made to the US Publication No: 2006/0272027-A1, Noble; Gayle to Finisar Corporation, "Secure access to segment of data storage device and analyzer", wherein it has been disclosed that this invention is for data security, it is a data storage which include an insecure portion and a secure portion. There will be a controller which controls the access to the storage medium by a computer operating system and communicate a signal to the computer operating system that describes portions of the storage medium, but do not describe the secure portion of the storage medium.
Data storage medium used in this prior art is the hard drive kind of unit. But it checks or access key to access the data in the partitioned data storage area. Once the access key is entered and verified by the controller, all the data in the secure portion of the storage medium will be given to the end computing machine and from there user can do unauthorized activities on the data. It will be stored in the temporary memory of the computing system but it doesn't provide any other security measures to protect confidential data in this temporary memory. Also a part of the temporary memory area is erased when the control program is closed or the computer is turned off, whereas in the present invention all the contents will be erased when the control program is closed or the computer is turned off. The present invention provides protection against a full range of security threats from sophisticated system due to careless storage of user passwords.
In the present world, the largest threats to individuals, corporate companies, governments, and other organizations are the data and identity theft.
The present invention gives both passive and active protection for the confidential information stored.
Passive protection is designed to prevent physical access to the information within the apparatus. Active protection will render the information unreadable if the passive protection fails.
The present invention gives hardware protection for confidential data within the gadget, hence totally avoiding unauthorized usage of confidential data.
Even if the user breaks the hardware security means, i.e. if he breaks biometric security, means, an ultimate software security means will safeguard the confidential information.
It ensures total protection of data regardless of its access mode and file types.
OBJECTS OF THE INVENTION:
The main object of the present invention is to provide security system by way of an encryption and memory mapping and by hardware mechanism to protect confidential data from unauthorized duplication which obviates the drawbacks of the prior art.
The present invention provides a software encryption and memory mapping mechanism for avoiding confidential data from being getting duplicated by computing systems like computers, laptops, other digital systems.
The present invention also provides software encryption mechanism to allow the usage of the confidential data effectively and securely, wherein copying techniques such as copying of distribution media, keys and passwords, hard drives, system fingerprinting, and other common privacy concerns are prohibited.
Still another object of the present invention is to provide a software encryption mechanism and memory mapping mechanism to prevent the unauthorized copying of confidential data to a computer.
Still another object of the present invention provides an electronic or electromechanical system, which executes the confidential informations in the well-protected environment within the end machine without allowing the user to do unauthorized activities on the confidential informations.
One important salient feature of this invention is that the stored data can be protected against unauthorized access and manipulation by restricting access to an interface that is controlled by an operating system and security Unit.
Confidential data can thus be written to the mentioned invention device and : stored in a manner that prevents the data from ever being read by a device external to the invention device.
BRIEF DESCRIPTION OF THE DRAWINGS:
In the drawing accompanying this specification, Fig (1) represents the Intelligent System to Protect Confidential Data from unauthorized duplication wherein (11) is an intelligent device disposed in electronic communication with an associated computing system (12).
This Intelligent device (11) contains Formatting Interface (2) which converts all the data which should be secured, given by Input Source (1) into a secured unique format automatically, a storage device (3), this may be hard drive, CD- ROM, DVD-ROM, PCMCIA Flash Cards, Flash IC Chips, etc. Formatting Interface is the major element that gives the main part of the security offered by this device. This element receives the confidential data from the input source and converts into a unique secured encrypted mapped format automatically using any of the advanced encryption algorithms.
In the storage device (3) all the confidential data that are to be protected from unauthorized usage are stored in secured unique encrypted format. This also stores all the required security logical softwares for the device. All the data within this will be in a unique encrypted mapped format.
Data storage security may also be desirable for system integrity purposes to prevent damage to data, for example caused by a computer virus or other damaging or parasitic code.
This storage device (3) is interfaced with Security Unit (5), via ATA, IDE, SATA,
SCSI, SAS, USB, MCMCIA, FLASH, Internet, NV-RAM, Network, etc. This
Security Unit (5) takes care of all the required security issues. They receive commands from Computer System and act accordingly.
It does all the required encryption mechanism to the confidential data using the encryption algorithms. All software required for the functionality of the device and for security are stored within this unit.
This Security Unit (5) includes executable codes, which will be always active when the device is connected to Computing System. These executable codes prevent the end computing system operating system to access the storage device
(3) for unauthorized functions,
This Security Unit (5) is interfaced with Computing System through ISA,
PCI/PCI-X, PCI-E, VME, USB, Network, etc.
Security Unit (5) connects Storage Device to an appropriate IDE, ATA, SATA,
SCSI, SAS, USB, PC-MCIA, FLASH, Battery-backup-RAM, NVRAM, Ethernet,
Internet, network, etc. User Authentication Unit (3A) is responsible for authenticating the authorized user of the device. It stores all the user authentication details such as fingerprint, retinal pattern, DNA sequence, voice recognition, and other techniques. When the user connects the device to end computing unit, it ask for personal identifications. Then user has to provide his identications to the Personal Identifier Unit (7) of the Computing Section. Now these identification characters provided by the user are compared with the identification characters stored in the User Authentication Unit (5A) of the device section (12). If the idenfication characters provided by the user matches with the identification characters stored in the User Authentication Unit (5A), the security Unit (5) of the device will send the confidential data to the end-computing unit.
Biometrics technology is applied to measure the physical characteristics such as fingerprints, eye retinas and irises, facial patterns, hand measurements and other measurements of the authorized user. In addition to biometrics technology MEMS sensors also play a major role in authenticating the authorized user. Now in Computing Section, data received from the Device will be decrypted by Decrypt Engine (7), and then it is reformatted by Re-Formatting Engine (8), which prepares data for further execution. This Re-Formatting Engine (8) recovers data from the original unique encrypted format. Now the data is ready for further required processing in the internal RAM (9) of the computing device. This data retrieved from the secure portion of the storage device (3) is stored and accessed by the control program, which is part of the Application Software, in a temporary memory Internal RAM (9).
This control program will be running on the computer, and it is executed in a temporary memory Internal RAM (9) of the computing Device. This control program comprising: a set of executable instruction codes that coordinates the access by a computing device to data storage device; a set of executable instruction codes, when the control program is closed or computing system is turned off, will remove the confidential data that will be stored in the temporary memory Internal RAM (9) of the computing device during running time; a set of executable instruction codes that will take control of the unauthorized activities set by the computing device during running time, example, completely disabling the copy, cut, paste, print screen and other undesired activities.
FUNCTIONAL FEATURES OF THE INVENTION:
AU confidential data are stored within the present invention device in a unique secured format which will be encrypted by using any of the encryption algorithms etc. When the user connects the device to the end-computing unit, he has to authorize himself for the device to access the confidential data within the device by biometrics technology. Once the authorization is assured, the device will send the confidential data to the end-computing unit
User will have access to this present invention device through application software, which has to be installed in the end-computing machine. Only through this application software, user can view the confidential information safely. No other means can access the confidential informations.
Once the confidential informations are fed into the computer, the informations cannot be copied in any manner that would later be functional on any other computer system; instead they only can view the confidential information on the computer display.
Requested data are retrieved from the mentioned invention device, stored in temporary memory of the computing machine during the time of its usage, and displayed to the user or used to complete a task. During this time of usage all copying and other unwanted activities are not allowed. Once the Application program is closed or the task is completed, the retrieved data in temporary memory is completely erased and not available to the user after that.
Only the authorized person can use this device and no one else can access it by any means if it goes to unauthorized hands.
This device gives security for the confidential informations both inside and outside of the device.
Example:
Assume that the present invention device contains the confidential data such as the passport details, Electronic Medical Records (EMR), etc. For example, consider details of the e-passport. These details contain your digitized photograph, name, gender, date of birth, nationality, passport number, and the passport expiry date. All these confidential data are stored within the device in a unique secured format. When the user connects the device to the end-computing unit, he has to authorize himself for the device to access the epassport details within the device by biometrics technology. Once the authorization assured the device will send the confidential data to the end-computing unit. The data displayed on the end-computing unit are not allowed for any unauthorized activities by completely disabling the copy, cut, paste, print screen and other undesired activities. He can just use the epassport details for the authorized activities.
Only the authorized person can use this device and no one else can access it by any means if it goes to unauthorized hands.
No other device or softwares are able to hack data from this intelligent Device by any means, both internal and external to the device.

Claims

ADVANTAGES OF THE INVENTION:Major advantages of the present invention are as follows:The present invention Intelligent System to Protect Confidential Data from Unauthorized Duplication is effective in protecting Confidential Data from the unauthorized duplication.
1. The present invention prevents unauthorized duplication of Confidential Data to a computer or any other electronic device by any means.
2. The system can be miniaturized to a chip configuration.
3. This system can be integrated into a chip, can be operated easily on any desktop, laptop, notebook and the like.
4. The system can be miniaturized to a MEMS configuration.
CLAIMS:
1. An Intelligent System to Protect Confidential Data from Unauthorized Duplication comprises a) Device section (11), b) Computer section (12). Formatting Interface (2) receives data from input source (1) and convert into secured unique format automatically using any of the advanced encryption algorithms, Storage unit (3) of the Device section (11) stores all the Confidential Data to be secured given by Formatting Interface (2), Security Unit (5) takes care of all the required security issues, User Authentication Unit (5A) which authenticate the user by using biometrics techniques, decrypt engine (7) of the Computer section (12) decrypt the confidential data received from the Device section (11) and prepares data for further executions, Re-formatting Engine (8) processes the decrypted data, to recover data from the original formatted form.
2. Input Source claimed in claim (1) will be a computer, a mobile phone, a pager, and any other electronic device.
3. Formatting Interface (2) claimed in claim 1, format all the confidential data given by Input Source (1) into a secured unique format automatically using any of the advanced encryption algorithms.
4. Formatting Interface (2) claimed in claim 1 and claim 3 will be a FPGA, ASIC, CPU whose functionalities are predefined.
5. Storage Unit (3) claimed in claim 1, stores all the formatted confidential data in the mapped format, this storage Unit may be a memory flash, a memory card, a hard disk, a EPROM, a EEPROM, a RAM, a disc on chip.
6. Storage Unit (3) claimed in claim 1, claim 5 will be interfaced with the Security Unit (5) through ATA, IDE, SATA, SCSI, SAS, USB, PCMCIA, FLASH, Internet, Network, NV-RAM, etc
7. Security Unit (5) claimed in claim 1 and claim 6 takes care of all the required security issues of the Intelligent System. AU softwares required for the functionality of the intelligent system and for security, are stored within this unit. They receive commands from Computer System and act according to the pre-defined security instructions.
8. Security Unit (5) claimed in claim 1, claim 6 and claim 7 employs mapping logic mechanism, indirect authentication mechanism, and crypt key logic mechanism to ensure complete security to the confidential data.
9. Security Unit (5) claimed in claim 1, claim 6, claim 7 and claim 8 is provided with a User Authentication Unit (5A), which stores all authentication details of the user, such as biometrics techniques, example fingerprint, retinal pattern, DNA sequence, voice recognition, and other techniques.
10. Security Unit (5) claimed in claim 1, claim 6, claim 7, claim 8 and claim 9 will be a FPGA, ASIC, CPU.
11. Security Unit (5) claimed in claim 1, claim 6, claim 7, claim 8, claim 9 and claim 10, will be interfaced with the Computer Section (12) through ISA, USB, PCI-E, VME, DDR/DDR-II, Network, SDRAM, RAMBUS, IEEE, Dual Port RAM, etc.
12. Confidential Data received from the intelligent system will be decrypted by the Decrypt Engine (7) of the Computer Section (12), prepares data for further execution. This decrypted data will be processed in the Re- Formatting Engine (8), to recover data from the original formatted format.
13. Decrypt engine claimed in claim land claim 12 would be a separate application software stored in the computer section, which will be running in Internal RAM (9).
14. Re-Formatting Engine (8) will be separate application software stored in the computer section, which will be running in Internal RAM (9).
15. Intelligent System claimed in claim 1 to claim 14 creates a protective environment in the Computer section, which will prevent all unauthorized activities on the confidential data, predefined in the Security Unit (5).
16. Intelligent System claimed in claim 1 to claim 15 ensures total protection of confidential data regardless of its access mode and file types, so that user can use confidential data for only authorized activities which will be predefined in the Security Unit (5).
PCT/IN2007/000551 2006-12-22 2007-11-26 Intelligent system to protect confidential information from unauthorized duplication WO2008078333A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN2410CH2006 2006-12-22
IN2410/CHE/2006 2006-12-22

Publications (1)

Publication Number Publication Date
WO2008078333A1 true WO2008078333A1 (en) 2008-07-03

Family

ID=39562152

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2007/000551 WO2008078333A1 (en) 2006-12-22 2007-11-26 Intelligent system to protect confidential information from unauthorized duplication

Country Status (1)

Country Link
WO (1) WO2008078333A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001023987A1 (en) * 1999-09-30 2001-04-05 M-Systems Flash Disk Pioneers Ltd. Removable, active, personal storage device, system and method
WO2003003282A1 (en) * 2001-06-28 2003-01-09 Trek 2000 International Ltd. A portable device having biometrics-based authentication capabilities
EP1293865A2 (en) * 1994-11-23 2003-03-19 ContentGuard Holdings, Inc. System for controlling the distribution and use of digital works utilizing a usage rights grammar
WO2003091885A1 (en) * 2002-04-25 2003-11-06 Ritronics Components Singapore Pte Ltd A biometrics parameters proctected computer serial bus interface portable data storage device and method of proprietary biometris enrollment
EP1477879A2 (en) * 2003-02-27 2004-11-17 Microsoft Corporation Tying a digital license to a user and tying the user to multiple computing devices in a digital rights management (DRM) system
WO2005074512A2 (en) * 2004-02-03 2005-08-18 Tanner Richard Carl Jr Intelligent media storage system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1293865A2 (en) * 1994-11-23 2003-03-19 ContentGuard Holdings, Inc. System for controlling the distribution and use of digital works utilizing a usage rights grammar
WO2001023987A1 (en) * 1999-09-30 2001-04-05 M-Systems Flash Disk Pioneers Ltd. Removable, active, personal storage device, system and method
WO2003003282A1 (en) * 2001-06-28 2003-01-09 Trek 2000 International Ltd. A portable device having biometrics-based authentication capabilities
WO2003091885A1 (en) * 2002-04-25 2003-11-06 Ritronics Components Singapore Pte Ltd A biometrics parameters proctected computer serial bus interface portable data storage device and method of proprietary biometris enrollment
EP1477879A2 (en) * 2003-02-27 2004-11-17 Microsoft Corporation Tying a digital license to a user and tying the user to multiple computing devices in a digital rights management (DRM) system
WO2005074512A2 (en) * 2004-02-03 2005-08-18 Tanner Richard Carl Jr Intelligent media storage system

Similar Documents

Publication Publication Date Title
US6845908B2 (en) Storage card with integral file system, access control and cryptographic support
CN104951409B (en) A kind of hardware based full disk encryption system and encryption method
US8479013B2 (en) Secure portable data transport and storage system
JP4781692B2 (en) Method, program, and system for restricting client I / O access
US20090228714A1 (en) Secure mobile device with online vault
CN100449560C (en) Computer data security protective method
US20090150631A1 (en) Self-protecting storage device
US20070237366A1 (en) Secure biometric processing system and method of use
US20050060561A1 (en) Protection of data
US20050228993A1 (en) Method and apparatus for authenticating a user of an electronic system
US20070180257A1 (en) Application-based access control system and method using virtual disk
WO2011137743A1 (en) File protection method and system
EP3074907B1 (en) Controlled storage device access
US20080010453A1 (en) Method and apparatus for one time password access to portable credential entry and memory storage devices
US20070226514A1 (en) Secure biometric processing system and method of use
JP2009510808A (en) Intelligence-based security systems and methods
WO2012156785A1 (en) Systems and methods for device based password-less user authentication using encryption
US20070226515A1 (en) Secure biometric processing system and method of use
JP4724107B2 (en) User authentication method using removable device and computer
US20100174902A1 (en) Portable storage media with high security function
JP2002312326A (en) Multiple authentication method using electronic device with usb interface
US9262619B2 (en) Computer system and method for protecting data from external threats
Thibadeau Trusted computing for disk drives and other peripherals
TWI514834B (en) Encrypted storage device for personal information
US20080120510A1 (en) System and method for permitting end user to decide what algorithm should be used to archive secure applications

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07859622

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07859622

Country of ref document: EP

Kind code of ref document: A1