Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2000-04-17
2003-03-25
Mizrahi, Diane D. (Department: 2175)
Data processing: database and file management or data structures
Database design
Data structure types
Reexamination Certificate
active
06539380
ABSTRACT:
FIELD AND BACKGROUND OF THE INVENTION
The present invention relates to a device, a system and method for data access control, particularly for controlling access to data stored on a data storage device with a biometric detection device, such that access is determined through the operation of the biometric detection device.
Computers are useful for the storage, retrieval and manipulation of data. Currently, many different types of electronic data storage devices are used in conjunction with computers. These electronic storage devices may be located externally or internally to the computer with which the storage device is in communication. For example, a magnetic storage device, such as hard disk drive, could be located internally to the computer, in direct or indirect communication with the system bus of the computer and operated by the CPU(s) (central processing unit(s)) of the computer. Flash memory, which is both readable and writable, is a physically smaller storage device, which may be located within the physical case of the computer, and which is also connected to the system bus and operated by the CPU. Removable storage media may also be used to store data, in which a hardware device, or “drive”, for reading from and/or writing to the storage medium, is connected to the system bus of the computer. Examples of removable storage media include, but are not limited to, optical disks, CD-ROM disks and floppy diskettes. At some level, all of these various hardware devices are in communication with the computer which operates the device, regardless of the location of the electronic storage device. Therefore, access to the data is provided through such a computer.
One important aspect of such data storage is that access to the data should be controlled, for the purpose of data security. Currently, most forms of data access control are implemented as software programs, which have a number of disadvantages. For example, these programs may be “hacked” or overcome by an unauthorized user, who can then gain access to the data. Such a disadvantage has become more acute with the advent of communication networks, distributed data storage and “client-server” applications, all of which increase the number of access points to the computer through which the electronic storage device is accessed, and hence to the stored data on that device. Such an increased number of access points also potentially increase the ability of an unauthorized user to access the data. Thus, software programs are clearly not adequate protection for data stored in a networked environment with multiple access points.
Another type of data access control is provided through the operating system of the computer itself. For example, UNIX and other operating systems typically allow an authorized user to determine the level of permissions associated with a particular file and/or sub-directory, which could be “read-only”, “read/write” and so forth. Unfortunately, such permissions are often relatively simple, only differentiating between “read” and “write” for example. Also, like other types of software programs, these operating systems may be “hacked” by an unauthorized user, who can then gain access to the data.
In addition, if the electronic hardware storage device itself is stolen, then typically the data becomes completely unprotected, such that any unauthorized user can easily gain access to the data on the storage device. Neither common software programs nor the operating system of the computer can overcome this problem, since they are stored and implemented separately from the storage device itself.
A more useful solution would be implemented with the hardware of the electronic storage device in a more integrated manner, such that even if the storage device itself is stolen, the data could not be easily accessed. Furthermore, such integration would increase the difficulty of access by an unauthorized user. Such integration could be improved still further with the addition of a biometric detection device, such as a fingerprint sensor, which is known in the art for determining the identity of a user according to the fingerprint of the user. Unfortunately, such a solution is not currently available.
There is thus an unmet need for, and it would be useful to have, a device, a system and a method for controlling access to data stored on an electronic storage device, which does not rely on separately stored software programs, which is optionally integrated with the hardware of the storage device, and which features a biometric detection device in order to increase the difficulty of access by an unauthorized user, even if the electronic data storage device is removed by the unauthorized user for such unauthorized access.
REFERENCES:
patent: 4135240 (1979-01-01), Ritchie
patent: 4506329 (1985-03-01), Duwel et al.
patent: 4590552 (1986-05-01), Guttag et al.
patent: 4884211 (1989-11-01), Kishi et al.
patent: 4954982 (1990-09-01), Tateishi et al.
patent: 5146565 (1992-09-01), Blanck et al.
patent: 5187790 (1993-02-01), East et al.
patent: 5280527 (1994-01-01), Gullman et al.
patent: 5500517 (1996-03-01), Cagliostro
patent: 5566327 (1996-10-01), Sehr
patent: 5581700 (1996-12-01), Witte
patent: 5719950 (1998-02-01), Osten et al.
patent: 5724578 (1998-03-01), Morinaga et al.
patent: 5805719 (1998-09-01), Pare, Jr. et al.
patent: 5936221 (1999-08-01), Corder et al.
patent: 6040622 (2000-03-01), Wallace
patent: 6147860 (2000-11-01), Iwasaki
patent: 6240493 (2001-05-01), Hardwood, III et al.
LandOfFree
Device, system and method for data access control does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Device, system and method for data access control, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Device, system and method for data access control will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3078402