Data processing: financial – business practice – management – or co – Business processing using cryptography – Postage metering system
Reexamination Certificate
1999-07-21
2003-07-08
Cosimano, Edward R. (Department: 3629)
Data processing: financial, business practice, management, or co
Business processing using cryptography
Postage metering system
C705S401000, C705S410000
Reexamination Certificate
active
06591251
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention relates generally to postage metering systems, and more particularly to a method, apparatus, and code for maintaining secure postage data.
A postage meter allows a user to print postage or other indicia of value on envelopes or other media. The postage meter can be leased or rented from a commercial group (e.g., Neopost). Conventionally, the user purchases a particular amount of value beforehand and the meter is programmed with this amount. Subsequently, the user is allowed to print postage up to the programmed amount. Some modern postage meters allow the user to purchase additional amounts via a communications link (e.g., a telephone modem or the Internet).
Because a postage meter is capable of printing postage having a value, security is critical to prevent unauthorized use. The meter typically includes a print mechanism and electronic control circuitry that directs the operation of the print mechanism. The control circuitry (and possibly the print mechanism) are typically enclosed in a secure housing that prevents tampering with the meter and unauthorized access by anyone except for authorized factory technicians. The meter can include sensors that detect tampering with the meter and flag such condition. Examples of secure postage meters are disclosed in U.S. Pat. No. 4,742,469, entitled “Electronic Meter Circuitry,” issued May 3, 1988, U.S. Pat. No. 4,484,307, entitled “Electronic Postage Meter Having Improved Security and Fault Tolerance Features,” issued Nov. 20, 1984, and the aforementioned U.S. Pat. No. 6,424,954, all three assigned to the assignee of the present invention and incorporated herein by reference.
With the advent of electronic control circuitry, meter security is typically provided by digital signature, encryption, and other techniques. These techniques allow for electronic detection of meter tampering, e.g., attempts to modify the normal operation of the accounting registers used to store value.
Another technique for providing security is through the use of a smart card or cartridge. The smart card couples to the associated system and stores important data (e.g., security data) that enables the operation of the system to which it couples. For example, the smart card can contain secret pass codes, encryption keys, authorization codes, and so on. The smart card can be modified or replaced, as necessary, if its integrity is suspected.
Smart cards are used in some applications where security frauds are encountered. For example, U.S. Pat. No. 5,740,232 discloses a smart card based system for telephone-securized transactions. Also, U.S. Pat. No. 5,757,909 discloses the use of a smart card to prevent illegal users from viewing and copying a digital video stream.
Conventionally, automatic security arrangements for smart card based systems operate by resetting bits on the smart card to a particular value (e.g., zero). The reset prevents unauthorized operation with the smart card, which is desired. Unfortunately, the reset also destroys valuable data on the card. In applications in which the data is financial data (e.g., a postage revenue credit), this reset can be equivalent to a loss of cash.
SUMMARY OF THE INVENTION
The invention provides method, apparatus, and code that provide security for a postage metering system but maintain (or retain) secure postage data stored therein. The invention is especially suited for a postage metering system that includes a security module coupled to a postage meter. In an embodiment, a security routine is executed upon occurrence of one or more defined events. Execution of the security routine inhibits certain transactions between the security module and that meter but maintains (or retains) the secure postage data stored in the security module.
An embodiment of the invention provides a postage metering system that includes a security module operatively coupled to a meter. The meter is configurable to perform a set of metering operations. The security module executes a set of transactions with the meter, and includes a processor and a memory. The processor executes a security routine upon occurrence of one or more defined events. The memory stores secure postage data. When the security routine is executed, selected ones of transactions between the meter and security module are inhibited, but the secure postage data stored within the security module is retained. The security module can also store security data (e.g., encryption keys) that are erased when the security routine is executed. The security module can (and typically does) include additional circuitry that supports the security process (e.g., a timer, sensors, and so on).
The security routine can be initiated upon: (1) failure to receive an authorization signal by the security module within a particular time-out period, (2) detection of tampering with the security module, (3) receipt of a (shut-down) command from the meter, or other events.
Another embodiment of the invention provides a method for executing a security routine within a postage metering system that includes a security module coupled to a meter. In accordance with the method, occurrence of one or more defined events within the postage metering system is detected. The security routine is then initiated upon the detected occurrence of the one or more events. Upon execution of the security routine, selected ones of transactions between the meter and the security module are inhibited and secure postage data stored within a memory in the security module is retained.
Again, the security routine can be initiated if an authorization signal is not received within a time-out period or if tampering with the security module is detected. A count indicative of a time period since a last receipt of the authorization signal can be maintained, and this count can be reset if the authorization signal is received within the time-out period.
The invention also provides computer-implemented program products that implement the method described above.
The foregoing, together with other aspects of this invention, will become more apparent when referring to the following specification, claims, and accompanying drawings.
REFERENCES:
patent: 4181245 (1980-01-01), Garrett et al.
patent: 4447890 (1984-05-01), Duwel et al.
patent: 4484307 (1984-11-01), Quatse et al.
patent: 4506344 (1985-03-01), Hubbard
patent: 4657697 (1987-04-01), Chiang
patent: 4725718 (1988-02-01), Sansone et al.
patent: 4742469 (1988-05-01), Haines et al.
patent: 4743747 (1988-05-01), Fougere et al.
patent: 4757537 (1988-07-01), Edelmann et al.
patent: 4775246 (1988-10-01), Edelmann et al.
patent: 4812965 (1989-03-01), Taylor
patent: 4813912 (1989-03-01), Chickneas et al.
patent: 4831555 (1989-05-01), Sansone et al.
patent: 4853865 (1989-08-01), Sansone et al.
patent: 4853961 (1989-08-01), Pastor
patent: 4949381 (1990-08-01), Pastor
patent: 5142577 (1992-08-01), Pastor
patent: 5231668 (1993-07-01), Kravitz
patent: 5280531 (1994-01-01), Hunter
patent: 5377268 (1994-12-01), Hunter
patent: 5448641 (1995-09-01), Pintsov et al.
patent: 5555373 (1996-09-01), Dayan et al.
patent: 5574786 (1996-11-01), Dayan et al.
patent: 5612884 (1997-03-01), Haines
patent: 5625694 (1997-04-01), Lee et al.
patent: 5638442 (1997-06-01), Gargiulo et al.
patent: 5666421 (1997-09-01), Pastor et al.
patent: 5688056 (1997-11-01), Peyret
patent: 5715164 (1998-02-01), Liechti, deceased et al.
patent: 5719775 (1998-02-01), Abumehdi
patent: 5740232 (1998-04-01), Pailles et al.
patent: 5742683 (1998-04-01), Lee et al.
patent: 5757909 (1998-05-01), Park
patent: 5781438 (1998-07-01), Lee et al.
patent: 5793867 (1998-08-01), Cordery et al.
patent: 5822738 (1998-10-01), Shah et al.
patent: 5848401 (1998-12-01), Goldberg et al.
patent: 5920850 (1999-07-01), Hunter et al.
patent: 5963928 (1999-10-01), Lee
patent: 5970227 (1999-10-01), Dayan et al.
patent: 825 565 (1998-02-01), None
patent: 845 762 (1998-06-01), None
patent: 1 536 403 (1978-12-01), None
patent: 98/46790 (1998-04-01), None
patent: 98/20461 (1998-05-01), None
patent: 00/49580 (2000-08-01),
Leon JP
Pion Albert L.
Simon Elizabeth A.
Cosimano Edward R.
Neopost Inc.
LandOfFree
Method, apparatus, and code for maintaining secure postage data does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method, apparatus, and code for maintaining secure postage data, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method, apparatus, and code for maintaining secure postage data will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3079538