Data processing: structural design – modeling – simulation – and em – Emulation – Of peripheral device
Reexamination Certificate
1999-12-10
2004-09-28
Phan, Thai (Department: 2128)
Data processing: structural design, modeling, simulation, and em
Emulation
Of peripheral device
C703S014000, C703S026000, C455S558000
Reexamination Certificate
active
06799155
ABSTRACT:
FIELD OF THE INVENTION
Subscriber Interface Modules, or “Smart Cards,” including a microprocessor, and in particular the installation, programming and accessing of such subscriber interface modules.
BACKGROUND OF THE INVENTION
Portable data or information carriers in the form of a card or the like are known. Such carriers are commonly known as Subscriber Interface Modules (SIMs), or “smart cards.” As disclosed in U.S. Pat. No. 4,816,653, the complete disclosure of which is incorporated by reference herein, the SIM looks and feels much like an ordinary credit card, but the SIM includes a computer, an electrically erasable programmable read-only memory (EEPROM), and also circuitry for receiving a combined power and timing signal from a card reader/writer optionally located within an associated device or station. These card components and circuitry also receive and transmit data signals between the card and, via the reader/writer, the associated device or station. The SIM is thus a small portable article including an electronic arrangement having a microprocessor coupled to an electrically programmable read-only memory.
The SIM is used in many industries to provide secure access to personal data, such as bank account numbers, medical records, and telephone access codes. Conventional SIMs, however, generally hold just one application. One SIM might be used for a banking/financial application, while another SIM might be dedicated to a security application for entry to a building or workplace, while yet another smart card might be dedicated to access a telephone system. In general, the internal handling of data by the SIM deprives a would-be defrauder of any opportunity to learn the nature of information required to use the SIM.
In order to maximize the confidentiality of information stored in the SIM, and more specifically to limit the amount of information available to a would-be defrauder monitoring data lines or radio frequency carriers connecting the data SIM to external devices, the SIM includes a microprocessor and a memory operatively associated with the microprocessor. According to one embodiment disclosed in U.S. Pat. No. 4,211,919, the complete disclosure of which is incorporated by reference herein, the memory has three zones: a secret zone in which reading and writing operations are permitted by internal circuits of the SIM; a working zone in which any reading or writing operations are permitted; and a read zone where only reading operations are permitted.
The secret zone of the memory disclosed in U.S. Pat. No. 4,211,919 includes at least one key or code which is compared to a key received from a device external to the SIM for determining whether a particular operation is authorized. The secret zone includes an ERROR zone and an ACCESS zone in which information is stored indicating attempted access or access to strictly confidential data requiring the use of a key. The microprogram stores one bit in one or the other of these two zones each time access to the SIM is requested. Therefore, performing read and write functions in predetermined zones of the memory is possible, provided that a secret code or key is fed into the data SIM.
More particularly, according to U.S. Pat. No. 4,211,919, the operations to be performed are monitored and handled internally and continuously by a microprogram which is stored in memory and executed by the microprocessor. The SIM functions are summarized as follows:
(1) sequential reading and writing of memory in the authorized zones starting from a given address;
(2) acquisition and checking of an enabling key by comparing the key with a word which is written in a secret zone of the application memory, and therefore inaccessible from outside the SIM;
(3) authorization or denial of reading and writing;
(4) systematic self-checking of the writing in the memory;
(5) ordering internal storage of errors and/or successful attempts at access; and
(6) disabling previous functions when the number of errors, i.e., unsuccessful attempts, reaches a predetermined maximum count.
As disclosed in U.S. Pat. No. 4,816,653, a vast amount of computing power and memory are present right in the SIM. The SIM is capable of carrying the account numbers of all of the owner's charge accounts, the balances of all of the accounts, the credit limits of all of the accounts. The card is also capable of carrying other such personal data as, for example, personal telephone directories, and personal telephone access codes. The presence of such data in a portable SIM requires suitable security for the data on the SIM. SIM components and circuitry exchange authorization data with appropriate application software residing in the device or station, when enable by an appropriate password. A suitably configured application device or station, which includes a computer or dedicated workstation that executes application software necessary for accessing the memory in the SIM enables the retrieval and modification of information stored in the SIM memory.
Certainty that the device or station is communicating with an authentic file on an authentic SIM is achieved by assigning each card a unique serial number and using this number, or subset thereof, along with a concealed application password residing in the device or station. These numbers are manipulated algorithmically to produce an authentication code which is stored in the application's file on the SIM at the time of creation. During subsequent transactions, this code must be favorably compared to a similar code generated independently by the device or station to enable a transaction. The SIM requires a user to provide a password before access to files other than those at the public level is permitted. Security is further ensured by restricting the number of unsuccessful password attempts.
According to U.S. Pat. No. 4,816,653, the SIM is fully passive and not able to initiate any transaction with the device or station. Rather, the reader/writer signals ‘attention’ to the device or station. The device or station responds to the ‘attention’ signal and interrogates the reader/writer to determine the reason for the ‘attention’ signal.
U.S. Pat. No. 5,721,781, the complete disclosure of which is incorporated by reference herein, discloses a SIM that is assigned its own digital certificate containing a digital signature from a trusted certifying authority and a unique public key. Additionally, the cardholder is required to enter a unique Personal Identification Number (PIN) to complete a transaction. The PIN is passed to the SIM for use in authenticating the cardholders identity. The system disclosed in U.S. Pat. No. 5,721,781 includes a terminal that is capable of accessing the SIM. The terminal has at least one compatible application which operates in conjunction with an application on the smart card. To begin a transaction, the SIM and terminal enter an authentication phase wherein the terminal verifies that it is communicating with an authorized SIM. This usually entails the SIM forwarding its own access code to the terminal for verification. The SIM uses the terminal's public key that it received in the terminal's certificate to send a message. Only the terminal can decrypt the message using its private key. Similarly, the terminal can encrypt a reply message using the SIM's public key and only the SIM can decrypt the message. The encryption algorithms introduce “digital signatures” which are employed to ensure that the appropriate parties are communicating with each other. Thus, when the SIM encrypts a message using the terminal's public key, it tags a personalized digital signature onto the message. The SIM encrypts the combined message using its own private key.
The terminal receives the communication and decrypts it using the SIM's public key. This decryption yields a scrambled part that contains the encrypted message and a legible part that consists of the SIM's signature. Since the communication was decrypted using the SIM's public key, it follows that only the SIM (using its private
Barbour Daniel R.
Lindemann Brian
Allied Signal Inc.
Phan Thai
LandOfFree
Replacement of externally mounted user interface modules... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Replacement of externally mounted user interface modules..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Replacement of externally mounted user interface modules... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3195814