|
|
|
| United States Patent | 5237609 |
| Link to this page | http://www.wikipatents.com/5237609.html |
| Inventor(s) | Kimura; Masatoshi (Itami, JP) |
| Abstract | A portable semiconductor memory device for interfacing with and exchanging
information with an external terminal, said portable device having a
security function for controlling access to a main memory. The main memory
is adapted to exchange data with the external terminal by means of an
interface bus which includes data lines, address lines and control lines.
Access controls means in the portable unit is utilized to control access
to the main memory. The unit also has a security memory comprising two
sections. One section stores enciphered data which is read out to the
external terminal, deciphered and returned to the unit as the first
element used in a comparison. The second section of the security memory
stores internal identification information. The two elements of
identification information are provided to a comparator means which
enables access to the main memory via the interface bus after a match is
detected. |
|
|
 |
Title Information  |
|
|
|
|
|
Drawing from US Patent 5237609 |
|
|
Portable secure semiconductor memory device |
|
|
|
|
|
| Publication Date |
August 17, 1993 |
|
|
|
|
|
| Filing Date |
March 26, 1990 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| Priority Data |
Mar 31, 1989[JP]1-77979
Mar 31, 1989[JP]1-77980 |
|
|
|
|
|
|
|
|
 |
|
 |
Title Information |
|
|
|
References |
|
|
| *references marked with an asterisk below are user-added references |
 |
U.S. References |
|
|
| Add a new US reference: |
| | Reference | Relevancy | Comments | Reference | Relevancy | Comments | 5120939
Claus
235/382
Jun,1992 |  Your vote accepted
[0 after 0 votes] | | 5010237
Kawana
235/379
Apr,1991 | Your vote accepted
[0 after 0 votes] | | 4845351
Hara
235/492
Jul,1989 | Your vote accepted
[0 after 0 votes] | | 4797542
Hara
235/380
Jan,1989 | Your vote accepted
[0 after 0 votes] | | 4794236
Kawana
235/441
Dec,1988 | Your vote accepted
[0 after 0 votes] | | 4780602
Kawana
235/380
Oct,1988 | Your vote accepted
[0 after 0 votes] | | 4746788
Kawana
May,1988 | Your vote accepted
[0 after 0 votes] | | 4734569
Kawana
235/487
Mar,1988 | Your vote accepted
[0 after 0 votes] | | 4697072
Kawana
235/380
Sep,1987 | Your vote accepted
[0 after 0 votes] | | 4102493
Moreno
235/419
Jul,1978 | Your vote accepted
[0 after 0 votes] | | 4092524
Moreno
235/419
May,1978 | Your vote accepted
[0 after 0 votes] | | 4007355
Moreno
235/379
Feb,1977 | Your vote accepted
[0 after 0 votes] | | |
|
 |
|
|
|
U.S. References |
|
|
|
Foreign References |
|
|
|
|
|
|
|
|
Foreign References |
|
|
|
Other References |
|
|
|
|
|
|
|
|
Other References |
|
|
|
|
|
|
|
References |
|
|
|
|
|
|
| Market Size |
|
Estimate the gross annual revenues of the relevant market
sector:
|
| | |
| |
|
|
| Market Share |
|
Estimate the percentage of the relevant market sector this invention will capture:
|
| | |
| |
|
|
| Reasonable Royalty |
|
What percentage of gross sales should the inventor or assignee be paid?
|
| | |
| |
|
|
|
Public's "Guesstimation" of Royalty Value
|
| Market Size | N/A | [No votes] | | x | Market Share | N/A | [No votes] | | x | Reasonable Royalty | N/A | [No votes] |
| | N/A | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Market Review |
|
|
|
Technical Review |
|
|
|
Claims |
|
|
What is claimed is:
1. A portable semiconductor memory unit for interfacing with and exchanging
information with an external terminal, the memory unit having a security
function but no microprocessor, and comprising in combination:
a main memory for storing data for exchange with the external terminal,
an interface bus for connection between the main memory and the external
terminal, the interface bus including data lines, address lines and
control lines,
enabling means for allowing access to the main memory via the interface
bus,
a security memory having:
a first section for storing enciphered external data, including a key, for
coupling to and deciphering in the external terminal utilizing said key,
a second section for storing internal data which is retained within said
unit and inaccessible to the external terminal for performing a security
comparison,
a comparator having:
a first input for receiving deciphered external data from the external
terminal resulting from application of the key to said enciphered external
data,
a second input for receiving said internal data from the second section of
the security memory, and
an output for causing the enabling means to allow access between the
external terminal and the main memory upon detection of a match between
the internal data and the external data,
whereby to provide in said unit data to be compared and means for
performing the data comparison prior to allowing access between the
external terminal and the main memory via the interface bus.
2. The combination as set forth in claim 1 wherein the security memory
comprises a single non-volatile memory mapped into upper and lower
addressable sections comprising said first and second sections,
respectively.
3. The combination as set forth in claim 2 further including a data bus
coupled to the security memory, and bus configuration control means having
two modes:
a first mode enabled during addressing of the upper section of the mapped
security memory for coupling the data bus to the data lines of the
interface bus to allow readout of the enciphered data to the external
terminal, and
a second mode enabled during the addressing of the lower section of the
mapped security memory for coupling the data bus directly to the second
input of the comparator thereby to prevent readout of the internal data to
the external terminal,
thereby to isolate the internal data in the lower section of the mapped
security memory from the interface bus.
4. The combination as set forth in claim 3 further including means
responsive to an upper order address bit from said address lines for
selectively addressing either the upper or lower section of the mapped
security memory, the bus configuration control means also being responsive
to said upper order address bit for switching between the first and second
modes in such a way as to prevent coupling of the data bus to the
interface bus when the lower section of the mapped security memory is
addressed.
5. The combination as set forth in claim 2 wherein the enciphered external
data stored in the first section of the security memory includes an
enciphered external identification code, a key for decoding said
enciphered external identification code, and an address identifier for
locating an internal identification code in the second, section of the
security memory.
6. The combination as set forth in claim 5 wherein the enciphered external
identification code, when decoded by use of said key, comprises said
external data, and the internal identification code, when read out from
the second section of the security memory, comprises said internal data,
for comparison by said comparator.
7. The combination as set forth in claim 5 further including comparator
control means having two modes:
a first mode for receiving the deciphered external data from the data lines
of the interface bus under the control of address and control lines of the
interface bus, said deciphered external data including an external
identification code derived from the enciphered external identification
code deciphered by means of said key, and
a second mode for receiving data from the second section of the security
memory under the control of address and control lines of the interface bus
at addresses specified by the address identifier derived from the
enciphered external data.
8. The combination as set forth in claim 1 wherein the external terminal
further includes means for receiving a PIN user identification number, and
means for applying said PIN number with said key in deciphering the
enciphered external data.
9. The combination as set forth in claim 7 wherein the external terminal
further includes means for receiving a PIN user identification number, and
means for applying said PIN number with said key in deciphering the
enciphered external data.
10. The combination as set forth in claim 1 wherein the security memory
comprises first and second non-volatile memory elements,
a first one of said non-volatile memory elements serving as said first
section of the security memory, the first non-volatile memory element
being coupled to the data lines, address lines and control lines of the
interface bus for allowing the external terminal access to the enciphered
data stored therein,
a second one of said non-volatile memory elements serving as the second
section of the security memory, the second non-volatile memory element
being coupled to the address lines of the interface bus, but having data
lines connected internally to the second input of the comparator, whereby
identification information stored in the second non-volatile memory
element is unavailable to the interface bus.
11. The combination as set forth in claim 10 including memory selection
means having two modes:
a first mode for enabling the first non-volatile memory element for readout
of enciphered data to the external terminal via the interface bus, and
a second mode for enabling the second non-volatile memory element for
readout of data to the second input of the comparator while maintaining
said data isolated from the interface bus.
12. The combination as set forth in claim 11 wherein the first non-volatile
memory element stores an enciphered external identification code, a key
for deciphering said enciphered external identification code, and an
address identifier for locating an internal identifier code in the second
non-volatile memory element.
13. The combination as set forth in claim 12 wherein the enciphered
external identification code, when deciphered by use of said key,
comprises said external data, and the internal identification code, when
read out from the second non-volatile memory element, comprises said
internal data, for comparison by said comparator.
14. The combination as set forth in claim 12 further including comparator
control means having two modes:
a first mode for receiving the deciphered external data from the data lines
of the interface bus under the control of address and control lines of the
interface bus, said deciphered external data including an external
identification code derived from the enciphered external identification
code deciphered by means of said key, and
a second mode for receiving data from the second non-volatile storage
element under the control of address and control lines of the interface
bus at addresses specified by the address identifier from the enciphered
external data.
15. A secure memory system including an external terminal and a portable
memory unit for interfacing and exchanging information with the external
terminal, the portable memory unit having no microprocessor, the system
comprising the combination of:
a main memory in the unit for storing data for exchange with the external
terminal;
an interface bus connecting the unit with the external terminal for
exchanging information between the terminal and the main memory, the
interface bus including data lines, address lines and control lines,
enabling means in the unit for allowing access to the main memory via the
interface bus,
a security memory in the unit having:
a first section for storing enciphered external data, including a key,
a second section for storing internal data which is retained within said
unit and inaccessible to the external terminal,
the external terminal including means for receiving the enciphered external
data from the first section of the security memory via the interface bus,
deciphering the enciphered data and returning deciphered external data to
the unit,
a comparator in the unit having:
a first input for receiving an external identification code derived from
the deciphered external data,
a second input for receiving an internal identification code derived from
the internal data in the second section of the security memory, and
an output for causing the enabling means to allow access between the
external terminal and the main memory upon detection of a match between
the internal and external identification codes.
16. The combination as set forth in claim 15 wherein the deciphered
external data includes the external identification code to be compared
with the internal identification code read out from the second section of
the security memory, and an address identifier for locating the internal
identification code in the second section of the security memory.
17. The combination as set forth in claim 15 wherein the security memory
comprises a single non-volatile memory mapped into upper and lower
addressable sections comprising said first and second sections,
respectively.
18. The combination as set forth in claim 17 further including a data bus
coupled to the security memory, and bus configuration control means having
two modes:
a first mode enabled during addressing of the upper section of the mapped
security memory for coupling the data bus to the data lines of the
interface bus to allow read out of the enciphered data to the external
terminal, and
a second mode enabled during addressing of the lower section of the mapped
security memory for coupling the data bus directly to the second input of
the comparator thereby to prevent read out of the internal data to the
external terminal,
thereby to isolate the internal data in the lower section of the mapped
security memory from the interface bus.
19. The combination as set forth in claim 18 further including means
responsive to an upper order address bit from said address lines for
selectively addressing either the upper or lower section of the mapped
security memory, the bus configuration control means also being responsive
to said upper order address bit for switching between the first and second
modes in such a way as to prevent coupling of the data bus to the
interface bus when the lower section of the mapped security memory is
addressed.
20. The combination as set forth in claim 16 further including comparator
control means having two
a first mode for receiving the deciphered external data from the data lines
of the interface bus under the control of address and control lines of the
interface bus, said deciphered external data including an external
identification code derived from the enciphered external identification
code deciphered by means of said key, and
a second mode for receiving data from the second section of the security
memory under the control of address and control lines of the interface bus
at addresses specified by the address identifier derived from the
enciphered external data.
21. The combination as set forth in claim 15 wherein the security memory
comprises first and second non-volatile memory elements,
a first one of said non-volatile memory elements serving as said first
section of the security memory, the first non-volatile memory element
being coupled to the data lines, address lines and control lines of the
interface bus for allowing the external terminal access to the enciphered
data stored therein,
a second one of said non-volatile memory elements serving as the second
section of the security memory, the second non-volatile memory element
being coupled to the address and control lines of the interface bus, but
having data lines connected internally to the second input of the
comparator, whereby identification information stored in the second
non-volatile memory element is unavailable to the interface bus.
22. The combination as set forth in claim 21 including memory selection
means having two modes:
a first mode for enabling the first non-volatile memory element for readout
of enciphered data to the external terminal via the interface bus, and
a second mode for enabling the second non-volatile memory element for
readout of data to the second input of the comparator while maintaining
said data isolated from the interface bus.
23. The combination as set forth in claim 22 wherein the first non-volatile
memory element stores an enciphered external identification code, a key
for deciphering said enciphered external identification code, and an
address identifier for locating an internal identifier code in the second
non-volatile memory element.
24. The combination as set forth in claim 23 further including comparator
control means having two modes:
a first mode for receiving the deciphered external data from the data lines
of the interface bus under the control of address and control lines of the
interface bus, said deciphered external data including an external
identification code derived from the enciphered external identification
code deciphered by means of said key, and
a second mode for receiving data from the second non-volatile memory
element under the control of address and control lines of the interface
bus at addresses specified by the address identifier from the enciphered
external data.
25. A method of exchanging data between an external terminal and a portable
semiconductor memory unit while maintaining the security of the data
stored in the portable semiconductor memory unit, the method being
performed without a microprocessor in the portable semiconductor memory
unit, the method comprising the steps of:
providing a main memory and an interface bus in the semiconductor memory
unit for connection to the external terminal for exchanging information
therewith,
controlling the enabling of the main memory in the unit to allow the
external terminal access via the interface bus to the main memory only
after the performance of a security clearance procedure,
and performing the following security clearance procedure prior to enabling
the external terminal access to the main memory:
reading enciphered external data from a security memory onto the interface
bus under the control of address and control information supplied by the
external terminal,
deciphering the enciphered external data in the external terminal and
returning to the unit deciphered external data, the deciphered external
data including an external identification code for comparison with an
internal identification code,
reading the internal data from the security memory at predetermined address
locations to read out for comparison an internal identification code,
comparing in the unit the external identification code and the internal
identification code and, upon detection of a match, enabling access to the
main memory by the external terminal,
and preventing access by the external terminal to the address locations at
which the internal data is stored in the security memory.
26. The method as set forth in claim 25 wherein the step of reading
internal data from the security memory includes reading out the internal
data at predetermined addresses specified in the deciphered external data.
27. The method as set out in claim 26 wherein the security memory comprises
a single non-volatile memory mapped into upper and lower addressable
sections, and wherein the step of reading enciphered external data
comprises reading said data from the upper section of the security memory,
and the step of reading internal data comprises reading out said internal
data from the lower section of the security memory.
28. The method as set forth in claim 27 wherein the security memory has a
data bus, and further including the step of operating a bus configuration
control in two modes including:
a first mode in which the upper section of the mapped security memory is
configured for coupling the data bus to data lines of the interface bus to
allow readout of the enciphered data to the external terminal, and
a second mode in which the lower section of the mapped security memory is
addressed to read out in isolation from the interface bus the internal
identification code for comparison with the deciphered external
identification code.
29. The method as set forth in claim 28 in which the bus configuration
control is operated in conjunction with the addressing of the mapped upper
and lower sections of the security memory such that the reading enciphered
external data step includes enabling the upper section of the security
memory while coupling the data bus to the interface bus, and the reading
internal data step includes enabling the lower section of the mapped
security memory while isolating the data bus from the interface bus.
30. The method as set forth in claim 27 in which the step of comparing
comprises the steps of:
receiving the deciphered external identification code from data lines of
the interface bus under the control of address and control lines of the
interface bus, and
receiving data from the lower section of the security memory under the
control of address and control lines of the interface bus at addresses
specified in the deciphered external data.
31. The method as set forth in claim 26 wherein the security memory
comprises first and second non-volatile memory elements, and said method
further comprising the steps of:
coupling a first one of the non-volatile memory elements to data lines,
address lines and control lines of the interface bus for allowing the
external terminal access to the enciphered data stored therein, and
coupling the second non-volatile memory element to the address and control
lines of the interface bus, but isolating the data lines of the second
non-volatile memory from the interface bus for internal use in the memory
unit in the comparison step, whereby identification information stored in
the second non-volatile memory element is unavailable to the interface
bus.
32. The method as set forth in claim 31 further including the steps of
controlling memory selection between two non-volatile memory sections
including the steps of:
enabling the first non-volatile memory element for readout of enciphered
data to the external terminal via the interface bus, and
alternatively and exclusively of the first enabling step, enabling the
second non-volatile memory element for readout of data internally for
purposes of said comparison step.
33. The method as set forth in claim 32 wherein the comparison step further
includes,
functioning in a first mode for receiving the deciphered external
identification code from the data lines of the interface bus under the
control of address and control lines of the interface bus,
functioning in a second mode for reading out data from the second
non-volatile memory element under the control of address and control lines
of the interface bus at addresses specified in the deciphered external
data. |
|
|
|
|
|
|
Claims |
|
|
|
Description |
|
|
FIELD OF THE INVENTION
This invention relates to portable semiconductor memory devices, and more
particularly to such devices which include a security function intended to
protect the information stored in the portable memory.
BACKGROUND OF THE INVENTION
Memory devices such as memory cards can be thought of as divided into two
classes--"smart cards" which have a microprocessor in addition to a main
storage unit, and "memory cards" which have only memory but no
programmable (or programmed) microprocessor.
Because of the processing capability available in smart cars as a result of
the on-board microprocessor, there are numerous security techniques useful
with such cards for protecting the integrity of the data stored on the
card. Thus the on-board microprocessor can perform various functions in
checking PIN numbers, hand shaking with a processor in an external
terminal, performing, enciphering and deciphering operations on-board the
smart card, and other techniques all prior to allowing access to the main
memory on the card. Thus, significant capacity is available for insuring
the integrity of the data in a smart card.
However, in memory cards which do not have the power of an on-board
microprocessor, the capacity for performing security checks before
allowing access to the main memory is substantially more limited. In a
memory card typically the data, address and control lines of the main
memory modules are coupled directly to the card outputs and are thus
available for read out either in a terminal for which the card is intended
or otherwise. Thus, the opportunity is available for someone intending to
breach the security of the internal memory to directly access the memory
device if reasonable care is taken in interfacing the data, address and
control lines of the memory elements which are all readily available at
the card connection points. Even when the card is used in a terminal for
which it is intended, security functions are usually desirable, such as
insertion of a PIN number by a user, or some means of insuring, based on a
check of card stored information and terminal supplied processing power
that the two are of intended compatability before memory access is
allowed.
With only hard wired logic elements at most available on a memory card for
performing the security function, insofar as applicant is aware, the
techniques which have been made available for securing the stored
information are not as reliable as could be desired.
The security issue will be further developed with reference to FIG. 7 which
shows a configuration of a conventional memory card having on-board
semiconductor memory which is substantially non-secure. The portable
semiconductor memory card 1 of FIG. 7 carries an on-board semiconductor
memory 4, usually comprised of an array of semiconductor memory devices
4a-4n. The address lines of the semiconductor memory devices 4a.varies.4n
are coupled together to form an address bus 14, and the data lines coupled
together to form a data bus 15. The address bus 14 and data bus 15 are
elements of an interface bus 40 comprising address lines 14, data lines
15, and control lines including a card select signal line 16, a write
enable signal line 17 and an output enable signal line 18. The address,
data, and control lines provide access to the semiconductor memories
4a.varies.4n in conventional fashion. The card select signal on line 16 is
utilized to enable the semiconductor memory elements in a manner which
will be described below.
One further connection is provided from the terminal into which the memory
card is inserted, and that is a supply of power which is coupled to power
supply line 11. A power supply sensing and changeover circuit generally
indicated at 2 senses the application of power to the line 11, and couples
that applied power to the remaining circuitry for operation. It is noted
that to maintain the information in the semiconductor memory 4 during the
substantial intervals when the card is not inserted in the terminal, a
stand-by battery 6 is used to supply power to internal power bus 9 via
current limiting resistor 7 and a reverse poled charge prevention diode 8.
However, whenever the card 1 is plugged into a terminal and a source of
power is connected to external power bus 11, a sensing module 3 within the
power supply changeover circuit 2 senses the voltage level on the bus 11
and in response thereto switches on a pass transistor 12 and thereby
couples the external power source to the internal power bus 9. In
addition, the sensing module 3 within the power supply changeover circuit
2 applies a high logic signal on output line 13 which in turn is coupled
to a G input of a memory select circuit 5, providing a preliminary
enabling signal to the circuit 5. Thus, whenever the power applied to the
external bus 11 is higher than that supplied by the battery 6, that
condition is sensed by the power supply changeover circuit 2 and the
sensing module 3 thereof performs two functions, namely (a) switches on
the pass transistor 12 in order to supply external power to the internal
bus 9 and (b) couples a high logic enabling signal to the control line 13
providing the preliminary enabling signal to the memory selection circuit
5.
It is seen that the memory selection signal 5 has a series of outputs
S.sub.1 -S.sub.n which are coupled respectively as enabling inputs 19a-19n
to associated semiconductor memory devices 4a-4n. A selected one of those
output lines is individually driven low depending upon the address signal
coupled to the address inputs A.sub.n of the selector module 5. Thus, the
higher order address bits from the address bus 15, which are coupled to
the individual lines of address input A.sub.n are used to select which of
the semiconductor memory devices 4a.varies.4n will be active at any given
time. It is noted that the address inputs and G input of selector 5 are
provided with pullup resistors 10 to assure that all memory devices
4a.varies.4n are disabled except when the inputs are intentionally driven
low.
A final input to the memory select circuit 5 is the G which is coupled to
the card select signal line 16 which is an element of the control lines of
the interface bus 40. Thus, whenever the particular memory card 1 is
selected, the external terminal couples a low logic signal to the line 16,
and thus provides an enabling signal to the G input of selector 5.
In summary, when power is applied to the external bus 11, the G input of
select circuit 5 is driven high. Subsequently, when the card select input
16 is driven low, the G input of select circuit 5 is driven low, thus
enabling the outputs of select circuit 5 to respond to the logic levels on
the address inputs. Thus, the external terminal couples address signals to
the high order bits on the address bus 15 which serve to individually
select the outputs S.sub.1 -S.sub.n of the selector 5 and in turn
individually enable the semiconductor memory devices 4a-4n. When enabled,
a semiconductor memory device responds to address signals on the address
bus 15, to write or read signals and enable signals on the control lines
17, 18 to either write information into the addressed semiconductor memory
location from the data bus 15 or read the information stored in the
addressed location out onto the data bus 15, both for interfacing with the
external terminal.
With that understanding of a conventional memory card 1, it will be
appreciated that the semiconductor memory 4 is in a relatively non-secure
state. The data lines of the semiconductor memory, the address lines of
the semiconductor memory and the control lines (read/write and enable) of
the semiconductor memory are all available at the card output. Typically,
such control signals will be directly available at the card contacts which
are intended to interface with an external terminal. Even in the case
where the card receives a serial message which is stored in a register or
the like for coupling to a semiconductor memory, there is little security
associated with the serial receiver or serial to parallel converter, and
thus the terminals of the memory devices themselves can be considered as
being available to the outside world. While smart cards having on-board
microprocessors can provide the desired security, it has been found
impractical to provide an effective amount of security for the on-board
memory using only hard wired logic elements.
It will also be apparent that one can utilize such a semiconductor memory
device in a terminal designed to accept it whether or not the individual
possessing the card is indeed authorized to use it. There is no security
check provided, it is simply necessary to couple the appropriate voltage
levels or signals to the card, and the individual memory devices are
directly addressed for writing or reading as desired.
Even without a compatible terminal, it is relatively easy to access the
contents of the memory 4. It is simply necessary to couple power to the
external power bus 11, appropriate control signals, address signals and
data signals to the interface bus 40, and the internal memory is directly
accessible. Thus, an unauthorized individual, even without access to a
compatible terminal, can access the memory and read out information which
had been intended to be secure. As a further example, an unauthorized
individual can write information into the semiconductor memory, and a
subsequent user will be unaware that the security of the stored
information has been breached. If security is at all a factor in using a
portable memory device, the limitations of the device illustrated in FIG.
7 will now be apparent.
SUMMARY OF THE INVENTION
In view of the foregoing, it is a general aim of the present invention to
provide a portable memory device of inexpensive construction, and
requiring no on-board microprocessor unit, but exhibiting a comparatively
high degree of security provided in large measure by logic elements
resident on board the card.
In that regard, it is an object of the present invention to provide a
portable memory device in which the on-board memory is accessible to the
outside only after completion of a security check which matches
information stored in a separate section of memory on the card, in which
the security information available to the outside is in enciphered form.
Stated differently, an object of the present invention is to provide a
portable memory device in which external access is allowed to the on-board
semiconductor memory only after a security check, which includes matching
an identification code maintained internal to the card with a code
deciphered by an external terminal from enciphered information received
from the card.
According to a more detailed aspect of the invention, it is an object to
provide a security memory on a portable memory card in which the security
memory is partitioned in such a way that only enciphered security
information is available to an interface bus while additional security
information which need not be enciphered is maintained in a partition of
memory which is accessible only within the card.
According to one aspect of the invention, an object is to provide a secure
portable semiconductor memory device in which security is provided by
utilization of security codes stored in a partitioned on-board security
memory, one partition of the memory containing enciphered security
information which is accessible to an interface bus, and the other
partition containing security information which need not be enciphered but
is available only within the card and is isolated from the interface bus.
In accordance with the invention there is provided a portable semiconductor
memory unit for interfacing with and exchanging information with an
external terminal. The unit includes a main memory and an interface bus
for coupling the main memory to the external terminal. Enabling means
selectively allows access to the main memory via the interface bus. The
enabling means includes a security memory having a first section for
storing enciphered external data and a second section for storing internal
data which is isolated from the interface bus. The enabling means further
includes a comparator having a first input for receiving deciphered
external data from the external terminal which results from deciphering of
the enciphered external data received from the card via the interface bus.
The comparator has a second input for receiving internal data from the
second section of the security memory. Finally, the comparator has an
output which causes the enabling means to allow access between the
external terminal and the main memory upon detection of a match between
the internal and external data.
It is a feature of the invention that any security information which is not
in enciphered form is isolated from the interface bus so that the only
security information available outside the card is enciphered. A further
feature of the invention is partitioning of the security memory in such a
way as to prevent read out of the section containing the non-enciphered
information to the interface bus.
A further feature of the invention is the storage on the card of two
independent identification codes, an internal identification code which
need not be enciphered but which is isolated from the interface bus so
that it is not ascertainable from outside, and an external identification
code which is intended to be accessed by an external terminal, but which
is enciphered and thus cannot readily reveal the internal identification
code. In a preferred embodiment of the invention, it is a further feature
that the enciphered external information includes address identification
information used to address locations in the security memory at which the
internal identification code is stored, so that the value and sequence of
the identification codes provide a further measure of security for the
portable semiconductor memory.
As a further feature of the invention, a PIN identification number input by
a user into an external terminal can be combined with the external
security information in order to provide further security and further
limit access to only those who are in possession of the PIN number.
Other objects and advantages will become apparent upon references to the
following detailed description when taken in conjunction with the drawings
in which:
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram showing a secure memory system including an
external terminal unit coupled via an interface bus to a portable memory
device;
FIG. 2 is a block diagram illustrating additional details of the security
aspects of the portable memory device of FIG. 1;
FIG. 3 is a block diagram illustrating additional details of a comparator
circuit useful in connection with the embodiments of the present
invention;
FIG. 4 is a diagram illustrating memory partitioning for the security
memory of the system of FIG. 1;
FIG. 5 is a block diagram illustrating a second exemplary portable memory
device exemplifying the present invention;
FIG. 6 is a flowchart illustrating the operation of the secure memory
system according to the present invention; and
FIG. 7 is a block diagram illustrating a memory card exemplifying the prior
art.
While the invention will be described in connection with certain preferred
embodiments, there is no intent to limit it to those embodiments. On the
contrary, the intent is to cover all alternatives, modifications and
equivalents included within the spirit and scope of the invention as
defined by the appended claims.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
Turning now to the drawings, FIG. 1 shows a portable memory card 100
exemplifying the present invention and interfaced to an external terminal
200. The electrical connection between the devices is schematically
illustrated by connector 150. In practice, the external terminal will
preferably include a slot or other close fitting receptacle into which the
memory device 100 is inserted and which will cause mating of electrical
contacts between the portable card 100 and the external terminal 200, such
mating being illustrated by the aforementioned connector 150. As
illustrated in FIG. 1, the connections include those made to an interface
bus 140 as well as a power bus 111. It is seen that the external terminal
includes a similar power bus 211 and interface bus 240 coupled to the
connector 150, such that the terminal unit 200 supplies DC power to the
portable card 100. In addition, the coupling of busses 140, 240 causes the
connection of data lines, address lines and control lines between the
portable memory card 100 | | |
