IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0464267
(2006-08-14)
|
등록번호 |
US-7407110
(2008-08-05)
|
발명자
/ 주소 |
- Davis,Michael L.
- Hulusi,Tam
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
14 인용 특허 :
8 |
초록
▼
A radio frequency identification device (RFID) and method for authenticating RFIDs are disclosed. In RFIDs, data is stored in a form of data segments selectively associated with promiscuous and non-promiscuous regions of their memories. A randomly selected portion of a content of a non-promiscuous r
A radio frequency identification device (RFID) and method for authenticating RFIDs are disclosed. In RFIDs, data is stored in a form of data segments selectively associated with promiscuous and non-promiscuous regions of their memories. A randomly selected portion of a content of a non-promiscuous region is examined by an interrogating readers or a host computer after validating the data contained in a promiscuous region.
대표청구항
▼
What is claimed is: 1. A radio frequency identification device (RFID), comprising: a controller; a RF receiver/transmitter adapted for wireless coupling to a RF interrogator; and a memory comprising a promiscuous region and a non-promiscuous region, wherein at least one of configuration data, share
What is claimed is: 1. A radio frequency identification device (RFID), comprising: a controller; a RF receiver/transmitter adapted for wireless coupling to a RF interrogator; and a memory comprising a promiscuous region and a non-promiscuous region, wherein at least one of configuration data, shared-secret data, and holder data is stored as one or several data segments each selectively associated with at least one of the promiscuous region and the non-promiscuous region, wherein data from the promiscuous region is promiscuously transmitted by the RF receiver/transmitter to the RF interrogator when the RFID is disposed in an active zone of the reader. 2. The RFID of claim 1 wherein a content of at least one of the configuration data, an authenticating data, and the holder data is stored in a cryptographic format. 3. The RFID of claim 2 wherein an encryption key for the cryptographic format is encoded in a content of at least one data segment associated with the non-promiscuous region. 4. The RFID of claim 2 wherein an encryption key for the cryptographic format is stored in at least one of the reader and a host computer of a system comprising such readers. 5. The RFID of claim 1 wherein a number of the data segments selectively associated with the promiscuous region is encoded in the configuration data. 6. The RFID of claim 1 wherein each of the data segments has a selectively pre-determined bit length. 7. The RFID of claim 1 wherein a content of at least one of the data segments is stored in a read-only portion of the memory. 8. The RFID of claim 1 wherein a content of at least one of the data segments is stored in a read/write portion of the memory. 9. The RFID of claim 8 wherein the content may selectively be modified or erased using the reader. 10. The RFID of claim 1 wherein at least portions of the controller, the RF means, or the memory are implemented in a form of an integrated circuit. 11. The RFID of claim 1 wherein a holder is an individual and the holder data is credential data of the individual. 12. The RFID of claim 1 wherein a holder is an object identified using the RFID and the holder data is identification data of the object. 13. The RFID of claim 1 wherein said RFID is an access card, an ID card, a smart card, or an RF tag. 14. The RFID of claim 1 wherein said RFID is a device using as a source of energy at least one of radio frequency (RF) radiation of the reader or an internal source of energy. 15. The RFID of claim 1 wherein said RFID is a component of a system comprising a plurality of the RFIDs, a plurality of readers of the RFIDs, and a host computer administering the readers and containing records associated with the RFIDs holders of the RFIDs, and the readers. 16. A radio frequency identification device (RFID), comprising: a controller; a RF receiver/transmitter adapted for wireless coupling to a RF interrogator; and a memory comprising a promiscuous region and a non-promiscuous region wherein at least one of configuration data, shared-secret data and holder data is stored as one or several data segments each selectively associated with at least one of the promiscuous region and the non-promiscuous region, wherein the one or more of the data segments associated with the promiscuous region contain authentication data and a content of the data segments associated with the non-promiscuous region is transmitted to the reader by the RFID disposed in the active zone after the reader decodes and validates said authentication data. 17. The RFID of claim 16, wherein a content of data segments associated with the non-promiscuous region is transmitted after the reader transmits a challenge to the RFID. 18. The RFID of claim 17 wherein a password is encoded in the content of at least one of the data segments associated with the promiscuous region. 19. The RFID of claim 17 wherein at least one of a password and Wiegand data is stored in the reader or provided to the reader by a host computer of the reader. 20. A method for authenticating radio frequency identification devices (RFIDs), comprising: (a) providing a system including: a plurality of RFIDs each having a memory comprising a promiscuous region and a non-promiscuous region, wherein at least one of configuration data, shared-secret data, and holder data is stored a form of one or several data segments each associated with at least one of the promiscuous region and the non-promiscuous region; and at least one reader for reading and interrogating the RFIDs; (b) receiving from an RFID, promiscuous data including a content of the data segments associated with the promiscuous region; (c) verifying the promiscuous data; (d) requesting from the RFID, non-promiscuous data including a content of at least one data segment associated with randomly selected data from the non-promiscuous region; (e) receiving the at least one non-promiscuous data segment requested from the RFID; (f) verifying the non-promiscuous data; and (g) accepting or rejecting the RFID based upon steps (c)-(f). 21. The method of claim 20 wherein at least one of the steps (c)-(g) is performed using the at least one reader interrogating the RFID. 22. The method of claim 20 wherein at least one of the steps (c)-(g) is performed using a host computer connected to the at least one reader. 23. The method of claim 20 wherein a holder comprises an individual and the holder data is holder's credential data. 24. The method of claim 20 wherein a holder comprises an object identified using the RFID and the holder data is object's identifying data. 25. The method of claim 20 wherein said RFID comprises at least one of an access card, a smart card, a cellular phone, a Personal Digital Assistant (PDA), and an RF tag. 26. The method of claim 20 wherein said RFID comprises a device using as a source of energy at least one of RF radiation of the reader or an internal source of energy. 27. The method of claim 20 wherein at least a portion of the promiscuous data or the non-promiscuous data is encrypted. 28. The method of claim 27 further comprising: deriving an encryption key from the promiscuous data or obtaining the encryption key from the reader or the host computer; and decoding said at least a portion of the promiscuous data or the non-promiscuous data. 29. The method of claim 20 wherein the promiscuous data comprises at least one of a manufacturer ID of the RFID, a unique ID of the RFID and a password of the RFID. 30. The method of claim 29 wherein the promiscuous data further comprises a portion of the holder data. 31. The method of claim 29 wherein the unique ID is a serial number of the RFID. 32. The method of claim 31 wherein the step (c) further comprises: verifying that the serial number is within a pre-determined range assigned to serial numbers. 33. The method of claim 29 wherein the step (c) further comprises: decoding the password from the promiscuous data using an algorithm stored in the reader or the host computer. 34. The method of claim 20 wherein the step (h) further comprises: modifying or erasing at least one of the promiscuous data, a manufacturer ID, an unique ID, a password, or the non-promiscuous data. 35. The method of claim 20 further comprising: modifying or erasing at least a portion of the promiscuous data or the non-promiscuous data. 36. The method of claim 20 wherein the step (g) further comprises: disabling the reader and/or rejecting the RFIDs for a pre-determined duration of time. 37. The method of claim 36, wherein disabling the reader and/or rejecting the RFIDs for a predetermined duration of time occurs when one or more of the following occurs: i.) a number of invalid RFIDs interrogated during a specific time interval exceeds a first pre-determined threshold; ii.) a number of consecutively interrogated invalid RFIDs exceeds a second pre-determined threshold; iii.) a number of repetitive interrogations of the same invalid RFID(s) exceeds a third pre-determined threshold; iv.) an attempt to extract or erase at least one secret pre-programmed in the reader; or v.) an attempt to temper the reader mechanically or electronically, including an attempt to temper software of the reader. 38. A system for authenticating radio frequency identification devices (RFIDs), comprising: at least one interrogator; and at least one RFID comprising memory, wherein the memory comprises a promiscuous region and a non-promiscuous region, wherein at least one of configuration data, shared-secret data, and holder data is stored as one or several data segments each associated with at least one of the promiscuous region and the non-promiscuous region, wherein a content of the data segments associated with the promiscuous region is freely transmitted to the reader when the RFID is disposed within an active zone of the reader. 39. The system of claim 38 wherein said at least one interrogator is adapted to interrogate the at least one RFID using resources of or available to a host computer connected to the at least one interrogator. 40. The system of claim 38, wherein a content of at least one of the configuration data, the authenticating data, and the holder data is stored in a cryptographic format. 41. The system of claim 40, wherein an encryption key for the cryptographic format is encoded in a content of at least one data segment associated with the promiscuous region. 42. The system of claim 40, wherein an encryption key for the cryptographic format is stored in at least one of the interrogator and host computer. 43. A system for authenticating radio frequency identification devices (RFIDs), comprising: at least one interrogator; and at least one RFID comprising memory, wherein the memory comprises a promiscuous region and a non-promiscuous region, wherein at least one of configuration data, shared-secret data, and holder data is stored as one or several data segments each associated with at least one of the promiscuous region and the non-promiscuous region, wherein the one or more of the data segments associated with the promiscuous region contains authentication data and a content of the data segments associated with the non-promiscuous region is transmitted to the at least one interrogator by the RFID disposed in the active zone after the at least one interrogator decodes and validates said shared-secret data. 44. The system of claim 43, wherein a content of the data segments associated with the non-promiscuous region is transmitted after the reader transmits a challenge to the RFID. 45. The system of claim 44, wherein at least one of a password and Wiegand data is encoded in the content of at least one of the data segments associated with the promiscuous region. 46. A method of updating a security access system comprising one or more first radio frequency interrogation devices (readers) and one or more first radio frequency identification devices (RFIDs), the first readers only configured to communicate with the first RFIDs, the first RFIDs comprising a memory containing a promiscuous region, the method comprising, (a) replacing some or all of the first RFIDs with second RFIDs, the second RFIDs having a promiscuous and a non-promiscuous region, and further comprising configuration data, shared-secret data or holder data stored in the form of one or multiple data segments each selectively associated with the promiscuous or non-promiscuous regions; (b) replacing the first readers with second readers, the second readers configured to communicate with first RFIDs and second RFIDs; (c) transmitting a content of data segments associated with the promiscuous region to a second reader when either a first RFID or a second RFID is present in the active zone of a second reader, and wherein said data segments contain authentication data; (d) determining access rights of the first RFID with respect to a restricted asset; (e) requesting at least a portion of the non-promiscuous data from the second RFID, including content of at least one randomly selected data segment from the non-promiscuous region; (f) receiving the requested non-promiscuous data from the second RFID; (g) determining access rights of the second RFID with respect to a restricted asset. 47. The method of claim 46, further comprising, denying access to the restricted asset to a holder of the first RFID in response to determining access rights of the first RFID do not match required access rights for said restricted asset. 48. The method of claim 46, further comprising, permitting access to the restricted asset to a holder of the RFID in response to determining access rights of the first RFID match required access rights for said restricted asset. 49. The method of claim 46, wherein at least one of said first and second RFID is an access card, a smart card, a cellular phone, a Personal Digital Assistant (PDA), or an RF tag. 50. The method of claim 46, wherein at least a portion of the promiscuous data on at least one of the first and second RFID is encrypted. 51. The method of claim 50, further comprising: deriving an encryption key from the promiscuous data or obtaining the encryption key from the reader or a host computer; for said second RFID, decoding said at least a portion of the promiscuous data or the non-promiscuous data; and for said first RFID, decoding said at least a portion of the promiscuous data. 52. The method of claim 46, wherein the promiscuous data comprises at least one of a manufacturer ID of the RFID, a unique ID of the RFID, site code, and a password of the RFID. 53. The method of claim 52, wherein the promiscuous data further comprises a portion of the holder data. 54. The method of claim 52, wherein the unique ID is a serial number of the RFID. 55. The method of claim 54, wherein step (d) further comprises: determining whether the serial number is within a predetermined range assigned to serial numbers. 56. A security access system, comprising: (a) at least one first RFID, having first data in a promiscuous region; (b) at least one second RFID having data in both a promiscuous data region and a non-promiscuous data region; and (c) at least one first reader that operatively communicates with said at least one first and second RFIDs, wherein at least one of configuration data, shared-secret data, and holder data is stored as one or several data segments each associated with at least one of the promiscuous region and the non-promiscuous region of said at least one second RFID, and wherein at least one of configuration data, shared-secret data, and holder data is stored as one or several data segment associated with the promiscuous region of said at least one first RFID. 57. The system of claim 56, further comprising a host computer. 58. The system of claim 57, wherein said at least one first reader is adapted to interrogate said at least one of first and second RFIDs using resources of or available to the host computer. 59. The system of claim 57, wherein a content of at least one of the configuration data, the shared-secret data, and the holder data is stored in a cryptographic format. 60. The system of claim 59, wherein an encryption key for the cryptographic format is encoded in a content of at least one data segment associated with the promiscuous regions of said at least one first and second RFID. 61. The system of claim 59, wherein at least one of an encryption key for the cryptographic format and Wiegand data is stored in at least one of the at least one first reader and host computer. 62. The system of claim 56, wherein a content of the data segments associated with said promiscuous regions of said at least one of first and second RFIDs is transmitted to the reader when either or both of said first and second RFIDs is disposed within an active zone of the first reader. 63. The system of claim 56, wherein the one or more of the data segments associated with the promiscuous region contains authentication data and a content of the data segments associated with the non-promiscuous region of said at least one second RFID is transmitted to the at least one first reader disposed in the active zone after the at least one first reader decodes and validates said shared-secret data. 64. The system of claim 63, wherein a content of the data segments associated with the non-promiscuous region of said at least one second RFID is transmitted after the reader transmits a challenge to said at least one second RFID. 65. The system of claim 64, wherein at least one of a password and Wiegand data is encoded in the content of at least one of the data segments associated with the promiscuous regions of said at least one first and second RFID.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.