IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0555480
(2009-09-08)
|
등록번호 |
US-8495382
(2013-07-23)
|
발명자
/ 주소 |
- Johnson, Barry W.
- Olvera, Kristen R.
- Russell, David C.
- Tillack, Jonathan A.
|
출원인 / 주소 |
|
인용정보 |
피인용 횟수 :
11 인용 특허 :
127 |
초록
▼
The invention disclosed herein is an in-circuit security system for electronic devices. The in-circuit security system incorporates identity credential verification, secure data and instruction storage, and secure data transmission capabilities. It comprises a single semiconductor chip, and is secur
The invention disclosed herein is an in-circuit security system for electronic devices. The in-circuit security system incorporates identity credential verification, secure data and instruction storage, and secure data transmission capabilities. It comprises a single semiconductor chip, and is secured using industry-established mechanisms for preventing information tampering or eavesdropping, such as the addition of oxygen reactive layers. This invention also incorporates means for establishing security settings, profiles, and responses for the in-circuit security system and enrolled individuals. The in-circuit security system can be used in a variety of electronic devices, including handheld computers, secure facility keys, vehicle operation/ignition systems, and digital rights management.
대표청구항
▼
1. A non-transitory processor-readable medium storing code representing instructions to cause a processor to perform a process, the code comprising code to: send a signal configured to prompt a user of an electronic device to provide a personal identity credential sample upon access request, the ele
1. A non-transitory processor-readable medium storing code representing instructions to cause a processor to perform a process, the code comprising code to: send a signal configured to prompt a user of an electronic device to provide a personal identity credential sample upon access request, the electronic device having an in-circuit security system on a single integrated circuit that includes the processor;receive an authentication signal from an identity credential verification subsystem of the in-circuit security system when a processor of the identity credential verification subsystem matches the personal identity credential sample to at least one enrolled personal identity credential associated with the electronic device, the single integrated circuit including the processor of the identity credential verification subsystem;identify at least one security privilege associated with the personal identity credential sample in response to the authentication signal being received, the at least one security privilege stored within a memory of the in-circuit security system; andsend a signal indicating that access is granted when the at least one security privilege provides access authorization and a security setting of the in-circuit security system allows the requested access. 2. The processor-readable medium of claim 1, wherein the requested access is to access stored data. 3. The processor-readable medium of claim 1, wherein the requested access is to selectively disable components. 4. The processor-readable medium of claim 1, wherein the requested access is to selectively enable disabled components. 5. The processor-readable medium of claim 1, wherein the requested access is to selectively destroy components. 6. The processor-readable medium of claim 1, wherein the single integrated circuit is a component within the electronic device. 7. A method, comprising: disabling a portion of a single integrated circuit of an electronic device, the portion of the single integrated circuit being associated with functionality of the single integrated circuit not used during operation of an identity credential verification subsystem of the single integrated circuit;identifying, at the identity credential verification subsystem, a user of the electronic device based on an identity credential;verifying the user of the electronic device based on a security privilege associated with the identity credential;enabling the portion of the single integrated circuit when the user is identified based on the identity credential associated with the user and verified based on the security privilege associated with the identity credential; andstoring data generated by a real-time clock of the single integrated circuit when the portion of the single integrated circuit is enabled and the real-time clock is connected to a power source included on the single integrated circuit. 8. The method of claim 7, further comprising: halting operation of the real-time clock when the identity credential verification subsystem denies access for a predetermined number of access attempts within a predetermined time period. 9. The method of claim 7, further comprising: disconnecting the power source from the real-time clock when the identity credential verification subsystem denies access for a predetermined number of access attempts within a predetermined time period. 10. The method of claim 7, wherein the electronic device is an electronic lock mechanism, the method further comprising: sending a signal configured to unlock the electronic lock mechanism when the portion of the single integrated circuit is enabled and when the security privilege permits access to data or a location protected by the electronic lock mechanism. 11. The method of claim 7, wherein the electronic device is an electronic lock mechanism, the method further comprising: sending a signal configured to place the electronic lock mechanism in a state such that the electronic lock mechanism cannot be unlocked unless the electronic lock mechanism is reset by a recognized authority when the identity credential verification subsystem denies access for a predetermined number of access attempts within a predetermined time period. 12. The method of claim 7, wherein the electronic device is an electronic lock mechanism, the identity credential is a first identity credential, the method further comprising: sending a signal configured to place the electronic lock mechanism in a state such that the identity credential verification subsystem does not accept a second identity credential when the identity credential verification subsystem denies access based on the first identity credential. 13. The method of claim 7, wherein the identity credential is a biometric input of the user, the identifying including: producing a biometric template based on the biometric input of the user; andcomparing the biometric template of the user to at least one pre-enrolled biometric template stored at the electronic device, the user being identified when the biometric template matches a pre-enrolled biometric template. 14. The method of claim 7, wherein the verifying includes: determining the security privilege based on the identity credential; anddetermining access rights associated with the user based on the security privilege. 15. A method, comprising: producing, at a single integrated circuit of an electronic device, a biometric template based on a biometric input of a user;authenticating, at an identity verification subsystem of the single integrated circuit, the biometric template of the user based on a pre-enrolled biometric template stored at the electronic device; anddisconnecting a power source on the single integrated circuit from a real-time clock on the single integrated circuit when a processor of the single integrated circuit denies access for a predetermined number of access attempts within a predetermined period of time based on the authenticating at the identity verification subsystem. 16. The method of claim 15, wherein the single integrated circuit includes and a cryptographic subsystem, the method further comprising: sending a signal from the identity credential verification subsystem to the processor, the signal configured to indicate that the user is authorized to use a stored private key when the biometric template of the user is authentic;sending an electronic message associated with input from the user, from the processor to the cryptographic subsystem; andencrypting the electronic message based on the private key to produce an encrypted electronic message. 17. The method of claim 15, wherein the single integrated circuit includes a cryptographic subsystem, the method further comprising: sending an electronic message associated with input from the user from the processor to the cryptographic subsystem such that the cryptographic subsystem electronically signs the electronic message to produce an encrypted electronic message; andsending the encrypted electronic message from the cryptographic subsystem to a transmitter such that the encrypted electronic message is output to a recipient. 18. The method of claim 15, wherein the electronic device is an electronic lock mechanism, the method further comprising: sending an identifier associated with the user from the identity credential verification subsystem to the processor when the biometric template of the user is authentic;determining a security privilege associated with the user based on the identifier associated with the user; andsending a signal configured to unlock the electronic lock mechanism when the security privilege associated with the user permits access to data or a location protected by the electronic lock mechanism. 19. The method of claim 15, wherein the disconnecting the power source from the real-time clock halts operation of the real-time clock. 20. The method of claim 15, wherein the electronic device is an electronic lock mechanism, the method further comprising: sending a signal configured to place the electronic lock mechanism in a state such that the electronic lock mechanism cannot be unlocked unless the electronic lock mechanism is reset by a recognized authority when the identity credential verification subsystem denies access for a predetermined number of access attempts within a predetermined time period. 21. The method of claim 15, wherein the electronic device is an electronic lock mechanism, the biometric input being a first biometric input, the method further comprising: sending a signal configured to place the electronic lock mechanism in a state such that the identity credential verification subsystem does not accept a second biometric input when the identity credential verification subsystem denies access based on the first biometric input.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.