Secure network identification
First Claim
1. A processing unit connectable to a data communications network, the processing unit having a device reader for a portable storage device that includes storage operable to supply a network identity for the processing unit and an access controller, the access controller being operable to prevent unauthorised writing to the storage, the processing unit being operable, before reading the network identity from the portable storage device, to attempt a write to the storage of the portable storage device, and, on determining that the write has failed, to read the supplied network identity.
1 Assignment
0 Petitions
Accused Products
Abstract
A processing unit is connectable to a data communications network. The processing unit includes a device reader for a portable storage device. The portable storage device (e.g., a secure smart card) includes storage operable to supply a network identity for the processing unit and an access controller. The access controller is operable to prevent unauthorised writing to the storage. Before reading the network identity from the portable storage device, the processing device attempts a write to the storage of the portable storage device, and, only on determining that the write has failed, reads the supplied network identity. The processing unit is thereby able to check that the portable storage device is a valid secure data storage device and not a counterfeit portable storage device. If it is a genuine secure portable storage device, the write access will not be permitted, whereas if it is a non-secure portable storage device, there is a risk that it is a counterfeit. The access control logic of the portable storage device can be operable to implement key-to-key encryption. The processing unit can be operable to modify the content of the storage of the portable storage device by supplying a key to the access controller, and, in response to receipt of a return key from the access controller, to send an encrypted command to modify the content of the storage of the portable storage device.
34 Citations
31 Claims
- 1. A processing unit connectable to a data communications network, the processing unit having a device reader for a portable storage device that includes storage operable to supply a network identity for the processing unit and an access controller, the access controller being operable to prevent unauthorised writing to the storage, the processing unit being operable, before reading the network identity from the portable storage device, to attempt a write to the storage of the portable storage device, and, on determining that the write has failed, to read the supplied network identity.
- 10. A control program for controlling the selection of a network identity for a processing unit connectable to a data communications network, the processing unit having a device reader for a portable storage device that includes storage operable to supply a network identity for the processing unit and an access controller, the access controller being operable to prevent unauthorised writing to the storage, the control program being operable, before reading the network identity from the portable storage device, to attempt a write to the storage of the portable storage device, and, only on determining that the write has failed, to read the supplied network identity.
-
20. A method of controlling the selection of a network identity for a processing unit connectable to a data communications network, the processing unit having a device reader for a portable storage device that includes storage operable to supply a network identity for the processing unit and an access controller, the access controller being operable to prevent unauthorised writing to the storage, the method comprising:
-
attempting a write to the storage of the portable storage device; and
only on determining that the write has failed, to read the supplied network identity from the portable storage device. - View Dependent Claims (21, 22, 23, 24, 27, 28, 29, 30)
-
- 25. A portable storage device that includes storage containing a network identity for a processing unit connectable to a data communications network, the portable storage device further including an access controller operable to prevent unauthorised writing to the storage, access controller being responsive to an unauthorised attempt to write to the storage to indicate that the write access has failed.
-
31. The portable storage unit of 25, wherein the network identity comprises a MAC address.
Specification