Secure pin entry into a security chip

US 20020166055A1
Filed: 05/04/2001
Published: 11/07/2002
Est. Priority Date: 05/04/2001
Status: Abandoned Application

First Claim

Patent Images

1. A computer system comprising:

a processor;

machine readable storage media for storing programs performable by the processor;

input means for receiving input from a user;

a display device for providing visual output from the software applications to the user;

a system bus connecting the processor to the display device and the input means;

an interface adapter for transferring input from the user at the input means to the system bus;

a security chip requiring a personal identifier code from the user for performance of at least one of the programs in the storage media; and

interposer means for routing the personal identifier code from the input means to the security chip independently of the system bus.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A personal computer furnishes a secure path for a security chip of the personal computer for entry of a personal identification number code (PIN). The path is not sniffable or surreptitiously detectable by software. The security chip is removably mounted on a daughter card rather than hardwired to the motherboard of the personal computer. With proper authorization, an interposer may be inserted between the daughtercard and the motherboard. When the PIN becomes necessary, it need not be entered through a keyboard and transmitted to the daughtercard over a bus where it is capable of surreptitious detection or interception. The PIN is instead entered directly from a keypad into the daughtercard.

Citations

29 Claims

1. A computer system comprising:
- a processor;
  
  machine readable storage media for storing programs performable by the processor;
  
  input means for receiving input from a user;
  
  a display device for providing visual output from the software applications to the user;
  
  a system bus connecting the processor to the display device and the input means;
  
  an interface adapter for transferring input from the user at the input means to the system bus;
  
  a security chip requiring a personal identifier code from the user for performance of at least one of the programs in the storage media; and
  
  interposer means for routing the personal identifier code from the input means to the security chip independently of the system bus.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 16, 17, 18, 19, 20, 21, 22, 23, 25, 26, 27, 28, 29)
- - 2. The computer system of claim 1, wherein the processor are located on a motherboard in the computer system.
  - 3. The computer system of claim 2, wherein the interposer means and the security chip are located separately from the motherboard in the computer system.
  - 4. The computer system of claim 2, wherein the interposer means and the security chip are located separately on a separate card from the motherboard in the computer system.
  - 5. The computer system of claim 2, wherein the interposer means is located separately on a separate board from the motherboard in the computer system.
  - 6. The computer system of claim 1, wherein the interposer means comprises:
    - interposer means for routing the personal identifier code directly from the input means to the security chip.
  - 7. The computer system of claim 1, wherein:
    - the user interface adapter connects the interposer means to the security chip.
  - 8. The computer system of claim 1, wherein the interposer means comprises:
    - interposer means for routing the personal identifier code from the input means to the user interface adapter.
  - 9. The computer system of claim 1, wherein data and clock signals are provided between the input means and the user interface adapter and the interposer means further comprises:
    - means for blocking the data and clock signals between the input means and the user interface adapter.
  - 10. The computer system of claim 1, wherein the input means comprises a keyboard for entry of the personal identifier code.
  - 11. The computer system of claim 1, wherein the input means comprises:
    - a keyboard for entry of data; and
      
      a keypad for entry of the personal identifier code.
  - 12. The computer system of claim 1, wherein the input means comprises:
    - a keyboard for entry of data; and
      
      a fingerprint reader for scanning a user fingerprint to verify an authorized fingerprint as the personal identifier code.
  - 13. The computer system of claim 1, wherein the input means comprises:
    - a keyboard for entry of data; and
      
      a card reader for scanning a user card to verify an authorized card as the personal identifier code.
  - 15. The computer system of claim 14, wherein the processor are located on a motherboard in the computer system.
  - 16. The computer system of claim 15, wherein the interposer means and the security chip are located separately from the motherboard in the computer system.
  - 17. The computer system of claim 16, wherein the interposer means and the security chip are located separately on a separate card from the motherboard in the computer system.
  - 18. The computer system of claim 16, wherein the interposer means is located separately on a separate board from the motherboard in the computer system.
  - 19. The computer system of claim 14, wherein data and clock signals are provided between the input means and the user interface adapter and the interposer means further comprises:
    - means for blocking the data and clock signals between the input means and the user interface adapter.
  - 20. The computer system of claim 14, wherein the input means comprises a keyboard for entry of the personal identifier code.
  - 21. The computer system of claim 14, wherein the input means comprises:
    - a keyboard for entry of data; and
      
      a keypad for entry of the personal identifier code.
  - 22. The computer system of claim 14, wherein the input means comprises:
    - a keyboard for entry of data; and
      
      a fingerprint reader for scanning a user fingerprint to verify an authorized fingerprint as the personal identifier code.
  - 23. The computer system of claim 14, wherein the input means comprises:
    - a keyboard for entry of data; and
      
      a card reader for scanning a user card to verify an authorized card as the personal identifier code.
  - 25. The method of claim 24, wherein the security entry input comprises a keyboard for entry of the personal identifier code.
  - 26. The method of claim 24, wherein the security entry input comprises:
    - a keyboard for entry of data; and
      
      a keypad for entry of the personal identifier code.
  - 27. The method of claim 24, wherein the security entry input comprises:
    - a keyboard for entry of data; and
      
      a fingerprint reader for scanning a user fingerprint to verify an authorized fingerprint as the personal identifier code.
  - 28. The method of claim 24, wherein the security entry input comprises:
    - a keyboard for entry of data; and
      
      a card reader for scanning a user card to verify an authorized card as the personal identifier code.
  - 29. The method of claim 24, wherein:
    - the step of transferring comprises transferring the personal identifier code over a direct communication channel from the security entry input to the security chip.

14. A computer system comprising:
- a processor;
  
  machine readable storage media for storing programs performable by the processor;
  
  input means for receiving input from a user;
  
  a display device for providing visual output from the software applications to the user;
  
  a system bus connecting the processor to the display device and the input means;
  
  an interface adapter for transferring input from the user at the input means to the system bus a security chip requiring a personal identifier code from the user for performance of at least one of the programs in the storage media;
  
  a direct communication channel for transferring user input from the input means to the security chip; and
  
  interposer means for routing the personal identifier code over the direct communication channel to the security chip.

24. A method of transferring a personal identifier code to a security chip in a personal computer system comprising the steps of:
- entering the personal identifier code in a security entry input to the personal computer in response to a request from a processor of the computer over a computer system bus;
  
  receiving the personal identifier code in an interposer connected between the security entry input and the security chip; and
  
  transferring the personal identifier code from the interposer independently of the computer system bus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo Singapore Pte Limited (Lenovo Group Ltd.)
Original Assignee
International Business Machines Corporation
Inventors
Safford, David Robert, Challener, David Carroll, Hoff, James Patrick

Application Number

US09/849,079
Publication Number

US 20020166055A1
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/31 User authentication

G06F 21/83 input devices, e.g. keyboar...

Secure pin entry into a security chip

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

Secure pin entry into a security chip

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links