Secure computer data storage method and device

US 20060179325A1
Filed: 03/12/2004
Published: 08/10/2006
Est. Priority Date: 03/12/2003
Status: Abandoned Application

First Claim

Patent Images

1-16. -16. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure, tamper- and forgery-proof peripheral for the storage of authenticated, dated computer data with an evidential value. The invention is based on an optionally-rewritable, fully-integrated storage peripheral which is functionally protected by an electronic system which only authorizes the addition of data in the unused free space and prohibits the deletion, alteration or overwriting of pre-recorded data. At the end of each file-write operation, the date, which is provided by a non-modifiable internal clock that is calibrated only at the time of production, is associated therewith. Each device includes a unique integrated secret internal digital identifier which is associated with a unique public identifier and the identifiers are used to personalize the device and render same unreproducible. The association can be verified using several third methods which never divulge the secret internal identifier.

53 Citations

View as Search Results

31 Claims

1-16. -16. (canceled)

17. Method for storing computer data, characterised in that it comprises integrating entirely in one device:
- a data storage peripheral (1), an adapted input-output controller (2) transforming said data storage peripheral (1) into a single- or restricted-write storage peripheral by diverting all input-output interface (13) commands from a host system (20) to the internal interface (3) of the integrated data storage peripheral (1), in order;
  
  to authorise exclusively the addition of new files in the free space (5) by dating them independently thanks to a secure internal real time clock (6), and to prohibit the deletion, alteration and rewriting of previously written and hence prior dated data (4), to protect the totality of said device on the one hand against forgery or duplication by a unique secret internal identifier (7) by association with a unique public serial number (18), on the other hand by a peripheral protection enclosure (10) intended to prevent intrusion into the equipment, the alteration of any component and internal data, and also the analysis of the unique secret identifier without compromising the validity and authenticity in an irremediable manner, to detect said intrusion, alteration and analysis attempt, said detections being able to be verified by several third party methods on said process, the latter being thus secure and suitable for storing authenticated, dated computer data with an evidential value, and in that it comprises furthermore making it possible to guarantee the unique, unreproducible personalisation of the equipment whilst publishing its existence, possibly before authentication, by generating randomly by calculation internally of the equipment, said unique secret identifier (7), by calculating internally a one-way digital fingerprint (23) of the unique secret identifier (7) which does not allow return to the latter, by establishing the uniqueness of the fingerprint by interrogation of a public database (21) containing the fingerprints of the totality of existing equipment, the identifier being recalculated if there is a clash and the device being formally identified as soon as the fingerprint is unique, by adding therefore into the public database (21) the references of the equipment;
  
  unique serial number and fingerprint (23).
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 18. Method according claim 17, characterised in that it comprises reproducing electronically and internally (8) said unique public serial number in order to allow electronic control of the latter.
  - 19. Method according to claim 17, characterised in that it comprises furthermore physically protecting all the internal components by leaving accessible only the external functional input-output (13) and supply (14) interfaces, thanks to a peripheral sealed enclosure (10) encompassing all the components, formed by a passive mechanical and electromagnetic protection (11) incorporating an active intrusion detection sensor (12) and the associated electronic system (9), the latter ensuring the immediate destruction of the unique secret internal identifier (7) and the internal serial number (8) if necessary, by instantaneous deletion, in the case of voluntary or involuntary deterioration changing the vulnerability or the autonomy of the device, or any internal investigation attempt detected by the sensor (12) being able to make it possible to compromise, control, alter, analyse data, interfaces or internal components.
  - 20. Method according to claim 19, characterised in that it comprises furthermore keeping active the internal real time clock (6), the secret identifier (7), the internal serial number (8) if necessary and the electronic system for detection of intrusion and destruction (9), without any external supply source for the lifespan specified for the equipment, thanks to an autonomous internal supply sub-system (15), possibly backed-up externally in order to extend the lifespan thereof.
  - 21. Method according to claim 17, characterised in that it comprises furthermore ensuring the authenticity of the device after manufacture, the test, the final assembly and the activation of the peripheral protection (9), until acquisition by the end user, by making unique the operations for assigning the unique serial number (8, 18), the synchronisation of the real time clock (6) relative to an external trusted time reference (16), internal self-generation of the unique secret identifier (7), the external copy of the unique secret identifier (17) in a secure environment of the unique secret identifier to an authenticating body (22) entitled to guarantee the secrecy of this identifier and in fact the authenticity of the equipment, the uniqueness of each operation being guaranteed by design by inhibiting or destroying, in an irreversible manner and as soon as possible in the initialisation sequence, the material elements and/or the micro-code allowing this initialisation.
  - 22. Method according to claim 17, characterised in that it comprises furthermore allowing without limitation on the occurrence, the preliminary verification of the authenticity and of the integrity, by checking and cross-checking unique listed serial numbers (8, 18) in the public database (21), by checking the validity and the progress of the internal clock (6) relative to an external trusted time reference (16), taking into account the maximum specified drift of the internal clock, and by visual or non-destructive checking of the integrity of the external casing (12).
  - 23. Method according to claim 21, characterised in that it comprises furthermore allowing authorised bodies to authenticate the equipment upon request by verification via third party methods using the secret internal identifier (7) without revealing it, by internally recalculating dynamically the fingerprint of the identifier (23) and by directly interrogating the public database (21), or by internally connecting the secret identifier to the internal date (6) and to an external message provided before internal calculation of the fingerprint of the totality, the totality of known elements being provided for authentication remotely by the entitled authenticating body (22) which alone can verify the consistency thanks to the copy of the unique secret identifier (17) which it has, these functions involving the secret identifier being temporised and limited in occurrence internally of the equipment in order to avoid inverse determination of the identifier by analysis or successive attempts.
  - 24. Method according to claim 21, characterised in that it comprises furthermore allowing the authenticating body (22) itself to authenticate the equipment under its control and as a last resort by injecting its copy of the secret identifier (17) for comparison internally of the equipment which detects perfect similarity, and sends in reply a unique message which can be verified by said authenticating body (22), this function involving the secret identifier being temporised and limited in occurrence internally of the equipment in order to avoid inverse determination of the identifier by analysis or successive attempts.
  - 25. Method according to claim 17, characterised in that it comprises furthermore allowing, by way of variant which is not necessarily implemented, managing autonomously the expiry of data in the past, by authorising, solely in the case of complete filling of the internal storage peripheral (1), writing of new files by zapping, within sufficient limits and in chronological order, data prior to a relative date (94), updated dynamically relative to the current date provided by the internal clock (6), departing thus from the single-write rule without however compromising or altering the useful data which are still valid and dated subsequently to the expiry date.
  - 26. Method according to claim 17, characterised in that it comprises furthermore presenting any internal parameter and indicator which is characteristic of and specific to said device in the form of virtual files in reserved names, seen by the host system as standard files and avoiding using drivers or particular operating modes at the level of the host system for management, administration and monitoring of said device.
  - 27. Method according to claim 17, characterised in that it comprises furthermore partitioning said data storage peripheral with a different expiry duration by partitioning.

28. Device for storing computer data, characterised in that it integrates in full:
- a data storage peripheral (1) comprising an internal interface (3), an adapted input-output controller (2), an input-output interface (13), a secure internal real time clock (6), a unique secret internal identifier (7), a unique public serial number, a peripheral protection enclosure (10), said adapted input-output controller (2) being able to transform said data storage peripheral (1) into a single- or restricted-write storage peripheral by diverting all input-output interface commands (13) from a host system (20) to the internal interface (3) of the integrated peripheral (1), in order;
  
  to authorise exclusively the addition of new files in the free space (5) by dating them independently thanks to the secure internal real time clock (6), and to prohibit the deletion, alteration and rewriting of previously written and hence prior dated data (4), means for guaranteeing the unique, unreproducible personalisation of the equipment whilst publishing its existence, possibly before authentication, by generating randomly by calculation internally of the equipment, said unique secret identifier (7), by calculating internally a one-way digital fingerprint (23) of the unique secret identifier (7) which does not allow return to the latter, by establishing the uniqueness of the fingerprint by interrogation of a public database (21) containing the fingerprints of the totality of existing equipment, the identifier being recalculated if there is a clash and the device being formally identified as soon as the fingerprint is unique, by adding therefore into the public database (21) the references of the equipment;
  
  unique serial number and fingerprint (23), the totality of said device being protected on the one hand against forgery or duplication by the unique secret internal identifier (7) by association with the unique public serial number, on the other hand by the peripheral protection enclosure (10) preventing intrusion into the equipment, the alteration of any component and internal data, and also the analysis of the unique secret identifier without compromising the validity and authenticity in an irremediable manner, intrusion, alteration and analysis attempts being able to be verified by several third party means on the totality of said device, the latter being thus secure, inviolable and forgery-proof, suitable for storing authenticated, dated computer data with an evidential value.
- View Dependent Claims (29, 30, 31)
- - 29. Device according to claim 28, characterised in that it comprises a serial number reproduced electronically and internally (8) reproducing said unique public serial number.
  - 30. Device according to claim 28, characterised in that it comprises means for physically protecting all the internal components by leaving accessible only the external functional input-output (13) and supply (14) interfaces, thanks to a peripheral sealed enclosure (10) encompassing all the components, formed by a passive mechanical and electromagnetic protection (11) incorporating an active intrusion detection sensor (12) and the associated electronic system (9), the latter ensuring the immediate destruction of the unique secret internal identifier (7) and the internal serial number (8) if necessary, by instantaneous deletion, in the case of voluntary or involuntary impairment changing the vulnerability or the autonomy of the device, or any internal investigation attempt detected by the sensor (12) being able to make it possible to compromise, control, alter, analyse data, interfaces or internal components.
  - 31. Device according to claim 29, characterised in that it comprises means for keeping active the internal real time clock (6), the secret identifier (7), the internal serial number (8) if necessary and the electronic system for detection of intrusion and destruction (9), without any external supply source for the lifespan specified for the equipment, thanks to an autonomous internal supply sub-system (15), possibly backed-up externally in order to extend the lifespan thereof.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Jacques Debiez
Original Assignee
Jacques Debiez
Inventors
Debiez, Jacques

Application Number

US10/548,459
Publication Number

US 20060179325A1
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/80 in storage media based on m...

G06F 21/86 Secure or tamper-resistant ...

Secure computer data storage method and device

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

53 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Secure computer data storage method and device

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links