Method and apparatus for secure information distribution

US 20080091605A1
Filed: 09/29/2006
Published: 04/17/2008
Est. Priority Date: 09/29/2006
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

a processor;

a memory coupled to the processor, wherein the memory is configured to store secure digital data;

an input interface coupled to the processor and configured to receive one or more commands, wherein to receive a command, the input interface is configured to detect one or more physical gestures applied to the apparatus; and

an output interface coupled to the processor;

wherein the input interface is configured to receive a command requesting access to the secure digital data;

wherein the processor is configured to validate the command requesting access to the secure digital data; and

wherein the output interface is configured to provide the secure digital data in response to the processor validating the command requesting access to the secure digital data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for secure generation and distribution of digital encryption keys is disclosed. The system may also be used to protect and distribute other types of secure information, including digital, audio, video, or analog data, or physical objects. The system may include a tamper-respondent secure token device, which may be configured to destroy or disable access to the secure information contained therein in response to attempts to physically or electronically breach the device. Outputs may be provided in a secure manner through various interfaces without using electricity (wires) or electromagnetic radiation. Inputs may be provided in a secure manner, including through the use of a gesture-based input interface. Destruction or disablement of the device and/or its secure contents may be provided upon detection of tamper attempts or upon input of a self-destruct command. Proof of the destruction or disablement of the device or its contents may be provided.

85 Citations

View as Search Results

20 Claims

1. An apparatus comprising:
- a processor;
  
  a memory coupled to the processor, wherein the memory is configured to store secure digital data;
  
  an input interface coupled to the processor and configured to receive one or more commands, wherein to receive a command, the input interface is configured to detect one or more physical gestures applied to the apparatus; and
  
  an output interface coupled to the processor;
  
  wherein the input interface is configured to receive a command requesting access to the secure digital data;
  
  wherein the processor is configured to validate the command requesting access to the secure digital data; and
  
  wherein the output interface is configured to provide the secure digital data in response to the processor validating the command requesting access to the secure digital data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The apparatus of claim 1, wherein to detect one or more physical gestures applied to the apparatus, the input interface is configured to detect movement of the apparatus using one or more accelerometers or gyroscopic sensors.
  - 3. The apparatus of claim 1, wherein one of the one or more physical gestures comprises a change in a position of the apparatus.
  - 4. The apparatus of claim 1, wherein one of the one of more physical gestures comprises a change in a direction or acceleration of movement of the apparatus.
  - 5. The apparatus of claim 1, wherein in response to the processor determining that the command requesting access to the secure digital data is not valid, the processor is configured to disable access to the secure digital data.
  - 6. The apparatus of claim 5, wherein to disable access to the secure digital data, the processor is configured to execute one or more of:
    - erasing or modifying the secure digital data stored in the memory, disabling output of the secure digital data, damaging or destroying the memory containing the secure digital data, and damaging or destroying the apparatus.
  - 7. The apparatus of claim 1, further comprising a tamper-respondent surface enclosure completely enclosing the apparatus, wherein the tamper-respondent surface enclosure is configured to detect an attempt to breach the enclosure, and wherein in response to the tamper-respondent surface enclosure detecting an attempt to breach the enclosure, the tamper-respondent surface enclosure is configured to disable access to the secure digital data.
  - 8. The apparatus of claim 1, wherein the input interface is further configured to receive a command to disable access to the secure digital data, wherein the processor is further configured to validate the command to disable access to the secure digital data, and wherein in response to the processor validating the command to disable access to the secure digital data, the processor is further configured to disable access to the secure digital data stored in the memory.
  - 9. The apparatus of claim 1, wherein the input interface is further configured to receive a command to load the secure digital data into the memory, wherein the processor is further configured to validate the command to load the secure digital data, and wherein in response to the processor validating the command to load the secure digital data, the processor is further configured to program the secure digital data into the memory.
  - 10. The apparatus of claim 9, wherein to program the secure digital data, the processor is configured to modify secure digital data previously programmed in the memory.
  - 11. The apparatus of claim 1, wherein to provide the secure digital data, the output interface is configured to transmit an audio signal, a radio frequency signal, or a light frequency signal representing the secure digital data.
  - 12. The apparatus of claim 1, further comprising a proof-of-destruction component, wherein the proof-of-destruction component is configured such that it is removable from the apparatus only when access to the secure digital data is permanently disabled.

13. A method, comprising:
- a device comprising secure information detecting a sequence of physical gestures applied to the device;
  
  the device determining if the sequence of physical gestures comprises a valid command requesting access to the secure information; and
  
  the device providing the secure information if the device determines that the sequence of physical gestures comprises a valid command requesting access to the secure information.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The method of claim 13, further comprising the device disabling access to the secure information if the device determines that the sequence of physical gestures comprises a command requesting access to the secure information that is not valid.
  - 15. The method of claim 13, further comprising:
    - the device determining if the sequence of physical gestures comprises a valid command to disable access to the secure information; and
      
      the device disabling access to the secure information if the device determines that the sequence of physical gestures comprises a valid command to disable access to the secure information.
  - 16. The method of claim 13, further comprising:
    - the device detecting a second sequence of physical gestures applied to the device;
      
      the device determining if the second sequence of physical gestures comprises a valid command to load the secure information into the device; and
      
      the device programming the secure information into the device if the device determines that the second sequence of physical gestures comprises a valid command to load the secure information.
  - 17. The method of claim 13, further comprising:
    - the device detecting an attempt to breach a tamper-respondent surface enclosure of the device; and
      
      in response to said detecting, the device disabling access to the secure information.

18. A method of exchanging secure information among two or more users comprising:
- a first user loading a device with secure information;
  
  the first user sending the device to a second one of the two or more users;
  
  the second user accessing the secure information, wherein accessing the secure information comprises;
  
  the second user receiving the device comprising the secure information;
  
  the second user entering a command requesting access to the secure information, wherein entering the command requesting access comprises applying a physical gesture to the device;
  
  the device determining if the command requesting access to the secure information is valid; and
  
  the second user receiving the secure information if the device determines that the command requesting access to the secure information is valid.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, further comprising disabling access to the secure information if the device determines that the command requesting access is not valid or if a valid command is not received before a predetermined period of time elapses.
  - 20. The method of claim 18, further comprising:
    - the second user modifying the secure information, wherein modifying the secure information comprises;
      
      the second user entering a command to modify the secure information in the device, wherein entering a command to modify the secure information comprises applying a second physical gesture to the device;
      
      the device determining if the command to modify the secure information is valid; and
      
      the device modifying the secure information in the device if the device determines that the command to modify the secure information is valid; and
      
      the second user sending the device to one of the two or more users.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Hughes, James P., Tow, Robert F.

Granted Patent

US 9,015,075 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/51
CPC Class Codes

G06F 21/31   User authentication

G06F 21/78   to assure secure storage of...

G06F 21/86   Secure or tamper-resistant ...

G06F 2221/2143   Clearing memory, e.g. to pr...

G06Q 2220/10   Usage protection of distrib...

G06Q 30/0185   Product, service or busines...

Method and apparatus for secure information distribution

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

85 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for secure information distribution

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

85 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links