Security file system for a portable data carrier

US 4,816,653 A
Filed: 05/16/1986
Issued: 03/28/1989
Est. Priority Date: 05/16/1986
Status: Expired due to Term

First Claim

Patent Images

1. In a portable data carrier, a security file system comprising both a file header region and a file data segment region, the file header region including a first password for verifying the identity of an individual attempting to access the data in the portable data carrier, and the file data segment region including a plurality of files for storing alterable data, each of the plurality of files having alterable data associated therewith for storage in any of multiple locations throughout the file data segment region, the alterable data for each file being allocatable to any of the available multiple locations throughout the file data segment region for storage in response to a change in the amount of data associated with the file, the file data segment region further including at least a second password for verifying the identity of an individual attempting to access the data in at least one of the plurality of files, access to each file in the file data segment region for a desired transaction being controlled by a corresponding password assigned to an individual authorized to conduct transactions within the portable data carrier.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A file system for a portable data carrier provides improved security for files which support multiple applications, from custom repertory dialing to storage of individual medical and/or banking records. Although the portable data carrier looks and feels much like an ordinary credit card, it includes a computer and an electrically erasable programmable read-only memory. Power for operation of the portable data carrier is provided from an associated station via a reader/writer. The reader/writer also couples data between the data carrier and the associated station. The applications reside in multiple files in memory on the portable data carrier. Appropriate application software residing in the station, when accompanied by an appropriate password, enables the retrieval and modification of these files. A separate password is required for gaining access to each of designated levels of interaction between the portable data carrier and the associated station. Additional restrictions such as requiring an additional password for writing to a file and also allowing a user logged in at a particular security level to only append information to a file may be imposed in accordance with file security on the portable data carrier. And since each of the files may have its own security requirements, multiple applications may exist on the portable data carrier without conflict or confusion.

242 Citations

12 Claims

1. In a portable data carrier, a security file system comprising both a file header region and a file data segment region, the file header region including a first password for verifying the identity of an individual attempting to access the data in the portable data carrier, and the file data segment region including a plurality of files for storing alterable data, each of the plurality of files having alterable data associated therewith for storage in any of multiple locations throughout the file data segment region, the alterable data for each file being allocatable to any of the available multiple locations throughout the file data segment region for storage in response to a change in the amount of data associated with the file, the file data segment region further including at least a second password for verifying the identity of an individual attempting to access the data in at least one of the plurality of files, access to each file in the file data segment region for a desired transaction being controlled by a corresponding password assigned to an individual authorized to conduct transactions within the portable data carrier.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The security file system of claim 1 wherein each file in the portable data carrier includes files permission information for defining the type of access permitted to an individual.
  - 3. The security file system of claim 2 wherein the file permission information in the portable data carrier includes read permission, write permission and append permission, a first file having read permission allowing a individual to only read data therein, a second file having write permission allowing a individual to read data therein and write data thereto, and a third file having read and append permission allowing a individual to only read data therein and append data thereto.
  - 4. The security file system of claim 3 further including multiple security levels hierarchically arranged in a manner to comprise a least secure level, a most secure level and multiple other security levels interposed therebetween, access to each security level being controlled by a corresponding password assigned only to a individual authorized to access the data at that security level.
  - 5. The security file system of claim 4 wherein the file permission information is assignable according to security level, a first higher order security level having permission to read data in and write data to the second file and a second lower security level having permission to only read data in the second file.
  - 6. The security file system of claim 4 wherein the file permission information is assignable according to security level, a first higher order security level having permission to read data in and write data to the second file and a second lower security level having permission to only read data in and append to the data in the second file.

7. A method of securing files for multiple applications in a portable data carrier comprising both a file header region and a file data segment region, the method comprising the steps of:
- providing a first password in the file header region for insuring only appropriate access to the data in the portable data carrier;
  
  arranging a plurality of files in the file data segment region for storing alterable data, each one of the plurality of files containing data representative of one type of application, and having alterable data associated therewith for storage in any of multiple locations throughout the file data segment region, the alterable data for each file being allocatable to any of the available multiple locations throughout the file data segment region for storage in response to a change in the amount of data associated with that file; and
  
  providing at least a second password in the file data segment region for insuring only appropriate access to the data in each one of the plurality of files, access to each file in the file data segment region being controlled by assigning a corresponding password in the file data segment region for each type of application.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. A method of securing files as in claim 7 further comprising the step of including files permission information in each file in the portable data carrier for defining the type of access permitted to the file.
  - 9. A method of securing files as in claim 8 wherein the file permission information in the portable data carrier includes read permission, write permission and append permission, a first file having read permission allowing data therein to only be read, a second file having read permission allowing data therein to be read and data to be written thereto, and a third file having read and append permission allowing data therein to only be read and appended thereto.
  - 10. A method of securing files as in claim 9 further comprising the steps of:
    - including multiple security levels hierarchically arranged to comprise a least secure level, a most secure level and multiple other security levels interposed therebetween; and
      
      controlling access to each security level by requiring a corresponding password authorized to access the data at that security level.
  - 11. A method of securing files as in claim 10 further comprising the step of assigning the file permission information according to security level, a first higher order security level having permission to read data in and write data to the second file and a second lower security level having permission to only read data in the second file.
  - 12. A method of securing files as in claim 10 further comprising the step of assigning the file permission information according to security level, a first higher order security level having permission to read data in and write data to the second file and a second lower security level having permission to only read data in and append to the data in the second file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lucent Technologies, Inc. (Nokia Corporation)
Original Assignee
American Telephone & Telegraph Company (AT&T, Inc.), AT&T Information Systems Inc. (AT&T, Inc.)
Inventors
Anderl, Ewald C., Zahavi, Avi, Frankel, Oren
Primary Examiner(s)
Faber, Alan
Assistant Examiner(s)
Weinhardt, Robert A.

Application Number

US06/863,975
Time in Patent Office

1,047 Days
Field of Search

340/825.31, 340/825.33, 340/825.34, 235/380, 235/382, 235/382.5, 235/493, 235/375, 235/376, 235/436, 235/438, 235/492, 235/494, 235/379, 235/431, 235/487, 235/488, 364/401, 364/408, 902/25, 902/26
US Class Current

235/380
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3555   Personalisation of two or m...

G06Q 20/35765   Access rights to memory zones

G07C 9/28   the pass enabling tracking ...

G07F 7/1008   Active credit-cards provide...

Y10S 283/90   Medical record

Y10S 283/904   Credit card

Security file system for a portable data carrier

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

242 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Security file system for a portable data carrier

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

242 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links