Security file system and method for securing data in a portable data carrier
First Claim
1. In a portable data carrier, a security file system containing both a file header region and a file data segment region, the file header region including a unique access code for verifying the identity of an individual attempting to access the data in the portable data carrier, and the file data segment region including a plurality of files for storing alterable data, each of the plurality of files having alterable data associated therewith for storage in any of multiple locations throughout the file data segment region, the portable data carrier comprising:
- access means for inputting an externally provided code for accessing the data in the portable data carrier,counting means responsive to the access means for recording all access attempts, the counting means advancing a count each time the externally provided code is inputted to the portable data carrier,comparison means for comparing the unique access code with the externally provided code;
verifying means for providing an indication when the externally provided code compares favorably with the unique access code stored in the portable data carrier;
counting reset means for resetting the count advanced by the counting means to its previous count, the counting reset means being activated in response to the verifying means indicating a favorable comparison and data access is permitted, the counting reset means remaining inactive in the absence of the verifying means indicating a favorable comparison.
3 Assignments
0 Petitions
Accused Products
Abstract
A security file system for a portable data carrier provides improved security for the data carrier and for data contained in files in the data carrier. Although the data carrier may be embodied to look and feel much like an ordinary credit card, it contains a computer and a programmable memory with operating power and input and output data provided through a contactless interface. In order to provide security for the data carrier, the security file system on the data carrier includes a stored access code for verifying the identity of an individual attempting to access the data carrier, and an appropriate routine for limiting the number of unsuccessful attempts to access the data carrier. The security file system is also configurable to include select ones of multiple stored access codes for enabling the retrieval and modification of data in corresponding select ones of the files. The routine similarly limits the number of unsuccessful attempts to access these files. Operation of the routine is such that a counter in the data carrier is advanced a count each time a code is externally provided to the data carrier. If this external code compares favorably with the stored access code, the counter is reset to its previous count and access to the data carrier is permitted. If the external code does not compare favorably with the stored access code, however, the counter is not reset. When the counter advances to a predetermined number, the data carrier is locked preventing further access attempts or, alternatively, the data erased from the data carrier. In limiting access to select files, the routine similarly locks or erases the data in the selected file in the same manner.
-
Citations
13 Claims
-
1. In a portable data carrier, a security file system containing both a file header region and a file data segment region, the file header region including a unique access code for verifying the identity of an individual attempting to access the data in the portable data carrier, and the file data segment region including a plurality of files for storing alterable data, each of the plurality of files having alterable data associated therewith for storage in any of multiple locations throughout the file data segment region, the portable data carrier comprising:
-
access means for inputting an externally provided code for accessing the data in the portable data carrier, counting means responsive to the access means for recording all access attempts, the counting means advancing a count each time the externally provided code is inputted to the portable data carrier, comparison means for comparing the unique access code with the externally provided code; verifying means for providing an indication when the externally provided code compares favorably with the unique access code stored in the portable data carrier; counting reset means for resetting the count advanced by the counting means to its previous count, the counting reset means being activated in response to the verifying means indicating a favorable comparison and data access is permitted, the counting reset means remaining inactive in the absence of the verifying means indicating a favorable comparison. - View Dependent Claims (2, 3, 4)
-
-
5. In a portable data carrier, a security file system having a file data segment region containing multiple files for storing alterable data, each of the multiple files having alterable data associated therewith for storage in any of multiple locations throughout the file data segment region, and wherein each file in the data segment region has a unique access code associated therewith for verifying the identity of an individual attempting to access the data in that particular file, the security file system comprising:
-
access means for inputting an externally provided code for accessing the data in the particular file; counting means responsive to the access means for recording all access attempts, the counting means advancing a count each time the external provided code is inputted to the portable data carrier. comparison means for comparing the unique access code with the externally provided code; verifying means for providing an indication when the external provided code compares favorably with the unique access code stored in the security file system; counting reset means for resetting the count advanced by the counting means to its previous count, the counting reset means being activated in response to the verifying means indicating a favorable comparison and data access is permitted, the counting reset means remaining inactive in the absence of the verifying means indicating a favorable comparison, - View Dependent Claims (6, 7)
-
-
8. A method of securing a portable data carrier having a file system and a unique access code associated therewith for limiting access to data in the portable data carrier, the file system including both a file header region and a file data segment region, the method comprising the steps of:
-
arranging a plurality of files in the file data segment region for storing alterable data, each one of the plurality of files containing data representative of one type of application, and having alterable data associated therewith for storage in any of multiple locations throughout the file data segment region; counting and recording all access attempts, the count being advanced each time an access code is externally provided to the portable data carrier; providing a verification indication when the externally provided code compares favorably with the access code associated with the file system; resetting the count advanced by the counting and recording step back to its previous count in response to a favorable comparison provided by the verification indication, and retaining the count advanced by the counting and recording step in the absence of a favorable comparison from the verification indication, access to the file system being permitted only in response to a favorable comparison from the verification indication. - View Dependent Claims (9, 10)
-
-
11. A method of securing a file system having multiple files in a portable data carrier and wherein each file therein is included in a data segment region and has a unique access code associated therewith for limiting access to data in that particular file, the method comprising the steps of:
-
arranging the multiple files in the file data segment region for storing alterable data, each one of the multiple files containing data representative of one type of application, and having alterable data associated therewith for storage in any of multiple locations throughout the file data segment region; counting and recording all access attempts, the count being advanced each time an access code is externally provided to the portable data carrier; providing a verification indication when the externally provided code compares favorably with the access code associated with the file; resetting the count advanced by the counting and recording step back to its previous count in response to a favorable comparison provided by the verification indication, and retaining the count advanced by the counting and recording step in the absence of a favorable comparison from the verification indication, access to the data in the file being permitted only in response to a favorable comparison from the verification indication. - View Dependent Claims (12, 13)
-
Specification