Secure architecture and apparatus using an independent computer cartridge
First Claim
Patent Images
1. A secure computer architectural and apparatus system comprising an Independent Computer Module (here after referred to as an ICM), and an Interface Unit for providing two-way data communications between said ICM and a host computer;
- said ICM comprising a single cartridge housing and a computer therein comprised of security-sensitive components including;
a central data processing means, a memory means, an energy supply means, component interconnecting means, and a two-way data communications means for providing two-way data communications between said ICM and said Interface Unit;
said ICM further comprising at least one applications program within said memory means;
said memory means further comprising read/write random access type memory (RAM) as one portion of the addressable range of said memory means;
said RAM is to enable the operation of general purpose applications programs;
said two-way data communications means within said ICM further comprising a two-way data communications control means exclusively controlled by means of command-signals from said central data processing means;
said two-way data communications control means is to prevent said host computer from directly transferring data;
(a) into said memory means,(b) into said central data processing means,(c) out of said memory means,(d) out of said central data processing means;
said Interface Unit is comprised of a means for two-way data communications with said ICM, a means for two-way data communications with said host computer, and a receptacle for receiving said ICM;
said secure computer architectural and apparatus system is for operating said at least one applications program contained within said ICM, while being able to prevent said at least one applications program from being down-loaded into said host computer, while being able to prevent said at least one applications program from being copied by said host computer, and while being able to prevent said at least one applications program from being altered by said host computer;
said single cartridge housing is to contain and prevent access to said security-sensitive components, to contain and prevent access to said at least one applications program, to prevent data communications into or out of said ICM by any means other than said two-way data communications means, while enabling booth said security-sensitive components and said at least one applications program to be simultaneously removed from said Interface Unit and made physically secure in a safe place.
7 Assignments
0 Petitions
Accused Products
Abstract
A computer architectural and apparatus system for preventing software copying or alteration, and providing enhanced computational capabilities, physical information security, and physical environment protection is disclosed. The system comprises an Independent Computer Module (ICM), and an Interface Unit. The ICM comprises a CPU, a RAM, a ROM, a memory switching means, a communications port, and a connectorless interface contained within a sealed cartridge. The Interface Unit comprises a receptacle for receiving the ICM, which contains a matching connectorless interface, and wiring to a host computer'"'"'s port and power. The connectorless interface uses directional electro-magnetic emitters and sensors to prevent signal leakage. The memory switching means turns off the entire secure memory, enabling non-secure programs to be run from another section of RAM. Reactivation of secure memory by a non-secure program causes program control to be transferred to a fixed address within the secure program.
130 Citations
15 Claims
-
1. A secure computer architectural and apparatus system comprising an Independent Computer Module (here after referred to as an ICM), and an Interface Unit for providing two-way data communications between said ICM and a host computer;
-
said ICM comprising a single cartridge housing and a computer therein comprised of security-sensitive components including;
a central data processing means, a memory means, an energy supply means, component interconnecting means, and a two-way data communications means for providing two-way data communications between said ICM and said Interface Unit;said ICM further comprising at least one applications program within said memory means; said memory means further comprising read/write random access type memory (RAM) as one portion of the addressable range of said memory means; said RAM is to enable the operation of general purpose applications programs; said two-way data communications means within said ICM further comprising a two-way data communications control means exclusively controlled by means of command-signals from said central data processing means; said two-way data communications control means is to prevent said host computer from directly transferring data; (a) into said memory means, (b) into said central data processing means, (c) out of said memory means, (d) out of said central data processing means; said Interface Unit is comprised of a means for two-way data communications with said ICM, a means for two-way data communications with said host computer, and a receptacle for receiving said ICM; said secure computer architectural and apparatus system is for operating said at least one applications program contained within said ICM, while being able to prevent said at least one applications program from being down-loaded into said host computer, while being able to prevent said at least one applications program from being copied by said host computer, and while being able to prevent said at least one applications program from being altered by said host computer; said single cartridge housing is to contain and prevent access to said security-sensitive components, to contain and prevent access to said at least one applications program, to prevent data communications into or out of said ICM by any means other than said two-way data communications means, while enabling booth said security-sensitive components and said at least one applications program to be simultaneously removed from said Interface Unit and made physically secure in a safe place.
-
-
2. A first portable secure computer architecture for protecting information and at least one program for controlling said information, comprising:
-
a single sealed cartridge and a computer contained within said cartridge, said computer having a central data processing means, communications means controlled by said central data processing means for providing information into and/or output from said cartridge and said computer, memory means controlled by said central data processing means, information within said memory means, at least one program within said memory means which controls said central data processing means and ultimately said information and said at least one program, said computer further having a cryptographic program including at least one encryption/decryption key for encrypting outgoing information and decrypting incoming information, said cryptographic program having an only existing copy of said at least one encryption/decryption key which exists only in said portable secure computer architecture and which is unknown to any human. - View Dependent Claims (3, 4, 5)
-
-
6. A first portable secure computer architecture for protecting information and at least one program for controlling said information, comprising:
-
a single sealed cartridge and a computer contained within said cartridge, said computer having a central data processing means, communications means controlled by said central data processing means for providing information into and/or output from said cartridge and said computer, memory means controlled by said central data processing means, information within said memory means, at least one program within said memory means which controls said central data processing means and ultimately said information and said at least one program, said computer further having a cryptographic program including at least one encryption key for encrypting outgoing information, said cryptographic program having an only existing copy of said at least one encryption key which exists only in said portable secure computer architecture and which is unknown to any human. - View Dependent Claims (7, 8, 9)
-
-
10. A first portable secure computer architecture for protecting information and at least one program for controlling said information, comprising:
-
a single sealed cartridge and a computer contained within said cartridge, said computer having a central data processing means, communications means controlled by said central data processing means for providing information into and/or output from said cartridge and said computer, memory means controlled by said central data processing means, information within said memory means, at least one program within said memory means which controls said central data processing means and ultimately said information and said at least one program, said computer further having a cryptographic program including at least one decryption key for decrypting incoming information, said cryptographic program having an only existing copy of said at least one decryption key which exists only in said portable secure computer architecture and which is unknown to any human. - View Dependent Claims (11, 12, 13)
-
-
14. A method of providing user-specific operation of processing functions within a portable secure computer architecture comprising the following steps:
-
providing a portable secure computer having at least one program for controlling information within said portable secure computer capable of maintaining said control from within said portable secure computer to prevent tampering with said at least one program and said information; providing a user-identification process within said at least one program for controlling program flow within said at least one program, thereby providing user-specific control of said information and said at least one program within said portable secure computer. - View Dependent Claims (15)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeAll Optical Networks, Inc., Patevo Incorporated
-
Original AssigneeProgressive Technology, Inc.
-
InventorsHait, John N.
-
Primary Examiner(s)Kriess, Kevin A.
-
Assistant Examiner(s)Chavis, John I.
-
Application NumberUS08/677,324Time in Patent Office316 DaysField of Search395/186, 395/700US Class Current726/29CPC Class CodesG06F 21/123 by using dedicated hardware...G06F 21/57 Certifying or maintaining t...G06F 2211/007 Encryption, En-/decode, En-...G06F 2221/2153 Using hardware token as a s...G06F 3/002 Specific input/output arran...G06K 7/1097 Optical sensing of electron...
