Device, system and method for data access control
First Claim
1. A system for controlling access to stored data, the stored data having at least one associated type of ion, the system comprising:
- (a) an electronic data storage device for storing the stored data; and
(b) an access control device for controlling access to said electronic data storage device according to a type of requested access, wherein said access control device has a plurality of different of access for accessing data on said electronic data storage device, such that the stored data is only accessed through said access control device, and such that said access control device determines access to the stored data by comparing the at least one associated type of permission to said type of access being requested, said access control device comprising a memory for storing the at least one associated type of permission for determining access to the stored data, such that the at least one associated type of permission is determined only according to a data-based definition stored in said memory and such that said at least one associated type of permission is changeable.
4 Assignments
0 Petitions
Accused Products
Abstract
A device, a method and a system for providing control of access to data which is stored in an electronic data storage device. The device, method and system enable various types of permissions to be set for determining access to the stored data, such that if an attempt is made to access particular data which does not have a suitable permission type, access is denied. Preferably, the present invention is implemented as an access control device, such as a chip for example, which more preferably controls all access to the data storage device. This implementation is preferred, since such electronic devices are more difficult to “hack” for access by an unauthorized user. The device, system and method have a number of different utilizations, such as for controlling access to credit card information; for identifying a user according to a PIN or other identification information; for controlling access to a particular location according to the identity of the user; and for controlling access to various types of data files, such as music files in the MP3 format and so forth.
-
Citations
41 Claims
-
1. A system for controlling access to stored data, the stored data having at least one associated type of ion, the system comprising:
-
(a) an electronic data storage device for storing the stored data; and
(b) an access control device for controlling access to said electronic data storage device according to a type of requested access, wherein said access control device has a plurality of different of access for accessing data on said electronic data storage device, such that the stored data is only accessed through said access control device, and such that said access control device determines access to the stored data by comparing the at least one associated type of permission to said type of access being requested, said access control device comprising a memory for storing the at least one associated type of permission for determining access to the stored data, such that the at least one associated type of permission is determined only according to a data-based definition stored in said memory and such that said at least one associated type of permission is changeable. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
(c) a software program for containing a plurality of instructions for determining said access to said data storage device; and
(d) a data processor for operating said software program.
-
-
5. The system of claim 4, wherein said data storage device and said access control device are contained on said chip, and wherein said chip is included in a removable device.
-
6. The system of claim 1, wherein said data storage device and said access control device are implemented as a plurality of separate components.
-
7. The system of claim 1, wherein said access control device is implemented as a programmable ASIC.
-
8. The system of claim 1, wherein said access control device further comprises:
-
(i) an input for receiving a request to access the stored data;
(ii) a non-volatile memory for storing at least one permission for determining access to the stored data;
(iii) at least one instruction for determining a permitted access according to the at least one permission, said at least one instruction being stored on said non-volatile memory; and
(iv) a processor for executing said at least one instruction and for comparing said request to said at least one permission, such that if said at least one permission includes a type of access requested in said request, the stored data is provided, and alternatively if said at least one permission does not include a type of access requested in said request, the stored data is not provided.
-
-
9. The system of claim 8, wherein said non-volatile memory is a flash memory device.
-
10. The system of claim 9, further comprising:
(c) a CPU (central processing unit) for transmitting said request to said access control device and for receiving provided data; and
p1 (d) a bus for connecting said CPU to said access control device, such that said electronic data storage device is not accessed through said CPU, but only through said access control device.
-
11. The system of claim 10, wherein said bus is a USB (universal serial bus).
-
12. The system of claim 11, wherein said at least one permission is for comparing said request to the stored data and for returning a positive or negative comparison, such that if said request is identical to the stored data, said comparison is positive, and alternatively such that if said request is not identical to the stored data, said comparison is negative, and such that the stored data is not read.
-
13. The system of claim 1, wherein said access control device is integrated with said electronic data storage device.
-
14. The system of claim 1, wherein access is determined according to a biological parameter of a user and said access control device further comprises a biometric detection device for detecting said biological parameter of the user and for determining whether the user has said at least one permission to access the stored data.
-
15. The system of claim 14, wherein said biometric detection device further comprises:
-
(i) a sample collector for collecting said biological parameter of the user; and
(ii) a software module for analyzing said biological parameter to determine whether the user has said at least one permission to access the stored data.
-
-
16. The system of claim 15, wherein said biometric detection device further comprises:
-
(iii) a memory device for storing said software module and at least one previously collected biological parameter of the user; and
(iv) a data processor for operating said software module.
-
-
17. The system of claim 16, wherein said biological parameter of the user is a fingerprint of the user.
-
18. The system of claim 1, wherein said access control device has a single input and wherein access is determined only through said single input.
-
19. A device for controlling access to date storing in an electronic data storage devices the device comprising:
-
(a) an input for receiving a request to access the stored data, (b) a non-volatile memory for storing at least one permission for determining access to the stored data, such that said at least one type of permission is determined only according to a data-based definition stored in said non-volatile memory;
(c) at least one instruction for determining a permitted access according to the at least one permission, said at least one instruction being stored in said non-volatile memory; and
(d) a processor for executing said at least one instruction and for comparing said request to said at least one permission, such that if said at least one permission includes a type of access requested in said request, the stored data is provided according to said at least one instruction executed by said processor, and alternatively if said at least one permission does not include a type of access requested in said request, the stored data is not provided. - View Dependent Claims (20, 21, 22, 23, 24, 25)
(i) a sample collector for collecting said biological parameter of the user; and
(ii) a software module for analyzing said biological parameter to determine whether the user has said at least one permission to access the stored data.
-
-
24. The device of claim 23, wherein said biometric detection device further comprises:
-
(iii) a memory device for storing said software module and at least one previously collected biological parameter of the user; and
(iv) a data processor for operating said software module.
-
-
25. The device of claim 24, wherein said biological parameter of the user is a fingerprint of the user.
-
26. A method for controlling access to data stored in an electronic storage device, the method comprising the steps of:
-
(a) providing an access control device for determining access to the electronic data storage device;
(b) receiving a request to access the stored data by said access control device;
(c) comparing said request to at one permission for determining access to the stored data by said access control device, wherein said at least one permission is one of a plurality of different types of permission, each type of permission determining a different type of access to the stored data and wherein each type of permission is changeable;
(d) if said at least one permission includes a type of access requested in said request, performing said request for accessing the stored data from the electronic data storage device by said access control device; and
(e) alternatively, if said at least one permission does not include a type of access requested in said request, rejecting said request by said access control device. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34)
(i) determining a number of performed data read accesses for the stored data; and
(ii) if said number of performed data read accesses is less than said predetermined number of data read accesses, permitting the stored data to be read.
-
-
32. The method of claim 26, wherein access is determined for a user and wherein step (b) further comprises the steps of:
-
(i) collecting a biological parameter of said user; and
(ii) analyzing said biological parameter to determine an identity of said user, such that said at least one permission is determined according to said identity.
-
-
33. The method of claim 26, wherein the stored data has a permission for at least one data read access and for no data write accesses, such that step (c) includes the steps of:
-
(i) determining whether said request is for a data read access for the stored data; and
(ii) if said request is for said data read access, permitting the stored data to be read.
-
-
34. The method of claim 26, wherein the stored data has a permission for a predetermined rate of data read accesses, such that step (c) includes the steps of:
-
(i) determining a rate of performed data read accesses for the stored data; and
(ii) if said rate of performed data read accesses is less than said predetermined rate of data read accesses, permitting the stored data to be read.
-
-
35. A device for controlling access to data stored in an electronic data storage device by a user, access being determined according to a biological parameter of the user, the device comprising:
-
(a) a biometric detection device for detecting said biological parameter of the user and for determining whether the user has said at least one permission to access the stored data;
(b) an input for receiving a request to access the stored data;
(c) a non-volatile memory for storing at least one permission for determining access to the stored data, such that said at least one permission is determined according to a data-based definition stored in said non-volatile memory and wherein said at least one permission is not permanently stored in hardware, (d) at least one instruction for determining a permitted access according to the at least one permission, said at least one instruction being stored on said non-volatile memory as software; and
(c) a processor for executing said at least one instruction and for comparing said request to said at least one permission, said processor being connected to said biometric detection device such that the device for controlling access performs identification according to said biometric detection device such that if said at least one permission includes a type of access requested in said requests the stored data is provided, and alternatively if said at least one permission does not include a type of access requested in said requests the stored data is not provided.
-
-
36. A system for controlling access to stored data, access being determined according to a biological parameter of the user, the system comprising:
-
(a) an electronic data storage device for storing the stored data, the stored data having at least one associated type of permission, said at least one associated type of permission being determined according to a data-based definitions, wherein said at least one associated type of permission is changeable; and
(b) an access control device for controlling access to said electronic data storage device according to a type of requested access, said access control device having a plurality of different types of access for accessing data on said electronic data storage device, such that the stored data is only accessed through said access control device, and such that said access control device determines access to the stored data by comparing said at least one associated type of permission to said type of access being requested.
-
-
37. A system for controlling access to stored data by a user, the stored data having at least one associated type of permission, the system comprising:
-
(a) a biometric detection device for detecting said biological parameter of the user and for determining whether the user has said at least one permission to access the stored data;
(a) an electronic data storage device for storing the stored data; and
(c) an access control device for controlling access to said electronic data storage device according to a type of requested access, wherein said access control device has a plurality of different types of access for accessing data on said electronic data storage device, such that the store data is only accessed through said access control devices and such that said access control device determining access to the stored data by comparing the at least one associated type of permission to said type of access being requested, said access control device comprising a memory for storing the at least one associated type of permission for determining access to the stored data, such that the at least one associated type of permission is determined only according to a data-based definition stored in said memory.
-
-
38. A system for controlling access to stored data, the stored data having at least one associated type of permission, the system comprising:
-
(a) an electronic data storage device for storing the stored data; and
(b) an access control device for controlling access to said electronic data storage device according to a type of requested access, wherein said access control device has a plurality of different types of access for accessing data on said electronic data storage device, such that the stored data is only accessed through said access control devices and such that said access control device determines access to the stored data by comparing the at least one associated type of permission to said type of access being requested, said access control device comprising a memory for storing the at least one associated type of permission for determining access to the stored data, such that the at least one associated type of permission is determined only according to a data-based definition stored in said memory;
wherein access is not determined according to an associated type of permission permanently stored in hardware.
-
-
39. A system for controlling access to stored data, the stored data having at least one associated type of permission, the system comprising:
-
(a) an electronic data storage device for storing the stored data; and
(b) an access control device for controlling access to said electronic data storage device according to a type of requested access, wherein said access control device has a plurality of different type of access for accessing data on said electric data storage device, such that the stored data is only accessed through said access control device, and such that said access control device determines access to the stored data by comparing the at least one associated type of permission to said type of access being requested such that the at least one associated type of permission is determined only according to a data-based definition;
wherein access is determined only according to operation of software.
-
-
40. A system for controlling access to stored data, the stored data having at least one associated type of permission, the system comprising:
-
(a) an electronic data storage device for storing the stored data; and
(b) an access control device for controlling access to said electronic data storage device according to a type of requested access, wherein said access control device has a plurality of different types of access for accessing data on said electronic data storage device, such that the stored data is only accessed through said access control device, and such that said access control device determines access to the stored data by comparing the at least one associated type of permission to said type of access being requested, said access control device comprising a writable flash memory for storing the at least one associated type of permission for determining access to the stored data, such that the at least one associated type of permission is determined only according to a data-based definition stored in said memory and such that said at least one type of permission is changeable.
-
-
41. A system for controlling access to stored data, the stored data having at least one associated type of permission, the system comprising:
-
(a) an electronic data storage device for storing the stored data; and
(b) an access control device for controlling access to said electronic data storage device according to a type of requested access, wherein said access control device has a plurality of different types of access for accessing data on said electronic data storage device, such that the stored data is only accessed through said access control device, and such that said access control device determines access to the stored data by comparing the at least one associated type of permission to said type of access being requested, such that the at least one associated type of permission is determined only according to a data-based definition and such that said at least one type of permission is changeable.
-
Specification