Method for protecting a security module and arrangement for the implementation of the method

US 6,952,777 B1
Filed: 03/10/2000
Issued: 10/04/2005
Est. Priority Date: 03/12/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method for protecting a security module, in which security-relevant data are stored, inserted on a device motherboard, comprising the steps of:

monitoring proper insertion of said security module on said device motherboard with a first function unit, a second function unit and a third function unit in said security module;

detecting at least one of improper use and improper replacement of said security module on said motherboard with said second function unit and, upon a detection of at least one of said improper use and said improper replacement, said second function unit causing said security-relevant data to be erased;

during replacement of said security module, automatically setting said third function unit and inhibiting functioning of said security module with said third function unit as long as said third function unit is set;

following at least one of proper use and proper replacement of said security module on said motherboard, re-initializing, with said first function unit, any erased, security-relevant data; and

after said re-initializing, enabling each of said first function unit, said second function unit and said third function unit to re-commission said security module, including resetting said third function unit by said first function unit.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for protecting a security module includes the steps of monitoring proper insertion of the module on a device motherboard with first, second and third function units, erasing sensitive data due to an improper use or a replacement of the module with the second function unit, inhibiting the functionality of the module with the third function unit during a replacement of the security module, re-initializing the previously erased, sensitive data following proper use or replacement of the security module, and re-commissioning by enabling the function units of the security module. An arrangement implementation of the method has an unplugged status detection unit that has a circuit for resettable self-holding of a status indicator, the self-holding being triggered when the voltage level on a test voltage line deviates from a predetermined potential. A processor connected to the other function units and is programmed to identify and modify the status of the security module.

31 Citations

View as Search Results

13 Claims

1. A method for protecting a security module, in which security-relevant data are stored, inserted on a device motherboard, comprising the steps of:
- monitoring proper insertion of said security module on said device motherboard with a first function unit, a second function unit and a third function unit in said security module;
  
  detecting at least one of improper use and improper replacement of said security module on said motherboard with said second function unit and, upon a detection of at least one of said improper use and said improper replacement, said second function unit causing said security-relevant data to be erased;
  
  during replacement of said security module, automatically setting said third function unit and inhibiting functioning of said security module with said third function unit as long as said third function unit is set;
  
  following at least one of proper use and proper replacement of said security module on said motherboard, re-initializing, with said first function unit, any erased, security-relevant data; and
  
  after said re-initializing, enabling each of said first function unit, said second function unit and said third function unit to re-commission said security module, including resetting said third function unit by said first function unit.
- View Dependent Claims (2)
- - 2. A method as claimed in claim 1 wherein the step of re-initializing comprises determining at least one of said proper use and proper replacement of said security module by establishing communication between said first function unit and a remote data source exchanging information between said first function unit and said remote data source via current loop, and detecting that at least one of said proper use and proper replacement has occurred if said exchange of data takes place error-free.

3. A security module for insertion on a device motherboard, comprising:
- a memory in which security-relevant data are stored;
  
  a voltage monitoring unit which supplies an operating voltage to said memory to maintain said security-relevant data stored therein and which disconnects said memory from said voltage, thereby erasing said security-relevant data therein, upon occurrence of a voltage level indicating at least one of improper use and replacement of said security module on said motherboard;
  
  an unplugged status detection unit which inhibits functioning of said security module during replacement of said security module and which has a self-holding capability, indicating that said security module has been replaced, which is triggered, for setting said unplugged status detection unit, when a voltage level on a test voltage line deviates from a predetermined voltage level; and
  
  a processor connected to said voltage monitoring unit and to said unplugged status detection unit to re-commission said security module after at least one of said improper use and replacement on said motherboard, by enabling said voltage monitoring unit and said unplugged status detection unit, including resetting said unplugged status detection unit.
- View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 4. A security module as claimed in claim 3 wherein said unplugged status detection unit comprises a line and switch element for resetting said self-holding capability, said switch element being triggered by a signal from said processor on said line.
  - 5. A security module as claimed in claim 4 wherein said unplugged status detection unit comprises:
    - a voltage divider comprising a series resistor circuit connected across a terminal for receiving a supply voltage, tapped by a capacitor, and a line having a test voltage thereon;
      
      a diode connected between said terminal for receiving a supply voltage and said capacitor;
      
      a comparator having a non-inverting input, an inverting input connected to a reference voltage source, and a comparator output;
      
      a further capacitor tapping said voltage divider and connected to said non-inverting input of said comparator;
      
      said comparator output being connected to a line at a voltage potential via an inverter;
      
      a switch element having a control input connected to said comparator output, said switch element producing said self-holding capability and being connected in parallel with a resistor of said voltage divider; and
      
      said switch element for resetting said self-holding capability being connected between said voltage divider tap for said further capacitor, and ground.
  - 6. A security module as claimed in claim 5 further comprising an interrogation line connected between said processor and said unplugged status detection unit for interrogating a self-holding status of said unplugged status detection unit by said processor.
  - 7. A security module as claimed in claim 6 wherein said line having said test voltage thereon is at ground potential, and wherein said line at a voltage potential connected to said comparator output is at operating voltage potential when said security module is plugged into said device motherboard and is otherwise at ground potential when said security module is not plugged into said device motherboard.
  - 8. A security module as claimed in claim 3 wherein said memory is contained in said processor and is at an operating voltage supplied from said voltage monitoring unit as long as said processor is supplied with system voltage, and wherein said processor has a terminal for resetting said self-holding capability of said unplugged status detection unit, and a further terminal for interrogating a status of said unplugged status detection unit.
  - 9. A security module as claimed in claim 8 further comprising an ASIC connected to said processor via an internal data bus, said ASIC having a first contact group for connection to a system bus of a device containing said device motherboard.
  - 10. A security module as claimed in claim 3 further comprising a printed circuit board on which said processor, said voltage monitoring circuit and said unplugged status detection unit are mechanically and electrically mounted, said printed circuit board having contact terminals for a battery;
    - a security module housing formed by a hard casting compound surrounding said printed circuit board and said processor, said voltage monitoring circuit and said unplugged status detection circuit thereon, with said contact terminals being exposed to an exterior of said housing;
      
      a battery replaceably connected to said contact terminals outside of said housing; and
      
      said printed circuit board having a first contact group, accessible from outside of said housing, for communicating with a system bus of a device containing said device motherboard, and a second contact group accessible from an exterior of said housing for receiving system voltage, and at least one of said first contact group and said second contact group being connected to said unplugged status detection unit to monitor a plugged status of said security module.
  - 11. A security module as claimed in claim 10 wherein said processor includes terminals for monitoring said plugged status of said security module with lines forming a current loop when said security module is plugged into said device motherboard.
  - 12. A security module as claimed in claim 3 wherein said processor has a terminal for emitting at least one signal identifying a status of said security module.
  - 13. A security module as claimed in claim 12 wherein said processor is connected to an input/output unit having input/output ports, and having at least one internal signaling element in said security module connected to said input/output ports.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Francotyp-Postalia GmbH
Original Assignee
Francotyp-Postalia GmbH
Inventors
Schlaaff, Torsten, Rosenau, Dirk, Post, Peter
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
CHEN, SHIN HON

Application Number

US09/522,620
Time in Patent Office

2,034 Days
Field of Search

714/22, 714/721, 710101-103, 713/201, 713/200, 713/193, 713/194, 713/189, 713/1, 713/2, 713/300, 709/218, 380/25, 395/481, 395/700, 395/490, 395/493
US Class Current

726/34
CPC Class Codes

G07B 17/00733   Cryptography or similar spe...

G07B 2017/00233   Housing, e.g. lock or harde...

G07B 2017/00298   Visual, e.g. screens and th...

G07B 2017/00306   Acoustic, e.g. voice contro...

G07B 2017/00346   Power handling, e.g. power-...

G07B 2017/00403   Memory zones protected from...

G07B 2017/00967   PSD [Postal Security Device...

Method for protecting a security module and arrangement for the implementation of the method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method for protecting a security module and arrangement for the implementation of the method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links