In-circuit security system and methods for controlling access to and use of sensitive data
First Claim
1. A hardware-based in-circuit security system for an electronic device, the hardware-based in-circuit security system comprising at least one hardware processor, comprising:
- a secure processor configured to communicate with a second processor;
a cryptographic subsystem coupled to the secure processor, wherein the cryptographic subsystem is further configured to perform a cryptographic operation;
an identity credential verification subsystem (ICVS) coupled to the secure processor, the ICVS is further coupled to an interface that is coupled to a biometric sensor, the interface configured to receive identity credential information from the biometric sensor of the electronic device in response to a request from the secure processor to verify an identity credential using identity information received from the biometric sensor;
wherein the secure processor is configured to request that the ICVS verify an identity credential using the identity credential information received from the biometric sensor using at least one enrolled identity credential, in response to the secure processor receiving an interrupt in response to a request from the second processor requesting a security service,the ICVS is configured to signal the secure processor in response to the ICVS completing an identity credential verification process using the identity credential information received by the ICVS from the biometric sensor,the secure processor is configured to trigger an interrupt to the second processor that the identity credential has been verified, in response to a signal from the ICVS that the identity credential has been verified, andwherein the secure processor is configured to trigger an interrupt to the second processor that the identity credential verification failed, in response to the secure processor receiving a predetermined number of signals from the ICVS that the identity credential verification failed.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention disclosed herein is an in-circuit security system for electronic devices. The in-circuit security system incorporates identity credential verification, secure data and instruction storage, and secure data transmission capabilities. It comprises a single semiconductor chip, and is secured using industry-established mechanisms for preventing information tampering or eavesdropping, such as the addition of oxygen reactive layers. This invention also incorporates means for establishing security settings, profiles, and responses for the in-circuit security system and enrolled individuals. The in-circuit security system can be used in a variety of electronic devices, including handheld computers, secure facility keys, vehicle operation/ignition systems, and digital rights management.
209 Citations
25 Claims
-
1. A hardware-based in-circuit security system for an electronic device, the hardware-based in-circuit security system comprising at least one hardware processor, comprising:
-
a secure processor configured to communicate with a second processor; a cryptographic subsystem coupled to the secure processor, wherein the cryptographic subsystem is further configured to perform a cryptographic operation; an identity credential verification subsystem (ICVS) coupled to the secure processor, the ICVS is further coupled to an interface that is coupled to a biometric sensor, the interface configured to receive identity credential information from the biometric sensor of the electronic device in response to a request from the secure processor to verify an identity credential using identity information received from the biometric sensor; wherein the secure processor is configured to request that the ICVS verify an identity credential using the identity credential information received from the biometric sensor using at least one enrolled identity credential, in response to the secure processor receiving an interrupt in response to a request from the second processor requesting a security service, the ICVS is configured to signal the secure processor in response to the ICVS completing an identity credential verification process using the identity credential information received by the ICVS from the biometric sensor, the secure processor is configured to trigger an interrupt to the second processor that the identity credential has been verified, in response to a signal from the ICVS that the identity credential has been verified, and wherein the secure processor is configured to trigger an interrupt to the second processor that the identity credential verification failed, in response to the secure processor receiving a predetermined number of signals from the ICVS that the identity credential verification failed. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium programmed with executable instructions that, when executed by a processing system, perform operations comprising:
-
receiving, by an identity credential verification subsystem (ICVS) of an in-circuit security system, identity credential information comprising biometric data in response to a request from a secure processor to verify an identity credential using the identity credential information received from a biometric sensor; receiving, by a secure processor communicatively coupled to a second processor, an interrupt triggered by the request from the second processor requesting that an identity verification be performed on the identity credential information received by the ICVS; requesting, by the secure processor, that the ICVS verify the identity credential using identity the credential information received from the biometric sensor and using at least one enrolled identity credential, in response to the secure processor receiving the signal from the second processor requesting a security service, sending, by the ICVS, to the secure processor, a signal indicating success or failure of the verification of the identify credential information; triggering an interrupt to the second processor, by the secure processor, that the identity credential has been verified, in response to the signal from the ICVS that the identity credential has been verified, and triggering an interrupt to the second processor, by the secure processor, that the identity credential verification failed, in response to the secure processor receiving a predetermined number of signals from the ICVS that the identity credential verification failed. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer-implemented method comprising:
-
receiving, by an identity credential verification subsystem (ICYS) of an in-circuit security system, identity credential information comprising biometric data in response to a request from a secure processor to verify an identity credential using the identity credential information received from a biometric sensor; receiving, by a secure processor communicatively coupled to a second processor, an interrupt triggered by the request from the second processor that an identity verification be performed on the identity credential information received by the ICYS; requesting, by the secure processor, that the ICYS verify the identity credential using the identity credential information received from the biometric sensor and using at least one enrolled identity credential, in response to the secure processor receiving the interrupt triggered in response to a request from the second processor requesting a security service, sending, by the ICYS, to the secure processor, a signal indicating success or failure of the verification of the identify credential information, triggering an interrupt to the second processor, by the secure processor, that the identity credential has been verified, in response to the signal from the ICYS that the identity credential has been verified, and triggering an interrupt the second processor, by the secure processor, that the identity credential verification failed, in response to the secure processor receiving a predetermined number of signals from the ICYS that the identity credential verification failed. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification