TREA

Portable Storage Device and Method For Exchanging Data

Follow

Information

  • Patent Application
  • 20080098134
  • Publication Number
    20080098134
  • Date Filed
    August 31, 2005
    19 years ago
  • Date Published
    April 24, 2008
    16 years ago
Information
Abstract
A portable storage device (MC) is disclosed, which comprises a memory (MEM) for storing data (DAT), a data interface (INT) for exchanging data (DAT) between the memory (MEM) and a host device (DEV), radio communication interface (RI) designed for receiving a key (K) from a transponder (T), checking means (COMP) for checking if a key (K) has a predefined value (V, and access inhibit means (SW) for controlling access to the memory (MEM), wherein the access inhibit means (SW) are controlled by the checking means (COMP). Access to the memory (MEM) is only granted if a certain key (K) can be received, which means that a certain transponder (T) has to be in the vicinity of the portable storage device (MC) for granting access. Furthermore, data (DAT) which is transferred from host device (DEV) to memory (MEM) can be encrypted and data (DAT) which is transferred from memory (MEM) to host device (DEV) can be decrypted. In this way for example commonly used memory cards can be secured against unauthorized use.
Description

BRIEF DESCRIPTION OF THE DRAWINGS

The invention will now be explained in more detail with the help of the following examples and figures which comprise further advantages and embodiments of the invention and which may not serve to narrow the broad scope of the invention.



FIG. 1: shows an inventive system with a transponder storing the key.



FIG. 2: shows an inventive system with a mobile device storing the key.



FIG. 3: shows an inventive system wherein an electric data interface is omitted.



FIG. 4: shows a system as in FIG. 1 wherein access is inhibited through powering down the memory.



FIG. 5: shows a system as in FIG. 1 with additional encryption/decryption means and means for storing an access level.





DESCRIPTION OF EMBODIMENTS


FIG. 1 shows a portable storage device MC, a transponder T and a host device DEV. The portable storage device MC comprises a memory MEM, a data interface INT, access inhibit means in the form of a switch SW, a radio communication interface RI, a register for storing a predefined value V for a key K and lastly checking means in the form of a comparator COMP. The comparator COMP has two inputs, one is connected to the radio communication interface RI, the other one to the register for the predefined value V. The output of the comparator COMP is further provided to control the switch SW. The function of the system of FIG. 1 is as follows.


First of all the portable storage device MC is plugged into a slot of the host device DEV thus providing electric connection between portable storage device MC and host device DEV. The portable storage device MC is now powered by the host device DEV. Subsequently, a user of the host device DEV requests that data DAT is transferred from portable storage device MC, which is still locked on to the host device DEV. Now a request Q for a key K is broadcast by the radio communications interface RI. The transponder T, being in the proximity of the portable storage device MC or defining it more precisely being in the radio range of the portable storage device MC, receives this request Q and answers this request Q with the key K, which is subsequently received by the radio communications interface RI of the portable storage device MC. After this, key K is compared with a predefined value V by the comparator COMP. If there is a match, comparator COMP activates its output, which causes the switch SW to be closed. Now access to the memory MEM is provided and data DAT can be transferred between the portable storage device MC and the host device DEV. If key K cannot be received, access is still denied. It is also possible that the request Q for a key K is already sent when the portable storage device MC is plugged into the host device DEV. It is also noted that the access inhibit means are not necessarily in the form of a switch SW between memory MEM and data interface INT as shown. In fact there could also be an inhibit input for the memory MEM or the data interface INT for example. It should farther be noted that comparator COMP is not necessarily a piece of hardware but can also be realized by means of software running in the processor of the storage device MC.



FIG. 2 shows the system of FIG. 1 wherein a mobile device MOB is substituted for the transponder T . Transponders T are usually but not necessarily passive, which means that they do not have their own power source but are powered by the electromagnetic field generated by the radio communication interface RI. Different from this, mobile devices MOB such as mobile phones or PDAs are active and can therefore provide a larger communication distance. A further advantage is that no separate transponder T is necessary since nearly everyone carries a mobile phone nowadays.



FIG. 3 shows the system of FIG. 1 wherein the data interface INT is omitted and the data communication between portable storage device MC and host device DEV is provided through the radio communication interface RI. So, additionally, data DAT is transmitted contactlessly between the portable storage device MC and the host device DEV, which increases user acceptance.



FIG. 4 further shows a system of FIG. 1 wherein the switch SW is not placed between memory MEM and data interface INT, but between memory MEM and a power source POW. If access is granted, the switch SW is closed thus powering the memory MEM. If access is denied, switch SW is open, which additionally saves energy. It should be noted that a power source POW may not only be an active power source in the portable storage device MC such as a battery or an accumulator, but can also be powered by the host device DEV. In this case power source POW may be seen as the electric interface INT or as a receiving coil of the portable storage device MC if energy is transmitted to the storage device MC inductively for instance.



FIG. 5 lastly shows the system of FIG. 1, wherein encrypting means ENC and decrypting means DEC are integrated into the interface INT. The direction of the arrows shows the operation mode. Data DAT which is transferred from the host device DEV to the memory MEM is encrypted by the encrypting means ENC, data DAT which is transferred from the memory MEM to host device DEV is decrypted by the decrypting means DEC. Furthermore, access level storage means in the form of an access level register ACLR are introduced. Its input IN is connected to the output of the comparator COMP, its output connected to the switch SW. In this case comparator COMP does not directly control switch SW, but influences it via the access level register ACLR. Comparator COMP furthermore controls the switch SWAR, which is situated between the radio communication interface RI and the access level register ACLR and which enables or disables writing of the access level register ACLR through a write input WR of the access level register ACLR.


The function of the embodiment shown in FIG. 5 is explained by the use of an exemplary application of the invention. For this reason it is assumed that portable storage device MC is a memory stick, host device DEV a digital camera and mobile device MOB a mobile phone. This is only to illustrate the invention and shall not limit the broad scope of the invention.


First of all the user of the system sets the access level of the portable storage device MC. It is assumed that the mobile device MOB has capability to communicate according to the standard for near field communication, NFC for short. The NFC technology evolved from a combination of contactless identification, namely the RFID technology, and interconnection technologies. NFC operates in the 13.56 MHz frequency range, over a distance of typically a few centimeters, but in future also greater distances of up to 1 m might be possible. NFC technology is standardized in ISO 18092, ECMA 340 and ETSI TS 102 190. NFC is also compatible with the broadly established contactless smart card infrastructure based on ISO 14443.


It is further assumed that key K has been stored in the memory of the mobile device MOB. The user brings the portable storage device MC close to the mobile device MOB and activates a function for changing the access level of the portable storage device MC on the mobile device MOB. Subsequently, the mobile device MOB emits an electromagnetic field thus powering the portable storage device MC. Then portable storage device MC sends a request R to the mobile device MOB to transmit the key K. Mobile device MOB subsequently transmits the key K to the portable storage device MC, which key is compared to a predefined value V by a comparator COMP. It is assumed that the result of this check is true, thus activating the switch SWAR and thus enabling the rewriting of the access level register ACLR. Now the user enters the access level desired for the portable storage device MC on his mobile device MOB, which access level is transmitted to the radio communication interface RI and from there to the access level register ACLR and stored there. For instance the user has entered the following rights.


















read
write
Delete
execute






















with key
x






without key

x












Reading will only be possible when the key K is present, thus avoiding unauthorized use of the pictures on the portable storage device MC, whereas writing will also be possible without key K thus providing a comfortable use of the digital camera DEV. So taking a picture is possible at any time. Deleting is forbidden irrespective of whether key K is present or not, thus avoiding unwanted deletion of data. So an unauthorized person could only write additional data DAT onto the memory card, but cannot access data DAT which has already been stored. The column “execute” is not relevant to this example since it is assumed that only pictures are stored in memory MEM for reasons of better understanding. So entering marks is inhibited for this column. It is also assumed that this setting relates to the whole storage device MC, but it is also imaginable that a setting only relates to a single file or a partition or a directory of memory MEM.


Now user takes away the mobile device MOB from the portable storage device MC, thus causing the opening of the switch SWAR and puts the storage device MC into the host device DEV. Subsequently, the storage device MC is powered through the electric contacts. He attempts to look at some pictures on the storage device MC, which is denied since mobile device MOB is not in the proximity of the storage device MC. Then he takes a picture and stores it onto the storage device MC. This is possible as writing is enabled even if key K is not present. The “zero” on the input IN of the access level register ACLR does not influence this operation since input IN is only relevant if there is a mark in the line “with key”. During storage, the picture is encrypted. For this purpose a so-called public key KPUB of the user is used. This key KPUB can be stored in the portable storage device MC as it is not secret. If the portable storage device MC is shared by a couple of users, the portable storage device MC should store separate public keys KPUB for each user. It is also imaginable that the public key KPUB is provided from the host device DEV or the transponder T or the mobile device MOB. It is even possible that encryption is provided by the host device DEV, so that data DAT does not need further processing within the storage device MC.


Now the user takes the storage device MC out of the host device DEV again and attempts to transfer the picture to his computer (not shown). Therefore he puts the portable storage device MC into a designated slot of the computer and brings his mobile device MOB into the vicinity of the storage device MC. The storage device MC is powered through the electric connection to the computer and broadcasts a request Q for transmitting a key K. Subsequently, the mobile device MOB transmits key K to the storage device MC where it is compared to a predefined value V again. Because the result of the check is true, switch SW is activated thus connecting memory MEM and interface INT. Furthermore, a second key is transmitted to the portable storage device MC which is meant for decrypting data DAT. It is possible for the same key to be used but for security reasons it is preferred to use two different keys. This second key is a so-called private key KPRIV which is secret and shall not get into the hands of unauthorized persons. With this private key KPRIV and decrypting means DEC data DAT is decrypted and transmitted to the computer where it can be looked at and stored.


The aforesaid example illustrates only one possible embodiment. So it is also imaginable that a transponder T with input means is used instead of the mobile device MOB. It is also possible that transponder T has no input means but an access level is set with help of the host device DEV. Anyway, this should only be possible if key K is present. Otherwise portable storage device DEV is more or less insecure.


It is easy to apply the inventive idea to other cases of use. So it is possible to securely transfer data DAT from one computer to another computer through an inventive USB-stick. It is also possible that one USB-stick is shared by a couple of users. Therefore, key K may also serve to identify a user and to set corresponding access rights. It is further imaginable that each user has his own private key KPRIV, so that each user can only decrypt his own data. Furthermore it is possible that one transponder T or one mobile device MOB per user serves for more portable storage devices MC, so that the system is easier to use. A further increase of ease of use is provided when a transponder T or a mobile device MOB serves a couple of applications. For instance a keycard for a car which is necessary to start the engine can also unlock the inventive storage device MC.


It is also imaginable that transponder T or mobile device MOB is attached to further security devices such as a finger print sensor. In this example key K is only transmitted if a proper finger is put on the sensor. A similar solution would be input means for inputting a personal identification number, short PIN. Attaching additional security devices to the transponder T or mobile device MOB instead of attaching them to the storage device MC has the advantage that this solution also works well if the storage device MC slips in a host device DEV so that a finger print sensor could not be accessed. A similar example is a USB-stick which has often to be put into a socket on the rear of the PC. Scanning fingerprints is very uncomfortable in this case.


Examples of the parts of the systems shown in the figures are given only for better understanding. Transponder T can be a smart card, the portable storage device MC can be a microdrive and the host device DEV a digital camera. Furthermore, portable storage device MC can be a memory card and the host device DEV an MP3-player. Lastly it is imaginable that portable storage device MC is a USB-stick and the host device DEV is a PC. So it is easy to understand that data DAT can be pictures, pieces of music, videos, text files or even executable programs. It is also noted that a mobile device MOB such as a mobile phone or a PDA is not limited to serve as the provider for the key K but can also be used as a host device DEV. An example would be a PDA where a portable storage device MC is used to backup internal data or to provide additional functionality in the form of programs from external providers.


At this point it is also noted that the features of the invention which features appear alone or in combination can also be combined or separated, so that the great number of variations and use cases of the invention can easily be imagined.

Claims
  • 1. Portable storage device (MC) comprising: a memory (MEM) for storing data (DAT),a data interface (INT) comprising electric contacts for exchanging data (DAT) between the memory (MEM) and a host device (DEV) via electric signals,a radio communication interface (RI) designed for receiving a key (K),checking means (COMP) for checking if a key (K) has a predefined value (V), andaccess inhibit means (SW) for controlling access to the memory (MEM), wherein the access inhibit means (SW) are controlled by the checking means (COMP).
  • 2. Portable storage device (MC) as claimed in claim 1, further comprising: encrypting means (ENC) for encrypting data (DAT) which is transferred from host device (DEV) to memory (MEM), anddecrypting means (DEC) for decrypting data (DAT) which is transferred from memory (MEM) to host device (DEV).
  • 3. Portable storage device (MC) as claimed in claim 1, characterized in that data interface (INT) is omitted and said radio communication interface (RI) is additionally arranged for exchanging data (DAT) between memory (MEM) and the host device (DEV) via radio instead.
  • 4. Portable storage device (MC) as claimed in claim 1, characterized in that memory (MEM), radio communication interface (RI), checking means (COMP), access inhibit means (SW) as well as the optional data interface (INT) are included in a single chip.
  • 5. Portable storage device (MC) as claim in claim 1, characterized in that radio communication interface (RI) or data interface (INT) is arranged for receiving an access level which is to define different access rights for different access operations to memory (MEM), and/or to define different access rights for different parts of memory (MEM) wherein said portable storage device (MC) furthermore comprises means for storing said access level (ACLR).
  • 6. Portable storage device (MC) as claimed in claim 5, characterized in that it furthermore comprises means to set said access level.
  • 7. Method for exchanging data (DAT) between a memory (MEM) of a portable storage device (MC) and a host device (DEV), the method comprising the steps of: connecting the portable storage device (MC) with the host device (DEV) via electric contacts or a radio link, andpermitting access to the memory (MEM) through said electric contacts or said radio link if a predefined key (K) can be received from a transponder (T) or a mobile device (MOB).
  • 8. Method as claimed in claim 7, wherein data (DAT) which is transferred from host device (DEV) to memory (MEM) is encrypted and data (DAT) which is transferred from memory (MEM) to host device (DEV) is decrypted.
  • 9. Method as claimed in claim 7, characterized in that access is permitted until portable storage device (MC) is disconnected from the host device (DEV) once the key (K) has been transmitted.
  • 10. Method as claimed in claim 7, characterized in that access for a running operation between host device (DEV) and portable storage device (MC) is permitted until said operation has been finished.
  • 11. Method as claimed in claim 7, characterized in that an access level for at least a part of the memory (MEM) is received by the portable storage device (MC) over a radio communication interface (RI) or over an electric data interface (INT) and stored in said portable storage device (MC).
  • 12. Transponder (T), having means for inputting an access level which access level is to define different access rights for different access operations to a memory (MEM) of a portable storage device (MC) and/or to define different access rights for different parts of a memory (MEM) of a portable storage device (MC), wherein said portable storage device (MC) is designed for exchanging data (DAT) with a host device (DEV) andhaving means for transmitting said access level to said portable storage device (MC) via a radio link.
  • 13. Mobile device (MOB), having means for inputting an access level, which access level is to define different access rights for different access operations to a memory (MEM) of a portable storage device (MC) and/or to define different access rights for different parts of a memory (MEM) of a portable storage device (MC), wherein said portable storage device (MC) is designed for exchanging data (DAT) with a host device (DEV) andhaving means for transmitting said access level to said portable storage device (MC) via electric contacts or a radio link.
  • 14. Digital camera, having means for inputting an access level, which access level is to define different access rights for different access operations to a memory (MEM) of a portable storage device (MC) and/or to define different access rights for different parts of a memory (MEM) of a portable storage device (MC), wherein said portable storage device (MC) is designed for exchanging data (DAT) with a host device (DEV) andhaving means for transmitting said access level to said portable storage device (MC) via electric contacts or a radio link.
Priority Claims (1)
Number Date Country Kind
04104277.1 Sep 2004 EP regional
PCT Information
Filing Document Filing Date Country Kind 371c Date
PCT/IB05/52849 8/31/2005 WO 00 3/1/2007