Patent Grant
8955746
With the ever increasing prevalence of computers and electronic devices in today's society, security concerns are manifested in that a wide variety of information accessible by such devices is potentially subject to attack. This is particularly so with the always expanding variety of electronic devices including tablet computers, smartphones, electronic readers (e-reader) and so forth, on which users store and access secure information. In addition to concern for electronic communications, security concerns also exist for the display of sensitive information, both in the form of conventional documents such as paper documents, identification documents such as driver's licenses, passports and the like, and credit cards, debit cards and other financial-based cards, and on electric displays.
To this end, various security mechanisms exist to add a level of security to cards and other devices by way of a security layer that enables the information on the card to be hidden from view unless an authorized user is seeking to access the card or other device. However, these devices are relatively complex, expensive and also can be confusing to a user, as in a transparent state, the user may not know what card is actually being accessed.
In various embodiments, techniques are provided to enable a user to protect paper documents, identification cards, credit cards and other types of access cards, in addition to electronic paper (e-paper), electronic ink (e-ink) displays, auxiliary displays and so forth by way of various lockable techniques. As used herein, an e-paper or an e-ink display is essentially a form of electronically controllable display that does not require persistent power to maintain displayed content.
More specifically, embodiments may provide a security mechanism to such devices by rendering content to be protected, such as identification information, personal information, financial information and so forth, in an unreadable state, e.g., by way of some type of distortion mechanism. Although the information is unreadable due to this distortion, embodiments may allow a user to still be able to identify the type of underlying image such that when multiple images are available for display, the user can select one of these images for unlocking and proper display. Thus the unreadable image still provides a user with some idea of what the image is without actually displaying the image.
In some embodiments such as for a passport, the object may be according to a write once and many update policy, where multiple pages can be included and dynamically updated. Or an issued document may be fixed. Other usages enable a user to protect self-created content, which can be added to over time. As an example, a number of identification, credit card, debit cards and other cards, can be stored on a single e-paper document. Then the document can be updated each time a new document is received by the end user.
Note that embodiments can be applied to many different physical objects, ranging from paper-based objects such as an e-paper document, to e-ink displays such as present on an e-reader, tablet computer or other portable computing device, to protection of more conventional displays such as liquid crystal display (LCD) or light emitting diode (LED) displays of portable devices such as smartphones, tablet computers, Ultrabooks™ and so forth. Particularly with regard to Ultrabooks™, notebooks and other thin and light devices having a clamshell-based design, embodiments may be applied to an auxiliary display located on a back side of a display portion of the system.
In general, an e-paper document may be generated by obtaining one or more images to be displayed and storing them in a non-volatile memory of the e-paper document. In general, the e-paper document may include one or more storage means, one or more processing means including a display rendering means, and a display means, such as an e-ink display that enables a rendered image to remain visible on the display persistently, even when the e-paper document is not powered.
Referring now to
To provide a measure of security, embodiments enable a locked state for document 10, illustrated as including an image frame 15a that is in an unreadable or distorted state (but including a readable keypad or other unlock mechanism). Different manners of providing obscuration of a document can be present. For example, a blur may be applied to the image to render it unreadable. Or a pixel manipulation process may be performed to randomly rearrange at least some of the pixels of the image to cause the image to be unreadable. In any event, even in this distorted or unreadable state, a user may still be able to identify the type of document although the actual information within the image is unreadable. Further shown in
Similar locking mechanisms can be applied to other types of objects such as a driver's license or other identification card. Referring now to
Locking mechanisms in accordance with an embodiment of the present invention can be applied to many other types of objects to be accessed. Specifically referring now to
As such, using an embodiment of the present invention, raw physical possession of an object protected by a locking mechanism in accordance with an embodiment of the present invention does not enable utility of the object. Instead, physical possession and an acceptable authentication code or possession of another type of unlock key is a prerequisite to enabling utility of the object.
In the embodiment shown in
To receive touch input, the device may include a touch surface such as a touchpad on top of the display. In such embodiments, the device renders either the touchpad or an input icon (such as icon 32) on the display, e.g., the last time it was used and prior to powering down, such that the touchpad is persistent.
Although shown as a keypad and by way of a touch sequence, understand that the scope of the present invention is not limited in this regard and unlocking mechanisms can take many different forms. For example, in the illustration shown a touch sequence (e.g., numeric or alphanumeric keypad) can be used. In some embodiments this keypad may be randomized to prevent a malicious user from obtaining the authentication code by observing smudges on the surface and from handling the device. In other embodiments, instead of a keypad with numeric or alphanumeric entries, drawing shapes or connecting dots may be the authentication code entered by touch sequence. Still further, embodiments may enable an unlocking mechanism by way of a PIN number or other authentication code provided from a hardware or software token device. Still further embodiments may provide an unlocking mechanism by way of an authorized NFC device, such as providing a near field communication from a smartphone or other portable device paired with the access object to enable the unlocking of the object, e.g., for a predetermined amount of time.
Other embodiments of an unlocking mechanism can include a challenge issuance on the object (e.g., a QR code, PIN number or so forth) that is entered into another device such as a smartphone or other portable device to retrieve the authentication code to be entered. Yet another example unlocking mechanism may include some form of biometric input, e.g., fingerprint, voice, retina, DNA or so forth. In some embodiments, a third party authorization may be enabled such that the device may trust a user's smartphone to unlock it, and also trust a set of devices having a trusted cryptographic key such as a local police station or other government or non-government entity. Stated another way, a device may be provisioned in such a way that multiple unlock keys or multiple trusted parties can render content visible.
Note that once unlocked by an appropriate authentication code, the unobscured image may remain on the object for only a limited time. In different embodiments, an object may relock itself according to a security policy. As an example, a device may re-lock itself after a predetermined time. Or the device may be relocked by a user manually. Still further, the device may lock itself or cause the undistorted image to be cleared if an incorrect code is entered more than a threshold number of times.
Using embodiments of the present invention, many different types of use cases can be realized. For example, when applied to an e-paper document, the document can be unlocked when needed and otherwise the document is protected in the locked state. In one example, assume that the e-paper document is a vehicle registration, the document may remain in a user's car in a locked state and can be unlocked upon request (e.g., when requested by a police officer). Still further, embodiments can be used to protect identity documents such as passports, driver's licenses and so forth prior to use. Thus when such documents are lost or stolen, the threat of identity theft can be reduced or avoided. Embodiments may further be applied to protect security credentials such as a Verisign security token before displaying an authentication code, e.g., for use on a banking website. Embodiments can be used to protect a payment card such as a credit or debit card prior to use, e.g., protecting any image information as well as a magnetic strip or communication mechanism of the device. Thus in all these cases, users can continue to interact with a physical object in a manner with which they are familiar but with the enhancements provided herein, the contents of these objects may be secured.
As described above, embodiments may enable an end user to create secure documents. Referring now to
Next, the user may load these files into a non-volatile storage of the e-paper document (block 120). As will be described further below in general an e-paper document may include storage and processing capabilities. As such, the user may load these files into the non-volatile storage. As one example, this loading can be performed using the user's personal computer as connected to the e-paper, e.g., via a wired or wireless connection. Next, the user may be allowed to configure the operational parameters for the e-paper document (block 130). For example, via a graphical user interface (GUI) present on the user's computer, various parameters of the e-paper document such as the location at which to display an image, the type of authentication code required, the length of display time, the number of users that are allowed to unlock the image or so forth, can be set. Then at block 140 these operational parameters can be stored in the e-paper document. Such information may be downloaded as a configuration file for storage in the non-volatile storage of the e-paper document. Note that in some embodiments, these configurable parameters may also have defaults to simplify the interaction.
Still referring to
Referring now to
For purposes of illustration,
Control next passes to block 170 where an image file may be received responsive to this request. For example, the end user may scan in a document, e.g., via a scanner or other digitizer coupled to the computer, to thus enable receipt of the image file responsive to the request (block 170).
Still referring to
Still referring to
This configuration data may thus be received and stored in a configuration file (block 190). Finally, all of the obtained information, namely the image file, one or more obscured image files generated and the configuration file may be communicated to the electronic display (block 195). Different manners of downloading this information into a storage means of the electronic display are possible. For example, a wired or wireless communication may occur.
Thus in
Referring now to
Still referring to
Control next passes to diamond 230 where it can be determined whether this authentication code matches a stored authentication code corresponding to the selected image. If not, control passes to block 240 where the display of the image can be prevented. This prevention can be realized simply by maintaining a current obscured view. Otherwise if a correct authentication code is received, control passes to block 250 where the image can be properly displayed. For example, a rendering logic can be controlled to enable rendering of the full image. Although shown at this high level in the embodiment of
Referring now to
Still referring to
In general, document 300 may be maintained in a low power state in which the power supply is turned off to most or all components, and the display may be maintained persistently in the absence of power delivery to it. In one such embodiment, all components may be placed in a low power state and input device 330 may periodically be powered on to determine whether a user input is received, e.g., via a touchpad. And if so, a remainder of the system, including the processor, may be powered on. Although shown at this high level in the embodiment in
As described above, embodiments may be applied to many different types of displays. As one such example,
Embodiments can be used in many different environments. Referring now to
To enable communications to be transmitted and received, various circuitry may be coupled between baseband processor 810 and an antenna 890. Specifically, a radio frequency (RF) transceiver 870 and a wireless local area network (WLAN) transceiver 875 may be present. In general, RF transceiver 870 may be used to receive and transmit wireless data and calls according to a given wireless communication protocol such as 3G or 4G wireless communication protocol such as in accordance with a code division multiple access (CDMA), global system for mobile communication (GSM), long term evolution (LTE) or other protocol. In addition a GPS sensor 880 may be present. Other wireless communications such as receipt or transmission of radio signals, e.g., AM/FM and other signals may also be provided. In addition, via WLAN transceiver 875, local wireless signals, such as according to a Bluetooth™ standard or an IEEE 802.11 standard such as IEEE 802.11a/b/g/n can also be realized. Although shown at this high level in the embodiment of
Embodiments may be used in many different types of systems. For example, in one embodiment a communication device can be arranged to perform the various methods and techniques described herein. Of course, the scope of the present invention is not limited to a communication device, and instead other embodiments can be directed to other types of apparatus for processing instructions, or one or more machine readable media including instructions that in response to being executed on a computing device, cause the device to carry out one or more of the methods and techniques described herein.
The following examples pertain to further embodiments.
In an embodiment, an apparatus includes a display to display an image persistently in absence of power delivery to the display, an authentication logic to determine whether an authentication code received from an end user corresponds to an authentication code associated with the image, a render logic to render the image for display on the display, and a display logic to enable display of the image in a readable format when the authentication code corresponds to the associated authentication code, and to otherwise display the image in an unreadable format in which information of the image is unreadable but a type of document represented by the image is determinable.
The apparatus further includes a non-volatile storage to store multiple images including the image, where the end user loads the plurality of images into the non-volatile storage.
The apparatus further includes at least one of a magnetic strip including user information and a near field communication (NFC) device, and where the authentication logic is to prevent access to the magnetic strip and/or the NFC device when the received authentication code does not correspond to the associated authentication code.
The apparatus may further include an auxiliary display configured on a backside of a display portion of a portable computer. The display may be an e-paper document that is generated by the end user.
The display logic is further to enable display of a touchpad overlaid on at least a portion of the image in the unreadable format prior to the absence of power delivery to enable persistent display of the touchpad, and the apparatus may be configured to wake up from a low power mode responsive to input on the touchpad from the end user.
The apparatus further includes a processor including the authentication logic, the render logic, and the display logic, where the processor further includes an obscuration logic to generate the image in the unreadable format. Note that the type of obscuration is selectable by the end user.
In another embodiment, an article includes a non-transitory storage medium including instructions that when executed enable a system to: receive an image file corresponding to a digitization of an image sought to be protected by an end user; enable the end user to select a type of obscuration to be applied to the image; apply the obscuration type to data of the image file to generate an obscured image file; and communicate the image file and the obscured image file to an electronic display associated with a compute device to enable persistent display of a selected image in absence of power delivery to the electronic display.
The article may further include instructions that enable the system to obtain one or more configuration parameters from the end user and to store the parameters into a configuration file, and to communicate the configuration file to the electronic display.
The article may further include instructions that enable the system to receive the image file from a scanner coupled to the system.
The article may further include instructions that enable the system to provide a graphical user interface to seek input from the end user regarding selection of one or more obscuration types to be applied to the image.
In another embodiment, a method includes: receiving, in a processor of a persistent electronic display, an authentication code from an end user; determining, in the processor, whether the received authentication code corresponds to a stored authentication code; and displaying a selected image on the persistent electronic display if the received authentication code corresponds to the stored authentication code, and otherwise displaying an obscured image on the persistent electronic display, where the obscured image is in an unreadable format in which information of the selected image is unreadable but a type of document represented by the selected image is determinable.
The method further includes receiving, in the processor, a selection of the selected image to be displayed from a plurality of available images stored in the persistent electronic display.
The method further includes receiving an image file corresponding to the selected image and an obscured image file corresponding to the obscured image from a computer of the end user, and storing the image file and the obscured image file in a non-volatile storage of the persistent electronic display.
The method further includes enabling display of a touchpad overlaid on at least a portion of the obscured image prior to an absence of power delivery to the persistent electronic display to enable persistent display of the touchpad.
Embodiments may be implemented in code and may be stored on a non-transitory storage medium having stored thereon instructions which can be used to program a system to perform the instructions. The storage medium may include, but is not limited to, any type of disk including floppy disks, optical disks, solid state drives (SSDs), compact disk read-only memories (CD-ROMs), compact disk rewritables (CD-RWs), and magneto-optical disks, semiconductor devices such as read-only memories (ROMs), random access memories (RAMs) such as dynamic random access memories (DRAMs), static random access memories (SRAMs), erasable programmable read-only memories (EPROMs), flash memories, electrically erasable programmable read-only memories (EEPROMs), magnetic or optical cards, or any other type of media suitable for storing electronic instructions.
While the present invention has been described with respect to a limited number of embodiments, those skilled in the art will appreciate numerous modifications and variations therefrom. It is intended that the appended claims cover all such modifications and variations as fall within the true spirit and scope of this present invention.
| Number | Name | Date | Kind |
|---|---|---|---|
| 6079621 | Vardanyan et al. | Jun 2000 | A |
| 6095416 | Grant et al. | Aug 2000 | A |
| 6179205 | Sloan | Jan 2001 | B1 |
| 6233684 | Stefik et al. | May 2001 | B1 |
| 6273335 | Sloan | Aug 2001 | B1 |
| 6494367 | Zacharias | Dec 2002 | B1 |
| 6720860 | Narayanaswami | Apr 2004 | B1 |
| 6817530 | Labrec et al. | Nov 2004 | B2 |
| 6924781 | Gelbman | Aug 2005 | B1 |
| 7140550 | Ramachandran | Nov 2006 | B2 |
| 7224995 | Rhoads | May 2007 | B2 |
| 7254560 | Singhal | Aug 2007 | B2 |
| 7353014 | Chetty | Apr 2008 | B2 |
| 7389269 | Robinson et al. | Jun 2008 | B1 |
| 7434048 | Shapiro et al. | Oct 2008 | B1 |
| 7502937 | McKinley et al. | Mar 2009 | B2 |
| 7593000 | Chin | Sep 2009 | B1 |
| 7669245 | Jung et al. | Feb 2010 | B2 |
| 7733231 | Carney et al. | Jun 2010 | B2 |
| 7739510 | Jung et al. | Jun 2010 | B2 |
| 7748627 | Gelbman | Jul 2010 | B2 |
| 7751585 | Jancke | Jul 2010 | B2 |
| 7796013 | Murakami et al. | Sep 2010 | B2 |
| 7865734 | Jung et al. | Jan 2011 | B2 |
| 7874488 | Parkinson | Jan 2011 | B2 |
| 8009147 | Chang et al. | Aug 2011 | B2 |
| 8024361 | Daughtry et al. | Sep 2011 | B2 |
| 8058972 | Mohanty | Nov 2011 | B2 |
| 8065525 | Zilberman | Nov 2011 | B2 |
| 8112066 | Ayed | Feb 2012 | B2 |
| 8136053 | Miller et al. | Mar 2012 | B1 |
| 8159328 | Luckhardt | Apr 2012 | B2 |
| 8190129 | Ayed | May 2012 | B2 |
| RE43716 | Wang | Oct 2012 | E |
| 20020010698 | Shin et al. | Jan 2002 | A1 |
| 20020172363 | Dierks et al. | Nov 2002 | A1 |
| 20030179073 | Ghazarian | Sep 2003 | A1 |
| 20050219224 | Liebenow | Oct 2005 | A1 |
| 20060080260 | Chen et al. | Apr 2006 | A1 |
| 20060161977 | Jung et al. | Jul 2006 | A1 |
| 20060187060 | Colby | Aug 2006 | A1 |
| 20060288427 | Fuse et al. | Dec 2006 | A1 |
| 20070075130 | Potrykus | Apr 2007 | A1 |
| 20070241183 | Brown et al. | Oct 2007 | A1 |
| 20070246529 | Lalo et al. | Oct 2007 | A1 |
| 20080122219 | Dunnigan et al. | May 2008 | A1 |
| 20080135629 | Douglas | Jun 2008 | A1 |
| 20080148396 | Jung et al. | Jun 2008 | A1 |
| 20080296367 | Parkinson | Dec 2008 | A1 |
| 20090037173 | Hansen | Feb 2009 | A1 |
| 20090222349 | Burger et al. | Sep 2009 | A1 |
| 20090254484 | Forero et al. | Oct 2009 | A1 |
| 20090278657 | Kawashima et al. | Nov 2009 | A1 |
| 20100127083 | Brown et al. | May 2010 | A1 |
| 20100328225 | Black | Dec 2010 | A1 |
| 20110047074 | Cai | Feb 2011 | A1 |
| 20110055587 | Jung et al. | Mar 2011 | A1 |
| 20110088100 | Rutman | Apr 2011 | A1 |
| 20110102141 | Wu | May 2011 | A1 |
| 20110140841 | Bona et al. | Jun 2011 | A1 |
| 20110191840 | Ortiz et al. | Aug 2011 | A1 |
| 20110215161 | Jung et al. | Sep 2011 | A1 |
| 20110276425 | Mullen | Nov 2011 | A1 |
| 20110279242 | Krawczewicz | Nov 2011 | A1 |
| 20110296530 | Tsai et al. | Dec 2011 | A1 |
| 20120002244 | Rothschild | Jan 2012 | A1 |
| 20120052800 | Bona et al. | Mar 2012 | A1 |
| 20120066740 | Doughty et al. | Mar 2012 | A1 |
| 20120181333 | Krawczewicz et al. | Jul 2012 | A1 |
| 20140035720 | Chapman | Feb 2014 | A1 |
| Number | Date | Country |
|---|---|---|
| 201604388 | Oct 2010 | CN |
| 202153345 | Feb 2012 | CN |
| 101699473 | Mar 2012 | CN |
| 102005043053 | Sep 2005 | DE |
| 102004018002 | Nov 2005 | DE |
| 1225500 | Jun 2004 | EP |
| 1575004 | Sep 2005 | EP |
| 2950985 | Jul 2009 | FR |
| 2445373 | Sep 2008 | GB |
| 2004185408 | Jul 2004 | JP |
| 200641801 | Feb 2006 | JP |
| 2006053688 | Feb 2006 | JP |
| 20010070865 | Jun 2001 | KR |
| 1020100130832 | Dec 2010 | KR |
| 101100700 | Dec 2011 | KR |
| WO0036560 | Jun 2000 | WO |
| WO0104793 | Jan 2001 | WO |
| WO2007027791 | Mar 2007 | WO |
| WO2009087547 | Jul 2009 | WO |
| WO2009095263 | Aug 2009 | WO |
| WO2010043816 | Apr 2010 | WO |
| WO2011123244 | Oct 2011 | WO |
| WO2012067640 | May 2012 | WO |
| Entry |
|---|
| Solicore, “Embedded Power Solutions, Powered Cards,” 2010, 2 pages. |
| Tim Leberecht, “Troika: Smart, Multifunctional Identity Card of the Future?,” Apr. 11, 2009, 1 page. |
| Gizmag Team, “Anti-fraud credit card features E-Ink display,” Nov. 19, 2009, 1 page. |
| Kobsa, et al., “Usability of Display-Equipped RFID Tags for Security Purposes,” Proceedings of the 16th European Conference on Research in Computer Security, 2011, 18 pages. |
| Rishab Nithyanand, “The Evolution of Cryptographic Protocols in Electronic Passports,” 2009, 12 pages. |
| Rishab Nithyanand, “Securing Personal RFID Tags and Infrastructures, THESIS,” 2010, 97 pages. |
| Christopher Northwood, “Evaluation of a rhythm based user authentication system for mobile devices, Project report submitted in part-fulfilment for BEng Computer Science in the Department of Computer Science, University of York” Mar. 17, 2009, 72 pages. |
| Zoe Antoniou and Dimitris N. Kalofonos, “NFC-Based Mobile Middleware for Intuitive User Interaction With Security in Smart Homes,” Nokia Research Center Cambridge, 2006, 6 pages. |
| Robert Moskovitch, et al., “Identity Theft, Computers and Behavioral Biometrics,” 2009, 6 pages. |
| Stephen August Weis, “Security and Privacy in Radio-Frequency Identification Devices,” Submitted to the Department of Electrical Engineering and Computer Science, May 2003, 79 pages. |
| Soo-Hyun Choi, et al., “A Secure and Scalable Transaction Protocol for Ubiquitous Sensor Network using RFID Systems,” Feb. 17-20, 2008, 4 pages. |
| Computer Weekly.com, “Digisafe manages to lock documents away,” Apr. 29, 2002, 2 pages. |
| Number | Date | Country | |
|---|---|---|---|
| 20140087656 A1 | Mar 2014 | US |
