TREA

Scalable method for access control

Follow

Information

  • Patent Application
  • 20080012685
  • Publication Number
    20080012685
  • Date Filed
    July 05, 2007
    17 years ago
  • Date Published
    January 17, 2008
    16 years ago
Information
Abstract
A method for specifying access authorization to at least one memory area of a transponder is provided, in which the memory area is assigned access control information, whereby the access control information comprises at least one configurable master access control information, and write access to the memory area is released at least by a first configuration of the master access control information and write access to the memory area is blocked by a second configuration of the master access control information, whereby in the method the access control information is stored further in the transponder, the access control information is assigned at least one first settable sub-access control information, and the information is scaled by the assignment of the first sub-access control information to the master access control information, so that access authorization specified by the configuration of the master access control information is adapted to at least one additional requirement. The invention relates further to scalable transponders and an RFID system comprising a scalable transponder.
Description

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention will become more fully understood from the detailed description given hereinbelow and the accompanying drawings which are given by way of illustration only, and thus, are not limitive of the present invention, and wherein:



FIG. 1 shows possible bit patterns of an access control information;



FIG. 2 is a schematic drawing of a memory area divided into memory blocks and an associated shadow memory area;



FIG. 3 is a schematic drawing of a dynamic division of the memory area and the shadow memory area into memory blocks;



FIG. 4 is a schematic drawing of a memory area divided into memory blocks and an associated shadow memory area according to a second exemplary embodiment, and



FIG. 5 is a schematic drawing of a memory area divided into memory blocks and an associated shadow memory area according to a third exemplary embodiment.





DETAILED DESCRIPTION

An access authorization to a memory area of a transponder is specified by the access control information. According to the invention, access control information comprises a master access control information and at least one first sub-access control information, by which the master access control information is scaled, so that an individual setting of an access authorization can be specified. In an embodiment, the master access control information and the sub-access control information are each formed by a bit pattern, comprising two bits in each case.



FIG. 1 shows schematically the possible bit patterns with use of two bits in each case, whereby the first column shows the master bits MB, which are scaled by the sub-bits SB shown in the second column.


The master bits MB are, for example, the lock bits known from the aforementioned draft standard (see, for example, ISO/IEC_CD 18000-6C 6.3.2.10.3.5). In an advantageous embodiment, the master bits MB are assigned the following meaning:

  • 00: no write protection;
  • 01: writing is possible only in the “open” or “secure” state of the transponder;
  • 10: writing is possible only in the “secure” state of the transponder, and
  • 11: writing to this memory area is not possible in any transponder state.


In another embodiment (not shown), only a master bit is present, which assumes either the value “0” or the value “1,” whereby, for example, there is no write protection at the value “0” and the memory area is protected at least against writing at the value “1.”


The authorization can be scaled further by means of the sub-bits SB, i.e., can be adapted to specific requirements. The setting options thereby depend, inter alia, on other transponder settings. For compatibility with transponders without scaling capabilities, in an embodiment a pattern or configuration of the sub-bits is assigned the “unscaled” option, for example, the pattern “00”.


In a first exemplary embodiment, a transponder of this type is set in such a way that the transponder is assigned only one identifier (ID). Possible settings for access to the memory area are given in the following table; the bit patterns of the master bits are shown in the first column and the bit patterns of the sub-bits in the second column.
















00
00
No restriction during reading or writing



01
Still unassigned or reserved for later functions



10
Still unassigned or reserved for later functions



11
Still unassigned or reserved for later functions


01
00
Writing and reading possible only in the “open” or “secure”




state



01
Writing and reading possible only in the “open” or “secure”




state



10
Writing and reading possible only in the “open” or “secure”




state



11
No writing possible, reading possible only in the “open” or




“secure” state


10
00
Writing possible only in the “secure” state, no restriction for




reading



01
Writing and reading possible only in the “secure” state with a




password



10
Writing possible only in the “secure” state with password1,




reading possible only in the “secure” state with password2



11
Still unassigned or reserved for later functions


11
00
No writing possible, reading possible without password



01
No writing, reading with password1



10
No writing, reading with password2



11
No writing, no reading









These settings, assigned to the different bit patterns of the master bits and sub-bits, are of course only one possibility for adapting the transponder to different requirements. Here, in the exemplary embodiment, the entire memory area is assigned a common access control.


In an embodiment, further fine setting of the access control by second sub-bits is possible. Thus, it is conceivable, for example, that the access control information comprising the following bit pattern “11 11” of the master bits MB “11” and the sub-bits SB “11” is overloaded. If additional second sub-bits are present, these are then utilized to perform a further setting or scaling.


In a second exemplary embodiment, one bit or a plurality of bits, particularly four bits, are provided as a second sub-access control information. In the exemplary embodiment, a setting, which affects the entire memory area of the transponder, can be made by the master bits and the first sub-bits. It is further possible by means of the second sub-bit or the second sub-bits to divide the memory area into any number of memory blocks, whereby the read and/or write access to the specific memory block can be set by the second sub-bit or the second sub-bits, particularly in the case of four sub-bits by a bit pattern with four bits according to FIG. 1.



FIG. 2 shows schematically a memory area 1 of a transponder, the transponder not being shown. The memory area 1 is divided into five memory blocks A to E. Each memory block A to E is assigned access control information a-e, which specifies access authorization to the memory block. The access control information a-e is stored in a shadow memory 2, which is divided into sub-memory areas a-e parallel or corresponding to memory blocks A-E.


In the depicted embodiment the access control information a to d comprises at least eight bits.


If the first master bits MB and the first sub-bits SB have the indicated bit pattern “1111,” it is then signaled that further information may follow. The next four bits then serve for the selective setting of access control in memory area A. If no further information follows, the bit pattern “1111” signals, for example, as described above, that neither writing nor reading is possible. The bit pattern is thereby overloaded and the memory is thereby individually configurable.


The next eight bits serve to set access authorization to a memory block B.


Access control information e is not followed by any other sub-bits, so that the access control information, for example, can also apply to memory blocks coming after memory block E, if such subsequent memory blocks are present.



FIG. 3 shows schematically a dynamic subdivision of memory area 1 into memory blocks A-E and a subdivision of the shadow memory area 2 into parallel or corresponding sub-memory areas.



FIG. 4 shows another embodiment of the invention, whereby memory area 1 is also divided into any number of memory blocks A-E according to FIG. 2. Access to the entire memory area 1 or all memory blocks A-E is specified by two master bits M1, M2, which correspond to the lock bits known from the aforementioned draft standard (see, for example, ISO/IEC CD 18000-6C 6.3.2.10.3.5). A first master bit M1 or lock bit in this case specifies a write protection for the memory area, whereas a second master bit M2 or lock bit makes the set access authorization permanent. The second master bit M2 is therefore also called a permalock bit. In an embodiment corresponding to the draft standard, the master bits M1, M2 are assigned the following meaning here:

  • 00: writing is possible in the “open” or “secure” state of the transponder;
  • 01: writing is always possible in the “open” or “secure” state of the transponder; the memory area can never be write-protected (locked);
  • 10: writing is possible only in the “secure” state of the transponder; and
  • 11: writing to this memory area is not possible in any transponder state.


The aforementioned draft standard specifies that a permalock bit once it is set cannot be cleared again.


According to the invention, each memory block A-E is assigned further at least one sub-access control information a-e, comprising at least one sub-bit or block bit, whereby access to an associated memory block A-E can be blocked by the block bit contrary to general access control information M1, M2. The block sub-bit is subordinate to the master bits; i.e., when the master bits have the aforementioned configuration “01” according to which the entire memory area cannot be write protected, a set block sub-bit is ignored and/or a setting of the block sub-bit is prevented. The block sub-bit in an embodiment is designed to be one-time programmable, whereby a set state is not reversible. In an initial configuration of the transponder, for example, all sub-bits are not set. Individual memory blocks A-E can then be protected from writing (permanently) by setting of the specific sub-bits.


In another embodiment, more than one sub-bit per sub-access control information a-e is provided, for example, four sub-bits, as shown in FIG. 5. This makes possible an individual adjustment of each individual memory block A-E to further requirements. For example, write accesses to individual memory blocks A-E can be specified individually.


In again different embodiments, in each case, two or more memory blocks can be assigned a common sub-bit.


During use, a transponder or a tag is used, for example, in conjunction with a sensor to monitor, for example, chilled goods, whereby temperature profiles can be stored in the transponder in a memory area, provided for this, by the sensor. To prevent the temperature profiles from being falsified, for example, in order to fake adherence to legally stipulated quality standards, this memory area and/or a memory block or several memory blocks of the memory area are to be protected from overwriting by reader units from the outside, for example, via the so-called radio interface. At the same, it should be possible in the indicated example to release other memory blocks and/or other memory areas for writing for certain users, so that, for example, during a transfer of risk an authorized user can record this in the transponder using a time stamp. It is obvious that it is not desirable in this case that successive users in the logistics chain have write access to the same memory blocks. Otherwise a subsequent user could again correct at any time his time of the transfer of risk. The different users are each given, for example, a password, whereby with use of this password they are granted write access to a memory block allocated to them. Read access can also be blocked or released with conditions. Subdivision into several memory blocks with different access authorizations can thus reduce the risks for a carrier in the logistics chain.


In another exemplary embodiment, a transponder is configured with two identifiers ID1, ID2. The two password areas typically present in the transponder are then assigned to the two identifiers ID1, ID2. This results in the setting options shown in the following table:
















00
00
No restriction during reading or writing



01
Still unassigned or reserved for later functions



10
Still unassigned or reserved for later functions



11
Still unassigned or reserved for later functions


01
00
Writing and reading with ID1 possible only in the “open” or




“secure” state, with active ID2 no write and/or read




authorization



01
Writing and reading with ID1 possible only in the “open” or




“secure” state, with active ID2 no write and/or read




authorization



10
Writing and reading with ID2 possible only in the “secure”




state



11
No writing possible, reading possible only in the “open” or




“secure” state with ID1, with active ID2 no write and/or read




authorization


10
00
Writing and reading possible with ID2 only in the “open” or




“secure” state, with active ID1 no write and/or read




authorization



01
Writing and reading possible with ID2 only in the “open” or




“secure” state, with active ID1 no write and/or read




authorization



10
Writing and reading with ID1 possible only in the “secure”




state



11
No writing possible, reading possible only in the “open” or




“secure” state with ID2, with active ID1 no write and/or read




authorization


11
00
No writing possible, reading possible without password



01
No writing, reading with ID1



10
No writing, reading with ID2



11
No writing, no reading









In this case, the bit sequence “1111” is overloaded in an embodiment. If a second sub-access control information is present, then, for example, the bit sequence “1111” only determines that no writing is possible. A read authorization can be defined by a second sub-access control information.


In another exemplary embodiment, the memory area is allocated to the EPC. Here, a setting is carried out by the method of the invention in such a way that without sub-bits the write protection specified by the master bits, i.e., preferably the lock bits, applies only to a first identifier ID1. If, on the contrary, there is sub-access control information of the invention, then the following functions can be set depending on the sub-access control information of the invention: (1) The EPC is transmitted only with the use of a read command (“read” command according to draft standard; see, for example, ISO/IEC_CD 18000-6C 6.3.2.10.3.2); (2) the EPC is output encoded with the use of the read command; (3) the second identifier ID2 and/or any other information are output encoded after an acknowledge command; and/or (4) subsettings apply only to the additional identifiers.


The listed setting options are exemplary. It is apparent that other functions can be assigned to the individual access control information; in each case, a rough setting occurs by means of the master access control information and a fine setting by one or more subordinate sub-access control information.


The invention being thus described, it will be obvious that the same may be varied in many ways. Such variations are not to be regarded as a departure from the spirit and scope of the invention, and all such modifications as would be obvious to one skilled in the art are to be included within the scope of the following claims.

Claims
  • 1. A method for specifying access authorization to at least one memory area of a transponder, particularly a passive and/or backscatter-based transponder, the method comprising: assigning the memory area access control information, the access control information comprising at least one configurable master access control information and write access to the memory area is released at least by a first configuration of the master access control information and write access to the memory area is blocked by a second configuration of the master access control information;storing the access control information in the transponder;assigning the master access control information least one first settable sub-access control information;scaling the master access control information by the assignment of the first sub-access control information so that access authorization specified by the configuration of the master access control information is adapted to at least one additional requirement.
  • 2. The method according to claim 1, wherein access authorization for read access to the memory area is specified by the first sub-access control information.
  • 3. The method according to claim 1, wherein the first sub-access control information is overloaded at least in part, wherein a configuration of the sub-access control information is assigned at least two options for access control and wherein the access authorization is specified at least depending on the master access control information, the first sub-access control information, and a selection parameter.
  • 4. The method according to claim 1, wherein the first sub-access control information comprises at least one sub-bit, preferably at least two sub-bits, by which four bit patterns are formed.
  • 5. The method according to claim 1, wherein the first sub-access control information is scaled by at least one lower-ranking second sub-access control information.
  • 6. The method according to claim 5, wherein the memory area is divided into at least two memory blocks, and wherein access authorization to the memory blocks is specified individually by the second sub-access control information.
  • 7. A transponder, particularly passive and/or backscatter-based transponder, for an RFID system, comprising: at least one transponder; andat least one reader unit, with at least one memory area,wherein the memory area is assigned access control information to specify access authorization to the memory area,wherein the access control information comprises at least one configurable master access control information,wherein write access to the memory area is released at least by a first configuration of the master access control information and write access to the memory area is blocked by a second configuration of the master access control information,wherein the access control information comprises at least one first sub-access control information, andwherein the master access control information is scaled by the first sub-access control information, so that access authorization specified by the configuration of the master access control information is adapted to at least one additional requirement.
  • 8. A method for specifying access authorization to at least one memory area of a passive and/or backscatter-based transponder, the method comprising: assigning the memory area access control information, the access control information comprising at least one configurable master access control information, the master access control information comprising two bits, write access to the memory area being released by a first configuration of a first bit of the master access control information, and write access to the memory area being blocked by a second configuration of the first bit of the master access control information, and permanence of the access control information is specified by the second bit of the master access control information;storing the access control information in the transponder;assigning the access control information at least one settable sub-access control information; anddividing the memory area into at least two memory blocks, wherein access authorization to the memory blocks is specified individually by the sub-access control information.
  • 9. The method according to claim 8, wherein the sub-access control information comprises at least one sub-bit, preferably at least two sub-bits, particularly four sub-bits, by which 16 bit patterns are formed.
  • 10. The method according to claim 8, wherein access authorization for read access to the memory area is specified further by sub-access control information.
  • 11. The method according to claim 8, wherein the sub-access control information specifies access authorization for read and/or write access to the memory area depending on at least one password.
  • 12. The method according to claim 8, wherein the sub-access control information is overloaded at least in part, wherein a configuration of the sub-access control information is assigned at least two options for access control, and wherein the access authorization is specified at least depending on the master access control information, the sub-access control information, and a selection parameter.
  • 13. The method according to claim 8, wherein the access control information is stored at least in part in a shadow memory area, the shadow memory area being divided into sub-memory areas parallel to the memory blocks.
  • 14. The method according to claim 8, wherein the subdivision into memory blocks and/or into sub-memory areas is carried out dynamically during an initialization.
  • 15. A transponder, particularly a passive and/or backscatter-based transponder, for an RFID system, comprising: at least one transponder; andat least one reader unit having at least one memory area, the memory area being assigned access control information to specify access authorization to the memory area, and the access control information comprising at least one configurable master access control information,wherein the master access control information comprises two bits,wherein write access to the memory area is released at least by a first configuration of a first bit of the master access control information and write access to the memory area is blocked by a second configuration of the first bit of the master access control information,wherein permanence of the access control information is specified by the second bit of the master access control information,wherein the access control information comprises at least one first sub-master access control information, andwherein the memory area is divided into at least two memory blocks, access authorization to the memory blocks being specified individually by the sub-access control information.
  • 16. An RFID system comprising at least one reader unit and at least one transponder according to claim 7.
  • 17. The RFID system according to claim 16, wherein the first sub-access control information is overloaded at least in part, wherein access authorization is specified at least depending on the master access control information, the sub-access control information, and a selection parameter, and wherein at least one selection parameter is stored in a cross reference list.
  • 18. The RFID system according to claim 16, wherein at least one configuration bit, which can be read out by the reader unit, is stored in the transponder, and wherein the configuration bit indicates at least one scaling effect, a scaling intensity, and/or a selection parameter.
Priority Claims (1)
Number Date Country Kind
DE 102006032129 Jul 2006 DE national
Provisional Applications (1)
Number Date Country
60819387 Jul 2006 US