Patent Application
20110114718
The present invention relates to a method and apparatus for enforcing security in a brand protection management system (BPMS). In particular, the present invention relates to a security feature reader/writer with an integrated secure processing environment, such as a secure application module.
PCT/GB2007/001248, the contents of which are incorporated herein by reference, describes a brand protection management system. In this, goods are provided with machine-readable tags that contain authentication information. The authentication information is read from the tags using a tag reader and compared with stored authentication data, thereby to determine the authenticity or otherwise of the goods. Security of the authentication process is essential.
According to a first aspect of the present invention, there is provided a brand protection/taggant reader and/or writer instrument for use in a brand protection management system, the instrument having a secure processing environment and an insecure processing environment, the instrument being operable to split an operation between the secure and insecure environments in accordance with a defined procedure. The operation may be at least one of authentication of a brand protection feature/taggant and issuing or registration of a brand protection feature/taggant.
By delegating a subset of secure functions to a secure processing environment, such as a secure application module (SAM), key steps can be secured, whilst allowing the bulk of a process to be run in a rich, open software environment, such as provided by .NET or a Java Virtual Machine.
The instrument may be a reader for reading a security feature and/or writer for writing the security feature. The operation may be to check whether a scanned security feature, for example a machine-readable tag, is authentic. Additionally or alternatively, the operation may involve the issuing of a security feature, such as a machine-readable tag.
The instrument may be operable to read one or more types of machine readable taggants/brand protection features. Such taggants may, for example, include barcodes, one dimensional or two dimensional, RFID tags, fluorescent tags, or any other suitable taggant types.
In most cases the machine readable brand protection features/taggants will be physically attached to, or otherwise incorporated in, the articles to be authenticated.
In some cases the brand protection feature/taggant may comprise an inherent feature of the article itself which the brand protection feature/taggant instrument is configured to read, e.g. a visible or covert feature which the reader means is designed to detect/read.
For the avoidance of doubt, it will be understood that the terms “brand protection feature” or “taggant” as used herein are not intended to be limited to physical tags or markers attached to articles to be authenticated but are intended to also include invisible or covert features inherent in an article itself.
The present invention will be described by way of example only with reference to the following drawings, of which:
The PoR and PoA devices communicate with the brand protection management server system using whatever standard communication method is most appropriate for them, e.g. TCP/IP over LAN for fixed devices, or WiFi for portable devices or GSM etc. One or more PoR reader/writer devices may be linked/served using local networking such as WiFi or Ethernet, to a single Point of Registration (PoR) control device, e.g. a client Personal Computer (PC). Similarly several PoA devices may be linked/served in a similar manner by a main PoA device, e.g. a client personal computer (PC). In the description below references to the “PoA/PoR instrument” shall be understood to mean a PoA device or a PoR device or a single instrument in which a PoR device and PoA device are combined.
Included at the brand protection server is a trust management system (TMS) for ensuring security across the entire platform and a brand protection management system for analysing and storing brand management data, and controlling brand related features or functions. Also provided at the server is an instrument configuration management system (ICMS) for managing policies for control of each PoR and PoA instrument in the system. The policies include control or configuration information specifying, for example, the type of brand protection feature that is to be read, the type of processing that is to be used to authenticate a particular brand protection feature, the grade or role of user approved to use the reader, the workflow; that is the steps that a user who is operating the reader has to take; and any other brand protection feature reader information. A detailed description of workflows is provided in PCT/GB2007/002967, the contents of which are incorporated herein by reference. Included in the ICMS is a component of the trust management system, typically implemented on a Hardware Security Module (HSM) or Secure Access and Authentication Module (SAAM) or some other tamper proof security component.
Data flows from the central TMS via this to the instruments in the field. To ensure local security, each PoR and PoA device includes its own trust management system component.
The input/output module 10 has a user input 50, which may be, for example, a keypad, smart card slot or biometric scanner and a user display 55. The instrument 5 is provided with an interface 60, which may, for example, be LAN or WiFi, for communicating with the TMS, which is typically physically located on a different geographical site to the instrument. The instrument storage facility 15 includes a data store for converted authentication data and a data store for configuration data, which sets the configuration of the brand protection feature extraction module 30. The configuration details include product IDs, authentication events, their parameters, their sequencing, what tag technologies are to be used, and whether there is a link between data read from one brand protection feature and another on the same product. The configuration data is downloaded to the instrument from the instrument configuration manager.
The tag specific feature extraction and configuration block 30 contains a sensor interface 35 and a tag specific processor 40. The sensor could, for example, be a barcode scanner, an RFID tag reader or any other chosen machine-readable tag reader and/or writer device. The sensor interface 35 and tag specific processor 40 control the sensor and process the data exchanged with the sensor to read from and/or write to a tag in order to extract identification information relating to the tag and/or to configure the tag. Data extracted from the tag is converted into a common platform format by a common brand protection feature interface 45 for communication to the rest of the instrument components and vice versa for communications from the instrument to the tag.
In order to maintain security, the instrument 5 includes a secure application module (SAM) for processing and controlling the communication of authentication data between the tag reader and brand protection management server. The SAM provides a physically and logically secure module for storing authentication information and/or at least partially processing authentication requests. The SAM 65 acts as a trust management agent for the BPMS and is adapted to process and store secure information for authenticating tags using, for example, tag features that have overlapping verifiable content, such as an encrypted check, for example, a MAC or digital signature. Generally speaking, the SAM is an execution environment with limited memory and computing power.
The SAM 65 may be, for example, a smart card. There is a well defined set of specifications for SAMs and other Integrated Circuit Cards (ICC) that detail the electrical signals, communications protocols and Application Protocol Data Units (APDUs) that all such modules should be compatible with. The relevant ISO 7816 specifications are detailed in the following references: ISO/IEC ISO 7816-1, Identification cards—Integrated circuit(s) cards with contacts—Part 1: Physical characteristics, 1998 (Amendment 2003); ISO/IEC ISO 7816-2, Identification cards—Integrated circuit cards—Part 2: Cards with contacts—Dimensions and location of the contacts, 1999 (Amendment 2004); ISO/IEC ISO 7816-3, Information technology—Identification cards—Integrated circuit(s) cards with contacts—Part 3: Electronic signals and transmission protocols, 1997 (Amendment 2002); ISO/IEC ISO 7816-4, Identification cards—Integrated circuit cards—Part 4: Organization, security and commands for interchange, 2005; ISO/IEC ISO 7816-8, Identification cards—Integrated circuit(s) cards with contacts—Part 8: Commands for security operations, 2004, and ISO/IEC ISO 7816-11, Personal verification through biometric methods, 2004.
When the instrument of
The process of authenticating a tag involves three stages: using a reader instrument to convert physical phenomena into an electrical signal that can be processed; filtering or converting that signal to produce a verifiable output and verifying that output against some predefined criteria. In many cases, the security effectiveness of an anti-counterfeiting feature comes from maintaining the secrecy or covertness of the details of the processing performed in second stage. To ensure this, and in accordance with the invention, the authentication process is partitioned into secure and non-secure functions according to the availability and capability of secure processing components in the reader instrument, with all or as many as possible key security functions being implemented in the trusted environment of the SAM.
To illustrate the secure partitioning process, consider the authentication of a linear bar code that includes covert second order effects, as described in co-pending international patent application PCT/GB2007/002496, the contents of which are incorporated herein by reference. A conventional linear bar code has a plurality of bars and spaces of varying width, the width being a multiple of a unit width X. The bars and spaces can be decoded using a bar code scanning device, thereby to reveal primary data. Each bar is rectangular and has a pre-determined, uniform height. In accordance with the teachings of PCT/GB2007/002496, additional or second order information can be embedded in a conventional bar code by varying the overall shape of at least one of the bars, for example, by varying the width of the bars by an amount that is not a multiple of the unit width X. In this way secondary information can be encoded into the bar code. Variations in the shape of the bars have to be such that they do not affect the ability of a standard barcode reader to read the primary data, but sufficient to convey secondary information and preferably are indiscernible by eye.
The main steps of decoding an image with the second order effect are the same irrespective of the modulation, these being decode of the primary data, which is the read of the two-dimensional data matrix, and decode of second order effect embedded within that matrix. From a security viewpoint, the area of concern is the data extraction and subsequent processing of the second order effect modulated data. If this is performed in an observable manner or indeed on a platform that is exposed to direct manipulation of key data values, then the offering is exposed to a number of attack classes, including observation of key processes and their operation; determination of critical security parameters, for example observation of threshold values; opportunity to exploit denial of service attacks and opportunity to bypass the processing entirely by insertion of previously recorded data at key points.
In order to improve the security of the process of
In the anti-counterfeiting system of
Partitioning steps that are carried out by the PoR and PoA devices into secure parts that are implemented in the secure SAM and non-secure parts that are carried out in a less secure processing environment 20 can have many uses. For example, partitioning can be used when the PoR and PoA devices are being used in accordance with workflows that have to be authenticated and verified. Details of workflow assurance techniques are described in detail in co-pending international patent application PCT/GB2007/001248, the contents of which are incorporated herein by reference.
Workflows or executable policies are created in the BMPS using workflow and instrument configuration information provided by the ICMS. Once a workflow or policy is deployed to an instrument it is desirable to ensure that it cannot be altered maliciously. To enforce this, designated steps of the workflow, including for example, authentication of a scanned tag can be assigned to the SAM. Other non-secure steps are implemented on the general purpose processor 25. The configuration management of the workflow assuring entity enforces key steps by validating that an operation is being performed at the correct stage of a predefined process. This provides a mechanism for indicating that a violation has occurred if the incorrect sequence is followed either accidentally or intentionally.
To partition a workflow, a security specification is created by a workflow splitter, as shown in
Once the workflow is split, the ICMS processes the policy to ensure that it is in an appropriate form or version for the target instruments. The policy is then returned to the BPMS and sent to one or more selected PoR and/or PoA devices and downloaded, with the secure steps of workflow procedures being embedded within the SAM, and the non-secure steps located in the general processing environment 25.
When a workflow is deployed in an instrument instructions for the workflow are displayed to guide the operator through the procedures. All the key workflow events are captured and sent to the BPMS either immediately or as part of a batch transfer at a later time. At various points in the execution of the workflow, secure primitives are called on the SAM. Executing these secure primitives on the SAM provides one level of security as the SAM encapsulates the secure primitive in an environment with financial grade security. The secure primitives include capabilities to verify brand protection features and to securely transmit verification events to a remote BPMS.
If a secure primitive is detected (at step 1.1.1.2.1), it is mapped to a SecureTaskNode within the ICMS-SAAM policy. If a non-secure primitive is detected (at step 1.1.1.3.1), it is mapped to a TaskNode within the ICMS-SAAM policy. Having identified the secure and unsecured nodes, the ICMS-SAAM produces a configuration script for the workflow assurance enforcing entity within the instrument. In this example, as shown at step 1.2, the partitioned policy containing SecureTaskNodes and TaskNodes is passed to the ScriptManager to be converted into a configuration script for the SAM within the instrument. When this script is then transferred to the instrument's SAM, it builds the appropriate security enforcing data values that are used during policy execution to ensure the correct workflow is being followed.
When a secure primitive step is detected within a policy, a call is made to the trust agent module to inform the SAM that the policy wishes to assert that a certain point of the policy has been reached. This is effectively the state management of secure aspects of the workflow policy. The SAM can validate this in a number of different ways. For example, it could validate a certain parameter passed to the module to ensure that it is within a previously determined allowed range or is even a sensible value for the measurement taken for example or the authentication of a digital signature or message authentication cryptogram (MAC). It could also involve validation of biometric data of the user or other user authentication data such as a PIN value to ensure that they are allowed to perform the step. The next step is the execution of the secure primitive itself. This may have further authentication data associated with it gathered from an earlier stage in the process or it may simply be a request to perform an operation that is deemed sensitive, such as the generation of a BPF. This is the key workflow assuring step as it is the internal checking performed by this command, based on the previous node assertions and any other data passed during the primitive execution call that is used to determine if the SAM will produce the requested data/result.
The instrument must supply an identifier for the policy node that owns a call to a secure primitive. The SAM uses this identifier to create a current node description by concatenating a token representing the current secure primitive to the current node ID. The SAM maintains a hashtable or other suitable data structure containing a mapping from the current executing node description secure primitive to a set of the possible precursor node descriptions. A node is defined as consisting of the name of a secure primitive concatenated with the unique identifier for a node as defined in the policy. At runtime the SAM must hold a ‘last node’ variable and a ‘last secure primitive’ variable. Each time a call is made to the SAM it checks whether the concatenation of the last secure primitive and last node identifier is a valid precursor for the current node description by looking up the set of valid node descriptions in the data structure/hashtable.
To ensure that workflow steps are carried out in a specified order, the policy is processed such that for each secure primitive encountered all possible node descriptions are backtracked from each node corresponding to a secure operation. Hence, as an example,
For ReadBPF[1] only Start[0] is possible
for GenerateBPF[4] only ReadBPF[1] is possible
for ReadBPF[5] only PrintLabel[1] is possible
This comprises a small set of transition constraints that must remain true. Since these are stored in the secure processing environment, this specified order is secured and any deviation from is will indicate a violation of the workflow.
The list of preconditions can be stored in a look up table with the current node as the key, however the values of the look up table would need to be arrays or collections for the general case, in the example these are single member sets such as {“start[0]”}, eg: where the lookup table is a hashtable:
In a circumstance where there are more possible precursors to a given node then we would see something like this for a hashtable entry.
This would mean that either “PrintLabel[1]” or “ReadBPF[2]” were valid precursors for “ReadBPF[5]”
Assuming all secure methods are called by a method with the following signature
execSecurePrimitive(primitiveName, args, nodeldentifier)
Then in pseudocode this would be
When the workflow verification exception is raised, the instrument is informed of the violation of workflow sequence and may then take appropriate steps to disable a policy and transform events to the BPMS or to another system such that it is possible to inform a supervisor that there is a potential security violation to investigate.
A skilled person will appreciate that variations of the disclosed arrangements are possible without departing from the scope of the invention. Accordingly the above description of the specific embodiment is made by way of example only and not for the purposes of limitations. It will be clear to the skilled person that minor modifications may be made without significant changes to the operation described.
| Number | Date | Country | Kind |
|---|---|---|---|
| 0801811.1 | Feb 2008 | GB | national |
| Filing Document | Filing Date | Country | Kind | 371c Date |
|---|---|---|---|---|
| PCT/GB2009/000274 | 1/30/2009 | WO | 00 | 1/25/2011 |
