KR20110053030A - Security usb device and method for access control using rfid - Google Patents
Security usb device and method for access control using rfid Download PDFInfo
- Publication number
- KR20110053030A KR20110053030A KR1020090109821A KR20090109821A KR20110053030A KR 20110053030 A KR20110053030 A KR 20110053030A KR 1020090109821 A KR1020090109821 A KR 1020090109821A KR 20090109821 A KR20090109821 A KR 20090109821A KR 20110053030 A KR20110053030 A KR 20110053030A
- Authority
- KR
- South Korea
- Prior art keywords
- rfid tag
- rfid
- usb device
- security function
- secure usb
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 18
- 230000006870 function Effects 0.000 claims description 34
- 230000000903 blocking effect Effects 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
- G06F3/0622—Securing storage systems in relation to access
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K17/00—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
- G06K17/0022—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisions for transferring data to distant stations, e.g. from a sensing device
- G06K17/0029—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisions for transferring data to distant stations, e.g. from a sensing device the arrangement being specially adapted for wireless interrogation of grouped or bundled articles tagged with wireless record carriers
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Human Computer Interaction (AREA)
- Storage Device Security (AREA)
Abstract
Description
The present invention relates to a secure USB device and an access control method, and in particular, by using RFID as a secure USB device, data leakage by an unjust person who may occur when a legitimate user is away from a state allowed to use the secure USB device. The present invention relates to a method for preventing damages that may occur due to danger and undesired use of a secure USB device.
USB (Universal Serial Bus) is the most widely used connection between the host computer and peripherals. Various devices connect to the host computer via USB.
USB memory is the most widely used removable storage device with the convenience of use and the large capacity of NAND flash memory. However, since the security function is not implemented, anyone who can use the USB memory can leak important data stored inside if the device is lost. In order to make up for this, a secure USB memory has been developed that requires user authentication through login. Because access to the data stored in the secure USB memory requires user authentication through login, it is more effective in preventing the risk of data leakage due to device loss compared to the USB memory without the security function.
The USB security token is a hardware device that has an independent processor, storage space, and cryptographic device inside the device to enable secure secret key storage, signature key generation, digital signature and verification, and is also called a hardware security module (HSM). The public certificate can be safely stored in the memory space inside the USB security token, and the stored public certificate cannot be leaked to the outside. The use of USB security tokens is gradually increasing as the use of services that require public certificates and electronic signatures, such as Internet banking and online e-commerce, has increased.
When using a secure USB device such as the secure USB memory and the USB secure token, if the right user is away from the state while allowing the use of the secure USB device, access to the secure USB device is possible, There is a risk of data leakage and damage can occur due to the use of a secure USB device by an unauthorized person. For example, while a legitimate user is allowed to use a USB security token, he / she can access a database containing sensitive data by using a USB security token with an invalid self-certified certificate. May spill. As another example, when online e-commerce is used, if a user leaves the office while allowing the use of the USB security token, the USB security token may be utilized by an unjust person, causing financial damage. To compensate for this, if the secure USB device is not used for a certain time while the secure USB device is allowed, the secure USB device may be automatically locked. However, even in this case, data can be leaked before the secure USB device is locked after a legitimate user is left for a certain period of time, and the damage caused by the unwanted use of the secure USB device may occur. In addition, in order to use the secure USB device again, there is an inconvenience that a legitimate user must unlock the secure USB device every time.
In order to solve the above-mentioned problems, the present invention prevents the risk of data leakage by an unjust person who may occur when a legitimate user leaves the state while allowing the use of the secure USB device, and the secure USB device may be unfairly used. It is also to provide a secure USB device and access control method using RFID that can prevent damages and can be used immediately without a separate unlock process when a legitimate user tries to use the secure USB device again. .
In order to achieve the above object, the present invention provides an antenna enabling wireless reception of ID information stored in an RFID tag, and receiving a radio signal including RFID tag ID information from the antenna and transferring the received signal to a controller. Compared with the RFID transmitter / receiver, the received RFID tag ID and the registered RFID tag ID, a control unit for allowing or blocking access to the security function unit, a security function unit for storing the RFID tag ID and performing a security function, and a host computer. It provides a secure USB device, characterized in that it comprises an interface unit for connecting the control unit, and provides an RFID tag is stored with a legitimate user ID.
In addition, according to another object of the present invention, the step of registering the ID of the RFID tag possessed by a legitimate user in a secure USB device with a built-in RFID transmitter and receiver; Determining whether a registered RFID tag exists in a recognizable area by a secure USB device incorporating an RFID transmitter / receiver;
The control unit permits access to the security function unit when the RFID tag registered in the secure USB device with the RFID transmitter and receiver is recognized and the control unit is secured if the RFID tag registered in the secure USB device with the RFID transmitter and receiver is not recognized. It provides a secure USB device access control method using RFID, characterized in that it comprises the step of blocking access to the functional unit.
As described above, according to the secure USB device and the access control method using RFID, the risk of data leakage by an unjust person and an undesired secure USB device that may occur when a legitimate user leaves the state while allowing the use of the secure USB device are allowed. There is an effect to prevent the damage that can be caused by use. In addition, when a legitimate user tries to use the secure USB device again, there is an effect that can be used immediately without a separate unlocking process.
Hereinafter, an embodiment of the present invention will be described in detail with reference to the accompanying drawings. 1 is a block diagram showing an embodiment of the present invention, which is composed of a
Specifically, in the case of the secure USB memory, the
In the case of a USB security token, the security function consists of a cryptographic device and a storage memory space, and consists of a hardware device with a built-in independent processor that can generate digital signature keys and verify digital signatures. Can be stored, so that services such as Internet banking and online e-commerce can be used safely. In the case of the USB security token, the
The
2 is a flowchart illustrating an embodiment of the present invention. The user registers the
3 is an external view of the
Although the above has been described as being limited to the preferred embodiment of the present invention, the present invention is not limited thereto and various changes, modifications, and equivalents may be used. Therefore, the present invention can be applied by appropriately modifying the above embodiments, it will be obvious that such application also belongs to the scope of the present invention based on the technical idea described in the claims below.
1 is a block diagram according to an embodiment of the present invention.
2 is a flowchart illustrating operations according to an embodiment of the present invention.
Figure 3 Appearance of secure USB device and RFID tag according to an embodiment of the present invention
100: secure USB device
110: interface unit
120: control unit
130: RFID transmitter and receiver
140: antenna
150: security function
200: RFID tag
300: host computer
Claims (7)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020090109821A KR20110053030A (en) | 2009-11-13 | 2009-11-13 | Security usb device and method for access control using rfid |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020090109821A KR20110053030A (en) | 2009-11-13 | 2009-11-13 | Security usb device and method for access control using rfid |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20110053030A true KR20110053030A (en) | 2011-05-19 |
Family
ID=44362809
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020090109821A KR20110053030A (en) | 2009-11-13 | 2009-11-13 | Security usb device and method for access control using rfid |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20110053030A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101445617B1 (en) * | 2013-02-26 | 2014-10-06 | (주)이퓨 | Removable memory communication using a Bluetooth-based local area of security and loss prevention methods |
KR101530656B1 (en) * | 2013-11-25 | 2015-06-23 | (주)세솔 | USB memory device with authentication by RFID and its driving method |
CN112508153A (en) * | 2020-11-25 | 2021-03-16 | 中国大唐集团科学技术研究院有限公司 | Power plant industrial control system USB flash disk intelligent management and control system based on RFID technology |
-
2009
- 2009-11-13 KR KR1020090109821A patent/KR20110053030A/en not_active Application Discontinuation
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101445617B1 (en) * | 2013-02-26 | 2014-10-06 | (주)이퓨 | Removable memory communication using a Bluetooth-based local area of security and loss prevention methods |
KR101530656B1 (en) * | 2013-11-25 | 2015-06-23 | (주)세솔 | USB memory device with authentication by RFID and its driving method |
CN112508153A (en) * | 2020-11-25 | 2021-03-16 | 中国大唐集团科学技术研究院有限公司 | Power plant industrial control system USB flash disk intelligent management and control system based on RFID technology |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2554300C (en) | System and method for encrypted smart card pin entry | |
US8745395B2 (en) | Enabling use of a certificate stored in a smart card | |
US20140282992A1 (en) | Systems and methods for securing the boot process of a device using credentials stored on an authentication token | |
US20100293374A1 (en) | Secure Portable Memory Storage Device | |
US20080098134A1 (en) | Portable Storage Device and Method For Exchanging Data | |
US20070300080A1 (en) | Two-Factor Content Protection | |
TW201737151A (en) | Data security system with encryption | |
KR20060134037A (en) | Use authentication method, use authentication program, information processing device, and recording medium | |
KR20110087178A (en) | Usb security device with way for secure user-authentication and method of authentication | |
US20160246954A1 (en) | Security card having fingerprint authentication, processing system and processing method therefor | |
KR101607935B1 (en) | System for paying mobile using finger scan and method therefor | |
EP2590101B1 (en) | Authentication using stored biometric data | |
US20080046739A1 (en) | Hash of a Certificate Imported from a Smart Card | |
CA2593977C (en) | Hash of a certificate imported from a smart card | |
JP2012094146A (en) | Method and system for controlling execution of function protected by authentication of user especially relating to use of resource | |
KR20090002074A (en) | Apparatus and method for authenticating a user based on one time password with enhanced safety | |
KR20110053030A (en) | Security usb device and method for access control using rfid | |
JP2007265321A (en) | Personal identification system and personal identification method | |
US10726160B2 (en) | Localized pin management with reader verification and no disclosure | |
EP1870828A1 (en) | Two-Factor Content Protection | |
Lee et al. | A study on a secure USB mechanism that prevents the exposure of authentication information for smart human care services | |
KR101017014B1 (en) | System and method for logging in game server using smart chip | |
KR101684905B1 (en) | User authentication device for multi-authenticating by using fingerprint, security key and wireless tag | |
TW202234854A (en) | <b>WIRELESS COMMUNICATION MODULE AND CONTROLLING SYSTEM AND METHOD FOR APPLICATION DEVICE</b> | |
KR20150050335A (en) | Integrated circuit chip for user authentication and autentication method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application | ||
E601 | Decision to refuse application |