`Nerlikar
`
`[54] INFORMATION MANAGEMENT AND
`SECURITY SYSTEM
`
`[75] Inventor: Virupax M. Nerlikar. Plano, Tex.
`
`[73] Assignee: Texas Instruments Incorporated,
`Dallas, Tex.
`
`[21] Appl. No.: 283,081
`[22] Filed:
`Jul. 29, 1994
`
`US005629981A
`[11] Patent Number:
`[45] Date of Patent:
`
`5,629,981
`May 13, 1997
`
`Wall Street Journal. William M. Bulkeley, “Get ready for the
`‘smart cards’ in health care”, May 1993, one page.
`Wall Street Journal, John J. Keller, “Bells and whistles turn
`beepers into data receivers”, Sep. 1993 two pages.
`Wall Street Journal, William M. Bulkeley, “Someday, Cards
`May Make Coins Obsolete (smart cards may replace coin
`usage)”, May 1993, one page.
`Standard Register, Advertisement-—-High Tech Document
`Security Video, Jul-Aug. 1993.
`
`[51] Int Cl.6 ...................................................... .. H04L 9/00
`[52] US. Cl. ........................ .. 380/25; 380/23; 340/825.34
`[58] Field of Search .................. .. 380/23-25; 340/82534
`
`Primary Examiner-Salvatore Cangialosi
`Attorney, Agent, or Firm-Ira S. Matsil; James C. Kesterson;
`Richard L. Donaldson
`
`[56]
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`3/1986 Dreifus .................................... .. 380/23
`4,575,621
`9/1987 W'rrstrom et al.
`.... .. 380/23
`4,691,355
`4,783,798 11/1988 Leibholz et a1.
`.... .. 380/25
`
`4,819,267
`4/1989 Cargile et a1. . . . . . . . . . .
`5,053,774 10/1991 Schuermann et a1. ..
`5,153,918 10/1992 Tuai ...................... ..
`5,310,999 5/1994 Claus et al. .
`
`. . . . .. 380/23
`.... .. 342/44
`
`380/23
`
`5,319,711
`
`6/1994 Servi . . . . . . . . . . .
`
`. . . . . . . . .. 380/23
`
`5,339,073
`5,508,692
`
`340/825.31
`8/1994 Dodd et a1. .
`4/1996 Wolfram ................................. .. 380/23
`
`OTHER PUBLICATIONS
`
`“Software Giant Aiming at the O?ice,” New York Times, Jun.
`8, 1993, p. Cl.
`Hardeopy Observer; Published by Lyra Research, ‘Microsoft
`at Work’, vol. III, No. 7, Jul, 1993, pp. 31-39.
`Hardcopy Observer, “Microsoft at Work to go Home?”, vol.
`IV, No. 3, Man, 1994, p. 9.
`Hardcopy Observer; “Microsoft Gears Up to Supply at Work
`Print Software to OEM”, vol. IV, No. 2, pp. 30-32.
`Fite, 11:, Franklin, “The PC Adopts an Embedded Position”,
`Electronic Engineering Times, Apr. 25, 1994, p. 46.
`
`[57]
`
`ABSTRACT
`
`A closed loop, (networked) information management and
`security system which provides a secure, end-to-end fully
`automated solution for controlling access, transmission,
`manipulation, and auditability of high value information
`comprising an RFID transponder badge 302 and an RF
`reader transceiver 315 which is associated with a host
`peripheral or a network. The RF reader transceiver 315
`automatically identi?es and veri?es authorization of the
`RFID transponder badge holder via a “handshake” prior to
`allowing access to the host peripheral. The energy generated
`by the transmission of the interrogation signal from the RF
`reader means 315 provides a power source which is accu
`mulated and then used to activate a transponder 304
`response from the RFID transponder badge 302. The RF
`reader/transceiver 315 writes the access transaction on either
`the RFID transponder badge 302 and/or the host peripheral
`database or the network controller. Alternatively, the RF
`reader means 315 may be associated via network server with
`a LAN, WAN, or MAN. Optionally, an RFID badge 302a
`may be powered by an independent power source such as a
`?atpak battery 314.
`
`42 Claims, 7 Drawing Sheets
`
`USER SEGMENT ~—> EQUIPMENT/FACILITY SEGMENT
`
`MULT-USER/ SITE
`NETWORK SEGMENT
`
`DATA/COMM BUS
`
`SECURE cow»
`
`3953],"
`
`[l-PROCESSOR
`+LOGIC
`
`) ) > r
`
`nmnsmxr
`rumruncmou
`'
`
`WRITE
`
`.
`
`.
`
`WRITE l
`
`-DBMS(REPOSITORY)
`-cusrou
`T N
`lop m s
`
`l
`
`?ll
`
`CONTROLLER
`
`LAN/HAN
`NETWORK
`
`(PBX‘PSTN)
`WIRED
`WIRELESS
`
`cow LINK
`
`(CELLULAR,
`SATELUTE) DB5
`
`TRANSACTION DETAILS/SUMMARY
`
`.
`
`HOST/LOCAL mmsmnon' PROCESSING
`
`REMOTE/NETWORKED
`
`TRANSACTIONIPROCESSING
`
`-RF XPNDERUIRIS)
`—VOICE ROM
`—BIO—SENSOR
`_
`iggtgcossélrésrqors
`
`ZEZZZ ‘EMBEDDED’ HOST Hw/sw
`
`D-ON AND/0R RESIDENT HIV/SW (SOME MODIFICATION)
`
`PLUG-IN BOARDS AND/0R
`PCMCIA CARDS (RFID READER, MEMORY)
`
`WVR 2004
`Volkswagen v. WVR
`IPR2016-00177
`
`1
`
`
`
`U.S. Patent
`
`5,629,981
`
`mam§8\<:.o
`
`e_m>mm:-:§
`
`Ezaméoamz
`
`
`
`
`
`Exam::_o§>z§%SsmzommEm:
`
`Al:28H._%8mAlo_..E
`
`m.MNNmmmmuagmmmMNmm:_:~_wmfm
`
`
`
`
`
`
`
`
`
`“RRuRRRR“m.§E2228\~Wo}wm%\n_\w\fl.\“xxxxuxummmmmmmmmmmmx“Bxmoamz525:§Mo_uo4+xx.7\\\\\\\\\\\\\\\\\\\\\\\\\\\uum9$:oEz8
`
`
`.um.\\\\\\\\\\\\\\\.
`
`
`
`cam;xmncmommmoommnaN\\mm_x<:maz<:wfi:~=s\o<m5m
`
`Innw\\w\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\smm_.§_;“1\_mmmmm
`
`
`
`éoamz.589..w320.0?Nm.Do.o..:n~Emz<E2Szzxxxx
`
`
`
`
`
`oz_m$8E=zoE<mz<E.SO58:
`
`
`
`$_o=mo&5m=ma-M8.03:35mzeao.558.E:Ma$5333
`9$_o;:z\Ho_.EE<§=m\£_<:ozoE<mz<E%mEm-o_m-HIAE:9-
`
`
`
`
`
`oz_m$8EzoE<mz<Emmomzmm822$
`
`
`msax#7
`
`zoemoamna-
`
`
`
`
`
`EOE:.Eo§_93was<§§Azo:5:_8:mzoa2&3::E_.nE%\gz<zoé:
`
`
`
`
`%>_z<mezom27%:am}:so:,8§mE..
`
`
`
`
`
`2
`
`
`
`
`
`
`
`U.S. Patent
`
`May 13, 1997
`
`Sheet 2 of 7
`
`5,629,981
`
`§<zo:smmm25mam:_._
`
`.m.__mo_2.mo
`
`
`
`
`
`:,m_s_n_58gas”..__
`
`N.b.>..~
`
`
`uI.l.lL _l|u..I.|.l.l||II__E20503_Jmaa.5502._—I|.l.I
`
`
`22:229
`
`2:5:855.53..
`
`
`
`
`\m_zo:<>é._E.mz<Ezo:<§Ez_uN:<Ez_mo:
`zo:_2§Ez_z_8S~§mAzo:5o<§_<H<e§<;E<=
`
`
`
`
`
`H:m__Ema-.\.%.%.”_~_.u.,.....-m\Nw__~_<.m_+__$mE38”.~Emz<Ez.m.._¥_.‘4.“_~._fiz_
`
`
`
`
`
`
`
`a:zE_8~_EfieamEm:
`2.2.a:zm_n__B~_
`
`
`
`esm@$>m_mseam2fizmmE252
`
`
`BEEH5oz<.mmva§..mmfimmwfloo
`
`
`
`
`
`3
`
`
`
`
`
`
`
`US. Patent
`
`May 13, 1997
`
`Sheet 3 of 7
`
`5,629,981
`
`4
`
`
`
`U.S. Patent
`
`May 13, 1997
`
`Sheet 4 0f 7
`
`5,629,981
`
`"—HEADER——>
`
`<—FOOTER
`
`PAYLOAD
`(ACTUAL INFO CONTENT)
`
`CONFIG CONTROL
`
`AUTHORIZED USER
`ID, DESTINATION(S)
`OR RECIPIENTIS) IDs
`
`MAX SECURITY
`CLASSIFICATION CODE '__
`
`REVISION CONTROL
`
`TRANSACTION DATE/
`TIME/LOCATION STAMP w
`
`ERROR BITS -————
`
`AUTHORIZED BROADCAST
`MSG [D5
`_"_'
`
`PRIORITY BITS ——————
`
`SECONDARY ID CODE/BIO
`SIGNATURE ADDRESS IN—————--
`SERVER DATABASE
`
`ACKNOWLEDGE
`
`OTHER SENSOR INPUTS
`
`OTHER NETWORK CONTROL
`(DBMS UPLINK/DOWNLINK)
`FIG. 4
`
`5
`
`
`
`US. Patent
`
`May 13, 1997
`
`Sheet 5 of 7
`
`5,629,981
`
`MULT-USER
`NETWORK SERVER\
`'
`502
`
`REFURBlSH KEQUIPMENT
`
`\
`
`READER
`F‘; """""""" "
`./M LE
`L
`1
`520 \L __________________ __
`($2
`
`0
`
`M
`
`Y
`
`K
`
`FIG. 55
`
`f\
`\F
`
`J
`x
`\ 512
`1/
`
`EP INTELLIGENT
`CASSETTE
`510
`
`\
`71} \
`\
`514
`
`6
`
`
`
`U.S. Patent
`
`May 13, 1997
`
`Sheet 6 of 7
`
`5,629,981
`
`
`
`
`
` mafia<_8:|:.S2dmn_n=uEozomxn__..EA| <839¢mo829$B
`
`we.m_.._:_~_o3<29:28mass
`
`$mE<zo_m55>E55Ema:..
`
`
`a§zE_8~_>mVEozmm._
`
`
`
`m.U~...~
`
`
`
`aux:mo5m<Eo$
`mEo<nEzoxnEE
`
`
`
`=2:$:oEz8.
`
`
`
`
`
`
`88;.5_oamac:.$zoE>_s=3o\e_8_.ml:uI%m.m
`39:wzsm_mm<E55:zomEn_.mmageeéma
`
`:28zzommfi.
`35SeaB<z§E55
`
`9l
`
`
`E;Efigzmm
`
`
`Eowiam_m<m-E;o._.
`
`
`E025m.m<méazo_5<mz<E._
`
`9.5zoE8n_
`2T8:
`
`Q3
`
`
`
`EOE..E.E..
`
`finassm_lI..8<mE5
`mEm-_:=_2Es;
`
`
`
`
`
`agaooz_>_§~_\wzm__n__§
`
`Ezmwvzozmz
`
`mo
`
`
`
`88_§_;m><EzmaSE0
`
`mo
`
`
`
`2225><:~Em<m
`
`--
`unuunu
`‘
`EIUEIEI U0
`uununu
`
`-——@]|I
`
`7
`
`
`
`
`
`U.S. Patent
`
`5,629,981
`
`
`
`
`7vac;2V20;2M,Sas___/.505aszo_fl5_§<m§m\m=55>:5E3~_o>_z<mzo_E:&<
`
`55>Q:asmama:\5?:E;2m>_asEz_55$4/m,H.a_Em $>::.=Eso1,mgéaam502%m$>_%_\Q:zo=5:&<B§_>§
`
`
`oWas2;K/.<5$5;%>_z<xi,2
`
`
`
`_s/rzoE%n\_%95Q3mo22MEESm$>_%<%%_.__2m:m_vr_m~_oMW$_,£W_m_._o
`
`
`
`
`
`mzo:5:&<ms:zo:§§<ma<mm_255>aszo:§E<ms:zo:5:&<\EmaOZEEO
`
`
`
`
`am55;oz_§EoEmauzzsmna
`
`mm_>_.:z_~ESou____8%|%em>
`
`u___a%-§E>
`
`mzo:5:&<
`
`33xi
`
`oza<mm=..me
`
`mzo_E:&<
`
`
`
`Emaoz:<E%m_o<m$285>/7
`
`o_§._m-%§>mzo:<o_._&<
`vac;E555ozzéao
`
`4/aszo:§§<_m-2
`
`25:moomsmzo:§§<
`
`o:_a&-%em>
`
`85xi
`
`oz:z§me
`
`V29;2
`
`4<2m>_._n_
`
`$55I\zo_E_§<
`
`
`
`057%
`
`maamzsz
`
`
`
`ms:zo:s:&<
`
`mama:55>
`
`A65%
`
`E§n_w-§zm>
`
`mzo:§§<
`
`8
`
`
`
`
`
`
`
`
`1
`INFORMATION MANAGEMENT AND
`SECURITY SYSTEM
`
`BACKGROUND OF THE INVENTION
`
`1. Field of the Invention
`The present invention relates to a complete, end-to-end,
`automatic transaction control/monitoring method for
`transmitting. under variable and high levels of security,
`high-value business, personal. or Federal/military
`information, on a real or near real-time basis.
`2. Related Art
`A “secure document” or “secure information” is any
`document media (paper, disc, voice, video, etc.) containing
`U.S. classi?ed documents or information (i.e. “con?dential,”
`“secret,” “top secret.” etc.), business-sensitive, proprietary
`documents or information. highly personal documents or
`information, and any document or information where lim
`ited and fully controlled/auditable access is desired.
`If an individual wishes to send a secure document via
`telefacsimile, for example, the current method of sending
`such a secure document is to call the receiving end and
`somehow make sure by voice communication that the
`intended, authorized recipient is standing at the other end at
`the receiving telefacsimile. Once the identity and proximity
`to the receiving telefacsirnile of the intended recipient
`(mainly, via voice familiarity) is veri?ed, the sending indi
`vidual sends the document. After sending, the intended
`recipient provides con?rmation to the sending individuals
`that the document was printed and received.
`The same limited security procedure is followed when
`printing information ?'om an electronic database to a remote
`conventional printer or other terminal device.
`Thus, current hardware and systems involve limited or no
`automation in handling such secure documents or informa
`tion on both a local and network basis. The systems and
`procedures currently available are mainly “person(s)-in-the
`loop” systems which require certain labor-intensive actions
`and a high degree of manual coordination to achieve a
`limited “secure” operation. The labor-intensive aspect of this
`coordination procedure greatly increases the duration and
`costs of transmission while it decreases productivity.
`Therefore. there is a need in the art to provide a method of
`transmitting secure documents in a way which does not
`require such labor-intensive manual assistance.
`It is noted that some islands of automation are available,
`but no end-to-end automation, with full auditability and
`real-time or near real-time control. Current systems such as
`a secure telephone unit (“STU”) or STU facsimile machines
`assure no illegal tapping or eavesdropping but do not
`guarantee that the caller, recipient, or group is positively
`identi?ed or is an authorized user or recipient. The positive
`identi?cation and veri?cation of authorization is always
`performed manually. Thus, there is a need for end-to-eud
`automation, with full auditability and real-time or near
`real-time control of the transmission of secure documents
`and information.
`A similar problem occurs in handling secure documents
`and secure information relating to work for various Federal
`agencies, including, US. Department of Defense (DOD).
`Secure documents and information are often located in a
`special ?le cabinet ?tted with a piece of securing hardware,
`e.g., a number lock or combination lock, which is approved
`by the DOD. Every time the ?le cabinet is entered, the
`entering individual must manually enter a myriad of infor
`mation into a log such as: which document was used; who
`
`10
`
`15
`
`25
`
`35
`
`45
`
`50
`
`55
`
`65
`
`5,629,981
`
`2
`handled it; date; time; and what was done with the document
`(ie. document was copied; document was sent to another
`individual at another site). The DOD requires auditing and
`noti?cation at the end of each month of all the people who
`handled each secure document. At the very least, the DOD
`requirements compel manual compilation of all the logs
`which is extremely tedious and costly.
`Therefore, there is a need in the art to provide a cost
`effective automatic auditing and monitoring capability
`which also provides electronic time, date and place identi
`?cation stamps.
`Further, these specially secured ?le cabinets are often
`grouped in secure rooms that have doors secured by special
`locks. Upon entry into the room, an additional log must be
`maintained to provide noti?cation and accounting to the
`DOD. This additional step also creates additional delay in
`effective work time and greatly increases costs.
`Therefore. there is a need in the art to provide a cost
`e?’ective automatic room security which mechanizes the
`room access logs and thereby decreasing costs and increas
`ing productivity.
`Exacerbating the foregoing problems. in order to copy
`certain secret government documents, only certain “secure”
`or tempest class copiers may be used so that the copier OPC
`drum may be cleared after copying and cartridges may be
`disposed of by only authorized personnel. Before these
`copies are made, a log sheet must be completed providing
`the details of the copying of the document. This creates yet
`another labor-consuming delay that increases costs and
`decreases productivity. In fact, access logs and usage data
`are generally maintained manually for secure facilities,
`information handling equipment, and users.
`Therefore, there is a need in the art to provide an
`automatic information management and security system
`which eliminates the time ine?iciencies and waste associ
`ated with manual logging and tracldng of copies of high
`value, secret documents.
`Underlying the entire system is the fact that it is up to the
`employees and security personnel to verify whether a par
`ticular individual has a secret clearance, badge code number,
`or some other indicia of authorization and identi?cation.
`Therefore, to prevent improper access, manual or personal
`direct intervention is required to verify both autlrorizatiou
`and need to know in order to prevent improper and unau
`thorized transfer of secure documents. The veri?cation by
`employees diverts resources from productive activity. The
`veri?cation by security personnel results in additional salary
`or expense overhead.
`Therefore, there is a need in the art to provide a system
`which greatly reduces the need for manual intervention to
`prevent unauthorized transfer of secure, proprietary and
`personal documents.
`On a related matter, when an individual’ s authorization is
`revoked and the individual gains unauthorized access to
`secure documents a security breach occurs. When this
`security breach is manually detected, it is impossible to
`inform all the employees and/or security personnel of the
`breach in a timely fashion in order to insure manual inter
`vention. In a large company, timely noti?cation and com
`munication of the changing authorizations of employees is
`relatively impossible. This is because authorization has
`traditionally been carried in the form of a color-coded badge
`or the like. As a result, if the security of a document has been
`breached by use of an authorization which has been termi
`nated or forged, an entire month or more could pass before
`the monthly DOD audit discovers the security breach.
`
`9
`
`
`
`5,629,981
`
`3
`Therefore, there is a need in the art to provide an
`automated system for continuously updating comprehensive
`information about the authorizations of individuals, and to
`prevent unauthorized access to secure documents at the time
`access is attempted (real-time control).
`Transmission of secure information (documents, data,
`video, etc.) is even more of a concern, given the planned
`of?ce integration/automation Systems and Architectures
`(SW/HW) of the future; a la the ones announced by the
`Microsoft Corporation (“Microsoft-At-Work”, see FIG. 7),
`Adobe (“Acrobat” for Print Documents). Apple Computer
`(“OCE”), General Magic (“Magic Cap”) etc. covering the
`emerging multi-media information management systems for
`o?ice and home. For example, the Microsoft Corporation is
`working on a new project currently called “Microsoft at
`Wor ” which would allow a worker to write a report and, by
`tapping a key, have 20 copies of the report printed, copied,
`and collated on one machine, thereby eliminating the step of
`having an individual take the report from the printer and take
`it to a photocopy machine where 20 copies are made. See
`“Software GiantAiming at the O?ice,” New York Times, Jun.
`8, 1993, p. Cl. See also, Hardcopy Observer, published by
`Lyra Research: Vol. 111, Number 7, “Microsoft at Work
`O?ice,” pp. 31-39 (July 1993); Vol. IV, Number 2,
`“Microsoft-at-Work Software,” p. 30 (February 1994); Vol.
`IV, Number 3, “Microsoft-at-Work For Home Entertainment
`(SEGA games)”, p. 9 (March 1994). In essence, the systems
`of the future integrate paper and electronic mediums.
`Therefore, there is a need in the art to provide an
`automated information management and security system
`which would be compatible with the present o?ice
`technology, yet would be compatible with potential inte
`grated o?ice equipment, networks, and architectures of the
`future.
`The present invention provides an information manage
`ment and security system which overcomes the shortcom
`ings of the known systems providing various advantages
`such as instantaneous, multiple secure access(es) and mini
`mizing the total “life-cycle” costs of managing “secure”
`information (from inception to destruction) utilizing present
`technology while being also compatible with new technol
`ogy contemplated for the future. Also provides for transac
`tion database services such as archiving, historic usage
`trends, transaction reporting/abstracting (user-de?nable) ser
`vices.
`
`SUMMARY OF THE INVENTION
`It is in view of the above problems that the present
`invention was developed. The invention is a closed loop
`information management and security system which pro
`vides a secure end-to-end and automated solution for con
`trolling access, transmission, manipulation, auditability con
`trol of classi?ed, mission-critical, high-value information
`managed by DOD, National Security Agency, other Federal
`Agencies, businesses, and individuals respectively.
`The invention has both a generic core or kernel applicable
`to broad application domains, and a customization scheme
`(e.g., software, ?rmware) to support unique user-speci?c
`needs. In addition, the basic generic solution kernel of the
`present invention can be mapped onto existing MIS solu
`tions for ease of upgrade or retro?t.
`The present invention allows information management to
`be “transaction based.” Each automatic information trans
`action is built around a sequence such as a positive caller and
`recipient handshake and identi?cation (“ID”), information
`upgrade (Write) record, con?guration control (date, time,
`
`50
`
`55
`
`65
`
`10
`
`20
`
`25
`
`30
`
`35
`
`45
`
`4
`location and revision stamp), creation of a transaction sum
`marizing “communication data stream” (e.g., ATM cell,
`frame) packet, destination 1]), additional authentication
`(e.g., voice signature, biographical identi?cation), send and
`receive date/time, location stamp, etc. The host computer,
`network server or network controller maintains this “trans
`action” log automatically and dynamically maintains infor
`mation authorization, usage, movement, and an upgrade]
`change log and foils any unauthorized access or tampering
`and does any real-time reclassi?cation or declassi?cation as
`required. As such, this is a “transaction” based system that
`can be enhanced to add fault tolerance, redundancy,
`software-based access control algorithm creation, etc. to
`provide a ?exible system.
`Brie?y, in its most generic sense, the present invention
`comprises a read/write type radio frequency identi?cation
`(“RFID” Radio Frequency, InfraRed or optical) means
`(transponder) and a radio frequency (transceiver) reader
`(“RF reader”) means which is associated with a host periph
`eral or terminal device wherein the RF reader means pas
`sively and automatically identi?es and veri?es authorization
`of the RFID means via a “handshake” prior to allowing
`access to the host peripheral or terminal device or an
`information network Preferably, the RF reader means writes
`the complete transaction via a unique “packet”) on the RFID
`means, and/or the host peripheral or terminal or a network
`server device. In this fashion, the history of all transactions
`may be stored on the RFID means and/or host peripheral or
`terminal device. The present invention may be provided
`commercially in a “securitization kit” to upgrade existing
`equipment and information-handling facilities.
`In a second aspect of the present invention, the RF reader
`means is embedded, plugged-in, connected or associated
`With the host peripheral or terminal device. Once a trans
`action is completed the RF reader means may record and
`write the transaction on the RFID means, and/or the host
`peripheral or terminal device, and/or a server database
`connected or associated with the terminal device.
`Optionally, the RFID means may further include stored
`biological data in ROM such as digitized voice signature,
`retina scan, ?ngerprints, etc. and other analog sensors
`(temperature, humidity, pressure, etc.) as well as commer
`cially available physical “position” sensors such as Global
`Positioning System (“GPS”), coastal navigation system
`(LORAN), or other satellite/magnetic based positioning
`system. As an added security feature the RFID means may
`include electronic hardware and/or software encryption
`means to statically and dynamically “encrypt” the autho
`rized user identi?cation code, information destination, trans
`action location, time/date, con?guration control, and sec
`ondary biological user(s) identi?cation.
`In a third aspect of the invention the RFID means may be
`coupled with an independent power source such as a battery.
`The RFID means may comprise an integrated ID, memory
`storage, and a communications device such as a Personal
`Computer card (“PC card”) which conforms to standards
`promulgated by the Personal Computer Memory Card Inter
`national Association (“PCMCIA”) having an RF
`transponder, mass memory, 2-way communication port(s)
`and input/output data means. Optionally, the RFII) means
`has encryption device (Integrated Circuit) means to encrypt
`the output data. In addition, the RFID has unique biographi
`cal information patterns in Read Only Memory (ROM) for
`“static” information and “dynamic” position, time, place,
`date information.
`In one preferred embodiment, the RFID means is elec
`tronically similar to the “bullet” or ?at-pack card disclosed
`
`10
`
`
`
`5
`in US. Pat. No. 5,053,774 to Schuerrnann et al., which is
`hereby incorporated by reference in its entirety.
`The RF reader means is preferably an RFID reader
`module which comprises a plug-in PC card having a com
`munication antenna. an RF module, a control module, and
`input/out data means. Optionally, the RFID reader means
`comprise data packetization means, encryption means and
`bus control means.
`The invention provides an advantage by minimizing over
`all life-cycle-cost to manage high value information from its
`inception to the end of its usefulness. The invention also
`provides an advantage by allowing real-time, dynamic clas
`si?cation of information in case of a security breach or
`authorization changes (levels, users. time, place, etc.).
`Because the present invention is transaction-based, the
`invention also has important applications in “pay-per-use”,
`intelligent electrophotographic toner/development printer
`cartridges, and ink-jet and thermal transfer cassettes suitable
`for use in existing and emerging monochrome and color hard
`copy printing devices such as printers and copiers as well as
`information transmission/input devices such as telephones,
`pagers, facsimile machines or telecopiers, modems,
`scanners, etc.
`The unique system elements required to facilitate a pay
`per-use type transaction record are a transponder, or reader,
`and external mass memory for transaction data storage in a
`peripheral network server and/or “pluggable” Integrated
`Circuit (“1C”) cards commonly referred to in the industry as
`?ash cards or Personal Computer cards (“PC cards”) which
`conform to standards promulgated by the Personal Com
`puter Memory Card International Association (“PCMCIA”).
`Further features and advantages of the present invention,
`as well as the structure and operation of various embodi
`ments of the present invention, are described in detail below
`with reference to the accompanying drawings.
`BRIEF DESCRIPTION OF THE DRAWINGS
`The accompanying drawings, which are incorporated in
`and form a part of the speci?cation, illustrate the embodi
`ments of the present invention and together with the
`description. serve to explain the principles of the invention.
`In the drawings:
`FIG. 1 illustrates a system architecture and partition block
`diagram of the present invention;
`FIG. 2 illustrates a typical secure transaction sequence in
`accordance with the present invention;
`FIG. 3a illustrates in greater detail a passive, user “read/
`write” type RFID badge suitable for the user segment of the
`information management and security system;
`FIG. 3b illustrates an “active” user RFID badge of FIG. 3a
`and a battery to enhance speed and range of the ID device
`and the transaction;
`FIG. 3c illustrates a reader “transceiver” module of the
`present invention;
`FIG. 4 illustrates one transaction packetization scheme
`suitable for use in said information management and secu
`rity system; and
`FIGS. 5A and 5B illustrate a general hardware layout in
`a speci?c high-value printing cartridge refurbishment appli
`cation of said information management and security system.
`FIG. 6 illustrates a speci?c application of said information
`management and security system utilizing technology from
`the cellular communications industry.
`FIG. 7 illustrates a planned computer based system which
`allows electronic signal interaction between various network
`devices.
`
`5,629,981
`
`6
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`Referring to the accompanying drawings in which like
`reference numbers indicate like elements, FIG. 1 and FIG. 2
`illustrate one general system block diagram for the present
`invention while FIGS. 3a, 3b, and 3c depict certain hardware
`elements which may be used in the present invention.
`To provide an overview, in its most generic sense, the
`present invention comprises an RFID means and a radio
`frequency reader (“RF reader”) means which associated
`with a terminal device or other equipment such as a lock
`mechanism, wherein said RF reader means automatically
`interrogates said RFID means which responds by broadcast
`ing identi?cation so that said RF reader means identi?es and
`veri?es authorization of the RFID means and either stores a
`record of the transaction or communicates a record of the
`transaction to a server database prior to allowing access to
`the terminal device or other equipment.
`The present invention may be viewed from a transaction
`standpoint Each transaction is enabled by the hardware
`comprising an intelligent identi?cation means, a reader
`means, and network host hardware. The transaction is also
`enabled by transaction management software that de?nes
`initial handshakes, sequences and packetization scheme(s)
`for identi?cation and authentication. Further, each transac
`tion will carry a date and time stamp and optionally carry a
`location stamp which provides auditability and traceability.
`These stamps may be dynamically and automatically created
`inside each reader module.
`Accordingly, the present invention comprises three seg
`ments: a user segment, an equipment or facility segment,
`and a multi-user or site network segment
`The user segment is comprised of individuals wishing to
`send and receive information such as secure documents. For
`the user segment, the present invention requires intelligent
`identi?cation means, preferably RFID means as stated
`above. The RFID means may be any device which allows
`positive identi?cation of the wearer and which provides an
`ability to communicate with the single or multiple host/
`network equipment(s) or facility segment(s).
`The term “terminal device” is broadly de?ned as any type
`of electronic equipment or hardware, e.g. printer, copier,
`pager, personal computer (PC), facsimile machine, work
`stations, video, terminal, telephone, VCR, radio, electronic
`door mechanism, mass memory storage device, data storage
`device for storing log data, modern, etc. Preferably, the RF
`reader means provides identi?cation security and then writes
`the transaction on the (portable or ?xed) RFID means and/or
`a server database connected or associated with the terminal
`device or other equipment. Further, the history of all trans
`actions may be stored on the RFID means and/or server
`database. The present invention may be provided commer
`cially in a “securitization kit” to upgrade existing facilities.
`In the preferred embodiment, such identi?cation means is
`preferably in the form of a user RFID badge transponder
`(hereinafter “RFID badge” or “RFID transponder”) or secu
`rity badge. Such an “RFID transponder” is an active or
`passive read only or read/write transponder which operates
`via radio frequency means, infrared means, or other optical
`means at a low, high or auto-frequency.
`Under the present invention, the user segment, at least a
`group of individuals, wears an intelligent, passive user RFID
`badge. It is noted that the present invention does not require
`additional inconvenience on the part of the user segment as
`wearing dumb 1D badges is a fact of life in the defense and
`
`10
`
`20
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`65
`
`11
`
`
`
`5,629,981
`
`10
`
`15
`
`7
`business world wherein security clearances are written on
`badges manually. Thus, the user RFID badge aspect of the
`invention is an improvement over current technology
`because security clearance information need not be physi
`cally visible for the public to read.
`Such a user RFID badge is illustrated in FIGS. 3a and 3b.
`The uses of each type of user RFID badge are more fully set
`forth in examples 1 and 2. Both user RFID badges (passive)
`shown generally at 302 and 303 (active, with battery)
`commonly include a Personal Computer card (“PC card”)
`which conforms to standards promulgated by the Personal
`Computer Memory Card International Association
`(“PCMCIA”) having an RF read/write transponder 304,
`application-speci?c, electronic mass memory 308, transpon
`der antenna (screened on) 306, and input/output data means
`312. Optionally, the input/output data means 312 includes
`unique encryption (hardware or software) means 313 to
`decrypt input data and encrypt the output data/packets etc.
`via a specialty crypro Application Speci?c IC (ASIC) in the
`form of a random number generator chip or utilizing hard
`ware or software “crypto keys” for information/date encryp
`tion which is user-de?nable. Optionally, the user RFID
`badge 310 can also store a person’s unique biological
`digitized data in Read Only Memory (“ROM”) 310 for
`enhanced authentication purposes, e.g. digital voice
`signature, digitized ?ngerprints, or digitized eye retina
`prints, etc.
`With reference to FIG. 3b, the user RFlD badge shown
`generally at 302a uses the PC card 303 of FIG. 3a and is
`physically and electrically joined to a ?atpak battery power
`source 314. Applications speci?c to this user RFID badge
`302a are more fully explored in Example 2.
`With reference to FIG. 30, the equipment or facility
`segment of the present invention requires an RFID reader
`35
`means which may be of plug-in or built-in type. The RF
`reader means is de?ned as a multi-frequency, range-adaptive
`radio frequency transceiver preferably in the form of an
`RFID reader module shown generally at 315 which com
`prises a plug-in PC card 317 having a control module 316 for
`controlling an RF module 318 connected to a communica
`tion antenna 320, and having input/output data means 322.
`Optionally, the RFID reader means comprise integrated
`circuits (ICs) such as data packetization means 321, encryp
`tion means IC 324 and bus control means 326 possibly
`connected via modem (wired or wireless) to the network
`server.
`Encryption means IC 324 is preferably a specialty crypto
`ASIC similar to that described for input/output data means
`313.
`50
`The facility segment also may require a LAN/WAN
`network server, controller or host hardware, not shown. The
`preferred reader module may operate in a low (up to 400
`KHZ) or high (microwave>900 MHZ) frequency range. For
`example, in the low frequency range the transponder may
`use Texas Instruments Radio Identi?cation SystemTM
`(“TIRISTM”) technology. TIRISTM technology is more fully
`discussed in the ’774 patent.
`The network segment requires some type of host hard
`ware to handle and manage the information and security
`system. The host hardware functions to authenticate autho
`rized user IDs, track roaming user locations, and co