EP1278164A3 - System and method for changing the functionality of a security module - Google Patents
System and method for changing the functionality of a security module Download PDFInfo
- Publication number
- EP1278164A3 EP1278164A3 EP02090220A EP02090220A EP1278164A3 EP 1278164 A3 EP1278164 A3 EP 1278164A3 EP 02090220 A EP02090220 A EP 02090220A EP 02090220 A EP02090220 A EP 02090220A EP 1278164 A3 EP1278164 A3 EP 1278164A3
- Authority
- EP
- European Patent Office
- Prior art keywords
- security module
- application program
- data
- memory
- functionality
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00185—Details internally of apparatus in a franking system, e.g. franking machine at customer or apparatus at post office
- G07B17/00193—Constructional details of apparatus in a franking system
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00185—Details internally of apparatus in a franking system, e.g. franking machine at customer or apparatus at post office
- G07B17/00193—Constructional details of apparatus in a franking system
- G07B2017/00258—Electronic hardware aspects, e.g. type of circuits used
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/00959—Cryptographic modules, e.g. a PC encryption board
- G07B2017/00967—PSD [Postal Security Device] as defined by the USPS [US Postal Service]
Abstract
Eine Anordnung und ein Verfahren zum Ändern der Funktionalität eines Sicherheitsmoduls verwenden ein im Flash-Programmspeicher (128) gespeichertes Startladeprogramm zur Reprogrammierung des Flash-Programmspeichers, indem es teilweise in einen Arbeitsspeicher (121) des Sicherheitsmoduls (100) kopiert wird. Im Kommunikationsinterface (160) des Sicherheitsmoduls (100) werden Daten mindestens eines Teils eines Anwendungsprogramms, ein zugehöriger Zertifikatcode und Kennungsdaten bereitgestellt. Die Daten des Teils des Anwendungsprogramms werden auf einem freien Speicherplatz des Flash-Programmspeichers (128) gespeichert, wenn die Kennungsdaten einen Folgezustand vom gespeicherten Zustand kennzeichnen. Die Authentizität des geladenen Teils des Anwendungsprogramms wird mittels des Zertifikatcodes überprüft, wobei bei Authentizität des geladenen Teils des Anwendungsprogramms letzteres als gültig gespeichert wird. An arrangement and method for modifying the functionality of a security module uses a boot loader stored in the flash program memory (128) to reprogram the flash program memory by partially copying it into a random access memory (121) of the security module (100). In the communication interface (160) of the security module (100) data of at least a part of an application program, an associated certificate code and identification data are provided. The data of the portion of the application program is stored in a free memory space of the flash program memory (128) when the tag data identifies a sequential state of the stored state. The authenticity of the loaded part of the application program is checked by means of the certificate code, with the authenticity of the loaded part of the application program storing the latter as valid.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE10137505 | 2001-07-16 | ||
DE10137505A DE10137505B4 (en) | 2001-07-16 | 2001-07-16 | Arrangement and method for changing the functionality of a security module |
Publications (3)
Publication Number | Publication Date |
---|---|
EP1278164A2 EP1278164A2 (en) | 2003-01-22 |
EP1278164A3 true EP1278164A3 (en) | 2004-01-14 |
EP1278164B1 EP1278164B1 (en) | 2013-01-16 |
Family
ID=7693871
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP02090220A Expired - Lifetime EP1278164B1 (en) | 2001-07-16 | 2002-06-22 | System and method for changing the functionality of a security module |
Country Status (3)
Country | Link |
---|---|
US (1) | US7043631B2 (en) |
EP (1) | EP1278164B1 (en) |
DE (1) | DE10137505B4 (en) |
Families Citing this family (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8347078B2 (en) | 2004-10-18 | 2013-01-01 | Microsoft Corporation | Device certificate individualization |
US8621597B1 (en) * | 2004-10-22 | 2013-12-31 | Xilinx, Inc. | Apparatus and method for automatic self-erasing of programmable logic devices |
US8336085B2 (en) | 2004-11-15 | 2012-12-18 | Microsoft Corporation | Tuning product policy using observed evidence of customer behavior |
US20060174125A1 (en) * | 2005-01-31 | 2006-08-03 | Brookner George M | Multiple cryptographic key security device |
US8099324B2 (en) * | 2005-03-29 | 2012-01-17 | Microsoft Corporation | Securely providing advertising subsidized computer usage |
US20060236375A1 (en) | 2005-04-15 | 2006-10-19 | Tarik Hammadou | Method and system for configurable security and surveillance systems |
US20060265736A1 (en) * | 2005-05-19 | 2006-11-23 | Gilbarco Inc. | Encryption system and method for legacy devices in a retail environment |
US8508607B2 (en) * | 2005-09-06 | 2013-08-13 | Its-7 | Method and system for a programmable camera for configurable security and surveillance systems |
US20070174910A1 (en) * | 2005-12-13 | 2007-07-26 | Zachman Frederick J | Computer memory security platform |
US8176567B2 (en) * | 2005-12-22 | 2012-05-08 | Pitney Bowes Inc. | Apparatus and method to limit access to selected sub-program in a software system |
US20070204323A1 (en) * | 2006-02-24 | 2007-08-30 | Rockwell Automation Technologies, Inc. | Auto-detection capabilities for out of the box experience |
DE102007011309B4 (en) | 2007-03-06 | 2008-11-20 | Francotyp-Postalia Gmbh | Method for authenticated transmission of a personalized data record or program to a hardware security module, in particular a franking machine |
DE102007016170A1 (en) | 2007-04-02 | 2008-10-09 | Francotyp-Postalia Gmbh | Security module for a franking machine |
DE102007039809A1 (en) * | 2007-08-23 | 2009-02-26 | Bayerische Motoren Werke Aktiengesellschaft | Control device software updating method for on-board supply system of motor vehicle, involves testing transferred user data by signed data record for authenticity of data record, and using user data as authentic user data |
EP2071898A1 (en) * | 2007-12-10 | 2009-06-17 | Telefonaktiebolaget LM Ericsson (publ) | Method for alteration of integrity protected data in a device, computer program product and device implementing the method |
US8201267B2 (en) * | 2008-10-24 | 2012-06-12 | Pitney Bowes Inc. | Cryptographic device having active clearing of memory regardless of state of external power |
DE102010017798A1 (en) | 2010-07-07 | 2012-01-12 | Turck Holding Gmbh | Parameterization adapter receives control parameters for electrically operated device from programming device through communication interface, and transmits control parameters to device through device interface |
JP5999185B2 (en) * | 2012-08-22 | 2016-09-28 | 富士通株式会社 | Authentication method and authentication program |
JPWO2014049830A1 (en) * | 2012-09-28 | 2016-08-22 | 富士通株式会社 | Information processing apparatus and semiconductor device |
WO2014127536A1 (en) * | 2013-02-25 | 2014-08-28 | Intel Corporation | Method, apparatus, system, and machine readable storage medium for providing software security |
KR102537788B1 (en) * | 2018-11-28 | 2023-05-30 | 삼성전자주식회사 | Server and method for determining the integrity of the appliacion using thereof |
CN111475191B (en) * | 2020-04-04 | 2023-06-06 | 东风越野车有限公司 | Automobile controller software upgrading system and method based on multi-core technology |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4849927A (en) * | 1987-06-12 | 1989-07-18 | Ncr Corporation | Method of controlling the operation of security modules |
WO1998020461A2 (en) * | 1996-11-07 | 1998-05-14 | Ascom Hasler Mailing Systems, Inc. | System for protecting cryptographic processing and memory resources for postal franking machines |
US5844986A (en) * | 1996-09-30 | 1998-12-01 | Intel Corporation | Secure BIOS |
EP1087294A2 (en) * | 1999-09-27 | 2001-03-28 | Nortel Networks Limited | Method and apparatus of remotely updating firmware of a communication device |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5144659A (en) * | 1989-04-19 | 1992-09-01 | Richard P. Jones | Computer file protection system |
US5210854A (en) * | 1989-06-14 | 1993-05-11 | Digital Equipment Corporation | System for updating program stored in eeprom by storing new version into new location and updating second transfer vector to contain starting address of new version |
US5421006A (en) * | 1992-05-07 | 1995-05-30 | Compaq Computer Corp. | Method and apparatus for assessing integrity of computer system software |
US5359659A (en) * | 1992-06-19 | 1994-10-25 | Doren Rosenthal | Method for securing software against corruption by computer viruses |
US5386469A (en) * | 1993-08-05 | 1995-01-31 | Zilog, Inc. | Firmware encryption for microprocessor/microcomputer |
US5778070A (en) * | 1996-06-28 | 1998-07-07 | Intel Corporation | Method and apparatus for protecting flash memory |
US6151657A (en) * | 1996-10-28 | 2000-11-21 | Macronix International Co., Ltd. | Processor with embedded in-circuit programming structures |
WO2001001285A2 (en) * | 1999-06-30 | 2001-01-04 | Microsoft Corporation | System and method for providing help contents for components of a computer system |
US6622246B1 (en) * | 1999-11-12 | 2003-09-16 | Xerox Corporation | Method and apparatus for booting and upgrading firmware |
-
2001
- 2001-07-16 DE DE10137505A patent/DE10137505B4/en not_active Expired - Fee Related
-
2002
- 2002-06-22 EP EP02090220A patent/EP1278164B1/en not_active Expired - Lifetime
- 2002-07-11 US US10/193,043 patent/US7043631B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4849927A (en) * | 1987-06-12 | 1989-07-18 | Ncr Corporation | Method of controlling the operation of security modules |
US5844986A (en) * | 1996-09-30 | 1998-12-01 | Intel Corporation | Secure BIOS |
WO1998020461A2 (en) * | 1996-11-07 | 1998-05-14 | Ascom Hasler Mailing Systems, Inc. | System for protecting cryptographic processing and memory resources for postal franking machines |
EP1087294A2 (en) * | 1999-09-27 | 2001-03-28 | Nortel Networks Limited | Method and apparatus of remotely updating firmware of a communication device |
Also Published As
Publication number | Publication date |
---|---|
EP1278164A2 (en) | 2003-01-22 |
DE10137505A1 (en) | 2003-03-06 |
DE10137505B4 (en) | 2005-06-23 |
EP1278164B1 (en) | 2013-01-16 |
US7043631B2 (en) | 2006-05-09 |
US20030014673A1 (en) | 2003-01-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1278164A3 (en) | System and method for changing the functionality of a security module | |
ATE318426T1 (en) | SYSTEM AND METHOD FOR READING A SECURITY CLEARANCE CARD | |
WO2008089922A1 (en) | Installing a patch in a smart card module | |
WO2003040917A3 (en) | Implementation of in-system programming to update firmware on memory cards | |
EP3204850A1 (en) | Method for loading executable program instructions into a chip card during active operation | |
CN100538658C (en) | Accumulator system and system control module | |
KR20060008543A (en) | Method controling washing machine | |
JP2007066212A5 (en) | ||
EP1139217A3 (en) | Method for storing data | |
US7942333B2 (en) | IC card secure personalization method | |
ATE276561T1 (en) | METHOD FOR PROTECTING AGAINST THEFT OF A SECRET CODE ON A CHIP CARD FOR MULTIPLE APPLICATIONS, AND CHIP CARDS FOR PERFORMING THIS METHOD | |
DE502004001282D1 (en) | CARD RECEIVING DEVICE AND METHOD | |
CN106326412A (en) | Vehicle information data acquisition method and apparatus | |
EP2987078B1 (en) | Method for providing an application on a security module, and such a security module | |
EP3159821B1 (en) | Processor system with applet security settings | |
CN108961765A (en) | The approach control method and device in parking lot, readable storage medium storing program for executing | |
DE19716015A1 (en) | Introducing information on a chip card | |
EP0898254A3 (en) | Anti-theft device for an apparatus | |
US8954621B2 (en) | Peripheral, method of controlling peripheral, and firmware downloading system | |
EP1818817A3 (en) | Creation of patches via a cache | |
DE102007027935A1 (en) | Portable data carrier and method for personalizing a portable data carrier | |
CN106127053A (en) | Malicious process ending method and device | |
DE102017200068A1 (en) | Control device for a motor vehicle, motor vehicle | |
WO2023001632A1 (en) | Method for authenticating and/or validating the identity of an object | |
EP2747085B1 (en) | Method for operating a safety element as well as such a safety element |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A2 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Free format text: AL;LT;LV;MK;RO;SI |
|
PUAL | Search report despatched |
Free format text: ORIGINAL CODE: 0009013 |
|
AK | Designated contracting states |
Kind code of ref document: A3 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Extension state: AL LT LV MK RO SI |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: 7G 07B 17/04 A Ipc: 7G 06F 1/00 B Ipc: 7G 06F 9/445 B |
|
AKX | Designation fees paid |
Designated state(s): CH DE FR GB IT LI |
|
17P | Request for examination filed |
Effective date: 20040202 |
|
17Q | First examination report despatched |
Effective date: 20050124 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: FRANCOTYP-POSTALIA GMBH |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): CH DE FR GB IT LI |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D Free format text: NOT ENGLISH |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 50215684 Country of ref document: DE Effective date: 20130314 |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: 746 Effective date: 20130319 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R084 Ref document number: 50215684 Country of ref document: DE Effective date: 20130314 |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
26N | No opposition filed |
Effective date: 20131017 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R097 Ref document number: 50215684 Country of ref document: DE Effective date: 20131017 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R081 Ref document number: 50215684 Country of ref document: DE Owner name: FRANCOTYP-POSTALIA GMBH, DE Free format text: FORMER OWNER: FRANCOTYP-POSTALIA AG & CO., 16547 BIRKENWERDER, DE Effective date: 20130116 Ref country code: DE Ref legal event code: R081 Ref document number: 50215684 Country of ref document: DE Owner name: FRANCOTYP-POSTALIA GMBH, DE Free format text: FORMER OWNER: FRANCOTYP-POSTALIA GMBH, 16547 BIRKENWERDER, DE Effective date: 20150330 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 15 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 16 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 17 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: FR Payment date: 20210622 Year of fee payment: 20 Ref country code: DE Payment date: 20210506 Year of fee payment: 20 Ref country code: IT Payment date: 20210625 Year of fee payment: 20 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: CH Payment date: 20210618 Year of fee payment: 20 Ref country code: GB Payment date: 20210625 Year of fee payment: 20 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R071 Ref document number: 50215684 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: PE20 Expiry date: 20220621 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GB Free format text: LAPSE BECAUSE OF EXPIRATION OF PROTECTION Effective date: 20220621 |