WO2001063994A2 - Tamper proof case for electronic devices having memories with sensitive information - Google Patents

Tamper proof case for electronic devices having memories with sensitive information Download PDF

Info

Publication number
WO2001063994A2
WO2001063994A2 PCT/US2001/005912 US0105912W WO0163994A2 WO 2001063994 A2 WO2001063994 A2 WO 2001063994A2 US 0105912 W US0105912 W US 0105912W WO 0163994 A2 WO0163994 A2 WO 0163994A2
Authority
WO
WIPO (PCT)
Prior art keywords
tamper
proof case
electrical
mating parts
memory
Prior art date
Application number
PCT/US2001/005912
Other languages
French (fr)
Other versions
WO2001063994A3 (en
Inventor
Glen Van Sant
Angelo Massari
Original Assignee
Iridian Technologies, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Iridian Technologies, Inc. filed Critical Iridian Technologies, Inc.
Priority to AU2001239854A priority Critical patent/AU2001239854A1/en
Publication of WO2001063994A2 publication Critical patent/WO2001063994A2/en
Publication of WO2001063994A3 publication Critical patent/WO2001063994A3/en

Links

Classifications

    • HELECTRICITY
    • H05ELECTRIC TECHNIQUES NOT OTHERWISE PROVIDED FOR
    • H05KPRINTED CIRCUITS; CASINGS OR CONSTRUCTIONAL DETAILS OF ELECTRIC APPARATUS; MANUFACTURE OF ASSEMBLAGES OF ELECTRICAL COMPONENTS
    • H05K5/00Casings, cabinets or drawers for electric apparatus
    • H05K5/02Details
    • H05K5/0208Interlock mechanisms; Means for avoiding unauthorised use or function, e.g. tamperproof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • HELECTRICITY
    • H05ELECTRIC TECHNIQUES NOT OTHERWISE PROVIDED FOR
    • H05KPRINTED CIRCUITS; CASINGS OR CONSTRUCTIONAL DETAILS OF ELECTRIC APPARATUS; MANUFACTURE OF ASSEMBLAGES OF ELECTRICAL COMPONENTS
    • H05K1/00Printed circuits
    • H05K1/02Details
    • H05K1/0275Security details, e.g. tampering prevention or detection
    • HELECTRICITY
    • H05ELECTRIC TECHNIQUES NOT OTHERWISE PROVIDED FOR
    • H05KPRINTED CIRCUITS; CASINGS OR CONSTRUCTIONAL DETAILS OF ELECTRIC APPARATUS; MANUFACTURE OF ASSEMBLAGES OF ELECTRICAL COMPONENTS
    • H05K2201/00Indexing scheme relating to printed circuits covered by H05K1/00
    • H05K2201/09Shape and layout
    • H05K2201/09818Shape or layout details not covered by a single group of H05K2201/09009 - H05K2201/09809
    • H05K2201/0999Circuit printed on or in housing, e.g. housing as PCB; Circuit printed on the case of a component; PCB affixed to housing
    • HELECTRICITY
    • H05ELECTRIC TECHNIQUES NOT OTHERWISE PROVIDED FOR
    • H05KPRINTED CIRCUITS; CASINGS OR CONSTRUCTIONAL DETAILS OF ELECTRIC APPARATUS; MANUFACTURE OF ASSEMBLAGES OF ELECTRICAL COMPONENTS
    • H05K2201/00Indexing scheme relating to printed circuits covered by H05K1/00
    • H05K2201/10Details of components or other objects attached to or integrated in a printed circuit board
    • H05K2201/10007Types of components
    • H05K2201/10151Sensor
    • HELECTRICITY
    • H05ELECTRIC TECHNIQUES NOT OTHERWISE PROVIDED FOR
    • H05KPRINTED CIRCUITS; CASINGS OR CONSTRUCTIONAL DETAILS OF ELECTRIC APPARATUS; MANUFACTURE OF ASSEMBLAGES OF ELECTRICAL COMPONENTS
    • H05K3/00Apparatus or processes for manufacturing printed circuits
    • H05K3/22Secondary treatment of printed circuits
    • H05K3/222Completing of printed circuits by adding non-printed jumper connections

Definitions

  • the invention relates to a tamper proof case for devices that have a memory containing sensitive information.
  • a system which determines the identity of individuals utilizing an iris scan device contains a cryptographic sub-system that encrypts digitized iris scans prior to transporting them to a remote facility for verification or matching with known samples. Information in encrypted form may also be received by the system. Such a system could be used, for example, to positively identify individuals wishing to access an automated teller machine or to gain access to a restricted facility. Both encryption and decryption require the use and storage of encryption/decryption keys for extended periods of time. Because we do not want the encryption/decryption keys to be compromised, there is a requirement for physical key security. A tamper-proof case is disclosed herein.
  • the sensitive information such as encryption/decryption keys
  • the sensitive information is deleted or zeroed out.
  • Three forms of tampering are sensed: chassis intrusion, extreme temperature conditions and low battery power.
  • the case may utilize one or more of several methods, described below, to detect tampering.
  • the case itself consists of a metal enclosure having two or more parts which are joined together to form the whole enclosure.
  • the components of the device, including the circuitry which contains the sensitive information, reside within the enclosure.
  • the first method of detecting tampering consists of a conductive ring which must make simultaneous contact with a plurality of conductive portions, or traces, on the printed circuit board. When two halves of the enclosure are separated, the conductive ring no longer makes contact with all of the conductive portions of the printed circuit board, and the tampering is detected.
  • the second method of detecting tampering is designed to protect all or part of a printed circuit board, specifically, a board or portion of a board containing memory chips storing sensitive information.
  • This method utilizes a protective conductive mesh which encloses the circuit board. If the mesh is pierced, an open circuit condition is generated, and the tampering is detected. This prevents physical intrusion through the walls of the enclosure, such as by drilling or sawing.
  • a third method of preventing tampering involves the use of a temperature detector to detect extremes in temperature. This will defeat any attempts to "freeze" components of the device within the enclosure by lowering the temperature to a level where the devices will not work, thereby allowing time to access the components before the memory can be erased. If the temperature detector detects a temperature outside of a specific range of acceptable temperatures, the memory of the device is immediately erased. Lastly, a device is utilized which detects a low battery condition. Ideally, in a loss of power situation, the device's internal batteries will provide power to the circuitry that protects the memory containing the sensitive information. Should these batteries run low, it would be possible to gain access to the sensitive information merely by removing power from the device. When a low battery condition is detected, the sensitive information in the memory device is erased.
  • Figures la, lb and lc show various views of the conductive annulus used in the security switch.
  • Figure 2 is an exploded view of the tamper proof case with showing the placement of the security switches.
  • Figure 3 is a cutaway view of a comer of the bottom portion of the tamper- proof case showing a portion of the security switch.
  • Figure 4 shows the portion of the security switch in place on a printed circuit board.
  • Figures 5 a and 5b show a frame used to protect specific areas of a printed circuit board.
  • Figures 6a and 6b show a second embodiment of the frame of Figures 5 a and 5b.
  • Figure 7 shows the frame of Figures 6a and 6b in dotted outline in place on a printed circuit board.
  • the body of the case in the preferred embodiment, consists of two halves, 14 and 16, best shown in Figure 2. These are preferably composed of a metal such as cast aluminum, but any hard material may be used, such as hard plastic.
  • the two halves 14 and 16 of the case are fitted together to form the whole case.
  • a main circuit board 18 which contains the circuitry of the device plus additional security monitoring circuitry.
  • switches are implemented as part of the electrical traces of circuit board 18. In the preferred embodiment, these switches consist of an electrical trace shaped like an annulus divided into two or more segments. These are best shown in Figure 4 as reference numbers 22. Annular segmented contact 22 is printed around hole 23 in circuit board 18.
  • annular contact 22 All segments of annular contact 22 must make contact with a conductive ring 10 (external to the circuit board), shown in Figure 1, for the switch to be closed. Hole 23 in annular contact 22 is used for mounting the circuit board to the interior of the case as well as for providing the mounting constraints for conductive ring 10 used to close the switches.
  • One half 16 of the case contains one or more bosses 20 that permit one or more mounting screws to pass through the circuit board and thread into the other half of the casing 14, which has corresponding bosses 17 defined therein.
  • annulus of resilient material 12 preferably composed of foam or sponge rubber, and which, in the preferred embodiment, is approximately .08 inches thick.
  • Rubber annulus 12 has a contact adhesive applied to both sides. Each rubber annulus 12 is attached to the top of a boss 20 on one half 16 of the casing. The ring shape permits mounting screws to pass through the circuit board 18 and into boss 20. As shown in Figure 1, conductive washer 10 is attached to the other side of rubber annulus 12, thereby forming washer/annulus assembly 8. Circuit board 18 is then mounted on top of conductive washers 10, with the washers contacting circuit board 18 at the places where annular contacts 22 are printed.
  • All of the switches on the circuit board are connected in series by conductive traces 15.
  • the switches are part of a monitoring circuit, which is electrically closed when all of conducting washers 10 join all segments of each annular contact 22.
  • the segments of each annular contact 22 are joined when conductive washers 10 are compressed against the circuit board 18 by rubber annuli 12, mounted on bosses 20 on one half 16 of case when the two halves of the case 14 and 16 are secured to each other by the mounting screws (not shown).
  • the normal operation of the system is such that each switch is closed, thus completing the circuit. If any switch is opened, by the removal of conductive washer 10 from annular contact 22, the circuit will open and the resulting absence of current will be detected by a sensor.
  • a switch is opened when any attempt is made to separate the two halves 14 and 16 of the case. Such attempts will cause conductive washers 10 to pull away from the annular contacts 22 on circuit board 18, thereby opening the monitoring circuit.
  • the monitoring circuit is designed to detect an opening of one or more of the switches, which indicates an attempt to tamper with the contents of the case. When such a condition is detected, any important or sensitive data contained within the circuitry of circuit board 18, such as encryption keys on a cryptography module, are erased.
  • the monitor circuit is powered by a battery located on circuit board 18. The presence of the battery ensures that protection of the sensitive data also exists if the system is powered down.
  • a key component of this switch arrangement is the mounting of conductive washers 10 for the switches.
  • Each conductive washer 10 is bound to a rubber annulus 12 mounted on the cover bosses 20 via a contact adhesive, forming assembly 8.
  • the thickness of each assembly 8 is greater than the clearance between the annular contacts 22 of on circuit board 18 and boss 20.
  • This causes rubber annulus 12, which is resilient, to compress as the two halves 14 and 16 the case are secured together via mounting screws.
  • the mounting screws which will extend through boss 17, defined in half of cover 14, circuit board 18 and annular contact 22, conductive washer 10, rubber annulus 12 and boss 20.
  • the screws may be secured by nuts applied on the underside of boss 20, or may screw directly into threads defined in boss 20.
  • FIGs 5a and 5b an aluminum frame is shown which fits around the portion of circuit board 18 housing the circuitry containing the sensitive data.
  • two or more pairs of contacts 34 shown in Figure 7, are laid out on circuit board 18 surrounding the area which is to be protected.
  • Resilient foam rubber gasket 26 of the same shape as frame 24 holds frame 24 in place on circuit board 18, thereby connecting all of segments 34, when the halves 14 and 16 of the case are joined together.
  • a boss on half 14 of the case, shaped similarly to frame 24 will compress resilient foam rubber gasket 26 and force frame 24 into contact with contacts 34. Any attempt to separate the halves 14 and 16 of the case causes frame 24 to pull away from circuit board 18, breaking the contact with contacts 34 and opening the circuit.
  • metal frame 24 could be replaced with a conductive foil tape 32, shown in Figure 6b, which is attached to a foam rubber frame 30 via a contact adhesive in the areas where foam rubber frame 30 touches contacts 34 on circuit board 18.
  • Figure 7 shows foam rubber frame 30 in dotted outline in place on circuit board 18, with conductive foil patches 32 joining contacts 34 on circuit board 18.
  • Another method used to protect the portion of the circuit board containing the cryptography circuit is covering the circuitry with a conductive sheet or mesh (not shown).
  • the sheet utilizes conductive traces (ink or metal for example) forming a grid pattern.
  • the grid is connected in parallel to the edges of the sheet and connected to an electrical supply forming another monitor circuit. If one or more of the traces in the grid are broken by any form of penetration, such as drilling or sawing, the circuit will be broken, resulting in the deletion of the sensitive data.
  • An example of a conducting mesh suitable for use in this application is manufactured and sold by W. L. Gore & Associates, Ltd., under the trade name D 3 Technology. The mesh would cover both sides of the circuit board to prevent access to the board by drilling or cutting of the case around the board.
  • circuit board 18 During normal operations, normal operating power is supplied to circuit board 18. Should normal power be interrupted for any reason, be it an attempt to disable the unit by turning off its power supply, or a normal power outage, the circuitry in which the sensitive data is stored and the security monitor circuitry on circuit board 18 remains powered by an on-board battery. A sensor is located on circuit board 18 which detects when the on-board battery runs low on power.
  • the iris scan device described above utilizes a microcontroller which operates in zero-power "sleep" mode.
  • the sensitive data in this case is one or more cryptography key, which are stored in SRAM.
  • Both the microcontroller and the SRAM can be powered utilizing battery power when normal power is unavailable.
  • the occurrence of any security violation generates an interrupt to the microcontroller which, following a transition from zero-power (sleep mode) to low-power mode, destroys all keys via an erasure/overwrite by software of the SRAM chip.
  • the time to transition from zero power to low power mode is approximately on the order of microseconds, and the time to perform SRAM erasure/overwrite by software is a few milliseconds. Hence, the keys are erased well before anyone could successfully intrude into the security module.
  • the low battery power detection feature ensures that the microcontroller has sufficient power to perform the destruction of the sensitive data upon detection of an intrusion. Should the battery power drop below this threshold, the microcontroller will erase all sensitive data as a safeguard.
  • the final safeguard is a temperature sensor that resides within the case.
  • the temperature sensor is primarily designed to guard against the type of attack wherein someone would try to freeze the electronics of the device with liquid nitrogen to shut down the security monitoring circuitry, thereby allowing the attacker to access the cryptography circuitry before the security monitoring circuitry could delete the sensitive data. The same would apply to a high temperature attack. Therefore, the temperature sensor is tuned to alert the microcontroller to delete the keys if the temperature is outside of a given range, which, in the preferred embodiment, is approximately 0c - 65c. In a normal operating environment, such as the inside of an ATM machine, a certain ambient temperature must be maintained. The temperature range of the temperature sensor covers the expected range of operating temperatures in various normal operating situations.

Abstract

A tamper-proof enclosure is disclosed. The enclosure utilizes various types of sensors that are capable of detecting chassis intrusion, extreme temperature variations and low battery power. A circuit is formed when the chassis is closed and broken when the chassis is opened. A sensor connected to the circuit detects a broken circuit. Other sensors detect unacceptable high or low temperatures and low battery power. When a sensor detects such a condition, it sends a signal causing a portion of the memory of the device contained within the enclosure to be erased.

Description

TITLE
TAMPER PROOF CASE FOR ELECTRONIC DEVICES HAVING MEMORIES WITH SENSITIVE INFORMATION
Field of the Invention
The invention relates to a tamper proof case for devices that have a memory containing sensitive information.
Background of the Invention There are many computer controlled devices which have memories containing sensitive information. Such information could range from financial information to encryption keys, to passwords. Such devices may be in areas that are accessible to the public or which could be entered by anyone who wants the information. Consequently, there have been concerns about unauthorized access to the devices and retrieval of the sensitive information by a thief. Thus, there is a need for a tramper proof case which will prevent unauthorized access to sensitive information. Several types of tamper proof enclosures have been developed. One type of enclosure contains a seal which is broken when the enclosure is opened. The seal will indicate whether a container has been opened but it does not prevent removal of sensitive information from the enclosure after opening. Another type of enclosure contains an alarm which sounds when the case or door is opened. While the alarms may promptly alert authorities of a breach, the sensitive information is still available to the thief when the enclosure is opened, provided he can quickly retrieve it and escape. Erasable memories are well known. Where sensitive information is contained in. a memory, one way to deter theft of information is to erase the memory whenever the thief or other unauthorized person seeks access. However, prior to the present invention, the art had not developed a tamper-proof case which would cause a memory to be erased when the case was opened.
Summary of the Invention
A system which determines the identity of individuals utilizing an iris scan device contains a cryptographic sub-system that encrypts digitized iris scans prior to transporting them to a remote facility for verification or matching with known samples. Information in encrypted form may also be received by the system. Such a system could be used, for example, to positively identify individuals wishing to access an automated teller machine or to gain access to a restricted facility. Both encryption and decryption require the use and storage of encryption/decryption keys for extended periods of time. Because we do not want the encryption/decryption keys to be compromised, there is a requirement for physical key security. A tamper-proof case is disclosed herein. If tampering is detected, the sensitive information, such as encryption/decryption keys, is deleted or zeroed out. Three forms of tampering are sensed: chassis intrusion, extreme temperature conditions and low battery power. The case may utilize one or more of several methods, described below, to detect tampering. The case itself consists of a metal enclosure having two or more parts which are joined together to form the whole enclosure. The components of the device, including the circuitry which contains the sensitive information, reside within the enclosure.
The first method of detecting tampering consists of a conductive ring which must make simultaneous contact with a plurality of conductive portions, or traces, on the printed circuit board. When two halves of the enclosure are separated, the conductive ring no longer makes contact with all of the conductive portions of the printed circuit board, and the tampering is detected.
The second method of detecting tampering is designed to protect all or part of a printed circuit board, specifically, a board or portion of a board containing memory chips storing sensitive information. This method utilizes a protective conductive mesh which encloses the circuit board. If the mesh is pierced, an open circuit condition is generated, and the tampering is detected. This prevents physical intrusion through the walls of the enclosure, such as by drilling or sawing.
A third method of preventing tampering involves the use of a temperature detector to detect extremes in temperature. This will defeat any attempts to "freeze" components of the device within the enclosure by lowering the temperature to a level where the devices will not work, thereby allowing time to access the components before the memory can be erased. If the temperature detector detects a temperature outside of a specific range of acceptable temperatures, the memory of the device is immediately erased. Lastly, a device is utilized which detects a low battery condition. Ideally, in a loss of power situation, the device's internal batteries will provide power to the circuitry that protects the memory containing the sensitive information. Should these batteries run low, it would be possible to gain access to the sensitive information merely by removing power from the device. When a low battery condition is detected, the sensitive information in the memory device is erased.
Description of the Drawings Figures la, lb and lc show various views of the conductive annulus used in the security switch.
Figure 2 is an exploded view of the tamper proof case with showing the placement of the security switches.
Figure 3 is a cutaway view of a comer of the bottom portion of the tamper- proof case showing a portion of the security switch.
Figure 4 shows the portion of the security switch in place on a printed circuit board. Figures 5 a and 5b show a frame used to protect specific areas of a printed circuit board. Figures 6a and 6b show a second embodiment of the frame of Figures 5 a and 5b.
Figure 7 shows the frame of Figures 6a and 6b in dotted outline in place on a printed circuit board.
Detailed Description of the Invention
The body of the case, in the preferred embodiment, consists of two halves, 14 and 16, best shown in Figure 2. These are preferably composed of a metal such as cast aluminum, but any hard material may be used, such as hard plastic. The two halves 14 and 16 of the case are fitted together to form the whole case. Inside the case is a main circuit board 18 which contains the circuitry of the device plus additional security monitoring circuitry. Several switches are implemented as part of the electrical traces of circuit board 18. In the preferred embodiment, these switches consist of an electrical trace shaped like an annulus divided into two or more segments. These are best shown in Figure 4 as reference numbers 22. Annular segmented contact 22 is printed around hole 23 in circuit board 18. All segments of annular contact 22 must make contact with a conductive ring 10 (external to the circuit board), shown in Figure 1, for the switch to be closed. Hole 23 in annular contact 22 is used for mounting the circuit board to the interior of the case as well as for providing the mounting constraints for conductive ring 10 used to close the switches. One half 16 of the case contains one or more bosses 20 that permit one or more mounting screws to pass through the circuit board and thread into the other half of the casing 14, which has corresponding bosses 17 defined therein. Located at the top of one boss of each pair of bosses 20 and 17 is an annulus of resilient material 12, preferably composed of foam or sponge rubber, and which, in the preferred embodiment, is approximately .08 inches thick. Rubber annulus 12 has a contact adhesive applied to both sides. Each rubber annulus 12 is attached to the top of a boss 20 on one half 16 of the casing. The ring shape permits mounting screws to pass through the circuit board 18 and into boss 20. As shown in Figure 1, conductive washer 10 is attached to the other side of rubber annulus 12, thereby forming washer/annulus assembly 8. Circuit board 18 is then mounted on top of conductive washers 10, with the washers contacting circuit board 18 at the places where annular contacts 22 are printed.
All of the switches on the circuit board are connected in series by conductive traces 15. The switches are part of a monitoring circuit, which is electrically closed when all of conducting washers 10 join all segments of each annular contact 22. The segments of each annular contact 22 are joined when conductive washers 10 are compressed against the circuit board 18 by rubber annuli 12, mounted on bosses 20 on one half 16 of case when the two halves of the case 14 and 16 are secured to each other by the mounting screws (not shown). The normal operation of the system is such that each switch is closed, thus completing the circuit. If any switch is opened, by the removal of conductive washer 10 from annular contact 22, the circuit will open and the resulting absence of current will be detected by a sensor. A switch is opened when any attempt is made to separate the two halves 14 and 16 of the case. Such attempts will cause conductive washers 10 to pull away from the annular contacts 22 on circuit board 18, thereby opening the monitoring circuit.
The monitoring circuit is designed to detect an opening of one or more of the switches, which indicates an attempt to tamper with the contents of the case. When such a condition is detected, any important or sensitive data contained within the circuitry of circuit board 18, such as encryption keys on a cryptography module, are erased. The monitor circuit is powered by a battery located on circuit board 18. The presence of the battery ensures that protection of the sensitive data also exists if the system is powered down.
A key component of this switch arrangement is the mounting of conductive washers 10 for the switches. Each conductive washer 10 is bound to a rubber annulus 12 mounted on the cover bosses 20 via a contact adhesive, forming assembly 8. The thickness of each assembly 8 is greater than the clearance between the annular contacts 22 of on circuit board 18 and boss 20. This causes rubber annulus 12, which is resilient, to compress as the two halves 14 and 16 the case are secured together via mounting screws. The mounting screws which will extend through boss 17, defined in half of cover 14, circuit board 18 and annular contact 22, conductive washer 10, rubber annulus 12 and boss 20. The screws may be secured by nuts applied on the underside of boss 20, or may screw directly into threads defined in boss 20. As it compresses, rubber annulus 12 pushes conducting washer 10 onto annular contact 22 on circuit board 18, thereby keeping conductive washer 10 forced into contact with each segment of annular contact 22, completing the circuit. If either cover 14 or 16 is lifted or tilted in an effort to look into or access the interior of the case, conductive washer 10 will lift from annular contact 22 and break the circuit, resulting in the deletion of the sensitive data. The more segments in annular contact 22, the more sensitive the switch is to tampering. For instance, by having eight segments, it is relatively difficult to tilt either half 14 or 16 of the case in any direction and keep conductive washer 10 touching all segments of annular contact 22. This same technology can also be used to protect specific areas of the circuit board. For example, in Figures 5a and 5b, an aluminum frame is shown which fits around the portion of circuit board 18 housing the circuitry containing the sensitive data. In this case, two or more pairs of contacts 34, shown in Figure 7, are laid out on circuit board 18 surrounding the area which is to be protected. Resilient foam rubber gasket 26 of the same shape as frame 24 holds frame 24 in place on circuit board 18, thereby connecting all of segments 34, when the halves 14 and 16 of the case are joined together. A boss on half 14 of the case, shaped similarly to frame 24 will compress resilient foam rubber gasket 26 and force frame 24 into contact with contacts 34. Any attempt to separate the halves 14 and 16 of the case causes frame 24 to pull away from circuit board 18, breaking the contact with contacts 34 and opening the circuit. In an alternative embodiment, metal frame 24 could be replaced with a conductive foil tape 32, shown in Figure 6b, which is attached to a foam rubber frame 30 via a contact adhesive in the areas where foam rubber frame 30 touches contacts 34 on circuit board 18. Figure 7 shows foam rubber frame 30 in dotted outline in place on circuit board 18, with conductive foil patches 32 joining contacts 34 on circuit board 18.
Another method used to protect the portion of the circuit board containing the cryptography circuit is covering the circuitry with a conductive sheet or mesh (not shown). The sheet utilizes conductive traces (ink or metal for example) forming a grid pattern. The grid is connected in parallel to the edges of the sheet and connected to an electrical supply forming another monitor circuit. If one or more of the traces in the grid are broken by any form of penetration, such as drilling or sawing, the circuit will be broken, resulting in the deletion of the sensitive data. An example of a conducting mesh suitable for use in this application is manufactured and sold by W. L. Gore & Associates, Ltd., under the trade name D3 Technology. The mesh would cover both sides of the circuit board to prevent access to the board by drilling or cutting of the case around the board. During normal operations, normal operating power is supplied to circuit board 18. Should normal power be interrupted for any reason, be it an attempt to disable the unit by turning off its power supply, or a normal power outage, the circuitry in which the sensitive data is stored and the security monitor circuitry on circuit board 18 remains powered by an on-board battery. A sensor is located on circuit board 18 which detects when the on-board battery runs low on power.
Although any method may be used to delete the sensitive data from the memory of the particular device which has been placed into the tamper-proof case, the iris scan device described above utilizes a microcontroller which operates in zero-power "sleep" mode. The sensitive data in this case is one or more cryptography key, which are stored in SRAM. Both the microcontroller and the SRAM can be powered utilizing battery power when normal power is unavailable. The occurrence of any security violation generates an interrupt to the microcontroller which, following a transition from zero-power (sleep mode) to low-power mode, destroys all keys via an erasure/overwrite by software of the SRAM chip. The time to transition from zero power to low power mode is approximately on the order of microseconds, and the time to perform SRAM erasure/overwrite by software is a few milliseconds. Hence, the keys are erased well before anyone could successfully intrude into the security module.
The low battery power detection feature ensures that the microcontroller has sufficient power to perform the destruction of the sensitive data upon detection of an intrusion. Should the battery power drop below this threshold, the microcontroller will erase all sensitive data as a safeguard.
The final safeguard is a temperature sensor that resides within the case. The temperature sensor is primarily designed to guard against the type of attack wherein someone would try to freeze the electronics of the device with liquid nitrogen to shut down the security monitoring circuitry, thereby allowing the attacker to access the cryptography circuitry before the security monitoring circuitry could delete the sensitive data. The same would apply to a high temperature attack. Therefore, the temperature sensor is tuned to alert the microcontroller to delete the keys if the temperature is outside of a given range, which, in the preferred embodiment, is approximately 0c - 65c. In a normal operating environment, such as the inside of an ATM machine, a certain ambient temperature must be maintained. The temperature range of the temperature sensor covers the expected range of operating temperatures in various normal operating situations.
In the preferred embodiment of the device, all of the described anti-attack measures will be present, however, the invention is not limited thereto, and may include embodiments that have a subset of the measures described. Furthermore, it should be distinctly understood that our invention is not limited thereto but may be variously embodied within the scope of the following claims.

Claims

I claim:
1. A tamper-proof case for a device having a memory containing information comprised of: an enclosure having at least two mating parts which fit together to define an enclosed space, wherein said device having a memory containing information is disposed within said space; at least two electrical contacts, positioned such that said contacts are electrically coupled, thereby forming a current path, when said first and said second mating parts are joined together and electrically uncoupled, thereby interrupting said current path, when said first and said second mating parts are separated; and a sensor for sensing a flow of electrical current through said current path, said sensor being capable of sending a signal when said electrical contacts are uncoupled, said signal causing said device to erase at least a portion of said information from said memory.
2. The tamper-proof case of claim 1 wherein said at least two electrical contacts are traces on a printed circuit board.
3. The tamper proof case of claim 2 further comprising: a piece of electrically conductive material; and a piece of resilient material, secured to said piece of electrically conductive material and to one of said mating parts, and disposed therebetween; such that said piece of electrically conductive material is biased by said piece of resilient material against said at least two electrical contacts, thereby electrically coupling said contacts, when said at least two mating parts are joined together.
4. The tamper-proof case of claim 3 wherein said piece of resilient material is foam rubber.
5. The tamper-proof case of claim 4 wherein: said printed circuit board defines a hole therein; said at least two . electrical contacts are laid out as a circle on a printed circuit board around said hole; and said piece of electrically conductive material is a metal annulus sized to match said circle defined by said at least two electrical contacts.
6. The tamper proof case of claim 5 further comprising: a first boss, defined in one of said at least two mating parts, said boss defining a hole therein; wherein said foam rubber is annular in shape and disposed between said metal washer and said first boss.
7. The tamper proof case of claim 6 further comprising: a second boss, defined in the other of said at least two mating parts, said second boss defining a hole therein, wherein said first and said second bosses are aligned when said at least two mating parts are joined together; and a screw, disposed through said hole in said first boss, said hole in said printed circuit board, said hole in said metal annulus, said hole in said foam rubber annulus and said hole defined in said second boss, such that when said screw is tightened, said at least two mating parts are joined together and said foam rubber annulus is compressed, thereby biasing said metal annulus against said at least two electrical contacts defined as traces on said printed circuit board, and electrically coupling said electrical contacts and forming a switch which is electrically closed when said at least two mating parts are joined and electrically opened when said at least two mating parts are separated.
8. The tamper proof case of claim 7 further comprising a plurality of said switches.
9. The tamper-proof case of claim 4 wherein: said piece of electrically conductive material is a piece of metal tape bonded to said piece of foam rubber; and said piece of foam rubber is bonded to one of said at least two mating parts, such that when said at least two mating parts are joined together, said foam rubber biases said metal tape against said electrical contacts, thereby electrically coupling said electrical contacts.
10. The tamper-proof case of claim 1 further comprising: an electrically conductive mesh disposed within said case such that at least said portion of said device containing said memory is covered by said mesh; and a sensor for detecting if said mesh has been pierced, said sensor being capable of sending a signal when said mesh has been pierced, said signal causing said device to erase at least a portion of said information from said memory.
11. The tamper-proof case of claim 1 further comprising: a temperature sensor for determining the ambient temperature within said case, wherein said temperature sensor generates a signal if said ambient temperature exceeds a predetermined maximum temperature or if said ambient temperature drops below a predetermined minimum temperature, said signal causing said device to erase at least a portion of said information from said memory.
12. The tamper-proof case of claim 11 wherein said maximum temperature is
65 degrees centigrade and wherein said minimum temperature is 0 degrees centigrade.
13. The tamper-proof case of claim 1 further comprising: an internal battery capable of delivering a voltage; and a sensor for detecting when said voltage drops below a certain predetermined minimum voltage, said sensor being capable of sending a signal when said voltage drops below said predetermined minimum, said signal causing said device to erase at least a portion of said information from said memory.
14. A tamper-proof case for a device having a memory containing information comprised of: an enclosure having at least two mating parts which fit together to define an enclosed space, wherein said device having a memory containing information is disposed within said space; a first electrical contact on a first mating part of the at least two mating parts, a second electrical contact on a second mating part, the second electrical contact positioned to engage the first electrical contact when the first mating part and the second mating part are joined together; a power source connected to said first electrical contact such that an electrical circuit is formed when the first and second mating parts are joined together; a sensor in the electrical circuit which senses flow of electrical current through the circuit and sends a signal when such electrical current is interrupted which signal causes the device to erase at least some information from the memory.
15. The tamper-proof case of claim 1 also comprising: a mesh adjacent at least one of the enclosure, the mesh having conductive traces connected to the power source to form a circuit so that electricity flows through the conductive traces; a sensor connected to the conductive trances which senses flow of electrical current through the circuit and sends a signal when such electrical current is interrupted which signal causes the device to erase at least some information from the memory.
16. The tamper-proof case of claim 15 wherein the mesh is adjacent all inside surfaces of the enclosure.
17. The tamper-proof case of claim 14 also comprising a circuit board attached to the first mating part, the circuit board containing the first electrical contact and a conductive trace connected to the first electrical contact, the power supply and the sensors, the conductive trace having a gap sized and positioned to mate with the second electrical contact and thereby complete an electrical circuit.
18. The tamper proof case of claim 14 comprising a resilient washer connected to the second mating port and carrying the second electrical circuit.
19. The tamper proof case of claim 18 wherein the second electrical contact is annular.
20. The tamper proof case of claim 19 wherein the second electrical contact is segmented and the first electrical contact is segmented such that the segments of the first electrical contact are sized and positioned to meet and engage the segments of the second electrical contact to complete the electrical current when the first and second mating parts are joined.
21. The tamper proof case of claim 20 wherein the second electrical contact has eight segments.
22. The tamper proof case of claim 14 also comprising a temperature sensor within the enclosure, the temperature sensor designed to emit a signal when temperature within the enclosure falls below a preselected minimum temperature.
23. The tamper proof case of claim 14 also comprising a battery and a battery power detector connected to the battery, the battery and battery power detector connected to the battery, the battery and battery power detector being within the enclosure and wherein the battery power detector sends a signal when the battery reaches a power level below a predetermined power level, this signal causing the device to erase at least some information from the memory.
24. The tamperproof case of claim 14 wherein the memory contains encryption keys which are erased when a signal is sent by the sensor.
PCT/US2001/005912 2000-02-23 2001-02-22 Tamper proof case for electronic devices having memories with sensitive information WO2001063994A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001239854A AU2001239854A1 (en) 2000-02-23 2001-02-22 Tamper proof case for electronic devices having memories with sensitive information

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US51082500A 2000-02-23 2000-02-23
US09/510,825 2000-02-23

Publications (2)

Publication Number Publication Date
WO2001063994A2 true WO2001063994A2 (en) 2001-08-30
WO2001063994A3 WO2001063994A3 (en) 2002-04-18

Family

ID=24032352

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/005912 WO2001063994A2 (en) 2000-02-23 2001-02-22 Tamper proof case for electronic devices having memories with sensitive information

Country Status (2)

Country Link
AU (1) AU2001239854A1 (en)
WO (1) WO2001063994A2 (en)

Cited By (79)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002028157A1 (en) * 2000-09-26 2002-04-04 Sagem Denmark A/S A box for encapsulating an electronic device, and a method for gluing a circuit board onto the inner surface of a box
WO2004003711A2 (en) * 2002-06-26 2004-01-08 Intel Corporation Sleep attack protection
US6895509B1 (en) 2000-09-21 2005-05-17 Pitney Bowes Inc. Tamper detection system for securing data
US6996953B2 (en) 2004-01-23 2006-02-14 Pitney Bowes Inc. System and method for installing a tamper barrier wrap in a PCB assembly, including a PCB assembly having improved heat sinking
EP1674962A1 (en) * 2004-12-22 2006-06-28 Frama Ag Device for protecting a data storage circuit arrangement comprising electronic components and a processor
WO2006092591A1 (en) * 2005-03-01 2006-09-08 Keymat Technology Limited Anti-tampe devices
US7124273B2 (en) 2002-02-25 2006-10-17 Intel Corporation Method and apparatus for translating guest physical addresses in a virtual machine environment
WO2006119323A2 (en) * 2005-05-03 2006-11-09 Palomar Technology, Llc Trusted monitoring system and method
US7156233B2 (en) 2004-06-15 2007-01-02 Pitney Bowes Inc. Tamper barrier enclosure with corner protection
EP1746617A1 (en) * 2005-07-20 2007-01-24 Delphi Technologies, Inc. Control assembly with engagement detection means
US7180008B2 (en) 2004-01-23 2007-02-20 Pitney Bowes Inc. Tamper barrier for electronic device
WO2009052385A1 (en) * 2007-10-17 2009-04-23 Spansion Llc Tamper reactive memory device to secure data from tamper attacks
WO2009068608A1 (en) * 2007-11-29 2009-06-04 Hypercom Gmbh Device for monitoring a space by serially interconnected closing contacts, in particular cover switches in a security housing
US7739521B2 (en) 2003-09-18 2010-06-15 Intel Corporation Method of obscuring cryptographic computations
US7809957B2 (en) 2005-09-29 2010-10-05 Intel Corporation Trusted platform module for generating sealed data
WO2011019496A1 (en) * 2009-08-10 2011-02-17 Apple Inc. Mechanisms for detecting tampering of an electronic device
US7900017B2 (en) 2002-12-27 2011-03-01 Intel Corporation Mechanism for remapping post virtual machine memory pages
EP2336981A1 (en) * 2009-11-19 2011-06-22 Continental Automotive GmbH Manipulation-proof tacograph device
DE102010012851A1 (en) * 2010-03-25 2011-09-29 Ssp Europe Gmbh Detection device for use in protection device for volatile storage device for detecting access to e.g. personal computer by unauthorized person to protect system against unauthorized access, has connection device contacting two parts
US8079034B2 (en) 2003-09-15 2011-12-13 Intel Corporation Optimizing processor-managed resources based on the behavior of a virtual machine monitor
GB2481836A (en) * 2010-07-08 2012-01-11 Keymat Technology Ltd Circuit board connector with drilling tamper detection arrangement
US8185734B2 (en) 2002-03-29 2012-05-22 Intel Corporation System and method for execution of a secured environment initialization instruction
US8201267B2 (en) 2008-10-24 2012-06-12 Pitney Bowes Inc. Cryptographic device having active clearing of memory regardless of state of external power
US8330606B2 (en) 2010-04-12 2012-12-11 Verifone, Inc. Secure data entry device
US8358218B2 (en) 2010-03-02 2013-01-22 Verifone, Inc. Point of sale terminal having enhanced security
WO2013010766A1 (en) * 2011-07-18 2013-01-24 Continental Automotive Gmbh Housing
US8405506B2 (en) 2010-08-02 2013-03-26 Verifone, Inc. Secure data entry device
DE102011117214A1 (en) * 2011-10-28 2013-05-02 Stepover Gmbh A method for detecting an unauthorized opening of a signature device, signature device and computer system with the same
US8458464B2 (en) 2000-09-28 2013-06-04 Intel Corporation Mechanism to handle events in a machine with isolated execution
US8533777B2 (en) 2004-12-29 2013-09-10 Intel Corporation Mechanism to determine trust of out-of-band management agents
US8543772B2 (en) 2003-09-30 2013-09-24 Intel Corporation Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US8593824B2 (en) 2010-10-27 2013-11-26 Verifone, Inc. Tamper secure circuitry especially for point of sale terminal
US8595514B2 (en) 2008-01-22 2013-11-26 Verifone, Inc. Secure point of sale terminal
US8621235B2 (en) 2011-01-06 2013-12-31 Verifone, Inc. Secure pin entry device
EP2717483A1 (en) * 2012-08-31 2014-04-09 Bluebird Soft Inc. Mobile terminal
US8884757B2 (en) 2011-07-11 2014-11-11 Verifone, Inc. Anti-tampering protection assembly
US9013336B2 (en) 2008-01-22 2015-04-21 Verifone, Inc. Secured keypad devices
US9087000B2 (en) 2003-11-26 2015-07-21 Intel Corporation Accessing private data about the state of a data processing machine from storage that is publicly accessible
EP2924606A1 (en) * 2014-03-28 2015-09-30 Panasonic Intellectual Property Management Co., Ltd. Information processing apparatus
US9554477B1 (en) 2015-12-18 2017-01-24 International Business Machines Corporation Tamper-respondent assemblies with enclosure-to-board protection
US9555606B1 (en) 2015-12-09 2017-01-31 International Business Machines Corporation Applying pressure to adhesive using CTE mismatch between components
US9560737B2 (en) 2015-03-04 2017-01-31 International Business Machines Corporation Electronic package with heat transfer element(s)
US9578764B1 (en) 2015-09-25 2017-02-21 International Business Machines Corporation Enclosure with inner tamper-respondent sensor(s) and physical security element(s)
US9591776B1 (en) 2015-09-25 2017-03-07 International Business Machines Corporation Enclosure with inner tamper-respondent sensor(s)
US9646472B2 (en) 2012-08-15 2017-05-09 Payment Express Limited Tamper evident systems
US9691066B2 (en) 2012-07-03 2017-06-27 Verifone, Inc. Location-based payment system and method
JP2017517867A (en) * 2014-09-01 2017-06-29 福建聯迪商用設備有限公司 Connection mechanism for preventing unauthorized disassembly using screws and bonding pads
US9858446B2 (en) 2011-04-18 2018-01-02 Siemens Aktiengesellschaft Tamper protection device for protecting a field device against tampering
US9858776B1 (en) 2016-06-28 2018-01-02 International Business Machines Corporation Tamper-respondent assembly with nonlinearity monitoring
US9881880B2 (en) 2016-05-13 2018-01-30 International Business Machines Corporation Tamper-proof electronic packages with stressed glass component substrate(s)
US9894749B2 (en) 2015-09-25 2018-02-13 International Business Machines Corporation Tamper-respondent assemblies with bond protection
US9904811B2 (en) 2016-04-27 2018-02-27 International Business Machines Corporation Tamper-proof electronic packages with two-phase dielectric fluid
US9913370B2 (en) 2016-05-13 2018-03-06 International Business Machines Corporation Tamper-proof electronic packages formed with stressed glass
US9913389B2 (en) 2015-12-01 2018-03-06 International Business Corporation Corporation Tamper-respondent assembly with vent structure
US9911012B2 (en) 2015-09-25 2018-03-06 International Business Machines Corporation Overlapping, discrete tamper-respondent sensors
US9916744B2 (en) 2016-02-25 2018-03-13 International Business Machines Corporation Multi-layer stack with embedded tamper-detect protection
US9924591B2 (en) 2015-09-25 2018-03-20 International Business Machines Corporation Tamper-respondent assemblies
US9978231B2 (en) 2015-10-21 2018-05-22 International Business Machines Corporation Tamper-respondent assembly with protective wrap(s) over tamper-respondent sensor(s)
US9999124B2 (en) 2016-11-02 2018-06-12 International Business Machines Corporation Tamper-respondent assemblies with trace regions of increased susceptibility to breaking
US10098235B2 (en) 2015-09-25 2018-10-09 International Business Machines Corporation Tamper-respondent assemblies with region(s) of increased susceptibility to damage
US10136519B2 (en) 2015-10-19 2018-11-20 International Business Machines Corporation Circuit layouts of tamper-respondent sensors
US10172239B2 (en) 2015-09-25 2019-01-01 International Business Machines Corporation Tamper-respondent sensors with formed flexible layer(s)
US10168185B2 (en) 2015-09-25 2019-01-01 International Business Machines Corporation Circuit boards and electronic packages with embedded tamper-respondent sensor
US20190095656A1 (en) * 2017-09-26 2019-03-28 Hewlett Packard Enterprise Development Lp Tamper detecting cases
US10271424B2 (en) 2016-09-26 2019-04-23 International Business Machines Corporation Tamper-respondent assemblies with in situ vent structure(s)
US10299372B2 (en) 2016-09-26 2019-05-21 International Business Machines Corporation Vented tamper-respondent assemblies
US10306753B1 (en) 2018-02-22 2019-05-28 International Business Machines Corporation Enclosure-to-board interface with tamper-detect circuit(s)
US10321589B2 (en) 2016-09-19 2019-06-11 International Business Machines Corporation Tamper-respondent assembly with sensor connection adapter
US10327329B2 (en) 2017-02-13 2019-06-18 International Business Machines Corporation Tamper-respondent assembly with flexible tamper-detect sensor(s) overlying in-situ-formed tamper-detect sensor
US10327343B2 (en) 2015-12-09 2019-06-18 International Business Machines Corporation Applying pressure to adhesive using CTE mismatch between components
US10426037B2 (en) 2015-07-15 2019-09-24 International Business Machines Corporation Circuitized structure with 3-dimensional configuration
US10544923B1 (en) 2018-11-06 2020-01-28 Verifone, Inc. Devices and methods for optical-based tamper detection using variable light characteristics
US10719633B2 (en) 2015-04-29 2020-07-21 Utimaco, Inc. Inhibiting a penetration attack
WO2021067117A1 (en) * 2019-09-30 2021-04-08 Square, Inc. Point of sale device with cradle for mobile computing device
US11122682B2 (en) 2018-04-04 2021-09-14 International Business Machines Corporation Tamper-respondent sensors with liquid crystal polymer layers
US11397835B2 (en) 2014-07-23 2022-07-26 Verifone, Inc. Data device including OFN functionality
US11645427B2 (en) 2020-11-29 2023-05-09 Bank Of America Corporation Detecting unauthorized activity related to a device by monitoring signals transmitted by the device
US11663368B2 (en) 2019-09-30 2023-05-30 Block, Inc. Tamper detection based on removal of fastener from recess
US11665817B2 (en) 2019-09-30 2023-05-30 Block, Inc. Tamper detection based on flexible member connecting circuitry elements

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8037314B2 (en) 2003-12-22 2011-10-11 Intel Corporation Replacing blinded authentication authority
US8924728B2 (en) 2004-11-30 2014-12-30 Intel Corporation Apparatus and method for establishing a secure session with a device without exposing privacy-sensitive information
US9213869B2 (en) 2013-10-04 2015-12-15 Verifone, Inc. Magnetic stripe reading device
US9595174B2 (en) 2015-04-21 2017-03-14 Verifone, Inc. Point of sale terminal having enhanced security

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1988008176A1 (en) * 1987-04-14 1988-10-20 Ido Ag Arrangement for preventing unauthorized access
EP0514708A1 (en) * 1991-05-14 1992-11-25 Siemens Nixdorf Informationssysteme Aktiengesellschaft Safety guard for circuit components and/or data in an electrotechnical apparatus
EP0540376A1 (en) * 1991-09-05 1993-05-05 Societe D'applications Generales D'electricite Et De Mecanique Sagem Device for detecting the unauthorised opening of an apparatus
DE19512266A1 (en) * 1994-09-23 1996-03-28 Rainer Jacob Facility for protection against manipulation e.g. for motor vehicle electronic circuits
EP0860881A2 (en) * 1997-02-24 1998-08-26 General Instrument Corporation Anti-tamper integrated circuit

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1988008176A1 (en) * 1987-04-14 1988-10-20 Ido Ag Arrangement for preventing unauthorized access
EP0514708A1 (en) * 1991-05-14 1992-11-25 Siemens Nixdorf Informationssysteme Aktiengesellschaft Safety guard for circuit components and/or data in an electrotechnical apparatus
EP0540376A1 (en) * 1991-09-05 1993-05-05 Societe D'applications Generales D'electricite Et De Mecanique Sagem Device for detecting the unauthorised opening of an apparatus
DE19512266A1 (en) * 1994-09-23 1996-03-28 Rainer Jacob Facility for protection against manipulation e.g. for motor vehicle electronic circuits
EP0860881A2 (en) * 1997-02-24 1998-08-26 General Instrument Corporation Anti-tamper integrated circuit

Cited By (163)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6895509B1 (en) 2000-09-21 2005-05-17 Pitney Bowes Inc. Tamper detection system for securing data
WO2002028157A1 (en) * 2000-09-26 2002-04-04 Sagem Denmark A/S A box for encapsulating an electronic device, and a method for gluing a circuit board onto the inner surface of a box
US8458464B2 (en) 2000-09-28 2013-06-04 Intel Corporation Mechanism to handle events in a machine with isolated execution
US7124273B2 (en) 2002-02-25 2006-10-17 Intel Corporation Method and apparatus for translating guest physical addresses in a virtual machine environment
US8185734B2 (en) 2002-03-29 2012-05-22 Intel Corporation System and method for execution of a secured environment initialization instruction
US8645688B2 (en) 2002-03-29 2014-02-04 Intel Corporation System and method for execution of a secured environment initialization instruction
US10031759B2 (en) 2002-03-29 2018-07-24 Intel Corporation System and method for execution of a secured environment initialization instruction
US9361121B2 (en) 2002-03-29 2016-06-07 Intel Corporation System and method for execution of a secured environment initialization instruction
US10042649B2 (en) 2002-03-29 2018-08-07 Intel Corporation System and method for execution of a secured environment initialization instruction
US10175994B2 (en) 2002-03-29 2019-01-08 Intel Corporation System and method for execution of a secured environment initialization instruction
US9990208B2 (en) 2002-03-29 2018-06-05 Intel Corporation System and method for execution of a secured environment initialization instruction
WO2004003711A2 (en) * 2002-06-26 2004-01-08 Intel Corporation Sleep attack protection
CN100449558C (en) * 2002-06-26 2009-01-07 英特尔公司 Sleep protection
WO2004003711A3 (en) * 2002-06-26 2004-03-25 Intel Corp Sleep attack protection
US7900017B2 (en) 2002-12-27 2011-03-01 Intel Corporation Mechanism for remapping post virtual machine memory pages
US9971615B2 (en) 2003-09-15 2018-05-15 Intel Corporation Optimizing processor-managed resources based on the behavior of a virtual machine monitor
US8079034B2 (en) 2003-09-15 2011-12-13 Intel Corporation Optimizing processor-managed resources based on the behavior of a virtual machine monitor
US7739521B2 (en) 2003-09-18 2010-06-15 Intel Corporation Method of obscuring cryptographic computations
US8751752B2 (en) 2003-09-30 2014-06-10 Intel Corporation Invalidating translation lookaside buffer entries in a virtual machine system
US8543772B2 (en) 2003-09-30 2013-09-24 Intel Corporation Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US9087000B2 (en) 2003-11-26 2015-07-21 Intel Corporation Accessing private data about the state of a data processing machine from storage that is publicly accessible
US9348767B2 (en) 2003-11-26 2016-05-24 Intel Corporation Accessing private data about the state of a data processing machine from storage that is publicly accessible
US7475474B2 (en) 2004-01-23 2009-01-13 Pitney Bowes Inc. Method of making tamper detection circuit for an electronic device
US7180008B2 (en) 2004-01-23 2007-02-20 Pitney Bowes Inc. Tamper barrier for electronic device
US6996953B2 (en) 2004-01-23 2006-02-14 Pitney Bowes Inc. System and method for installing a tamper barrier wrap in a PCB assembly, including a PCB assembly having improved heat sinking
US7156233B2 (en) 2004-06-15 2007-01-02 Pitney Bowes Inc. Tamper barrier enclosure with corner protection
EP1674962A1 (en) * 2004-12-22 2006-06-28 Frama Ag Device for protecting a data storage circuit arrangement comprising electronic components and a processor
US8533777B2 (en) 2004-12-29 2013-09-10 Intel Corporation Mechanism to determine trust of out-of-band management agents
WO2006092591A1 (en) * 2005-03-01 2006-09-08 Keymat Technology Limited Anti-tampe devices
WO2006119323A3 (en) * 2005-05-03 2007-02-22 Palomar Technology Llc Trusted monitoring system and method
US7526455B2 (en) 2005-05-03 2009-04-28 Palomar Technology, Llc Trusted decision support system and method
US7512583B2 (en) 2005-05-03 2009-03-31 Palomar Technology, Llc Trusted decision support system and method
US8515895B2 (en) 2005-05-03 2013-08-20 Palomar Technology, Llc Trusted decision support system and method
WO2006119323A2 (en) * 2005-05-03 2006-11-09 Palomar Technology, Llc Trusted monitoring system and method
US10504349B2 (en) 2005-05-03 2019-12-10 1997 Irrevocable Trust For Gregory P. Benson Trusted monitoring system and method
US7609159B2 (en) 2005-05-03 2009-10-27 Palomar Technology, Llc Trusted monitoring system and method
US8830053B2 (en) 2005-05-03 2014-09-09 Palomar Technology, Llc Trusted monitoring system and method
US7656286B2 (en) 2005-05-03 2010-02-02 Palomar Technology, Llc Trusted monitoring system and method
EP1746617A1 (en) * 2005-07-20 2007-01-24 Delphi Technologies, Inc. Control assembly with engagement detection means
US7809957B2 (en) 2005-09-29 2010-10-05 Intel Corporation Trusted platform module for generating sealed data
TWI500042B (en) * 2007-10-17 2015-09-11 Valley Device Man Llc Tamper reactive memory device to secure data from tamper attacks
US7945792B2 (en) 2007-10-17 2011-05-17 Spansion Llc Tamper reactive memory device to secure data from tamper attacks
WO2009052385A1 (en) * 2007-10-17 2009-04-23 Spansion Llc Tamper reactive memory device to secure data from tamper attacks
US9329236B2 (en) 2007-11-29 2016-05-03 Verifone Gmbh Device and method for monitoring an integrity of a series-connection of a plurality of switches
US8461990B2 (en) 2007-11-29 2013-06-11 Verifone Gmbh Device for monitoring a space by series-connected normally-open contacts, in particular cover interlock switches in a security enclosure
WO2009068608A1 (en) * 2007-11-29 2009-06-04 Hypercom Gmbh Device for monitoring a space by serially interconnected closing contacts, in particular cover switches in a security housing
US9032222B2 (en) 2008-01-22 2015-05-12 Verifone, Inc. Secure point of sale terminal
US9250709B2 (en) 2008-01-22 2016-02-02 Verifone, Inc. Secure point of sale terminal
US9779270B2 (en) 2008-01-22 2017-10-03 Verifone, Inc. Secured keypad devices
US8595514B2 (en) 2008-01-22 2013-11-26 Verifone, Inc. Secure point of sale terminal
US9436293B2 (en) 2008-01-22 2016-09-06 Verifone, Inc. Secured keypad devices
US9013336B2 (en) 2008-01-22 2015-04-21 Verifone, Inc. Secured keypad devices
US8201267B2 (en) 2008-10-24 2012-06-12 Pitney Bowes Inc. Cryptographic device having active clearing of memory regardless of state of external power
WO2011019496A1 (en) * 2009-08-10 2011-02-17 Apple Inc. Mechanisms for detecting tampering of an electronic device
US8278948B2 (en) 2009-08-10 2012-10-02 Apple Inc. Mechanisms for detecting tampering of an electronic device
US8736286B2 (en) 2009-08-10 2014-05-27 Apple Inc. Mechanisms for detecting tampering of an electronic device
CN102549626A (en) * 2009-08-10 2012-07-04 苹果公司 Mechanisms for detecting tampering of an electronic device
EP2336981A1 (en) * 2009-11-19 2011-06-22 Continental Automotive GmbH Manipulation-proof tacograph device
US8358218B2 (en) 2010-03-02 2013-01-22 Verifone, Inc. Point of sale terminal having enhanced security
US8988233B2 (en) 2010-03-02 2015-03-24 Verifone, Inc. Point of sale terminal having enhanced security
US8760292B2 (en) 2010-03-02 2014-06-24 Verifone, Inc. Point of sale terminal having enhanced security
DE102010012851A1 (en) * 2010-03-25 2011-09-29 Ssp Europe Gmbh Detection device for use in protection device for volatile storage device for detecting access to e.g. personal computer by unauthorized person to protect system against unauthorized access, has connection device contacting two parts
US8330606B2 (en) 2010-04-12 2012-12-11 Verifone, Inc. Secure data entry device
GB2481836A (en) * 2010-07-08 2012-01-11 Keymat Technology Ltd Circuit board connector with drilling tamper detection arrangement
GB2481836B (en) * 2010-07-08 2012-06-13 Keymat Technology Ltd Circuit board connector with drilling tamper detection arrangement
US8137139B2 (en) 2010-07-08 2012-03-20 Keymat Technology Limited Circuit board connector with drilling tamper detection arrangement
US8405506B2 (en) 2010-08-02 2013-03-26 Verifone, Inc. Secure data entry device
US8710987B2 (en) 2010-08-02 2014-04-29 Verifone, Inc. Secure data entry device
US8593824B2 (en) 2010-10-27 2013-11-26 Verifone, Inc. Tamper secure circuitry especially for point of sale terminal
US8621235B2 (en) 2011-01-06 2013-12-31 Verifone, Inc. Secure pin entry device
US8954750B2 (en) 2011-01-06 2015-02-10 Verifone, Inc. Secure PIN entry device
US9792803B2 (en) 2011-01-06 2017-10-17 Verifone, Inc. Secure PIN entry device
US9858446B2 (en) 2011-04-18 2018-01-02 Siemens Aktiengesellschaft Tamper protection device for protecting a field device against tampering
US9390601B2 (en) 2011-07-11 2016-07-12 Verifone, Inc. Anti-tampering protection assembly
US8884757B2 (en) 2011-07-11 2014-11-11 Verifone, Inc. Anti-tampering protection assembly
WO2013010766A1 (en) * 2011-07-18 2013-01-24 Continental Automotive Gmbh Housing
US9076022B2 (en) 2011-10-28 2015-07-07 Stepover Gmbh Method and device for sensing and responding to an unauthorized opening of a biometric trait capture device
DE102011117214A1 (en) * 2011-10-28 2013-05-02 Stepover Gmbh A method for detecting an unauthorized opening of a signature device, signature device and computer system with the same
DE102011117214B4 (en) * 2011-10-28 2016-06-16 Stepover Gmbh A method for detecting an unauthorized opening of a signature device, signature device and computer system with the same
US9691066B2 (en) 2012-07-03 2017-06-27 Verifone, Inc. Location-based payment system and method
US9646472B2 (en) 2012-08-15 2017-05-09 Payment Express Limited Tamper evident systems
EP2717483A1 (en) * 2012-08-31 2014-04-09 Bluebird Soft Inc. Mobile terminal
EP2717483A4 (en) * 2012-08-31 2014-04-09 Bluebird Soft Inc Mobile terminal
US9456512B2 (en) 2012-08-31 2016-09-27 Bluebird Inc. Mobile terminal
EP2924606A1 (en) * 2014-03-28 2015-09-30 Panasonic Intellectual Property Management Co., Ltd. Information processing apparatus
US9760127B2 (en) 2014-03-28 2017-09-12 Panasonic Intellectual Property Management Co., Ltd. Information processing apparatus
US11397835B2 (en) 2014-07-23 2022-07-26 Verifone, Inc. Data device including OFN functionality
JP2017517867A (en) * 2014-09-01 2017-06-29 福建聯迪商用設備有限公司 Connection mechanism for preventing unauthorized disassembly using screws and bonding pads
US9560737B2 (en) 2015-03-04 2017-01-31 International Business Machines Corporation Electronic package with heat transfer element(s)
US10237964B2 (en) 2015-03-04 2019-03-19 International Business Machines Corporation Manufacturing electronic package with heat transfer element(s)
US10719633B2 (en) 2015-04-29 2020-07-21 Utimaco, Inc. Inhibiting a penetration attack
US11687680B2 (en) 2015-04-29 2023-06-27 Utimaco Inc. Inhibiting a penetration attack
US10524362B2 (en) 2015-07-15 2019-12-31 International Business Machines Corporation Circuitized structure with 3-dimensional configuration
US10426037B2 (en) 2015-07-15 2019-09-24 International Business Machines Corporation Circuitized structure with 3-dimensional configuration
US10395067B2 (en) 2015-09-25 2019-08-27 International Business Machines Corporation Method of fabricating a tamper-respondent sensor assembly
US10098235B2 (en) 2015-09-25 2018-10-09 International Business Machines Corporation Tamper-respondent assemblies with region(s) of increased susceptibility to damage
US9911012B2 (en) 2015-09-25 2018-03-06 International Business Machines Corporation Overlapping, discrete tamper-respondent sensors
US9913416B2 (en) 2015-09-25 2018-03-06 International Business Machines Corporation Enclosure with inner tamper-respondent sensor(s) and physical security element(s)
US9717154B2 (en) 2015-09-25 2017-07-25 International Business Machines Corporation Enclosure with inner tamper-respondent sensor(s)
US9924591B2 (en) 2015-09-25 2018-03-20 International Business Machines Corporation Tamper-respondent assemblies
US9936573B2 (en) 2015-09-25 2018-04-03 International Business Machines Corporation Tamper-respondent assemblies
US10264665B2 (en) 2015-09-25 2019-04-16 International Business Machines Corporation Tamper-respondent assemblies with bond protection
US10178818B2 (en) 2015-09-25 2019-01-08 International Business Machines Corporation Enclosure with inner tamper-respondent sensor(s) and physical security element(s)
US10257939B2 (en) 2015-09-25 2019-04-09 International Business Machines Corporation Method of fabricating tamper-respondent sensor
US9591776B1 (en) 2015-09-25 2017-03-07 International Business Machines Corporation Enclosure with inner tamper-respondent sensor(s)
US9578764B1 (en) 2015-09-25 2017-02-21 International Business Machines Corporation Enclosure with inner tamper-respondent sensor(s) and physical security element(s)
US9913362B2 (en) 2015-09-25 2018-03-06 International Business Machines Corporation Tamper-respondent assemblies with bond protection
US10378924B2 (en) 2015-09-25 2019-08-13 International Business Machines Corporation Circuit boards and electronic packages with embedded tamper-respondent sensor
US10685146B2 (en) 2015-09-25 2020-06-16 International Business Machines Corporation Overlapping, discrete tamper-respondent sensors
US10378925B2 (en) 2015-09-25 2019-08-13 International Business Machines Corporation Circuit boards and electronic packages with embedded tamper-respondent sensor
US9894749B2 (en) 2015-09-25 2018-02-13 International Business Machines Corporation Tamper-respondent assemblies with bond protection
US10271434B2 (en) 2015-09-25 2019-04-23 International Business Machines Corporation Method of fabricating a tamper-respondent assembly with region(s) of increased susceptibility to damage
US10172239B2 (en) 2015-09-25 2019-01-01 International Business Machines Corporation Tamper-respondent sensors with formed flexible layer(s)
US10624202B2 (en) 2015-09-25 2020-04-14 International Business Machines Corporation Tamper-respondent assemblies with bond protection
US10331915B2 (en) 2015-09-25 2019-06-25 International Business Machines Corporation Overlapping, discrete tamper-respondent sensors
US10168185B2 (en) 2015-09-25 2019-01-01 International Business Machines Corporation Circuit boards and electronic packages with embedded tamper-respondent sensor
US10334722B2 (en) 2015-09-25 2019-06-25 International Business Machines Corporation Tamper-respondent assemblies
US10175064B2 (en) 2015-09-25 2019-01-08 International Business Machines Corporation Circuit boards and electronic packages with embedded tamper-respondent sensor
US10143090B2 (en) 2015-10-19 2018-11-27 International Business Machines Corporation Circuit layouts of tamper-respondent sensors
US10136519B2 (en) 2015-10-19 2018-11-20 International Business Machines Corporation Circuit layouts of tamper-respondent sensors
US9978231B2 (en) 2015-10-21 2018-05-22 International Business Machines Corporation Tamper-respondent assembly with protective wrap(s) over tamper-respondent sensor(s)
US9913389B2 (en) 2015-12-01 2018-03-06 International Business Corporation Corporation Tamper-respondent assembly with vent structure
US10251288B2 (en) 2015-12-01 2019-04-02 International Business Machines Corporation Tamper-respondent assembly with vent structure
US10327343B2 (en) 2015-12-09 2019-06-18 International Business Machines Corporation Applying pressure to adhesive using CTE mismatch between components
US9555606B1 (en) 2015-12-09 2017-01-31 International Business Machines Corporation Applying pressure to adhesive using CTE mismatch between components
US9661747B1 (en) 2015-12-18 2017-05-23 International Business Machines Corporation Tamper-respondent assemblies with enclosure-to-board protection
US10172232B2 (en) 2015-12-18 2019-01-01 International Business Machines Corporation Tamper-respondent assemblies with enclosure-to-board protection
US9877383B2 (en) 2015-12-18 2018-01-23 International Business Machines Corporation Tamper-respondent assemblies with enclosure-to-board protection
US9554477B1 (en) 2015-12-18 2017-01-24 International Business Machines Corporation Tamper-respondent assemblies with enclosure-to-board protection
US10169967B1 (en) 2016-02-25 2019-01-01 International Business Machines Corporation Multi-layer stack with embedded tamper-detect protection
US10217336B2 (en) 2016-02-25 2019-02-26 International Business Machines Corporation Multi-layer stack with embedded tamper-detect protection
US9916744B2 (en) 2016-02-25 2018-03-13 International Business Machines Corporation Multi-layer stack with embedded tamper-detect protection
US10115275B2 (en) 2016-02-25 2018-10-30 International Business Machines Corporation Multi-layer stack with embedded tamper-detect protection
US10169968B1 (en) 2016-02-25 2019-01-01 International Business Machines Corporation Multi-layer stack with embedded tamper-detect protection
US10169624B2 (en) 2016-04-27 2019-01-01 International Business Machines Corporation Tamper-proof electronic packages with two-phase dielectric fluid
US9904811B2 (en) 2016-04-27 2018-02-27 International Business Machines Corporation Tamper-proof electronic packages with two-phase dielectric fluid
US10535618B2 (en) 2016-05-13 2020-01-14 International Business Machines Corporation Tamper-proof electronic packages with stressed glass component substrate(s)
US10257924B2 (en) 2016-05-13 2019-04-09 International Business Machines Corporation Tamper-proof electronic packages formed with stressed glass
US10177102B2 (en) 2016-05-13 2019-01-08 International Business Machines Corporation Tamper-proof electronic packages with stressed glass component substrate(s)
US9881880B2 (en) 2016-05-13 2018-01-30 International Business Machines Corporation Tamper-proof electronic packages with stressed glass component substrate(s)
US9913370B2 (en) 2016-05-13 2018-03-06 International Business Machines Corporation Tamper-proof electronic packages formed with stressed glass
US10535619B2 (en) 2016-05-13 2020-01-14 International Business Machines Corporation Tamper-proof electronic packages with stressed glass component substrate(s)
US10242543B2 (en) 2016-06-28 2019-03-26 International Business Machines Corporation Tamper-respondent assembly with nonlinearity monitoring
US9858776B1 (en) 2016-06-28 2018-01-02 International Business Machines Corporation Tamper-respondent assembly with nonlinearity monitoring
US10321589B2 (en) 2016-09-19 2019-06-11 International Business Machines Corporation Tamper-respondent assembly with sensor connection adapter
US10299372B2 (en) 2016-09-26 2019-05-21 International Business Machines Corporation Vented tamper-respondent assemblies
US10271424B2 (en) 2016-09-26 2019-04-23 International Business Machines Corporation Tamper-respondent assemblies with in situ vent structure(s)
US10667389B2 (en) 2016-09-26 2020-05-26 International Business Machines Corporation Vented tamper-respondent assemblies
US9999124B2 (en) 2016-11-02 2018-06-12 International Business Machines Corporation Tamper-respondent assemblies with trace regions of increased susceptibility to breaking
US10327329B2 (en) 2017-02-13 2019-06-18 International Business Machines Corporation Tamper-respondent assembly with flexible tamper-detect sensor(s) overlying in-situ-formed tamper-detect sensor
US20190095656A1 (en) * 2017-09-26 2019-03-28 Hewlett Packard Enterprise Development Lp Tamper detecting cases
US10489614B2 (en) 2017-09-26 2019-11-26 Hewlett Packard Enterprise Development Lp Tamper detecting cases
US10306753B1 (en) 2018-02-22 2019-05-28 International Business Machines Corporation Enclosure-to-board interface with tamper-detect circuit(s)
US10531561B2 (en) 2018-02-22 2020-01-07 International Business Machines Corporation Enclosure-to-board interface with tamper-detect circuit(s)
US11083082B2 (en) 2018-02-22 2021-08-03 International Business Machines Corporation Enclosure-to-board interface with tamper-detect circuit(s)
US11122682B2 (en) 2018-04-04 2021-09-14 International Business Machines Corporation Tamper-respondent sensors with liquid crystal polymer layers
US10544923B1 (en) 2018-11-06 2020-01-28 Verifone, Inc. Devices and methods for optical-based tamper detection using variable light characteristics
WO2021067117A1 (en) * 2019-09-30 2021-04-08 Square, Inc. Point of sale device with cradle for mobile computing device
US11663368B2 (en) 2019-09-30 2023-05-30 Block, Inc. Tamper detection based on removal of fastener from recess
US11665817B2 (en) 2019-09-30 2023-05-30 Block, Inc. Tamper detection based on flexible member connecting circuitry elements
US11797970B2 (en) 2019-09-30 2023-10-24 Block, Inc. Point of sale device with cradle for mobile computing device
US11847631B2 (en) 2019-09-30 2023-12-19 Block, Inc. Point of sale device with cradle for computing device
US11645427B2 (en) 2020-11-29 2023-05-09 Bank Of America Corporation Detecting unauthorized activity related to a device by monitoring signals transmitted by the device

Also Published As

Publication number Publication date
WO2001063994A3 (en) 2002-04-18
AU2001239854A1 (en) 2001-09-03

Similar Documents

Publication Publication Date Title
WO2001063994A2 (en) Tamper proof case for electronic devices having memories with sensitive information
US5027397A (en) Data protection by detection of intrusion into electronic assemblies
US8006101B2 (en) Radio transceiver or other encryption device having secure tamper-detection module
US6512454B2 (en) Tamper resistant enclosure for an electronic device and electrical assembly utilizing same
US5760690A (en) Portable computer with integrated alarm system
US6396400B1 (en) Security system and enclosure to protect data contained therein
US5317304A (en) Programmable microprocessor based motion-sensitive alarm
US6072393A (en) Anti-theft alarm for portable electrically operated devices
US4797663A (en) Portable security monitor and time recording
US20120198242A1 (en) Data protection when a monitor device fails or is attacked
KR100988414B1 (en) Data security apparatus
US8732860B2 (en) System and method for securing data to be protected of a piece of equipment
CN103093530A (en) Laser lock and key
WO2002095550A2 (en) A security device useful for physically securing digital data storage media, and a method of use thereof
CN112231781A (en) Anti-theft method for edge computing server and server
US6489890B1 (en) Security device
US6275151B1 (en) Cognitive intelligence carrying case
CN109522732A (en) A kind of server of encrypted antitheft
CN111950011A (en) Information protection device
JP2002189635A (en) Memory
CN212586888U (en) Trigger structure for self-destruction of illegal shutdown data
CN115292762A (en) Method for opening and closing active data self-destruction under system power-off state
CN100357864C (en) Keyboard encrypting method
RU2210807C2 (en) Information protection device
CN214098427U (en) Storage device capable of being automatically destroyed

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP