WO1998048339A1 - Touchpad security device - Google Patents

Touchpad security device Download PDF

Info

Publication number
WO1998048339A1
WO1998048339A1 PCT/US1998/007931 US9807931W WO9848339A1 WO 1998048339 A1 WO1998048339 A1 WO 1998048339A1 US 9807931 W US9807931 W US 9807931W WO 9848339 A1 WO9848339 A1 WO 9848339A1
Authority
WO
WIPO (PCT)
Prior art keywords
security
computer
signal
touchpad
data
Prior art date
Application number
PCT/US1998/007931
Other languages
French (fr)
Inventor
Josef Frisch
John Platt
Original Assignee
Synaptics, Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Synaptics, Incorporated filed Critical Synaptics, Incorporated
Publication of WO1998048339A1 publication Critical patent/WO1998048339A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect

Definitions

  • the present invention relates to computer security devices. More particularly, the present invention relates to a computer security device which permits a computer "touchpad” input device to be used to prevent computer theft and to provide software and data security.
  • Computer security includes application security, data security, theft security, and network security.
  • Application security is a term which describes devices or methods which prevent the unauthorized use of a software product.
  • Data security is a term which describes devices or methods which prevent an unauthorized person from extracting data stored on a computer disk.
  • Theft security is a term which describes devices or methods which reduce the likelihood of computer theft.
  • Network security describes devices or methods which prevent an unauthorized person from accessing a local area network.
  • printer port dongles Another prior art technology for computer security is printer port dongles. These devices are attached to the parallel port of a computer and respond with a password sequence when queried by appropriate software.
  • An example of this type of device is the "HASP" key, manufactured by Aladdin Knowledge Systems Ltd.
  • a second example is the "WIBU-BOX” manufactured by WIBU- systems AG.
  • a third example is disclosed in United States Patent No. 5,386,369, issued to Christiano.
  • These devices have several drawbacks.
  • One drawback is that these dongles typically are inconveniently large for use on a notebook computer.
  • Another drawback is that it is difficult to attach and remove a dongle, so users typically leave the dongle connected to the computer. As can readily be appreciated, this practice renders the dongle useless for data or theft security.
  • a further prior art technology for computer security is the use of electronic keys.
  • An electronic key uses a portable electronic device which is attached to the computer to provide a password to the computer system. These electronic devices are attached to the computer systems through a parallel port, a serial port, or a SCSI bus.
  • An example of this type of device is the "iButton" manufactured by Dallas Semiconductor and disclosed in United
  • a touchpad is a computer input device which senses the position of the user's finger or stylus and allows the user to operate within the computer system environment in a way similar to that of a conventional computer mouse.
  • Touchpads can either be built into portable computers, or be built into computer keyboards so the touchpad is flat and external to the computer.
  • One example of a touchpad is the touchpad manufactured by Synaptics corporation.
  • the present invention is described with respect to the operating parameters of the Synaptics touchpad, the present invention is applicable to a variety of other touchpads which operate in a fashion similar to the Synaptics touchpad.
  • the invention comprises an electronic key which allows a bit pattern to be input to a computer through a touchpad, and software which resides in the computer to decode the signals from the touchpad.
  • the bit pattern would be used as a security key.
  • the key could be used to enable operation of a notebook computer for use as a theft prevention device, to encrypt files on the computer disk as a data security device, or to serve as a dongle for application security or network security.
  • the preferred embodiment of this invention is capable of transmitting at approximately 25 bits per second.
  • the touchpad measures the position of an applied object or finger.
  • Touchpads can measure the location of an applied object by measuring capacitance as a function of position. The location of an applied object is found by locating a peak or center-of-mass of the capacitance of the applied object. As is known by those skilled in the art, various algorithms can be used to determine the position of the applied object from the measured capacitance. Hereinafter, a "location of capacitance" will refer to the result of an algorithm, such as the peak detection or center-of-mass detection algorithm, applied to the capacitance as a function of position on the touchpad.
  • the invention contains one or more conductive pads arranged on a planar surface which is placed against the touchpad sensing surface.
  • An electronic circuit of the invention grounds or disconnects these pads in a sequence to provide a time varying location and/or total capacitance signal.
  • the location signal is composed of an X-axis signal and a Y-axis signal.
  • Software in the computer decodes location and/or total capacitance signal to extract a digital signal.
  • the security software must reside in the system BIOS.
  • the security software can run as either a "driver” or standard application program.
  • this invention uses an electronic key and security software to provide security for a computer that is coupled to a touchpad.
  • the computer security includes application security, data security, and computer theft security and network security.
  • the electronic key generates a security signal, containing a security code, on the touchpad.
  • the security software then receives the security signal and converts it to a binary signal.
  • the security code is extracted from the binary signal. The validity of the security code is verified. If the security code is valid a computer security operation is enabled.
  • a feature of the invention includes a security system for a computer that is coupled to a touchpad, the security system having an electronic key for transmitting a security signal containing a security code to the touchpad, and a security program installed in the computer and interfaced with the touchpad such that the security program decodes the security signal and enables a computer operation upon verification of a validity of the security code.
  • Another feature of the invention includes a security system installed in a computer that is coupled to a touchpad, the security system having means for generating a security signal carrying a security code on the touchpad, means for collecting the security signal from the touchpad, means for generating a binary signal responsive to the security code carried by the security signal, means for scanning the binary signal to locate a starting point of the binary signal, means for extracting the security code from the binary signal, means for verifying validity of the security code, and means for enabling a computer function in the computer responsive to verification of the validity of the security code.
  • FIG. 1 is a flow chart illustrating a preferred method for computer security.
  • FIG. 2(a) is a top plan view of a first embodiment of the present invention.
  • FIG. 2(b) is a side elevational view of the first embodiment of the present invention shown in FIG. 2(a).
  • FIG. 3(a) is a top plan view of a second embodiment of the present invention.
  • FIG. 3(b) is a side elevational view of the second embodiment of the present invention shown in FIG. 3(a).
  • FIG. 4(a) is a top view of a third embodiment of the present invention.
  • FIG. 4(b) is a side elevational view of the third embodiment of the present invention shown in FIG. 4(a).
  • FIG. 5 is a block diagram illustrating the electronic system used in the first embodiment of the present invention shown in FIGS. 2(a) and 2(b).
  • FIG. 6 is a diagram illustrating the data format used by the first embodiment of the present invention.
  • FIG. 7 illustrates a typical signal outputted by the electrical key and measured by the touchpad.
  • FIG. 8 is a flowchart illustrating the software component of the first embodiment of the present invention.
  • FIG. 9 is a flowchart illustrating the data threshold function of the software component of the first embodiment of the present invention.
  • FIG. 10 is a flowchart illustrating the header detection function of the software component of the first embodiment of the present invention.
  • FIG. 1 1 is a flowchart illustrating the key sequence extraction function of the software component of the first embodiment of the invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • FIG. 1 a method for computer security utilizing the hardware and software components of the present invention is illustrated.
  • the software component is added to the non-rewritable portion of the BIOS program which is started when the computer is turned on.
  • the software component is called by the application program when the application program starts.
  • the software component is called by the operating system when an attempt is made to access a protected file.
  • the software component is called by the network client software when an attempt is made to access a computer network.
  • the security software is started 1001 .
  • the security software will be automatically started when the computer is turned on.
  • the application program will start the security software when the application program is started.
  • the operating system will start the security software when an attempt is made to access a protected file.
  • the operating system will start the security software when an attempt is made to access a computer network.
  • the electronic key After the user places the electronic key on the touchpad, the electronic key begins to continuously transmit a security code to the computer through the touchpad.
  • the security software records and decodes the security code sent by the electronic key 1003.
  • the security software instructs the user to remove the electronic key from the touchpad 1005. Removing the electronic key from the touchpad prevents the electronic device from causing unintended cursor motion after security software terminates.
  • the touchpad driver software can constantly monitor for the characteristic security signal and repress unwanted cursor motion while the security signal is detected.
  • the security software verifies the validity of security code recorded from the electronic key 1006. This verification may be performed by comparing the transmitted security code with a stored security code stored locally on the computer.
  • a more complex system uses a "trapdoor” algorithm which eliminates the need for the stored security code.
  • "Trapdoor” algorithms are well known by those skilled in the art. If the security code transmitted by the electronic key is determined to be valid 1007, the software will allow the protected operation to occur. For theft security, the software will allow the computer to start or operate normally. For application security, the software will allow the protected software to execute. For data security, the software will allow the data file to be read. For network security, the software will allow access to the computer network. If the code transmitted by the electronic key is determined to be invalid 1008, the software will not allow the protected operation to occur and will inform the user of an error.
  • the electronic key 100 is sized to be slightly smaller than the active surface of the touchpad 201 on which it is placed.
  • a typical Synaptics touchpad has an active surface area of about 60 mm X 40 mm. Therefore, the electronic key used with this touchpad would be sized to have external dimensions of 58 mm X 38 mm.
  • Maintaining this dimensional relationship between the touchpad 201 and the electronic key 100 ensures that the electronic key 100 is aligned with the touchpad 201 within a range of approximately 10 degrees.
  • the electronic key 100 contains four electrical contacts 101 arranged in a rectangular formation on the lower surface of the electronic key 100.
  • a surface area of the electrical contacts 101 must be able to be placed flat against the surface of the touchpad 201.
  • the surface area of each contact 101 is approximately 10mm X 10mm to ensure that a capacitance provided to the touchpad 201 by each contact 101 is similar to that of a finger.
  • the surface area of the contacts 101 may be bare metal, stiff conductive rubber, or may be covered with a thin protective insulating coat. If the thin protective coating is used it must be sufficiently thin to not substantially reduce the capacitance from the contact 101 to the touchpad 201. Typically, an insulating coating of less than 0.03 mm does not substantially reduce the capacitance.
  • the electronic key 100 also contains a micro controller 102 which is electrically connected to the electrical contacts 101 .
  • the micro controller 102 is pre-programmed to ground or isolate the electrical contacts 101 in a predetermined sequence.
  • a PIC16C54 micro controller manufactured by Microchip, can be used to perform this function.
  • the PIC16C54 micro controller provides low power operation, one time programmable memory, and tri-state outputs which can directly drive the electrical contacts 101 .
  • Those of ordinary skill in the art will recognize that a wide variety of circuits can perform the sequencing function. Selection of the circuit to be used will be based on the specific application requirements of the subject electronic key such as power consumption, re-programmability, and cost.
  • a block diagram illustrating the electronic system of the electronic key 100 is shown.
  • the micro controller 102 is normally left un-powered to conserve battery power supplied by a battery 103.
  • the operator depresses a switch or button 104. This completes the electrical circuit between the battery 103 and the microprocessor 102, and provides a connection between the system ground 105 and the operator's finger.
  • the preprogrammed micro controller 102 then grounds or disconnects the electrical contacts 101 in a continuous predetermined sequence.
  • a data pattern produced by the electronic key 100 on the touchpad 201 is shown.
  • the electrical contacts 101 are grounded in a predetermined pattern.
  • This predetermined pattern causes the X and Y location of the capacitance of the electrical contacts 101 to move.
  • This movement of the location of the capacitance produces a data pattern 300 on the X axis signal of the touchpad 201 and a data pattern 302 on the Y axis signal of the touchpad 201 .
  • the X and Y axis data 300 and 302 is restricted to a maximum run length (number of identical bits in sequence) of 4 bits (note that this slightly reduces the number of effective bits in the code since a larger run length would permit additional bits).
  • the X axis data includes a "header” pulse 304 which is an 8 bit long logic “1 " , with a logic “0” bit 306 and a logic “1 " bit 308 appended to each end.
  • the "header” pulse 304 allows the security software in the computer to synchronize to the data pattern produced by the electronic key 100.
  • the header pulse 304, and a 40 bit security data 310 and 31 2 is transmitted from the electronic key 100 to the security program through the touchpad 201 in approximately 1 second, at a 25Hz bit rate. Since the data transmission from the electronic key 100 is asynchronous with the data acquisition of the touchpad, data must be collected over a sufficient time period to ensure the acquisition of the complete header 304 and security data sequence 310 and 312. In practice, a collection time period of approximately 2 seconds is required.
  • a typical capacitance signal received by the security software through the touchpad 201 from the electronic key 100 is illustrated. This figure is included to clarify the description of the algorithm used by the security software to covert the preprogrammed sequence of grounds transmitted by the electronic key 100 into a security code which can be checked for validity by the security software.
  • the touchpad 201 records data at an 80Hz bit rate and the electronic key 100 transmits data at an approximately 25Hz bit rate.
  • the security software must recognize the bit pattern transmitted by the electronic key, and verify the electronic key's authenticity by checking the validity of the bit pattern.
  • the form of the security software will depend on the intended security application. For application security, the security software can run as a program that is called by the secured application. For network security, the security software can be part of the network client software. For data security, the security software should be installed as a driver to allow encryption and decryption of data as it is written to and read from the disk. For theft security, the security software must reside in the computer's non- reprogrammable BIOS so the entire computer is disabled if the proper security code or bit pattern is not provided.
  • the security software contains several functions which process the data stream from the touchpad in series. As shown by the flowchart in Fig. 8, these functions are data acquisition 2100, data thresholding 2200, header detection 2300, key sequence extraction 2400, and key verification 2500.
  • the security software must read the X and Y data produced by the touchpad 201 in response to the sequence of grounds transmitted by the electronic key 100.
  • the X and Y data is available to the security software through a set of software interface routines.
  • the data acquisition function 2100 records the
  • the data acquisition function also checks the X and Y data to ensure that all the values that are recorded are within reasonable ranges.
  • the data thresholding function 2200 of the security software converts the data recorded by the data acquisition function 2100 into a binary bit pattern.
  • the data thresholding function 2200 does this conversion by operating independently on the X data and Y data.
  • the data thresholding function 2200 calculates the change in the data on each 80 Hz sample (see Fig. 7) and then looks for the maximum positive going change. The maximum change is then divided by a fixed factor (a factor 5 in the preferred embodiment) to obtain a data threshold (2201 ).
  • the data thresholding function 2200 then loops through all of the data points in each sample (2202) to convert the detected changes in the data into binary logic "0" and "1 ". During each loop 2202 the change in data in the current sample is calculated and compared to the data threshold (2203). If the change in data in the current sample is smaller than the data threshold, the binary data output is set to the same value as the previous binary data output (2205), and the loop 2202 continues to the next sample. If the change in data in the current sample is larger than the data threshold, the security software compares the change in the current sample with the change calculated in the next sample (2204).
  • the binary data output is set to the same value as the previous binary data output (2205) and the loop 2202 continues to the next sample. If the change in data in the current sample is larger than the change calculated in the next sample, the data thresholding function 2200 checks to see if the change was positive or negative (2206). If the change is positive (2207), the binary data output is set to "1 ", and the loop 2202 continues to the next sample. If the change is negative (2208), the binary data output data is set to "0", and the loop 2202 continues to the next sample.
  • the header detection function 2300 analyzes the binary data output produced by the data thresholding function 2200 to locate the position and length of the "header" pulse in the X data.
  • the header detection function 2300 scans through the binary output data to locate the longest positive pulse (2301 ). This pulse is then assumed to be the 8 cycle long header. The header detection function then records the starting position of the header pulse (2302). The length of the header pulse is divided by the header length (preferably 8 bits as discussed above) to calculate the "reference length" for the recorded data. The length of the pulse is checked to ensure that it is within the expected range (2303). If the length of the pulse is not within the expected range, the header detection function 2300 returns an error signal (2304). The header detection function 2300 also calculates the length of the "0" pulse following the header pulse to check that the "0" pulse is 1 cycle long (2305).
  • the header detection function 2300 returns the starting position and header pulse length to the security program (2306). Note that the header and time base information from the X data are used to synchronize the decoding of both X data and Y data. This allows the Y axis to be used to transmit data during the header transmission on the X axis.
  • the key sequence extraction function 2400 analyzes the data produced by the data thresholding function 2300, and, with the use of the reference length and header start position calculated by the header detection function 2400, calculates the bit stream transmitted by the electronic key.
  • the key sequence extraction function 2400 operates independently on the X data and the Y data.
  • the key sequence extraction function 2400 starts at the data point corresponding to the start of the header (2401 ).
  • the function loops through all of the data until the end of the input data is reached (2402).
  • the function records the number of sequential pulses without a change in data value to record an input pulse length (2403).
  • the input length is divided by the "reference length” recorded by the header detection function (see Fig. 10), to obtain an output pulse length (2404).
  • a number of "1 "s, or "0"s corresponding to the output pulse length is set in the output data pattern. These bits are set in sequence from the beginning of the output data pattern.
  • a "1 " or “0” is chosen based on whether the input pulse was composed of "1 " or “0” (2405).
  • the output data pattern is checked to see if all of the bits in the output data pattern have been set (2406). If all of the bits in the output data pattern have been set, the recorded output data is returned (2407) by the key sequence extraction function 2400 to the key verification function 2500 as shown in Fig. 8. If all the bits in the output data pattern have not been set, the key sequence extraction function 2400 continues to loop through the input data (2402).
  • the function returns to the "header start” position in the input data (2408).
  • the key sequence extraction function then loops backwards through the input data, starting at the "header start” position (2409).
  • the number of sequential input pulses without a change in data value are recorded to determine the input pulse length (241 1 ).
  • the input pulse length is then divided by the "reference length” to obtain the output pulse length (2412).
  • a number of bits in the output data pattern are set equal to output pulse length (2413). The bits are set starting from the end of the output bit pattern towards the start of the output bit pattern. If all of the output bits have been set (2414), the output bit pattern is returned (2407) to the key verification function 2500, as shown in Fig.
  • the key extraction function continues to scan backwards through the input data (2409). If the start of the input data is reached before all of the bits in the output bit pattern have been set, the key extraction function 2400 returns an error (2410) to the electronic key. This error indicates that the input data pattern was not long enough to contain a complete key sequence.
  • the key verification function 2500 checks the output bit pattern from the key sequence extraction function 2400 to see if the output bit pattern is valid.
  • the most direct method to check the validity is to directly compare the output bit pattern recorded by the key sequence extraction function with a master bit pattern stored in the computer.
  • the choice of an encryption method will be based on the specific requirements of the computer application.
  • a second embodiment of the electronic key 100 is shown.
  • the second embodiment only two electrical contacts 101 are used instead of the four electrical contacts used in the first embodiment of the invention.
  • the location of capacitance is controlled in only a single direction X or Y, instead of the pair of directions X and Y used in the first embodiment.
  • An advantage of the second embodiment over the first embodiment is that the second embodiment of the invention is physically smaller since an electronic key having only two pads requires a surface area of 56mm X 12mm.
  • the second embodiment has a disadvantage since the maximum data rate of the second embodiment is approximately 1 /z the data rate of the first embodiment.
  • the construction of the electronic key 100 in the second embodiment is nearly identical to the construction of the electronic key in the first embodiment, except that only two electrical contacts 101 are used.
  • the control circuitry (illustrated in Fig. 5) remains the same.
  • the software component of the electronic key in the second embodiment of the invention is nearly identical to the software component of the first embodiment except that only a single axis of data X is produced. Therefore, the portions of the security software which operate on the Y data in the first embodiment are removed from the security software in the second embodiment.
  • a third embodiment of the invention is shown.
  • the electronic key 100 is nearly identical to that of the second embodiment, except that a single electrical contact 101 is used.
  • the micro controller 102 alternately grounds and disconnects the electrical contact 101 .
  • the advantage of the third embodiment of the invention over the second embodiment is that the electronic key 100 in the third embodiment is smaller since an electronic key having one electrical contact only requires a surface area of 12mm X 12mm.
  • a disadvantage is that the touchpad 201 has a higher probability of producing an incorrect total capacitance reading than it does of producing an incorrect capacitance location reading. This results in a less reliable data transmission in the third embodiment than in the first and second embodiments.
  • the security software will measure the total capacitance Z data from the touchpad.
  • the data processing for the Z data will be identical to the data processing for the X data in the second embodiment.

Abstract

Use of an electronic key (100) and security software to provide security for a computer that is coupled to a touchpad (201). The computer security includes application security, data security, computer theft security and network security. In a preferred embodiment, the electronic key (100) generates a security signal and converts it to a binary signal. The security code is extracted from the binary signal. The validity of the security code is verified. If the security code is valid a computer security operation is enabled.

Description

TOUCHPAD SECURITY DEVICE
FIELD OF THE INVENTION
The present invention relates to computer security devices. More particularly, the present invention relates to a computer security device which permits a computer "touchpad" input device to be used to prevent computer theft and to provide software and data security.
BACKGROUND OF THE INVENTION
Providing computer security has become increasingly important as computers are increasingly used to facilitate both work tasks and personal life. Computer security includes application security, data security, theft security, and network security. Application security is a term which describes devices or methods which prevent the unauthorized use of a software product. Data security is a term which describes devices or methods which prevent an unauthorized person from extracting data stored on a computer disk. Theft security is a term which describes devices or methods which reduce the likelihood of computer theft. Network security describes devices or methods which prevent an unauthorized person from accessing a local area network.
While there are several prior art technologies used to provide computer security, each prior art technology has drawbacks. One prior art technology is the use of passwords. Although passwords are widely used, one drawback encountered is the possibility that user may choose an easy to remember, but insecure, password or may forget the chosen password. Another drawback to using passwords is that many users dislike typing long passwords.
Another prior art technology for computer security is printer port dongles. These devices are attached to the parallel port of a computer and respond with a password sequence when queried by appropriate software. An example of this type of device is the "HASP" key, manufactured by Aladdin Knowledge Systems Ltd. A second example is the "WIBU-BOX" manufactured by WIBU- systems AG. A third example is disclosed in United States Patent No. 5,386,369, issued to Christiano. These devices have several drawbacks. One drawback is that these dongles typically are inconveniently large for use on a notebook computer. Another drawback is that it is difficult to attach and remove a dongle, so users typically leave the dongle connected to the computer. As can readily be appreciated, this practice renders the dongle useless for data or theft security.
A further prior art technology for computer security is the use of electronic keys. An electronic key uses a portable electronic device which is attached to the computer to provide a password to the computer system. These electronic devices are attached to the computer systems through a parallel port, a serial port, or a SCSI bus. An example of this type of device is the "iButton" manufactured by Dallas Semiconductor and disclosed in United
States Patent No. 5,587,955, issued to Lee et al. Another example is disclosed in United States Patent No. 4,529,870, issued to Chaum. A further example is disclosed in United States Patent No. 5,606,615, issued to Lapointe et al. One drawback in using these electronic keys is the necessity of having special hardware in the computer to read the password transmitted by the portable electronic device.
Touchpads have recently been incorporated into computer systems. A touchpad is a computer input device which senses the position of the user's finger or stylus and allows the user to operate within the computer system environment in a way similar to that of a conventional computer mouse.
Touchpads can either be built into portable computers, or be built into computer keyboards so the touchpad is flat and external to the computer. One example of a touchpad is the touchpad manufactured by Synaptics corporation. Although the present invention is described with respect to the operating parameters of the Synaptics touchpad, the present invention is applicable to a variety of other touchpads which operate in a fashion similar to the Synaptics touchpad.
OBJECTS QF THE INVENTION
It is an object of the present invention to provide a touchpad security device which overcomes the drawbacks of the prior art.
It is another object of the present invention to provide a touchpad security device which prevents the unauthorized use of a software product by requiring that a physical key be present in order for the software product to be used.
It is yet another object of the present invention to provide a touchpad security device which prevents an unauthorized person from extracting data stored on a computer disk by encrypting the data on the disk and only allowing decryption with use of a physical key.
It is another object of the invention to provide a touchpad security device which prevents unauthorized access to a computer network by requiring that a physical key be present in order to access the computer network.
It is a further object of the invention to provide a touchpad security device which reduces the likelihood of a computer being stolen by rendering the computer nonfunctional, and therefore less valuable, if it is stolen.
These and other objects of the present invention will become apparent to one skilled in the art in view of the figures and the description of the figures given below.
SUMMARY OF THE INVENTION
The invention comprises an electronic key which allows a bit pattern to be input to a computer through a touchpad, and software which resides in the computer to decode the signals from the touchpad. The bit pattern would be used as a security key. The key could be used to enable operation of a notebook computer for use as a theft prevention device, to encrypt files on the computer disk as a data security device, or to serve as a dongle for application security or network security. The preferred embodiment of this invention is capable of transmitting at approximately 25 bits per second.
The touchpad measures the position of an applied object or finger.
Touchpads can measure the location of an applied object by measuring capacitance as a function of position. The location of an applied object is found by locating a peak or center-of-mass of the capacitance of the applied object. As is known by those skilled in the art, various algorithms can be used to determine the position of the applied object from the measured capacitance. Hereinafter, a "location of capacitance" will refer to the result of an algorithm, such as the peak detection or center-of-mass detection algorithm, applied to the capacitance as a function of position on the touchpad. The invention contains one or more conductive pads arranged on a planar surface which is placed against the touchpad sensing surface. An electronic circuit of the invention grounds or disconnects these pads in a sequence to provide a time varying location and/or total capacitance signal. The location signal is composed of an X-axis signal and a Y-axis signal. Software in the computer decodes location and/or total capacitance signal to extract a digital signal. For notebook computer theft security, the security software must reside in the system BIOS.
For software, data and network security applications the security software can run as either a "driver" or standard application program.
Briefly stated, this invention uses an electronic key and security software to provide security for a computer that is coupled to a touchpad. The computer security includes application security, data security, and computer theft security and network security. In a preferred embodiment the electronic key generates a security signal, containing a security code, on the touchpad. The security software then receives the security signal and converts it to a binary signal. The security code is extracted from the binary signal. The validity of the security code is verified. If the security code is valid a computer security operation is enabled.
A feature of the invention includes a security system for a computer that is coupled to a touchpad, the security system having an electronic key for transmitting a security signal containing a security code to the touchpad, and a security program installed in the computer and interfaced with the touchpad such that the security program decodes the security signal and enables a computer operation upon verification of a validity of the security code.
Another feature of the invention includes a security system installed in a computer that is coupled to a touchpad, the security system having means for generating a security signal carrying a security code on the touchpad, means for collecting the security signal from the touchpad, means for generating a binary signal responsive to the security code carried by the security signal, means for scanning the binary signal to locate a starting point of the binary signal, means for extracting the security code from the binary signal, means for verifying validity of the security code, and means for enabling a computer function in the computer responsive to verification of the validity of the security code.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a flow chart illustrating a preferred method for computer security.
FIG. 2(a) is a top plan view of a first embodiment of the present invention.
FIG. 2(b) is a side elevational view of the first embodiment of the present invention shown in FIG. 2(a).
FIG. 3(a) is a top plan view of a second embodiment of the present invention.
FIG. 3(b) is a side elevational view of the second embodiment of the present invention shown in FIG. 3(a). FIG. 4(a) is a top view of a third embodiment of the present invention.
FIG. 4(b) is a side elevational view of the third embodiment of the present invention shown in FIG. 4(a).
FIG. 5 is a block diagram illustrating the electronic system used in the first embodiment of the present invention shown in FIGS. 2(a) and 2(b). FIG. 6 is a diagram illustrating the data format used by the first embodiment of the present invention.
FIG. 7 illustrates a typical signal outputted by the electrical key and measured by the touchpad.
FIG. 8 is a flowchart illustrating the software component of the first embodiment of the present invention.
FIG. 9 is a flowchart illustrating the data threshold function of the software component of the first embodiment of the present invention.
FIG. 10 is a flowchart illustrating the header detection function of the software component of the first embodiment of the present invention. FIG. 1 1 is a flowchart illustrating the key sequence extraction function of the software component of the first embodiment of the invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
Referring to FIG. 1 , a method for computer security utilizing the hardware and software components of the present invention is illustrated. For theft security, the software component is added to the non-rewritable portion of the BIOS program which is started when the computer is turned on. For application security, the software component is called by the application program when the application program starts. For data security, the software component is called by the operating system when an attempt is made to access a protected file. For network security, the software component is called by the network client software when an attempt is made to access a computer network.
To execute the software component of the present invention the security software is started 1001 . For theft security, the security software will be automatically started when the computer is turned on. For application security, the application program will start the security software when the application program is started. For data security, the operating system will start the security software when an attempt is made to access a protected file. For network security, the operating system will start the security software when an attempt is made to access a computer network. After the security software is started, the user is instructed to place the electronic key (the hardware component of the present invention) on the touchpad of the computer 1002.
After the user places the electronic key on the touchpad, the electronic key begins to continuously transmit a security code to the computer through the touchpad. Next, the security software records and decodes the security code sent by the electronic key 1003. After the security software has completed the data acquisition and decoding 1004, the security software instructs the user to remove the electronic key from the touchpad 1005. Removing the electronic key from the touchpad prevents the electronic device from causing unintended cursor motion after security software terminates. Optionally, the touchpad driver software can constantly monitor for the characteristic security signal and repress unwanted cursor motion while the security signal is detected. The security software then verifies the validity of security code recorded from the electronic key 1006. This verification may be performed by comparing the transmitted security code with a stored security code stored locally on the computer. For some applications, a more complex system uses a "trapdoor" algorithm which eliminates the need for the stored security code. "Trapdoor" algorithms are well known by those skilled in the art. If the security code transmitted by the electronic key is determined to be valid 1007, the software will allow the protected operation to occur. For theft security, the software will allow the computer to start or operate normally. For application security, the software will allow the protected software to execute. For data security, the software will allow the data file to be read. For network security, the software will allow access to the computer network. If the code transmitted by the electronic key is determined to be invalid 1008, the software will not allow the protected operation to occur and will inform the user of an error.
Referring now to Figs. 2(a) and 2(b), the hardware component of the present invention, i.e., the electronic key 100, is illustrated. The electronic key 100 is sized to be slightly smaller than the active surface of the touchpad 201 on which it is placed. For example, a typical Synaptics touchpad has an active surface area of about 60 mm X 40 mm. Therefore, the electronic key used with this touchpad would be sized to have external dimensions of 58 mm X 38 mm.
Maintaining this dimensional relationship between the touchpad 201 and the electronic key 100 ensures that the electronic key 100 is aligned with the touchpad 201 within a range of approximately 10 degrees.
The electronic key 100 contains four electrical contacts 101 arranged in a rectangular formation on the lower surface of the electronic key 100. A surface area of the electrical contacts 101 must be able to be placed flat against the surface of the touchpad 201. The surface area of each contact 101 is approximately 10mm X 10mm to ensure that a capacitance provided to the touchpad 201 by each contact 101 is similar to that of a finger. The surface area of the contacts 101 may be bare metal, stiff conductive rubber, or may be covered with a thin protective insulating coat. If the thin protective coating is used it must be sufficiently thin to not substantially reduce the capacitance from the contact 101 to the touchpad 201. Typically, an insulating coating of less than 0.03 mm does not substantially reduce the capacitance.
The electronic key 100 also contains a micro controller 102 which is electrically connected to the electrical contacts 101 . The micro controller 102 is pre-programmed to ground or isolate the electrical contacts 101 in a predetermined sequence. A PIC16C54 micro controller, manufactured by Microchip, can be used to perform this function. The PIC16C54 micro controller provides low power operation, one time programmable memory, and tri-state outputs which can directly drive the electrical contacts 101 . Those of ordinary skill in the art will recognize that a wide variety of circuits can perform the sequencing function. Selection of the circuit to be used will be based on the specific application requirements of the subject electronic key such as power consumption, re-programmability, and cost.
Referring now to Fig. 5, a block diagram illustrating the electronic system of the electronic key 100 is shown. The micro controller 102 is normally left un-powered to conserve battery power supplied by a battery 103. When the electronic key 100 is placed on the touchpad (not shown), the operator depresses a switch or button 104. This completes the electrical circuit between the battery 103 and the microprocessor 102, and provides a connection between the system ground 105 and the operator's finger. The preprogrammed micro controller 102 then grounds or disconnects the electrical contacts 101 in a continuous predetermined sequence.
Referring now to Fig. 6, a data pattern produced by the electronic key 100 on the touchpad 201 is shown. As explained in the description of Fig. 5, the electrical contacts 101 are grounded in a predetermined pattern. This predetermined pattern, in turn, causes the X and Y location of the capacitance of the electrical contacts 101 to move. This movement of the location of the capacitance produces a data pattern 300 on the X axis signal of the touchpad 201 and a data pattern 302 on the Y axis signal of the touchpad 201 . The X and Y axis data 300 and 302 is restricted to a maximum run length (number of identical bits in sequence) of 4 bits (note that this slightly reduces the number of effective bits in the code since a larger run length would permit additional bits). The X axis data includes a "header" pulse 304 which is an 8 bit long logic "1 " , with a logic "0" bit 306 and a logic "1 " bit 308 appended to each end. The "header" pulse 304 allows the security software in the computer to synchronize to the data pattern produced by the electronic key 100. In a typical operation, the header pulse 304, and a 40 bit security data 310 and 31 2 is transmitted from the electronic key 100 to the security program through the touchpad 201 in approximately 1 second, at a 25Hz bit rate. Since the data transmission from the electronic key 100 is asynchronous with the data acquisition of the touchpad, data must be collected over a sufficient time period to ensure the acquisition of the complete header 304 and security data sequence 310 and 312. In practice, a collection time period of approximately 2 seconds is required.
Referring now to Fig. 7, a typical capacitance signal received by the security software through the touchpad 201 from the electronic key 100 is illustrated. This figure is included to clarify the description of the algorithm used by the security software to covert the preprogrammed sequence of grounds transmitted by the electronic key 100 into a security code which can be checked for validity by the security software. In the preferred embodiment, the touchpad 201 records data at an 80Hz bit rate and the electronic key 100 transmits data at an approximately 25Hz bit rate.
The security software must recognize the bit pattern transmitted by the electronic key, and verify the electronic key's authenticity by checking the validity of the bit pattern. The form of the security software will depend on the intended security application. For application security, the security software can run as a program that is called by the secured application. For network security, the security software can be part of the network client software. For data security, the security software should be installed as a driver to allow encryption and decryption of data as it is written to and read from the disk. For theft security, the security software must reside in the computer's non- reprogrammable BIOS so the entire computer is disabled if the proper security code or bit pattern is not provided.
A number of techniques can be used to recognize and decode the signal transmitted by the electronic key. The primary requirements for the security software are that the security software be able to synchronize to the data stream from the electronic key, and that the security software be able to recognize the start and end of the data stream. Additionally, the decoding algorithm must be immune to the level of input noise in the data stream from the key. In the preferred embodiment of the invention, the security software contains several functions which process the data stream from the touchpad in series. As shown by the flowchart in Fig. 8, these functions are data acquisition 2100, data thresholding 2200, header detection 2300, key sequence extraction 2400, and key verification 2500. During the data acquisition function 2100 the security software must read the X and Y data produced by the touchpad 201 in response to the sequence of grounds transmitted by the electronic key 100. In the Synaptics touchpad, the X and Y data is available to the security software through a set of software interface routines. The data acquisition function 2100 records the
X and Y data from the touchpad for a fixed time interval such as 2 seconds. The data acquisition function also checks the X and Y data to ensure that all the values that are recorded are within reasonable ranges.
As shown in Fig. 8, the data thresholding function 2200 of the security software converts the data recorded by the data acquisition function 2100 into a binary bit pattern. The data thresholding function 2200 does this conversion by operating independently on the X data and Y data.
Referring now to Fig. 9, operating independently on the X and Y data, the data thresholding function 2200 calculates the change in the data on each 80 Hz sample (see Fig. 7) and then looks for the maximum positive going change. The maximum change is then divided by a fixed factor (a factor 5 in the preferred embodiment) to obtain a data threshold (2201 ).
The data thresholding function 2200 then loops through all of the data points in each sample (2202) to convert the detected changes in the data into binary logic "0" and "1 ". During each loop 2202 the change in data in the current sample is calculated and compared to the data threshold (2203). If the change in data in the current sample is smaller than the data threshold, the binary data output is set to the same value as the previous binary data output (2205), and the loop 2202 continues to the next sample. If the change in data in the current sample is larger than the data threshold, the security software compares the change in the current sample with the change calculated in the next sample (2204). If the change in data in the current sample is smaller than the change calculated in the next sample, the binary data output is set to the same value as the previous binary data output (2205) and the loop 2202 continues to the next sample. If the change in data in the current sample is larger than the change calculated in the next sample, the data thresholding function 2200 checks to see if the change was positive or negative (2206). If the change is positive (2207), the binary data output is set to "1 ", and the loop 2202 continues to the next sample. If the change is negative (2208), the binary data output data is set to "0", and the loop 2202 continues to the next sample.
Referring again to Fig. 8, the header detection function 2300 analyzes the binary data output produced by the data thresholding function 2200 to locate the position and length of the "header" pulse in the X data.
Referring now to Fig. 10, the header detection function 2300 scans through the binary output data to locate the longest positive pulse (2301 ). This pulse is then assumed to be the 8 cycle long header. The header detection function then records the starting position of the header pulse (2302). The length of the header pulse is divided by the header length (preferably 8 bits as discussed above) to calculate the "reference length" for the recorded data. The length of the pulse is checked to ensure that it is within the expected range (2303). If the length of the pulse is not within the expected range, the header detection function 2300 returns an error signal (2304). The header detection function 2300 also calculates the length of the "0" pulse following the header pulse to check that the "0" pulse is 1 cycle long (2305). This prevents the security software from identifying an incorrect positive-going pulse as a header if the integration time is too short. If no errors have occurred, the header detection function 2300 returns the starting position and header pulse length to the security program (2306). Note that the header and time base information from the X data are used to synchronize the decoding of both X data and Y data. This allows the Y axis to be used to transmit data during the header transmission on the X axis.
Referring again to Fig. 8, the key sequence extraction function 2400 analyzes the data produced by the data thresholding function 2300, and, with the use of the reference length and header start position calculated by the header detection function 2400, calculates the bit stream transmitted by the electronic key. The key sequence extraction function 2400 operates independently on the X data and the Y data.
Referring now to Fig. 1 1 , the key sequence extraction function 2400 starts at the data point corresponding to the start of the header (2401 ). The function loops through all of the data until the end of the input data is reached (2402). During each loop 2402, the function records the number of sequential pulses without a change in data value to record an input pulse length (2403). The input length is divided by the "reference length" recorded by the header detection function (see Fig. 10), to obtain an output pulse length (2404). A number of "1 "s, or "0"s corresponding to the output pulse length is set in the output data pattern. These bits are set in sequence from the beginning of the output data pattern. A "1 " or "0" is chosen based on whether the input pulse was composed of "1 " or "0" (2405). The output data pattern is checked to see if all of the bits in the output data pattern have been set (2406). If all of the bits in the output data pattern have been set, the recorded output data is returned (2407) by the key sequence extraction function 2400 to the key verification function 2500 as shown in Fig. 8. If all the bits in the output data pattern have not been set, the key sequence extraction function 2400 continues to loop through the input data (2402).
If the input data loop 2402 reaches the end of the input data, the function returns to the "header start" position in the input data (2408). The key sequence extraction function then loops backwards through the input data, starting at the "header start" position (2409). The number of sequential input pulses without a change in data value are recorded to determine the input pulse length (241 1 ). The input pulse length is then divided by the "reference length" to obtain the output pulse length (2412). A number of bits in the output data pattern are set equal to output pulse length (2413). The bits are set starting from the end of the output bit pattern towards the start of the output bit pattern. If all of the output bits have been set (2414), the output bit pattern is returned (2407) to the key verification function 2500, as shown in Fig. 8. Otherwise, the key extraction function continues to scan backwards through the input data (2409). If the start of the input data is reached before all of the bits in the output bit pattern have been set, the key extraction function 2400 returns an error (2410) to the electronic key. This error indicates that the input data pattern was not long enough to contain a complete key sequence.
Referring again to Fig. 8, the key verification function 2500 checks the output bit pattern from the key sequence extraction function 2400 to see if the output bit pattern is valid. The most direct method to check the validity is to directly compare the output bit pattern recorded by the key sequence extraction function with a master bit pattern stored in the computer. For some applications, it is desirable that the master bit pattern be stored in the computer in an encrypted format which cannot be read, even by an authorized user. Those of ordinary skill in the art will recognize that there are a variety of known methods to achieve this result. The choice of an encryption method will be based on the specific requirements of the computer application.
Referring now to Figs. 3(a) and 3(b), a second embodiment of the electronic key 100 is shown. In the second embodiment, only two electrical contacts 101 are used instead of the four electrical contacts used in the first embodiment of the invention. In the second embodiment, the location of capacitance is controlled in only a single direction X or Y, instead of the pair of directions X and Y used in the first embodiment. An advantage of the second embodiment over the first embodiment is that the second embodiment of the invention is physically smaller since an electronic key having only two pads requires a surface area of 56mm X 12mm. However, the second embodiment has a disadvantage since the maximum data rate of the second embodiment is approximately 1/z the data rate of the first embodiment.
The construction of the electronic key 100 in the second embodiment is nearly identical to the construction of the electronic key in the first embodiment, except that only two electrical contacts 101 are used. However, the control circuitry (illustrated in Fig. 5) remains the same. The software component of the electronic key in the second embodiment of the invention is nearly identical to the software component of the first embodiment except that only a single axis of data X is produced. Therefore, the portions of the security software which operate on the Y data in the first embodiment are removed from the security software in the second embodiment.
Referring now to Figs. 4(a) and 4(b), a third embodiment of the invention is shown. The electronic key 100 is nearly identical to that of the second embodiment, except that a single electrical contact 101 is used. In this arrangement, the micro controller 102 alternately grounds and disconnects the electrical contact 101 . This produces a time varying total capacitance signal which can be read by the touchpad 201 . The advantage of the third embodiment of the invention over the second embodiment is that the electronic key 100 in the third embodiment is smaller since an electronic key having one electrical contact only requires a surface area of 12mm X 12mm. However, a disadvantage is that the touchpad 201 has a higher probability of producing an incorrect total capacitance reading than it does of producing an incorrect capacitance location reading. This results in a less reliable data transmission in the third embodiment than in the first and second embodiments.
In the third embodiment of the invention the security software will measure the total capacitance Z data from the touchpad. In the third embodiment of the invention, the data processing for the Z data will be identical to the data processing for the X data in the second embodiment.
A general description of the device and method of using the present invention, as well as the preferred embodiments of the present invention, has been set forth above. One skilled in the art will recognize and be able to practice many changes in many aspects of the device and method described above, including variations which fall within the teachings of the present invention. The spirit and scope of the invention should be limited only as set forth in the claims which follow.

Claims

What is claimed:
1. A security system for a computer that is coupled to a touchpad, said security system comprising: an electronic key for transmitting a security signal containing a security code to said touchpad; and a security program installed in said computer and interfaced with said touchpad such that said security program decodes said security signal and enables a computer operation upon verification of the validity of said security code.
2. The security system of claim 1 wherein said computer operation is execution of software.
3. The security system of claim 1 wherein said computer operation is accessing stored data.
4. The security system of claim 1 wherein said computer operation is starting said computer.
5. The security system of claim 1 wherein said computer operation is accessing a computer network.
6. The security system of claim 1 wherein said security signal containing a security code is a capacitance signal.
7. The security system of claim 6 wherein said electronic key comprises: a plurality of electrical contacts; circuitry electrically connected to said plurality of electrical contacts to selectively ground said plurality of electric contacts in a pre-programmed sequence to generate said capacitance signal; and actuation means on said electronic key for activating said circuitry.
8. The security system of claim 7 wherein said plurality of electrical contacts are four electrical pads configured in a rectangular arrangement.
9. The security system of claim 8 wherein said security program comprises: a means for converting said capacitance signal into a binary signal representing said security code; and a means for verifying a validity of said binary signal such that said computer operation is enabled upon binary signal validity verification.
10. The security system of claim 7 wherein said security program comprises: a means for converting said capacitance signal into a binary signal representing said security code; and a means for verifying a validity of said binary signal such that said computer operation is enabled upon binary signal validity verification.
1 1. The security system of claim 6 wherein said electronic key comprises: an electrical contact; circuitry electrically connected to said electrical contact to selectively ground said electrical contact in a pre-programmed sequence to generate said capacitance signal; and actuation means on said electronic key for activating said circuitry.
12. The security system of claim 1 1 wherein said security program comprises: means for converting said capacitance signal into a binary signal representing said security code; and means for verifying a validity of said binary signal such that said computer operation is enabled upon binary signal validity verification.
13. A security system installed in a computer that is coupled to a touchpad, said security system comprising: means for generating a security signal carrying a security code on said touchpad; means for collecting said security signal from said touchpad; means for generating a binary signal responsive to said security code carried by said security signal; means for scanning said binary signal to locate a starting point of said binary signal; means for extracting said security code from said binary signal; means for verifying the validity of said security code; and means for enabling a computer function in said computer responsive to verification of said validity of said security code.
14. The security system of claim 13 wherein said computer function is execution of software.
15. The security system of claim 13 wherein said computer function is accessing stored data.
16. The security system of claim 13 wherein said computer function is starting said computer.
17. The security system of claim 13 wherein said computer function is accessing a computer network.
18. The security system of claim 13 wherein said security signal containing a security code is a capacitance signal.
PCT/US1998/007931 1997-04-21 1998-04-16 Touchpad security device WO1998048339A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US84093997A 1997-04-21 1997-04-21
US08/840,939 1997-04-21

Publications (1)

Publication Number Publication Date
WO1998048339A1 true WO1998048339A1 (en) 1998-10-29

Family

ID=25283619

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1998/007931 WO1998048339A1 (en) 1997-04-21 1998-04-16 Touchpad security device

Country Status (2)

Country Link
TW (1) TW377410B (en)
WO (1) WO1998048339A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1956813B1 (en) 2000-06-30 2016-04-13 III Holdings 3, LLC Locking the keyboard by a joy stick

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5222231A (en) * 1989-04-28 1993-06-22 Kabushiki Kaisha Toshiba Data processing system having a resume function and an operating method thereof
US5428367A (en) * 1991-07-08 1995-06-27 Mikan; Peter J. Computer mouse simulator having see-through touchscreen device and external electronic interface therefor
US5469564A (en) * 1993-02-08 1995-11-21 Samsung Electronics Co., Ltd. Data storage device with enhanced data security
US5543590A (en) * 1992-06-08 1996-08-06 Synaptics, Incorporated Object position detector with edge motion feature
US5559961A (en) * 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US5586260A (en) * 1993-02-12 1996-12-17 Digital Equipment Corporation Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms
US5646377A (en) * 1994-04-08 1997-07-08 Oda; Yasuo Point detecting device and method of same

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5222231A (en) * 1989-04-28 1993-06-22 Kabushiki Kaisha Toshiba Data processing system having a resume function and an operating method thereof
US5428367A (en) * 1991-07-08 1995-06-27 Mikan; Peter J. Computer mouse simulator having see-through touchscreen device and external electronic interface therefor
US5543590A (en) * 1992-06-08 1996-08-06 Synaptics, Incorporated Object position detector with edge motion feature
US5469564A (en) * 1993-02-08 1995-11-21 Samsung Electronics Co., Ltd. Data storage device with enhanced data security
US5586260A (en) * 1993-02-12 1996-12-17 Digital Equipment Corporation Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms
US5559961A (en) * 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US5646377A (en) * 1994-04-08 1997-07-08 Oda; Yasuo Point detecting device and method of same

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1956813B1 (en) 2000-06-30 2016-04-13 III Holdings 3, LLC Locking the keyboard by a joy stick

Also Published As

Publication number Publication date
TW377410B (en) 1999-12-21

Similar Documents

Publication Publication Date Title
US10311221B2 (en) System and method for controlling user access to an electronic device
US20140143859A1 (en) Unlock touch screen using touch password
US6628198B2 (en) Security system for preventing a personal computer from being stolen or used by unauthorized people
US6509847B1 (en) Pressure password input device and method
KR101848948B1 (en) Methods and systems for enrolling biometric data
US7461264B2 (en) Method for automatic identification control and management
US8225381B2 (en) Security technique for controlling access to a network by a wireless device
EP2315155B1 (en) Method and system for granting access into a server computer system
EP3029597A1 (en) Memory lock system
US20080246584A1 (en) Locking digital pen
CN108701180A (en) A kind of method and apparatus of device power-up
EP1001331A2 (en) Pre-boot security controller
US20030140232A1 (en) Method and apparatus for secure encryption of data
CN1979371A (en) Input device with locking function and locking method
JP2007502460A (en) Biometric parameter protection USB interface portable data storage device with USB interface accessible biometric processor
CN101253505A (en) Method, apparatus, and system for securing data on a removable memory device
CN104680044A (en) Electronic device and screen unlocking method thereof
WO1998048339A1 (en) Touchpad security device
WO2007055939A1 (en) A method, apparatus, and system for securing data on a removable memory device
Lee et al. Access to an automated security system using gesture-based passwords
CN106888223B (en) User account login method and mobile terminal
CN213024401U (en) Encrypted mobile hard disk with password confirmation
CN2462476Y (en) Fingerprint keyboard
CN105573636A (en) Unlocking method and device for touch screen equipment
JPH03189756A (en) User confirming device for computer equipment

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): CN JP

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: JP

Ref document number: 1998546237

Format of ref document f/p: F

122 Ep: pct application non-entry in european phase