`
`
`
`[75]Inventors:
`
`
`
`Mark J. Sutherland, Milpitas, Calif.;
`WO 82/03286 9/1982 WIPO .
`WO 97/29416 8/1997 WIPO .
`
`
`Janet L. Dolphin-Peterson, Belvedere,
`
`
`Calif.; Thomas K. Rowland, Los
`
`
`
`Gatos, Calif.; Kirk W. Skeba, Fremont,
`
`
`
`Calif.; Russell D. Housley, Herndon,
`
`
`1997, pending.
`Va.
`
`
`
`
`
`I IIIII IIIIIIII Ill lllll lllll lllll lllll lllll lllll lllll lllll 111111111111111111
`US006088802A
`[11] Patent Number:
`6,088,802
`
`United States Patent
`[19J
`[45]Date of Patent:
`Jul. 11, 2000
`
`Bialick et al.
`
`[54]PERIPHERAL DEVICE WITH INTEGRATED
`
`SECURITY FUNCTIONALITY
`
`5,828,832 10/1998 Holden et al. ..................... 395/187.01
`
`
`
`
`5,878,142 3/1999 Caputo et al. ............................ 380/25
`
`FOREIGN PATENT DOCUMENTS
`
`OTHER PUBLICATIONS
`
`U.S. application No. 08/869,120, Bialick et al., filed Jun. 4,
`
`Primary Examiner�y V. Hua
`
`
`
`Spyrus, Inc., Santa Clara, Calif.
`[73]Assignee:
`
`Attorney, Agent, or Firm-David R. Graham
`
`[21] Appl. No.: 08/869,305
`
`[57]
`
`ABSTRACT
`
`Filed: Jun. 4, 1997
`[22]
`
`[56]
`
`
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`The invention enables a peripheral device to communicate
`
`
`
`
`
`
`
`with a host computing device to enable one or more security
`
`Int. Cl.7 ..................................................... G06K 14/67
`[51]
`
`
`
`
`operations to be performed by the peripheral device on data
`
`
`
`U.S. Cl. ........................... 713/200; 713/201; 713/202
`[52]
`
`
`
`
`
`stored within the host computing device, data provided from
`
`
`
`Field of Search ......................... 395/188.01, 187.01,
`[58]
`
`
`
`
`the host computing device to the peripheral device (which
`
`
`
`395/186; 380/4, 25, 49; 713/200, 201, 202
`
`
`
`
`
`can then be, for example, stored in the peripheral device or
`
`
`
`
`
`
`transmitted to yet another device), or data retrieved by the
`
`
`
`
`
`host computing device from the peripheral device (e.g., data
`
`
`
`that has been stored in the peripheral device, transmitted to
`
`
`the peripheral device from another device or input to the
`
`
`11/1987 Watanabe ................................ 235/379
`4,709,136
`
`
`
`
`peripheral device by a person). In particular, the peripheral
`
`3/1990 Dyke ......................................... 380/25
`4,910,776
`
`
`
`
`device can be adapted to enable, in a single integral periph
`
`3/1993 Lang ......................................... 380/25
`5,191,611
`
`
`
`eral device, performance of one or more security operations
`
`
`1/1994 McLean et al. ............................ 380/4
`5,282,247
`
`
`on data, and a defined interaction with a host computing
`
`3/1994 Orton ........................................ 380/30
`5,297,206
`
`
`
`device that has not previously been integrated with security
`
`
`8/1995 Holtey ... ... ... ... .... ... ... ... ... ... .... ... . 380/23
`5,442,704
`
`
`operations in a single integral device. The defined interac
`
`
`10/1995 Barrett et al. ........................... 360/133
`5,457,590
`
`
`
`tions can provide a variety of types of functionality ( e.g.,
`12/1995 Davis . ... ... ... ... .... ... ... ... ... ... .... ... . 380/25
`5,473,692
`
`
`
`data storage, data communication, data input and output,
`
`2/1996 Holtey ... ... ... ... .... ... ... ... ... ... .... .. 395 /800
`5,491,827
`
`
`6/1996 Gustafson et al. ........................ 379/58
`5,524,134
`
`
`
`user identification). The peripheral device can also be imple
`
`
`
`7/1996 Morisawa et al. ................. 395/188.01
`5,537,544
`
`
`
`
`mented so that the security operations are performed in-line,
`
`
`8/1996 Caputo et al. ............................ 380/25
`5,546,463
`
`
`
`
`i.e., the security operations are performed between the
`8/1996 Denslow ............................ 395/187.01
`5,548,721
`
`
`
`communication of data to or from the host computing device
`
`3/1997 Mooney et al. .......................... 380/25
`5,610,981
`
`and the performance of the defined interaction. Moreover,
`
`
`5 /1997 Stone, III et al. . ... ... .... ... ... ... .. 395 /883
`5,630,174
`
`
`
`the peripheral device can be implemented so that the secu
`
`
`6/1997 Kikinis .................................... 361/687
`5,640,302
`
`
`
`
`rity functionality of the peripheral device is transparent to
`
`
`12/1997 Hollenberg .. ... .... ... ... ... ... ... .... .. 364/514
`5,694,335
`the host computing device.
`
`
`
`
`
`4/1998 Lee et al. ... .... ... ... ... ... .... ... ... ... .. 380/23
`5,742,683
`
`
`6/1998 Novis et al. ............................ 235/492
`5,770,849
`
`
`39 Claims, 9 Drawing Sheets
`
`8/1998 Houvener et al. ... ... ... ... .... ... ... .. 380/23
`5,790,674
`
`605 606a 606b 606 604
`
`614
`
`603a
`
`µP
`
`D
`
`--,
`I
`
`I 611
`I
`I
`I
`I 615_.J��-�--...........,
`I
`
`603b
`
`I
`I
`-�-
`609 608 601
`607
`
`602
`
`613
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 1 of 21
`
`
`
`U.S. Patent
`
`Jul. 11, 2000
`
`Sheet 1 of 9
`
`6,088,802
`
`Host
`Computing
`Device
`
`101a , / H Security I 101
`
`Portable
`Device
`
`-
`-
`
`-
`-
`
`102
`
`/100
`
`FIG. 1
`(PRIOR ART)
`
`/200
`
`Host
`Computing
`Device
`
`-
`-
`
`.....
`-
`
`201
`
`Security
`Device
`
`Portable
`Device
`
`-
`-
`
`..._
`-
`
`203
`
`202
`
`FIG. 2
`(PRIOR ART)
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 2 of 21
`
`
`
`U.S. Patent
`
`Jul. 11, 2000
`
`Sheet 2 of 9
`
`6,088,802
`
`300
`j
`
`Host
`Computing
`Device
`
`-
`
`)
`303
`
`301
`
`-
`
`~
`
`Peripheral
`Device
`I Security I 302
`
`\
`302a
`
`FIG. 3A
`
`FIG. 3B
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 3 of 21
`
`
`
`U.S. Patent
`
`Jul. 11, 2000
`
`Sheet 3 of 9
`
`6,088,802
`
`/400
`
`Security
`Host
`Interface - - Functionality
`- -
`
`-
`
`Target
`- Functionality
`
`~
`
`403
`
`401
`
`402
`
`404
`
`FIG. 4
`
`500
`
`J
`
`501 --
`
`502
`
`Peripheral device establishes its identity.
`
`User connects peripheral device
`to host computing device.
`+
`-
`Host computing device detects presence
`of peripheral device .
`•
`503 -
`•
`504 -- Host computing device identifies peripheral device.
`+
`User interacts with host computing device
`to begin using peripheral device.
`
`505 --
`
`FIG. 5
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 4 of 21
`
`
`
`U.S. Patent
`
`Jul. 11, 2000
`
`Sheet 4 of 9
`
`6,088,802
`
`'q"'
`,--
`co
`
`..c
`N
`
`N
`C) co
`
`•
`
`c.o
`(!) -LL
`
`v
`C) co
`
`..c
`co
`C) co
`co
`co
`0 co
`
`LO
`0 co
`
`,--
`LO
`,--
`,--
`co
`co
`------
`
`r -
`I
`
`~g
`I
`
`CX)
`
`C) co
`
`0)
`
`0 co
`
`r-,..
`0 co
`
`a..
`::t
`
`co
`Ct)
`0 co
`
`r
`
`,,
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`I
`I
`
`...J
`
`I
`I
`I
`I
`I
`I
`I
`I
`I I
`I_ -
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 5 of 21
`
`
`
`00 = N
`.... = 00
`
`....
`00
`
`0--,
`
`\C
`0 ....,
`Ul
`~ ....
`'JJ. =(cid:173)~
`
`C
`C
`C
`N
`"'"" ~
`"'""
`~ = :-
`
`~ = .....
`~ .....
`~
`•
`r:JJ.
`d •
`
`I
`
`Only
`~ , Target
`
`Security
`
`Only
`
`No
`
`No
`
`No
`
`/700
`
`FIG. 7A
`
`Request host to execute security device driver.
`
`701
`
`FIG. 78
`
`FIG. 7A
`
`FIG. 7
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 6 of 21
`
`
`
`00 = N
`.... = 00
`
`....
`00
`
`0--,
`
`\C
`0 ....,
`~ ....
`'JJ. =(cid:173)~
`
`O'I
`
`~
`
`C
`C
`C
`N
`"'"" ~
`"'""
`~
`
`~ = .....
`~ .....
`~
`•
`r:JJ.
`d •
`
`FIG. 78
`
`END
`
`718
`
`No
`
`Yes
`
`Execute transaction.
`
`for this transaction.
`target functionality
`regarding use of
`Input all instructions
`
`712
`
`708
`
`Execute transaction. , ..... 1-------'
`
`for this transaction.
`target functionality
`regarding use of
`Input all instructions
`
`for this transaction.
`target functionality
`regarding use of
`Input all instructions
`
`707
`
`710
`
`714
`
`711
`
`for a transaction.
`security functionality
`regarding use of
`Input all instructions
`
`for a transaction.
`security functionality
`regarding use of
`Input all instructions
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 7 of 21
`
`
`
`U.S. Patent
`
`Jul. 11, 2000
`
`Sheet 7 of 9
`
`6,088,802
`
`"'1"
`0
`co
`;
`
`~
`<(
`a:
`
`Ct)
`0
`co
`l
`...c
`ca -
`en
`I
`
`::>
`a..
`(.)
`
`,--
`C) co
`\
`
`rl 1lrt>
`--(.)
`..... a:
`
`...._
`
`I.{)
`
`0 co '-
`
`/'
`C) co
`
`C)
`
`r-
`/&5
`
`-E
`~ en
`Q) · -
`...C C
`c... ctS
`
`·- ...c - (.)
`
`Q) Q)
`
`a..~
`
`en
`~ .E
`
`ctS
`(.)
`0 -
`
`<(
`(!)
`a...
`LL
`
`N
`co
`--- 0
`
`en
`::>
`ca
`<(
`
`~~ (.)
`a...
`
`CX)
`•
`
`-LL
`
`<( c -·- (.)
`C...~LL
`co
`:::::::
`co(.) a...
`
`O>
`_ca>
`............ (.)
`en => ·(cid:173)
`o C...>
`IE a.>
`oO
`(.)
`
`\
`co
`0 co
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 8 of 21
`
`
`
`U.S. Patent
`
`Jul. 11, 2000
`
`Sheet 8 of 9
`
`6,088,802
`
`r---------,
`I
`I Cryptographic
`I
`I
`Processing
`I • Device
`I -
`Interface
`. -
`I •
`I
`I
`
`I
`I
`I
`I
`
`I'-
`
`808
`
`Host
`Interface
`
`_/
`
`806
`
`-
`
`~ I
`
`1---. i,.....---- I
`
`802
`
`I
`
`Target
`Functionality
`Interface
`
`I'--- 807
`
`FIG. 9A
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 9 of 21
`
`
`
`00 = N
`.... = 00
`
`....
`00
`
`0--,
`
`\C
`0 ....,
`\C
`~ ....
`'JJ. =(cid:173)~
`
`~
`
`C
`C
`C
`N
`"'"" ~
`"'""
`~
`
`~ = .....
`~ .....
`~
`•
`r:JJ.
`d •
`
`R
`E
`:
`T
`N
`I
`I
`~
`I
`I
`S
`I
`S
`I
`E
`1 C
`
`I
`
`I
`
`I
`I C
`~
`:
`
`I COMPACT FLASH 11 COMPACT FLASH I CARD ENABLE
`
`'12
`,,
`
`LCLADDRESSI
`
`,, LOCAL DATA
`
`LOCAL CONTROL
`
`I '16
`
`DCDR
`
`DATA BUFFER
`
`r-i 1/0 CONTROL
`
`'16
`'18,,
`:
`
`,,
`
`CNTLR
`STATE
`
`_
`
`DATA
`
`ADDRESS
`
`CNTR
`SECTOR -
`FLASH
`
`COMPACT
`
`1/0 CNTROL
`
`E •
`
`FIG. 9B
`
`911
`
`910
`
`REGISTERS ~
`Ill
`CONFIG
`LJ ---l------l----~--1---1
`
`~
`
`COMPACT FLASH INTERFACE
`
`~
`
`--7-----------~
`I
`I
`I
`
`1 S
`~ I/O
`I
`P
`I
`I
`0
`I
`I
`T
`I
`I
`P
`I
`y
`I
`I R
`r----------------------------------------C
`
`I
`
`16
`I
`I
`I
`BUF EN
`I
`I 18 BUFFER
`f-b:":-ADDA
`I
`I
`I
`
`BUFFER
`
`PCMCIA
`
`PCMCIA
`
`E
`C ~ DATA
`A
`F
`R
`E
`~
`I
`A
`I
`C
`~ I 8 CNTLR
`PCMCIA
`
`,... DETECTOR
`COMMAND
`
`REGISTER
`RDY/BSY
`
`I
`
`I
`
`RDY/BSY
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 10 of 21
`
`
`
`6,088,802
`
`1
`PERIPHERAL DEVICE WITH INTEGRATED
`SECURITY FUNCTIONALITY
`
`CROSS-REFERENCE TO RELATED
`APPLICATION
`
`This application is related to the commonly owned,
`co-pending United States patent Application entitled
`"Modular Security Device," by William P. Bialick, Mark J.
`Sutherland, Janet L. Dolphin-Peterson, Thomas K.
`Rowland, Kirk W. Skeba and Russell D. Housley, filed on
`the same date as the present application and having Attorney
`Docket No. SPY-003, the disclosure of which is incorpo(cid:173)
`rated by reference herein.
`
`BACKGROUND OF THE INVENTION
`1. Field of the Invention
`This invention relates to a peripheral, often portable,
`device (as well as the methods employed by such a periph(cid:173)
`eral device, and systems including such a peripheral device
`and a host computing device with which the peripheral
`device communicates) that can communicate with a host
`computing device to enable one or more security operations
`to be performed by the peripheral device on data stored
`within the host computing device, data provided from the
`host computing device to the peripheral device, or data
`retrieved by the host computing device from the peripheral
`device.
`2. Related Art
`Computing capability is becoming increasingly portable.
`In particular, there are more and more portable peripheral
`devices that are adapted for communication with a host
`computing device (e.g., desktop computer, notebook com(cid:173)
`puter or personal digital assistant) to enable particular func(cid:173)
`tionality to be achieved. These portable peripheral devices
`can take a variety of physical forms (e.g., PCMCIA cards,
`smart cards, CD-ROMs) and can perform an assortment of
`functions (e.g., storage, communications and cryptography).
`However, while portable computing affords a number of
`advantages, it has a significant disadvantage in that the
`computational environment (including the portable periph(cid:173)
`eral devices, the host computing devices in which they are
`used, and any other computational devices that communi(cid:173)
`cate with those devices) is more susceptible to security
`breaches, i.e., unauthorized access to, or modification of,
`programs and/or data resident within the environment.
`Consequently, cryptographic devices and methods have
`been developed for use with such computational environ(cid:173)
`ments (as well as other computational environments) to
`enable increased levels of environment security to be
`obtained.
`FIG. 1 is a block diagram of a prior art system for
`enabling a host computing device to provide secured data to,
`and retrieve secured data from, a portable device. In FIG. 1,
`a system 100 includes a host computing device 101 and a
`portable device 102. The host computing device 101 and
`portable device 102 are adapted to enable communication
`between the devices 101 and 102. The host computing
`device 101 includes a security mechanism 101a (which can
`be embodied by appropriately configured hardware, soft(cid:173)
`ware and/or firmware, such as, for example, a general
`purpose microprocessor operating in accordance with
`instructions of one or more computer programs stored in a
`data storage device such as a hard disk) which can be
`directed to perform one or more cryptographic operations.
`In the system 100, if it is desired to provide secured data
`from the host computing device 101 to the portable device
`
`2
`102, the host computing device 101 causes the security
`mechanism 101a to perform appropriate cryptographic
`operations on data before the data is transferred to the
`portable device 102. Similarly, the host computing device
`5 101 can receive secured data from the portable device 102
`and perform appropriate cryptographic operations on the
`data to convert the data into a form that enables the data to
`be accessed and/or modified by a person who is authorized
`to do so.
`10 A significant deficiency of the system 100 is that the
`security mechanism 101a is itself typically not adequately
`secure. It is commonly accepted that the components
`(including hardware, software and/or firmware) of most host
`computing devices are inherently insecure. This is because
`15 the system design of host computing devices is, typically,
`intentionally made open so that components made by dif(cid:173)
`ferent manufacturers can work together seamlessly. Thus, an
`unauthorized person may obtain knowledge of the operation
`of the security mechanism 101a (e.g., identify a crypto-
`20 graphic key), thereby enabling that person to gain access to,
`and/or modify, the (thought to be secured) data.
`FIG. 2 is a block diagram of another prior art system for
`enabling a host computing device to provide secured data to,
`and retrieve secured data from, a portable device. In FIG. 2,
`25 a system 200 includes a host computing device 201, a
`portable device 202 and a security device 203. The host
`computing device 201, the portable device 202 and security
`device 203 are adapted to enable communication between
`the devices 201 and 202, and between the devices 201 and
`30 203. The security device 203 includes appropriately config(cid:173)
`ured hardware, software and/or firmware which can be
`directed to perform one or more cryptographic operations.
`In the system 200, if it is desired to provide secured data
`from the host computing device 201 to the portable device
`35 202, the host computing device 201 first causes data to be
`transferred to the security device 203, where appropriate
`cryptographic operations are performed on the data. The
`secured data is then transferred back to the host computing
`device 201, which, in turn, transfers the secured data to the
`40 portable device 202. Similarly, the host computing device
`201 can receive secured data from the portable device 202
`by, upon receipt of secured data, transferring the secured
`data to the security device 203, which performs appropriate
`cryptographic operations on the data to convert the data into
`45 a form that enables the data to be accessed and/or modified
`by a person who is authorized to do so, then transfers the
`unsecured data back to the host computing device 201.
`The system 200 can overcome the problem with the
`system 100 identified above. The security device 203 can be
`50 constructed so that the cryptographic functionality of the
`device 203 can itself be made secure. (Such a security device
`is often referred to as a security "token.") An unauthorized
`person can therefore be prevented ( or, at least, significantly
`deterred) from obtaining knowledge of the operation of the
`55 security device 203, thereby preventing ( or significantly
`deterring) that person from gaining access to, and/or
`modifying, the secured data.
`However, the system 200 may still not always ensure
`adequately secured data. In particular, unsecured data may
`60 be provided by the host computing device 201 to the
`portable device 202 if the host computing device 201-
`whether through inadvertent error or deliberate attack by a
`user of the host computing device 201, or through malfunc(cid:173)
`tion of the host computing device 201-fails to first transfer
`65 data to the security device 203 for appropriate cryptographic
`treatment before providing the data to the portable device
`202.
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 11 of 21
`
`
`
`3
`Additionally, the system 200 requires the use of two
`separate peripheral devices (portable device 202 and secu(cid:173)
`rity device 203) to enable the host computing device 201 to
`exchange secured data with the portable device 202. For
`several reasons, this may be inconvenient. First, both
`devices 202 and 203 may not be available at the time that it
`is desired to perform a secure data exchange (e.g., one may
`have been forgotten or misplaced). Second, even if both
`devices 202 and 203 are available, it may not be possible to
`connect both devices 202 and 203 at the same time to the
`host computing device 201, making use of the devices 202
`and 203 cumbersome and increasing the likelihood that
`unsecured data is provided by the host computing device
`201 to the portable device 202.
`
`15
`
`SUMMARY OF THE INVENTION
`A peripheral device according to the invention can be
`used to communicate with a host computing device to enable
`one or more security operations to be performed by the
`peripheral device on data stored within the host computing 20
`device, data provided from the host computing device to the
`peripheral device (which can then be, for example, stored in
`the peripheral device or transmitted to yet another device) or
`data retrieved by the host computing device from the periph(cid:173)
`eral device ( e.g., data that has been stored in the peripheral 25
`device, transmitted to the peripheral device from another
`device or input to the peripheral device by a person). In
`particular, the peripheral device can be adapted to enable, in
`a single integral peripheral device, performance of one or
`more security operations on data, and a defined interaction 30
`with a host computing device that has not previously been
`integrated with security operations in a single integral
`device. The defined interactions can provide a variety of
`types of functionality (e.g., data storage, data
`communication, data input and output, user identification), 35
`as described further below. The peripheral device can be
`implemented so that the peripheral device can be operated in
`any one of multiple user-selectable modes: a security func(cid:173)
`tionality only mode, a target functionality mode, and a
`combined security and target functionality mode. The 40
`peripheral device can also be implemented so that the
`security operations are performed in-line, i.e., the security
`operations are performed between the communication of
`data to or from the host computing device and the perfor(cid:173)
`mance of the defined interaction. Moreover, the peripheral
`device can be implemented so that the security functionality
`of the peripheral device is transparent to the host computing
`device.
`A peripheral device according to the invention can advan(cid:173)
`tageously enable application of security operations to a wide 50
`variety of interactions with a host computing device. In
`particular, a peripheral device according to the invention can
`accomplish this without necessity to use two peripheral
`devices: one that performs the security operations and one
`that performs the defined interaction. This can, for example, 55
`minimize the possibility that the device adapted to perform
`the defined interaction will be used with the host computing
`system without proper application of security operations to
`that interaction. Moreover, the provision of in-line security
`in a peripheral device according to the invention enables a 60
`more secure exchange of data between a host computing
`device and the peripheral device, overcoming the problems
`identified above in previous systems for performing security
`operations on data exchanged between such devices.
`Additionally, implementing a modular device according to 65
`the invention so that the performance of security operations
`by the modular device is transparent can reduce or eliminate
`
`45
`
`6,088,802
`
`4
`the need to modify aspects of the operation of the host
`computing device ( e.g., device drivers of the host computing
`device), making implementation and use of a data security
`system including the modular device simpler and easier.
`5 Thus, the possibility that a user will use the system incor(cid:173)
`rectly ( e.g., fail to apply security operations to an interaction
`with the host computing device, or apply the security
`operations incorrectly or incompletely) is reduced. Making
`the security operations transparent can also enhance the
`10 security of those operations.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a block diagram of a prior art system for
`enabling a host computing device to provide secured data to,
`and retrieve secured data from, a portable device.
`FIG. 2 is a block diagram of another prior art system for
`enabling a host computing device to provide secured data to,
`and retrieve secured data from, a portable device.
`FIG. 3A is a block diagram of a system according to the
`invention.
`FIG. 3B is a perspective view of a physical implementa(cid:173)
`tion of the system of FIG. 3A according to one embodiment
`of the invention.
`FIG. 4 is a block diagram of a peripheral device according
`to an embodiment of the invention.
`FIG. 5 is a flow chart of a method, according to an
`embodiment of the invention, for initiating use of a system
`according to the invention.
`FIG. 6 is a block diagram of a system, according to an
`embodiment of the invention, illustrating operation of the
`system during a method according to the invention as in
`FIG. 5.
`FIGS. 7A and 7B is a flow chart of a method, according
`to an embodiment of the invention, for using a peripheral
`device according to the invention.
`FIG. 8 is a block diagram of a peripheral device according
`to another embodiment of the invention.
`FIG. 9A is a block diagram illustrating the flow of data
`through the interface control device of FIG. 8.
`FIG. 9B is a block diagram of a particular embodiment of
`an interface control device for use in a peripheral device
`according to the invention.
`
`DETAILED DESCRIPTION OF THE
`INVENTION
`
`FIG. 3A is a block diagram of a system 300 according to
`the invention. The system 300 includes a host computing
`device 301 and a peripheral device 302 that communicate
`via a communications interface 303. Herein, "peripheral
`device" can refer to any device that operates outside of a
`host computing device and that is connected to the host
`computing device. The peripheral device 302 includes a
`security mechanism 302a that enables security operations
`(examples of which are described in more detail below) to
`be performed on data that is stored within the host comput(cid:173)
`ing device 301, data that is transmitted from the host
`computing device 301 to the peripheral device 302, or data
`that is transmitted from the peripheral device to the host
`computing device 301. As explained in more detail below,
`the peripheral device 302 also provides additional function(cid:173)
`ality (referred to herein as "target functionality") to the
`system 300, such as, for example, the capability to store data
`in a solid-state disk storage device, the capability to enable
`communications from the host computing device 301 to
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 12 of 21
`
`
`
`6,088,802
`
`5
`
`5
`another device, the capability to accept biometric input to
`enable user authentication to the host computing device 301,
`and the capability to receive and read a smart card inserted
`into the peripheral device 302.
`Generally, the communications interface 303 can be any
`embodied by any of a variety of communication interfaces,
`such as a wireless communications interface, a PCMCIA
`interface, a smart card interface, a serial interface (such as an
`RS-232 interface), a parallel interface, a SCSI interface or an
`IDE interface. Each embodiment of the communications 10
`interface 303 includes hardware present in each of the host
`computing device 301 and peripheral device 302 that oper(cid:173)
`ates in accordance with a communications protocol (which
`can be embodied, for example, by software stored in a
`memory device and/or firmware that is present in the host
`computing device 301 and/or peripheral device 302) appro(cid:173)
`priate for that type of communications interface, as known
`to those skilled in the art. Each embodiment of the commu(cid:173)
`nications interface 303 also includes mechanisms to enable
`physical engagement, if any, between the host computing 20
`device 301 and peripheral device 302.
`Generally, the security mechanism 302a can be config(cid:173)
`ured to perform any electronic data security operation
`(herein, referred to simply as "security operation")
`including, for example, operations that provide one or more
`of the basic cryptographic functions, such as maintenance of
`data confidentiality, verification of data integrity, user
`authentication and user non-repudiation. Particular security
`operations that can be implemented in a peripheral device
`according to the invention are described in more detail
`below.
`The security mechanism 302a can be, for example,
`embodied as a security token. Herein, "security token" refers
`to a device that performs security operations and that
`includes one or more mechanisms (such as, for example, use
`of a hardware random number generator and/or protected
`memory) to provide security for the content of those opera(cid:173)
`tions.
`FIG. 3B is a perspective view of a physical implementa- 40
`tion of the system 300 of FIG. 3A, according to one
`embodiment of the invention. In FIG. 3B, the peripheral
`device 302 is embodied as a card 312 that can be inserted
`into a corresponding slot 313 formed in a portable computer
`311 that, in FIG. 3B, embodies the host computing device 45
`301. Often a peripheral device according to the invention is
`a portable device, such as the card 312 shown in FIG. 3B.
`Herein, "portable device" can refer generally to any device
`that is capable of being easily carried by hand.
`FIG. 4 is a block diagram of a peripheral device 400 50
`according to an embodiment of the invention. The peripheral
`device 400 includes security functionality 401, target func(cid:173)
`tionality 402 and a host interface 403 that are formed
`together as part of a single physical device. For example, the
`security functionality 401 and target functionality 402 can 55
`be enclosed in a single, card-like housing (designated in
`FIG. 4 by the numeral 404) conforming to a PCM CIA card
`or smart card standard.
`The peripheral device 400 can have a number of advan(cid:173)
`tageous characteristics. The peripheral device 400 can be 60
`implemented in a manner that enables the security opera(cid:173)
`tions of the security functionality 401 to be performed in a
`manner that is transparent to a host computing device ( and,
`depending upon the particular implementation of the periph(cid:173)
`eral device 400, to a user of a system including the periph- 65
`eral device 400) of a system according to the invention, so
`that the host computing device (and, perhaps, user) is aware
`
`6
`only of the presence of the target functionality 402.
`Additionally, the peripheral device 400 can be implemented
`so that security operations are performed "in-line," i.e., the
`security operations are performed between the communica-
`tion of data to or from the host computing device and the
`performance of the target functionality provided by the
`peripheral device. Further, the peripheral device 400 enables
`a wide variety of secure target functionality to be easily
`provided to a host computing device.
`FIG. 5 is a flow chart of a method 500, according to an
`embodiment of the invention, for initiating use of a system
`according to the invention. The method 500 enables an
`aspect of the invention in which the presence of security
`functionality as part of a peripheral device is not detected by
`15 a host computing device, thus making the security function(cid:173)
`ality transparent to the host computing device and, depend(cid:173)
`ing upon the particular manner in which the security func(cid:173)
`tionality is implemented, to a user of the system.
`FIG. 6 is a block diagram of a system 600, according to
`an embodiment of the invention, illustrating operation of the
`system 600 during a method according to the invention such
`as the method 500 of FIG. 5. The system 600 includes a host
`computing device 601 and a peripheral device 602. The host
`computing device 601 includes a display device 603a (e.g.,
`25 a conventional computer display monitor) and user input
`device 603b (e.g., a keyboard, mouse, trackball, joystick or
`other appropriate device), referred to collectively hereinafter
`as user interface device 603. The host computing device 601
`also includes, mounted within a housing 604, a processing
`30 device 605, a memory device 606, an input/output (1/0)
`device 607 for enabling communication with the user inter(cid:173)
`face device 603, and an input/output (1/0) device 608 for
`enabling communication with peripheral device 602. The
`devices 605, 606, 607 and 608 can each be implemented by
`35 conventional such devices and can communicate with each
`other via a conventional computer bus 609, as is well known
`and understood. The peripheral device 602 includes security
`functionality 611, a memory device 612, an input/output
`(1/0) device 613 for enabling communication with the host
`computing device 601 and target functionality 614. The
`security functionality 611, memory device 612, 1/0 device
`613 and target functionality 614 can each be implemented by
`conventional devices and can communicate with each other
`via a conventional computer bus 615, as is well known and
`understood. The host computing device 601 and the periph(cid:173)
`eral device 602 are shown in simplified form in FIG. 6 to
`facilitate clarity in illustration of this aspect of the invention;
`as described in more detail below and as understood by those
`skilled in the art, the host computing device 601 and the
`peripheral device 602 can-and typically will-include
`other devices not shown in FIG. 6.
`Returning to FIG. 5, use of a system according to the
`invention begins when, as shown by step 501, a user of the
`system connects a peripheral device according to the inven(cid:173)
`tion to a host computing device. Such connection can occur
`in any manner that enables the peripheral device to com(cid:173)
`municate with the host computing device. Frequently, this
`will occur as a result of a physical connection of the
`peripheral device to the host computing device. (In general,
`such physical connection can occur either before or after the
`host computing device begins operating; however, in the
`former case, subsequent steps of the method 500-with the
`exception of, depending upon the implementation of the
`peripheral device, the step 503----cannot be performed until
`the host computing device begins operating.) For example,
`the peripheral device can be embodied in a card or disk ( e.g.,
`a card conforming to a PCM CIA form factor as established
`
`WESTERN DIGITAL CORPORATION, EXHIBIT 1001
`Page 13 of 21
`
`
`
`6,088,802
`
`7
`by the appropriate standard) that is inserted into a corre(cid:173)
`sponding socket formed in the host computing device. Or,
`the peripheral device can be embodied in a housing from
`which a cord extends, a plug of the cord being inserted into
`a mating receptacle formed in the host computing device. 5
`However, such physical connection need not necessarily
`occur; the peripheral device can also be connected to the
`host computing device by any type of wireless communi(cid:173)
`cation for which the host computing device contains an
`appropriate interface.
`Once connection between the peripheral device and the
`host computing device is made, the host computing device
`detects the presence of the perip