Smart card reader with secure logging feature

FIELD: data processing; security system.

SUBSTANCE: invention relates to a secure smart card reader. Smart card reader enables to make reader signatures on data representative of events and actions which may be security related and which may comprise data representative of reader commands, which smart card reader receives from a host or remote application, smart card commands which smart card reader exchanges with an inserted smart card, data which smart card reader presents to user for approval, and/or configuration parameters which smart card reader applies when dealing with any of foregoing. Smart card reader may furthermore be adapted to maintain logs of certain events and actions which may comprise exchanging smart card reader commands with a host, exchanging smart card commands with an inserted smart card, and/or interactions with a user. Logs may comprise data representative of smart card reader commands which reader receives from a host or remote application, smart card commands which smart card reader exchanges with an inserted smart card, data which smart card reader presents to user for approval, and/or configuration parameters which smart card reader applies when dealing with any of foregoing. Secure smart card reader may be adapted to generate a reader signature over one or more of these logs.

EFFECT: providing protection of electronic data using a smart card.

35 cl, 4 dwg

 



 

Same patents:

FIELD: information technology.

SUBSTANCE: disclosed is a method for conducting safe financial operations on a payment terminal of a self-service automated payment system by changing the PIN code system of the bank card after each use thereof. The ATM issues the user a new PIN code generated by the system and printed inside a closed PIN envelope which preserves confidentiality of the obtained data. The generated package of envelopes with pre-printed codes, data of which are stored in the system, can be loaded into the ATM. When issuing another envelope, the system assigns the code resident therein to the bank card. The one-time PIN code does not require storage and so can have more characters, each improving security by an order.

EFFECT: safer bank operations, fewer cases of falsification of bank cards.

FIELD: information technology.

SUBSTANCE: kiosk, designed for a payment processing network, which includes a transaction processor which processes multiple transactions, in each of which participate a vendor and a client on an account accompanied by prepaid legal tender issued by an issuer for the client, wherein the account contains money, has a means of displaying multiple selected alternatives, a means of selecting: a ticket for a future presentation, a sum of money and audio information describing the performer participating in the future presentation, a payment receiving means: for the selected ticket for the future presentation and selected sum of money and a means of encoding information in one of said prepaid legal tender, and a means for the kiosk to issue one of said prepaid legal tender.

EFFECT: merging a ticket for a future presentation and a bank card in one prepaid legal tender.

27 cl, 5 dwg

FIELD: information technology.

SUBSTANCE: system securely processing information, particularly protected information by means of a signature and/or encryption principle, comprises at least a mobile passive first storage unit (2) for retrievably storing first information, a processing device (3) which is adapted for interacting with the first storage unit (2) in order to process information, a decryption-protected second storage unit (6) for securely storing second information corresponding to the first information, a computer unit (5) for (cryptographically) processing information, which is integrated in the second storage unit (6) on the smart-card or card with chip model, an information transmission device (4), for transmitting the information from the first and/or the second storage unit (2, 6) to the computer unit (5), as well as for transmitting information between the processing device (3) and the connected peripheral devices (9).

EFFECT: reliability, high speed of operation and high noise-immunity of transmitting a large amount of data, and preventing unauthorised use and reception of data.

13 cl, 1 dwg

FIELD: information technology.

SUBSTANCE: ticket terminal housing has a card reader aligned by a client interface, a built-in printing device aligned by a driver interface, wherein paper is output from the printing device through a slit in the housing.

EFFECT: improved control of service payment.

13 cl, 9 dwg

FIELD: physics; computer engineering.

SUBSTANCE: invention relates to an information processing system, an information processing device, information processing method and an information recording medium, which are managed in order to generate a sound effect of an operation, which differs for each card user during operations with electronic money. User information, information on balance and sound data are recorded on the information recording medium. A transaction for buying a commodity using electronic money is made with a vending machine through the information recording medium. When the information recording medium is presented to the vending machine, the machine reads user information, information on balance and sound data through a wireless communication channel. The vending machine carries out the transaction based on information on the commodity selected by the user and information on balance. As a result, the vending machine provides the user with the selected commodity. On the other hand, a given sound is given out using sound data at a given moment in time during the transaction. Sound data can be stored only in the vending machine or in the information recording medium and the vending machine. The sounds given out differ for each user and for each event.

EFFECT: wider functional capabilities.

58 cl, 16 dwg

FIELD: system of microprocessor cards; electronic purse.

SUBSTANCE: system contains a double chip card, which contains a fixed microcircuit, which serves the microprocessor and a second detachable microcircuit, which contains read-only storage, which contains a predetermined sum of credit, and a micro pack, which is meant for putting the card into and which has a capability of communicating with the external terminal. Apart from the predetermined sum of credit the read-only storage of the detachable microcircuit has a unique serial number appropriated by the central bank and during this, the sum of credit and the unique serial number are put into programmed memory when the card is put into the micro pack for the first time.

EFFECT: invention allows the creation of a system with a microprocessor card, containing a fixed module and a detachable module, and the sum of credit cannot be changed, additionally, it is under control of the central bank.

13 cl, 6 dwg

FIELD: device and method for receiving sale service via information network.

SUBSTANCE: in accordance to method user orders service by means of user terminal system from provider, who starts data exchange with transaction means through processing center for requesting necessary reward from it, acting as premise for provision of service, in form of certain data. Process of ordering service, data exchange process with transaction means having to do with request of reward for it are interconnected by means of identifier assigned to transaction means, which is determined by user payment system. System contains user terminal system, information network, provider and processing center, having transaction module for ordering service and payment module.

EFFECT: increased data protection during ordering of service.

3 cl, 7 dwg

FIELD: technologies for making financial, banking and taxing payments.

SUBSTANCE: device contains microprocessor with keyboard and memory for data bout bank code, number of account, password of owner, password of tax department, cash total, tax percent, identification number of taxpayer, bank password and calculations program. Keyboard is used for inputting aforementioned values. Device also contains infrared waves receiver and infrared waves transmitted, by means of which during calculations information is exchanged concerning costs of purchase, sale, tax being taken, passwords, code of bank. Information by means of infrared waves is transferred into bank computer, initiating exchange of documents, and if passwords, codes and account numbers in bank match, its computer transfers information to bank terminal, by means of infrared waves this information is transferred from bank terminal memory to memory of owner device.

EFFECT: increased efficiency.

2 dwg

FIELD: access control systems, ATMs.

SUBSTANCE: controller has control signals generator, state analyzer, signals detector, executive device, state indicator.

EFFECT: simplified construction, higher efficiency.

3 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to means of unlocking and providing access to a device. The method includes receiving a request to unlock an encrypted device connected to a system, wherein the request is received by a secure partition of the system via a secure link established between a trusted remote console and the secure partition, and the secure partition is insulated from the primary operating system in the system; receiving a marker from the trusted remote console through the secure partition; using, through the secure partition, said marker to turn the encryption key of the device stored in a secure storage region, wherein the encryption key of the device is used to encrypt units of the encrypted device, and the secure storage region is concealed from the primary operating system; unlocking, through the secure partition, the encrypted device using the encryption key of the device in response to the request and without involving the primary operating system.

EFFECT: improved security of the device.

21 cl, 9 dwg

FIELD: physics, computation hardware.

SUBSTANCE: invention relates to safety of info systems. Standard technical conditions of active network hardware are, first, recorded. The list of open network ports, check sums of configuration files and software files, check sums of the results of control effects over active network hardware control system are recorded. Intermittent monitoring of active network hardware is executed. Reference and current states of said reference and current hardware are compared. In case current technical state does not comply with reference state, appropriate message is generated.

EFFECT: higher level of active network hardware protection.

2 cl, 2 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A robust and secure hardware-computer system in a cloud computing environment includes, interconnected and connected over a network, a first group of operating computers and a second group of computers for storing program sessions, as well as a control computer, through which the second group of computers for storing program sessions, high-performance computing resources and partitioned file storages are connected, wherein the system additionally includes a hypervisor, a security system which includes an attack detection and prevention module, a firewall module and a module for protection from unauthorised access and a system for providing fault-tolerance, which includes a module for providing fault-tolerance at the hardware resource level, a module for monitoring service virtual machines and a module for providing fault-tolerance of services.

EFFECT: improved reliability of the system and fast recovery of resources lost due to faulty equipment.

FIELD: physics, computation hardware.

SUBSTANCE: invention relates to computer engineering. Programme module code is loaded to main memory by safety system processor unless the actuation of OS execution in main memory address range located outside that used by said OS. Started OS readdress the access to said programme module from user programme to main memory address whereto programme module is loaded before OS execution actuation. This is performed with the help of file system which associates automatically the programme module address in user programme virtual memory space with physical address of main memory programme module.

EFFECT: ruled out faults on OS operation.

15 cl, 5 dwg

FIELD: information technology.

SUBSTANCE: method is performed by using the principle of masking the side electromagnetic radiation and leakage (SEMRL) of the main tablet computer similar to false SEMRL of the second tablet computer, the identical false SEMRL inseparable from the main SEMRL are created, masking the operation of the main tablet computer. At that the main and the additional tablet computer completely identical in hardware components and internal topology are used. The additional tablet computer is located with its screen under the bottom of the main tablet computer in parallel and symmetrically on the same-name sides without mutual touching at a distance of less than a quarter of the wavelength of oscillation of the same processor speed.

EFFECT: providing protection of the tablet computer from information leakage without the use of a noise generator.

FIELD: radio engineering, communication.

SUBSTANCE: method is carried out by inputting identification code information of identified objects into the differential time offset of noise-like signals used as request and response signals. The system consists of an identifier placed on an aircraft and a ground-based identification device. The main parts of said devices are correlation meters for determining the differential time offset of noise-like signals used for identification.

EFFECT: high security of the identification owing to invariance to interception of confidential information, high noise-immunity of the system.

4 cl, 3 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A method of preventing unauthorised use of vehicle equipment, based on use of software, the method comprising determining, using a vehicle computer system, that the infotainment system is turned on; receiving a unique identification number of the vehicle from a vehicle network associated with the vehicle in which the infotainment system is installed; comparing the unique identification number of the vehicle with a stored identification number of the vehicle, previously associated with the infotainment system; providing access to the infotainment system only if the unique identification number of the vehicle matches the stored identification number of the vehicle; otherwise blocking use of the infotainment system.

EFFECT: effective prevention of unauthorised use of stolen equipment in another vehicle.

3 cl, 5 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A method for electronic notary certification of text information, which includes preliminary registration of a contractor in an "electronic notary" system; when sending information by electronic mail, indicating in the "copy" field the address of the automatic "electronic notary" system; upon receiving a copy of the sent information, the automatic mail enters the copy into the personal accounts of the sender and the receiver with indication of the time of sending, the sender, the addressee of the information and all attachments comprising the information, wherein the automatic mail further notifies the addressee on the sending of information and storage of the certified copy of the sent information on the website in the personal account of the contractor.

EFFECT: confirming the sending of a document or file with indication of the date and time of sending via electronic mail.

4 cl

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to data processing. A data processing system has a browser with scripting engine means for executing a script. The scripting engine means implements a public scripting engine and a private scripting engine. The browser is configured to have the script executed by the public scripting engine if the script does not require access to a pre-determined resource at the system. The browser is configured to have the script executed by the private scripting engine if the script requires access to the pre-determined resource. Only the private scripting engine has an interface for enabling the script to access the predetermined resource. The scripting engine means is configured to prevent the private scripting engine from communicating data to the public scripting engine or to a server external to the data processing system if said data communication is not confirmed.

EFFECT: protecting private user data.

5 cl, 1 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to data memory method for storage of software product and to devices for secure data transmission. The device contains the assignment unit (2) for assigning of connections of data (DV) from various initial components (SK) through, respectively, at least, one intermediate component (ZK) to the common target component (ZK), the combining unit (3) for combining of intermediate components (ZK) depending on cryptographic information (KI) in one intermediate component (ZK) by means of, at least, one exchange of messages, and the exchange of messages is performed according to a method with a shared key, to Http-Digest-Authentication method, a request-answer method, key hash method, hash function, to Diffie-Hellman method and/or to the digital signature method and the data transmission unit (4) for data transmission (D) from initial components (SK) through the integrated intermediate component (ZK) to the target component (ZK).

EFFECT: improvement of security of data transmission.

14 cl, 12 dwg

FIELD: engineering of devices and methods for using server for access to processing server, which performs given processing.

SUBSTANCE: for this in accordance to method reservation is requested, reservation is confirmed, authentication information included in reservation information is stored, service is requested on basis of authentication information, server utilization is authenticated and server is utilized on basis of authentication result, while on stage of reservation confirmation device for controlling reservation transfers reservation setting information, and on stage of authentication server utilization is only confirmed when authentication information matches authentication information transferred from user terminal. Device contains receiving means, information generation device and transmitting means.

EFFECT: creation of method for using server, device for controlling server reservation and means for storing a program, capable of providing multiple users with efficient utilization of functions of processing server with simultaneous decrease of interference from unauthorized users without complicated processing or authentication operations.

6 cl, 51 dwg

Up!