201234206 六、發明說明: 【發明所屬之技術領域】 本發明係關於一種數位儲存裝置,具體而言 一種可提供資料安全之數位儲存裝置。 ,、奇於 【先刚技術】 腦、及在筆H科技迅速發展的今日,電腦裝置(包含桌上型電 ,及筆έ己型電腦等等)幾乎成為人們日常必備的生活工: =用:論是在工作、或是生活上,人們幾 : 在使用電腦,並且依賴電腦, ^都 由電腦來儲存管理。 t夕的室要貝科,也都交 扮演的角色日益重/Λ、/者行^碟等等)在現代生活中 憶卡、隨身碟或行動硬=者中的資料健存於記 身碟或行動硬碟中的資料。缺並使用電腦讀取記憶卡、隨 小、容易攜帶,故使用者在M、而’由於此類電子產品體積 疏忽而遺失,或甚至遭人::帶此類產品時容易因為-時 存之資料,造成資料外心風險使其他人可任思取得所儲 為了保障資料的安全, 要是利用輸入密碼的方式,所廣泛使用的先前技術主 置所儲存資料的安全性γ確保搆帶式電子資料儲存裝 輸入介面,以提供使用者::二於隨身儲存裝置上設置-置中的認證控制器確認碼’當进碼由隨身儲存裝 存敦置進行資料存取“、後’方可致能(enable)此隨身儲 作’倘若使用者所輸入之密碼有 201234206 誤’則此隨身儲存裝置蔣 電腦萝署& 梃禁( ),致使主機端的 此_\&存取隨切存裝置中的任何資料。然而,在 竹中’使用者必須管理並牢記密碼,才能確保存放 =帶式電子資料儲存裝置中的資料不會被任意讀取,故 裝甚忘記密碼,自己亦無法順利存取隨身儲存 i重新於貝:,實為不便。此外,使用者每次操作時都必 ;重新輸入密碼。對使用者而言,無疑是項負擔。再者, 者所設定的密碼為固定,若遭有心人士觀察並記 二Γ亦:藉由輸入介面輸入正確密碼,而存取隨身 種:用'的:的身料’故在安全上仍存在著部分疑慮。另一 碼輸入方式是從個人電腦執行專屬的密碼輸入 ☆ 1—種方法也容易讓電腦上的木馬程式盜取密碼, 谷易造成安全上的漏洞。 為了克服上述缺點,遂發展出—種利用生物辨識的方 利往的密碼保護’所謂的生物辨識,其原理就是 辨識使用貝ΐ生Γ特徵’如·臉形、指紋、瞳孔等特徵,來 ς吏用者的身分’而每個人的生物特徵皆會不同且無法 二所以’利用生物特徵來作為㈣或檔案的存取權限, -種較安全的做法。然而’若要利用生物辨識技術 來達成安全保密的效果,則必須在隨㈣ 2生物辨識器。而上述設計將增加隨身儲存裝置的= 2,同時也會增加儲存裝置的體積,不利於隨身 置的小型化要求。 另外’亦有相關業者發展出—種智慧卡(3贿, 201234206 其係-種貼上或嵌有積體電路晶 用此種智慧卡對資料或槽案進行加密,卡片,刺 屬的鑰匙(Key)進行認證後,該智慧:使用者利用其專 案或資料進行解碼,以讓使用者使用,= 全上亦存在著::易被有心人士以側錄方式盜用,故在安 -此在隨身储存裝置之保全技術中,仍存在著201234206 VI. Description of the Invention: [Technical Field] The present invention relates to a digital storage device, and more particularly to a digital storage device that can provide data security. Today, the computer technology (including desktop power, pen-and-computer type, etc.) has become a daily necessity for people: = : On the work, or in life, people: use computers, and rely on computers, ^ are stored and managed by computers. In the room of the eve, you need to play the role of the singer, and the role of the singer, the singer, the singer, the singer, the singer, the singer, the singer Or the data in the action hard drive. Lack of use and computer to read the memory card, small, easy to carry, so the user is in M, and 'because of the negligence of such electronic products lost, or even suffered:: With such products is easy because of - when The information causes the external risk of the data to enable others to obtain the storage in order to ensure the security of the data. If the password is used, the security of the stored data stored in the prior art is widely used to ensure the configuration of the electronic data. The storage input interface is provided to provide the user:: 2 on the portable storage device - the authentication controller confirmation code of the center is set to 'access the code to the data storage by the portable storage device." (enable) this portable storage "If the password entered by the user has 201234206 error", then the portable storage device Jiang Computer Office & curfew (), so that the host side of this _\& access with the storage device Any information. However, in the bamboo, the user must manage and remember the password to ensure that the data stored in the tape-type electronic data storage device will not be read arbitrarily, so it is forgotten. Password, I can't access the portable storage i again. It is really inconvenient. In addition, the user must do it every time; re-enter the password. For the user, it is undoubtedly a burden. Again, The set password is fixed. If you are obsessed with the intention of the person and remember to enter the correct password by entering the correct password, you can access the portable: use 'the body of the body', so there are still some doubts about the safety. Another code input method is to execute the exclusive password input from the personal computer. ☆ 1 - The method is also easy for the Trojan on the computer to steal the password, and the valley is vulnerable to security. In order to overcome the above shortcomings, the development has been exploited. The biometric identification of the password protection 'so-called biometric identification, the principle is to identify the characteristics of the use of Beibei oysters' such as face shape, fingerprint, pupil and so on, to the identity of the user' and the biological characteristics of each person It will be different and can't be used, so 'use biometrics as (4) or file access rights, a safer approach. However, if you want to use biometric technology to achieve security The effect must be in the (4) 2 biometric device. The above design will increase the storage device's = 2, and it will also increase the size of the storage device, which is not conducive to the miniaturization requirements of the portable device. In addition, there are related industry developments. Out of a kind of smart card (3 bribe, 201234206 its system - kind of embedded or embedded in the integrated circuit crystal with this smart card to encrypt the data or the slot case, the card, the key to the key (Key) for authentication, Wisdom: Users use their projects or materials for decoding, so that users can use them. = There are also all: • Easy to be used by people with a willingness to use them in the form of a recording. Therefore, in the security technology of the portable storage device, Still there
二困難及不便’以待克服。 【發明内容】 有鑑於此,本發明提供一種用以提 =裝置及其操作方法,藉以改善上述缺點位 更女全的保護隨身儲存裝置中的資料安全。 本發明之-目的在於提供一種數位儲存裝置,其可自 動在隨身儲存裝置與主機端的外部裝置之間交換授權碼, 产進行驗α而無須由使用者輸人密碼,即可防止資料被 ,取’故可省卻使用者記憶密碼所產生的困擾,更可避免 达、碼被瓢竊的問題。 本發明之另一目的在於提供一種數位儲存裝置,其無 須利用生物辨識技術即可達到安全保護的目的,藉此可節 省成本、縮小體積,更符合隨身儲存裝置的小型化、可攜 本發明之又一目的在於提供一種數位儲存裴置,其可 决速地進行授權認證,其係由於使用者無須進行任何操 作,此數位儲存裝置及外部裝置即可自動進行授權認證, 201234206 進而可提升操作速度’並省卻使 為了達到上过曰沾 用者進仃認證的麻煩。 ^了相上4目的,本發明揭露 王=?儲存裝置,其包含··-記憶體,用以儲存;Γ 控制益,搞合至上述記憶體;、… 上诚批在,丨β m 兩仔貝料介面’耦合至 及I::用以連結至-外部裝置,以傳輸上述資料; 資料輸出/入介面,搞合至上述控制器;其中二 过·控制裔係透過上述安資 權請求至上述外部穿置之二入介面傳送—使用授 _山/ 中心’並透過上述安全資 =出/入介面由上述外部裝置之上述授權中心接收一授 上述㈣器驗證上述授權碼為正確時 述儲存資料介面。 面’本發明更提供—種操作方法,用以操作上 使一儲广:裝置’其步驟如下所述:首先’利用-控制器 一入吹子貝料介面暫時失效:然後’由上述控制器透過一 安全資*料輸出/入介面送出一使用授權請求至一授權中 心’接著,由上述控制器透過上述安全資料輸出/入介面從 、,授權中〜接收一授權碼;再來,由上述控制器驗證上 述=權竭疋否正確;若正確,則由上述控制器致能上述儲 存貝料介面;若錯誤,則由上述控制器透過上述安全資料 輸出;|面送出上述使用授權請求至上述授權中心,並自 上^授權中心接收另一授權碼,以進行驗證,倘若上述控 制器驗^ N次授權碼均錯誤時,則將停止動作。其中,控 制器在&供使用授權請求至授權中心前,亦可透過上述安 王"貝料輸出/入介面確認此授權中心是否存在。 201234206 2由以上所揭露之技術手段,本發明無須經由使用者 輸入密碼,或另外加裝生物辨識裝置,即可達到資料保全 的目的,相較於先前技術,本發明顯然可由更簡便、更節 省的方式提供資料安全的保護。 〜以上所述係用以闡明本發明之目的、達成此目的之技 ,手#又卩及其產生的優點等等。而本發明可從以下較佳 實施例之敘述並伴隨後附圖式及申請專利範圍使讀 清楚了解。 【實施方式】 誠將以較佳實施例及觀點加以敘述,此類敘述係 ^釋本發明之系統架構及方法,僅用以說明㈣用以_ 轉明之中請專利範圍。_,除說明書中之較佳實施例 以外,本發明亦可廣泛實行於其他實施例中。 :括而言’本發明係利用一與控制器互相耦合的安全 =料輸出介面傳送❹授權請求至授權巾❼並透過安八 資料輸入介面從授權中心接收授權碼至控制器。當= 驗證此授權碼無誤時’則可致能儲存資料介面血外;晋 =行資料交換。藉由上述手段,可提供儲純置1個安= 簡便的授權方式,進而克服先前技術之種種困難。 t閱第一圖,本圖係顯示本發明所揭露之用 貝枓女王之數位儲存裝置之較佳實施例,其包含:—* '、 體101、-控制$ 102、一儲存資料介面1〇3 ' _安入^ 輸出介面104、一安全資料輸入介面1〇5 ,:二’ 〗。1係搞合至控制器⑽,其係用以儲存資料:於部: 201234206 例中,此記憶體101可包含各種非揮發性記憶體,例如: 硬碟、^抹除可程式唯讀記憶體(EpR〇M)、魏可抹除可 程式唯讀記憶體(EEPR0M)、快閃記憶體、或磁電阻式隨 機存取記憶體(Magnet〇resistive Rand〇m 心崎 mram)等等。於部分實施例中,記憶體⑻可包含各種揮 發性記憶體,例如:#態隨機存取記憶體(SRAM)或動能产 機存取記憶體(DRAM)料。熟悉本技術領域之通常=Two difficulties and inconveniences have to be overcome. SUMMARY OF THE INVENTION In view of the above, the present invention provides a device for improving the data security of the portable storage device by improving the above-mentioned disadvantages. SUMMARY OF THE INVENTION It is an object of the present invention to provide a digital storage device that automatically exchanges an authorization code between a portable storage device and an external device on the host side, and generates an authentication alpha without the need for a user to input a password, thereby preventing data from being taken. 'Therefore, the troubles caused by the user's memory password can be saved, and the problem of the code being stolen can be avoided. Another object of the present invention is to provide a digital storage device that can achieve security protection without using biometric technology, thereby saving cost, reducing volume, and more conforming to the miniaturization of the portable storage device. Another object of the present invention is to provide a digital storage device that can perform authorization authentication quickly, because the digital storage device and the external device can automatically perform authorization authentication because the user does not need to perform any operation, and the operation speed can be improved in 201234206. 'And save the trouble of getting certified in order to get through. ^ For the purpose of 4, the present invention discloses a king=? storage device, which contains ...--memory for storage; Γ control benefits, fit to the above memory;, ... on the approval, 丨β m two The batting interface 'couples to and I:: is used to connect to the external device to transmit the above data; the data output/input interface is fitted to the above controller; and the second pass control entity requests through the above-mentioned security rights To the above-mentioned externally-mounted two-input interface--using the _Shan/Center' and receiving the above-mentioned (4) device from the above-mentioned authorization center of the above-mentioned external device through the above-mentioned security/output interface to verify that the above authorization code is correct Save the data interface. The invention further provides an operation method for operating a storage device: the steps of the device are as follows: firstly, the controller is temporarily disabled by using the controller-into-blower interface: then the controller is Sending a use authorization request to an authorization center through a security information output/input interface. Then, the above controller transmits an authorization code through the above-mentioned security data output/input interface, and then receives an authorization code; The controller verifies that the above-mentioned right is correct; if it is correct, the above-mentioned storage device enables the above-mentioned storage material interface; if it is wrong, the controller outputs the above-mentioned safety data; The authorization center receives another authorization code from the upper authorization center for verification. If the above-mentioned controller verifies that the authorization code is wrong, the operation will stop. The controller can also confirm the existence of the authorization center through the above-mentioned An Wang "Beast output/input interface before the & authorization request is sent to the authorization center. 201234206 2 According to the technical means disclosed above, the present invention can achieve the purpose of data preservation without inputting a password or a biometric identification device, and the invention can obviously be made simpler and more economical than the prior art. The way to provide data security protection. The above description is used to clarify the object of the present invention, the technique for achieving the object, the advantages of the hand and the advantages thereof and the like. The present invention will be apparent from the following description of the preferred embodiments and the accompanying drawings and claims. [Embodiment] The present invention will be described in terms of preferred embodiments and aspects, and such descriptions are intended to illustrate the system architecture and method of the present invention, and are merely used to illustrate (4) the scope of the patent application. The present invention may be widely practiced in other embodiments in addition to the preferred embodiments described in the specification. In addition, the present invention utilizes a security/material output interface coupled to the controller to transmit an authorization request to the authorization frame and receive an authorization code from the authorization center to the controller through the An8 data input interface. When = verify that the authorization code is correct, then it can be stored in the data interface; Jin = line data exchange. By means of the above-mentioned means, it is possible to provide a simple mode of storage and storage, thereby overcoming the difficulties of the prior art. Referring to the first figure, this figure shows a preferred embodiment of the digital storage device for the Queen of Bellevue disclosed in the present invention, which comprises: -* ', body 101, - control $102, and a stored data interface. 3 ' _ An input ^ output interface 104, a security data input interface 1 〇 5,: two ' 〗. The 1 series is integrated into the controller (10), which is used to store data: in the Department: 201234206, the memory 101 can include various non-volatile memories, such as: hard disk, erase the programmable read only memory (EpR〇M), Wei can erase programmable read-only memory (EEPR0M), flash memory, or magnetoresistive random access memory (Magnet〇resistive Rand〇m 崎崎mram) and so on. In some embodiments, the memory (8) may comprise a variety of volatile memory, such as: #state random access memory (SRAM) or kinetic energy access memory (DRAM) material. Familiar with the general field of the art =
者應虽理解上述各種記憶體進係用以閣釋,而非限制本 w 明。 X 控制器102除了耦合至記憶體1〇1外,儲存資料介面 2安全資料輪出介面刚及安全資料輸出介面⑽亦传 麵:至控制器102,當此數位儲存裝置的電源 例 片 裝置連結至外部裝置,由外部裝置供應其電 二器102可使儲存資料介面103暫時失效,舉例 將:+: ri儲存t面103 $usb介面時,控制器可藉由 了 USB人、阻抗狀態來達成暫時失效之目的。除 η面外,資料儲存介面103亦 ’、 ΙΕΕΕ1394介面、SATA人 ^包3但不褐限於, 為有線人面,A ;丨面、或是SAS介面,以上介面皆 —面、藍4二資:斗儲存介面更可包含無線介面㈣ 合為==Γ!Γ及安全資料輸入介*105可整 中將其分開描述中人介面’但為利於說明’在本說明書 八中,安全資料輪出介面104係耦合至 201234206 控制器102,藉以傳送控制器1〇2之使用授權請求至外部 裝置之授權中心,具體而言,此外部裝置可包含,但不侷 限於,桌上型電腦、筆記型電腦、平板電腦等電腦裝置, 而此授權中心是上述外部裝置中的軟體或硬體,可根據使 用授權請求對應地發送一授權碼,並透過安全資料輸入介 面105傳送至控制器102中,以供驗證。其中,安全資料 輸出介面104及安全資料輸入介面1〇5可包含,但不侷限 於,電氣介面、無線介面、或是光學傳輸介面等等,上述 •之無線介面係如Wifi彳面、藍牙介面、或其它使用大於 1.8GHz頻帶之無線介面等等。其中,外部裝置亦需設置一 對應的輸出/入介面,如電氣介面、無線介面或光學傳輸介 面等等,以利與安全資料輸出介面1〇4及安全資料輸入介 面105交換使用授權請求及授權碼。當控制器ι〇2確認安 全資料輸入介面105所接收之授權碼為正確後,即可致能 儲存資料介面103,使其可透過控制器1〇2存取記憶體ι〇ι _中的資料。舉例而言,若儲存資料介面1〇3為Usb,則控 制器可拉起d+觸點通知USB主機端(h〇st)’進而建立資才= 傳輸通道。 ’ 請參閱第二圖,本圖係描述本發明數位儲存裝置操作 方法之一實施例,其步驟如下所述:首先,於步驟中, 開啟數位儲存裝置的電源,舉例而言,當數位儲存裝置插 入一外部裝置時,外部裝置可提供電壓給此數位儲存裝 置,從而啟動電源;然而,於步驟2〇2中,利用一控制器 使-儲存資料介面暫時失效,舉例而言,若資料料介面 201234206 103為USB介面時,控制器可藉由將 抗狀態來達成暫時失效之目的;接著=、轉於高阻 上述控制器透過一安全資料_出人 ' ^ ’ 203中,由 至-授權中心,且:::!:面送出-使用授權請求 ”面、無線介面或光學傳輸介面等等,而載:電乳 二裝置亦設置有相對應的電氣介面、無線 :: ^面’以利於接收使用授權請求;然後 干傳Those who understand the above-mentioned various memory systems should be used to explain them, not to limit them. In addition to being coupled to the memory 1〇1, the X controller 102 stores the data interface 2 security data wheel interface and the security data output interface (10): the controller 102, when the digital storage device power supply device is connected To the external device, the second device 102 is supplied by the external device to temporarily disable the stored data interface 103. For example, when +: ri stores the t-side 103 $usb interface, the controller can achieve the USB state and the impedance state. The purpose of temporary lapse. In addition to the η plane, the data storage interface 103 is also ', ΙΕΕΕ 1394 interface, SATA people ^ package 3 but not limited to brown, for wired human face, A; face, or SAS interface, the above interface is - face, blue 4 : bucket storage interface can also include wireless interface (4) ==Γ!Γ and security data input media *105 can be described separately in the Chinese interface 'but for the explanation' In this specification, the safety data is rounded out The interface 104 is coupled to the 201234206 controller 102 to transfer the authorization request of the controller 1 to 2 to the authorization center of the external device. Specifically, the external device may include, but is not limited to, a desktop computer and a notebook. a computer device such as a computer or a tablet computer, and the authorization center is a software or a hardware in the external device, and an authorization code is correspondingly transmitted according to the authorization request, and transmitted to the controller 102 through the security data input interface 105. For verification. The security data output interface 104 and the security data input interface 1〇5 may include, but are not limited to, an electrical interface, a wireless interface, or an optical transmission interface, etc., and the above wireless interface is a Wifi interface or a Bluetooth interface. Or other wireless interfaces using a frequency band greater than 1.8 GHz, and the like. The external device also needs to set a corresponding output/input interface, such as an electrical interface, a wireless interface or an optical transmission interface, etc., in order to exchange the authorization request and authorization with the secure data output interface 1-4 and the secure data input interface 105. code. When the controller ι〇2 confirms that the authorization code received by the security data input interface 105 is correct, the data interface 103 can be enabled to access the data in the memory ι〇ι_ through the controller 1〇2. . For example, if the storage data interface 1〇3 is Usb, the controller can pull up the d+ contact to notify the USB host end (h〇st)' to establish the resource = transmission channel. Referring to the second figure, this figure describes an embodiment of the operation method of the digital storage device of the present invention, the steps of which are as follows: First, in the step, the power of the digital storage device is turned on, for example, when the digital storage device When an external device is inserted, the external device can supply a voltage to the digital storage device to activate the power supply; however, in step 2〇2, a controller is used to temporarily disable the storage data interface, for example, if the data interface is When 201234206 103 is the USB interface, the controller can achieve the purpose of temporary failure by the anti-state; then =, turn to the high-resistance controller through a security data_out of the '^' 203, to the - authorization center And:::!: face delivery - use authorization request" face, wireless interface or optical transmission interface, etc., and: the second device is also equipped with a corresponding electrical interface, wireless:: ^ face' to facilitate receiving Use an authorization request; then pass
由上述控制器透過安全資料輸入介面從上述授二= 一^權碼’舉例μ,為了回應使用授權請求,此 心會產生一授權碼,並藉由安全資 中 授權碼可為固定或隨機產生的,其係取決於= 於步驟205中,由上述控制器驗證上述 杈權碼疋否正確;若正確,則進入步驟2〇6 制器致能儲存資料介面。舉例而言,若儲存資料介= =把,則控制器可拉心觸點通知聰主機端(㈣面^ 建立資料傳輸通道’然後,可進入㈣2〇8,即计 根據授權進行資料存取的動作。回到步驟2〇5, 碑 ㈣錯誤’則重複步驟203及步驟204,亦即,再由又控被希 裔透過上述安全資料輸出介面送出使用授權請求至授權中 心,並自授權中心透過安全資料輸入介面接收另一授權 碼’以進行驗證’倘若上述控制器驗證心欠授權碼均錯誤 時,則進入步驟207,控制器將停止動作,其中,上述n 為大於1之j£整數’其數值大小可由使用者依據需求決定。 本發明亦提供另-數位儲存裝置之操作方法,於此可 201234206 參閱第了圖,大體而言,本圖所述之操作流程與第二圖相 似,不同之處在於步驟202與步驟203之間更包含一步驟 3〇1 ’於曰此步驟中,控制器可透過安全資料輸入介面檢查授 權中〜疋否存在,倘如存在’則可進入步,驟203,若不存 在,則重複進行步驟3〇1,持續檢測授權中心是否存在。The above controller sends an authorization code from the above-mentioned two-to-one weight code through the security data input interface. In response to the authorization request, the heart generates an authorization code, and the security code can be fixed or randomly generated by the security code. It depends on = in step 205, it is verified by the above controller whether the above-mentioned weight code is correct; if it is correct, the process proceeds to step 2〇6 to enable the data interface to be stored. For example, if the stored data is ==, the controller can inform the Cong host end ((4) face ^ establish data transmission channel'), then enter (4) 2〇8, that is, according to the authorization for data access Action. Go back to step 2〇5, monument (4) error', then repeat steps 203 and 204, that is, again, the control is sent by the Greeks through the above-mentioned secure data output interface to the authorization center and through the authorization center. The security data input interface receives another authorization code 'for verification'. If the controller verifies that the authorization code is wrong, then the process proceeds to step 207, and the controller stops the operation, wherein the n is an integer value greater than 1 The numerical value can be determined by the user according to the requirements. The present invention also provides a method for operating the other-digit storage device, which can be referred to the first figure in 201234206. Generally speaking, the operation flow described in the figure is similar to the second figure, different. The step 202 and the step 203 further include a step 3〇1 'in this step, the controller can check the authorization through the security data input interface. If the presence of such 'can enter step, step 203, if it exists, is repeated 3〇1 step for detecting presence or absence of the authorization center.
〜上述敘述係為本發明之較佳實施例。此領域之技藝者 應传以領會其係用以說明本發明而非用以限定本發明所主 張之專利權利範圍。其專利保護範圍當 範圍及其等同領域而定。凡熟悉此領域之㈣者 離本專利精神或範圍内,所作之更動或潤飾,均屬於 明所揭示精神下所完成之等效改變或設計,且應包 述之申請專利範圍内。 【圖式簡單說明】 弟一 塊圖 圖係顯示本發明所揭露之數位儲存裝置之功能方The above description is a preferred embodiment of the present invention. Those skilled in the art should understand that the present invention is not intended to limit the scope of the patent rights claimed herein. The scope of patent protection depends on the scope and its equivalent. Any changes or modifications made by those who are familiar with this field within the spirit or scope of this patent are subject to the equivalent changes or designs made under the spirit of the disclosure and should be covered by the patent application. BRIEF DESCRIPTION OF THE DRAWINGS The figure shows the functional side of the digital storage device disclosed in the present invention.
第二圖係顯示本發明數位儲存裝置之操作流程圖 第二圖係顯示本發明數位健存 【主要元件符號說明】 ㈣-权圖 記憶體 102控制器 1〇3儲存資料介面104安全資料輸出介面 201-208步驟 301步驟The second figure shows the operation flow chart of the digital storage device of the present invention. The second figure shows the digital health of the present invention. [Main component symbol description] (4) - The weight memory 106 controller 1 3 stores the data interface 104 security data output interface. 201-208 Step 301 Steps