1. Field of the Invention
The present invention relates generally to the protection of sensitive functions in an electronic device; and, more particularly, to a method and apparatus for providing secure, controlled access to one or more functions in an electronic device so as to prevent such functions from being accessed by unauthorized entities.
2. Description of the Prior Art
In many electronic devices, there is a need to protect certain functions within the devices from being accessible to unauthorized entities that may wish to activate or use those functions. For example, in many fixed and mobile computing and telecommunication systems, such as cellular telephones, PDAs (Personal Digital Assistants), and the like; it is important to provide a secure, controlled access to a variety of sensitive functions in the systems, including both software program functions and hardware functions.
In recognition of this important need for access control, a variety of protection mechanisms have been developed and are known and used in the prior art. In U.S. Pat. No. 5,606,315, for example, access to a dynamic data object is controlled via a password that is stored in an EEPROM. However, in the mechanism described in this patent, a user can easily read the password from the EEPROM; and, thus, can obtain unauthorized access to the capability of modifying the data.
In U.S. Pat. No. 6,026,293, a more advanced protection mechanism is taught that provides access control to the capability of reprogramming software in a device. In the mechanism of this patent, a public key cryptography scheme is used to avoid the problem of storing secret keys or passwords; however, the disclosed mechanism is not capable of providing different levels of access to different functions in the device that may have different security requirements, or that should not be shared among all entities that can successfully perform the authentication process.
Another important problem that exists with respect to securing the access to sensitive functions in a system is that data or commands sent to the system from even an authorized connecting entity, or sent from the system to the entity, is capable of being wiretapped during transit to/from the system. This creates the possibility, for example, for a passive wiretapper to monitor the data or commands, or for an active wiretapper to insert data or substitute sent data with his/hers/its own data. Known protection schemes do not adequately address such wiretapping problems.
In general, although existing protection mechanisms can be used to control access to a sensitive function in a system; such mechanisms lack the fine grain control capability and security demands that are required in more advanced systems.