Browse Prior Art Database

Automatic Stylus Identification System

IP.com Disclosure Number: IPCOM000121120D
Original Publication Date: 1991-Jul-01
Included in the Prior Art Database: 2005-Apr-03
Document File: 4 page(s) / 213K

Publishing Venue

IBM

Related People

Comerford, LD: AUTHOR [+2]

Abstract

A mechanism for identifying a Paper-Like Interface (PLI) tablet user is described. This mechanism is an enhancement of existing stylus technology to provide a data stream which is unique for each stylus. Such a stylus provides means by which the firmware and software of the PLI, PLI applications, and remotely connected applications can identify the user who is the source of a particular entry.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 34% of the total text.

Automatic Stylus Identification System

      A mechanism for identifying a Paper-Like Interface (PLI)
tablet user is described.  This mechanism is an enhancement of
existing stylus technology to provide a data stream which is unique
for each stylus.  Such a stylus provides means by which the firmware
and software of the PLI, PLI applications, and remotely connected
applications can identify the user who is the source of a particular
entry.

      In general, there are only three ways to identify individuals:
unique physical traits, unique knowledge, and unique possession.  As
the number of these elements used in a given identification process
is increased, the certainty of the identification is also increased.
For example, a signature is a combination of the unique physical
anatomy of the user's hand and the unique learning of the user of the
technique of writing.  It is the purpose of this article to show how
a system can be built to meet identification needs consistent with
the requirements of medical and other high-personal-responsibility
applications by using identifiable styli as identifiable unique
possessions.  It is also intended to show that such a
unique-possession-based identification system is also easily
supplemented by the unique knowledge and unique physical trait
information built into the user prototype data set.

      There are limitations to the security of such identifications
due to data exposure during communication. This system is able to
provide protection against attacks at three phases of user
interaction with the PLI: session initiation, ongoing session, and
session termination.  These are the sorts of attack which may arise
from opportunities appearing in the course of normal working
circumstances.  An attack at session initiation may take the form of
an unauthorized person attempting to impersonate an authorized
individual.  This may happen between the time a PLI is stolen and the
time it is reported missing.  It may go unnoticed if the PLI is
returned.  An attack on an ongoing session may take the form of an
unauthorized person trying to enter instructions through a session
established by an authorized person.  This may happen if the
authorized PLI user's attention is diverted or if a logged-on PLI is
temporarily unattended.  An attack at session termination may take
the form of an unauthorized individual interrupting a session
termination in order to continue the use of an authorized
individual's session.  This attack assumes the tablet to be attached
to a remote system.  The means for accomplishing this attack involves
manipulation of the communications channel from the PLI to other
systems.  If such manipulation were performed before the end of
session they would surely by noticed by the user.  Thus, attacks on
the session termination may require more technical sophistication or
collusion, but they have more variety and have historically been
shown to be effective.

      The...