CA1102453A - Computer accessing system - Google Patents

Computer accessing system

Info

Publication number
CA1102453A
CA1102453A CA322,630A CA322630A CA1102453A CA 1102453 A CA1102453 A CA 1102453A CA 322630 A CA322630 A CA 322630A CA 1102453 A CA1102453 A CA 1102453A
Authority
CA
Canada
Prior art keywords
computer
access
congruent
pseudorandom
access code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired
Application number
CA322,630A
Other languages
French (fr)
Inventor
Frank T. Check, Jr.
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Pitney Bowes Inc
Original Assignee
Pitney Bowes Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Pitney Bowes Inc filed Critical Pitney Bowes Inc
Application granted granted Critical
Publication of CA1102453A publication Critical patent/CA1102453A/en
Expired legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S379/00Telephonic communications
    • Y10S379/903Password

Abstract

ABSTRACT OF THE DISCLOSURE

A communications link between a computer and a remote user is effected by a portable access unit which generates a non-recurring access code which is a function of a password and a pseudorandomly generated number. She access code is transmitted and compared with an access code generated by a computer access controller. In addition to the access code, the pseudorandomly generated number provides an encryption key which ? not trans-mitted but corresponds to a mating encryption key generated at the controller. The mating encryption keys are utilized to set up data transmission enciphering/deciphering networks successive links are established by incremented pseudorandomly generated access codes.

Description

~,-'`- ' ` , ., ` ~

. ' .

E3ACKGRCUND OF TED3 INVFNTIO~J
~'''`'"'~ ' .
-~ _1. Summar~ of the Invention .~ : This invention relates generally to securi.ng communica tion links between a computer and a remote terminal and more par-j :~ ticularly to a system for accessing a computer and keying an encryption network for data transmission through pseudorandom ¦
: number generation.

: . . ` . .

,-~ . . . .
`: , ~ ' ' ' . ':
:` ~ ` ', ,: - ' ~ ' `` ' `:
. , . : ... ,. , ~ `, ` .
.: . ` - . ` ~ ::

.. - -` ~ Zg~
. -! l -: :; , I . .
,.. , I .
Society's multifaceted dependency upon computer systems ¦has increased the possible effe~ts of unauthorized computer access ¦to untold level3. Computer networking,such as time sharing ¦systems, has led to inherent security problemsisince programs ¦e~ecuted by ~uch sy3tems shared access and cooperated wlth each ¦other. The capabilities of recent computer systems included not ¦only the utilization o remote terminals but extensive resource ¦sharing and batch processing of different projects. The use of ¦such systems has necessarily increased the likelihood of deliberat a or even accidental acquisition and/or alteration of data.
¦ computer systems have been sub~ect to a variety of ¦ security risks ranging from misappropriation of confidential data ¦ through unauthorized use of computing time. Access controls have ¦ been used in virtually all time sharing and most other computer ¦ syst2ms. Differences in the nature of the information being ¦ processed have given rise to various security measures and pro- `
¦ cedures commensurate with the value attached to such data and the ¦ consequences of unauthorized access and/or appropriation thereof.
For example, the data proces`sed in computer systems utilized for financial transactions has a substantial value due to the monetar~
losses which could be sustained as a result of system penetration.¦
A user has been traditionally identified by at least one of the following:

la) through somethirg he knew or had memorized, e.g. a password;
(b) through somethiny he carried with him, e.g. a card or badge: or '~' ' . . - ' , , . '.
. - , . . .

.-: - .
.
. . .- : ' . -: .. , ~ ` 115~Z453 ¦ (c) through a personal physical characteristic, e.g.
¦recognition by a guard.
I Passwords have been widely employed to authenticate a ¦remote terminal user. The use oE passwords has been augmented by ¦secondary security measures in many instances. For example, a ¦typical consumer banXing terminal accesses its computer by using la combination of a magnetically encoded card and the user's ` ¦memorized password commonly referred to as a personal identi~ica~
¦tion number.
¦ While such systems might have been satisfactory from a ¦cost/loss risk standpoint, there were subject to penetration with ¦ or without access to the individual user's card. Various pass-¦ word selection procedures and their susceptibility to penetration I have been discussed in a U. S Department of Commerce publication ¦ entitled The Use of Passwords for Controlled Access to Computer ¦ Resources, NBS Special Publication 500-9 dated May 1977.
In addition to penetration of the user's password, ¦ passwords themselves were ineffective, for example, against the ¦ penetration threat of between-lines entry and piggy-~ack infiltra-I tion. Unauthoxized interception of communication links between ¦ the computer and a remote user has been a further security problen ¦ and resulted in obtalning not only the data transmitted but the ¦ user's password Eor subsequent acces~.
.. . ' .' ' . , . , : : '. , : :
' ` ': .

"~ , llQZ'.'53 i ¦ SUMMARY OF ~HE INVENTION
,.,." I .
A remote computer i9 a~cessed by a nonrecurring acces~
code generated as a function of a pseuaorandom number and a user password. The access code is transmitted over telephone lines through the`use of a digital ~ignal to audio tone modem and decoded at the computer location. An access controller receives the decoded access code and compares it to an expected access cod which has baen congruently generated. Upon recognition of an equality between the controller generated access code and the transmitted access code, the control~er grants access to the computer. The generated pseudorandom number can be divided into two segments, one of which is used to furnish the access code and the other an encryption key utilized for subsequent data transmis sion between the user and the computer or, in the olternative, tw pseudorarldom numbersare generated, one of which is utili~ed for access code generation and the o~her for the encryption Xey.
From the above compendium it will be appreciated that it is an object of the present invention to provide a remote accessing system of the general character described Eor establish ing a communications link between a computer and a remote user which is not subject to the disadvantages aforementioned.
A further object of the present invention is to provld , a remote accessing system of the general character described for establishing a communications link between a computer and a user employing an accessing password which is not transmitted over communlcations lines. -_4_ .~ , . . , , . , .
~, . : .. ., , .. ~
.:
.
- '. ' ' . : , -. . : . : . :
~: ' : , :
-. , -:. ~ ' ' . ' ' ' ':

A further object of th~ pre~nt invention is to pro-vide a remote accessihg syste~ cf the general character descrlbed for establishing a communications link bPtween a computer and a user which utilizes p~e~dorandom number yeneration to provide nonrecurring access code~.
Another object of the pre~ent invention is to provide a remote accesqing system of the general character described for e~tablishing communication links between a computer and a user which employs data encryption established in conjunction with a nonrecurring ancryption key.
A further object of the present invention is to pro-vide a remote accessing system of the general character described for establishing communications links between a computer and a user which utili~es pseudorandom number generation for the pur-pose of both acces~ing the computer and providing a data en-cryption key.
Another object of the prese~t invention is to provide i a remote accessing syste~ of the general character described for es~tablish1ng communlcations links between a computer and a user wher~in interception of user-computer communications will not provide sufficient data for independently accessing the computer.
Other objects of the invention in part will be ob-vious and in part will be pointed out hereinafter.

' ' ' ' ' ' ' ' - ' . ... .
:~.
5 _ 1 ...-., ..., 1 '~''~'; . .

., . :: : ' ' : .. , -'', . ~, : .. '.: . , :, , .
- . ~ : : . .

According to one aspect o~ the present inven-tion there is provided a system for accessing a computer by a user having an assigned password to establish a communications link for data transmission between a computer terminal and a computer, the system comprising means at the terminal sequentially generating nonrecurring pseudorandom numbers in a reproducible fashion means receiving the pseudorandom number and the user assigned password and i.n response thereto modifying the pseudorandom number as a predetermined function of the password to provide an access code signal, means transmitting the access code signal from the terminalt controller means at the computer, the controller means receiving the transmitted access code signal, the controller means including means for sequentially generating congruent pseudorandom numbers and ~or modifying a congruent pseudorandom number with the user assigned password to provide a congruent access code signal and in response to the equality thereof providing an access signal, switch means receiving the access signal and in response thereto establishing a data transmisision path between the terminal and the computer, whereby computer access is secured through a sequential change of access codes in a pseudorandom fashion without direct transmission of the userls password.
According to a second aspect there is provided a . .
. method of accessing a computer at one location by a user positioned at a second location and having an assigned password, .` the method comprising the steps of : (a) sequentially generating a nonrecurri.ng pseudo-random number at the second location, , '' ~

. ~it ~
0-- - 5a -. . .
csm/ ~ ~
: . . . .
'' ', ' " ' '' ' ''` .'' .. - . : :

~l~Z~L53 ~...... ' ~

(b) modifying the pseudorandom number as a function of the user assigned password to provide an access code, ~ c) transmitting the access code Erom the second location to the first location, (d) receiving the transmitted access code at the first location, (e) sequentially generating a congruent nonrecurring - pseudorandom numbe.r, (f) modifying the congruent pseudorandom number with the user assigned password to provide a congruent access code, (g) comparing the received access code with the ~ congruent access code, and .-~ (h) granting access to the:computer upon recognition . -- of an equality between the received access code and the congruent -. access code, whereby computer access is secured through a change of access codes in a pseudorandom fashion without direct transmission of the user's password.
:,. . .
.. ~

.; .
' ,, . ' - 5b -"
;,, . ~ cs~

' .:
,. . .. . . :
:: . . .
':
2~S;~
.. . .
.

With these ends in view the invention finds embodiment . - in certain combir~ations of elements, arrangements of parts .: and serie~ of ~teps by whi~h the object3 aforementioned and cer~
. : tain other o~jects are hereinafter attained, all as ~ul~y de-: scribed with reference to the accompanying drawings and the scope of which is more particularly pointed out and indicated - in the appended claims.

` - ~ .RIEE DES~RIPTION O~ TKE DR~ I~GS

}n the accompanying drawings in which is shown one of the var~ous possible exemplary embodiments of the inventio~, FIG. 1 is a schematized block diagram of a remote accessing system constructed in accordance with and embodying : the invention and illustrating an access unit at a remote terminal establishing a communications link to a main computer;
FIG. 2 is a flow diagram illustrating an access con-troller routine for establishing access to the computer: and : FIG. 3 is a flow diagram illustrating a continuation ~ of tne controller routine originating in ~IG. 2.
; DESCRIPTIO~ OF THE PREFERRED EMBODIME~T
Referring now in detail to the drawings, and specif-. ~ ically to FIG. 1 wherein a block diagram illustrating a typical ~ communications channel linking a remote user which a computer :.~ is shown, the reference numeral 10 denotes generally a remote - terminal from which a user communicates with a computer 12.
: ~ In accordance with the present invention, a communicatiOnS lin~

14 is established through the use of conventional data trans-mission facilities such as, for e~ample, a telephone line or carrier wave transmission.

.r~.~ . . .
.. . .
~'`' , ' ' ' ` ' ' '' , ''" ` `

. ' , ` ' ' , :
'':, ~: .

;"`` ~ Si3 , ~
.
The present invention prevents unauthorized aeees~
to the eomputer 12 through the use of a user assigned password which funetions only in eonjunetion with a user assigned aeees~
unit 16. The aeeess unit 16 is preferably lightweight and hand-carried and typieally ineludes a mieroproeessor 18 sueh as MOS Teehnology 6502 programmed to generate a series of pseudo-random numbers in a reproducible ashion from an initial group-ing of seed numbers.
The aeeess unit 16 further includes a data eneoder 20 for the purpose of enerypting data for transmission over the link 14 to render intercepted data communications ~nintelligibl .
The encoder 20 may comprise data encryption hardware compatible with the Data Eneryption Standard algorithm promulgated by the National Bureau of Standards. Among the devices presently available for data encryption utilizing the Data Encryption Standard algorithm are the Rockwell-collins CR-100 Network En-cryptor, the Hansco Data Processing -Federal 007 and the Mo~oro a "In~oGuard" system. Use of the Data Eneryption Standard algo-rithm is by way of example only, and any other encryption algo-rithms and encryptors such as the DatoteX DEI-26 security device ean be employed.
In addition to the microprocessor lS and t~e encoder 20, the access unit also includes an input~output device 22, typically comprisin~ a keyboard and a transient display for .
indicating keyboard entries which,as will be described herein, comprise the user assigned pas~word.

_7_ ..' ' .' ,,~r-' ''' ' , '.
- - . ~ - .
. .
:, :' .
;
, ~ `

- -~ ~ 453 ~, . .
~-:,' .
Preferably, an authorized user carries his access unit 16 to the remote terminal 10 and interconnects the access unit with remote terminal computer peripherals such as an input output device ~4 Which may comprise A keyboard and/or CRT or TT
Communication from the input/output device 24 to the computer 1 is first encrypted by the encoder 20 and then encoded into audi _ tones at a tone encoder/decoder modem 26 which may comprise, by way of example, a Bell System 103A Data Set. The ton~ en-coded data is transmitted to the computer 12 ~ia the communica-tions link 14.

Pursuant to the in~ention,the microprocessor 18 is actuated to generate a chain of nonrecurring numbers from a group of seed numbers originally implanted. A typical pro-cessor sub-routine fo~ repeatable pseudorandom number generatio is disclosed in U. S. Patent ~o. 3,792,446 issued February 12, 1974 to McFiggins et al and assigned to the assignee of the present invention. It should be understood that such pseudo-random number generation sub-routine i5 exemplary of manifold random nu;nber generatiOn algorithms which may be employed.
User password integrity is maintained in accordance with the present invention by not directly transmitting the pas _ word over the communications link 14. Further, pursuant to the instant invention, possession of the password witho~t the ac-cess unit will not permit access to the computer, nor will possession of the access unit without the user's assigned password.
''.-~' . ,, , . .
~ -8-'',''' , " .

.
' ' , ~ /

~. ~ } d4b3 ._ `:

Generation of an acceptable access code signal by the acces9 unLt 16 entails the generation of a predicted pseudo-random numbar by the microprocessor 18 and modiEication of th~
pseudorandom numbes as a function of the password which is en-tered on the keyboard ~input/output device 22). For example, the access code may comprise pseudorandomly generated numbers multiplied by the user's password which also comprises a number.
The access code thus generated is fed to the modem 26 along with a constant access unit preface number for transmission via the communications link 14 to the computer 12. Interception of the access code transmission will not reveal the user's password but only the access unit preface number and the access code for the intercepted communication. As will be later described, such access code i3 not valid for subsequent communication links and cannot form the basis for deriving subsequent valid codes.
The tone encoded transmissions through the communica-tions link 14 are received at a companion modem 28 for conver-sion to digital waveEorms. Access to the main computer 12 is controlled by a controller unit 30 which monitors the communica-tions link 14. The controller may comprise a minicomputer such as the Data General NOVA series or even a microprocessor such as the microprocessor used in conjunction with random number generation at the access unit. -_9_ '' ~ ., ' . . , ,.
. .
''', '', , , , ' . : "
.~ .
: .
-:
.

' ' : l I . .
¦ It ~hould bo appreciated that the controller 30 ls : ¦ programmed with a congruent random number generation algorithm - 1 and initial seed numbers compatible with those assigned to all ... ¦ authori2ed access units. Further, the controller 30 may be set.
. . ¦ up such that the initial access code generated by each author-- I ized access unit and its associated assigned password is stored in a self-contained memory for ready reference.
: ¦ Referring now to the flow diagram of FIGS. 2 and 3 ... ¦ where the accessin~ sub-routine of the controller unit 30 is 1~ 1 depicted, .it will be appreciated that.after answering an incom-; ¦ ing telephone signal, the controller receives, through the modem .
. 1 30, the unit preface numb~r followed by the transmitted access .. I code as shown at an input block 32.
.~ ¦ As shown in a decision block 34,inquiry is made for verification of the incoming access un.it preface number with . . I access unit preface numbers stored in the controller memory to 1 determine whether the attempt to gain computer access is being ~ I . made through the use of a validly assigned access unit 16 which .,. ¦ has not been reported to be in the possession of anyone other . . than its authorized user. If the access unit preface.number is . ¦ not valid or if the preface number has been generated by a unit reported as stolen or mi.ssing, the program exits the deci-¦ sion block.34 on a branch 36 and the controller 30 logs the security violation and terminates the telephone link 14. ' ~ ' ' , -10- '. ~ ~
''.;"~ ~ . . ' .
' .' I . .
I ~ , ...
. r -: - ~ ' ., ~, , ^`~ .~

~2~L~i3 .,'. . , .
Upon acknowledgment of an incoming signal from a valid acces~ unit, the program exits the decision block 34 on a branch 38 and the controller retrieves the expected access code to be receivad from such access unit from a memory and compares the expected acce4s code witll the~code received over the com-munications link as depicted in a further decision block 40.
In order to prevent access code discrepancies due to signal interference from terminating a valid accees atteMpt, the controller 30 will permit a valid access unit to transmit its.access code a predetermined number of times. If the trans-mitted access code does not match the access code assigned to .
that unit number and stored in the controller memory, the program exits on a branch 42, the access code attempt is logged .
and the ccntroller determines how many attempts have been made to transmit the access code as shown in a decision block 44. If there have been less than the allotted number of attempts, a message is returned to indicate that the transmitted acce~
code has been re~ected and is to be retransmitted and the pro-gram reverts to the input block 32. After the allotted number of attempts has been reached, the program exits the decision block 44 on a branch 46 to break the communications link 14.
Upon receiving a transmitted access code which co- ¦
incides with the stored access code anticipated, the program exits the deci~ion block 40 on a branch 48 and the controller ' 30 thereafter sends a message to the access unit microprocessor 18 indicating acceptance of the access code such that the micro-processor will generate the next sequential pseudorandom number . . .
.,. , ' -11- ' ' . .

. ~
- ' :'" ~', . ~"' ' ' ` ~, . ':

.

::
~`

,; upon ~ubsequent actuation rather than repeat its last pseudo-random number.
~ he controller 30 then searches its nonvolatile memory and retrie~es a stored encryption key for the assigned access unit 16. The encryption key can comprise either a segment - of a single random number generation or a separate random number as generated by both the access unit microprocessor 1~ and the controller 30. The encryption key retrieved by the controller 30 is used to key an encoder/decoder 50 associated with the controller. It should be appreciated that the encryption key is not transmitted over the communications link 14 and i5 in-dependently generated at both the access unit 16 and the con-troller 30 on opposite ends of the link 14. Thus, anyone inter-cepting and recording the data transmission over the link 14 will not obtain the encryption key used to set up the enciphering/ , deciphering network.
- As shown in a block 52 of FIG. 3, the controller 30 : thereafter generates the next expected access code for the access ; unit 16 through the pseudorandom number generation algorithm with'. I!
; '! seed numbers which have been generated, e.g. as described in U.S.
Patent 3,79Z,446, and modifies the pseudorandom number by the I password. Additionally generated is the successive encryption key which may comprise a segment of the random number. The con-troller 30 thereafter rcplaces the previous access code and en-cryption Xeys ~or the aFcess unlt 6 in its nonvolatile memory.

'' . . - , ~ : ~

- I ~Z~5;3 ..; l .
',''; I .
¦ The program thereafter exits the block 52 and advi3es the computer 12 of the access unit preface number,as shown in a block 54, and connects a data path from the remote terminal 10 , to the computer 12 through the encoder 50 and a computer access ¦switch 56.
¦ At the termination of the communication between the ¦input/output device 24 at the terminal 10 and the computer 12, ¦the controller logs the communication with reference to the acce~s ¦unit preface number,the time and the date and thereafter di~-¦connects the communications iink 14.
¦ It should be appreciated that the controller 30 may ¦readily be adapted to simultaneously control a plurality of com-¦munication links 14 established by various access units. Further , ¦in lieu of generating the access code and encryption key in ad-¦ vance, the controller may generate these numbers during accessing ¦procedure. Similarly, the acces~ unit microprocessor 18 may generate its pseudorandom numbers upon each actuation or generate ¦ the numbers once and store them in a memory for recall when an access code i5 to be generated.
The access unit 16, upon actuation, will generate its ¦next sequential pseudorandom number modified by whatever password ¦is attempted. If the user is not authorized, he will not know ¦that the access code generated will not grant access unless an ¦attempt is made to gain access. Such attempts are logged by the controller 30, and security personnel will be alerted upon the ¦occurrence of any unusual pattern of access attempts by any given ¦access unit as identified by its preface number.
., I . ''. .' '.

' ' : , .. :
- : . .
- - ' ~ ,~ ,'' ' " ,' ' ~' .
.

` Il~Z4~3 _ ;''` . .
' '~ .

Thus, it will be seen that there i8 provided a co~-. puter accessing ~yst~m which achieve~ the, various object,~ of the .~ invention and i3 well suit7d to meet the co~ditions of practical usage.

~ ' - . .

~'' 'I . . .
,,,, . ' ` .

'''' ' ' .
' . .
., . . .

. .~., ` ' , ' . .
~ ~ .

' :

Claims (23)

(B-484) PROPERTY OR PRIVILEGE IS CLAIMED ARE DEFINED AS FOLLOWS:
1. A system for accessing a computer by a user having an assigned password to establish a communications link for data transmission between a computer terminal and a computer, the system comprising means at the terminal sequentially gener-ating nonrecurring pseudorandom numbers in a reproducible fashion means receiving said pseudorandom number and said user assigned password and in response thereto modifying the pseudorandom number as a predetermined function of the password to provide an access code signal, means transmitting the access code signal from the terminal, controller means at said computer, the controller means receiving the transmitted access code signal, the controller means including means for sequentially generating congruent pseudorandom numbers and for modifying a congruent pseu-dorandom number with the user assigned password to provide a congruent access code signal and in response to the equality thereof providing an access signal, switch means receiving the access signal and in response thereto establishing a data transmission path between the terminal and the computer, whereby computer access is secured through a sequential change of access codes in a pseudorandom fashion without direct transmission of said user's password.
2. A system fox accessing a computer to establish a communications link for data transmission constructed in accordance with claim 1 wherein the computer terminal is positioned remote from the computer.
3. A system for accessing a computer to establish a communications link for data transmission from a remote terminal as constructed in accordance with claim 2 wherein the means transmitting the access code comprises a telephone communi-cations link.
4. A system for accessing a computer to establish a communications link for data transmission constructed in accordance with claim 1 wherein the means generating the pseu-dorandom number comprises a portable unit.
5. A system for accessing a computer to establish a communications link for data transmission constructed in accordance with claim 1 wherein a plurality of remote terminals are provided, the system further including a plurality of means generating pseudorandom numbers in a reproducible fashion.
6. A system for accessing a computer to establish communication links for data transmission constructed in accor-dance with claim 1 wherein the means generating the pseudorandom number comprises an access unit, the access unit further including encryption means adapted to establish an enciphering/deciphering network in response to an encryption key signal, the controller means including a congruent encryption means, the pair of encryption means being adapted to encrypt data transmission between the terminal and the computer.
7. A system for securing a communications link for data transmission constructed in accordance with claim 6 wherein the access unit includes means adapted to separate the pseudo-random number into segments, one of the segments comprising an encryption key signal, the controller means including means to separate the congruent pseudorandom number into segments, a congruent segment comprising the encryption key for the con-gruent encryption means, whereby data transmission is secured through a sequential change of encryption keys in a pseudorandom fashion without direct transmission of the encryption keys.
8. A system for securing a communications link for data transmission constructed in accordance with claim 6 wherein the means adapted to generate the pseudorandom number is adapted to generate a pair of pseudorandom numbers, one of which is modi-fied by the password and the other of which comprises the encryp-tion key signal, the means for sequentially generating congruent pseudorandom numbers being adapted to generate a pair of congruent pseudorandom numbers one of which is modified by the password to provide the congruent access code signal and the other of which comprises the congruent encryption key signal, whereby data transmission is secured through a sequential change of encryption keys in a pseudorandom fashion without direct transmission of the encryption keys.
9. A system for securing data transmission between a computer and a computer terminal, the system comprising means at the terminal for sequentially generating nonrecurring pseudoran-dom numbers in a reproducible fashion, encryption means receiving a pseudorandom number as an encryption key and in response thereto establishing an encryption pattern, controller means associated with the computer, the controller means including means for sequentially generating congruent pseudorandom numbers in synchronization with the pseudorandom numbers generated at the terminal, congruent encryption means, the congruent encryption means receiving a congruent pseudorandom number as an encryption key and in response thereto establishing a congruent encryption pattern for data transmission, whereby data transmission is secured through a sequential change of encryption keys in a pseudorandom fashion without direct transmission of the encryp-tion keys.
10. A system for securing data transmission con-structed in accordance with claim 9 wherein the computer terminal is positioned remote from the computer.
11. A system for securing data transmission communi-cations between a computer and a computer terminal constructed in accordance with claim 9 wherein the means sequentially generating the pseudorandom numbers comprises a portable unit.
12. A system for securing data transmission communi-cations between a computer and a computer terminal constructed in accordance with claim 9 wherein a plurality of remote terminals are provided, the system further including a plurality of means sequentially generating pseudorandom numbers.
13. A method of accessing a computer at one location by a user positioned at a second location and having an assigned password, the method comprising the steps of (a) sequentially generating a nonrecurring pseudo-random number at the second location, (b) modifying the pseudorandom number as a function of the user assigned password to provide an access code, (c) transmitting the access code from the second location to the first location, (d) receiving the transmitted access code at the first location, (e) sequentially generating a congruent nonrecurring pseudorandom number, (f) modifying the congruent pseudorandom number with the user assigned password to provide a congruent access code, (g) comparing the received access code with the congruent access code, and (h) granting access to the computer upon recognition of an equality between the received access code and the congruent access code, whereby computer access is secured through a change of access codes in a pseudorandom fashion without direct transmission of the user's password.
14. A method of accessing a computer as set forth in claim 13 wherein the next sequential congruent access code is generated prior to receipt of the next transmitted access code, the method further including the steps of storing the next congruent access code and recalling said next congruent access code upon receipt of the next transmitted access code.
15. A method of accessing a computer as set forth in claim 13 wherein the pseudorandom number generated at the second location comprises two segments, one of which is used to generate the access code, the method further including the step of keying an encryptor at the second location with a further segment of the pseudorandom number, the congruent pseudorandom number comprising two segments, one of which is used to generate the congruent access code, the method further including the step of keying a congruent encryptor at the first location with a further segment of the congruent pseudorandom number, whereby data transmission is secured through sequential change of encryption keys in a pseudorandom fashion without transmission of the encryption key from one location to the other.
16. A method of establishing a data encryption network between a computer at one location and a terminal at a remote location, said method comprising the steps of (a) generating a nonrecurring pseudorandom number at the remote location, (b) keying an encryptor at the remote location with the pseudorandom number, (c) generating a congruent nonrecurring pseudorandom number at the one location and keying a congruent encryptor at the one location with the congruent pseudorandom number, whereby data transmission is secured through a sequential change of encryption keys in a pseudorandom fashion without transmission of encryption keys between the one location and the remote location.
17. A system for accessing a computer by a user having an assigned password to establish a communication link for data transmission between a computer terminal and a computer via a data transmission path, said system comprising a portable access unit connectable as a peripheral to said terminal and comprising:
(a) means sequentially generating nonrecurring pseudorandom numbers in a reproducible fashion, and (b) means modifying said pseudorandom numbers as a predetermined function of said password to provide a first access code signal, and means applying said access code signal to said data transmission path prior to data from said computer terminal; said system further comprising, at said computer;

(c) means for sequentially generating pseudorandom numbers congruent with those generated by said access unit, (d) means for modifying said congruent pseudorandom numbers with said user assigned password to provide a second access code signal, (e) means for receiving said first access code signal and comparing it with said second access code signal and in response to the equality thereof providing an access signal, (f) switch means receiving the access signal and in response thereto establishing a data transmission path between the terminal and the computer, whereby computer access is secured through a sequential change of access codes in a pseudorandom fashion without direct transmission of the user's password.
18. The system of claim 17, wherein said terminal comprises a I/O unit fox providing data signals, and said access unit is connectable to said I/O unit.
19. The system of claim 18, wherein said access unit includes keyboard means for entering said password.
20. The system of claim 18, wherein said access unit further comprises means for preceeding said access code signal with a constant access unit code signal individual to said access unit.
21. The system of claim 18, wherein said access unit comprises means for encrypting data from said I/O unit prior to application to said data transmission path.
22. A portable access unit for insertion in a data transmission path between a digital computer and a remote terminal, to enable access of said terminal to said computer, said unit having a communication path adapted to be connected in series in said transmission path and including encrypting means for encrypting data from said terminal, a source of pseudorandom number signals, a keyboard for receiving a password unique to said unit coproducing password signals, means modifying said random number signals by said password signals and applying the modified random number signals to said communication path, and means applying a constant identification signal unique to said unit to said communication path.
23. The access unit of claim 22 further comprising a display for displaying entries in said keyboard.
CA322,630A 1978-03-31 1979-03-02 Computer accessing system Expired CA1102453A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US06/892,252 US4310720A (en) 1978-03-31 1978-03-31 Computer accessing system
US892,252 1978-03-31

Publications (1)

Publication Number Publication Date
CA1102453A true CA1102453A (en) 1981-06-02

Family

ID=25399646

Family Applications (1)

Application Number Title Priority Date Filing Date
CA322,630A Expired CA1102453A (en) 1978-03-31 1979-03-02 Computer accessing system

Country Status (6)

Country Link
US (1) US4310720A (en)
JP (1) JPS54136205A (en)
CA (1) CA1102453A (en)
DE (1) DE2912696A1 (en)
FR (1) FR2421426B1 (en)
GB (2) GB2019060B (en)

Families Citing this family (202)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS56125139A (en) 1980-02-04 1981-10-01 Nippon Telegr & Teleph Corp <Ntt> Communication controller of parallel processing
FR2483713A1 (en) * 1980-05-30 1981-12-04 Cii Honeywell Bull DEVICE FOR TRANSMITTING SIGNALS BETWEEN TWO INFORMATION PROCESSING STATIONS
EP0044630B1 (en) * 1980-07-01 1984-03-21 Scovill Inc Electronic security device
US4447890A (en) * 1980-07-14 1984-05-08 Pitney Bowes Inc. Remote postage meter systems having variable user authorization code
FR2492135B1 (en) * 1980-09-16 1988-01-22 Cii Honeywell Bull APPARATUS FOR DISTRIBUTING OBJECTS AND ACQUIRING SERVICES
US4386233A (en) * 1980-09-29 1983-05-31 Smid Miles E Crytographic key notarization methods and apparatus
FR2496294B1 (en) * 1980-12-15 1987-01-02 Thomson Csf PROTECTED DEVICE FOR AUTHENTICATING USERS OF A MESSAGE TRANSMISSION TERMINAL AND TRANSACTION SYSTEM COMPRISING SUCH DEVICES
FR2497617B1 (en) * 1981-01-07 1989-08-18 Transac Develop Transactions A SECURITY METHOD AND DEVICE FOR TRIPARTITY COMMUNICATION OF CONFIDENTIAL DATA
GB2092344B (en) * 1981-01-30 1985-12-18 Halpern John Wolfgang Security in electronic fund transfer systems
JPS57137957A (en) * 1981-02-20 1982-08-25 Hitachi Ltd Terminal connection system
CA1176335A (en) * 1981-06-05 1984-10-16 Exide Electronics Corporation Computer communications control
FR2514592A1 (en) * 1981-10-12 1983-04-15 Widmer Michel METHOD AND DEVICE FOR CONSULTING DATA FILES AND / OR BANKING TRANSACTIONS, PRESERVED FROM FRAUD THANKS TO A COMMUNICATION PROCESS BY RANDOM VARIABLE
USRE33189E (en) * 1981-11-19 1990-03-27 Communications Satellite Corporation Security system for SSTV encryption
US4484027A (en) * 1981-11-19 1984-11-20 Communications Satellite Corporation Security system for SSTV encryption
US4604708B1 (en) * 1981-12-07 1997-10-14 Gainer R Lewis Electronic security system for externally powered devices
US4430728A (en) * 1981-12-29 1984-02-07 Marathon Oil Company Computer terminal security system
US4479122A (en) * 1982-03-05 1984-10-23 At&T Bell Laboratories Remotely controlled switched access to the console port of an electronic computer
NL8201077A (en) * 1982-03-16 1983-10-17 Philips Nv A COMMUNICATION SYSTEM, CONTAINING A CENTRAL DATA PROCESSING DEVICE, ACCESS STATIONS AND EXTERNAL STATIONS, WHICH A CRYPTOGRAPHIC CHECK IS FORDICULARIZING AN EXTERNAL STATION, AND EXTERNAL STATIONS FOR USE IN SUCH A COMMUNITY.
DE3210081C2 (en) * 1982-03-19 1984-12-20 Siemens AG, 1000 Berlin und 8000 München Method and arrangement for the transmission of encrypted texts
FR2525790A1 (en) * 1982-04-22 1983-10-28 Enigma Logic Inc SECURITY DEVICE FOR CONTROLLING AND CONTROLLING ACCESS TO LOCATIONS AND DETERMINED OBJECTS
US4533948A (en) * 1982-04-30 1985-08-06 General Instrument Corporation CATV Communication system
US4539654A (en) * 1982-07-28 1985-09-03 Rca Corporation Switch arrangement for accessing a computer
US4513394A (en) * 1982-07-28 1985-04-23 Rca Corporation System for providing a multi-bit input to a computer controlled system
US4499588A (en) * 1982-07-28 1985-02-12 Rca Corporation System for converting the frequency of a pulse train to a binary number
US4599606A (en) * 1982-07-28 1986-07-08 Rca Corporation System for inputting a selected one of a plurality of inputs to a computer
US4538027A (en) * 1982-07-28 1985-08-27 Rca Corporation System for inputting a security code to a computer
US4531023A (en) * 1982-08-13 1985-07-23 Hlf Corporation Computer security system for a time shared computer accessed over telephone lines
US4757468A (en) * 1982-09-22 1988-07-12 Intel Corporation Authenticated read-only memory
DE3382261D1 (en) * 1982-12-28 1991-05-29 Toshiba Kawasaki Kk PRIVACY PROCEDURE.
US4723284A (en) * 1983-02-14 1988-02-02 Prime Computer, Inc. Authentication system
JPS59151261A (en) * 1983-02-18 1984-08-29 Fujitsu Ltd Dealing securing system
US4588991A (en) * 1983-03-07 1986-05-13 Atalla Corporation File access security method and means
US4536647A (en) * 1983-07-15 1985-08-20 Atalla Corporation Pocket banking terminal, method and system
FR2549989B1 (en) * 1983-07-29 1985-09-13 Philips Ind Commerciale AUTHENTICATION SYSTEM BETWEEN A CARD READER AND A PAYMENT CARD EXCHANGING INFORMATION
GB2146815A (en) * 1983-09-17 1985-04-24 Ibm Electronic fund transfer systems
GB2146814A (en) * 1983-09-17 1985-04-24 Ibm Electronic fund transfer systems
US4652990A (en) * 1983-10-27 1987-03-24 Remote Systems, Inc. Protected software access control apparatus and method
US4674047A (en) * 1984-01-31 1987-06-16 The Curators Of The University Of Missouri Integrated detonator delay circuits and firing console
US4630201A (en) * 1984-02-14 1986-12-16 International Security Note & Computer Corporation On-line and off-line transaction security system using a code generated from a transaction parameter and a random number
US4707804A (en) * 1984-02-21 1987-11-17 Leal Luis T Computer security system
US4599489A (en) * 1984-02-22 1986-07-08 Gordian Systems, Inc. Solid state key for controlling access to computer software
US4609777A (en) * 1984-02-22 1986-09-02 Gordian Systems, Inc. Solid state key for controlling access to computer software
US4604499A (en) * 1984-02-24 1986-08-05 Raymond F. Hughes Computer telephone access security processor
DE3448393C2 (en) * 1984-03-24 1992-01-02 Philips Patentverwaltung Gmbh, 2000 Hamburg, De Identification code monitoring circuit
DE3410937A1 (en) 1984-03-24 1985-10-03 Philips Patentverwaltung Gmbh, 2000 Hamburg Method for identifying the unauthorised use of an identifier
US4835697A (en) * 1984-04-02 1989-05-30 Pitney Bowes Inc. Combination generator for an electronic postage meter
US4672572A (en) * 1984-05-21 1987-06-09 Gould Inc. Protector system for computer access and use
FR2566155B1 (en) * 1984-06-19 1988-01-29 Cii Honeywell Bull METHOD AND SYSTEM FOR ENCRYPTING AND DECIPHERING INFORMATION TRANSMITTED BETWEEN A TRANSMITTING DEVICE AND A RECEIVING DEVICE
US4791565A (en) * 1984-06-20 1988-12-13 Effective Security Systems, Inc. Apparatus for controlling the use of computer software
US4845715A (en) * 1984-10-29 1989-07-04 Francisco Michael H Method for maintaining data processing system securing
US4866666A (en) * 1984-10-29 1989-09-12 Francisco Michael H Method for maintaining data integrity during information transmission by generating indicia representing total number of binary 1's and 0's of the data
US4694492A (en) * 1984-11-09 1987-09-15 Pirmasafe, Inc. Computer communications security control system
US4691355A (en) * 1984-11-09 1987-09-01 Pirmasafe, Inc. Interactive security control system for computer communications and the like
US4698757A (en) * 1984-11-15 1987-10-06 International Business Machines Corp. Terminal procedure for utilizing host processor log on and log off prompts
US4799153A (en) * 1984-12-14 1989-01-17 Telenet Communications Corporation Method and apparatus for enhancing security of communications in a packet-switched data communications system
US4672533A (en) * 1984-12-19 1987-06-09 Noble Richard G Electronic linkage interface control security system and method
US4800590A (en) * 1985-01-14 1989-01-24 Willis E. Higgins Computer key and computer lock system
GB8524455D0 (en) * 1985-10-03 1985-11-06 Isolation Systems Ltd Monitoring activity of peripheral devices
US4779224A (en) * 1985-03-12 1988-10-18 Moseley Donald R Identity verification method and apparatus
EP0198384A3 (en) * 1985-04-09 1988-03-23 Siemens Aktiengesellschaft Berlin Und Munchen Method and device for enciphering data
US4763351A (en) * 1985-04-24 1988-08-09 Lipscher Bernard N Computer security system
FR2582421B1 (en) * 1985-05-24 1987-07-17 Lefevre Jean Pierre IDENTITY AUTHENTICATION APPARATUS
DE3687671D1 (en) * 1985-06-07 1993-03-18 Siemens Ag METHOD AND ARRANGEMENT FOR SECURING ACCESS TO A COMPUTER SYSTEM.
FR2583538A1 (en) * 1985-06-13 1986-12-19 Brechet Michel Removable control card with keyboard
US4679226A (en) * 1985-06-17 1987-07-07 Alltel Corporation Computer security guard circuit
CA1270339A (en) * 1985-06-24 1990-06-12 Katsuya Nakagawa System for determining a truth of software in an information processing apparatus
JP2564480B2 (en) * 1985-07-16 1996-12-18 カシオ計算機株式会社 IC card system
US4697243A (en) * 1985-07-25 1987-09-29 Westinghouse Electric Corp. Methods of servicing an elevator system
US4733345A (en) * 1985-07-29 1988-03-22 Anderson Paul D Computer-telephone security device
JPS6253061A (en) * 1985-09-02 1987-03-07 Nec Corp Method for preventing illegal access
GB2181281B (en) * 1985-10-03 1989-09-13 Isolation Systems Limited Device for controlling access to computer peripherals
JPH074449B2 (en) * 1985-10-04 1995-01-25 任天堂株式会社 Cartridge for game machine and game machine using the same
USRE34161E (en) * 1985-10-04 1993-01-12 Nintendo Company Limited Memory cartridge and information processor unit using such cartridge
US4891838A (en) * 1985-11-04 1990-01-02 Dental Data Service, Inc. Computer accessing system
AU6732787A (en) * 1985-11-19 1987-06-02 Santiago Data Systems, Inc. Trade show data acquisition system
FR2592502B1 (en) * 1985-12-26 1990-03-30 Lefevre Jean Pierre SEQUENTIAL STORAGE CERTIFIER
FR2597538B1 (en) * 1986-04-22 1995-03-31 Soum Rene SECURITY LOCK ASSEMBLY WITH REMOTE CONTROL IN WHICH THE KEY HAS ONLY A TRANSMISSION FUNCTION AND THE RECEPTION LOCK
US4882752A (en) * 1986-06-25 1989-11-21 Lindman Richard S Computer security system
US5261070A (en) * 1986-07-24 1993-11-09 Meiji Milk Product Co., Ltd. Method and apparatus for forming unique user identification data at remote terminal for secure transmission of data from host terminal
GB8621333D0 (en) * 1986-09-04 1986-10-15 Manitoba Telephone System Key management system
US4796181A (en) * 1986-10-24 1989-01-03 Wiedemer John D Billing system for computer software
US5047928A (en) * 1986-10-24 1991-09-10 Wiedemer John D Billing system for computer software
US5155680A (en) * 1986-10-24 1992-10-13 Signal Security Technologies Billing system for computing software
SE452082B (en) * 1986-12-15 1987-11-09 Inter Innovation Ab DATA COMMUNICATION MANUAL
JPS63229541A (en) * 1987-03-04 1988-09-26 シーメンス、アクチエンゲルシヤフト Data exchange system
WO1988007240A1 (en) * 1987-03-12 1988-09-22 Siemens Ltd. Controlling security access
FR2615638B1 (en) * 1987-05-20 1989-07-21 Dassault Electronique COMPUTER OR TELEMATIC ENABLING DEVICE AND METHOD
FR2619941B1 (en) * 1987-08-31 1992-04-17 Signaux Equip Electroniques SYSTEM FOR CONTROLLING THE LINK BETWEEN TWO TERMINALS OF A DATA PROCESSING INSTALLATION
US5131025A (en) * 1987-11-25 1992-07-14 Omron Tateisi Electronics Co. Intelligent modem system which determines proper access thereto
EP0320489A3 (en) * 1987-12-07 1990-03-28 Automations & Informat Systeme Method to increase ic-card security, and ic-card making use of this method
US4918653A (en) * 1988-01-28 1990-04-17 International Business Machines Corporation Trusted path mechanism for an operating system
US4944008A (en) * 1988-02-18 1990-07-24 Motorola, Inc. Electronic keying scheme for locking data
US5060263A (en) * 1988-03-09 1991-10-22 Enigma Logic, Inc. Computer access control system and method
GB8807020D0 (en) * 1988-03-24 1988-08-24 Racal Guardata Ltd Data-processing apparatus
US4992783A (en) * 1988-04-04 1991-02-12 Motorola, Inc. Method and apparatus for controlling access to a communication system
AU3594189A (en) * 1988-06-21 1990-01-04 Amdahl Corporation Controlling the initiation of logical systems in a data processing system with logical processor facility
US4926481A (en) * 1988-12-05 1990-05-15 The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration Computer access security code system
US5058025A (en) * 1989-03-23 1991-10-15 F.M.E. Corporation Emergency post office setting for remote setting meter
US5077660A (en) * 1989-03-23 1991-12-31 F.M.E. Corporation Remote meter configuration
US5107455A (en) * 1989-03-23 1992-04-21 F.M.E. Corporation Remote meter i/o configuration
US5369401A (en) * 1989-03-23 1994-11-29 F.M.E. Corporation Remote meter operation
US5120939A (en) * 1989-11-09 1992-06-09 At&T Bell Laboratories Databaseless security system
FR2656125B1 (en) * 1989-12-19 1994-07-08 Bull Cp8 METHOD FOR GENERATING A RANDOM NUMBER IN A DATA PROCESSING SYSTEM, AND SYSTEM IMPLEMENTING SUCH A METHOD.
US5029206A (en) * 1989-12-27 1991-07-02 Motorola, Inc. Uniform interface for cryptographic services
US6507909B1 (en) 1990-02-13 2003-01-14 Compaq Information Technologies Group, L.P. Method for executing trusted-path commands
DE69126223T2 (en) * 1990-02-14 1997-09-18 Fujitsu Ltd System for creating a transmission path in a tightly coupled computer system
CA2076366C (en) * 1990-03-02 1998-05-26 Michel J. Remion Telecommunication interface apparatus and method
DE4008971A1 (en) * 1990-03-20 1991-09-26 Siemens Nixdorf Inf Syst METHOD FOR AUTHENTICATING A USER USING A DATA STATION
US5046082A (en) * 1990-05-02 1991-09-03 Gte Mobile Communications Service Corporation Remote accessing system for cellular telephones
US5208853A (en) * 1991-09-09 1993-05-04 Motorola, Inc. Method and apparatus for usage protection of data files using split key and unique variable
FR2685510B1 (en) * 1991-12-19 1997-01-03 Bull Cps PROCESS FOR AUTHENTICATION, BY AN EXTERNAL MEDIUM, OF A PORTABLE OBJECT CONNECTED TO THIS MEDIA BY THE INTERMEDIATE OF A TRANSMISSION LINE, AND SYSTEM FOR IMPLEMENTATION
KR100302222B1 (en) * 1992-06-12 2001-11-22 그레이스 스테펀 에스 Security Front End Communication Systems for Process Control Computers and Methods
WO1993025965A1 (en) * 1992-06-12 1993-12-23 The Dow Chemical Company Intelligent process control communication system and method
US5313639A (en) * 1992-06-26 1994-05-17 George Chao Computer with security device for controlling access thereto
DE69332633T2 (en) * 1992-07-20 2003-11-06 Compaq Computer Corp Procedure and system for discovering aliases based on certification
US20020091850A1 (en) 1992-10-23 2002-07-11 Cybex Corporation System and method for remote monitoring and operation of personal computers
US5444780A (en) * 1993-07-22 1995-08-22 International Business Machines Corporation Client/server based secure timekeeping system
US7035832B1 (en) 1994-01-03 2006-04-25 Stamps.Com Inc. System and method for automatically providing shipping/transportation fees
US5606507A (en) * 1994-01-03 1997-02-25 E-Stamp Corporation System and method for storing, retrieving and automatically printing postage on mail
US5559888A (en) * 1994-02-15 1996-09-24 Lucent Technologies Inc. Secure information retrieval service (SIRS)
US6185546B1 (en) 1995-10-04 2001-02-06 Intel Corporation Apparatus and method for providing secured communications
US5539828A (en) * 1994-05-31 1996-07-23 Intel Corporation Apparatus and method for providing secured communications
AU3099295A (en) * 1994-08-09 1996-03-07 Shiva Corporation Apparatus and method for restricting access to a local computer network
US6092117A (en) * 1994-09-02 2000-07-18 Packard Bell Nec System and method for automatically reconnecting a wireless interface device to a host computer
US6292181B1 (en) 1994-09-02 2001-09-18 Nec Corporation Structure and method for controlling a host computer using a remote hand-held interface device
US5867106A (en) * 1994-09-02 1999-02-02 Packard Bell Nec Password switch to override remote control
US6137473A (en) * 1994-09-02 2000-10-24 Nec Corporation System and method for switching control between a host computer and a remote interface device
US6262719B1 (en) 1994-09-02 2001-07-17 Packard Bell Nec, Inc. Mouse emulation with a passive pen
US5974558A (en) * 1994-09-02 1999-10-26 Packard Bell Nec Resume on pen contact
US6209034B1 (en) 1994-09-02 2001-03-27 Nec Corporation Remote keyboard macros activated by hot icons
US5604490A (en) * 1994-09-09 1997-02-18 International Business Machines Corporation Method and system for providing a user access to multiple secured subsystems
US7095854B1 (en) 1995-02-13 2006-08-22 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
EP1643340B1 (en) * 1995-02-13 2013-08-14 Intertrust Technologies Corp. Secure transaction management
US7133845B1 (en) * 1995-02-13 2006-11-07 Intertrust Technologies Corp. System and methods for secure transaction management and electronic rights protection
US6948070B1 (en) * 1995-02-13 2005-09-20 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US5588059A (en) * 1995-03-02 1996-12-24 Motorola, Inc. Computer system and method for secure remote communication sessions
US5721842A (en) * 1995-08-25 1998-02-24 Apex Pc Solutions, Inc. Interconnection system for viewing and controlling remotely connected computers with on-screen video overlay for controlling of the interconnection switch
US5724423A (en) * 1995-09-18 1998-03-03 Telefonaktiebolaget Lm Ericsson Method and apparatus for user authentication
US6126327A (en) * 1995-10-16 2000-10-03 Packard Bell Nec Radio flash update
US6924790B1 (en) 1995-10-16 2005-08-02 Nec Corporation Mode switching for pen-based computer systems
US7512671B1 (en) * 1995-10-16 2009-03-31 Nec Corporation Computer system for enabling a wireless interface device to selectively establish a communication link with a user selectable remote computer
US5996082A (en) * 1995-10-16 1999-11-30 Packard Bell Nec System and method for delaying a wake-up signal
US6005533A (en) * 1995-10-16 1999-12-21 Packard Bell Nec Remote occlusion region
US6148344A (en) * 1995-10-16 2000-11-14 Nec Corporation System and method for enabling an IPX driver to accommodate multiple LAN adapters
US6108727A (en) * 1995-10-16 2000-08-22 Packard Bell Nec System having wireless interface device for storing compressed predetermined program files received from a remote host and communicating with the remote host via wireless link
US6018806A (en) * 1995-10-16 2000-01-25 Packard Bell Nec Method and system for rebooting a computer having corrupted memory using an external jumper
US6071191A (en) * 1995-11-22 2000-06-06 Nintendo Co., Ltd. Systems and methods for providing security in a video game system
US6190257B1 (en) 1995-11-22 2001-02-20 Nintendo Co., Ltd. Systems and method for providing security in a video game system
US5949881A (en) * 1995-12-04 1999-09-07 Intel Corporation Apparatus and method for cryptographic companion imprinting
US6088450A (en) * 1996-04-17 2000-07-11 Intel Corporation Authentication system based on periodic challenge/response protocol
US6181803B1 (en) 1996-09-30 2001-01-30 Intel Corporation Apparatus and method for securely processing biometric information to control access to a node
US5828753A (en) 1996-10-25 1998-10-27 Intel Corporation Circuit and method for ensuring interconnect security within a multi-chip integrated circuit package
US6578146B2 (en) * 1996-11-19 2003-06-10 R. Brent Johnson System, method and article of manufacture to remotely configure and utilize an emulated device controller via an encrypted validation communication protocol
US6499108B1 (en) 1996-11-19 2002-12-24 R. Brent Johnson Secure electronic mail system
US5970149A (en) * 1996-11-19 1999-10-19 Johnson; R. Brent Combined remote access and security system
US5905861A (en) * 1996-12-02 1999-05-18 Lovell; William S. Data authentication circuit
US5818939A (en) * 1996-12-18 1998-10-06 Intel Corporation Optimized security functionality in an electronic system
JPH10229392A (en) * 1997-02-13 1998-08-25 Rohm Co Ltd Authentication system and authentication method
US6105133A (en) * 1997-03-10 2000-08-15 The Pacid Group Bilateral authentication and encryption system
US5964877A (en) * 1997-04-07 1999-10-12 Victor; David William Method and system for programming a security system to protect a protected unit
TW338865B (en) * 1997-06-03 1998-08-21 Philips Eloctronics N V Authentication system
US5974143A (en) * 1997-09-30 1999-10-26 Intel Corporation Virus-resistent mechanism for transaction verification to confirming user
US6275855B1 (en) 1997-11-02 2001-08-14 R. Brent Johnson System, method and article of manufacture to enhance computerized alert system information awareness and facilitate real-time intervention services
JPH11261731A (en) * 1998-03-13 1999-09-24 Nec Corp Mobile communication system, connection method in the mobile communication system and storage medium with the method written therein
JP4146089B2 (en) * 1998-09-22 2008-09-03 アボセント ハンツヴィル コーポレーション System for remote access to personal computers
US20020191786A1 (en) * 1999-11-30 2002-12-19 Nestor Marroquin Polymorphous encryption system
US6775274B1 (en) * 2000-01-27 2004-08-10 International Business Machines Corporation Circuit and method for providing secure communication over data communication interconnects
US6789199B1 (en) * 2000-02-08 2004-09-07 International Business Machines Corporation Tamper resistance with pseudo-random binary sequence program interlocks
DE10032192A1 (en) * 2000-07-01 2002-01-10 Bosch Gmbh Robert Software usage license management method involves checking assigned software usage quota, on detecting utilization of software by user and generating software enable or blocking code accordingly
US20070219918A1 (en) * 2001-01-19 2007-09-20 Jonathan Schull System and method for controlling access to protected information
US7133662B2 (en) * 2001-05-24 2006-11-07 International Business Machines Corporation Methods and apparatus for restricting access of a user using a cellular telephone
US7133971B2 (en) * 2003-11-21 2006-11-07 International Business Machines Corporation Cache with selective least frequently used or most frequently used cache line replacement
US7577250B2 (en) 2004-08-12 2009-08-18 Cmla, Llc Key derivation functions to enhance security
US8077861B2 (en) 2004-08-12 2011-12-13 Cmla, Llc Permutation data transform to enhance security
US7564970B2 (en) * 2004-08-12 2009-07-21 Cmla, Llc Exponential data transform to enhance security
US7293179B2 (en) * 2001-08-01 2007-11-06 Johnson R Brent System and method for virtual tape management with remote archival and retrieval via an encrypted validation communication protocol
US7290040B2 (en) * 2001-12-12 2007-10-30 Valve Corporation Method and system for load balancing an authentication system
US8108687B2 (en) * 2001-12-12 2012-01-31 Valve Corporation Method and system for granting access to system and content
US7373406B2 (en) 2001-12-12 2008-05-13 Valve Corporation Method and system for effectively communicating file properties and directory structures in a distributed file system
US7243226B2 (en) * 2001-12-12 2007-07-10 Valve Corporation Method and system for enabling content security in a distributed system
US7580972B2 (en) 2001-12-12 2009-08-25 Valve Corporation Method and system for controlling bandwidth on client and server
US7096328B2 (en) * 2002-01-25 2006-08-22 University Of Southern California Pseudorandom data storage
EP1349033B1 (en) * 2002-03-26 2004-03-31 Soteres GmbH A method of protecting the integrity of a computer program
US20040025039A1 (en) * 2002-04-30 2004-02-05 Adam Kuenzi Lock box security system with improved communication
US7061367B2 (en) * 2002-04-30 2006-06-13 General Electric Company Managing access to physical assets
US7596531B2 (en) * 2002-06-05 2009-09-29 Sun Microsystems, Inc. Method and apparatus for protecting against side channel attacks against personal identification numbers
US7818572B2 (en) * 2003-12-09 2010-10-19 Dominic Kotab Security system and method
US20050160298A1 (en) * 2004-01-20 2005-07-21 Arcot Systems, Inc. Nonredirected authentication
US7567658B1 (en) 2005-06-22 2009-07-28 Intellicall, Inc. Method to verify designation of pay telephone with an interexchange carrier
US8612361B1 (en) 2006-12-27 2013-12-17 Stamps.Com Inc. System and method for handling payment errors with respect to delivery services
US8775331B1 (en) 2006-12-27 2014-07-08 Stamps.Com Inc Postage metering with accumulated postage
US9670694B2 (en) * 2007-04-12 2017-06-06 Utc Fire & Security Americas Corporation, Inc. Restricted range lockbox, access device and methods
US8533821B2 (en) 2007-05-25 2013-09-10 International Business Machines Corporation Detecting and defending against man-in-the-middle attacks
US7530106B1 (en) 2008-07-02 2009-05-05 Kaspersky Lab, Zao System and method for security rating of computer processes
US8844023B2 (en) * 2008-12-02 2014-09-23 Micron Technology, Inc. Password protected built-in test mode for memories
US20100269162A1 (en) 2009-04-15 2010-10-21 Jose Bravo Website authentication
US8683609B2 (en) * 2009-12-04 2014-03-25 International Business Machines Corporation Mobile phone and IP address correlation service
US20120063597A1 (en) * 2010-09-15 2012-03-15 Uponus Technologies, Llc. Apparatus and associated methodology for managing content control keys
US8838988B2 (en) 2011-04-12 2014-09-16 International Business Machines Corporation Verification of transactional integrity
US10713634B1 (en) 2011-05-18 2020-07-14 Stamps.Com Inc. Systems and methods using mobile communication handsets for providing postage
US9471772B2 (en) 2011-06-01 2016-10-18 Paypal, Inc. Password check by decomposing password
US8917826B2 (en) 2012-07-31 2014-12-23 International Business Machines Corporation Detecting man-in-the-middle attacks in electronic transactions using prompts

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CH411983A (en) * 1963-10-18 1966-04-30 Gretag Ag Method for encrypting and decrypting pulse-shaped messages
US3798605A (en) * 1971-06-30 1974-03-19 Ibm Centralized verification system
US3798359A (en) * 1971-06-30 1974-03-19 Ibm Block cipher cryptographic system
GB1393920A (en) * 1972-12-12 1975-05-14 Ibm Electric digital data processing systems
US3800284A (en) * 1973-01-12 1974-03-26 Pitney Bowes Inc Electronic combination lock and lock system
US3860911A (en) * 1973-11-01 1975-01-14 Pitney Bowes Inc Electronic combination lock and lock system
FR2266222B1 (en) * 1974-03-25 1980-03-21 Moreno Roland
US3956615A (en) * 1974-06-25 1976-05-11 Ibm Corporation Transaction execution system with secure data storage and communications
GB1478363A (en) * 1974-07-30 1977-06-29 Mullard Ltd Data transmission systems
CH578807A5 (en) * 1974-11-05 1976-08-13 Patelhold Patentverwertung
US3958081A (en) * 1975-02-24 1976-05-18 International Business Machines Corporation Block cipher system for data security
US4079188A (en) * 1975-04-14 1978-03-14 Datotek, Inc. Multi-mode digital enciphering system
FR2311360A1 (en) * 1975-05-13 1976-12-10 Innovation Ste Int SYSTEM FOR STORING DATA CONFIDENTIALLY BY MEANS OF PORTABLE ELECTRONIC OBJECTS INCLUDING A CONFIDENTIAL CODE ERROR MEMORIZATION CIRCUIT
US3996449A (en) * 1975-08-25 1976-12-07 International Business Machines Corporation Operating system authenticator
US4017798A (en) * 1975-09-08 1977-04-12 Ncr Corporation Spread spectrum demodulator
US4074066A (en) * 1976-04-26 1978-02-14 International Business Machines Corporation Message verification and transmission error detection by block chaining
US4133973A (en) * 1976-11-10 1979-01-09 Datotek, Inc. Digital cryptographic system having synchronous and asynchronous capabilities
US4123747A (en) * 1977-05-20 1978-10-31 International Business Machines Corporation Identity verification method and apparatus

Also Published As

Publication number Publication date
JPS54136205A (en) 1979-10-23
FR2421426A1 (en) 1979-10-26
US4310720A (en) 1982-01-12
GB2019060A (en) 1979-10-24
GB2076615A (en) 1981-12-02
GB2076615B (en) 1983-01-19
FR2421426B1 (en) 1986-09-19
DE2912696A1 (en) 1979-10-11
GB2019060B (en) 1982-09-02
DE2912696C2 (en) 1989-03-16

Similar Documents

Publication Publication Date Title
CA1102453A (en) Computer accessing system
US5872917A (en) Authentication using random challenges
US4596898A (en) Method and apparatus for protecting stored and transmitted data from compromise or interception
US4694492A (en) Computer communications security control system
US4349695A (en) Recipient and message authentication method and system
US5491752A (en) System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens
US4731841A (en) Field initialized authentication system for protective security of electronic information networks
US5020105A (en) Field initialized authentication system for protective security of electronic information networks
US6173400B1 (en) Methods and systems for establishing a shared secret using an authentication token
US5887063A (en) Communication system for portable appliances
US4691355A (en) Interactive security control system for computer communications and the like
US5311596A (en) Continuous authentication using an in-band or out-of-band side channel
US5636280A (en) Dual key reflexive encryption security system
US3798605A (en) Centralized verification system
CA2066715C (en) Challenge-and-response user authentication protocol
US5343529A (en) Transaction authentication using a centrally generated transaction identifier
US5371796A (en) Data communication system
US6044154A (en) Remote generated, device identifier key for use with a dual-key reflexive encryption security system
US5196840A (en) Secure communications system for remotely located computers
EP0223122B1 (en) Secure component authentication system
US6134661A (en) Computer network security device and method
EP0756397B1 (en) System and method for key distribution and authentication between a host and a portable device
CA2118644A1 (en) Personal Identification Encryptor and Method
GB9422389D0 (en) Authenticating access control for sensitive functions
US6088456A (en) Data encryption technique

Legal Events

Date Code Title Description
MKEX Expiry