CA1314956C - Method and apparatus for controlling access to a communication system - Google Patents
Method and apparatus for controlling access to a communication systemInfo
- Publication number
- CA1314956C CA1314956C CA000588046A CA588046A CA1314956C CA 1314956 C CA1314956 C CA 1314956C CA 000588046 A CA000588046 A CA 000588046A CA 588046 A CA588046 A CA 588046A CA 1314956 C CA1314956 C CA 1314956C
- Authority
- CA
- Canada
- Prior art keywords
- password
- code
- communication system
- subscriber
- way communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
Abstract
METHOD AND APPARATUS FOR CONTROLLING ACCESS
TO A COMMUNICATION SYSTEM
Abstract All subscribers operating within a communication system initially generate and transmit a random password and their ID code to the operation control) center of a communication system.
Thereafter, in a first embodiment, subscribers are commanded to modify (in a predetermined manner) and re-transmit their password and ID code either periodically or upon requesting access to the communication system. The modified password is retained as the current (authorized) password by both the subscriber and the system;
In a second embodiment, subscribers are commanded to generate and transmit a new random password and their ID code to the system, which maintains a history of each subscriber's current and previous passwords. According to the invention, some of the subscribers having an unauthorized (duplicated) ID code may be inactive (off) when the subscriber is commanded to modify or generate a password.
In this way, one of the subscribers having an unauthorized (duplicated) ID code will become out-of-sync with the system, and eventually transmit an unauthorized password. When the system receives an incorrect password for an out-of-sync subscriber, access to the communication system may be denied, and the subscribers that duplicate (or permit others to duplicate) ID codes may be identified.
TO A COMMUNICATION SYSTEM
Abstract All subscribers operating within a communication system initially generate and transmit a random password and their ID code to the operation control) center of a communication system.
Thereafter, in a first embodiment, subscribers are commanded to modify (in a predetermined manner) and re-transmit their password and ID code either periodically or upon requesting access to the communication system. The modified password is retained as the current (authorized) password by both the subscriber and the system;
In a second embodiment, subscribers are commanded to generate and transmit a new random password and their ID code to the system, which maintains a history of each subscriber's current and previous passwords. According to the invention, some of the subscribers having an unauthorized (duplicated) ID code may be inactive (off) when the subscriber is commanded to modify or generate a password.
In this way, one of the subscribers having an unauthorized (duplicated) ID code will become out-of-sync with the system, and eventually transmit an unauthorized password. When the system receives an incorrect password for an out-of-sync subscriber, access to the communication system may be denied, and the subscribers that duplicate (or permit others to duplicate) ID codes may be identified.
Description
r~ ~3 MFTHOD AND APPARATUS FOR CONTROLLlN(à ACCESS
TO A COMMUNICATION SYSTEM
l O
T~chni~l Field This invention relates generally to two-way communication 15 systems, and more specifically to access control of such systems, and is more particuiarly directed toward subscriber authorization procedures to gain access to a hlvo-way communication system.
Ba~k~rQund Art Password controlled systems are known. In such systems, access to a resource (such as a central computer) is denied unless a predetermined coda (password) is initially provided.
In a two-way communi~ation system, subscriber~ each have 25 an identification (ID) cods, which may be analogized to a simple password control mechanism. Wheneval a subscriber desires to communicate, a r~quest (which includes the ID code) may be transmitted to a central location. If the subscriber is authorized (i.e., the ID code is recognized by the system) communication is 30 permitt~d. Unauthorized (unrecognized) subscribers are d~nied access to the communication resources. For example, operators of Specialized Mobile Radio (SMR) systems provide a communication service to th~ir subscribors in return for a basic monthly rate (which may also includ~ a variable charge depending upon ths amount 35 of "air time" us~d by each subscribar). Each subscriber is billed for each ID code that the system is programmed to recognize. Generally, `:~
TO A COMMUNICATION SYSTEM
l O
T~chni~l Field This invention relates generally to two-way communication 15 systems, and more specifically to access control of such systems, and is more particuiarly directed toward subscriber authorization procedures to gain access to a hlvo-way communication system.
Ba~k~rQund Art Password controlled systems are known. In such systems, access to a resource (such as a central computer) is denied unless a predetermined coda (password) is initially provided.
In a two-way communi~ation system, subscriber~ each have 25 an identification (ID) cods, which may be analogized to a simple password control mechanism. Wheneval a subscriber desires to communicate, a r~quest (which includes the ID code) may be transmitted to a central location. If the subscriber is authorized (i.e., the ID code is recognized by the system) communication is 30 permitt~d. Unauthorized (unrecognized) subscribers are d~nied access to the communication resources. For example, operators of Specialized Mobile Radio (SMR) systems provide a communication service to th~ir subscribors in return for a basic monthly rate (which may also includ~ a variable charge depending upon ths amount 35 of "air time" us~d by each subscribar). Each subscriber is billed for each ID code that the system is programmed to recognize. Generally, `:~
- 2 - ~ C~-0033 8H
each subscriber has unlimited access to the SMR system so long as the serYice bills are paid.
The need for the pres0nt invention grew out of the realization by some SMR operators that some of the subscribers are 5 duplicating (or permitting others to duplicate) the memory device that contains the ID coda, and installing the duplicated devices in several radios. in this way, the basic monthly fee per unit is avoided since several subscribers now have the "same" ID code. The loss of revenue to the SMR operators is both significant and growing~
10 Although legal recourse may be available, it is both time consuming and costly. Typically, the SMR operator has inves~ed hundreds of thousands of dollars to provide the communication service, and the additional cost and burden of polieing the system may be intolerable.
From the above diseussiorl, it will be apparent that 15 conventional password systems are completely unsuited to address this problem. The fundamental problem with simpls password systems is that they prssuppose that a subscriber desires to maintain the password in secrecy, thereby assisting in the effort to control who has access to the resource. Accordingly, the addition of 20 a separate password (perhaps entered on a kaypad of a radio) would be fruitless since this password could be easily disseminated by those who currently duplicats the ID codes. Further, requiring individuals to enter a password prior to requesting a communication channel goes a~ainst the custom and practic0 of the communication ~5 industry, and may be overly burdensome to the subscribers Thus, a need e,xists to provide a method for allowing easy access to a communication system, while still providing protection to the operators of such communication systems.
each subscriber has unlimited access to the SMR system so long as the serYice bills are paid.
The need for the pres0nt invention grew out of the realization by some SMR operators that some of the subscribers are 5 duplicating (or permitting others to duplicate) the memory device that contains the ID coda, and installing the duplicated devices in several radios. in this way, the basic monthly fee per unit is avoided since several subscribers now have the "same" ID code. The loss of revenue to the SMR operators is both significant and growing~
10 Although legal recourse may be available, it is both time consuming and costly. Typically, the SMR operator has inves~ed hundreds of thousands of dollars to provide the communication service, and the additional cost and burden of polieing the system may be intolerable.
From the above diseussiorl, it will be apparent that 15 conventional password systems are completely unsuited to address this problem. The fundamental problem with simpls password systems is that they prssuppose that a subscriber desires to maintain the password in secrecy, thereby assisting in the effort to control who has access to the resource. Accordingly, the addition of 20 a separate password (perhaps entered on a kaypad of a radio) would be fruitless since this password could be easily disseminated by those who currently duplicats the ID codes. Further, requiring individuals to enter a password prior to requesting a communication channel goes a~ainst the custom and practic0 of the communication ~5 industry, and may be overly burdensome to the subscribers Thus, a need e,xists to provide a method for allowing easy access to a communication system, while still providing protection to the operators of such communication systems.
3 ~Ym~3~b~Y~
Briefly, according to the invention, all subscribers initially generate and transmit a random password and their iD code to the operation (controi) center of a communication system. Th~reafter, 35 in a first embodiment, subscribers are commanded to modify (in a predetermined manner) and re-transmit their password and ID code either periodically or upon requesting access to the communication ~31~ 9~ CM-00338H
system. After acceptance, the modified password is retained as the current (authorized) password by both the subscriber and the system.
In a second embodiment, subscribers are commanded (or optionally determine independently) to generate and transmit a new random password and their ID code to the system, which maintains a history of each subscriber's current and previous passwords. According to the invention, some of the subscribers having an unauthorized (duplicated) ID code may be inactive (off) when the subscriber is commanded to modify or generate a password. In this way, at least one of the subscribers having an unauthorized ID cocle will become out-o~-sync with the system, and eventually transmit an unauthorized password. When the system receives an incorrect password from an out-of-sync subscriber, access to the communication systern may be denied, and the subscriber(s) that duplicate (or permit others to duplicate) ID codes may be identified.
Bri~f De~ription of the Drawin~
The invention may be und~rstood by reference to the 2 0 following description, taken in conjunction with the accompanying drawings, in which:
Figures la and lb are flow diagrams illustrating the steps executed by subscriber units according to a first embodiment of the present invention;
Figure ~ is a flow diagram illustrating the steps executed by an operational center (central) of a c:ommunication system in accordance with a first embodiment of the pres~nt invention;
Figures 3a and 3b are flow diagrams illustrating the steps executed by subscriber units according to a second embodiment of 3 0 the present invention;
Figure 4 is a flow diagram iilustrating the steps executed by an opsrational c~nter (central) of a communication system in accordance with a second embodiment of the present invention.
Briefly, according to the invention, all subscribers initially generate and transmit a random password and their iD code to the operation (controi) center of a communication system. Th~reafter, 35 in a first embodiment, subscribers are commanded to modify (in a predetermined manner) and re-transmit their password and ID code either periodically or upon requesting access to the communication ~31~ 9~ CM-00338H
system. After acceptance, the modified password is retained as the current (authorized) password by both the subscriber and the system.
In a second embodiment, subscribers are commanded (or optionally determine independently) to generate and transmit a new random password and their ID code to the system, which maintains a history of each subscriber's current and previous passwords. According to the invention, some of the subscribers having an unauthorized (duplicated) ID code may be inactive (off) when the subscriber is commanded to modify or generate a password. In this way, at least one of the subscribers having an unauthorized ID cocle will become out-o~-sync with the system, and eventually transmit an unauthorized password. When the system receives an incorrect password from an out-of-sync subscriber, access to the communication systern may be denied, and the subscriber(s) that duplicate (or permit others to duplicate) ID codes may be identified.
Bri~f De~ription of the Drawin~
The invention may be und~rstood by reference to the 2 0 following description, taken in conjunction with the accompanying drawings, in which:
Figures la and lb are flow diagrams illustrating the steps executed by subscriber units according to a first embodiment of the present invention;
Figure ~ is a flow diagram illustrating the steps executed by an operational center (central) of a c:ommunication system in accordance with a first embodiment of the pres~nt invention;
Figures 3a and 3b are flow diagrams illustrating the steps executed by subscriber units according to a second embodiment of 3 0 the present invention;
Figure 4 is a flow diagram iilustrating the steps executed by an opsrational c~nter (central) of a communication system in accordance with a second embodiment of the present invention.
- 4 - , ~ CM-00338H
Detailed D~sçription Qf the Pref~r~d Em~odim~n~
The ~oal of the present invention is to detect the presence of subscriber units containing an unauthorized (duplioated~
identifioation (ID) code, which may be used to gain access to a two-way communication system. According to the principles of the present invention, the two-way communioation system could comprise virtually any communica~ion system in which information flows both from a central location to subscriber units, and from subscriber units back to the central location. Suoh systems include~
but are not limited to, trunked communication systems, cellular telephone communication systems, wiraline link computer systems, and the like. In achieving this goal, it is paramount that the present invention afford some protection to ensure against the possibility of ~false detection". That is, the present invention must guard against the possibility of designating an authorized subscriber unit as one that has obtained a duplicate ID code, and thus is operating (or attempting to operate) on a communication system in an unauthorized manner.
Since a primary focus of the present invention is to protect the interest of the comnlunication systern operator, the action taken upon the detection of an unauthorized subscriber unit is left largely in the hands of the communication service providsr. Accordingly, upon detection of an unauthorized subscriber, the ID code that has been duplicated may be denied future communication services.
Alternately, a list of any ID codes that have been determined to be unauthorized may be generated. This al~ernative action provides the system operator with the flexibili~y to determine whether or not to withhold communication services from a subscriber having an 3 0 unauthorized ID code.
Fundamentally, the present invention achieves its goals and objects by having each authorized subscriber generate a randomized password, which is stored both in the subscriber unit and the central station or controll~r of the two-way communication system. The initially randomized password is varied by either generating a new randomized password, or by modifying the ini~ial password to create a new password. Aocordingly, the passwords of each individual 13 ~ 9 ~ ~cM-oo338H
subscriber unit change on a relatively continuous basis either by command from the central unit, or automatically during events, such as, for example, the initiation by a subscriber unit of a call request (or other request) to use the communication services provided by the two-way communication system. According to the present invention, it is unlikely that every unauthorized subscriber unit would be active (i.e., on and monitoring the communication channels3 at all times. Thus, even if an unauthorized subscriber were able to obtain the initial randomized password, and thereafter, were able to keep up with certain rnodification commands, eventually at least one unauthorized subscriber will be inactive (off) when one or more commands to change or create a naw password is received. Thus, at least one unauthorized subscriber will be "out-of-syncN with the current (authorized) password expectad by the central controller and contained in the othar subscriber units (whether authorized or unauthorized). Accordingly, when the out-of-sync subscriber ultimately re-transmits its password to the communication facilities, the central may aasily detect the unauthorized (incorrect) password and determine that an unauthorized subscriber exists.
As will be apparent from the preceding discussion, the present invention operates to permit unauthorized subscribers te hàve some access to the communication system, preferring to wait until one or more of the unauthorized subscribers becomes confusecl (i.e., out-of-sync) as to what the current ~valid) password actually is. This reduces the possibility of falsaly de~erminin~ that the password is incorrect when, if fact, a correctly transmitted password has been corrupted by noise or other atmospheric disturbances while travelling through the communication channel (be it wireless or wireline). Typically, i~ is con~emplated by the present invention that the period of time required for unauthorized subscribers to become out-of-sync may be as short as 24 hours, or as long as 1 week. In any event, tha present invention prefers a more gradual (yet certain) detaction of unauthorized subscribers rather than a more ruthless (and error prone) detection mechanism.
3 5 Referring now to Figure 1a, the steps executed by a subscriber unit according to a first embodiment of the present invention ara shown. In st~p 100, a subscriber powers up and ~ 3 .~ ~ ~ 5 ~
generates a random (or pseudo-random) password. In step 102, the subscriber unit transmits its password (sither new or modified (step 123)) together with its ID code to the system controller (commonly referred to as a central controller or central). Decision 104, determines whether the subscriber has received a responsa from the centra1. Accordin~ to the present inven~ion, the subscriber awaits an "Acknowledge" code from the central indicating that the central has received and cross-referenced the subscriber's ID code to the current password. If the determination of decision 104 is that the subscriber has not r0ceived the response from the central, the routina proceeds to decision 106, which deterrnines whether or not it is appropriate for the subscriber to retransmit (retry) the transmission of its password and ID code. Typically, the subscriber will retry a transmission several times after waiting a predetermined time interval. HoweYRr, after completing several retransrnissions, if the subscriber has not received a response the routine proceecis to step 108, where the subscriber unit sets a flag, which records the fact that the password was transmitted. The routine then proceeds to decision 122.
If, however, the determination of decision 104 is that the subscriber has received a response, the routine proceeds to dscision 110, which determines whether a ~Service l)enied" code has been received. If the cantral has determinad that the subscriber is unauthorized, it may transmit a NService Danied" command code, 2 S which will terminate tho routine in step 112. Assuming, however, that decision 110 deterrninss that a "Service Denied'' code was not received, ~he routine proceeds to decision 11 4, which determines whether the expectad "Acknowledge" code from the central controller has b~en received. If not, the routine prooeeds to 3 0 reference letter C. Assuming however that the "Acknowledge" code has been received by the subscriber unit, the routine proceeds to step 120, in which the subscriber units stores the password (either initial or modified) in a suitable memory device. Preferably, the modification of the password comprises incrementing or decrernenting the digitai code comprising the password by a predetermined amount (for instance, by one). This operates to keep the password chan~ing in a relatively continuous manner.
- 7 - ~L3~ CM-00338H
Decision 122 determines wheth~r the subscriber has receivad a "Send PasswordH command from the central. if so, the password is modified (step 1233, after which the routine proceeds to step 102, wherein the subscriber retransmits the modified password 5 and its unit ID code. If, however, the determination of decision 122 is that a "Send PasswordH command has not been received, the routine proceeds to decision 124, which de~ermines whether the individual operating ~he subscriber unit has activated a push-to-talk (PTT) switch. Ordinarily, the PTT switch automatically initiates a 10 request for the subscriber to gain access to the communication resources. If decision 124 determinss that the subscriber does not wish to communicate, the routine proceeds to referenca letter C
(decision 122). The subscriber will continue to operate in the "loop`' formed by decisions 122 and 124 until some action or command has 15 been taken. Of course, the simplified loop embodied by decisions 122 and 124 serve only to illustrate the basic operation of the present invention. It will be understood by those skilled in the art that within this operational loop many other procedures and functions may be performed as are known and existing in the art 20 today. Assuming, however, that decision 124 has determined that the subscriber desires access of the communication resources, the routine proceeds to reference letter B of Figure 1b~
Referring to Figure ~b, the subscriber unit responds to the activation of the PTT switch by transmitting a call request to the 2 5 central controlier ~step 126). Ordinarily, the call request includes the subscriber unit identification coda and other information so as to inform the central as to the type of call requested (such as, for exarnple, voice transmission, data transmission, individual call, or group call~. Decision 128 determines whether a response has been 30 received from th~ central. If not, decision 130 determines whether i~ is appropriat~ to retransmit (retry) the c~ll request. If not, the routine proceeds to reference letter C. Assuming that the subscriber has received a response, decision 132 determines whether the central has transmitted a "Send Password" command. If so, the 35 password is modified (step 133), and the routine proceeds to reference letter A. Assuming, however, that the subscriber has not received a "Send Password" oommand, decision 134 determines - 8 ~ CM-00338H
whether a "Busy" command cods has been received by the subscriber.
Gen~rally, shared access communication systems (such as, for example, trunked communication systems) allocate a limited and fixed number of channeO resources amon~ a plurality of subscriber 5 units. Accordingly, there is a chance that, at any par~icular time, no communication channels will be availabla. In such circumstances, the central controller returns a "E3usy" command code. Thus, decision 134 routes control to reference letter C K a "E3usy~ command code is received. Howaver, if thc detcrmination of decision 134 is that a 10 busy command code has not been receivod, the routine proceeds to decision 136, which determines whether the subscriber has receivecl a "Channel Grant" command from the central. If the determination of decision 136 is that a "Channel Grant" has not been received, the routine proceeds to reference letter C. If, however, the central has 15 granted the subscriber's call request and assigned a communication channel for the subscriber to use, the routine proceeds to decision 138, which determines whether the flag indicating that the password was sent is set. An affirmative det~rmination of decision 138 indicates that the subscriber unit was waiting for a response 2 0 from the central (decision 104). Acoordingly, the password (initial or as modified) is stored (step 140) and the flag is cleared (step 142). Following this, the call is processed normally (step 144~.
However, if the determination of decision 138 is that the flag is not set, the subscriber may optionally modiFy and store its password 25 (step 146) prior to proc~ssin~ tha call (step 144).
Re~erring now to Figurc 2, the steps exe~uted by the system central control station (central) according to a first embodiment of the present invention are shown. In deeision 200, the central determines whether it has received a caii requast from a subscriber.
30 If so, decision 202 determin~s wheth~r the subscriber is currently authorized. According to the present inv~ntion, th~ subscriber would have an unauthorized status if the received call request was the first request received from suoh subscriber ~following an initial power up). Alternatelyt a subscriber can b~ moved from an 3 5 authorized to unauthorized status by the system operator to force a password modification and determine whether other subscribers have unauthorized duplioates of that particular ID code. Lastly, 9 ~ CM-00338H
according to the present invention, it is oontemplated that a certain subset of all available and authorized subscribers may be reclassified to an unauthorized status to force password modifications in an attempt to de~ect unauthorized users. The 5 status change from authorized to unauthorized may be performed by the central eithsr at random, or by a selection of those subscriber ID
codes that have not had a significant level of communication activity. This latter option forces ID code chan~es even in the event that a subscriber has not generat0d a significant amount of call 10 requests, which would automatically force password modificakions.
Accordingly, the central transmits (step 204) a NSend Password"
command to the requestin~ subsoriber unit and returns to deoision 200 to await the subscriber's response.
If the determination of decision ~02 is that the subscriber 15 is authorized, the routine proceeds to decision 210, which detarmines whether a channel is available. If not, the routine proceeds to step 212 where a "Busy" code may be transmitted to the subscriber. If, however, the determination of decision 210 is ~hat a channel is available, the routine may proceed to step 214, where the 2 0 central optionally modifies and stores the subscriber's password (cross-referenced to the subscribers ID code). Of ooursel for the password system of ~he present invention to operate correctly, both the central and th~ subscriber must mo~dify the current (valid) password in the same predetermined wa~y (preferably, by 25 incrementing or deorementing the password by a predetermined amount). Next, step 216 transmits a "Channel Grant" to the subscriber so that communication may proceed. Following this, the routine returns to decision 200.
Assuming now that the determination of decision 2û0 was 30 that a call requast was not received, decision 218 determines whether a password has been received from a subscriber. If the determination of decision 218 is that a password has not been received, the routine returns to decision 200, to await a call request. Of oourss, othar request codes currently known and used 3 5 may be received and operated upon by the central in any particular embocliment. Assuming now that the determination 218 was that a password has been rec~ived (which may bs in response to a "Send ~31 4~ CM-00338H
Password" command), the routine proceeds to decision 220, where the centrai determirl0s whether a password alraady exists for that subscriber's ID code. If so, decision 222 determines whether ths subscriber unit is authorized. if the subscriber is authori~ed, the 5 routine proceeds to step 226, which stores the received password.
Next, the central transmits an "AcknowledgeH code (step 228). If, however, the subscriber is not authorized, the subscriber's stored password is modified (step 224) and the routine proceeds to decision 2~5, which determine whether the received password and modified 10 password match. If the determination of decision 225 is that the passwords match, the routine proceeds to step 226, which stores the modified password (cross-referenced to the ID code of the subscriber unit) in a suitable mernory device. The routine flow from a ne~ative determination of decision 220 to step 226 stems from the 15 realization that if ~ subscriber unit has transmitted a password without being commanded to do so, it is likely that the subscriber unit has just powerad on and is seeking to registsr an authorized ID
code. In step 228, the central transmits an "Acknowledge" code to the subscriber, which will cause the subscriber to correspondingly 20 store its modified password thereby kees~ing the central and the subscriber "synchronizedN as to tha curn~nt (valid and authorized) pàssword.
Assuming, however, that the determination of d~cision 225 is that the received password and the rnodified password do not 25 matoh, the routine proceeds to step 230, whers a l'Service D~ni~d"
code may be transmitted. Alternat~ly, the central may communicate with a printer (or the like) and list the subscriber ID code that has transmitted the incorrect password. In this way, the syst~m operator may determine whether or not to deny future 30 communication systern access.
Preferably, if automatic denial of service is desired by a system operator, the "Sarvice Denied" command code is transmitted upon tha first determination that ~he passwords are incorrect. The reason for this selection results from the fact that the present 35 invention detects unauthorized users gradually rather than by a more ruthless method. In any ev~nt, to provide even more gradual detection, the c~ntral may have a password mismatch countar, which .3~9~Ç'3 CM-00338H
will count the number of times an incorrect password has been transmitted with a particular subscriber identification code. After a predetermined threshold has been reached, the system operator can be assured that unauthorized users exist.
Referring now to Figura 3a, the steps executed by a subscriber unit according to a second embodiment of the present invention are shown. In s~ep 300, a subscriber (upon initial power up~ generates a random (or pseudo-random) password. In step 302, the subscriber transmits this password together with its ID code to the system controller (commonly referred to as a central controller or central). Decision 304, determines whether the subscriber has received a "New Password" command from the central (optionally, the subscriber unit may itself generate a "New Password" command after the expiration of a timer upon the occurrence of some event~.
If so, the routine returns to step 300, where the subscriber unit generates and transmits (step 302) a new random password. If, however, the determination of decision 304 is that the subscriber has not received a "New Password" command from the c~ntral (optionally, the subscriber unit may itself 3~nerate a "New Password" command after the expiration of a timer or upon the occurrence of some event). if so, the routine returns to step 300, where the subscriber unit g~nerat~s and transmits (step 302) a new random password. If, however, the de~rmination of decision 304 i~
that the subscriber has not received a NNew Password" cammand from the central, the routine proceeds to de&ision 306, which determines whether the subscriber has activated its push-to^talk (PTT) switch to initiate a transmission. Ordinarily, the PTT switch autornatically initiates a request for the subscriber to gain access to the communication service. If decision 306 determines that the subscriber does not wish to communicate, the routine returns to decision 304. The subscriber unit will continue to operate in the "loop" formed by decisions 304 and 306 until some action or command has been taken. Of course, the simplified loop embodied by decisions 304 and 306 servG only to il.ustrate the basic operation of the present invention. It will be understood by those skilled in the art that within this operational loop many other procedures and - 12 - :3 3~4~i6 CM-00338H
functions may be performed as are known and existing in the art today.
Assuming that decision 306 has determined that the subscriber desires access of the communication rssources, the 5 routine proceeds to step 308, where the subscriber unit transmits a call request and the current password to the central controller.
Ordinarily, the call requast includes the subscriber's identification code and other information so as to inforrn the central as to the type of call requested (such as, for example, voico transmission, data 10 transmission, individual call, or group call). Decision 310 determines whether a response has been re~aived from the central.
If not, decision 312 determines whethcr it is appropriate to retransmi~ ~retry) the call request. Typically, the subscriber unit may retry a transmission several times aftsr waiting a 1 5 predetermined time interval. i lowever, after completing several retransmissions, if the subscriber has not received a response the routine proceeds to reference letter G to await a later attempt. If, however, the cl~termination of decision 310 is that the subscriber has received a rasponse, th~ routine procecds to decision 316, which 20 dotermines whather a "ServiGe Denied" code word has be~n received.
If the central has determined that the subscriber is unauthorized, it may transmit a "Service Denisd" command code, which will terminate the routine in step 318. Assumin~, however, that decision 316 dctermines that a "Service Denied" code was not receiv~d, the 25 routin~ proceeds to reference l~tter E of Figure 3b.
Referring now to Figure 3k, the routine continues in decision 320, which determines wh~thcr the cen~ral has transmi~ed a "Nlew Password" command. If so, the routine proceeds to reference letter F (Figure 3a). Assuming, however, that the subscriber has not 30 received a "New Password" command, decision 322 determines whether a "Busy" command code has be~n received by ths subscriber unit. Gen~rally, shared access communication systems (such as, for example, trunked communication systems) allocate a limit~d and fixed number of channel resources among a plurality of subscriber 35 units. Accordingly, there is a chance ~hat, at any particuiar time, no communication channels will be availabls. In such circumstances, th~ central controll~r roturns a "~usy" oommand code. Thus, decision 13 1 ~
322 routes centfol to reference letter G (Figure 3a) if a "Busy"
command coda is received. However, if the determination of decision 322 is that a "Busy" command code has not been receivad, the routine proceeds to decision 324, which determines whether the 5 subscriber has received a "Channel Grant" command from the central.
If the determination of decision 324 is that a "Channel Grant" has not been received, the routine procsads to referencs letter G (Figure 3a). If, howaver, the central has granted the subscriber's call request and assigned ~ communication channel for the subscriber to 10 use, the routina proceeds to step 326, where the subscriber unit processes the call normally, after which, the routine proceeds to reference letter G (Figure 3a).
Referring now to Figure 4, the steps executed by the system central control station (central) according to a second preferred 15 embodiment of the present invention are shown. In decision 400, the central determines whether to command a subscriber unit to generate and transrnit a nsw password. If so, step 402 transmits a "New Password" command to the subscriber unit. A negative determination of decision 400 causes the routine to proceed to 20 decision 404, which determines whether the central has received a new password from a subscriber unit. Typically, an affirmative detarmination of decision 404 occurs when a subscriber initially powers up and transmits a newly g~nera~te~ password. Optionally the subscriber unit may have automatically ~enerated a new password 25 after the expiration of a timer or the occurrence of some event.
Accordingly, if the determination of decision 404 is that a new password has b~en r~ceived, the routine proce~ds to step 406, where the current password (in any) is reassigned as a prior password to make room for the new (current) password. The new password is 30 then stored as the curren~ (authoriz~d) password in step 408.
Following this, the routine returns to decision 400.
Decision 410 detsrmines whether the central has received a call request. If not, the routine returns deoision 400. However, if the determination of decision 410 is that a call request has been 35 received, the routins proceeds to decision 412, which determines wh0ther the subscriber's curren~ (authorized) password correlates (matches) the received password. The matching (or correlation) of - 14 - ' ~L31~9~6 CM-00338H
the passwords by the present invention consists of a bit-by-bit comparison requiring 100% correspondence. If the determination of decision 412 is that the passwords do not match, the routine proceeds to decision 414, which det~rmines whether the received S password correlates with the subscriber's prior password.
Preferably, the present invention stores only the last prior password as the prior password. Alternately, if the central has suitable memory capacity, several prior passwords may be stored for each subscriber ID. In such a case, decision 414 would determine whether the received password matched any o~ the prior passwords. If the determination of decision 414 is that ths received password and prior password correlate the routina proceeds to step 416, where a "Service Denied" command cod~ may be transmitted to the subscriber. Altsrnately, the central may communicate with a printer (or tha like) and list the subscriber ID code that has transmitted the incorrect password. This way, the system operator may determine whether or not to deny ~uture communication system access Preferably, if automatic denial of service is desired by a system operator, tha ~Service Denied" command eode is transmitted upon the first determination that the passwords are incorrect. The reason for this selectior! rasults from the fact that the present invention detects unauthorized users 3radually rather than by a more ruthless rnethod. In any event, to provide even more gradual detection, the centrat may have a password mismatch counter, which will count the number of times an incorrect password has been transmitted with a particular subscriber identification code. After a predetermined threshold has been reach0d, the system operator can be assured that unauthorized users exist and are transmitting the incorrect password.
Assuming now that the determination of decision 414 is that the received password does not correlate to the subscriber's prior password, the routine proceeds to stap 418, where the current password is reassigned as a prior password. Next, in step 418, the received password is stor0d as the current (authorized) password 3 5 and the routine proceeds to decision 420. These steps of the central's routine provide protection for an authorized subscriber that has lost ~he current password through some error. Thus, if the - 1S - ~ 3 ~ CM-00338H
received password does not match the current password (decision 412~, the central may allow the subsoriber access so lon~ as the received password does not match a prior password (decision 414).
Of course, the central may also monitor how often a subscriber S transmits a new password that does not match either the current or a previous password. Thus, if a subscriber attempted to circumvent the access protection afforded by the present invention by continually generating new passwords, the central may detect this occurrence an~ alert the system operator.
If the determination of decision 412 is that the received password matches the current password, or if the determination of decision 414 is that the received password did not match the subscriber's prior password, the routine proceed to decision 420, which determines whether a channel is available. If not, the routine proceeds to step 422 whare a "Busy" code may be transmitted to the subscriber. If, howevar, the detarmination of decision 420 is that a`
channel is available, the routine proceeds to step 424, where the central transmits a "Channel Grant" to the subscriber so that communications may proceed.
What is claimed is:
Detailed D~sçription Qf the Pref~r~d Em~odim~n~
The ~oal of the present invention is to detect the presence of subscriber units containing an unauthorized (duplioated~
identifioation (ID) code, which may be used to gain access to a two-way communication system. According to the principles of the present invention, the two-way communioation system could comprise virtually any communica~ion system in which information flows both from a central location to subscriber units, and from subscriber units back to the central location. Suoh systems include~
but are not limited to, trunked communication systems, cellular telephone communication systems, wiraline link computer systems, and the like. In achieving this goal, it is paramount that the present invention afford some protection to ensure against the possibility of ~false detection". That is, the present invention must guard against the possibility of designating an authorized subscriber unit as one that has obtained a duplicate ID code, and thus is operating (or attempting to operate) on a communication system in an unauthorized manner.
Since a primary focus of the present invention is to protect the interest of the comnlunication systern operator, the action taken upon the detection of an unauthorized subscriber unit is left largely in the hands of the communication service providsr. Accordingly, upon detection of an unauthorized subscriber, the ID code that has been duplicated may be denied future communication services.
Alternately, a list of any ID codes that have been determined to be unauthorized may be generated. This al~ernative action provides the system operator with the flexibili~y to determine whether or not to withhold communication services from a subscriber having an 3 0 unauthorized ID code.
Fundamentally, the present invention achieves its goals and objects by having each authorized subscriber generate a randomized password, which is stored both in the subscriber unit and the central station or controll~r of the two-way communication system. The initially randomized password is varied by either generating a new randomized password, or by modifying the ini~ial password to create a new password. Aocordingly, the passwords of each individual 13 ~ 9 ~ ~cM-oo338H
subscriber unit change on a relatively continuous basis either by command from the central unit, or automatically during events, such as, for example, the initiation by a subscriber unit of a call request (or other request) to use the communication services provided by the two-way communication system. According to the present invention, it is unlikely that every unauthorized subscriber unit would be active (i.e., on and monitoring the communication channels3 at all times. Thus, even if an unauthorized subscriber were able to obtain the initial randomized password, and thereafter, were able to keep up with certain rnodification commands, eventually at least one unauthorized subscriber will be inactive (off) when one or more commands to change or create a naw password is received. Thus, at least one unauthorized subscriber will be "out-of-syncN with the current (authorized) password expectad by the central controller and contained in the othar subscriber units (whether authorized or unauthorized). Accordingly, when the out-of-sync subscriber ultimately re-transmits its password to the communication facilities, the central may aasily detect the unauthorized (incorrect) password and determine that an unauthorized subscriber exists.
As will be apparent from the preceding discussion, the present invention operates to permit unauthorized subscribers te hàve some access to the communication system, preferring to wait until one or more of the unauthorized subscribers becomes confusecl (i.e., out-of-sync) as to what the current ~valid) password actually is. This reduces the possibility of falsaly de~erminin~ that the password is incorrect when, if fact, a correctly transmitted password has been corrupted by noise or other atmospheric disturbances while travelling through the communication channel (be it wireless or wireline). Typically, i~ is con~emplated by the present invention that the period of time required for unauthorized subscribers to become out-of-sync may be as short as 24 hours, or as long as 1 week. In any event, tha present invention prefers a more gradual (yet certain) detaction of unauthorized subscribers rather than a more ruthless (and error prone) detection mechanism.
3 5 Referring now to Figure 1a, the steps executed by a subscriber unit according to a first embodiment of the present invention ara shown. In st~p 100, a subscriber powers up and ~ 3 .~ ~ ~ 5 ~
generates a random (or pseudo-random) password. In step 102, the subscriber unit transmits its password (sither new or modified (step 123)) together with its ID code to the system controller (commonly referred to as a central controller or central). Decision 104, determines whether the subscriber has received a responsa from the centra1. Accordin~ to the present inven~ion, the subscriber awaits an "Acknowledge" code from the central indicating that the central has received and cross-referenced the subscriber's ID code to the current password. If the determination of decision 104 is that the subscriber has not r0ceived the response from the central, the routina proceeds to decision 106, which deterrnines whether or not it is appropriate for the subscriber to retransmit (retry) the transmission of its password and ID code. Typically, the subscriber will retry a transmission several times after waiting a predetermined time interval. HoweYRr, after completing several retransrnissions, if the subscriber has not received a response the routine proceecis to step 108, where the subscriber unit sets a flag, which records the fact that the password was transmitted. The routine then proceeds to decision 122.
If, however, the determination of decision 104 is that the subscriber has received a response, the routine proceeds to dscision 110, which determines whether a ~Service l)enied" code has been received. If the cantral has determinad that the subscriber is unauthorized, it may transmit a NService Danied" command code, 2 S which will terminate tho routine in step 112. Assuming, however, that decision 110 deterrninss that a "Service Denied'' code was not received, ~he routine proceeds to decision 11 4, which determines whether the expectad "Acknowledge" code from the central controller has b~en received. If not, the routine prooeeds to 3 0 reference letter C. Assuming however that the "Acknowledge" code has been received by the subscriber unit, the routine proceeds to step 120, in which the subscriber units stores the password (either initial or modified) in a suitable memory device. Preferably, the modification of the password comprises incrementing or decrernenting the digitai code comprising the password by a predetermined amount (for instance, by one). This operates to keep the password chan~ing in a relatively continuous manner.
- 7 - ~L3~ CM-00338H
Decision 122 determines wheth~r the subscriber has receivad a "Send PasswordH command from the central. if so, the password is modified (step 1233, after which the routine proceeds to step 102, wherein the subscriber retransmits the modified password 5 and its unit ID code. If, however, the determination of decision 122 is that a "Send PasswordH command has not been received, the routine proceeds to decision 124, which de~ermines whether the individual operating ~he subscriber unit has activated a push-to-talk (PTT) switch. Ordinarily, the PTT switch automatically initiates a 10 request for the subscriber to gain access to the communication resources. If decision 124 determinss that the subscriber does not wish to communicate, the routine proceeds to referenca letter C
(decision 122). The subscriber will continue to operate in the "loop`' formed by decisions 122 and 124 until some action or command has 15 been taken. Of course, the simplified loop embodied by decisions 122 and 124 serve only to illustrate the basic operation of the present invention. It will be understood by those skilled in the art that within this operational loop many other procedures and functions may be performed as are known and existing in the art 20 today. Assuming, however, that decision 124 has determined that the subscriber desires access of the communication resources, the routine proceeds to reference letter B of Figure 1b~
Referring to Figure ~b, the subscriber unit responds to the activation of the PTT switch by transmitting a call request to the 2 5 central controlier ~step 126). Ordinarily, the call request includes the subscriber unit identification coda and other information so as to inform the central as to the type of call requested (such as, for exarnple, voice transmission, data transmission, individual call, or group call~. Decision 128 determines whether a response has been 30 received from th~ central. If not, decision 130 determines whether i~ is appropriat~ to retransmit (retry) the c~ll request. If not, the routine proceeds to reference letter C. Assuming that the subscriber has received a response, decision 132 determines whether the central has transmitted a "Send Password" command. If so, the 35 password is modified (step 133), and the routine proceeds to reference letter A. Assuming, however, that the subscriber has not received a "Send Password" oommand, decision 134 determines - 8 ~ CM-00338H
whether a "Busy" command cods has been received by the subscriber.
Gen~rally, shared access communication systems (such as, for example, trunked communication systems) allocate a limited and fixed number of channeO resources amon~ a plurality of subscriber 5 units. Accordingly, there is a chance that, at any par~icular time, no communication channels will be availabla. In such circumstances, the central controller returns a "E3usy" command code. Thus, decision 134 routes control to reference letter C K a "E3usy~ command code is received. Howaver, if thc detcrmination of decision 134 is that a 10 busy command code has not been receivod, the routine proceeds to decision 136, which determines whether the subscriber has receivecl a "Channel Grant" command from the central. If the determination of decision 136 is that a "Channel Grant" has not been received, the routine proceeds to reference letter C. If, however, the central has 15 granted the subscriber's call request and assigned a communication channel for the subscriber to use, the routine proceeds to decision 138, which determines whether the flag indicating that the password was sent is set. An affirmative det~rmination of decision 138 indicates that the subscriber unit was waiting for a response 2 0 from the central (decision 104). Acoordingly, the password (initial or as modified) is stored (step 140) and the flag is cleared (step 142). Following this, the call is processed normally (step 144~.
However, if the determination of decision 138 is that the flag is not set, the subscriber may optionally modiFy and store its password 25 (step 146) prior to proc~ssin~ tha call (step 144).
Re~erring now to Figurc 2, the steps exe~uted by the system central control station (central) according to a first embodiment of the present invention are shown. In deeision 200, the central determines whether it has received a caii requast from a subscriber.
30 If so, decision 202 determin~s wheth~r the subscriber is currently authorized. According to the present inv~ntion, th~ subscriber would have an unauthorized status if the received call request was the first request received from suoh subscriber ~following an initial power up). Alternatelyt a subscriber can b~ moved from an 3 5 authorized to unauthorized status by the system operator to force a password modification and determine whether other subscribers have unauthorized duplioates of that particular ID code. Lastly, 9 ~ CM-00338H
according to the present invention, it is oontemplated that a certain subset of all available and authorized subscribers may be reclassified to an unauthorized status to force password modifications in an attempt to de~ect unauthorized users. The 5 status change from authorized to unauthorized may be performed by the central eithsr at random, or by a selection of those subscriber ID
codes that have not had a significant level of communication activity. This latter option forces ID code chan~es even in the event that a subscriber has not generat0d a significant amount of call 10 requests, which would automatically force password modificakions.
Accordingly, the central transmits (step 204) a NSend Password"
command to the requestin~ subsoriber unit and returns to deoision 200 to await the subscriber's response.
If the determination of decision ~02 is that the subscriber 15 is authorized, the routine proceeds to decision 210, which detarmines whether a channel is available. If not, the routine proceeds to step 212 where a "Busy" code may be transmitted to the subscriber. If, however, the determination of decision 210 is ~hat a channel is available, the routine may proceed to step 214, where the 2 0 central optionally modifies and stores the subscriber's password (cross-referenced to the subscribers ID code). Of ooursel for the password system of ~he present invention to operate correctly, both the central and th~ subscriber must mo~dify the current (valid) password in the same predetermined wa~y (preferably, by 25 incrementing or deorementing the password by a predetermined amount). Next, step 216 transmits a "Channel Grant" to the subscriber so that communication may proceed. Following this, the routine returns to decision 200.
Assuming now that the determination of decision 2û0 was 30 that a call requast was not received, decision 218 determines whether a password has been received from a subscriber. If the determination of decision 218 is that a password has not been received, the routine returns to decision 200, to await a call request. Of oourss, othar request codes currently known and used 3 5 may be received and operated upon by the central in any particular embocliment. Assuming now that the determination 218 was that a password has been rec~ived (which may bs in response to a "Send ~31 4~ CM-00338H
Password" command), the routine proceeds to decision 220, where the centrai determirl0s whether a password alraady exists for that subscriber's ID code. If so, decision 222 determines whether ths subscriber unit is authorized. if the subscriber is authori~ed, the 5 routine proceeds to step 226, which stores the received password.
Next, the central transmits an "AcknowledgeH code (step 228). If, however, the subscriber is not authorized, the subscriber's stored password is modified (step 224) and the routine proceeds to decision 2~5, which determine whether the received password and modified 10 password match. If the determination of decision 225 is that the passwords match, the routine proceeds to step 226, which stores the modified password (cross-referenced to the ID code of the subscriber unit) in a suitable mernory device. The routine flow from a ne~ative determination of decision 220 to step 226 stems from the 15 realization that if ~ subscriber unit has transmitted a password without being commanded to do so, it is likely that the subscriber unit has just powerad on and is seeking to registsr an authorized ID
code. In step 228, the central transmits an "Acknowledge" code to the subscriber, which will cause the subscriber to correspondingly 20 store its modified password thereby kees~ing the central and the subscriber "synchronizedN as to tha curn~nt (valid and authorized) pàssword.
Assuming, however, that the determination of d~cision 225 is that the received password and the rnodified password do not 25 matoh, the routine proceeds to step 230, whers a l'Service D~ni~d"
code may be transmitted. Alternat~ly, the central may communicate with a printer (or the like) and list the subscriber ID code that has transmitted the incorrect password. In this way, the syst~m operator may determine whether or not to deny future 30 communication systern access.
Preferably, if automatic denial of service is desired by a system operator, the "Sarvice Denied" command code is transmitted upon tha first determination that ~he passwords are incorrect. The reason for this selection results from the fact that the present 35 invention detects unauthorized users gradually rather than by a more ruthless method. In any ev~nt, to provide even more gradual detection, the c~ntral may have a password mismatch countar, which .3~9~Ç'3 CM-00338H
will count the number of times an incorrect password has been transmitted with a particular subscriber identification code. After a predetermined threshold has been reached, the system operator can be assured that unauthorized users exist.
Referring now to Figura 3a, the steps executed by a subscriber unit according to a second embodiment of the present invention are shown. In s~ep 300, a subscriber (upon initial power up~ generates a random (or pseudo-random) password. In step 302, the subscriber transmits this password together with its ID code to the system controller (commonly referred to as a central controller or central). Decision 304, determines whether the subscriber has received a "New Password" command from the central (optionally, the subscriber unit may itself generate a "New Password" command after the expiration of a timer upon the occurrence of some event~.
If so, the routine returns to step 300, where the subscriber unit generates and transmits (step 302) a new random password. If, however, the determination of decision 304 is that the subscriber has not received a "New Password" command from the c~ntral (optionally, the subscriber unit may itself 3~nerate a "New Password" command after the expiration of a timer or upon the occurrence of some event). if so, the routine returns to step 300, where the subscriber unit g~nerat~s and transmits (step 302) a new random password. If, however, the de~rmination of decision 304 i~
that the subscriber has not received a NNew Password" cammand from the central, the routine proceeds to de&ision 306, which determines whether the subscriber has activated its push-to^talk (PTT) switch to initiate a transmission. Ordinarily, the PTT switch autornatically initiates a request for the subscriber to gain access to the communication service. If decision 306 determines that the subscriber does not wish to communicate, the routine returns to decision 304. The subscriber unit will continue to operate in the "loop" formed by decisions 304 and 306 until some action or command has been taken. Of course, the simplified loop embodied by decisions 304 and 306 servG only to il.ustrate the basic operation of the present invention. It will be understood by those skilled in the art that within this operational loop many other procedures and - 12 - :3 3~4~i6 CM-00338H
functions may be performed as are known and existing in the art today.
Assuming that decision 306 has determined that the subscriber desires access of the communication rssources, the 5 routine proceeds to step 308, where the subscriber unit transmits a call request and the current password to the central controller.
Ordinarily, the call requast includes the subscriber's identification code and other information so as to inforrn the central as to the type of call requested (such as, for example, voico transmission, data 10 transmission, individual call, or group call). Decision 310 determines whether a response has been re~aived from the central.
If not, decision 312 determines whethcr it is appropriate to retransmi~ ~retry) the call request. Typically, the subscriber unit may retry a transmission several times aftsr waiting a 1 5 predetermined time interval. i lowever, after completing several retransmissions, if the subscriber has not received a response the routine proceeds to reference letter G to await a later attempt. If, however, the cl~termination of decision 310 is that the subscriber has received a rasponse, th~ routine procecds to decision 316, which 20 dotermines whather a "ServiGe Denied" code word has be~n received.
If the central has determined that the subscriber is unauthorized, it may transmit a "Service Denisd" command code, which will terminate the routine in step 318. Assumin~, however, that decision 316 dctermines that a "Service Denied" code was not receiv~d, the 25 routin~ proceeds to reference l~tter E of Figure 3b.
Referring now to Figure 3k, the routine continues in decision 320, which determines wh~thcr the cen~ral has transmi~ed a "Nlew Password" command. If so, the routine proceeds to reference letter F (Figure 3a). Assuming, however, that the subscriber has not 30 received a "New Password" command, decision 322 determines whether a "Busy" command code has be~n received by ths subscriber unit. Gen~rally, shared access communication systems (such as, for example, trunked communication systems) allocate a limit~d and fixed number of channel resources among a plurality of subscriber 35 units. Accordingly, there is a chance ~hat, at any particuiar time, no communication channels will be availabls. In such circumstances, th~ central controll~r roturns a "~usy" oommand code. Thus, decision 13 1 ~
322 routes centfol to reference letter G (Figure 3a) if a "Busy"
command coda is received. However, if the determination of decision 322 is that a "Busy" command code has not been receivad, the routine proceeds to decision 324, which determines whether the 5 subscriber has received a "Channel Grant" command from the central.
If the determination of decision 324 is that a "Channel Grant" has not been received, the routine procsads to referencs letter G (Figure 3a). If, howaver, the central has granted the subscriber's call request and assigned ~ communication channel for the subscriber to 10 use, the routina proceeds to step 326, where the subscriber unit processes the call normally, after which, the routine proceeds to reference letter G (Figure 3a).
Referring now to Figure 4, the steps executed by the system central control station (central) according to a second preferred 15 embodiment of the present invention are shown. In decision 400, the central determines whether to command a subscriber unit to generate and transrnit a nsw password. If so, step 402 transmits a "New Password" command to the subscriber unit. A negative determination of decision 400 causes the routine to proceed to 20 decision 404, which determines whether the central has received a new password from a subscriber unit. Typically, an affirmative detarmination of decision 404 occurs when a subscriber initially powers up and transmits a newly g~nera~te~ password. Optionally the subscriber unit may have automatically ~enerated a new password 25 after the expiration of a timer or the occurrence of some event.
Accordingly, if the determination of decision 404 is that a new password has b~en r~ceived, the routine proce~ds to step 406, where the current password (in any) is reassigned as a prior password to make room for the new (current) password. The new password is 30 then stored as the curren~ (authoriz~d) password in step 408.
Following this, the routine returns to decision 400.
Decision 410 detsrmines whether the central has received a call request. If not, the routine returns deoision 400. However, if the determination of decision 410 is that a call request has been 35 received, the routins proceeds to decision 412, which determines wh0ther the subscriber's curren~ (authorized) password correlates (matches) the received password. The matching (or correlation) of - 14 - ' ~L31~9~6 CM-00338H
the passwords by the present invention consists of a bit-by-bit comparison requiring 100% correspondence. If the determination of decision 412 is that the passwords do not match, the routine proceeds to decision 414, which det~rmines whether the received S password correlates with the subscriber's prior password.
Preferably, the present invention stores only the last prior password as the prior password. Alternately, if the central has suitable memory capacity, several prior passwords may be stored for each subscriber ID. In such a case, decision 414 would determine whether the received password matched any o~ the prior passwords. If the determination of decision 414 is that ths received password and prior password correlate the routina proceeds to step 416, where a "Service Denied" command cod~ may be transmitted to the subscriber. Altsrnately, the central may communicate with a printer (or tha like) and list the subscriber ID code that has transmitted the incorrect password. This way, the system operator may determine whether or not to deny ~uture communication system access Preferably, if automatic denial of service is desired by a system operator, tha ~Service Denied" command eode is transmitted upon the first determination that the passwords are incorrect. The reason for this selectior! rasults from the fact that the present invention detects unauthorized users 3radually rather than by a more ruthless rnethod. In any event, to provide even more gradual detection, the centrat may have a password mismatch counter, which will count the number of times an incorrect password has been transmitted with a particular subscriber identification code. After a predetermined threshold has been reach0d, the system operator can be assured that unauthorized users exist and are transmitting the incorrect password.
Assuming now that the determination of decision 414 is that the received password does not correlate to the subscriber's prior password, the routine proceeds to stap 418, where the current password is reassigned as a prior password. Next, in step 418, the received password is stor0d as the current (authorized) password 3 5 and the routine proceeds to decision 420. These steps of the central's routine provide protection for an authorized subscriber that has lost ~he current password through some error. Thus, if the - 1S - ~ 3 ~ CM-00338H
received password does not match the current password (decision 412~, the central may allow the subsoriber access so lon~ as the received password does not match a prior password (decision 414).
Of course, the central may also monitor how often a subscriber S transmits a new password that does not match either the current or a previous password. Thus, if a subscriber attempted to circumvent the access protection afforded by the present invention by continually generating new passwords, the central may detect this occurrence an~ alert the system operator.
If the determination of decision 412 is that the received password matches the current password, or if the determination of decision 414 is that the received password did not match the subscriber's prior password, the routine proceed to decision 420, which determines whether a channel is available. If not, the routine proceeds to step 422 whare a "Busy" code may be transmitted to the subscriber. If, howevar, the detarmination of decision 420 is that a`
channel is available, the routine proceeds to step 424, where the central transmits a "Channel Grant" to the subscriber so that communications may proceed.
What is claimed is:
Claims (14)
OR PRIVILEGE IS CLAIMED ARE DEFINED AS FOLLOWS:
1. In a two-way communication system having a central unit and a plurality of subscriber units each having at least an identification code stored therein, a method of controlling access to the two-way communication system comprising the steps of:
in at least one of said plurality of subscriber units:
(a) generating a first random number as a first password code;
(b) transmitting at least said first password code and said identification code;
(c) receiving a command code and generating a second random number as a second password code in response thereto;
(d) transmitting at least said second password code and said identification code.
in at least one of said plurality of subscriber units:
(a) generating a first random number as a first password code;
(b) transmitting at least said first password code and said identification code;
(c) receiving a command code and generating a second random number as a second password code in response thereto;
(d) transmitting at least said second password code and said identification code.
2. In a two-way communication system having a central unit and a plurality of subscriber units each having at least an identification code and a first password code stored therein, a method of controlling access to the two-way communication system comprising the steps of:
(a) transmitting at least a call request code;
(b) receiving a command code and generating a random number as a second password code in response thereto;
(c) transmitting at least said second password code and said identification code; and (d) receiving a channel grant code.
(a) transmitting at least a call request code;
(b) receiving a command code and generating a random number as a second password code in response thereto;
(c) transmitting at least said second password code and said identification code; and (d) receiving a channel grant code.
3. In a two-way communication system having a central unit and a plurality of subscriber units each having at least an identification code and a first password code stored therein, a method of controlling access to the two-way communication system comprising the steps of:
in at least one of said plurality of subscriber units:
(a) receiving a command code and generating a random number as a second password code in response thereto;
(b) transmitting at least said second password code and said identification code.
in at least one of said plurality of subscriber units:
(a) receiving a command code and generating a random number as a second password code in response thereto;
(b) transmitting at least said second password code and said identification code.
4. In a two-way communication system having a central unit and a plurality of subscriber units each having at least an identification code stored therein, a method of controlling access to the two-way communication system comprising the steps of:
in at least one of said plurality of subscriber units:
(a) generating a first random number as a first password code;
(b) transmitting at least said first password code and said identification code;
(c) receiving a command code and generating a second random number as a second password code in response thereto;
(d) transmitting at least said second password code and said identification code;
at said central unit:
(a) receiving said first password code;
(b) transmitting said command code;
(c) receiving said second password code.
in at least one of said plurality of subscriber units:
(a) generating a first random number as a first password code;
(b) transmitting at least said first password code and said identification code;
(c) receiving a command code and generating a second random number as a second password code in response thereto;
(d) transmitting at least said second password code and said identification code;
at said central unit:
(a) receiving said first password code;
(b) transmitting said command code;
(c) receiving said second password code.
5. In a two-way communication system having a plurality of subscriber units each having at least an identification code and a first password code stored therein and at least ;one central unit designating said first password code as a current password code, a method of controlling access to the two-way commun-ication system comprising the steps of:
in at least one of said plurality of subscriber units;
(a) transmitting at least a call request code;
(b) receiving a command code and generating a random number as a second password code in response thereto;
(c) transmitting at least said second password code and said identification code: and (d) receiving a channel grant code, at said at least one central unit:
(a) receiving at least said call request code;
(b) transmitting said command code;
(c) receiving at least said second password code;
(d) determining whether said second password correlates to a current password;
(e) granting access to said two-way communication system if said second password correlates to said current password.
in at least one of said plurality of subscriber units;
(a) transmitting at least a call request code;
(b) receiving a command code and generating a random number as a second password code in response thereto;
(c) transmitting at least said second password code and said identification code: and (d) receiving a channel grant code, at said at least one central unit:
(a) receiving at least said call request code;
(b) transmitting said command code;
(c) receiving at least said second password code;
(d) determining whether said second password correlates to a current password;
(e) granting access to said two-way communication system if said second password correlates to said current password.
6. In a two-way communication system having a central unit and a plurality of subscriber units each having at least an identification code and a first password code stored therein, a method of controlling access to the two-way communication system comprising the steps of:
in at least one of said plurality of subscriber units:
(a) receiving a command code and generating a random number and a second password code in response thereto;
(b) transmitting at least second password code and said identification code;
at said central unit;
(a) transmitting said command code;
(b) receiving at least said second password code.
in at least one of said plurality of subscriber units:
(a) receiving a command code and generating a random number and a second password code in response thereto;
(b) transmitting at least second password code and said identification code;
at said central unit;
(a) transmitting said command code;
(b) receiving at least said second password code.
7. In a two-way communication system having a central unit and a plurality of subscriber units each having at least an identification code stored therein, a method of controlling access to the two-way communication system comprising the steps of:
in at least one of said plurality of subscriber units:
(a) generating a first random number as a first password code;
(b) transmitting at least said first password code and said identification code;
(c) generating a second random number as a second password code in response to a control signal;
(d) transmitting at least said second password code and said identification code; and, (e) receiving a channel grant code.
in at least one of said plurality of subscriber units:
(a) generating a first random number as a first password code;
(b) transmitting at least said first password code and said identification code;
(c) generating a second random number as a second password code in response to a control signal;
(d) transmitting at least said second password code and said identification code; and, (e) receiving a channel grant code.
8. In a two-way communication system having central unit and a plurality of subscriber units each having at least an identification code stored therein, a method of controlling access to the two-way communication system comprising the steps of:
in at least one of said plurality of subscriber units:
(a) generating a first random number as a first password code;
(b) transmitting at least said first password code and said identification code;
(c) generating a second random number as a second password code in response to a control signal;
(d) transmitting at least said second password code and said identification code; and (e) receiving a channel grant code;
at said central unit:
(a) receiving said first password code;
(b) receiving said second password code.
in at least one of said plurality of subscriber units:
(a) generating a first random number as a first password code;
(b) transmitting at least said first password code and said identification code;
(c) generating a second random number as a second password code in response to a control signal;
(d) transmitting at least said second password code and said identification code; and (e) receiving a channel grant code;
at said central unit:
(a) receiving said first password code;
(b) receiving said second password code.
9. The method of claim 4 or 8, which includes the central unit steps of:
(al) storing said first received password code, and operating thereafter using said first received password code as a current password code;
(c) storing said second received password code, and operat-ing thereafter using said first received password code as a previous password code, and using said second received password code as said current password code.
(al) storing said first received password code, and operating thereafter using said first received password code as a current password code;
(c) storing said second received password code, and operat-ing thereafter using said first received password code as a previous password code, and using said second received password code as said current password code.
10. The method of claims 5 or 6, which includes the central unit step of: (cl) storing said second received password code, and operating thereafter using said first received password code as a previous password code, and using said second received password code as a current password code.
11. The method of claim 5 or 8, which includes the central unit step of: (c) transmitting a channel grant code.
12. The method of claim 4 or 8, which includes the central unit steps of:
(al) storing said first password code as a current password;
(c) storing said first password code as a prior password;
and, storing said second password code as said current password.
(al) storing said first password code as a current password;
(c) storing said first password code as a prior password;
and, storing said second password code as said current password.
13. In a two-way communication system having a plurality of subscriber units each having at least an identification code and a first password code stored therein and at least one central unit designating said first password code as a current password code, a method of controlling access to the two-way communica-tion system comprising the steps of:
in at least one of said plurality of subscriber units;
(a) transmitting at least said call request code;
(b) receiving a command code and generating a second password code in response thereto;
(c) transmitting at least said second password code and said identification code;
at said at least one central unit:
(a) receiving at least said call request code;
(b) transmitting said command code;
(c) receiving at least said second password code;
(d) determining whether said second password correlates to a current password;
(e) determining whether said second password correlates to a prior password;
(f) granting access to said two-way communication system when said second password correlates with said current password or does not correlate to said prior password and does not correlate to said current password, else denying access to said two-way communication system.
in at least one of said plurality of subscriber units;
(a) transmitting at least said call request code;
(b) receiving a command code and generating a second password code in response thereto;
(c) transmitting at least said second password code and said identification code;
at said at least one central unit:
(a) receiving at least said call request code;
(b) transmitting said command code;
(c) receiving at least said second password code;
(d) determining whether said second password correlates to a current password;
(e) determining whether said second password correlates to a prior password;
(f) granting access to said two-way communication system when said second password correlates with said current password or does not correlate to said prior password and does not correlate to said current password, else denying access to said two-way communication system.
14. In a two-way communication system having a plurality of subscriber units each having at least an identification code and a first password code stored therein and at least one central unit having stored therein at least one current password and at least one prior cross-referenced to said identification codes of said plurality of subscriber units, a method of controlling access to the two-way communication system comprising the steps of:
at said at least one central unit:
(a) receiving at least a password code and an identification code to provide a received password;
(b) determining whether said received password correlates to a current password;
(c) determining whether said received password correlates to a prior password;
(d) granting access to said two-way communication system if said received password correlates to said current password or does not correlate to said prior password and does not correlate to said current password, else denying access to said two-way communication system.
at said at least one central unit:
(a) receiving at least a password code and an identification code to provide a received password;
(b) determining whether said received password correlates to a current password;
(c) determining whether said received password correlates to a prior password;
(d) granting access to said two-way communication system if said received password correlates to said current password or does not correlate to said prior password and does not correlate to said current password, else denying access to said two-way communication system.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US07/176,951 US4992783A (en) | 1988-04-04 | 1988-04-04 | Method and apparatus for controlling access to a communication system |
US176,951 | 1988-04-04 |
Publications (1)
Publication Number | Publication Date |
---|---|
CA1314956C true CA1314956C (en) | 1993-03-23 |
Family
ID=22646568
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA000588046A Expired - Fee Related CA1314956C (en) | 1988-04-04 | 1989-01-12 | Method and apparatus for controlling access to a communication system |
Country Status (4)
Country | Link |
---|---|
US (1) | US4992783A (en) |
EP (1) | EP0336079A3 (en) |
JP (1) | JPH0213035A (en) |
CA (1) | CA1314956C (en) |
Families Citing this family (54)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5239294A (en) * | 1989-07-12 | 1993-08-24 | Motorola, Inc. | Method and apparatus for authenication and protection of subscribers in telecommunication systems |
US5390245A (en) * | 1990-03-09 | 1995-02-14 | Telefonaktiebolaget L M Ericsson | Method of carrying out an authentication check between a base station and a mobile station in a mobile radio system |
US5572193A (en) * | 1990-12-07 | 1996-11-05 | Motorola, Inc. | Method for authentication and protection of subscribers in telecommunications systems |
US5214423A (en) * | 1991-04-22 | 1993-05-25 | Motorola, Inc. | Random number generation using volatile RAM |
US5163097A (en) * | 1991-08-07 | 1992-11-10 | Dynamicserve, Ltd. | Method and apparatus for providing secure access to a limited access system |
US5201000A (en) * | 1991-09-27 | 1993-04-06 | International Business Machines Corporation | Method for generating public and private key pairs without using a passphrase |
CA2078195C (en) * | 1991-11-27 | 1999-03-09 | Jack Kozik | Arrangement for detecting fraudulently identified mobile stations in a cellular mobile telecommunications network |
US5260988A (en) * | 1992-02-06 | 1993-11-09 | Motorola, Inc. | Apparatus and method for alternative radiotelephone system selection |
US5559505A (en) * | 1992-05-20 | 1996-09-24 | Lucent Technologies Inc. | Security system providing lockout for invalid access attempts |
US5287519A (en) * | 1992-09-17 | 1994-02-15 | International Business Machines Corp. | LAN station personal computer system with controlled data access for normal and unauthorized users and method |
US5604744A (en) | 1992-10-05 | 1997-02-18 | Telefonaktiebolaget Lm Ericsson | Digital control channels having logical channels for multiple access radiocommunication |
US5603081A (en) * | 1993-11-01 | 1997-02-11 | Telefonaktiebolaget Lm Ericsson | Method for communicating in a wireless communication system |
SE500565C2 (en) * | 1992-10-26 | 1994-07-18 | Ericsson Telefon Ab L M | Method of providing random access in a mobile radio system |
US5267314A (en) * | 1992-11-17 | 1993-11-30 | Leon Stambler | Secure transaction system and method utilized therein |
DE4242151C1 (en) * | 1992-12-14 | 1994-03-24 | Detecon Gmbh | Protecting mobile radio, e.g. telephone, against unauthorised use - comparing authentication parameter from input code to stored parameter, only allowing use if they match. |
TW234224B (en) * | 1993-04-19 | 1994-11-01 | Ericsson Ge Mobile Communicat | |
US5594429A (en) * | 1993-10-27 | 1997-01-14 | Alps Electric Co., Ltd. | Transmission and reception system and signal generation method for same |
CN1116888A (en) * | 1993-11-01 | 1996-02-14 | 艾利森电话股份有限公司 | Layer 2 protocol in a cellular communication system |
BR9405702A (en) * | 1993-11-01 | 1995-11-28 | Ericsson Telefon Ab L M | Processes for obtaining a report on the status of frames comprising a transmitted message to determine the ownership of frames for communication in a radio communication system and to identify to which mobile station a plurality of linked frames is being sent to base station and mobile station |
US5440758A (en) * | 1994-04-12 | 1995-08-08 | Motorola, Inc. | Method of preventing unauthorized access to a wireless communication system |
US5613215A (en) * | 1994-04-21 | 1997-03-18 | Motorola, Inc. | Method of transmitting security codes to communication units |
US5625870A (en) * | 1994-06-10 | 1997-04-29 | Uniden America Corporation | Fraud control for radio fleets in a land mobile radio system |
US5668876A (en) * | 1994-06-24 | 1997-09-16 | Telefonaktiebolaget Lm Ericsson | User authentication method and apparatus |
US5463617A (en) * | 1994-09-30 | 1995-10-31 | Grube; Gary W. | Method for providing caller interrupt in a time division multiplexed wireless communication system |
US6175557B1 (en) | 1994-10-31 | 2001-01-16 | Telefonaktiebolaget Lm Ericsson (Publ) | Layer 2 protocol in a cellular communication system |
US5828956A (en) * | 1994-12-30 | 1998-10-27 | Sony Electronics, Inc. | Programmable cellular telephone and system |
US6018656A (en) * | 1994-12-30 | 2000-01-25 | Sony Corporation | Programmable cellular telephone and system |
US6690796B1 (en) | 1995-05-17 | 2004-02-10 | The Chamberlain Group, Inc. | Rolling code security system |
DE69637072T2 (en) * | 1995-05-17 | 2008-01-10 | The Chamberlain Group, Inc., Elmhurst | ROLLING CODE SECURITY SYSTEM |
US6980655B2 (en) * | 2000-01-21 | 2005-12-27 | The Chamberlain Group, Inc. | Rolling code security system |
US6320493B1 (en) * | 1995-06-05 | 2001-11-20 | Advance Security Inc. | Remote control security system for automobile issuing a fixed basic code and two variable codes |
US5790892A (en) * | 1995-09-29 | 1998-08-04 | International Business Machines Corporation | Information handling system for modifying coherency response set to allow intervention of a read command so that the intervention is not allowed by the system memory |
DE19643658C1 (en) | 1996-10-22 | 1998-03-26 | Siemens Ag | Cordless mobile communications device calling method |
US5953652A (en) * | 1997-01-24 | 1999-09-14 | At&T Wireless Services Inc. | Detection of fraudulently registered mobile phones |
US6571290B2 (en) | 1997-06-19 | 2003-05-27 | Mymail, Inc. | Method and apparatus for providing fungible intercourse over a network |
US8516132B2 (en) | 1997-06-19 | 2013-08-20 | Mymail, Ltd. | Method of accessing a selected network |
US6781968B1 (en) | 1997-09-08 | 2004-08-24 | Marc Arnold | Wireless communication system, apparatus and method using an atmospheric platform having a wideband trunkline |
AU8567798A (en) | 1998-06-19 | 2000-01-05 | Netsafe, Inc. | Method and apparatus for providing connections over a network |
JP2000215131A (en) * | 1999-01-22 | 2000-08-04 | Canon Inc | Information processor, network system, information managing method and storage medium |
US6802000B1 (en) * | 1999-10-28 | 2004-10-05 | Xerox Corporation | System for authenticating access to online content referenced in hardcopy documents |
US7353274B1 (en) * | 2000-05-09 | 2008-04-01 | Medisys/Rjb Consulting, Inc. | Method, apparatus, and system for determining whether a computer is within a particular location |
GB2362543B (en) * | 2000-05-16 | 2003-12-03 | Sagem | Assembly of a cellular telephone and means for connection to a computer network |
US7676681B2 (en) * | 2003-06-17 | 2010-03-09 | Veratad Technologies, Llc | Method, system, and apparatus for identification number authentication |
US8302164B2 (en) * | 2004-07-22 | 2012-10-30 | Facebook, Inc. | Authorization and authentication based on an individual's social network |
US8422667B2 (en) | 2005-01-27 | 2013-04-16 | The Chamberlain Group, Inc. | Method and apparatus to facilitate transmission of an encrypted rolling code |
US9148409B2 (en) | 2005-06-30 | 2015-09-29 | The Chamberlain Group, Inc. | Method and apparatus to facilitate message transmission and reception using different transmission characteristics |
JP4247216B2 (en) * | 2005-08-23 | 2009-04-02 | 株式会社東芝 | Information processing apparatus and authentication control method |
CN100584054C (en) * | 2006-01-26 | 2010-01-20 | 华为技术有限公司 | System and method for carrying out authentication via cipher |
JP4800068B2 (en) * | 2006-02-23 | 2011-10-26 | 富士通株式会社 | Password management device, password management method, password management program |
US7882525B2 (en) * | 2007-04-23 | 2011-02-01 | Microsoft Corporation | Data collection for a comprehensive program guide |
US10652743B2 (en) | 2017-12-21 | 2020-05-12 | The Chamberlain Group, Inc. | Security system for a moveable barrier operator |
US11074773B1 (en) | 2018-06-27 | 2021-07-27 | The Chamberlain Group, Inc. | Network-based control of movable barrier operators for autonomous vehicles |
US11423717B2 (en) | 2018-08-01 | 2022-08-23 | The Chamberlain Group Llc | Movable barrier operator and transmitter pairing over a network |
US10997810B2 (en) | 2019-05-16 | 2021-05-04 | The Chamberlain Group, Inc. | In-vehicle transmitter training |
Family Cites Families (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3983337A (en) * | 1973-06-21 | 1976-09-28 | Babbco, Ltd. | Broad-band acoustic speaker |
US4310720A (en) * | 1978-03-31 | 1982-01-12 | Pitney Bowes Inc. | Computer accessing system |
US4268715A (en) * | 1978-05-03 | 1981-05-19 | Atalla Technovations | Method and apparatus for securing data transmissions |
US4218738A (en) * | 1978-05-05 | 1980-08-19 | International Business Machines Corporation | Method for authenticating the identity of a user of an information system |
US4602129A (en) * | 1979-11-26 | 1986-07-22 | Vmx, Inc. | Electronic audio communications system with versatile message delivery |
US4581486A (en) * | 1979-11-26 | 1986-04-08 | Vmx, Inc. | Electronic audio communications system with user accessible message groups |
US4295039A (en) * | 1979-12-03 | 1981-10-13 | International Business Machines Corporation | Method and apparatus for achieving secure password verification |
US4445712A (en) * | 1980-01-14 | 1984-05-01 | Id Code Industries, Inc. | Identification devices and methods |
US4348696A (en) * | 1980-09-08 | 1982-09-07 | Beier Galen C | Television viewing control device |
CA1171945A (en) * | 1981-04-16 | 1984-07-31 | Mitel Corporation | Voice recognizing telephone call denial system |
GB2120821B (en) * | 1982-05-18 | 1985-08-29 | Weyfringe Limited | Label printer |
DE3244049C2 (en) * | 1982-11-27 | 1986-06-26 | Kiekert GmbH & Co KG, 5628 Heiligenhaus | Central locking system for a motor vehicle |
US4626845A (en) * | 1983-02-28 | 1986-12-02 | Epic Systems, Inc. | Subscriber validation system |
US4590470A (en) * | 1983-07-11 | 1986-05-20 | At&T Bell Laboratories | User authentication system employing encryption functions |
US4623919A (en) * | 1983-08-11 | 1986-11-18 | Welch James D | Method and system for controlling access to transmitted modulated electromagnetic wave carried information |
US4654481A (en) * | 1983-10-04 | 1987-03-31 | Cellutron Corporation | Security system for cordless extension telephones |
US4630201A (en) * | 1984-02-14 | 1986-12-16 | International Security Note & Computer Corporation | On-line and off-line transaction security system using a code generated from a transaction parameter and a random number |
DE3420460A1 (en) * | 1984-06-01 | 1985-12-05 | Philips Patentverwaltung Gmbh, 2000 Hamburg | METHOD FOR DETECTING THE UNAUTHORIZED USE OF AN IDENTIFICATION ASSIGNED TO A MOVABLE RADIO STATION IN A RADIO TRANSMISSION SYSTEM |
DE3431726A1 (en) * | 1984-08-29 | 1986-03-13 | Philips Kommunikations Industrie AG, 8500 Nürnberg | Telecommunications network, in particular mobile radio network, with network-uniformly changeable keys |
DE3439120A1 (en) * | 1984-10-25 | 1986-05-07 | Philips Kommunikations Industrie AG, 8500 Nürnberg | Method for identifying a subscriber station of a telecommunications network |
US4672533A (en) * | 1984-12-19 | 1987-06-09 | Noble Richard G | Electronic linkage interface control security system and method |
US4802217A (en) * | 1985-06-07 | 1989-01-31 | Siemens Corporate Research & Support, Inc. | Method and apparatus for securing access to a computer facility |
JPS6231231A (en) * | 1985-08-02 | 1987-02-10 | Nec Corp | Password collating system |
NL8701069A (en) * | 1987-05-06 | 1988-12-01 | Nederlanden Staat | Password authentication system for mobile communications |
-
1988
- 1988-04-04 US US07/176,951 patent/US4992783A/en not_active Expired - Lifetime
-
1989
- 1989-01-12 CA CA000588046A patent/CA1314956C/en not_active Expired - Fee Related
- 1989-02-16 EP EP19890102625 patent/EP0336079A3/en not_active Withdrawn
- 1989-03-30 JP JP1076863A patent/JPH0213035A/en active Pending
Also Published As
Publication number | Publication date |
---|---|
US4992783A (en) | 1991-02-12 |
JPH0213035A (en) | 1990-01-17 |
EP0336079A3 (en) | 1990-12-19 |
EP0336079A2 (en) | 1989-10-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA1314956C (en) | Method and apparatus for controlling access to a communication system | |
US4964163A (en) | Method and apparatus for controlling access to a communication system | |
CA1261395A (en) | Method for dynamically regrouping subscribers on a communications system | |
EP0817518A2 (en) | Method for controlled access to a secured system | |
US5014345A (en) | Method for dynamically regrouping subscribers on a communications system | |
CA2258888C (en) | Method and apparatus for monitoring link activity to prevent system deadlock in a dispatch system | |
US4962449A (en) | Computer security system having remote location recognition and remote location lock-out | |
CA1306503C (en) | Shared data/voice communication system with programmable data priority | |
JP4545948B2 (en) | Method and apparatus for providing fair access to users with different signal delays in a group communication system | |
US6295284B1 (en) | Method and apparatus for providing fair access in a group communication system | |
US5960362A (en) | Method and apparatus for access regulation and system protection of a dispatch system | |
US5103445A (en) | Method of adapting a mobile radio communication system to traffic and performance requirements | |
US5625869A (en) | System for preventing unauthorized use of a micro cellular system operating in coexistence with a cellular system | |
US5572193A (en) | Method for authentication and protection of subscribers in telecommunications systems | |
US6832082B1 (en) | Initialization of handsets in a multi-line wireless phone system for secure communications | |
JP4263748B2 (en) | Method and apparatus for efficient system access within a dispatch system | |
JPH02502958A (en) | Improved signaling method for configuring trunk communications | |
US5267299A (en) | Automatic answering telephone apparatus with device to detect a remote control password | |
WO1995015623A1 (en) | A method for controlling a radio unit | |
US5638055A (en) | Communication resource allocation by interrupt status | |
AU677975B2 (en) | Call set-up in a transmission trunking radio system | |
US5613215A (en) | Method of transmitting security codes to communication units | |
JPS5829669B2 (en) | Mobile communication user-only method | |
CA1326510C (en) | Trunked radio repeater system | |
Taylor et al. | TACS-A demand assignment system for FLEETSAT |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
MKLA | Lapsed | ||
MKLA | Lapsed |
Effective date: 20000323 |