Patent•
Data communication systems and methods
15 May 1987-
TL;DR: In this paper, the authors propose a check-sum or MAC that is computed from the data within the message in dependence upon a cryptographic key. But this MAC is issued as a "challenge" to the user who is also equipped with a separate portable token for computing a "response" in dependent upon a second cryptographic key which is unique to his token.
Abstract: In order to improve the security of message transmission from a terminal apparatus in an electronic banking or other data communications system a check-sum or MAC is computed from the data within the message in dependence upon a cryptographic key. This MAC is issued as a "challenge" to the user who is also equipped with a separate portable token for computing a "response" in dependence upon a second cryptographic key which is unique to his token. This "response" is then entered into the terminal and appended to the message as its authentication code before transmission. A recipient of the message and authentication code equipped with the same cryptographic keys can therefore check both the contents of the message and the correct identity of the sender by computing an expected authentication code from the received message and comparing it with the code received.
Citations
More filters
Patent•
05 Jul 2001
TL;DR: In this paper, a business model for the creation, maintenance, transmission, and use of digital medical records is presented, which allows financial burdens to be reallocated optimally and equitably, resulting in decreased overall societal cost.
Abstract: A method of maintaining digital medical records, comprising a step of receiving a medical transaction record (102), encrypted with a key in accordance with a patient-file association. Also comprising a step of accessing the encrypted medical transaction record according to a patient association with the record (111). And further comprising a step of re-encryption of the encrypted accessed medical transaction record with a key associated with an intended recipient of the medical record. The system and method according to the present invention presents a new business model for creation, maintenance, transmission, and use of medical records. The invention also allows financial burdens to be reallocated optimally and equitably, resulting in decreased overall societal cost and providing a successful business model for a database proprietor. Secure entrusted medical records are held in trust by an independent third party on behalf of the patient (113), and serve the medical community at large. Separately encrypted record elements may be aggregated as an information polymer.
1,457 citations
Patent•
25 Mar 2002
TL;DR: In this paper, the authors propose a system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first parties and the second parties.
Abstract: A system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, transmitting an identifier of the first party to the second party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first party and the second party. The data transmission may be made secure with respect to the intermediary by providing an asymmetric key or direct key exchange for encryption of the communication between the first and second party. The data transmission may be made secure with respect to the second party by maintaining the information in encrypted format at the second party, with the decryption key held only by the intermediary, and transmitting a secure composite of the decryption key and a new encryption key to the second party for transcoding of the data record, and providing the new decryption key to the first party, so that the information transmitted to the first party can be comprehended by it.
1,193 citations
Patent•
01 Feb 1999
TL;DR: An adaptive interface for a programmable system, for predicting a desired user function, based on user history, as well as machine internal status and context, is presented for confirmation by the user, and the predictive mechanism is updated based on this feedback as mentioned in this paper.
Abstract: An adaptive interface for a programmable system, for predicting a desired user function, based on user history, as well as machine internal status and context. The apparatus receives an input from the user and other data. A predicted input is presented for confirmation by the user, and the predictive mechanism is updated based on this feedback. Also provided is a pattern recognition system for a multimedia device, wherein a user input is matched to a video stream on a conceptual basis, allowing inexact programming of a multimedia device. The system analyzes a data stream for correspondence with a data pattern for processing and storage. The data stream is subjected to adaptive pattern recognition to extract features of interest to provide a highly compressed representation that may be efficiently processed to determine correspondence. Applications of the interface and system include a video cassette recorder (VCR), medical device, vehicle control system, audio device, environmental control system, securities trading terminal, and smart house. The system optionally includes an actuator for effecting the environment of operation, allowing closed-loop feedback operation and automated learning.
1,182 citations
Patent•
03 Oct 2006
TL;DR: In this paper, the authors propose a method for providing unequal allocation of rights among agents while operating according to fair principles, comprising assigning a hierarchal rank to each agent, providing a synthetic economic value to a first set of agents at the a high level of the hierarchy, allocating portions of the synthetic economy value by the first sets of agents to a second subset of agents, at respectively different hierarchal ranks than the first set, and conducting an auction amongst agents using the synthetic economic values as the currency.
Abstract: A method for providing unequal allocation of rights among agents while operating according to fair principles, comprising assigning a hierarchal rank to each agent; providing a synthetic economic value to a first set of agents at the a high level of the hierarchy; allocating portions of the synthetic economic value by the first set of agents to a second set of agents at respectively different hierarchal rank than the first set of agents; and conducting an auction amongst agents using the synthetic economic value as the currency. A method for allocation among agents, comprising assigning a wealth generation function for generating future wealth to each of a plurality of agents, communicating subjective market information between agents, and transferring wealth generated by the secure wealth generation function between agents in consideration of a market transaction. The method may further comprise the step of transferring at least a portion of the wealth generation function between agents.
850 citations
Patent•
30 Apr 1991
TL;DR: In this article, the PIN is mixed with the non-predictable code before transmission of these values to the central verification computer, and then compared with the mixed PIN and code which is transmitted to the verification computer.
Abstract: A method and apparatus for providing improved security for a personal identification number (PIN) in a personal identification and verification system of the type wherein a time dependent nonpredictable code is generated at a device in the possession of the individual (36), which code is unique to the individual and this code is communicated to, and compared with a nonpredictable code generated at a central verification computer (46). In this system, the PIN is mixed with the nonpredictable code before transmission of these values to the central verification computer (38). A nonsecret code (30) is previously transmitted to the central verification computer and is used by the verification computer to retrieve the PIN and independently generate the time dependent appropriate nonpredictable code for the user (74). These retrieved PIN and generated code values are used by the verification computer either (a) to strip the PIN from the transmitted nonpredictable code (42) and the stripped PIN and remaining nonpredictable code are compared with the corresponding retrieved values in order to determine verification (44, 46); or (b) to be mixed and then compared with the mixed PIN and code which is transmitted to the verification computer (144).
361 citations
References
More filters
Patent•
07 Mar 1984
TL;DR: In this paper, a portable electronic transaction device and a terminal are presented, which is arranged to operate in either a stand-alone mode during which it monitors itself for abnormal conditions or in an operating mode for the transmission of information there between.
Abstract: A portable electronic transaction device and a terminal therefor. The device comprises a central data processor, a fixed memory, an adaptable memory, optical means for transmitting and receiving information to and from the terminal and self-contained power source means, such as an on-board battery. The device is arranged to operate in either a stand-alone mode during which it monitors itself for abnormal conditions or in an operating mode during which it communicates with said terminal for the transmission of information therebetween. The device also includes cryptographic means for encrypting outgoing information and decrypting incoming information in accordance with cryptographic information stored in its memory. The cryptographic information is modified as a function of time by clock means in the device and/or a function of information transmitted to the device by the terminal or stored in the device. During the standby mode of operation the device monitors itself, whereas in its operational mode it communicates with the terminal. Power for the standy mode is provided, via the on-board battery. Power for the operation of the device in the operational mode is provided via photocells in the device which are arranged to receive light from lamp means in the terminal.
406 citations
Patent•
19 Oct 1981TL;DR: In this paper, the authors disclosed a protection system for intelligent cards, in which each card has stored in it a code which is the encryption of a concatenation of a user secret password and a common reference text.
Abstract: There is disclosed a protection system for intelligent cards. Each card has stored in it a code which is the encryption of a concatenation of a user secret password and a common reference text. The encryption is derived by an initialization terminal which uses the private key associated with the public key of a public-key cryptosystem key pair. Each transaction terminal with which a card is used decrypts the stored code in accordance with the public key. A transaction is effected only if the stored code decrypts into the user password which is inputted on a keyboard and the common reference text.
313 citations
Patent•
05 Feb 1979
TL;DR: In this article, a method and apparatus for improving the security of data transmissions between stations was proposed, which obviates the need for transmitting user-identification information such as personal identification number (PIN) from station to station, e.g., from the station utilized by the user to enter his PIN and initiate a transaction, to the station that processes the transaction.
Abstract: A method and apparatus are provided for improving the security of data transmissions between stations. The method obviates the need for transmitting user-identification information such as personal identification number (PIN) from station to station, e.g., from the station utilized by the user to enter his PIN and initiate a transaction, to the station that processes the transaction. Also, for added security, the method provides for encryption (encoding) and decryption (decoding) of data during a transaction using encryption and decryption keys produced from different (independent) PINs. The apparatus includes at least one irreversible algorithm module, a random number generator and at least one data file (e.g., disc or magnetic tape storage). The apparatus also includes a comparator or, alternatively, an encoding algorithm module and a matching decoding algorithm module.
151 citations
Patent•
IBM1
TL;DR: In this article, the authors present a secure message transmission protocol for electronic funds transfer, where a bank is required to reasonably guarantee that the two parties to a retail transaction (i.e., a person and a retailer) agree on the transaction before the funds transfer takes place.
Abstract: METHOD AND APPARATUS FOR SECURE MESSAGE TRANSMISSION FOR USE IN ELECTRONIC FUNDS TRANSFER SYSTEMS Abstract An electronic funds transfer system wherein it is required that a bank be reasonably guaranteed that the two parties to a retail transaction (i.e., a person and a retailer), agree on the transaction before the funds transfer takes place. The message including the transaction information is encryp-ted by the person using a unique encryption key (Kp) stored in a highly secure storage location in his own personal portable transaction device (XATR) and his data storage and transfer card (DSTC) and this first encrypted message is sent to the retailer who doubly encrypts the initially received encrypted message from P under his own unique encryption key (KR) and this doubly encrypted message is sent to the bank. The person also sends the transaction message to the retailer in clear, and the retailer first verifies the message and then, utilizing his own encryption key (KR), encrypts same and similarly sends it to the bank. The bank utilizing unique retailer and customer identifica-tion data sent with the message, accesses a "key" file and first extracts the retailer's key (KR) and decrypts a first portion of the message, extracts the person's key (Kp) and decrypts a second portion of the received message. The bank then compares a predetermined portion of the transaction message originating with the person with a similar portion received from the retailer and if identical, it is presumed that both the person and the retailer agreed to the trans-action and the appropriate funds transfer is made. If the messages do not agree, some sort of default procedure occurs.
140 citations
Patent•
04 Sep 1985TL;DR: In this article, a card holder inputs personal identification number (PIN') data as secret data and transaction data (AMT) in an LSI in an identification card through a keyboard, and the LSI calculates encrypted data (SAN) in accordance with the input data (PIN' and AMT).
Abstract: A card holder inputs personal identification number (PIN') data as secret data and transaction data (AMT) in an LSI in an identification card through a keyboard. The LSI calculates encrypted data (SAN) in accordance with the input data (PIN' and AMT). The encrypted data (SAN) is shown by the card holder to a cashier at a point-of-sales (POS) terminal. The POS terminal performs authentication of the card and the card holder in accordance with the encrypted data (SAN).
116 citations