Showing papers on "Password published in 1985"

Computer key and computer lock system

Abstract: A computer access system includes a password generator (10) and an lock computer (50) connected to receive passwords generated by the password generator and grant access to a host computer (52) when a password from the password generator (10) matches a password separately generated by the lock computer (50). The password generator (10) and the lock computer (50) have corresponding pseudo-random number sequences stored in memories (26 and 90). The password generator (10) and the lock computer (50) have synchronized clocks (30 and 84), which define time intervals. During a given time interval, entry of a personal identification number in password generator (10) will cause the password generator (10) to generate a unique password from the random number sequence in memory (26) and time interval information from clock (30). The user transmits the so-generated password to the lock computer (50), which independently generates a comparison password from the corresponding pseudo-random number sequence stored in memory (90), and the time interval defined by clock (84). If the passwords match, access to computer (52) is granted by the lock computer (50). Since the valid passwords change with each time interval, subsequent use of an intercepted password will not grant access to the computer.

Apparatus and methods for granting access to computers

Abstract: When a computer user is granted access to certain capabilities of a computer he is often given a password signifying these capabilities. A problem arises in that unauthorized users may copy the password and so gain access to the capabilities. In the present invention an enciphered message relating to capabilities is stored in the tamper-resistant store of a circuit contained by a token. The store also holds the secret key of a public key encryption system so that the enciphered message and a distinctive message can be transformed ("signed") using the secret key and passed to the computer. The corresponding public key may then be used by the computer to carry out an inverse transverse form and check the enciphered and distinctive messages against signals sent from the token. If this check is successful the required access is granted. Preferably the public key is part of the enciphered message, especially where the token grants access to a distributed or fragmented computer system, since this avoids the necessity of making public keys available throughout a computer system.

Solid state key for controlling access to computer software.

Abstract: A semiconductor device (12) that functions as a key (12) to control access to a software program resident in a computer (68). The device (12) includes a continuously running pulse generator (60) that produces an output representative of real time, a shift register permanently storing a unique number and circuitry (64) for executing an algorithm that combines real time and the permanently stored unique number to produce a password (18). The password (18) is input to the computer (68). The computer (68) is coded to execute an equivalent algorithm to produce a password (88) within the computer (68). The two passwords are compared and access to the computer program is afforded only if they bear a prescribed relationship. The computer (68) can be coded to produce on the video display (74, 76) thereof a time-space pattern on the computer video display (74, 76, 78), circuitry (86) for deriving the stimulus number therefrom, and circuitry (88, 66) for processing the stimulus number so that the password (18) displayed by the key (12) is a function of the value of the stimulus number. The computer (68) executes a similar procedure on the stimulus number so that access to the software program is afforded only if correspondence exists between the user input password (18) and the password (88) generated in the computer (68).

Computer accessing system

Abstract: An operator from a computer terminal initially enters a password or passwords into a computer system over a specific terminal line. If the password or passwords transmitted over the specific terminal is recognized by a master command line interpreter, then the master command line interpreter compares the password or passwords and the specific terminal with a table stored in the computer system. If the comparison by the master command line interpreter is invalid, then the master command line interpreter instructs the computer system not to log in the operator's request for access to the computer system. If the comparison by the master command line interpreter is valid, then the master command line interpreter instructs the computer system to log in the operator's request for access to the computer system. The master command line interpreter also instructs the computer system to assign a selected user command line interpreter. The accessible data or tasks to which access is gained by the operator is the data or tasks associated with the assigned user command line interpreter.

Electronic audio communications system with voice authentication features

Abstract: An advanced electronic telecommunication system is provided for the deposit, storage and delivery of audio messages. A Voice Message System (10) interconnects multiple private branch exchanges (12) of a subscriber with a central telephone office (22). Individual subscriber users may access the Voice Message System (10) through ON NET telephones (18) or OFF NET telephones (24). The Voice Message System (10) includes an administrative subsystem (60), call processor subsystem (62) and a data storage subsystem (64). The Voice Message System (10) enables the user to deposit a message in data storage subsystem (64) for automatic delivery to other addressees connected to the system. The Voice Message System (10) also enables a user to access the system to determine if any messages have been stored in the data storage subsystem (64) for the user by first entering an identification code and then speaking a password. The password is compared to a speaker dependent template stored in the system. Pre-recorded instructional messages are deposited in the data storage subsystem (64) for instructing a user on the user's progress in using the system. A Universal Control Board is a programmable electronic digital signal processing means for controlling certain functions of the administrative subsystem (60), call processor subsystem (62) and data storage subsystem (64).

Method of software protection

Abstract: A cryptographic method for discouraging the copying and sharing of purchased software programs allows an encrypted program to be run on only a designated computer or, alternatively, to be run on any computer but only by the user possessing a designated smart card Each program offering sold by the software vendor is encrypted with a unique file key and then written on a diskette A user who purchases a diskette having written thereon an encrypted program must first obtain a secret password from the software vendor This password will allow the encrypted program to be recovered at a prescribed, designated computer having a properly implemented and initialised encryption feature The encryption feature decrypts the file key of the program from the password, and when the encrypted program is loaded at the proper computer, the program or a portion of it is automatically decrypted and written into a protected memory from which it can only be executed and not accessed for non-execution purposes In alternative embodiments, the user is not con- ; fined to a prescribed, designated computer but may use the program on other, different computers with a smart card provided the computers have a properly implemented and initialised encryption feature that accepts the smart card As a further modification, the cryptographic facility may support operations that enable the user to encrypt and decrypt user generated files and/or user generated programs

Autoteller exchangeable banknote cassette system

Abstract: An autoteller accepts on a ramp exchangeable banknote cassettes which can only be opened at the predetermined angle of the ramp when a key assembly on the ramp is presented to a lock. The cassettes may only have the key assembly presented to the lock when not on the ramp at an angle to the horizontal, whereat opening of the doors on the cassette is prevented by a blocking bar swinging to engage a notch in the opening mechanism to prevent operation of the opening mechanism. A processor in the autoteller accepts a password from an internal keypad, enters a wide access bank service routine if a first password is provided and a restrictive access third party service routine if a second password is provided, shutting down the autoteller if no correct password is provided within a predetermined number of tries in a predetermined time. In the third party service routine, the processor commands an internal printer to provide a first audit slip to the service personnel indicative of a running audit on the autoteller before servicing and after servicing the processor commands the printer to provide a second audit slip indicative of the running audit of the autoteller after servicing, the first and second audit slips providing accountability of the actions of service personnel.

Polonium: An Identity Authentication System

Abstract: Passwords have long been used as the most common method for providing user authentication when accessing remote computer systems. However, there are many security problems associated with passwords including their susceptibility to the attacks of eavesdropping, playback, and exhaustive search. This paper describes a system which offers an innovative solution to the problem of establishing identities over insecure communications channels. The system embodies the security concept of a one-time pad because it requires that a different password be used for each access. Through the possession of a personal authentication device (the PassPort) and knowledge of a unique PIN number, an authorized user is able to generate the correct password to be used for each access.

Toll restriction circuit for an electronic telephone station

Abstract: A circuit which prevents a telephone station from being used for unauthorized toll calls while allowing toll calls to be made when preceded by authorized passwords. When the telephone station is in the toll restriction mode of operation a microprocessor disconnects the tone generator from the keypad and provides audible and visual error signals upon detection of operation of the "0" or "1" keypad buttons. Upon detection of simultaneous operation of the "1" and "2" keypad buttons, the microprocessor provides audible and visual signals to prompt entry of a password. If a valid password is entered, the telephone station enters the unrestricted mode of operation and the toll restriction circuit is disabled until the handset is returned to the on-hook position after termination of the subsequent toll call. Upon detection of prolonged operation of the "1" keypad button, the telephone station enters the password update mode of operation and the microprocessor provides visual and audible signals to prompt entry of the old password followed by a double entry of the new password to ensure correct entry of that new password.

Method for access protection

Abstract: The use of a terminal of a data processing facility or data processing system or telecommunication switching system is enabled by the user in-putting a key number or a password via the input keyboard, a storage device with an interchangeable small and handy data carrier, connected to the terminal, containing the key number or the password at a particular storage location and the terminal being enabled in the case of a correspondence with the key number or the password input.

Distributed data system for medical records

Abstract: The data records of individuals are distributed on personal storage means (26) which can be carried by the individual. Preferably, the storage means are card shaped carriers of a magnetic storage area which can be read from and written to with magnetic read/write heads of an access device (14). The access device is controlled by a microprocessor (12) based terminal which executes system software to limit the access of particular files on the cards according to a hierarchal coding scheme. An identification file on the cards is accessible by an operator with a user password while a general file, an emergency file, and a private file are available only by having other passwords. A personal password generally known only by the individual carrying the card can be used to access any of the restricted files. An emergency password is used to access the emergency files and is provided to those selected individuals which interface with the public in emergency situations. A master password is provided to authorized personnel in the medical community to be able to access the general file.

On improvements to password security

Abstract: Due to the increasing value of information being stored in computers, it is important that unforgeable user authentication policies are implemented. Existing password authentication schemes, threats and counter-measures are described. A solution to eavesdropping problems using public-key cryptography is proposed. A technique to allow long password-phrases that makes an exhaustive search impracticable is presented.

Method for selective menu display based on password

Abstract: PURPOSE:To protect the security of menu display in a work station by selecting menu display on the basis of a password in accordance with an operator. CONSTITUTION:A list of program numbers and program titles fed to individual application programs 2-6 is stored in a menu table 8. Passwords are assigned to persons who are permitted to operate this system, and passwords are inputted when the system is started. A password correspondence table 9 indicates application programs which individual operators are permitted to use, and a menu flag is set at the intersection between a row of the password of a pertinent operator and a column of the application program, which he can use, out of intersections between rows of passwords fed to individual operators and columns corresponding to individual application programs. Thus, the security is protected.

Portable electronic device

Abstract: PURPOSE:To allow users with different interests to use an IC card without any disadvantages of other users by constituting the titled device in such a manner that it can have plural kinds of identification information and accesses to different types of data are permitted or prohibitted with respect to each identification information. CONSTITUTION:An IC card 1 being a protable electronic device incorporates an IC chip 2, which is constituted of CPU3 for control, a ROM4, an arithmetic part 5, a decision part 6 and a RAM7, a non volatile data memory 8 which stores a password number as plural identification information and is divided into plural areas, a permission flag part 9 having a permission table which checks conditions at every area in a data memory 8 are included, and an interface circuit 10, and inputs and outputs data through a connecting part 11. The flag part 9 has such tables that, for instance, assuming that questions and answers are stored in some area, when teacher's password number is inputted, reading permission data of questions and answers are stored in area (b) and (c), and when students' password number is inputted, reading permission data of questions and stored in area (d) and reading prohibiting data of answers are stored in an area (e).

Remote control system using password

Abstract: PURPOSE:To disable the shift of operation to remote control operation at the input of a different password to remove intentional mischief by expressing the password as a continuous numerical code, determining the number of digits and numerals in respective digits by required values and setting up these values optionally in a receiving part. CONSTITUTION:Both a password memory 19 and a setting memory 20 are constituted by using a part of a RAM18 and 4-bit codes corresponding to 11 digits are prepared. The user setting up the receiving part 3 selects the number of digits and numerals within 4-10 digits optionally as the password code, turns a mode selecting switch 13 to ''SET'' and inputs numerals through a 4X3 key pad 12 to store the password in the setting storage 20. The 1st series of PB signals received by the receiving part and converted into numerals by a PB receiver 9 are stored in the password storage 19 as a left-justify code. Whether a numerical string arranged before a mark # out of the contents stored in the memory 19 completely coincides with the contents of the setting memory 20 or not is discriminated by a micro-CPU15. If the contents do not coincide completely, a remote control rejecting message is sent to a telephone line 2 and then the operation of a relay 5 is stopped.

Collating method of memory for controller

Abstract: PURPOSE:To prevent knowhow from leaking out by limiting persons who can read out information stored in a read-only memory of a controller. CONSTITUTION:A program creator operates respective keyboards 12 and 25 of a program loader and a process controller to write a created program and a collation password in an ROM10. In case that the ROM10 is provided in the process controller, the collation password is stored in a collation code area of an RAM 24 by the command of a CPU21 when an operator designates a collation password on the keyboard 25. Next, when the keyboard 25 is operated to reguest the read of the ROM10, the CPU21 reads out the collation password stored in the ROM10 and stores it in the RAM24. The CPU21 compares the designated collation password and the collation password in the ROM10 with each other; and only when they coincide with each other, the program in the ROM10 is read out and is stored in the RAM24 and is displayed on a display device 26. If both passwords do not coincide, the program in the ROM10 is not read out.

Password management system

Abstract: PURPOSE:To make it possible that a manager inspects directly the whole of users in real time only with a host computer, by providing the host computer with a host password data base. CONSTITUTION:When registration of a new user is requested from a local terminal 71, a local computer 21 registers a password from the terminal 71 to a host password data base 4 through a password registration management function of a host computer 1. This password is registered in a local password data base 51 also. Passwords from a host terminal 6 are registered by similar procedures. Then, the system manager can inspect passwords of the whole of the system directly in real time without accessing individual local password data bases (51- 5n) from the terminal 6. Thus, it is possible that devices other than the host computer are unnecessary for the passward registration management function.

Data protection processing system

Abstract: PURPOSE:To inhibit the illegal access of an external large storage medium by arranging a means for checking a password in a medium and that applied from an upper device in an I/O control device so that the contents stored in the external large storage medium are protected. CONSTITUTION:When the loaded medium is turned to ready state, a disk control device 3 immediately reads out a password 7 described in a VTOC of the medium and stores the read-out contents in a proper memory. When a channel interruption is generated under said condition, whether reading/writing from/in the VTOC is available or not is checked, and if the reading/writing is availabe, whether the password 7 of the stored volume of the medium is blank or not is checked. When the password 7 is described, a password sent from a central processor 1-1 in accordance with the applied command is taken out. Said two passwords are compared, and if both the passwords are inconsistent, an error is generated. In case of coincidence, processing corresponding to the command is executed.

Connection regulating system

Abstract: PURPOSE: To carryout an output and connection control according to a regulating level when a password number coincides on referring to a table and perform a flexible outgoing control by providing the connection regulating table in which the regulating level and the password number are registered in order to deal with a telephone set. CONSTITUTION: To a channel network 1 of a system, plural telephone sets A∼N, an output trunk OGT4 and a local trunk IOT5 are connected. A connection regulating table 3 in which a regulating level and a password number are registered in order to deal with the telephone sets A∼N is connected to the network 1 by a central control unit 2. In this system, after off-hooking (1), a specific number dial (2) transmitted from a trunk line, a password number dial (3) and a trunk line number dial (4) are performed. The table 3 is retrieved by the unit 2, the password number registered for dealing with the telephone sets A∼N is referred with a password number from a transmission telephone set to decide the regulating level and based on the regulating level, the unit 2 controls the network 1. COPYRIGHT: (C)1987,JPO&Japio

Password application system

Abstract: PURPOSE:To prevent effectively the foul use of a card by providing a timer circuit by starting a timer in case a password shows discordance continuously and in a fixed frequency and discontinuing the working of a device for a fixed period of time. CONSTITUTION:A user inserts a card 1 to a card reader 2 and feeds a password through a keyboard 4, and the input given through the keyboard 4 is applied to the input at one side of a comparator 5. Then a fact that a main body system 20 is available is accepted and displayed 6 when the coincidence is obtained between both passwords. While a rejection state is displayed 7 when no coincidence is obtained between both passwords. In this case, a counter 8 is counted up. A timer 11 is provided and started when a coincidence output with a constant is delivered from a comparator 9. At the same time, an FF12 is set to display 10 a pause state. An AND circuit 13 is also closed to inhibit an input carried out through the keyboard 4. Then the counter 8 and the FF12 are reset via an OR gate 15 when a prescribed period passes. Thus an input enable state is obtained again.

Secrecy protection system by time lock

Abstract: PURPOSE:To attain delicate secrecy protection operation and system operation by providing an access limit time so as to limit the access to a system or a data according to the time. CONSTITUTION:When the user accesses the system 1, a profile name and a password are designated from a terminal device 2. When the system 1 receives an access request, the password in a system access managing table 3-1 and an input password are compared and an access limit time and a system clock 5 are compared. As a result, when the passwords are not coincident or the access limit time is processed, the access of the system by the user is inhibited. The comparison of profile name and the check of the access limit time are conducted by a data managing table 4-1 and the clock 5 similarly in case of access to the data. Delicate secrecy protection operation and system operation are attained by providing the access limit time in this way.

Picture information storage retriever

Abstract: PURPOSE:To attain accesses to plural files with just a single piece of password information by using the 1st password information groups which is set every first unit and the 2nd password information which is set to the second unit including plural first units. CONSTITUTION:The retrieval information (picture information names) of picture information 1-1-2-2 and the memory head address of the corresponding picture information stored on an optical disk are systematized for every file 1 and file 2 respectively and stored with control on a picture information retrieval table area 32. The names and secret codes of both files 1 and 2 are stored to a file information retrieval table area 31. In addition, a common secret code within a retriever is stored in a prescribed memory area on a magnetic disk together with the storage head address of the next picture information which can start the storage of the next picture information on the optical disk.

Individual collating device

Abstract: PURPOSE:To prevent a card from being used illegally by the 3rd party by registering a false password for preventing the illegal use of the card previously in addition to the correct password of the holder CONSTITUTION:A customer inserts a card into a card insertion slot 2 to check on its normalcy, and when the card is normal, the key input of a password is guided on a CRT6 and the keyed password is read in a memory This password read in this memory is compared with a previously inputted real password, and when they are coincident, card check processing is completed When not, a false password is read out of the memory and compared with the keyed input password to decide on the illegal use of the card when they are not coincident with each other Thus, the false password is registered previously to prevent the card from being used illegally

Password setting system

Abstract: PURPOSE:To obviate such a danger as a password is known to other person than the person himself, by inputting a temporary password which has been set in advance, at the time of generating a portable medium, at the time registering a main password to a password collating function of the portable medium CONSTITUTION:A user inputs a temporary password number by a keyboard 12 A signal corresponding to this input and a signal for showing a teller machine are supplied to a CPU 3 from a CPU 11, and the CPU 3 stores the supplied password number in a RAM 5 Subsequently, the CPU 3 compares the thrown-in password number of the RAM 5 and a temporary password number which has been stored in an E PROM 4, a result of this comparison is outputted to the CPU 11, and as a result thereof, when a coincidence signal is supplied, the CPU 11 decides that the main password number can be set, and a guidance of 'Please thrown in the main password because it is registered' is displayed by a CRT display device 13 By this guidance, a user inputs the main password number by the keyboard 12

Outgoing connection control system

Abstract: PURPOSE:To enable to change outgoing connection control and permission control freely by dial inputting password number registered beforehand by a maintenance person, special number for outgoing connection control and special number for releasing control from a subscriber's terminal set. CONSTITUTION:When determining the limit of outgoing connection control of a terminal 5, a person in charge of maintenance stores subscriber's data in a memory 2 through an input/output device 1 and a central controler 3. The subscriber stores the limit of outgoing connection of the terminal 5 to the memory 2 by dial operation from the terminal 5. Registration of outgoing connection control is made by the subscriber by dialing special number for outgoing connection registration and passward number registered in the exchange by maintenance command. When dialed number is outgoing connection, a call control program reads the limit of outgoing connection control of transmitting subscriber, and discriminates whether it is call of object of control or not. When it is call of object of control, reads out indication of active or inactive of outgoing connection control. If it is active state, makes outgoing connection control process.

Method of collating password number

Abstract: PURPOSE:To use the same account using plural magnetic cards by registering a password number corresponding to plural collating numbers corresponding to the same account number in a password number collating file. CONSTITUTION:When a customer operates a terminal equipment as specified, a CPU5a reads an account number 4a(1234) and collation number 4b(1) stored in the storing section 2 of the magnetic card 1 from a card reading device 3. The CPU5 sends a specified signal to a central computer 7 through an exclusive circuit 6 and takes out a password number (9876) corresponding to a collation number 1 out of the account number (1234) from a password number collating file 4. Then, the customer himself inputs his own password number (9876) through a keyboard 5c. When the CPU5a judged that the two password code numbers coincide, enables the customer to perform various transactions utilizing the account by himself.

Validity confirming system in transaction device

Abstract: PURPOSE:To shorten a transaction time by receiving a customer's password from a central processing unit and storing it, in case the password which is inputted for the first time is not valid, collating the stored code with the inputted code, and confirming the validity of the code which is inputted for the second time and thereafter, by a transaction device. CONSTITUTION:A card processing mechanism part 24A for inputting and outputting a transaction medium P, slip processing mechanism part 24B, paid paper money processing mechanism part 25, operation guide display part 4 and an internal monitor 401, etc. are connected to a control part 26 of a transaction device 400. Also, central processing unit 402, maintenance transmission and reception processing device 403 and a guard transmission and reception processing device 404 are connected to a circuit connecting part 26B of the control part 26. A main control part 26A having a memory 26a, and cancelling and automatic counters 26b, 26c is provided on this control part 26. In this state, under the control of the control part 26A, in case a password which is inputted for the first time is not normal, its code is received from the unit 402 and stored in the memory 26a, the validity of a password which is inputted for the second time and thereafter is confirmed by the transaction device 400, and the transaction time is shortened.

Personal identification system

Abstract: PURPOSE:To confirm a medium owner and a medium owner himself by ciphering a recorded signature by using a password No. as its decoding key to record the registered signature on the medium and decoding the registered signature by using the password No. as its key to display the registered signature. CONSTITUTION:The registered signature is read out by a scanner, ciphered by using the password No. as its key and written in an optical card as picture data to form a credit card. The card owner inserts the card into an optical card reader and simultaneously inputs the password No., so that the picture is reproduced by using these input data as decoding keys on the basis of cipher deciphering logic and the reproduced picture is displayed on a display. The matching of the displayed registered signature with a counter signature on a slip is checked to confirm the identification of the card owner with the card owner himself.

Privacy line interrupting system

Abstract: PURPOSE:To make it possible that a subscriber having a high priority level dials a password number to perform forcibly an interrupt call to an exchange channel, which declarative sentences pass, for privacy communication between subscribers CONSTITUTION:Subscribers 1 and 2 are switched and connected by an exchange 7, and the line between them is made secret by privacy devices 4, 14, 5, and 15, but declarative sentences pass the channel of the exchange 7 If a subscriber 3 having a priority level higher than those of subscribers 1 and 2 hooks on the handset temporarily and dials the password number after he calls the subscriber 1 or 2 and is busy, the exchange 7 discriminates precedence, and the exchange 7 performs forcibly bridge cut off because the subscriber 3 has a higher priority level

External system of secret protecting information

Abstract: PURPOSE:To prevent the use without permission of the individual property data to other persons by protecting the secret protecting information with an external memory means which can be controlled individually and therefore protecting the individual data. CONSTITUTION:A user of a work station WK1 finishes production of a file A with addition of the secret protecting information and then puts a floppy disk FPD1 on a device. Then the user designates the FPD1 and supplies a SECRET OUT command. Thus the secret protecting information of the file a is written to the FPD1 together with the name of the file A. When this writing is over, the secret protecting information excluding the password of the file A is crossed out of a disk volume DSV. When the file A in the DSV is referred to, the disk FPD1 is designated to feed a SECRET IN command. The only the secret protecting information that has a coincident password is written with correspondence to the file A.