WO2000011538A1 - Improvements in and relating to access control - Google Patents
Improvements in and relating to access control Download PDFInfo
- Publication number
- WO2000011538A1 WO2000011538A1 PCT/GB1999/002673 GB9902673W WO0011538A1 WO 2000011538 A1 WO2000011538 A1 WO 2000011538A1 GB 9902673 W GB9902673 W GB 9902673W WO 0011538 A1 WO0011538 A1 WO 0011538A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- password
- combined
- encrypted
- code
- controlling access
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Definitions
- the present invention relates to access control devices and methods .
- Password protection is often used to control access to data or software as a result of which considerable attention has been paid to the breaking of password protection.
- the password may be user-selected or allocated in some other way.
- the selected password is stored (102) at a memory location within the device.
- the device then enters its normal operation (104) as part of which it determines as each access request is submitted whether this is a password protected access (106) . If it is not a password protected access, the "NO" branch is followed and normal operation resumes. If it is a password protected access, the "YES” branch is followed and a password is requested (108) .
- the input password is compared (110) with the password stored at a memory location. If the input password is the same as the stored password (112) the
- alerts or alarms may be activated.
- a de-bug program can be run alongside the password protection.
- the de-bug program can, upon entry of any password, follow the program to the memory location at which the correct password is stored for comparison purposes.
- the de-bug program can then be used to copy the stored password from that memory location for correct entry.
- the prior art method and corresponding device described above is vulnerable to attack and to the bypass of the password security even if the data is encrypted.
- an access control device comprising means for receiving an input password, means for combining the input password with a pre-selected code thereby to produce a combined password, and means for decrypting encrypted code using the combined password.
- the apparatus further comprises means for encrypting the combined password and the encrypted combined password is used for decryption.
- a method of controlling access comprises the steps of receiving an input password, combining the input password with a predetermined code to produce a combined password, and decrypting encrypted code using the combined password.
- the combined password is encrypted and the encrypted combined password is used for decrypting encrypted code.
- the encrypted combined password is a key for decryption of the encrypted code.
- the password is an alphanumeric string.
- the code is an alphanumeric string.
- the pre-stored access password comprises a pre-selected password combined with the predetermined code, which combination is encrypted.
- the combined pre-selected password is encrypted according to the encryption algorithm used for the combined password.
- the encryption is substantially unreversible (asymmetric) .
- the encryption algorithm will be a public key algorithm.
- a carrier comprising a computer program according to the third aspect of the invention.
- Figure 1 is a representative flow diagram of a prior art access control method.
- FIG. 2 is a representative functional flow diagram of an access control method according to the present invention.
- a flow diagram illustrating a method according to the present invention, according to which method a corresponding device may operate.
- a password is selected.
- the password may be user-selected or chosen in some other way.
- the selected password is then combined with (202) with a longer password string at pre-selected locations therewithin. This produces a combined password which is encoded (204) .
- the encoding step will comprise a public key, substantially irreversible, encryption, but in theory could be as simple as carrying out an AND or XOR operation.
- the encrypted combined password is used as an encryption key to encrypt data (206) which may be software. Notably, the encrypted combined password is not stored in any memory location. Following this the device enters normal operation (208) as part of which it checks (210) whether a requested data/software access is password protected. If the access is not password protected the "NO" branch is followed back to normal operation. Otherwise, the "YES" branch is followed and a request is made for a password to be input (212) . Upon input of a password, it is inserted into pre-selected locations of the predetermined string (214) . This is the same predetermined string with which the original password is combined (202) . This produces a combined password which is encrypted at (216) using the same encryption as at (204) .
- the encrypted combined password is used as a decryption key to decrypt the encrypted data/software to which access is sought. Therefore only entry of a correct password will properly decrypt the data/software.
- the password "FRED" may be entered by a user.
- the selected password is combined with the string A7BX2Q66FEAR3YD at locations subsequent to characters 2, 6, 9 and 13 (by order). This produces (202) the following combined result: A7FBXS2RQ66EFEARD3YD.
- the underlined letters are the password letters inserted at pre-selected points within the longer string. They are underlined for the purposes of explanation only.
- the combined password is encrypted according to any encryption method.
- a public key encryption is used but this need not be the case. This may result in an output as follows: 3XTAV278BAD99X.
- the encrypted result need not be the same length as the combined password.
- the encrypted combined password is then used as an encryption key to encrypt data or software.
- password protected access is sought (210)
- an input password is requested (212) .
- an incorrect password is entered, for instance "MOUSE” it will be combined (214) with the pre-selected string at the preselected locations to give the following result A7MBXS20Q66UFEARS3YED.
- This combined input password is then encrypted (216) according to the same encryption used at step (204) and used as a decryption key to decrypt the encrypted data. As the key is wrong the decryption will be inaccurate .
- passwords any signal or combination of signals and need not be a word at all.
- a device operating as set out above with reference to preferred embodiments of the invention may be embodied in computer software in a digital computer or otherwise, for instance on a carrier such as a floppy disk, compact disk or hard drive.
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2000566736A JP2002523942A (en) | 1998-08-20 | 1999-08-12 | Improved access management and improvements related to access management |
AU53812/99A AU5381299A (en) | 1998-08-20 | 1999-08-12 | Improvements in and relating to access control |
EP99939543A EP1105785A1 (en) | 1998-08-20 | 1999-08-12 | Improvements in and relating to access control |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB9818187.8 | 1998-08-20 | ||
GB9818187A GB9818187D0 (en) | 1998-08-20 | 1998-08-20 | Improvements in and relating to access control |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2000011538A1 true WO2000011538A1 (en) | 2000-03-02 |
Family
ID=10837587
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/GB1999/002673 WO2000011538A1 (en) | 1998-08-20 | 1999-08-12 | Improvements in and relating to access control |
Country Status (5)
Country | Link |
---|---|
EP (1) | EP1105785A1 (en) |
JP (1) | JP2002523942A (en) |
AU (1) | AU5381299A (en) |
GB (1) | GB9818187D0 (en) |
WO (1) | WO2000011538A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102016012191A1 (en) * | 2016-10-12 | 2018-04-12 | Uwe Zühlke | Method for increasing the protection of password-protected computers and computer systems against hacker attacks |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5485519A (en) * | 1991-06-07 | 1996-01-16 | Security Dynamics Technologies, Inc. | Enhanced security for a secure token code |
US5677952A (en) * | 1993-12-06 | 1997-10-14 | International Business Machines Corporation | Method to protect information on a computer storage device |
US5768373A (en) * | 1996-05-06 | 1998-06-16 | Symantec Corporation | Method for providing a secure non-reusable one-time password |
-
1998
- 1998-08-20 GB GB9818187A patent/GB9818187D0/en not_active Ceased
-
1999
- 1999-08-12 JP JP2000566736A patent/JP2002523942A/en active Pending
- 1999-08-12 AU AU53812/99A patent/AU5381299A/en not_active Abandoned
- 1999-08-12 WO PCT/GB1999/002673 patent/WO2000011538A1/en not_active Application Discontinuation
- 1999-08-12 EP EP99939543A patent/EP1105785A1/en not_active Withdrawn
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5485519A (en) * | 1991-06-07 | 1996-01-16 | Security Dynamics Technologies, Inc. | Enhanced security for a secure token code |
US5677952A (en) * | 1993-12-06 | 1997-10-14 | International Business Machines Corporation | Method to protect information on a computer storage device |
US5768373A (en) * | 1996-05-06 | 1998-06-16 | Symantec Corporation | Method for providing a secure non-reusable one-time password |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102016012191A1 (en) * | 2016-10-12 | 2018-04-12 | Uwe Zühlke | Method for increasing the protection of password-protected computers and computer systems against hacker attacks |
Also Published As
Publication number | Publication date |
---|---|
AU5381299A (en) | 2000-03-14 |
EP1105785A1 (en) | 2001-06-13 |
GB9818187D0 (en) | 1998-10-14 |
JP2002523942A (en) | 2002-07-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9117095B2 (en) | Data security for digital data storage | |
EP1325401B1 (en) | System for protecting static and dynamic data against unauthorised manipulation | |
US7096370B1 (en) | Data security for digital data storage | |
US9003177B2 (en) | Data security for digital data storage | |
US8332652B2 (en) | Computing device that securely runs authorized software | |
KR100334720B1 (en) | Adapter Having Secure Function and Computer Secure System Using It | |
US20040101142A1 (en) | Method and system for an integrated protection system of data distributed processing in computer networks and system for carrying out said method | |
US20080077807A1 (en) | Computer Hard Disk Security | |
US20080320314A1 (en) | Apparatus for writing data to a medium | |
KR100894466B1 (en) | Information processing device, anti-tamper method, and anti-tamper program | |
WO2000017731A1 (en) | Volatile key apparatus for safeguarding confidential data stored in a computer system memory | |
CN112069555B (en) | Safe computer architecture based on double-hard-disk cold switching operation | |
KR20000029146A (en) | Data encipherment apparatus and illegal alteration prevention system | |
US8347109B2 (en) | Secure serial number generation | |
JPWO2006046484A1 (en) | Authentication method | |
EP0962850A2 (en) | A method for protecting embedded system software and embedded system | |
WO2000011538A1 (en) | Improvements in and relating to access control | |
US20020029344A1 (en) | System and method for decrypting encrypted computer program | |
WO2000011537A1 (en) | Improvements in and relating to data communication | |
JP2001125714A (en) | Keyboard device and password authenticating method using the same | |
CN117150482A (en) | Equipment application safety protection method and virtual device | |
CN116975804A (en) | Integrated circuit and intellectual property right core activation system and method with digital watermark | |
JPH05204514A (en) | Secrecy protection system for automatic keyboard lock type computer system | |
JPS60124759A (en) | File processing unit |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SL SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1999939543 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09763102 Country of ref document: US |
|
WWP | Wipo information: published in national office |
Ref document number: 1999939543 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1999939543 Country of ref document: EP |