WO2016120149A1 - Method for generating, managing and verifying user passwords for stand-alone devices - Google Patents

Method for generating, managing and verifying user passwords for stand-alone devices Download PDF

Info

Publication number
WO2016120149A1
WO2016120149A1 PCT/EP2016/051234 EP2016051234W WO2016120149A1 WO 2016120149 A1 WO2016120149 A1 WO 2016120149A1 EP 2016051234 W EP2016051234 W EP 2016051234W WO 2016120149 A1 WO2016120149 A1 WO 2016120149A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
password
stand
alone devices
devices
Prior art date
Application number
PCT/EP2016/051234
Other languages
French (fr)
Inventor
Beat Glauser
Original Assignee
Mbv Ltd., Microbiology And Bioanalytic
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mbv Ltd., Microbiology And Bioanalytic filed Critical Mbv Ltd., Microbiology And Bioanalytic
Publication of WO2016120149A1 publication Critical patent/WO2016120149A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Definitions

  • the present invention relates to generating, managing and verifying user passwords for stand-alone devices, i.e. non-(inter-)connected devices operating independently and having no access to user names or user passwords or enciphered or otherwise encoded versions of user passwords.
  • a network such as a local area network, e.g. a wireless local area network (WLAN), or the Internet
  • WLAN wireless local area network
  • Access to such devices by a certain user is usually governed by means of user authentication, where the user is typically requested to enter a user name and a user password .
  • user authentication where the user is typically requested to enter a user name and a user password .
  • his user name and user password must either be distributed to all of these devices, which causes a considerable effort, or these devices must have access to a central database storing this information, which requires a communication link between each device and the database. Due to the sensitive nature of the user passwords these are preferably not stored as plain text but usually enciphered or otherwise encoded, e.g. by means of a hash function.
  • stand-alone devices which operate independently and are not connected to a network, and therefore do not have access to remotely stored information.
  • stand-alone devices are measurement instruments, as for example air samplers for determining the amount of microorganisms in clean rooms and sterile environments in the pharmaceutical or food and beverage industries.
  • air samplers as for instance developed, manufactured and sold by MBV Ltd., are required to meet high quality standards, and therefore may for example need to be calibrated periodically.
  • access to certain functions of the device is typically limited to selected users. In order to gain access to these functions a user is usually requested to enter a user name and a user password.
  • the problem that arises in the mentioned stand-alone devices is that the device has no access to remotely stored information, e.g. related to user names and user passwords. Therefore, well-known methods of user authentication, where user names and user passwords are either distributed to all devices, e.g. via manual input or via a network connection, which requires considerable effort, or where all devices have access to a central database storing this information, are not applicable.
  • the first object is achieved by the method for generating a user password for a user of one or more stand-alone devices according to claim 1 .
  • Specific embodiments of the proposed method are provided in the dependent claims 2 to 5.
  • the second object is achieved by the method for verifying a user password of a user of one or more stand-alone devices according to claim 6.
  • Specific embodiments of the proposed method are provided in the dependent claims 7 to 10.
  • the present invention provides a method for generating a user password for a user of one or more stand-alone devices, comprising the steps of:
  • a user name and optionally a user level and/or a user password expiration date the user level in particular being associated with one or more functions of the one or more stand-alone devices;
  • the user password based on the master password and the user name and optionally the user level and/or the user password expiration date as input data
  • the user password comprises a checksum dependent on the user name, a verification code and optionally information related to the user level and/or the expiration date, wherein the verification code is dependent on the checksum and optionally the user level and/or the user password expiration date.
  • a user password generated according to the present invention thus contains information related to the user name and optionally also to the user level and the user password expiration date. Furthermore, a verification code is included in the password, which can be used as a reference to validate the correctness of the password entered by the user during authentication for gaining access to a stand-alone device having no access to user name and user password data.
  • the master password is transferred to and stored in at least one of the one or more stand-alone devices, preferably in each of the stand-alone devices, and wherein in particular the user password or an enciphered or otherwise encoded version of the user password is not transferred to or stored in the at least one of the one or more stand-alone devices.
  • the master password is transferred to the at least one of the one or more stand-alone devices, preferably to each of the standalone devices, by operationally connecting the at least one of the one or more standalone devices to a terminal device, such as for instance a computer, a smart phone or a programming device.
  • a terminal device such as for instance a computer, a smart phone or a programming device.
  • the master password is transferred to the at least one of the one or more stand-alone devices, preferably to each of the standalone devices, by manually entering the master password into the at least one of the one or more stand-alone devices, preferably into each of the stand-alone devices.
  • the master password is provided by an administrator of the one or more stand-alone devices, and in particular stored in data memory of the at least one of the one or more stand-alone devices, preferably in data memory of each of the stand-alone devices.
  • the master password (or an additional, second master password) is provided by a manufacturer, seller or distributor of the one or more stand-alone devices, preferably of all the standalone devices, and in particular stored as part of the firmware stored in the at least one of the one or more stand-alone devices, preferably in each of the stand-alone devices.
  • the user name and user password are provided to the user by the administrator or the manufacturer, seller or distributor, in particular via a secure channel.
  • the present invention provides a method for verifying a user password of a user of one or more stand-alone devices, comprising the steps of: the user entering a user name and the user password into one of the one or more stand-alone devices, wherein the user password comprises a checksum dependent on the user name, a verification code and optionally information related to a user level and/or a user password expiration date, wherein the verification code is dependent on the checksum and optionally on the user level and/or the expiration date, and wherein in particular the user password was generated according to the first aspect of the present invention;
  • a master password from a storage in the one of the one or more stand-alone devices, in particular from data memory of the one of the one or more stand-alone devices or from a part of the firmware stored in the one of the one or more stand-alone devices;
  • the password verification algorithm performs the following steps; determining using the master password a comparison code based on the checksum and optionally on information related to the user level and/or the user password expiration date;
  • the user password or an enciphered or otherwise encoded version of the user password is not transferred to or stored in the one of the one or more standalone devices.
  • the verification code is entered as part of the user password (or may be derived from the entered user password) and used as a reference to validate the correctness of the password entered by the user.
  • the stand-alone device it is not necessary for the stand-alone device to store all user names and user passwords along with user level and user password expiration date information locally or have remote access to such data. Consequently, such data does not need to be distributed to all the stand-alone devices, which would be a very cumbersome matter especially in situations where there are a large number of devices and users, in particular when new users are frequently added. Only the master password needs to be available at each device in order to validate the user name and user password entered by a user.
  • the present invention therefore provides a means for managing user access to stand-alone devices, which provides the same convenience and functionality as known authentication methods, such as a high level of security, but without the large effort required to distribute information related to user names and user passwords to all the stand-alone devices.
  • allowing the user access to the function is further dependent on the information related to the user level and/or the user password expiration date, in particular only allowing the user access to the function if the user password expiration date is on or later than a current date provided by the one of the one or more stand-alone devices, or in particular logging that the user password associated with the entered user name has expired if the user password expiration date is before a current date provided by the one of the one or more stand-alone devices.
  • the password verification algorithm further performs, checking whether the user name is valid based on a comparison with the checksum.
  • executing the password verification algorithm is performed in the one of the one or more stand-alone devices or in a terminal device, such as for instance a computer, a smart phone or a programming device, operationally connected to the one of the one or more stand-alone devices.
  • no operational connection is present between the one of the one or more stand-alone devices or the terminal device and a centralised database storing the user password or an enciphered or otherwise encoded version of the user password.
  • no transfer of the user password or an enciphered or otherwise encoded version of the user password takes place to or from the one of the one or more stand-alone devices or to or from the terminal device, especially not to or from a centralised database.
  • Fig. 1 shows a schematic block diagram illustrating an exemplary embodiment of the methods according to the present invention
  • Fig. 2 shows a schematic block diagram illustrating an exemplary embodiment of the method for generating a user password
  • Fig. 3 shows a schematic block diagram illustrating an exemplary embodiment of the method for verifying a user name and a user password
  • Fig. 4 shows another schematic block diagram illustrating a further exemplary embodiment of the methods according to the present invention.
  • Fig. 5 shows a flow diagram illustrating an exemplary embodiment of a login procedure for accessing a stand-alone device according to the present invention.
  • FIG. 1 a schematic block diagram for illustrating an exemplary embodiment of the methods according to the present invention is depicted.
  • a secret master password is provided, e.g. thought up or randomly generated, by an administrator of a multitude of stand-alone devices, e.g. a person in charge of administering user access and user privileges for a company employing the stand-alone devices.
  • the administrator assigns each user a user name, a user level, which determines the user's privileges, e.g. the device functions that the user is allowed to gain access to, and an expiration date, which establishes how long or until when the user may legitimately access the devices.
  • This information is provided as input together with the master password to a password generation algorithm, e.g. a computer software application or a piece of firmware executable by a device.
  • the password generation algorithm is preferably only provided to administrators, i.e. is not made publically available. As shown in Fig.
  • the password generation algorithm Based on this data the password generation algorithm generates a user password comprising i) a checksum, which is dependent on the user name, information related to ii) the user level and iii) the user password expiration date, and dependent thereupon (i.e. on i)-iii)) iv) a verification code.
  • a checksum which is dependent on the user name, information related to ii) the user level and iii) the user password expiration date, and dependent thereupon (i.e. on i)-iii)) iv) a verification code.
  • the master password is transferred to all the stand-alone devices. For instance it is loaded into the data memory (e.g. non-volatile memory, NVM) of each device after being delivered to the company from the manufacturer or distributor and before being dispatched to the location where the device is to be used.
  • NVM non-volatile memory
  • the administrator sends the user name and user password individually to each user, preferably via a secure channel.
  • the user should then keep his password secret in order to prevent any unauthorised access to the devices.
  • the user since the user does not know the master password or have access to the password generation algorithm he is unable to change or manipulate his password or freely chose a different password.
  • a user wants to access a device, e.g. to change certain settings, modify firmware, calibrate the device, download measurement data from the device, etc., he will be requested to enter his user name and user password.
  • an interface e.g. a graphical user interface, GUI
  • the authentication module may descramble the user password input by the user in order to retrieve the above mentioned blocks i)-iv), i.e.
  • the password verification algorithm establishes whether the entered user password is a valid password for the present user by determining a comparison code based on the checksum and the information related to the user level and the user password expiration date (cf. Fig. 3).
  • the comparison code is then compared with the verification code entered as part of the user password. If the two are identical the entered user password is accepted as being correct, and the user is given access to certain device functions in accordance with the user level determined from the entered user password.
  • the user password expiration date determined from the entered user password is compared with a date provided locally by the device (e.g. by an internal real-time clock), and access may be denied if the date provided by the device is later than the user password expiration date from the user password.
  • the authentication module may for instance issue an error message such as "password has expired -> access denied".
  • the device may simply log the event that the user password of the associated user has expired in a protocol stored by the device.
  • the protocol may further contain information regarding when which user accessed which functions of the device as well as for instance any changes of the device settings made by the user. For example the protocol could log the date, time and outcome of a calibration function initiated by the user.
  • a terminal device may be operationally connected (e.g. via cable or wirelessly) with the device and the authentication module may be provided by the terminal device.
  • the user then enters the user name and user password via the terminal device which executes parts of or the entire password verification algorithm.
  • the terminal device may retrieve the master password from the device (so that the master password does not need to be stored in the terminal device).
  • the terminal device is used to input the user name and user password, which are then provided by the terminal device to the stand-alone device where the authentication module in the stand-alone device then performs user authentication employing the password verification algorithm and master password stored locally in the stand-alone device.
  • Fig. 4 depicts a schematic block diagram for illustrating a further exemplary embodiment of the methods according to the present invention. This is for the case where the manufacturer of the devices exclusively provides advanced user passwords, e.g. ones which provide full access to all functions of the devices, for instance especially servicing functions, to a special group of advanced users such as service technicians. In this case, a special master password is used to generate the advanced user passwords.
  • the special master password is kept particularly secret and is only known be the manufacturer.
  • the generated advanced user password comprises i) a checksum, which is dependent on the advanced user name, ii) information related to the advanced user password expiration date, and dependent thereupon (i.e. on i) & ii) ) iii) a verification code.
  • the advanced user names and advanced user passwords are then provided via a secure channel to the administrator of the company that bought or the administrator charged with maintaining and/or servicing the stand-alone devices who then individually provides this information to each eligible advanced user, such as service technician.
  • the manufacturer provides the special master password as part of the firmware of the stand-alone devices sold to the company.
  • the special master password can for instance be stored as a factory setting in the firmware.
  • Advanced user authentication is subsequently performed in essentially the same way as was described above with reference to Fig. 1 and Fig. 3, with the exception that now the special master password stored as part of the firmware in each device is used to verify the advanced user name and the advanced user password.
  • Fig. 5 shows an exemplary login procedure, wherein following entry of a user name and user password (at step SO) the password verification algorithm establishes whether the entered user password is a valid user password for the present user using the master password (at step S1 ). If this is the case, based on the password expiration date extracted from the user password (at step S2) it is determined whether the user password has expired (at step S3). If this is the case, a warning is issued (to the user) and a "user password expired" entry is automatically logged in the device protocol (at step S4). Subsequently, the user is granted access to functions of the device (at step S5) dependent on the user level extracted from the user password (at step S2).
  • the password verification algorithm further checks whether the entered user password is a valid advanced user password for the present user using the special master password (at step S6). If the entered user password is invalid the login procedure fails (at step S7), and the user is not granted access to any functions of the device that are password protected. Alternatively, if the entered user password is a valid advanced user password, based on the password expiration date extracted from the advanced user password (at step S8) it is determined whether the advanced user password has expired (at step S9). If this is the case, a warning is issued (to the user) and an "advanced user password expired" entry is automatically logged in the device protocol (at step S10).
  • step S1 1 the advanced user is granted full access to all the functions of the device (at step S1 1 ).
  • step S4 and/or S10 the access to the password-protected functions of the stand-alone device may be denied (i.e. step S4 and/or S10 is followed by step S7).

Abstract

The present invention relates to generating, managing (i.e. distributing) and verifying user passwords for stand-alone devices, i.e. non-(inter-)connected devices operating independently and having no access to user names or user passwords or enciphered or otherwise encoded versions of user passwords. A method is proposed for verifying a user password of a user of a stand-alone device, wherein the user enters a user name and the user password into the stand-alone device. The user password comprises a checksum dependent on the user name and a verification code, wherein the verification code is dependent on the checksum. Subsequently, a master password is retrieved from a storage in the stand-alone device, and a password verification algorithm is executed, performing determining using the master password a comparison code based on the checksum and then allowing the user access to a function of the stand-alone device if the comparison code is the same as the verification code. Moreover, a method for generating a user password for a user of one or more stand-alone devices is given.

Description

METHOD FOR GENERATING, MANAGING AND VERIFYING
USER PASSWORDS FOR STAND-ALONE DEVICES
TECHNICAL FIELD
[0001 ] The present invention relates to generating, managing and verifying user passwords for stand-alone devices, i.e. non-(inter-)connected devices operating independently and having no access to user names or user passwords or enciphered or otherwise encoded versions of user passwords.
BACKGROUND OF THE INVENTION
[0002] Today many devices are connected to a network such as a local area network, e.g. a wireless local area network (WLAN), or the Internet, and can therefore access information stored in other devices, such as remote servers, or one device can be accessed through another distant device. Access to such devices by a certain user is usually governed by means of user authentication, where the user is typically requested to enter a user name and a user password . If the user wishes to have access to a multitude of devices, his user name and user password must either be distributed to all of these devices, which causes a considerable effort, or these devices must have access to a central database storing this information, which requires a communication link between each device and the database. Due to the sensitive nature of the user passwords these are preferably not stored as plain text but usually enciphered or otherwise encoded, e.g. by means of a hash function.
[0003] Many applications also exist where stand-alone devices are employed, which operate independently and are not connected to a network, and therefore do not have access to remotely stored information. Examples of such stand-alone devices are measurement instruments, as for example air samplers for determining the amount of microorganisms in clean rooms and sterile environments in the pharmaceutical or food and beverage industries. Such air samplers, as for instance developed, manufactured and sold by MBV Ltd., are required to meet high quality standards, and therefore may for example need to be calibrated periodically. In order to prevent unauthorised manipulation of e.g. the settings of such a device, access to certain functions of the device is typically limited to selected users. In order to gain access to these functions a user is usually requested to enter a user name and a user password. The problem that arises in the mentioned stand-alone devices is that the device has no access to remotely stored information, e.g. related to user names and user passwords. Therefore, well-known methods of user authentication, where user names and user passwords are either distributed to all devices, e.g. via manual input or via a network connection, which requires considerable effort, or where all devices have access to a central database storing this information, are not applicable.
SUMMARY OF THE INVENTION
[0004] It is therefore an object of the present invention to provide a means for authenticating users of stand-alone devices which are not connected to a network and therefore do not have access to remotely stored information. It is especially a first object of the present invention to provide a method for generating passwords for standalone devices, and a second object of the present invention to provide a method for verifying user passwords for such devices.
[0005] The first object is achieved by the method for generating a user password for a user of one or more stand-alone devices according to claim 1 . Specific embodiments of the proposed method are provided in the dependent claims 2 to 5.
[0006] The second object is achieved by the method for verifying a user password of a user of one or more stand-alone devices according to claim 6. Specific embodiments of the proposed method are provided in the dependent claims 7 to 10.
[0007] Together the claimed methods especially provide a solution to the problem of authenticating users of stand-alone, i.e. non-(inter-) connected devices. In a first aspect, the present invention provides a method for generating a user password for a user of one or more stand-alone devices, comprising the steps of:
providing a master password;
providing a user name and optionally a user level and/or a user password expiration date, the user level in particular being associated with one or more functions of the one or more stand-alone devices;
providing a password generation algorithm;
generating using the password generation algorithm the user password based on the master password and the user name and optionally the user level and/or the user password expiration date as input data, wherein the user password comprises a checksum dependent on the user name, a verification code and optionally information related to the user level and/or the expiration date, wherein the verification code is dependent on the checksum and optionally the user level and/or the user password expiration date.
[0008] A user password generated according to the present invention thus contains information related to the user name and optionally also to the user level and the user password expiration date. Furthermore, a verification code is included in the password, which can be used as a reference to validate the correctness of the password entered by the user during authentication for gaining access to a stand-alone device having no access to user name and user password data.
[0009] In an embodiment of the method the master password is transferred to and stored in at least one of the one or more stand-alone devices, preferably in each of the stand-alone devices, and wherein in particular the user password or an enciphered or otherwise encoded version of the user password is not transferred to or stored in the at least one of the one or more stand-alone devices.
[0010] In a further embodiment of the method the master password is transferred to the at least one of the one or more stand-alone devices, preferably to each of the standalone devices, by operationally connecting the at least one of the one or more standalone devices to a terminal device, such as for instance a computer, a smart phone or a programming device. [001 1 ] In a further embodiment of the method the master password is transferred to the at least one of the one or more stand-alone devices, preferably to each of the standalone devices, by manually entering the master password into the at least one of the one or more stand-alone devices, preferably into each of the stand-alone devices.
[0012] In a further embodiment of the method the master password is provided by an administrator of the one or more stand-alone devices, and in particular stored in data memory of the at least one of the one or more stand-alone devices, preferably in data memory of each of the stand-alone devices. Alternatively (or additionally), the master password (or an additional, second master password) is provided by a manufacturer, seller or distributor of the one or more stand-alone devices, preferably of all the standalone devices, and in particular stored as part of the firmware stored in the at least one of the one or more stand-alone devices, preferably in each of the stand-alone devices.
[0013] In a further embodiment of the method the user name and user password are provided to the user by the administrator or the manufacturer, seller or distributor, in particular via a secure channel.
[0014] In a second aspect, the present invention provides a method for verifying a user password of a user of one or more stand-alone devices, comprising the steps of: the user entering a user name and the user password into one of the one or more stand-alone devices, wherein the user password comprises a checksum dependent on the user name, a verification code and optionally information related to a user level and/or a user password expiration date, wherein the verification code is dependent on the checksum and optionally on the user level and/or the expiration date, and wherein in particular the user password was generated according to the first aspect of the present invention;
retrieving a master password from a storage in the one of the one or more stand-alone devices, in particular from data memory of the one of the one or more stand-alone devices or from a part of the firmware stored in the one of the one or more stand-alone devices;
executing a password verification algorithm, wherein the password verification algorithm performs the following steps; determining using the master password a comparison code based on the checksum and optionally on information related to the user level and/or the user password expiration date;
allowing the user access to a function of the one of the one or more stand-alone devices if the comparison code is the same as the verification code, and conversely denying the user access to the function if the comparison code is not the same as the verification code;
wherein in particular the user password or an enciphered or otherwise encoded version of the user password is not transferred to or stored in the one of the one or more standalone devices.
[0015] Hence, during user authentication the verification code is entered as part of the user password (or may be derived from the entered user password) and used as a reference to validate the correctness of the password entered by the user. In this way it is not necessary for the stand-alone device to store all user names and user passwords along with user level and user password expiration date information locally or have remote access to such data. Consequently, such data does not need to be distributed to all the stand-alone devices, which would be a very cumbersome matter especially in situations where there are a large number of devices and users, in particular when new users are frequently added. Only the master password needs to be available at each device in order to validate the user name and user password entered by a user. The present invention therefore provides a means for managing user access to stand-alone devices, which provides the same convenience and functionality as known authentication methods, such as a high level of security, but without the large effort required to distribute information related to user names and user passwords to all the stand-alone devices.
[0016] In an embodiment of the method, allowing the user access to the function is further dependent on the information related to the user level and/or the user password expiration date, in particular only allowing the user access to the function if the user password expiration date is on or later than a current date provided by the one of the one or more stand-alone devices, or in particular logging that the user password associated with the entered user name has expired if the user password expiration date is before a current date provided by the one of the one or more stand-alone devices.
[0017] In a further embodiment of the method the password verification algorithm further performs, checking whether the user name is valid based on a comparison with the checksum.
[0018] In a further embodiment of the method executing the password verification algorithm is performed in the one of the one or more stand-alone devices or in a terminal device, such as for instance a computer, a smart phone or a programming device, operationally connected to the one of the one or more stand-alone devices.
[0019] In a further embodiment of the method no operational connection is present between the one of the one or more stand-alone devices or the terminal device and a centralised database storing the user password or an enciphered or otherwise encoded version of the user password.
[0020] In a further embodiment of the method for verifying a user password no transfer of the user password or an enciphered or otherwise encoded version of the user password takes place to or from the one of the one or more stand-alone devices or to or from the terminal device, especially not to or from a centralised database.
[0021 ] It is expressly pointed out that the above-mentioned embodiments can be arbitrarily combined to yield further specific embodiments of the methods according to the present invention.
BRIEF DESCRIPTION OF THE DRAWINGS
[0022] The present invention will now be further illustrated by way of exemplified embodiments shown in the accompanying drawings and described in detail in the following. It is pointed out that these embodiments are for illustrative purposes only and shall not limit the present invention as set out by the claims. Fig. 1 shows a schematic block diagram illustrating an exemplary embodiment of the methods according to the present invention;
Fig. 2 shows a schematic block diagram illustrating an exemplary embodiment of the method for generating a user password;
Fig. 3 shows a schematic block diagram illustrating an exemplary embodiment of the method for verifying a user name and a user password;
Fig. 4 shows another schematic block diagram illustrating a further exemplary embodiment of the methods according to the present invention; and
Fig. 5 shows a flow diagram illustrating an exemplary embodiment of a login procedure for accessing a stand-alone device according to the present invention.
DETAILED DESCRIPTION OF THE INVENTION
[0023] In Fig. 1 a schematic block diagram for illustrating an exemplary embodiment of the methods according to the present invention is depicted. A secret master password is provided, e.g. thought up or randomly generated, by an administrator of a multitude of stand-alone devices, e.g. a person in charge of administering user access and user privileges for a company employing the stand-alone devices.
[0024] The administrator then assigns each user a user name, a user level, which determines the user's privileges, e.g. the device functions that the user is allowed to gain access to, and an expiration date, which establishes how long or until when the user may legitimately access the devices. This information is provided as input together with the master password to a password generation algorithm, e.g. a computer software application or a piece of firmware executable by a device. The password generation algorithm is preferably only provided to administrators, i.e. is not made publically available. As shown in Fig. 2, based on this data the password generation algorithm generates a user password comprising i) a checksum, which is dependent on the user name, information related to ii) the user level and iii) the user password expiration date, and dependent thereupon (i.e. on i)-iii)) iv) a verification code. These four items i)-iv) can be arranged in the user password as four consecutive blocks of data or parts thereof may be rearranged and intermingled, e.g. scrambled.
[0025] The master password is transferred to all the stand-alone devices. For instance it is loaded into the data memory (e.g. non-volatile memory, NVM) of each device after being delivered to the company from the manufacturer or distributor and before being dispatched to the location where the device is to be used.
[0026] On the other hand, the administrator sends the user name and user password individually to each user, preferably via a secure channel. The user should then keep his password secret in order to prevent any unauthorised access to the devices. However, since the user does not know the master password or have access to the password generation algorithm he is unable to change or manipulate his password or freely chose a different password.
[0027] When a user wants to access a device, e.g. to change certain settings, modify firmware, calibrate the device, download measurement data from the device, etc., he will be requested to enter his user name and user password. Once these credentials have been input into the device via an interface (e.g. a graphical user interface, GUI) provided on the device, they are verified by an authentication module comprising a password verification algorithm located within the device, e.g. as part of the firmware stored in the device. The authentication module may descramble the user password input by the user in order to retrieve the above mentioned blocks i)-iv), i.e. i) the checksum, the information related to ii) the user level and iii) the user password expiration date, and iv) the verification code. As shown in Fig. 3, the password verification algorithm then compares a (comparison) checksum determined from the entered user name with the checksum (= block i)) retrieved from the entered user password in order to establish whether the entered user name is really associated with the entered user password. If this is not the case, the authentication module may for instance issue an error message such as "incorrect user name". Subsequently, using the master password the password verification algorithm establishes whether the entered user password is a valid password for the present user by determining a comparison code based on the checksum and the information related to the user level and the user password expiration date (cf. Fig. 3). The comparison code is then compared with the verification code entered as part of the user password. If the two are identical the entered user password is accepted as being correct, and the user is given access to certain device functions in accordance with the user level determined from the entered user password. Additionally, the user password expiration date determined from the entered user password is compared with a date provided locally by the device (e.g. by an internal real-time clock), and access may be denied if the date provided by the device is later than the user password expiration date from the user password. If this is the case, the authentication module may for instance issue an error message such as "password has expired -> access denied". Alternatively, in the case where the password has expired, the device may simply log the event that the user password of the associated user has expired in a protocol stored by the device. The protocol may further contain information regarding when which user accessed which functions of the device as well as for instance any changes of the device settings made by the user. For example the protocol could log the date, time and outcome of a calibration function initiated by the user.
[0028] Alternatively a terminal device may be operationally connected (e.g. via cable or wirelessly) with the device and the authentication module may be provided by the terminal device. The user then enters the user name and user password via the terminal device which executes parts of or the entire password verification algorithm. During execution of the password verification algorithm the terminal device may retrieve the master password from the device (so that the master password does not need to be stored in the terminal device). Alternatively, the terminal device is used to input the user name and user password, which are then provided by the terminal device to the stand-alone device where the authentication module in the stand-alone device then performs user authentication employing the password verification algorithm and master password stored locally in the stand-alone device. It is preferable not to transfer the master password (or code pertaining to the verification algorithm) between the stand-alone device and the terminal device (especially via an unsecure link) because this can potentially expose the master password (or code pertaining to the verification algorithm) to eavesdropping by non-authorised parties. [0029] Fig. 4 depicts a schematic block diagram for illustrating a further exemplary embodiment of the methods according to the present invention. This is for the case where the manufacturer of the devices exclusively provides advanced user passwords, e.g. ones which provide full access to all functions of the devices, for instance especially servicing functions, to a special group of advanced users such as service technicians. In this case, a special master password is used to generate the advanced user passwords. The special master password is kept particularly secret and is only known be the manufacturer. An advanced user name and advanced user password expiration date are provided together with the special master password as input to the password generation algorithm, which may be different from the password generation algorithm used to generate normal user passwords as per Fig. 1 (in order to achieve increased security and secrecy). The generated advanced user password comprises i) a checksum, which is dependent on the advanced user name, ii) information related to the advanced user password expiration date, and dependent thereupon (i.e. on i) & ii) ) iii) a verification code.
[0030] The advanced user names and advanced user passwords are then provided via a secure channel to the administrator of the company that bought or the administrator charged with maintaining and/or servicing the stand-alone devices who then individually provides this information to each eligible advanced user, such as service technician.
[0031 ] On the other hand the manufacturer provides the special master password as part of the firmware of the stand-alone devices sold to the company. The special master password can for instance be stored as a factory setting in the firmware.
[0032] Advanced user authentication is subsequently performed in essentially the same way as was described above with reference to Fig. 1 and Fig. 3, with the exception that now the special master password stored as part of the firmware in each device is used to verify the advanced user name and the advanced user password.
[0033] Fig. 5 shows an exemplary login procedure, wherein following entry of a user name and user password (at step SO) the password verification algorithm establishes whether the entered user password is a valid user password for the present user using the master password (at step S1 ). If this is the case, based on the password expiration date extracted from the user password (at step S2) it is determined whether the user password has expired (at step S3). If this is the case, a warning is issued (to the user) and a "user password expired" entry is automatically logged in the device protocol (at step S4). Subsequently, the user is granted access to functions of the device (at step S5) dependent on the user level extracted from the user password (at step S2). If it was determined at step S1 using the master password that the user password is invalid, the password verification algorithm further checks whether the entered user password is a valid advanced user password for the present user using the special master password (at step S6). If the entered user password is invalid the login procedure fails (at step S7), and the user is not granted access to any functions of the device that are password protected. Alternatively, if the entered user password is a valid advanced user password, based on the password expiration date extracted from the advanced user password (at step S8) it is determined whether the advanced user password has expired (at step S9). If this is the case, a warning is issued (to the user) and an "advanced user password expired" entry is automatically logged in the device protocol (at step S10). Subsequently, the advanced user is granted full access to all the functions of the device (at step S1 1 ). Alternatively, if it is determined that the (advanced) user password has expired access to the password-protected functions of the stand-alone device may be denied (i.e. step S4 and/or S10 is followed by step S7).

Claims

A method for generating a user password for a user of one or more stand-alone devices, comprising the steps of:
• providing a master password;
• providing a user name and optionally a user level and/or a user password expiration date, the user level in particular being associated with one or more functions of the one or more stand-alone devices;
• providing a password generation algorithm;
• generating using the password generation algorithm the user password based on the master password and the user name and optionally the user level and/or the user password expiration date as input data, wherein the user password comprises a checksum dependent on the user name, a verification code and optionally information related to the user level and/or the expiraton date, wherein the verification code is dependent on the checksum and optionally the user level and/or the user password expiration date.
The method of claim 1 , wherein the master password is transferred to and stored in at least one of the one or more stand-alone devices, and wherein in particular the user password or an enciphered or otherwise encoded version of the user password is not transferred to or stored in the at least one of the one or more stand-alone devices.
The method of claim 2, wherein the master password is transferred to the at least one of the one or more stand-alone devices by operationally connecting the at least one of the one or more stand-alone devices to a terminal device, such as for instance a computer, a smart phone or a programming device.
The method of one of claims 1 to 3, wherein the master password is provided by an administrator of the one or more stand-alone devices, and in particular stored in data memory of the at least one of the one or more stand-alone devices, and/or wherein the master password is provided by a manufacturer, seller or distributor of the one or more stand-alone devices, and in particular stored as part of the firmware stored in the at least one of the one or more stand-alone devices.
The method of one of claims 1 to 4, wherein the user name and user password are provided to the user by the administrator or the manufacturer, seller or distributor, in particular via a secure channel.
A method for verifying a user password of a user of one or more stand-alone devices, comprising the steps of:
• the user entering a user name and the user password into one of the one or more stand-alone devices, wherein the user password comprises a checksum dependent on the user name, a verification code and optionally information related to a user level and/or a user password expiration date, wherein the verification code is dependent on the checksum and optionally on the user level and/or the expiration date, and wherein in particular the user password was generated according to the method of one of claims 1 to 5;
• retrieving a master password from a storage in the one of the one or more stand-alone devices, in particular from data memory of the one of the one or more stand-alone devices or from a part of the firmware stored in the one of the one or more stand-alone devices;
• executing a password verification algorithm, wherein the password verification algorithm performs the following steps:
• determining using the master password a comparison code based on the checksum and optionally on information related to the user level and/or the user password expiration date;
• allowing the user access to a function of the one of the one or more standalone devices if the comparison code is the same as the verification code, and conversely denying the user access to the function if the comparison code is not the same as the verification code; wherein in particular the user password or an enciphered or otherwise encoded version of the user password is not transferred to or stored in the one of the one or more stand-alone devices.
7. The method of claim 6, wherein allowing the user access to the function is further dependent on the information related to the user level and/or the user password expiration date, in particular only allowing the user access to the function if the user password expiration date is on or later than a current date provided by the one of the one or more stand-alone devices, or in particular logging that the user password associated with entered the user name has expired if the user password expiration date is before a current date provided by the one of the one or more stand-alone devices.
8. The method of claim 6 or 7, wherein the password verification algorithm further performs, checking whether the user name is valid based on a comparison with the checksum.
9. The method of one of claims 6 to 8, wherein executing the password verification algorithm is performed in the one of the one or more stand-alone devices or in a terminal device, such as for instance a computer, a smart phone or a programming device, operationally connected to the one of the one or more stand-alone devices.
10. The method of one of claims 6 to 9, wherein no operational connection is present between the one of the one or more stand-alone devices or the terminal device and a centralized database storing the user password or an enciphered or otherwise encoded version of the user password.
PCT/EP2016/051234 2015-01-30 2016-01-21 Method for generating, managing and verifying user passwords for stand-alone devices WO2016120149A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CH118/15 2015-01-30
CH1182015 2015-01-30

Publications (1)

Publication Number Publication Date
WO2016120149A1 true WO2016120149A1 (en) 2016-08-04

Family

ID=55521670

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2016/051234 WO2016120149A1 (en) 2015-01-30 2016-01-21 Method for generating, managing and verifying user passwords for stand-alone devices

Country Status (1)

Country Link
WO (1) WO2016120149A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5661807A (en) * 1993-07-30 1997-08-26 International Business Machines Corporation Authentication system using one-time passwords
US7650509B1 (en) * 2004-01-28 2010-01-19 Gordon & Howard Associates, Inc. Encoding data in a password

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5661807A (en) * 1993-07-30 1997-08-26 International Business Machines Corporation Authentication system using one-time passwords
US7650509B1 (en) * 2004-01-28 2010-01-19 Gordon & Howard Associates, Inc. Encoding data in a password

Similar Documents

Publication Publication Date Title
US9135415B2 (en) Controlling access
US10492067B2 (en) Secure access authorization method
US7890997B2 (en) Remote feature activation authentication file system
US9580295B2 (en) Systems and methods for fuel dispenser security
CN105103488A (en) Policy enforcement with associated data
EP1606914A4 (en) Secure object for convenient identification
EP3072273B1 (en) Systems and methods for fuel dispenser security
WO2009137371A2 (en) Enterprise device recovery
MX2012009025A (en) Software feature authorization through delegated agents.
GB2505532A (en) Password generating using trusted and un-trusted time modules.
US9139414B2 (en) Systems and methods for fuel dispenser security
KR20120110089A (en) Method for remotely controlling and monitoring the data produced on desktop on desktop software
KR20130103537A (en) User account recovery
KR20160143863A (en) Device control system, device controller, device control method, and program
US9323911B1 (en) Verifying requests to remove applications from a device
JP2009003501A (en) Onetime password authentication system
JP2018022941A (en) Management system, management server and management program
WO2016120149A1 (en) Method for generating, managing and verifying user passwords for stand-alone devices
JP4878566B2 (en) Digital certificate distribution system, digital certificate distribution method, and digital certificate distribution program
US11397802B2 (en) Systems and methods for user authentication in non-network-connected devices
US20150215318A1 (en) Case management system
KR101975041B1 (en) Security broker system and method for securing file stored in external storage device
CN105763518A (en) B/S architecture-based remote data encryption method
KR101617875B1 (en) authentication method for service of providing electronic documents, method and system for service of providing electronic documents
US20240080315A1 (en) Online authentication for medical devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16708943

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16708943

Country of ref document: EP

Kind code of ref document: A1