Protection of data processing system against unauthorized programs
First Claim
1. A method of protecting value documents and restricted information controlled by a data processing system against unauthorized issuance from an output unit operated by the system, comprising providing a special storage area which cannot be modified by a system user for storing output instructions which may be executed by the system to actuate the output unit to issue a value document, providing another storage area into which an operator may load programs and data, detecting whether a current instruction provided for system execution is an output instruction, sensing if each output instruction detected by the detecting step originated in the special storage area, permitting the output unit to be actuated by the output instruction when the sensing step senses origination of the current instruction from the special storage area, and stopping the output unit from issuing any value document under control of the output instruction when the sensing step senses the output instruction did not originate in the special storage area.
0 Assignments
0 Petitions
Accused Products
Abstract
A data processing system is described which issues value documents e.g. tickets or information under the control of output instructions and is designed to prevent a person attempting fraud using an unauthorized program obtaining the value documents or information. The system includes a data processor controlling output units which can issue value documents or information and data storage. The data storage is divided into a secure store containing the output instructions arranged to make tampering difficult and a free storage into which an operator may load a program. Security logic is provided to check that an output instruction has originated in the secure store and to prevent operation of an output unit which receives output instructions from free storage. This makes it difficult for a person attempting fraud to produce value documents or information by loading a program into free storage.
The secure storage is preferably a read only store programmed during manufacture. When secure and free storage share a common memory bus, the security logic monitors addresses used to fetch instructions.
-
Citations
6 Claims
- 1. A method of protecting value documents and restricted information controlled by a data processing system against unauthorized issuance from an output unit operated by the system, comprising providing a special storage area which cannot be modified by a system user for storing output instructions which may be executed by the system to actuate the output unit to issue a value document, providing another storage area into which an operator may load programs and data, detecting whether a current instruction provided for system execution is an output instruction, sensing if each output instruction detected by the detecting step originated in the special storage area, permitting the output unit to be actuated by the output instruction when the sensing step senses origination of the current instruction from the special storage area, and stopping the output unit from issuing any value document under control of the output instruction when the sensing step senses the output instruction did not originate in the special storage area.
-
3. In a data processing system operating an output unit for issuing value documents, means for preventing the issuance of value documents from the output unit by execution of output instructions from an unauthorized source, comprising
a special storage area which cannot be modified by a system user being an authorized source for output instructions, means for detecting when the current instruction being executed by the data processing system is an output instruction for actuating the output unit to issue a value document and providing an output instruction signal, sensing means for indicating whether or not the current instruction was accessed in the special storage area and providing an authorization signal, means for stopping the output unit from issuing the value document in response to no authorization signal being provided from the sensing means while the detecting means is providing an output instruction signal, whereby the stopping means indicates when the output instruction did not derive from the special storage area and prohibits issuance of the value document.
Specification