Computer security system for a time shared computer accessed over telephone lines

US 4,531,023 A
Filed: 08/13/1982
Issued: 07/23/1985
Est. Priority Date: 08/13/1982
Status: Expired due to Fees

First Claim

Patent Images

1. A computer security system for preventing unauthorized access to a central computer, said central computer being remotely accessed through conventional telephone lines and through a conventional telephone switching system, said telephone switching system, characterized by automatic generation within said telephone switching system of unique identifying information corresponding to a remote caller accessing said central computer through said telephone switching system, said computer security system comprising:

an offsite security computer coupled to said telephone switching system for automatically receiving said identifying information relating to said remote caller, said offsite security computer includes a comparator for comparing said unique identifying information obtained from said telephone switching system corresponding to said remote caller with corresponding file information identifying all authorized users of said central computer system; and

file means for storing said file information corresponding to authorized users of said central computer, said file means coupled to said offsite security computer and for providing said file information to said comparator within said offsite security computer for comparison with said unique identifying information generated by said telephone switching system, wherein said offsite security computer generates and transmits to said central computer an acknowledgment signal if said identifying information and file information are exactly identical, and generates and transmits to said central computer a negative acknowledgment signal when said identifying information and file information are not exactly identical, whereby said remote caller to said central computer cannot gain access to said central computer unless calling from a specified location which specified location is uniquely identified by user nonalterable information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A time-shared central computer can be protected from access from unauthorized users by utilizing automatic tracing equipment included within telephone switching systems, in combination with an independently organized offsite security computer system. The user, seeking to access the central computer through a telephone system, automatically causes his telephone number to be generated within the telephone system and sent to the offsite security computer. Meanwhile, the user provides the time-shared, central computer with a password which is used to address a memory which includes file information on all authorized users. The file information which includes the telephone number of all authorized users, is made available in the offsite security computer for comparison with the telephone number corresponding to the calling user as provided by the telephone switching system. A match indicates that a user, in possession of preauthorized password, is calling from appropriate telephone station. In this case, access is permitted, otherwise access to the central computer will be denied. By using a user nonalterable telephone number, generated in the telephone switching system, falsification of an authorized users identify is prevented. In addition, tampering with the security procedure is prevented by organizing the offsite security computer in such a manner that the user has no access to the system program of the offsite security computer either directly or through the central computer.

Citations

26 Claims

1. A computer security system for preventing unauthorized access to a central computer, said central computer being remotely accessed through conventional telephone lines and through a conventional telephone switching system, said telephone switching system, characterized by automatic generation within said telephone switching system of unique identifying information corresponding to a remote caller accessing said central computer through said telephone switching system, said computer security system comprising:
- an offsite security computer coupled to said telephone switching system for automatically receiving said identifying information relating to said remote caller, said offsite security computer includes a comparator for comparing said unique identifying information obtained from said telephone switching system corresponding to said remote caller with corresponding file information identifying all authorized users of said central computer system; and
  
  file means for storing said file information corresponding to authorized users of said central computer, said file means coupled to said offsite security computer and for providing said file information to said comparator within said offsite security computer for comparison with said unique identifying information generated by said telephone switching system, wherein said offsite security computer generates and transmits to said central computer an acknowledgment signal if said identifying information and file information are exactly identical, and generates and transmits to said central computer a negative acknowledgment signal when said identifying information and file information are not exactly identical, whereby said remote caller to said central computer cannot gain access to said central computer unless calling from a specified location which specified location is uniquely identified by user nonalterable information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer security system of claim 1 wherein said offsite security computer is coupled to said telephone switching system and said central computer only through user nonaccessable communication lines.
  - 3. The computer security system of claim 1 or 2 wherein said offsite security computer communicates with said central computer only through said acknowledgment and negative acknowledgment signals, whereby said offsite security computer is inaccessable from said central computer and from said remote caller accessing said central computer.
  - 4. The computer security system of claim 1 wherein said remote caller called through said telephone switching system with a conventional telephone sending and receiving unit and wherein said unique identifying information generated in said telephone switching system and communicated to said offsite security computer includes the telephone number of said telephone sending and receiving unit used by said remote caller to call said central computer through said telephone sytem, and wherein said file information stored within said file means includes a preauthorized telephone number corresponding to a permitted station from said authorized user.
  - 5. The computer security system of claim 4 wherein said unique identifying information includes in addition said telephone number, the address of the location of said telephone sending/receiving unit, and wherein said file information stored within said file means includes a preauthorized address location.
  - 6. The computer security system of claim 1 wherein said file means includes memory within said central computer, said file information stored within said memory, said memory being communicated with said offsite security computer through conventional telephone lines.
  - 7. The computer security system of claim 1 wherein said file means is a memory included within said offsite security computer and wherein said central computer has no access to said memory including said file information.
  - 8. The computer security system of claim 1 wherein said offsite security computer further includes means for temporarily altering said file information stored within said file means and for retaining said altered file information for comparison within said comparator with said unique identifying information for a predetermined time interval, whereby said remote caller may access said central computer through said telephone switching system from an alternative site provided that said telephone switching system generates appropriately modified identifying information and transmits said appropriately modified identifying information to said offsite security computer within said predetermined time interval.
  - 9. The computer security system of claim 1 wherein said file means includes a plurality of units of file information identifying a corresponding plurality of authorized remote callersites, each of said plurality of units of file information being coupled to said comparator to determine whether any one of said plurality of units of file information exactly compare to said unique identifying information generated by said telephone switching system.

10. A computer security system comprising:
- a plurality of remote user sites;
  
  a telephone switching system particularly characterized by including means for generating uniquely identifying information corresponding to each one of said plurality of remote user sites when a call is placed through said corresponding remote user site through said telephone switching system; and
  
  a central computer system coupled to said telephone switching system for communication with said remote user sites; and
  
  an offsite security computer coupled to said means for generating said uniquely identifying information within said telephone switching system, said offsite security computer coupled to said central computer system, said offsite security computer including a comparator for comparing said unique identifying information generated by said telephone switching system with selected file information to generate and communicate to said central computer system a signal indictive of whether an exact match between said unique identifying information and said file information has been achieved, said central computer system permitting access only when offsite security computer indicates an exact match, whereby access to said central computer from said plurality of remote user sites through said telephone switching system is permitted only when said unique identfying information generated in said telephone switching system matches a preauthorized file information record.
- View Dependent Claims (11, 12, 13)
- - 11. The computer security system of claim 10 wherein said file information is stored within a memory included within said offsite security system.
  - 12. The computer security system of claim 10 wherein said file information is stored within said central computer system, said file information being communicated on conventional telephone lines to said offsite security computer for comparison within said comparator.
  - 13. The security computer system of claim 10 wherein said means for generating said unique identifying information only communicates said information to said offsite security computer system when said central computer is accessed from said remote user sites through said telephone switching system.

14. A method for providing security for a central computer system remotely accessed through conventional telephone lines and a conventional telephone switching system, said telephone switching system characterized by automatic generation of unique identifying information corresponding to a remote caller accessing said central computer through said telephone switching system, said method comprising the steps:
- generating said unique identifying information in said telephone switching system;
  
  communicating said unique identifying information to an offsite security computer coupled to said telephone switching system, said identifying information relating to said remote caller;
  
  selectively reading file information corresponding to authorized users of said central computer from a file means used for storing said file information, said means being coupled to said offsite security computer;
  
  providing said file information from said file means to the comparator included within said offsite security computer;
  
  comparing said file information and said unique identifying information within said comparator to determine whether or not said file information and said unique identifying information exactly match;
  
  generating an acknowledgment signal within an offsite security computer; and
  
  ,communicating an acknowledgment signal from said offsite security computer to said central computer to indicate whether or not access to said central computer from said remote caller is allowed, whereby said remote caller cannot alter said unique identifying information to gain access to said central computer.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
- - 15. The method of claim 14 where said step of communicating said unique identifying information from said telephone switching system to said offsite security computer is through user nonaccessible communication lines.
  - 16. The method of claim 14 or 15 where said step of communicating said acknowledgment signal from said offsite security computer to said central computer is the exclusive type of communication possible between said offsite security computer and said central computer, whereby information in said offsite security computer is unmodifiable from said central computer and from said remote caller accessing said central computer.
  - 17. The method of claim 14 where said unique identifying information generated in said telephone switching system and communicated to said offsite security computer includes the telephone number of said remote caller accessing said central computer through said telephone switching system.
  - 18. The method of claim 17 where said unique identifying information also includes the address of the location of said remote caller and wherein said file information stored within said file means includes a preauthorized address location.
  - 19. The method of claim 14 wherein said file means includes a memory within said central computer and said step of selectively reading said file information to said comparator includes the step of reading said file information stored within said memory and communicating said file information with said offsite security computer through a conventional telephone line.
  - 20. The method of claim 14 where said file means is a memory included within said offsite security computer and where said step of selectively reading said file information includes local access of said memory by said offsite computer so that said central computer has no access to said memory including said file information.
  - 21. The method of claim 14 further including the steps of:
    - temporarily altering said file information stored within said file means;
      
      retaining said altered file information within a temporary memory;
      
      comparing said altered file information within said comparator with said unique identifying information, said step of comparing executeable within a limited, predetermined time interval, whereby said remote caller may access said central computer through said telephone switching system from an alternative site provided that said telephone switching system generates appropriately modified identifying information and transmits said appropriately modified identifying information to said offsite security computer within said predetermined time interval.
  - 22. The method of claim 14 wherein said file means includes a plurality of units of file information identifying a corresponding plurality of authorized remote caller sites said method further including the steps of comparing each of the said plurality of said units of file information in said comparator to determine whether any of said plurality of units of file information exactly match said unique identfying information generated by said telephone switching system.

23. A computer security system for preventing unauthorized access to a central computer, said central computer being remotely accessed through conventional telephone lines and through a conventional telephone switching system, said telephone switching system, characterized by automatic generation within said telephone switching system of unique identifying information corresponding to a remote caller accessing said central computer through said telephone switching system, said computer security system comprising:
- a security computer coupled to said telephone switching system for automatically receiving said identifying information relating to said remote caller, wherein said security computer includes a comparator for comparing said unique identifying information obtained from said telephone switching system corresponding to said remote caller with corresponding file information identifying all authorized users of said central computer system; and
  
  file means for storing said file information corresponding to authorized users of said central computer, said file means coupled to said security computer and for providing said file information to said comparator within said security computer for comparison with said unique identifying information generated by said telephone switching system, wherein said security computer generates an acknowledgment signal if said identifying information and file information are exactly identical, and generates a negative acknowledgment signal when said identifying information and file information are not exactly identical, whereby said remote caller to said central computer cannot gain access to said central computer unless calling from a specified location, which specified location is uniquely identified by user nonalterable information.
- View Dependent Claims (24)
- - 24. The computer security system of claim 23 wherein said security computer is part of said central computer.

25. A computer security system comprising:
- a plurality of remote user sites;
  
  a telephone switching system particularly characterized by including means for generating unique identifying information corresponding to each one of said plurality of remote user sites when a call is placed from said corresponding remote user site through said telephone switching system; and
  
  a central computer system coupled to said telephone switching system for communicating with said remote user sites, central computer system coupled to said means for generating said unique identifying information within said telephone switching system, said central computer system including a comparator for for comparing said unique identifying information generated by said telephone switching system with selected file information to generate a signal indicative when an exact match between said unique identifying information and said file information has been achieved, said central computer system permitting access only when said unique identifying information generated in said telephone switching system matches a preauthorized file information record.

26. A method for providing security for a central computer system remotely accessed through conventional telephone lines and through a conventional telephone switching system, said telephone switching system characterized by automatic generation of unique identifying information corresponding to a remote caller accessing said central computer through said telephone switching system, said method comprising the steps:
- generating said unique identifying information in said telephone switching system;
  
  communicating said unique identifying information to said central computer system coupled to said telephone switching system, said identifying information relating to said remote caller;
  
  selectively reading file information corresponding to authorized users of said central computer from a file means used for storing said file information, said file means being included in said central computer system;
  
  providing said file information from said file means to the comparator included within said central computer system;
  
  comparing said file information and said unique identifying information within said comparator to determine whether or not said file information and said unique identifying information exactly match; and
  
  generating an acknowledgement signal within said central computer system, to indicate whether or not access to said central computer from said remote caller is allowed, whereby said remote caller cannot alter said unique identifying information to gain access to said central computer

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Paul J. Levine
Original Assignee
HLF Corporation
Inventors
Levine, Paul J.
Primary Examiner(s)
Rubinson, Gene Z.
Assistant Examiner(s)
Brady, W. J.

Application Number

US06/408,024
Time in Patent Office

1,075 Days
Field of Search

179/2 R, 179/2 A, 179/2 AM, 179/2 DP, 179/2 CA, 179/18 DA, 179/18 FH, 178/22.01, 178/22.08, 375/2.1, 375/2.2, 340/825.31-825.34, 364/200, 364/900
US Class Current

379/93.02
CPC Class Codes

G06F 21/31   User authentication

H04L 12/22   Arrangements for preventing...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

Y10S 379/903   Password

Computer security system for a time shared computer accessed over telephone lines

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Computer security system for a time shared computer accessed over telephone lines

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links