Computer access security code system

US 4,926,481 A
Filed: 12/05/1988
Issued: 05/15/1990
Est. Priority Date: 12/05/1988
Status: Expired due to Fees

First Claim

Patent Images

1. In a security access control system wherein a user at a remote station requires approval from a controlling computer to gain access, the improvement comprising:

(a) a pair of matching first matrices of passwords located at the controlling computer and the remote station, respectively, each said first matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a first virtual plane; and

,(b) access logic means located at the controlling computer and operably connected to read from and write to its associated said first matrix of passwords,(b1) for transmitting a first pair of said passwords from its said first matrix to the remote station when the remote station attempts to gain access, said first pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said first virtual plane,(b2) for receiving a first pair of said passwords transmitted from the remote station as obtained from the remote station'"'"'s said first matrix,(b3) for comparing said first pair of passwords transmitted from the remote station to the said passwords located in the controlling computer'"'"'s said first matrix at corners of said rectangle other than those defined by said transmitted first pair of said passwords,(b4) for granting access if said compared passwords are a match, and(b5) for denying access if said compared passwords are not a match.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric charcters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

Citations

20 Claims

1. In a security access control system wherein a user at a remote station requires approval from a controlling computer to gain access, the improvement comprising:
- (a) a pair of matching first matrices of passwords located at the controlling computer and the remote station, respectively, each said first matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a first virtual plane; and
  
  ,(b) access logic means located at the controlling computer and operably connected to read from and write to its associated said first matrix of passwords,(b1) for transmitting a first pair of said passwords from its said first matrix to the remote station when the remote station attempts to gain access, said first pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said first virtual plane,(b2) for receiving a first pair of said passwords transmitted from the remote station as obtained from the remote station'"'"'s said first matrix,(b3) for comparing said first pair of passwords transmitted from the remote station to the said passwords located in the controlling computer'"'"'s said first matrix at corners of said rectangle other than those defined by said transmitted first pair of said passwords,(b4) for granting access if said compared passwords are a match, and(b5) for denying access if said compared passwords are not a match.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The improvement to a security access control system of claim 1 wherein said access logic means additionally includes:
    - (a) means for marking ones of said passwords within the associated said first matrix employed for any purpose as "used"; and
      
      ,(b) means for not choosing a said password marked as used for transmission to the remote station.
  - 3. The improvement to a security access control system of claim 1 and additionally comprising:
    - (a) a pair of matching second matrices of passwords located at the controlling computer and the remote station, respectively, each said second matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a second virtual plane; and
      
      wherein said access logic means additionally includes,(b) secondary checking means disposed before said means for granting access if said compared passwords are a match,(b1) for transmitting a second pair of said passwords from its said second matrix to the remote station, said second pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said second virtual plane which is located in a plane of a parallelepiped containing said compared and matched passwords at diagonal corners of one side thereof,(b2) for receiving a second pair of said passwords transmitted from the remote station as obtained from the remote station'"'"'s said second matrix,(b3) for comparing said second pair of passwords transmitted from the remote station to the said passwords located in the controlling computer'"'"'s said second matrix at corners of said rectangle other than those defined by said transmitted second pair of said passwords,(b4) for granting access if said compared second passwords are a match, and(b5) for denying access if said compared second passwords are not a match.
  - 4. The improvement to a security access control system of claim 3 wherein said access logic means additionally includes:
    - (a) means for marking ones of said passwords within the associated said second matrix employed for any purpose as "used"; and
      
      ,(b) means for not choosing a said password marked as used for transmission to the remote station.
  - 5. The improvement to a security access control system of claim 1 and additionally comprising:
    - (a) a pair of matching second matrices of passwords located at the controlling computer and the remote station, respectively, each said second matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a second virtual plane;
      
      (b) the remote station including query logic for transmitting a query pair of said passwords from its said first matrix to the controlling computer to initiate an access attempt, said query pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said first virtual plane; and
      
      wherein said access logic means additionally includes,(c) preliminary checking logic disposed before said means for transmitting a first pair of said passwords the remote station,(c1) for receiving said query pair of said passwords transmitted from the remote station,(c2) for using said query pair of passwords transmitted from the remote station to find the said passwords located in the controlling computer'"'"'s said first matrix at two corners of said rectangle other than those defined by said transmitted query pair of said passwords,(c2) for transmitting said passwords from said two other corners to the remote station, and wherein additionally,(d) said first pair of said passwords is chosen from the controlling computer'"'"'s said first matrix, said first pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said second virtual plane which is located in a plane of a parallelepiped containing said four query passwords at corners of one side thereof.

6. A security access control system comprising:
- (a) controlling computer means for controlling access to an object;
  
  (b) remote station means operably connected to said controlling computer means for inputting access information to said controlling computer means;
  
  (c) a pair of matching first matrices of passwords located at said controlling computer means and the remote station means respectively, each said first matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a first virtual plane; and
  
  ,(d) access logic means located at said controlling computer means and operably connected to read from and write to its associated said first matrix of passwords,(d1) for transmitting a first pair of said passwords from its said first matrix to said remote station means when said remote station means attempts to gain access, said first pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said first virtual plane,(d2) for receiving a first pair of said passwords transmitted from said remote station means as obtained from said remote station means'"'"' said first matrix,(d3) for comparing said first pair of passwords transmitted from said remote station means to the said passwords located in said controlling computer means'"'"' said first matrix at corners of said rectangle other than those defined by said transmitted first pair of said passwords,(d4) for granting access if said compared passwords are a match, and(d5) for denying access if said compared passwords are not a match.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The security access control system of claim 6 wherein said access logic means additionally includes:
    - (a) means for marking ones of said passwords within the associated said first matrix employed for any purpose as "used"; and
      
      ,(b) means for not choosing a said password marked as used for transmission to said remote station means.
  - 8. The security access control system of claim 6 and additionally comprising:
    - (a) a pair of matching second matrices of passwords located at said controlling computer means and said remote station means, respectively, each said matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a second virtual plane; and
      
      wherein said access logic means additionally includes,(b) secondary checking means disposed before said means for granting access if said compared passwords are a match,(b1) for transmitting a second pair of said passwords from its said second matrix to said remote station means, said second pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said second virtual plane which is located in a plane of a parallelepiped containing said compared and matched passwords at diagonal corners of one side thereof,(b2) for receiving a second pair of said passwords transmitted from said remote station means as obtained from said remote station means'"'"' said second matrix,(b3) for comparing said second pair of passwords transmitted from said remote station means to the said passwords located in said controlling computer means'"'"' said second matrix at corners of said rectangle other than those defined by said transmitted second pair of said passwords,(b4) for granting access if said compared second passwords are a match, and(b5) for denying access if said compared second passwords are not a match.
  - 9. The security access control system of claim 8 wherein said access logic means additionally includes:
    - (a) means for marking ones of said passwords within the associated said second matrix employed for any purpose as "used"; and
      
      ,(b) means for not choosing a said password marked as used for transmission to said remote station means.
  - 10. The security access control system of claim 6 and additionally comprising:
    - (a) a pair of matching second matrices of passwords located at said controlling computer means and said remote station means, respectively, each said second matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a second virtual plane;
      
      (b) said remote station means including query logic for transmitting a query pair of said passwords from its said first matrix to said controlling computer means to initiate an access attempt, said query pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said first virtual plane; and
      
      wherein said access logic means additionally includes,(c) preliminary checking logic disposed before said means for transmitting a first pair of said passwords to said remote station means,(c1) for receiving said query pair of said passwords transmitted from said remote station means,(c2) for using said query pair of passwords transmitted from said remote station means to find the said passwords located in said controlling computer means'"'"' said first matrix at two corners of said rectangle other than those defined by said transmitted query pair of said passwords,(c2) for transmitting said passwords from said two other corners to said remote station means, and wherein additionally,(d) said first pair of said passwords is chosen from said controlling computer means'"'"' said first matrix, said first pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said second virtual plane which is located in a plane of a parallelepiped containing said four query passwords at corners of one side thereof.

11. In a security access control system wherein a user at a remote station requires approval from a controlling computer to gain access, the method of operation to improve the system'"'"'s ability to defeat unauthorized access by eavesdroppers and the like comprising the steps of:
- (a) providing a pair of matching first matrices of passwords at the controlling computer and the remote station, respectively, each first matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a first virtual plane;
  
  (b) providing access logic means at the controlling computer and operably connected to read from and write to its associated first matrix of passwords;
  
  (c) transmitting a first pair of passwords from the controlling computer'"'"'s first matrix to the remote station when the remote station attempts to gain access wherein the first pair of the passwords is chosen from different columns and rows whereby they define diagonally opposite corners of a rectangle in the first virtual plane,(d) receiving a first pair of the passwords transmitted from the remote station as obtained from the remote station'"'"'s first matrix,(e) comparing the first pair of passwords transmitted from the remote station to the passwords located in the controlling computer'"'"'s first matrix at corners of the rectangle other than those defined by the transmitted first pair of passwords;
  
  (f) granting access if the compared passwords are a match; and
  
  ,(g) denying access if the compared passwords are not a match.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11 and additionally including the steps of:
    - (a) marking ones of the passwords within the associated first matrix employed for any purpose as "used"; and
      
      ,(b) not choosing a password marked as used for transmission to the remote station.
  - 13. The method of claim 11 and additionally comprising the steps of:
    - (a) providing a pair of matching second matrices of passwords at the controlling computer and the remote station, respectively, wherein each second matrix of passwords comprises a plurality of individually unique symbols arranged in rows and columns to define a second virtual plane; and
      
      wherein before the granting of access if the compared passwords are a match there are the steps of,(b) transmitting a second pair of passwords from the controlling computer'"'"'s second matrix to the remote station wherein the second pair of passwords is chosen from different columns and rows whereby they define diagonally opposite corners of a rectangle in second virtual plane which is located in a plane of a parallelepiped containing the compared and matched passwords at diagonal corners of one side thereof;
      
      (c) receiving a second pair of passwords transmitted from the remote station'"'"'s second matrix;
      
      (d) comparing the second pair of passwords transmitted from the remote station to the passwords located in the controlling computer'"'"'s second matrix at corners of the rectangle other than those defined by the transmitted second pair of passwords;
      
      (e) granting access if the compared second passwords are a match; and
      
      ,(f) denying access if the compared second passwords are not a match.
  - 14. The method of claim 13 and additionally including the steps of:
    - (a) marking ones of the passwords within the associated second matrix employed for any purpose as "used"; and
      
      ,(b) not choosing a password marked as used for transmission to the remote station.
  - 15. The method of claim 11 and additionally comprising the steps of:
    - (a) providing a pair of matching second matrices of passwords at the controlling computer and the remote station, respectively, each second matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a second virtual plane;
      
      (b) transmitting a query pair of the passwords from the remote station'"'"'s first matrix to the controlling computer to initiate an access attempt wherein the query pair of the passwords is chosen from different columns and rows whereby they define diagonally opposite corners of a rectangle in the first virtual plane; and
      
      wherein before transmitting a first pair of the passwords to the remote station there are the steps of,(c) receiving the query pair of passwords transmitted from the remote station;
      
      (d) using the query pair of passwords transmitted from the remote station to find the passwords located in the controlling computer'"'"'s first matrix at two corners of the rectangle other than those defined by the transmitted query pair of passwords;
      
      (e) transmitting the passwords from the two other corners to the remote station; and
      
      ,(f) choosing the first pair of the passwords from the controlling computer'"'"'s first matrix from different columns and rows whereby they define diagonally opposite corners of a rectangle in second virtual plane which is located in a plane of a parallelepiped containing the four query passwords at corners of one side thereof.

16. A security access control system comprising:
- (a) controlling computer means for controlling access to an object;
  
  (b) remote station means operably connected to said controlling computer means for inputting access information to said controlling computer means;
  
  (c) a pair of matching first matrices of passwords located at said controlling computer means and the remote station means, respectively, each said first matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a first virtual plane; and
  
  ,(d) access logic means located at said controlling computer means and operably connected to read from and write to its associated said first matrix of passwords for transmitting portions of rectangularly oriented data in its said first matrix of passwords to said remote station means, for comparing non-transmitted portions of said rectangularly oriented data in its said first matrix of passwords to data transmitted to said controlling computer means by said remote station means from its associated said first matrix means and for granting access when said data from said remote station means properly matches said non-transmitted portions, said access logic means including logic for performing the steps of,(d1) transmitting a first pair of said passwords from said controlling computer means'"'"'s said first matrix to said remote station means when said remote station means attempts to gain access, said first pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said first virtual plane,(d2) receiving a first pair of said passwords transmitted from said remote station means as obtained from said remote station means'"'"' said first matrix,(d3) comparing said first pair of passwords transmitted from said remote station means to the said passwords located in said controlling computer means'"'"' said first matrix at corners of said rectangle other than those defined by said transmitted first pair of said passwords,(d4) granting access if said compared passwords are a match, and(d5) denying access if said compared passwords are not a match.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The security access control system of claim 16 wherein said access logic means additionally includes logic for performing the steps of:
    - (a) marking ones of said passwords within the associated said first matrix employed for any purpose as "used"; and
      
      ,(b) not choosing a said password marked as used for transmission to said remote station means.
  - 18. The security access control system of claim 16 and additionally comprising:
    - (a) a pair of matching second matrices of passwords located at said controlling computer means and said remote station means, respectively, each said second matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a second virtual plane; and
      
      wherein said access logic means additionally includes logic for before granting access if said compared passwords are a match including the steps of,(b) transmitting a second pair of said passwords from the controlling computer mean'"'"'s said second matrix to said remote station means, said second pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said second virtual plane which is located in a plane of a parallelepiped containing said compared and matched passwords at diagonal corners of one side thereof;
      
      (c) receiving a second pair of said passwords transmitted from said remote station means as obtained from said remote station means'"'"' said second matrix;
      
      (d) comparing said second pair of passwords transmitted from said remote station means to the said passwords located in said controlling computer means'"'"' said second matrix at corners of said rectangle other than those defined by said transmitted second pair of said passwords;
      
      (e) granting access if said compared second passwords are a match; and
      
      ,(f) denying access if said compared second passwords are not a match.
  - 19. The security access control system of claim 16 wherein said access logic means additionally includes logic for performing the steps of:
    - (a) marking ones of said passwords within the associated said second matrix employed for any purpose as "used"; and
      
      ,(b) not choosing a said password marked as used for transmission to said remote station means.
  - 20. The security access control system of claim 16 and additionally comprising:
    - (a) a pair of matching second matrices of passwords located at said controlling computer means and said remote station means, respectively, each said second matrix of passwords comprising a plurality of individually unique symbols arranged in rows and columns to define a second virtual plane;
      
      (b) said remote station means including query logic for transmitting a query pair of said passwords from its said first matrix to said controlling computer means to initiate an access attempt, said query pair of said passwords being chosen from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said first virtual plane; and
      
      wherein said access logic means additionally includes logic for before transmitting a first pair of said passwords to said remote station means including the steps of,(c) receiving said query pair of said passwords transmitted from said remote station means;
      
      (d) using said query pair of passwords transmitted from said remote station means to find the said passwords located in said controlling computer means'"'"' said first matrix at two corners of said rectangle other than those defined by said transmitted query pair of said passwords;
      
      (e) transmitting said passwords from said two other corners to said remote station means; and
      
      ,(f) choosing said first pair of said passwords from said controlling computer means'"'"' said first matrix from different said columns and rows whereby they define diagonally opposite corners of a rectangle in said second virtual plane which is located in a plane of a parallelepiped containing said four query passwords at corners of one side thereof.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The United States of America As Represented By The Secretary of Agriculture
Original Assignee
United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration
Inventors
Collins, Earl R. Jr.
Primary Examiner(s)
Cangialosi, Salvatore

Application Number

US07/279,630
Time in Patent Office

526 Days
Field of Search

380/23-25, 380/49-50, 380/45
US Class Current

713/184
CPC Class Codes

G06F 21/46 by designing passwords or c...

Computer access security code system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Computer access security code system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links