Tamper-resistant method for authorizing access to data between a host and a predetermined number of attached workstations

US 4,941,175 A
Filed: 02/24/1989
Issued: 07/10/1990
Est. Priority Date: 02/24/1989
Status: Expired due to Term

First Claim

Patent Images

1. A method for authorizing access to application software resident in a CPU host from among N <

M workstations or users communicatively attaching said CPU host, said CPU manifesting indicia of identity, comprising the steps of;

(a) forming a list of authorized users and encrypting thereon a depth parameter N, said encryption using a function of the CPU identity and an offset as a key;

(b) responsive to each application software access request from among the workstations or users, accessing the list and decrypting the depth parameter N with the key; and

(c) scanning the list within the depth N and returning an access authorization to the requester only upon an identity

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A tamper-resistant method is disclosed for controlling the number of users given authorized access to licensed software in a host-based, multiple terminal system by use of an encrypted authorization list depth parameter. The method embedded in the host-licensed software can decrypt the depth parameter only using a key derived from its own CPU ID and an offset.

97 Citations

View as Search Results

7 Claims

1. A method for authorizing access to application software resident in a CPU host from among N <
- M workstations or users communicatively attaching said CPU host, said CPU manifesting indicia of identity, comprising the steps of;
  
  (a) forming a list of authorized users and encrypting thereon a depth parameter N, said encryption using a function of the CPU identity and an offset as a key;
  
  (b) responsive to each application software access request from among the workstations or users, accessing the list and decrypting the depth parameter N with the key; and
  
  (c) scanning the list within the depth N and returning an access authorization to the requester only upon an identity
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method according to claim 1, wherein the access authorization is of the form of invocation of the application software, and the refusal of the access request is of the form of a message sent to the requesting workstation or user.
  - 3. The method according to claim 1, wherein the arrangement of the CPU host communicatively attaching the workstations or users is selected from the set consisting of a local area network and a multiprogramming, multiprocessing system exemplified by VM.
  - 4. The method according to claim 1, wherein the method steps further include modifying the search depth N only by reencrypting same.
  - 5. The method according to claim 1, wherein the list and the access control software embodying the method are embedded within an object-coded version of the application.

6. A tamper resistant method for authorizing access to data between a host and a predetermined number N <
- M attached work stations or users, said host including a communications server for managing physical data transmission between the host and M work stations or users; and
  
  means for storing access control software and related information;
  
  said host manifesting indicia of identity, comprising the steps at the host of;
  
  (a) responsive to a service request from a work station or user, invoking access control software from said storage means and a pre-computed list, said list includes M station or user identities and an encrypted representation of N indicative of the number of work stations or users authorized access or attachment to said host, said encrypted representation N being formed using an encryption key as a function of the host identity and an offset;
  
  (b) ascertaining the depth N to which the list may be searched by decrypting the representation using the key; and
  
  (c) comparing identity of the work station or user originating the service request with the identities of the M stations or users on the list but only to a depth N, and, returning an authorization only upon a match condition.
- View Dependent Claims (7)
- - 7. The method according to claim 6, wherein the method steps further include modifying the search depth N only by reencrypting same.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Lum, James, Enescu, Michael A.
Primary Examiner(s)
Tarcza, Thomas H.
Assistant Examiner(s)
Swann, Tod R.

Application Number

US07/315,071
Time in Patent Office

501 Days
Field of Search

380/3, 380/4, 380/22, 380/23, 380/49, 364/969, 364/969.1, 364/969.4, 364/286.5, 364/286.6, 364/252.2, 364/253.1, 364/253.2, 364/246.7, 340/825.31, 340/825.34
US Class Current

705/59
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/6218   to a system of files or obj...

G06F 2221/2141   Access rights, e.g. capabil...

Tamper-resistant method for authorizing access to data between a host and a predetermined number of attached workstations

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

97 Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Tamper-resistant method for authorizing access to data between a host and a predetermined number of attached workstations

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links