Transaction system security method and apparatus

US 5,048,085 A
Filed: 10/06/1989
Issued: 09/10/1991
Est. Priority Date: 10/06/1989
Status: Expired due to Term

First Claim

Patent Images

1. A security device comprising:

a data processor;

memory connected to said processor;

data input and output means connected to said processor;

secure session establishing means programmed into said security device for controlling said processor to establish a secure session with another device;

an authorization profile stored in said memory, said profile defining the authority of a user of said security device to cause said processor to execute programmed commands;

transfer means for transferring at least part of said authorization profile from said security device to said another device for controlling said another device in accordance with said authority of said user defined in said authorization profile.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An improved security system is disclosed which uses an IC card to enchance the security functions involving component authentication, user verification, user authorization and access control, protection of message secrecy and integrity, management of cryptographic keys, and auditablity. Both the security method and the apparatus for embodying these functions across a total system or network using a common cryptographic architecture are disclosed. Authorization to perform there functions in the various security component device nodes in the network can be distributed to the various nodes at which they will be executed in order to personalize the use of the components.

Citations

68 Claims

1. A security device comprising:
- a data processor;
  
  memory connected to said processor;
  
  data input and output means connected to said processor;
  
  secure session establishing means programmed into said security device for controlling said processor to establish a secure session with another device;
  
  an authorization profile stored in said memory, said profile defining the authority of a user of said security device to cause said processor to execute programmed commands;
  
  transfer means for transferring at least part of said authorization profile from said security device to said another device for controlling said another device in accordance with said authority of said user defined in said authorization profile.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 2. The security device of claim 1, wherein said security device is an IC card and said another device is an IC card reader.
  - 3. The security device of claim 1, wherein said security device is a host computer and said another device is a computer work station.
  - 4. The security device of claim 1, wherein said authorization profile defines the authority of said user to execute a command at a particular time.
  - 5. The security device of claim 1, wherein said authorization profile defines the authority of said user to execute a command on a particular day.
  - 6. The security device of claim 1, wherein said authorization profile defines the authority of said user to execute a command between particular times of day.
  - 7. The security device of claim 1, wherein said authorization profile contains a plurality of command flags, each command flag defining the authority of said user to execute a command.
  - 8. The security device of claim 1, wherein said authorization profile contains a plurality of access flags, each access flag defining the authority of said user to access a data file.
  - 9. The security device of claim 1, wherein said authorization profile contains a plurality of program flags, each program flag defining the authority of said user to execute a program.
  - 10. The security device of claim 1, wherein said authorization profile contains a user authorization level.
  - 11. The security device of claim 1, wherein said authorization profile contains a user ID, a personal identification number, and an identity verification method identifier.
  - 12. The security device of claim 2, wherein said authorization profile defines the authority of said user to execute a command at a particular time.
  - 13. The security device of claim 2, wherein said authorization profile defines the authority of said user to execute a command on a particular day.
  - 14. The security device of claim 2, wherein said authorization profile defines the authority of said user to execute a command between particular times of day.
  - 15. The security device of claim 2, wherein said authorization profile contains a plurality of command flags, each command flag defining the authority of said user to execute a command.
  - 16. The security device of claim 2, wherein said authorization profile contains a plurality of access flags, each access flag defining the authority of said user to access a data file.
  - 17. The security device of claim 2, wherein said authorization profile contains a plurality of program flags, each program flag defining the authority of said user to execute a program.
  - 18. The security device of claim 2, wherein said authorization profile contains a user authorization level.
  - 19. The security device of claim 2, wherein said authorization profile contains a user ID, a personal identification number, and an identity verification method identifier.
  - 20. The security device of claim 3, wherein said authorization profile defines the authority of said user to execute a command at a particular time.
  - 21. The security device of claim 3, wherein said authorization profile defines the authority of said user to execute a command on a particular day.
  - 22. The security device of claim 3, wherein said authorization profile defines the authority of said user to execute a command between particular times of day.
  - 23. The security device of claim 3, wherein said authorization profile contains a plurality of command flags, each command flag defining the authority of said user to execute a command.
  - 24. The security device of claim 3, wherein said authorization profile contains a plurality of access flags, each access flag defining the authority of said user to access a data file.
  - 25. The security device of claim 3, wherein said authorization profile contains a plurality of program flags, each program flag defining the authority of said user to execute a program.
  - 26. The security device of claim 3, wherein said authorization profile contains a user authorization level.
  - 27. The security device of claim 3, wherein said authorization profile contains a user ID, a personal identification number, and an identity verification method identifier.

28. A security device comprising:
- a data processor;
  
  memory connected to said processor;
  
  data input and output means connected to said processor;
  
  secure session establishing means programmed into said security device for controlling said processor to establish a secure session with another device;
  
  means for receiving at least part of an authorization profile stored in a memory of said another device, said profile defining the authority of a user to cause said processor to execute programmed commands.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
- - 29. The security device of claim 28, wherein said security device is an IC card reader and said another device is an IC card.
  - 30. The security device of claim 28, wherein said security device is a computer work station and said another device is a host computer.
  - 31. The security device of claim 28, wherein said authorization profile defines the authority of said user to execute a command at a particular time.
  - 32. The security device of claim 28, wherein said authorization profile defines the authority of said user to execute a command on a particular day.
  - 33. The security device of claim 28, wherein said authorization profile defines the authority of said user to execute a command between particular times of day.
  - 34. The security device of claim 28, wherein said authorization profile contains a plurality of command flags, each command flag defining the authority of said user to execute a command.
  - 35. The security device of claim 28, wherein said authorization profile contains a plurality of access flags, each access flag defining the authority of said user to access a data file.
  - 36. The security device of claim 28, wherein said authorization profile contains a plurality of program flags, each program flag defining the authority of said user to execute a program.
  - 37. The security device of claim 28, wherein said authorization profile contains an authority level.
  - 38. The security device of claim 28, wherein said authorization profile contains a user ID, a personal identification number, and an identity verification method identifier.
  - 39. The security device of claim 29, wherein said authorization profile defines the authority of said user to execute a command at a particular time.
  - 40. The security device of claim 29, wherein said authorization profile defines the authority of said user to execute a command on a particular day.
  - 41. The security device of claim 29, wherein said authorization profile defines the authority of said user to execute a command between particular times of day.
  - 42. The security device of claim 29, wherein said authorization profile contains a plurality of command flags, each command flag defining the authority of said user to execute a command.
  - 43. The security device of claim 29, wherein said authorization profile contains a plurality of access flags, each access flag defining the authority of said user to access a data file.
  - 44. The security device of claim 29, wherein said authorization profile contains a plurality of program flags, each program flag defining the authority of said user to execute a program.
  - 45. The security device of claim 29, wherein said authorization profile contains an authority level,
  - 46. The security device of claim 29, wherein said authorization profile contains a user ID, a personal identification number, and an identity verification method identifier.
  - 47. The security device of claim 30, wherein said authorization profile defines the authority of said user to execute a command at a particular time.
  - 48. The security device of claim 30, wherein said authorization profile defines the authority of said user to execute a command on a particular day.
  - 49. The security device of claim 30, wherein said authorization profile defines the authority of said user to execute a command between particular times of day.
  - 50. The security device of claim 30, wherein said authorization profile contains a plurality of command flags, each command flag defining the authority of said user to execute a command.
  - 51. The security device of claim 30, wherein said authorization profile contains a plurality of access flags, each access flag defining the authority of said user to access a data file.
  - 52. The security device of claim 30, wherein said authorization profile contains a plurality of program flags, each program flag defining the authority of said user to execute a program.
  - 53. The security device of claim 30, wherein said authorization profile contains an authority level.
  - 54. The security device of claim 30, wherein said authorization profile contains a user ID, a personal identification number, and an identity verification method identifier.

55. An identification card comprising:
- a data processor;
  
  protected programmable memory connected to said processor;
  
  data input and output means connected to said processor;
  
  an authorization profile stored in said memory, said profile defining the authority of a user of said card to cause said processor to execute programmed commands;
  
  means for receiving an authorization profile created by an authorized person and storing said received authorization profile into said memory to be used in place of said stored authorization profile.
- View Dependent Claims (56, 57, 58, 59, 60)
- - 56. The security device of claim 55 wherein said device is an IC card.
  - 57. The IC card of claim 56 further comprising:
    - data blocks in said memory, each data block having a header, said header containing memory access prerequisites; and
      
      means for comparing said access prerequisites with the authorization profile of said user.
  - 58. The IC card of claim 57 wherein one of said access prerequisites is an authority level and further comprising:
    - means for comparing said authority level with an authorization level stored in said users authorization profile.
  - 59. The IC card of claim 57 wherein one of said access prerequisites comprise a read flag and a write flag for each user and further comprising:
    - means for allowing read access to said memory only if said read flag is set and allowing write access to said memory only if said write flag is set.
  - 60. The IC card of claim 57 wherein one of said access prerequisites is a secure session required flag and further comprising:
    - means for allowing access to said memory only is said IC card is in a secure session with another device which is requesting access to said memory.

61. A security device comprising:
- a data processor;
  
  protected programmable memory connected to said processor;
  
  data input and output means connected to said processor;
  
  a plurality of commands for controlling said processor stored in said memory, each command having a plurality of programmable execution prerequisites stored in said memory.
- View Dependent Claims (62, 63, 64, 65, 66)
- - 62. The security device of claim 61 wherein one of said execution prerequisites is an established secure session between the devices affected by the command, whereby the command to which it relates will not be executed unless a secure session has previously been established.
  - 63. The security device of claim 61 wherein one of said execution prerequisites is an initial user verification whereby the command to which it relates will not be executed unless the identity of the user requesting the execution of the command has previously been verified during a current session.
  - 64. The security device of claim 61 wherein one of said execution prerequisites is a pre-execution user verification whereby the command to which it relates will not be executed unless the identity of the user requesting the execution of the command has been verified specifically for each execution of said command to which it relates.
  - 65. The security device of claim 61 wherein one of said execution prerequisites is time, whereby a command to which it relates will not be executed unless the time and date are within the limits authorized during which a user requesting execution of said command is authorized to execute said command.
  - 66. The security device of claim 61 wherein one of said execution prerequisites is an authorization level, whereby a command to which it relates will not be executed unless a user requesting execution of said command has an authorization level at or above a specified level.

67. The method of communicating a secure boolean response comprising the steps of:
- a) generating a random number in a security device;
  
  b) encrypting said random number under a key;
  
  c) sending said encrypted random number to another security device;
  
  d) decrypting said encrypted random number in said another security device;
  
  e) modifying said random number by a first function if said response is true;
  
  f) modifying said random number by a second function if said response is false;
  
  g) encrypting said modified random number;
  
  h) sending said encrypted modified random number to said first security device;
  
  i) decrypting said encrypted modified random number at said first security device; and
  
  j) comparing said modified random number with said random number to determine the response.

68. The method of changing a value used in the generation of a random number comprising the steps of:
- a) generate a first random number;
  
  b) using a portion of said random number to select a bit of said value;
  
  c) inverting said bit;
  
  d) repeat steps a, b, and c to generate a second random number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Aden, Steven G., Neckyfarow, Steven W., Arnold, Todd W., Abraham, Dennis G., Rohland, William S.
Primary Examiner(s)
Tarcza, Thomas H.
Assistant Examiner(s)
CAIN, DAVID C

Application Number

US07/418,068
Time in Patent Office

704 Days
Field of Search

380/25, 380/23
US Class Current

713/159
CPC Class Codes

G06F 12/121   using replacement algorithms

G06F 21/34   involving the use of extern...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/367   involving electronic purses...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 63/04   for providing a confidentia...

H04L 63/102   Entity profiles

H04L 63/105   Multiple levels of security

H04L 9/3226   using a predetermined code,...

H04L 9/3247   involving digital signatures

Transaction system security method and apparatus

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

68 Claims

Specification

Solutions

Use Cases

Quick Links

Transaction system security method and apparatus

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

68 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links