Method and apparatus for validating authorization to access information in an information processing system

US 5,313,637 A
Filed: 12/10/1991
Issued: 05/17/1994
Est. Priority Date: 11/29/1988
Status: Expired due to Fees

First Claim

Patent Images

1. Apparatus comprising processing means for processing validation data;

said processing means including means for receiving validation data from an interconnected validation device which autogenically generates and transmits validation data and commands, means for convoluting said validation data in accordance with a pre-defined algorithm to produce convoluted data, and means for returning said convoluted data to said validation device; and

means responsive to the validation device for selectively enabling and disabling the processing of said processing means.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Access authorization is validated for an information processing system wherein a "slave device" such as a terminal desires access to information contained in or controlled by a "master device" such as a computer. Apparatus associated with the slave device receives validation data from the master device, modifies it according to a pre-determined algorithm implemented through logical circuitry in the apparatus, and returns the resulting "convoluted" data to the master device. The same validation data is convoluted in the master device through mathematical implementation of the algorithm. If the two sets of convoluted data match, it is presumed that the slave device is authorized to access information through the master device.

Citations

17 Claims

1. Apparatus comprising processing means for processing validation data;
- said processing means including means for receiving validation data from an interconnected validation device which autogenically generates and transmits validation data and commands, means for convoluting said validation data in accordance with a pre-defined algorithm to produce convoluted data, and means for returning said convoluted data to said validation device; and
  
  means responsive to the validation device for selectively enabling and disabling the processing of said processing means.
- View Dependent Claims (2, 3)
- - 2. Apparatus in accordance with in claim 1, wherein said processing means includes means for selective return of said convoluted data upon command from said validation device.
  - 3. Apparatus as in claim 1, wherein said processing means includes means for convoluting the validation data according to a second algorithm, and means for selecting one of said algorithms in response to a command from said validation device.

4. An access authority validation system comprising a slave device operative to access a master device through an interconnecting interface link, said system also including validation means associated with said master device for validating authority of said slave device to access said master device, said system also including apparatus associated with said slave device interconnected through said interface link to said validation means, said apparatus being responsive to an access validation command from said validation means to convolute in a predetermined manner a set of data transmitted to it by said validation means so as to produce a set of convoluted data and to return the set of convoluted data to said validation means;
- said validation means including means for autogenically generating and transmitting said validation command and said set of data to said apparatus, means for receiving said set of convoluted data returned by said apparatus, means for convoluting the transmitted set of data to produce a convoluted data set, and means for comparing the convoluted data set to the said set of convoluted data returned by said apparatus.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 5. A system as set forth in claim 4, wherein said validation means also includes means operative autogenically for switching between a normal access mode and an access validation mode.
  - 6. A system as set forth in claim 4, wherein said predetermined manner of convolution includes a plurality of algorithms for said convolution and wherein each said access validation command specifies which of said plurality of algorithms defines the convolution of each said transmitted set of associated data.
  - 7. A system as set forth in claim 4, wherein each said access validation command specifies the number of data units to be convoluted in each said transmitted set of associated data.
  - 8. A system as set forth in claim 4, wherein said apparatus includes electronic circuitry for said convolution of said data transmitted to it.
  - 9. A system as set forth in claim 4, wherein said validation means includes means for signaling the occurrence of a mismatch as determined by said comparison of said two sets of convoluted data.
  - 10. A system as set forth in claim 4, wherein said validation means is incorporated into said master device.
  - 11. A system as set forth in claim 4, wherein said apparatus is incorporated into said slave device.
  - 12. A system as set forth in claim 4, wherein a single, common interface link functions both as said interface link interconnecting said master device and said slave device and as said interface link interconnecting said validation means and said apparatus.
  - 13. A system as set forth in claim 4, wherein a plurality of said slave devices are operative to access said master device.
  - 14. A system as set forth in claim 4, wherein said slave device is operative to access at least one device external to said master device and wherein access to said external device is controlled by said master device.

15. An information process network comprising a master device which controls information, at least one slave device which desires access to said information, an interface link interconnecting said master device and said slave device, and a system to validate authority of said slave device to access said information controlled by said master device, said validation system including apparatus associated with said slave device interconnected to validation means associated with said master device, said apparatus being responsive to a validation command from said validation means to convolute in a predetermined manner validation data transmitted to it by said validation means and to return the convoluted data to said validation means, said validation means including means for generating said validation command said validation data autogenically, means for transmitting said validation command said validation data to said apparatus, means for receiving said convoluted data returned by said apparatus, means for convoluting said transmitted data in accordance with said validation command, and means for comparing the thus convoluted data with the said convoluted data returned by said apparatus, a mismatch determined by said comparison signifying that said slave device is not authorized to access said information controlled by said master device.
- View Dependent Claims (16, 17)
- - 16. A network in accordance with claim 15, including means to autogenically switch between at least two modes of operation, a first such mode being a normal access mode in which information passes unchanged between said master device and said slave device, and a second such mode being an access authority validation mode, said validation mode including said generation, said transmission, said convolutions, said return, and said comparison.
  - 17. A network in accordance with claim 16, further including means for operating in a combination mode wherein said validation data is embedded in a normal data stream, and wherein said slave device and said master device operate in said normal access mode using said normal data stream, and said apparatus and said validation means concurrently operate in said access validation mode using said embedded validation data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
David K. Rose
Original Assignee
David K. Rose
Inventors
Rose, David K.
Primary Examiner(s)
Kulik, Paul V.

Application Number

US07/807,957
Time in Patent Office

889 Days
Field of Search

380/4, 380/28, 340/825.3, 340/825.31, 340/825.34, 902/1, 902/2, 395/725
US Class Current

726/7
CPC Class Codes

G06F 21/31 User authentication

Method and apparatus for validating authorization to access information in an information processing system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for validating authorization to access information in an information processing system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links