System and method for trusted path communications
First Claim
1. In a computing system having a security server and a controller which can communicate with the security server, a method of identifying and authenticating a first user from a plurality of users seeking access to the security server, wherein the method comprises the steps of:
- providing a cryptographic key;
assigning a user unique identifier to each user, wherein the step of assigning comprises assigning a first user unique identifier to the first user;
assigning a personal keying device to each user, wherein each personal keying device comprises input means for entering user input and storage means for storing an encrypted last countersign and an encrypted version of the user unique identifier of the user to whom the personal keying device is assigned;
storing, in the security server, and expected personal identification number associated with the first user unique identifier;
attaching the personal keying device assigned to the first user to the controller;
entering, at the input means of the personal keying device, a user-entered personal identification number;
combining the user-entered personal identification number, the first user unique identifier and the last countersign into a message;
encrypting the message with the cryptographic key and transmitting the encrypted message to the security server;
decrypting the message and comparing the user-entered personal identification number to the expected personal identification number;
if the user-entered personal identification number matches the expected personal identification number, comparing the decrypted last countersign to a stored value to determine the first user'"'"'s access rights.
5 Assignments
0 Petitions
Accused Products
Abstract
A system and method for identifying and authenticating users and for controlling the access of those users to privileged instructions within a data enclave. The data enclave includes a plurality of controllers, such as workstations, connected over a network to a security server; each data enclave is assigned a cryptographic key. A personal keying device having an encrypted user unique identifier is assigned to each user; provisions are made for temporarily connecting the personal keying device to one of the controllers and for transmitting an encrypted message, including the user unique identifier and the last countersign, to the security server to authenticate the user and establish his/her access rights. A mechanism for updating the countersign is provided so that trusted path communications can be established between the user and the security server.
214 Citations
6 Claims
-
1. In a computing system having a security server and a controller which can communicate with the security server, a method of identifying and authenticating a first user from a plurality of users seeking access to the security server, wherein the method comprises the steps of:
-
providing a cryptographic key; assigning a user unique identifier to each user, wherein the step of assigning comprises assigning a first user unique identifier to the first user; assigning a personal keying device to each user, wherein each personal keying device comprises input means for entering user input and storage means for storing an encrypted last countersign and an encrypted version of the user unique identifier of the user to whom the personal keying device is assigned; storing, in the security server, and expected personal identification number associated with the first user unique identifier; attaching the personal keying device assigned to the first user to the controller; entering, at the input means of the personal keying device, a user-entered personal identification number; combining the user-entered personal identification number, the first user unique identifier and the last countersign into a message; encrypting the message with the cryptographic key and transmitting the encrypted message to the security server; decrypting the message and comparing the user-entered personal identification number to the expected personal identification number; if the user-entered personal identification number matches the expected personal identification number, comparing the decrypted last countersign to a stored value to determine the first user'"'"'s access rights. - View Dependent Claims (2)
-
-
3. In a computing system having comprising a security server and a controller which can communicate with the security server, and a plurality of users seeking access to the security server, a method of controlling access, by a plurality of users including a first user, to privileged operations, wherein the method comprises the steps of:
-
providing a cryptographic key; assigning a user unique identifier to each user, wherein the step of assigning comprises assigning a first user unique identifier to the first user; assigning a personal keying device to each user, wherein each personal keying device comprises input means for entering user input and storage means for storing an encrypted last countersign and an encrypted version of the user unique identifier of the user to whom the personal keying device is assigned; attaching the personal keying device assigned to the first user to the controller; identifying and authenticating the first user to the security server; invoking an attention signal; combining the attention signal and the first user unique identifier into a message; encrypting the message with the cryptographic key and transmitting the encrypted message to the security server; decrypting the message and determining, from the first user unique identifier, privileges granted to the first user; determining a new countersign; encrypting the new countersign with the cryptographic key and transmitting the new countersign to the controller; and decrypting the new countersign and displaying the decrypted new countersign to the first user. - View Dependent Claims (4, 5)
-
-
6. A trusted path system for securing computing transactions by a user, the system comprising:
-
a secure computer, wherein the secure computer comprises; a logic and control unit; a cryptographic unit connected to the logic and control unit; a communication unit connected to the logic and control unit; storage means for storing a plurality of cryptographic keys, a user unique identifier and a last authentication token; and an authentication token generator for generating a new authentication token; an untrusted communications system connected to the communication unit of the secure computer; a workstation which communicates through the untrusted communications system to the secure computer, wherein the workstation comprises; a logic and control unit; a communication unit connected to the logic and control unit; and storage means for storing a workstation identifier; and a personal unit which communicates to the workstation, wherein the personal unit comprises; a logic and control unit; a cryptographic unit, connected to the logic and control unit, which encrypts and decrypts messages passed between the personal unit and the security server; a keyboard connected to the logic and control unit; a display connected to the logic and control unit; a communication unit, connected to the logic and control unit, for communicating with the communication unit of the workstation; and storage means for storing the user unique identifier, the last authentication token and one or more cryptographic keys from the plurality of cryptographic keys.
-
Specification