Dual key reflexive encryption security system
First Claim
1. A security system for granting access to a host computer in response to a demand from a remote computer, each said computer having a central processing unit (CPU), an operating system, and a printer port, said security system comprising;
- a permanent encryption key mounted on said remote computer, said permanent encryption key having an associated identifier;
a selectable encryption key in said host computer providing corresponding coding/encoding to said permanent encryption key and selectable utilizing said associated identifier;
a transitory encryption key generated in said host computer and transmitted to and emplaced within the remote computer for use thereby;
comparator means in said host computer for authenticating access demands in response to encrypted identifying data transmitted from said remote computer and encrypted with said said transitory encryption key;
whereby access is granted by the host computer to the remote computer upon said unencrypted identifier provided by the remote computer enabling the selection of said selectable encryption key, the encryption therewith of a transitory encryption key and the transmission thereof to said remote computer, and the successful comparison at the host computer of encrypted identifying data encrypted with the transitory key at the remote computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system is disclosed, which system is for granting access to a host computer in response to a demand from a remote computer. The security system has a permanent encryption key mounted on the remote computer. The software portion of the system provides for the identification number associated with the permanent encryption key to be sent unencrypted to the host computer. Using the identification number the host computer selects an encryption device and encrypts a transitory encryption key generated by the host computer and transmits the transitory encryption key to the remote for emplacement on a write-only receptor in the permanent encryption key. Thereafter a comparator in the host computer, in response to encrypted identifying data transmitted from the remote computer and encrypted with said the transitory encryption key, authenticates the access demand. Access is granted by the host computer to the remote computer upon the favorable comparison of an encrypted identifier provided by the remote computer.
-
Citations
27 Claims
-
1. A security system for granting access to a host computer in response to a demand from a remote computer, each said computer having a central processing unit (CPU), an operating system, and a printer port, said security system comprising;
-
a permanent encryption key mounted on said remote computer, said permanent encryption key having an associated identifier; a selectable encryption key in said host computer providing corresponding coding/encoding to said permanent encryption key and selectable utilizing said associated identifier; a transitory encryption key generated in said host computer and transmitted to and emplaced within the remote computer for use thereby; comparator means in said host computer for authenticating access demands in response to encrypted identifying data transmitted from said remote computer and encrypted with said said transitory encryption key; whereby access is granted by the host computer to the remote computer upon said unencrypted identifier provided by the remote computer enabling the selection of said selectable encryption key, the encryption therewith of a transitory encryption key and the transmission thereof to said remote computer, and the successful comparison at the host computer of encrypted identifying data encrypted with the transitory key at the remote computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of providing security for a first computer in a system having a second computer making access demands upon said first computer, said second computer having installed thereon a permanent encryption key and an encryption program therefor, said first computer having a validating program for authenticating access demands including a selectable encryption key corresponding to said permanent encryption key, said method comprising the steps of:
-
(1) upon making an access demand, detecting by the second computer the presence of said validating program in said first computer; (2) entering identifying data into said permanent encryption key of said second computer; (3) authenticating said access demand by said first computer by a dual-key reflexive encryption transmission from said second computer and by an acceptable comparison of the decoded form thereof at said first computer; (4) upon authentication, connecting said second computer to said first computer; and
,(5) providing access by said second computer to said first computer. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of providing security for a host computer in a system having a remote computer making access demands upon said host computer, said remote computer having installed therein a dedicated encryption key, an encryption program therefor and a communications program, said host computer having a validating program for authenticating access demands including a selectable encryption key corresponding to said dedicated encryption key, said method comprising the steps of:
-
(1) upon making an access demand, detecting by the remote computer the presence of said validating program in said host computer; (2) entering identifying data into said dedicated encryption key of said remote computer; (3) interrupting said communications program of said remote computer while said remote computer undergoes authentication processing by said host computer, said authentication processing comprising the substeps of; (a) sending unencrypted a first portion of said identifying data from said remote computer to said computer; (b) by use of said selectable encryption key, sending encrypted a session key from said host computer to said remote computer; (c) by use of said dedicated encryption key, decoding at the remote computer said session key; (d) by use of said session key at the remote computer, sending encrypted a second portion of said identifying data from said remote computer to said host computer; (e) completing authentication at the host computer by decrypting said second portion of said identifying data and comparing the same to a record thereof; (4) upon authentication, connecting said remote computer to said host computer; and
,(5) resuming said communications program to provide access by said remote computer to said host computer.
-
-
21. A security system for granting access to a host computer in response to a demand from a remote computer, each said computer having a central processing unit (CPU), an operating system, a communications program and a printer port, said security system comprising;
-
a permanent encryption key mounted on said remote computer, said permanent encryption key having an associated identifier; a selectable encryption key in said host computer providing corresponding coding/encoding to said permanent encryption key and selectable utilizing said associated identifier; a transitory encryption key generated by said host computer and transmitted to the remote computer for use thereby; validating program means for performing authenticating procedures, said validating progrtam means in said host computer for authenticating access demands, said validating program means including said transitory encryption key; an encryption program in said remote computer capable of detecting, upon the occurrence of an access demand, the presence of said validating program in said host computer, and, upon the remote computer detecting said validating program, the encryption program interrupts said communications program during said authenticating procedures; comparator means in said host computer for authenticating access demands in response to encrypted identifying data transmitted from said remote computer and encrypted with said said transitory encryption key; said encryption program, upon completion of said authentication procedures, resumes said communications program; whereby access is granted by the host computer to the remote computer upon said unencrypted identifier provided by the remote computer enabling the selection of said selectable encryption key, the encryption therewith of a transitory encryption key and the transmission thereof to said remote computer, and the successful comparison at the host computer of encrypted identifying data encrypted with the transitory key at the remote computer. - View Dependent Claims (22, 23, 24, 25, 26, 27)
-
Specification