Security for controlled access systems

US 5,736,932 A
Filed: 07/03/1996
Issued: 04/07/1998
Est. Priority Date: 07/03/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method for ensuring that a user requesting access to a secured system should be granted such access, said user having substantially unique user identifying information and a wireless communication device with a substantially unique activation number if the user is entitled to access to the secured system, said method comprising the steps of:

entering said user identifying information into said secured system, said entering step being performed by said user;

identifying the activation number of the wireless communication device which the user identified by said user identifying information should have, said identifying step being performed by said secured system;

transmitting revalidation information to the wireless communication device which the user identified by said user identifying information should have, said transmitting step being at least initiated by said secured system;

returning said revalidation information to said secured system, said returning step being performed by said user if said user has the wireless communication device which said user should have; and

detecting whether the revalidation information returned in said returning step matches the revalidation information transmitted in said transmitting step, and if so, allowing said user access to said secured system, said detecting step being performed by said secured system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In order to gain access to a secured system, a user must be able to enter valid user identification information and must also have a remote wireless communication device such as a pager or cellular telephone having a number that is substantially unique to that user. When the user requests access to the secured system, the system places a call to the user'"'"'s remote wireless communication device and sends that device revalidation information such as a random number generated by the secured system. The user must return the revalidation information to the secured system to gain access. In an alternative embodiment, another person (a user-approver) has the remote wireless communication device and must return the revalidation information to the secured system if the user-approver approves the user'"'"'s request for access.

57 Citations

View as Search Results

24 Claims

1. A method for ensuring that a user requesting access to a secured system should be granted such access, said user having substantially unique user identifying information and a wireless communication device with a substantially unique activation number if the user is entitled to access to the secured system, said method comprising the steps of:
- entering said user identifying information into said secured system, said entering step being performed by said user;
  
  identifying the activation number of the wireless communication device which the user identified by said user identifying information should have, said identifying step being performed by said secured system;
  
  transmitting revalidation information to the wireless communication device which the user identified by said user identifying information should have, said transmitting step being at least initiated by said secured system;
  
  returning said revalidation information to said secured system, said returning step being performed by said user if said user has the wireless communication device which said user should have; and
  
  detecting whether the revalidation information returned in said returning step matches the revalidation information transmitted in said transmitting step, and if so, allowing said user access to said secured system, said detecting step being performed by said secured system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method defined in claim 1 wherein said wireless communication device is a pager having a pager number as said activation number, and wherein said identifying step comprises the step of:
    - identifying the pager number of the pager that the user identified by said user identifying information should have.
  - 3. The method defined in claim 2 wherein said transmitting step comprises the steps of:
    - placing a call to the pager having said pager number; and
      
      transmitting said revalidation information to said pager.
  - 4. The method defined in claim 1 wherein said wireless communication device is a cellular telephone having a telephone number as said activation number, and wherein said identifying step comprises the step of:
    - identifying the telephone number of the cellular telephone that the user identified by said user identifying information should have.
  - 5. The method defined in claim 4 wherein said transmitting step comprises the steps of:
    - placing a call to the cellular telephone having said telephone number; and
      
      transmitting said revalidation information to said cellular telephone.
  - 6. The method defined in claim 1 wherein said transmitting step comprises the step of:
    - generating substantially different revalidation information substantially each time said transmitting step is performed.
  - 7. The method defined in claim 6 wherein said revalidation information is a substantially random number.
  - 8. The method defined in claim 6 wherein said revalidation information has the general form of a conventional telephone number.
  - 9. The method defined in claim 1 wherein said entering step is performed via a first communication channel between said user and said secured system which is different from a second communication channel used for transmitting said revalidation information to said wireless communication device;
    - and wherein said returning step is performed using one of said first and second communication channels.
  - 10. The method defined in claim 9 wherein said returning step is performed using said first communication channel.
  - 11. The method defined in claim 9 wherein said returning step is performed using said second communication channel.
  - 12. The method defined in claim 1 further comprising the step of:
    - disconnecting said user from said secured system if said revalidation information returned does not match said revalidation information transmitted.

13. A method for ensuring that a user requesting access to a secured system should be granted such access, said user having substantially unique user identifying information and being associated with a wireless communication device which has a substantially unique activation number if the user is entitled to access to the secured system, said wireless communication device being controlled by a user-approver who must approve said user'"'"'s request for access to said secured system, said method comprising the steps of:
- entering said user identifying information into said secured system, said entering step being performed by said user;
  
  identifying the activation number of the wireless communication device associated with the user identified by said user identifying information, said identifying step being performed by said secured system;
  
  transmitting revalidation information to the wireless communication device associated with the user identified by said user identifying information, said transmitting step being at least initiated by said secured system;
  
  returning said revalidation information to said secured system, said returning step being performed by said user-approver if said user-approver approves said user'"'"'s request for access to said secured system; and
  
  detecting whether the revalidation information returned in said returning step matches the revalidation information transmitted in said transmitting step, and if so, allowing said user access to said secured system, said detecting step being performed by said secured system.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 14. The method defined in claim 13 wherein said wireless communication device is a pager having a pager number as said activation number, and wherein said identifying step comprises the step of:
    - identifying the pager number of the pager associated with the user identified by said user identifying information.
  - 15. The method defined in claim 14 wherein said transmitting step comprises the steps of:
    - placing a call to the pager having said pager number; and
      
      transmitting said revalidation information to said pager.
  - 16. The method defined in claim 13 wherein said wireless communication device is a cellular telephone having a telephone number as said activation number, and wherein said identifying step comprises the step of:
    - identifying the telephone number of the cellular telephone associated with the user identified by said user identifying information.
  - 17. The method defined in claim 16 wherein said transmitting step comprises the steps of:
    - placing a call to the cellular telephone having said telephone number; and
      
      transmitting said revalidation information to said cellular telephone.
  - 18. The method defined in claim 13 wherein said transmitting step comprises the step of:
    - generating substantially different revalidation information substantially each time said transmitting step is performed.
  - 19. The method defined in claim 18 wherein said revalidation information is a substantially random number.
  - 20. The method defined in claim 18 wherein said revalidation information has the general form of a conventional telephone number.
  - 21. The method defined in claim 13 wherein said entering step is performed via a first communication channel between said user and said secured system, and wherein said transmitting and returning steps are performed via a second communication channel between said secured system and said user-approver.
  - 22. The method defined in claim 13 further comprising the step of:
    - disconnecting said user from said secured system if said revalidation information returned does not match said revalidation information transmitted.
  - 23. The method defined in claim 13 wherein said transmitting step includes the step of:
    - transmitting to the wireless communication device associated with the user identified by said user identifying information additional information descriptive of the user'"'"'s request for access to the secured system.
  - 24. The method defined in claim 23 wherein said entering step is performed via the commercial telephone network by the user calling said secured system from a calling telephone number, and wherein said additional information includes said calling telephone number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Corporation (AT&T, Inc.)
Original Assignee
AT&T Corporation (AT&T, Inc.)
Inventors
Witschorik, Charles Arthur, Bulfer, Andrew Frederick
Primary Examiner(s)
ZIMMERMAN, BRIAN A

Application Number

US08/675,029
Time in Patent Office

643 Days
Field of Search

379/38, 379/201, 379/211, 340/825.31, 340/825.34, 340/825.44, 340/825.72
US Class Current

340/5.74
CPC Class Codes

H04L 63/0853   using an additional device,...

H04L 63/104   Grouping of entities

H04L 63/18   using different networks or...

H04W 12/08   Access security

H04W 12/72   Subscriber identity

H04W 74/00   Wireless channel access

H04W 8/26   Network addressing or numbe...

Security for controlled access systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

57 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Security for controlled access systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links