Method for securing access to a remote system

US 6,259,909 B1
Filed: 07/08/1998
Issued: 07/10/2001
Est. Priority Date: 05/28/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for secure user access to a separate system having data stored in a memory device, comprising the following steps:

establishing a first connection between a first communications device and an access device and transmission of a first code word from the first communications device to the access device;

comparing the first code word with first authentication data stored in the access device;

establishing a second connection between a second communications device and the access device, and transmitting a second code word form the second communications device to the access device;

comparing the second code word with second authentication data stored in access device;

transmitting a third code word from access device to the first communications device;

transmitting the third code word from the first communications device to the second communications device;

transmitting the third code word from the second communications device to the access device; and

granting access to the system via at least one of the communications devices, given a valid third code word and the presence of a predetermined relationship between the first and second code words and the second authentication data stored in access device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method for secure user access to a remote system using a communications device. Access to the system is released only after the input of valid code words via independent communications devices. One of the communications devices may be a data processing unit and the second communications device may be a mobile telephone.

80 Citations

View as Search Results

27 Claims

1. A method for secure user access to a separate system having data stored in a memory device, comprising the following steps:
- establishing a first connection between a first communications device and an access device and transmission of a first code word from the first communications device to the access device;
  
  comparing the first code word with first authentication data stored in the access device;
  
  establishing a second connection between a second communications device and the access device, and transmitting a second code word form the second communications device to the access device;
  
  comparing the second code word with second authentication data stored in access device;
  
  transmitting a third code word from access device to the first communications device;
  
  transmitting the third code word from the first communications device to the second communications device;
  
  transmitting the third code word from the second communications device to the access device; and
  
  granting access to the system via at least one of the communications devices, given a valid third code word and the presence of a predetermined relationship between the first and second code words and the second authentication data stored in access device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 27)
- - 2. The method in accordance with claim 1, including establishing the first and second connection via communications routes independent form each other.
  - 3. The method in accordance with claim 1, wherein at least the first communications device is constituted by a data processing unit and the connection between the data processing unit and the access device is established via a data processing device network.
  - 4. The method in accordance with claim 3, wherein a internet is used for the connection between access device and the data processing unit.
  - 5. The method in accordance with claim 1, wherein a telephone is used as one of the communications devices and the connection between the telephone and access device is established via a telephone network.
  - 6. The method in accordance with claim 5, wherein a mobile telephone is used as communications device.
  - 7. The method in accordance with claim 6, wherein at least one of the code words is transmitted by pressing a call demand key.
  - 8. The method in accordance with claim 7, wherein the system is a GSM network and the memory device is a home location register storing subscriber-specific data.
  - 9. The method in accordance with claim 1, wherein at least one of the code words is generated by access device and is valid only for one access session.
  - 10. The method in accordance with claim 9, wherein at least one of the code words is generated using a subscriber identification and at least one of time and date.
  - 11. The method in accordance with claim 1, wherein one of the code words is used for data encoding in a data transmission between the access device and at least one of the first and second communications devices.
  - 12. The method in accordance with claim 1, wherein after the release of data access via one of the communications devices, at least one further code word is transmitted to access device to release expanded access to the system.
  - 13. A device for carrying out the method in accordance with claim 1, comprising
27. The method in accordance with claim 1, wherein the second code word is equal to the third code word.

14. A method for secure user access to a separate system having data stored in a memory device, comprising the steps below:
- establishing a first connection between a first communications device and an access device and transmission of a first code word from the first communications device to access device;
  
  comparing the first code word with first authentication data stored in the access device;
  
  given the presence of a predetermined relationship between the first code word and the authentication data stored in the access device, establishing a second connection between the access device and a second communications device and transmitting a second code word from access device to the second communications device;
  
  transmitting the second code word from the second communications device to the first communications device;
  
  transmitting the second code word from the first communications device to access device;
  
  comparing the second code word with second authentication data stored in access device; and
  
  granting access to the system with at least one of the communication devices, given the presence of a predetermined relationship between the second code word and the second authentication data stored in the access device.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The method in accordance with claim 14, including establishing the first and second connection via communications routes independent from each other.
  - 16. The method in accordance with claim 14, wherein at least the first communications device is constituted by a data processing unit and the connection between the data processing unit and the connection between the data processing unit and the access device is established via a data processing device network.
  - 17. The method in accordance with claim 16, wherein an internet is used for the connection between access device and the data processing unit.
  - 18. The method in accordance with claim 14, wherein a telephone is used as one of the communications devices and the connection between the telephone and access device is established via a telephone network.
  - 19. The method in accordance with claim 18, wherein a mobile telephone is used as communications device.
  - 20. The method in accordance with claim 19, wherein at least one of the code words is transmitted by pressing a call demand key.
  - 21. The method in accordance with claim 20, wherein the system is a GSM network and the memory device is a home location register storing subscriber-specific data.
  - 22. The method in accordance with claim 14, wherein one of the code words is generated by access device and is valid only for one access session.
  - 23. The method in accordance with claim 22, wherein at least one of the code words is generated using a subscriber identification and at least one of time and date.
  - 24. The method in accordance with claim 14, wherein one of the code words is sued for data encoding in a data transmission between the access device and at least one of the first and second communications devices.
  - 25. The method in accordance with claim 14, wherein after the release of data access via one of the communications devices, at least one further code word is transmitted to access device to release expanded access to the system.
  - 26. A device for carrying our the method in accordance with claim 14, comprising

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Ratayczak, Georg, Niebert, Norbert
Primary Examiner(s)
Hunter, Daniel
Assistant Examiner(s)
Nguyen, Thuan T.

Application Number

US09/111,868
Time in Patent Office

1,098 Days
Field of Search

455/410, 455/411, 455/414, 379/188
US Class Current

455/411
CPC Class Codes

G06F 21/35   communicating wirelessly

H04L 2463/102   applying security measure f...

H04L 63/083   using passwords cryptograph...

H04L 63/18   using different networks or...

H04W 12/06   Authentication

H04W 12/08   Access security

Method for securing access to a remote system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

80 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Method for securing access to a remote system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

80 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links