Access control/crypto system

US 6,351,813 B1
Filed: 08/07/1998
Issued: 02/26/2002
Est. Priority Date: 02/09/1996
Status: Expired due to Fees

First Claim

Patent Images

1. An access control system including a screen and an input/output port, the access control system comprising:

a hard disk containing encrypted information;

a smart card reader connected to the input/output port;

a smart card containing electronic keys for access control to a computer; and

the computer executing an access control program for communications with the smart card reader and the smart card, including card reader control means for controlling a plurality of smart card reader types and smart card control means for controlling a plurality of smart card types, and providing communications based on a particular smart card reader attached to the computer and based on a particular smart card inserted into the smart card reader;

wherein the access control program requests information from a user to provide access to the system and use of the encrypted information.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access control/crypto system having a smart card reader and an access control program for requesting information from a user to determine if the user is authorized to access the computer. The access control/crypto system uses encryption and smart card technology as a means for securing files stored on the system, telecommunicated globally, or archived to a chosen media. The system includes an access hierarchy, combined with the issuance of smart cards, to control the various levels of access provided by the system. Further, the present system provides secure file transfer by encrypting sensitive files at a first site, transferring the encrypted version to a second site, providing an authorized user at the second site with a secret password, and decrypting the file at the second site using the secret password under control of the authorized user.

441 Citations

17 Claims

1. An access control system including a screen and an input/output port, the access control system comprising:
- a hard disk containing encrypted information;
  
  a smart card reader connected to the input/output port;
  
  a smart card containing electronic keys for access control to a computer; and
  
  the computer executing an access control program for communications with the smart card reader and the smart card, including card reader control means for controlling a plurality of smart card reader types and smart card control means for controlling a plurality of smart card types, and providing communications based on a particular smart card reader attached to the computer and based on a particular smart card inserted into the smart card reader;
  
  wherein the access control program requests information from a user to provide access to the system and use of the encrypted information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 16)
- - 2. The access control system of claim 1, wherein the encrypted information comprises a plurality of electronic keys for encrypting files and decrypting files.
  - 3. The access control system of claim 1, wherein the smart card is an ISO 7816-compliant smart card.
  - 4. The access control system of claim 1, wherein the end user must answer questions, based on trusted security level assigned, to access the encrypted information.
  - 5. The access control system of claim 2 wherein the encrypted information is encrypted according to a secret key encryption algorithm.
  - 6. The access control system of claim 2 wherein the encrypted information is encrypted according to a public key encryption algorithm.
  - 7. The access control system of claim 2 wherein the encrypted information is encrypted according to the FORTEZZA encryption standard.
  - 8. The access control system of claim 2 wherein the files comprise data, facsimile, video, or other message types of files.
  - 9. The access control system of claim 2, wherein the files are compressed.
  - 10. The access control system of claim 2, wherein the data files are stored on the computer hard disk.
  - 11. The access control system of claim 2, wherein the files are transferred over networks, internet, intranet, global trade point network, world wide web, or point to point.
  - 12. The access control system of claim 2, wherein the files are archived to a removable medium.
  - 16. The access control system of claim 1, wherein the computer executes an access control program which uses a C programming language file input/output paradigm to read information from the smart card and write information to the smart card, and wherein the access control program controls access to the information on the smart card, and wherein the access control program encrypts and decrypts files using the information on the smart card.

13. An access control system including a screen and an input/output port, the access control system comprising:
- a hard disk containing encrypted information;
  
  a smart card reader connected to the input/output port;
  
  a smart card containing electronic keys for access control to a computer;
  
  the computer executing an access control program for communications with the smart card reader and the smart card, including card reader control means for controlling a plurality of smart card readers and smart card control means for controlling a plurality of smart cards, and providing communications based on a particular smart card reader attached to the computer and based on a particular smart card inserted into the smart card reader;
  
  an electronic key module for managing electronic keys for encrypting and decrypting files, including creating and deleting electronic keys;
  
  a smart card database for storing the electronic keys, the smart card database resident on a smart card;
  
  a smart card access module for reading and writing electronic keys to and from the smart card database;
  
  a smart card operations module for managing the input/output operations of the smart card;
  
  a card reader operations module for managing the interaction of the smart card with the smart card reader;
  
  a file selection module for selecting a file to be encrypted or decrypted;
  
  a file encryption/decryption module for accepting the file and using one of the electronic keys to encrypt or decrypt the file according to input user specification;
  
  a corn module for managing communications between the smart card reader and the computer; and
  
  a main control module for coordinating the operation access control system;
  
  wherein the access control program requests information from a user to provide access to the system and use of the encrypted information.
- View Dependent Claims (14, 15)
- - 14. The access control system of claim 13, wherein the file encryption/decryption module encrypts files such that they remain secure when transmitted.
  - 15. The access control system of claim 13, wherein the card reader operations module is capable of controlling smart card readers from any one of a variety of vendors, and wherein the smart card operations module is capable of controlling smart cards from any one of a variety of vendors.

17. A method for protecting a first file on a computer, the computer comprising a keyboard, a display, a hard disk containing encrypted information, and an input/output port, the method comprising the steps of:
- attaching any of a plurality of smart card readers to the computer'"'"'s input/output port;
  
  controlling the attached smart card reader with a card reader operations module;
  
  generating an electronic key using the computer;
  
  securely storing the electronic key in any of a plurality of smart cards;
  
  controlling the smart card with a smart card operations module;
  
  encrypting the first file, wherein the step of encrypting comprises the steps of;
  
  inserting the smart card in the smart card reader;
  
  recursively entering access codes to access the electronic key;
  
  validating the access codes as each is entered;
  
  identifying the computer file; and
  
  encrypting the computer file using the electronic key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Digital Privacy Incorporated
Original Assignee
Digital Privacy Incorporated
Inventors
Mooney, David M., Kimlinger, Paul J., Bradley, James Virgil
Primary Examiner(s)
Chung, Phung M.
Assistant Examiner(s)
Callahan, Paul E.

Application Number

US09/117,898
Time in Patent Office

1,299 Days
Field of Search

713/165, 713/166, 713/171, 713/192, 713/152, 713/164, 713/172, 713/183, 713/185, 380/259, 380/260, 380/269, 380/283, 380/278
US Class Current

713/185
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/34   involving the use of extern...

G06F 21/606   by securing the transmissio...

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2143   Clearing memory, e.g. to pr...

G06F 2221/2153   Using hardware token as a s...

Access control/crypto system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

441 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Access control/crypto system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

441 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links