Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place

CAFC
  • US 6,212,635 B1
  • Filed: 07/14/1998
  • Issued: 04/03/2001
  • Est. Priority Date: 07/18/1997
  • Status: Expired due to Term
First Claim
Patent Images

1. A method for providing security for a computer comprised of a central processing unit, peripheral and file storage devices, at least one of which can be used as a token access device that can read and write files to removable storage media suitable for use as a token, a computer operating system, and a CPU independent security subsystem which includes a security control unit and programmable auxiliary memory, sad method comprising of the steps of:

  • (a) generating with said security control unit a security subsystem key pair comprised of a public key and a private key;

    (b) storing said private key data in a memory location which is under the control of the said security subsystem;

    (c) creating with said security -subsystem a key file encrypted with said public key and writing the key file to a master token by means of said token access device, such that said encrypted key file can only be decrypted and authenticated by the security subsystem using its corresponding private key;

    (d) allowing access to said security subsystem after initial installation and setup by said computer operating system for installation and modification of security requirements only when said master token is placed into an appropriate file storage device and said encrypted key file has been authenticated by the security subsystem;

    (e) denying file and peripheral device access requests by the central processing unit when the security requirements are not satisfied.

View all claims
    ×
    ×

    Thank you for your feedback

    ×
    ×