Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place
DC
First Claim
Patent Images
1. A method for providing security for a computer comprised of a central processing unit, peripheral and file storage devices, at least one of which can be used as a token access device that can read and write files to removable storage media suitable for use as a token, a computer operating system, and a CPU independent security subsystem which includes a security control unit and programmable auxiliary memory, sad method comprising of the steps of:
- (a) generating with said security control unit a security subsystem key pair comprised of a public key and a private key;
(b) storing said private key data in a memory location which is under the control of the said security subsystem;
(c) creating with said security -subsystem a key file encrypted with said public key and writing the key file to a master token by means of said token access device, such that said encrypted key file can only be decrypted and authenticated by the security subsystem using its corresponding private key;
(d) allowing access to said security subsystem after initial installation and setup by said computer operating system for installation and modification of security requirements only when said master token is placed into an appropriate file storage device and said encrypted key file has been authenticated by the security subsystem;
(e) denying file and peripheral device access requests by the central processing unit when the security requirements are not satisfied.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
Apparatus and process are disclosed by which to disable a computer'"'"'s access to all or a part of the computer'"'"'s memory system or associated peripherals, so as to protect the computer from accidental or malicious damage of data files or programs that may result from the activity of computer users or computer viruses. This result is achieved by providing the authorized user with a token whereby the user can configure the security gateway to completely or partially disable the peripheral device without disrupting the operation of the computer or other peripherals. The principal hardware component of one embodiment of the invention is the security gateway which in a typical configuration simply adds new security functions to the programmable controllers that are typically used for an I/O controller or hard drive controller, although this is not always necessary. The process can just as easily be incorporated into a local network controller, a communications controller, or a main processor board for a system. The speed of the security gateway can be further enhanced by adding additional computational or encryption hardware to the chip sets used in said I/O or hard drive controllers.
501 Citations
23 Claims
-
1. A method for providing security for a computer comprised of a central processing unit, peripheral and file storage devices, at least one of which can be used as a token access device that can read and write files to removable storage media suitable for use as a token, a computer operating system, and a CPU independent security subsystem which includes a security control unit and programmable auxiliary memory, sad method comprising of the steps of:
-
(a) generating with said security control unit a security subsystem key pair comprised of a public key and a private key;
(b) storing said private key data in a memory location which is under the control of the said security subsystem;
(c) creating with said security -subsystem a key file encrypted with said public key and writing the key file to a master token by means of said token access device, such that said encrypted key file can only be decrypted and authenticated by the security subsystem using its corresponding private key;
(d) allowing access to said security subsystem after initial installation and setup by said computer operating system for installation and modification of security requirements only when said master token is placed into an appropriate file storage device and said encrypted key file has been authenticated by the security subsystem;
(e) denying file and peripheral device access requests by the central processing unit when the security requirements are not satisfied. - View Dependent Claims (2, 3, 4, 5, 6, 7)
(f) creating with said security subsystem a special use token containing a special use file encrypted with said public key such that said special use file can only be decrypted and authenticated by the security subsystem using its corresponding private key and such that said special use file contains information that identifies specific access rights and security restrictions that are applicable to the user of said special use token;
(g) providing to said security subsystem by a given user a valid user identification immediately after said special use token has been authenticated by the security subsystem, indicating to the computer operating system only those files which are accessible to the given user of said special use token and whether read operations, write operations, and execute operations may be performed upon the accessible files, and denying access to users with invalid access criteria and refusing to write data to any of the files stored in the file storage devices when operations without valid access criteria have been attempted.
-
-
3. The method of claim 2 further including the steps of:
-
(h) generating with said security control unit a user specific key pair comprised of a user public key and a user private key which can be used for authentication, verification, and private communications by a given user;
(i) writing to said special use file a copy of said user private key which has been encrypted with the security subsystem'"'"'s own public key; and
(j) storing said user public key in at least on file stored on at least one other file storage devices.
-
-
4. The method of claim 2 further including the step of:
(h) requiring the security subsystem to access a central file which contains the public keys for the security subsystems of other computers and to make encrypted copies of the special use file using the public keys of the other security subsystems to which the user has been granted limited access and to store these encrypted files on the special use token, whereupon the special use token can be securely used on the other computers.
-
5. The method of claim 2 further including the steps of:
-
(h) connecting the computer to a computer network; and
(i) providing that the security subsystem'"'"'s parameters can be changed by the network manager at a remote location only when a special use token with security authorization to allow this change has been placed into the local token access device and authenticated by the security subsystem.
-
-
6. The method of claim 2 further including the step of:
(h) requiring the security subsystem to record invalid attempts to enter user identification information on the token and to initiate additional security precautions if the number of invalid attempts exceeds a predefined limit.
-
7. The method of claim 1 further including the step of:
(f) requiring the removable media to be of a type which has fixed or unwritable domains by which the security subsystem can uniquely identify the diskette and record the identifying diskette information in the key file recorded on the diskette such that if the key file is copied to another diskette the security subsystem can determine that the key file does not reside on the same removable token on which it was originally placed and so can reject the non-original diskette as a copy.
-
8. A computer security system for a computer having a CPU, a common bus carrying control logic signals, address signals, and data signals, and a computer operating system which comprises:
-
(a) means for providing a CPU independent security subsystem comprised of a control unit, programmable memory, a security program and general security parameters;
(b) means for attaching said security subsystem and a plurality of peripheral devices and file storage devices, with at least one of said file storage devices capable of reading and writing to removable media which will be used as a token read/write device, to said common bus;
(c) means for said security subsystem to generate at least one pair of keys comprising a private key and a public key and storing sad pair of keys in a restricted memory location residing on at least one of said file storage devices under the control of said security subsystem;
(d) means for said security subsystem to encrypt at least one key file using said public key and to write said encrypted key file by means of said token read/write device to a token comprised of removable storage media;
(e) means for requiring said security subsystem to deny access requests by said CPU to said peripheral and storage devices whenever said access requests violate said general security parameters; and
(f) means for requiring said security subsystem to accept modifications of said general security parameters after initial installation and setup when said token is inserted into said token read/write device and said security subsystem has decrypted said encrypted key file using said private key and thereby verified the authenticity of said token. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
(g) means of storing a copy of said security subsystems manufacturer'"'"'s public key in a secure memory location of said security subsystem; - and
(h) means for requiring said security subsystem to accept modifications of said security program when a master token containing an upgrade authorization file encrypted by said manufacturer'"'"'s private key is inserted into said token read/write device and said security subsystem has decrypted said encrypted key file using said manufacturer'"'"'s public key and thereby verified the authenticity of said upgrade authorization file.
-
-
10. The computer security system of claim 8 further including:
-
(g) means for said security subsystem to generate a special use key pair comprised of a special use public key and special use private key and to store said special use public key on at least one of said file storage devices;
(h) means for said security subsystem to create a special use security parameters file encrypted with said public key that contains at least a copy of said special use private key and to write by means of said token read/write device said special use security parameters file to a special use token; and
(i) means for said security subsystem to retrieve said special use security parameters file from said special use token when said special use token is inserted into said token read/write device and to limit access requests by said computer to said peripheral and storage devices for a period of time and under such conditions as provided by said security program and said special use security parameters.
-
-
11. The computer security system of claim 10 further including:
-
(k) means for obtaining a PIN assigned to a user authorized to use said special use token and storing said PIN in a PIN-file encrypted with said public key and storing said PIN-file on said special use token;
(l) means for said security subsystem to retrieve said PIN-file from said special use token when it is inserted into said token read/write device and retrieve a keyboard entry of the PIN as a means of verification of said specific users identity; and
(m) means for said security subsystem to utilize said special use security parameters only when said PIN matches the keyboard entered value and to otherwise utilize said general security parameters.
-
-
12. The computer security system of claim 8 further including:
(g) means for said security subsystem to monitor the integrity of a CPU security program and to force a computer reboot operation whenever said integrity check fails to satisfy said general security parameters.
-
13. The computer security system of claim 8 further including:
-
(g) means for said security subsystem to generate a seed number that is stored in a memory location accessible to a CPU security program run by said CPU and said operating system;
(h) means for said security subsystem and said CPU security program to use said seed number in identical random number generating routines to create a pseudo-random password; and
(i) means for said security subsystem to require said CPU security program to supply said pseudo-random password at such time and under such conditions as required by said general security parameters and to activate security breech operations as defined for this case in said general security parameters when ever said pseudo-random password generated by said CPU does not match said pseudo-random password generated by said security subsystem.
-
-
14. The computer security system of claim 10 further including
(n) means for said security subsystem to retrieve at least one other security subsystem'"'"'s public key, where said other security subsystem is attached to another computer which is connected to said computer by a computer network; - and
(o) means for said security subsystem to create a copy of said special use security parameters file encrypted with said other security subsystem'"'"'s public key and to store it on said special use token so the token can be securely used on said the other computer.
- and
-
15. The computer security system of claim 10 further including
(n) means for said security subsystem to transmit said public key to at least one other security subsystem is attached to another computer which is connected to said computer by a computer network; -
(o) means for said security subsystem to retrieve said other security subsystem'"'"'s public key;
(p) means for said security subsystem to encrypt a network security parameters change file first using said other security subsystem'"'"'s public key and second with said private key and to transmit said network security parameters change file to said other security subsystem; and
(q) means for said other security subsystem to implement the security provisions required by network security parameters change file after it has been successfully authenticated by decryption using first said public key and using second said other security subsystem'"'"'s private key.
-
-
16. The computer security system of claim 8 further including
(g) means for said security subsystem to store in said restricted memory a list of identifying characteristics of authorized programs that may be run by said CPU; (h) means for said security subsystem to restrict access to said authorized programs under such conditions as have been predefined in said security program. and said general security parameters.
-
17. The computer security system of claim 8 further including
(g) means for said security subsystem to store a copy of a certified transaction public key in said restricted memory; -
(h) means for said security subsystem to encrypt a self-identifying message including a copy of said public key using said certified transaction public key;
(i) means for transmitting said encrypted self-identifying message to the certifying authority who issued said certified transaction public key;
(j) means for receiving from said certifying authority a unique digital certificate for an anonymous party private key encrypted with said public key;
(k) means for said security subsystem to store said unique digital certificate in said restricted memory; and
(l) means for said security subsystem to retrieve said unique digital certificate from said restricted memory and to transmit it to as required by said security program and general security parameters to other computers connected with said computer by means of a network.
-
-
18. The computer security system of claim 8 further including:
-
(g) means for storing a copy of single site licensing public key in a secure memory location of said security subsystem; and
(h) means for requiring said security subsystem to identify a new program to be installed on said computer that is subject to the single site licensing requirements defined in said security program by decrypting a digital certificate provided with said new program using said single site licensing public key and implementing said single site licensing requirements relative to said new program upon verification of said digital certificate.
-
-
19. The computer security system of claim 18 further including:
-
(i) means for said security subsystem to extract from said digital certificate site license parameters defining at least one limitation on the use of said new program; and
(j) means for requiring said security subsystem to deny requests by said computer to access said new program whenever said access requests violate said site license parameters.
-
-
20. The computer security system of claim 8 further including:
-
(g) means for said security subsystem to transmit said public key to the software vendor of a site restricted program;
(h) means for said security subsystem to receive a site license certificate encrypted with said public key from said software vendor;
(i) means for said security subsystem to verify the authenticity of said site license certificate by decrypting said site licence certificate with said private key; and
(j) means for requiring said security subsystem to deny requests by said computer to access said site restricted program whenever said site license certificate has not been received and verified.
-
-
21. The computer security system of claim 8 further including:
-
(g) means for said security subsystem to create a special use identification file encrypted with said public key that contains at least a copy of a special use identification code and to write by means of said token read/write device said special use identification file to a special use token;
(h) means for said security subsystem to store a copy of said special use identification code and special use security parameters assigned to said special use identification code in a restricted memory location; and
(i) means for said security subsystem to retrieve said special use identification file from said special use token when said special use token is inserted into said token read/write device and to decrypt the file using said private key and to thereby retrieve said special use identification code and said special use security parameters and to limit access requests by said computer to said peripheral and storage devices for a period of time and under such conditions as provided by said security program and said special use security parameters.
-
-
22. The computer security system of claim 10 further including:
(j) means for said security subsystem to retrieve said special use private key from said special use token and to decrypt files that have been encrypted using said special use public key.
-
23. The computer security system of claim 10 further including:
(j) means for said security subsystem to retrieve said special use private key from said special use token and to encrypt files using said special use private key.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
Litigation Data
-
Current AssigneeVortex Pathway LLC (IP Edge LLC)
-
Original AssigneeDavid C. Reardon
-
InventorsReardon, David C.
-
Primary Examiner(s)An, Meng-Al T.
-
Assistant Examiner(s)LIN, WEN TAI
-
Application NumberUS09/115,185Time in Patent Office994 DaysField of Search709/223, 713/160-169, 713/201, 713/192, 713/158, 713/187, 380/30, 705/62, 711/164US Class Current713/165CPC Class CodesG06F 21/34 involving the use of extern...G06F 21/51 at application loading time...G06F 21/53 by executing in a restricte...G06F 21/78 to assure secure storage of...G06F 21/82 Protecting input, output or...G06F 2207/7219 Countermeasures against sid...G06F 2221/2141 Access rights, e.g. capabil...G06F 2221/2153 Using hardware token as a s...G06Q 20/3821 Electronic credentials
