Cryptography – Particular algorithmic function encoding – Nbs/des algorithm
Patent
1996-03-07
1998-06-16
Cangianlosi, Salvatore
Cryptography
Particular algorithmic function encoding
Nbs/des algorithm
380 30, H04L 916
Patent
active
057683794
DESCRIPTION:
BRIEF SUMMARY
FIELD OF THE INVENTION
The invention relates to a system for the checking of limited access to authorized time slots renewable by means of a storage device.
The invention can be applied especially to the checking of access to buildings, computer systems or objects of any kind whose opening and use has to be supervised.
DESCRIPTION OF RELATED ART
The best known way to lock access, whether to a building or to any other object, is to place a mechanical lock thereon and give a key to those persons who have authorized access. Naturally, the drawback of this method lies in the fact that it is perfectly possible to duplicate the mechanical keys. A key of this kind may also be stolen and used by a thief, the only possible solution then being to change the cylinder of the lock.
A second method which, however, is an electronic method consists in providing for a lock with a password. Only users who know the password are entitled to enter the building under protection.
Unfortunately, this approach is not infallible. For, when a user enters his password through a keyboard, it is quite possible to design an electronic system capable, at this point in time, of reading his password as he enters it, thus enabling an ill-intentioned person to re-use it.
There is besides a known way of guarding the access to computer programs by means of passwords. This method of protection has the above-mentioned drawback.
There is also a known procedure of authentication called the Kerberos system by which the access to an open computer network can be guarded. A description of this procedure will be found in the MIT publication, "An Authentification Service For Open Network Systems", dated 30 Mar. 1988.
This procedure is used to identify a "customer", namely a user, and to enable him to gain access to an information retrieval center (a service, an application or a program) by providing him, for this purpose, with an electronic ticket and more specifically with an information element encrypted by means of a key. This ticket is prepared by the information retrieval center for the customer. Furthermore, the ticket is not enough to obtain permission for access: a second encrypted information element is also used in the procedure in combination with the ticket.
A procedure of this kind is cumbersome and calls for relatively powerful computing means. This is not a constraint in the application given but may become so for any other application for which the memory space and the computing means are not as great as those of a information retrieval center.
Furthermore, the second encrypted information element is prepared for access between a customer and an information retrieval center and can be used only once for this link.
To date, there is no simple system that can be used to provide a system of secured access based on a data element corresponding to a limited and renewable period enabling the authentication of the user and at the same time providing him with right of access.
SUMMARY OF THE INVENTION
The present invention is aimed at overcoming these drawbacks.
Furthermore, according to the invention, it is no longer necessary to have to prepare a black list of lost or stolen or duplicated means of access and to have to manage such lists because, as shall be seen here below in the description, a lost or stolen device cannot provide right of access outside the authorized time slot if this slot is not renewed. The shorter the period of authorization of access, the less necessary will it be to enter this device in a black list.
According to the invention, the checking of access is done not by mechanical means but by logic means that make use of an electronic signature of data elements pertaining to a predetermined period of authorization of access limiting the validity of use of the device in which it is stored. Indeed, according to the invention, the signature is stored in the portable storage device along with, depending on the algorithm used, the data element in order to enable access to all the installations containing the protection sys
REFERENCES:
patent: 4453074 (1984-06-01), Weinstein
patent: 4720860 (1988-01-01), Weiss
patent: 4837822 (1989-06-01), Croskey et al.
Girault Marc
Reitter Renaud
Revillet Marie-Josephe
Cangianlosi Salvatore
La Poste
LandOfFree
System for the checking of limited access to authorized time slo does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System for the checking of limited access to authorized time slo, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System for the checking of limited access to authorized time slo will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1735572