Telecommunications – Radiotelephone system – Security or fraud prevention
Reexamination Certificate
1998-07-08
2001-07-10
Hunter, Daniel (Department: 2684)
Telecommunications
Radiotelephone system
Security or fraud prevention
C455S410000, C455S414200
Reexamination Certificate
active
06259909
ABSTRACT:
The present invention relates to a method for securing access to a system. In particular, the invention relates to a method for securing access to data of a remote system using a communications apparatus.
Because of the increasingly widespread deployment and use of data networks, security aspects are becoming increasingly important in various applications. These may be applications in which secret information is transferred between data processing devices via a data network, e.g. in electronic payments transactions, electronic “shopping” and the like. Most importantly, security requirements include, apart from secure transmission of data via the network, the identification of an authorized user. In particular, when an authorized user wishes to access, via a publicly accessible data network, to a system and/or to data stored there and associated with it, it must be ensured by specific arrangements, that only the authorized user can access associated data.
For example, the data network can be an internet, comprising a large number of computers are connected with each other to form a generally accessible network. Since in such a network there are no secure data transmission lines, other ways are required to secure data and to identify an authorized user.
In general, a secure unit requests the input of a code word for authenticating a user, thus clearly identifying the user.
This process of securing access from a communications device to a remote system is generally known. An example is shown in FIG.
8
. C′ marks a communications device, A′ an access device and S′ the system. Access from the communications device to the system is cleared as follows: in a first step, a code word is entered at the communications device C′. It is then transmitted to the access device A′ where it is checked for validity. In case the code word is determined to be valid, the access device releases access to the system by the communications device C′.
A large number of such processes, identifying a subscriber by means of such code word, are known. However, like the example described above, they do have the disadvantage that the knowledge of the code word allows an unauthorized user to, e.g., access data of another user or to otherwise take not allowed influence on the system.
It is therefore object of the invention to provide a method for securing access to data allowing greater security in authenticating an authorized user wishing to access said data.
This object of the present invention is solved methods with the features of claims
1
. The method with the features of claim 1 advantageously allows the secure identification of a user, by using two individual connections between a first and a second communications device and a determining device, in order to transmit a first and a second code word to the determining device for checking.
The problem of the present invention is furthermore solved by a method with the features of patent claim
3
. The method in accordance with claim
3
permits improved security of access to the system due to the fact that after the transmission and checking of a first code word by the determining device, a second code word is transmitted to the second communications device, for input into the first communications device and transmission from the first communications device and the transmission device for checking.
In an advantageous embodiment of the invention, a data processing device can be used as one of the two communications devices, connected to the determining device via a data network. A telephone can be used as the second communications device, connected to the determining device via a telephone line.
The connections can particularly advantageously be established via an Internet and/or via a mobile radio network. In this connection it is possible that after establishing the connection between the data processing device and the determining device and after input of the code word by depressing one or more keys on the mobile telephone, access to the system and/or to subscriber data stored in a data memory of the system is released. By use of a mobile telephone allocated to a subscriber, a secure identification of the subscriber can be carried out.
In a further advantageous embodiment of the method in accordance with the invention, the transmission device may generate a code word using a secret algorithm. The code word may be transferred to one of the communications devices for input into the other one of the two communications devices, and for subsequent retransmission to the access device for investigation. This allows a further enhanced security.
In addition, one of the code words can be used to carry out data encoding of data transmitted between one or both of the communications devices and the determining device. In general, a code word may be derived from predetermined subscriber data, the date or the time. Further, the code word may be valid for only one access procedure.
For the implementation of the method for securing access to a system, advantageously an access device may be used, which on the one hand is connected with the system and on the other is connected, via separate communication paths, with two communication devices for the transmission of code words and for access to the system, preferably a data processing unit and a telephone/mobile telephone.
Further embodiments and advantageous modifications of the method become obvious with the subclaims.
REFERENCES:
patent: 5668875 (1997-09-01), Brown et al.
patent: 5745559 (1998-04-01), Weir
patent: 5774525 (1998-06-01), Kanevsky et al.
patent: 5907597 (1999-05-01), Mark
patent: 5991617 (1999-11-01), Powell
patent: 6091945 (2000-07-01), Oka
patent: 6091946 (2000-07-01), Ahvenainen et al.
patent: 6112078 (2000-08-01), Sormunen et al.
patent: 92/04671 (1992-03-01), None
Niebert Norbert
Ratayczak Georg
Burns Doane Swecker & Mathis L.L.P.
Hunter Daniel
Nguyen Thuan T.
Telefonaktiebolaget LM Ericsson (publ)
LandOfFree
Method for securing access to a remote system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for securing access to a remote system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for securing access to a remote system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2558316