Cryptography – Communication system using cryptography
Reexamination Certificate
1998-07-15
2001-01-09
Peeso, Thomas R. (Department: 2767)
Cryptography
Communication system using cryptography
C380S259000
Reexamination Certificate
active
06173057
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a method of securing and controlling access to information, such as data and/or applications, from a computer platform having a microcomputer.
2. Description of Related Art
In general, the strongly developing market for microcomputers, network technology, and low-cost large-capacity recording media has led to conditions that are favorable for increasing communication and/or interchange of information. The developing market also enables commercial activities based on making data and/or applications available to potential users on demand, and in return for payment. Moreover, the activities primarily use personal microcomputers.
Unfortunately, a personal microcomputer is designed for a variety of uses (personal or professional applications, games, technical applications, . . . ), and thus has an “open” architecture. New elements, both software and hardware, can readily be added to change the configuration of the machine as a function of users' own requirements and/or as a function of the services or applications accessible to users.
As a result, there are computer platforms that operate in a generally non-secure context, which context is even less secure in that there is always parallel activity in the development of piracy techniques. This parallel development of piracy can present problems as a function of the uses, services, and/or applications that may be implemented on such “open” architecture computer platforms.
To solve these problems, numerous solutions have been proposed in the field of security. For example, some solution have been to install identity codes to identify users before any communication or interchange of data; install access codes to obtain authorization to access data and/or applications; use encoding or encrypting techniques to guarantee that data being transmitted or interchanged is kept confidential or secret; and use authorization techniques to verify the accuracy of data that is being transmitted or exchanged.
Unfortunately, even at high levels of sophistication, such solutions turn out to be insufficient. Even with all or some of the solutions that have been proposed in the past, such applications cannot be viable if the information is accessed on a computer platform that is not secure. The reliability of safety checks intended to guarantee that a user is indeed entitled to access the information and/or that the fees corresponding to said access have indeed been paid can never be complete when the checks are performed in a non-secure environment.
SUMMARY OF THE INVENTION
Accordingly, the present invention is directed to a method of securing and controlling access to information from a computer platform that substantially obviates one or more of the problems due to limitations and disadvantages of the related art.
For a small extra cost with respect to hardware and software architecture, the security provided by such a method is of a high level. The cost of the hardware components to be added to a basic personal microcomputer is modest. Standard components can be added incrementally to the basic architecture. The software cost, independently of the data and applications that are to be protected, is fixed for each operating system supported.
In general, the method can be implemented on two types of computer platforms. A “closed” platform initially designed to integrate the security hardware elements in the basic hardware architecture (on the mother board), and an “open” platform where an additional card is added to provide the hardware and/or software components necessary to implement the method.
An important advantage of the invention is that any recording medium, even when duplicated, cannot be used on a machine that does not comply with the method. Another advantage of the present invention is that when the secured computer platform is in dialog over a network with a controlling server or another computer platform, that other platform or server knows that the dialog will take place in complete security. An additional advantage of the invention is that any publisher of applications is guaranteed that access to and use of its recording media will be performed in compliance with the conditions placed on the users.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be apparent from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
To achieve these and other advantages and in accordance with the purpose of the present invention, as embodied and broadly described, the present invention provides a method of securing and monitoring access to information from a computer platform comprising the steps of producing at least one non-rewritable recording medium on which information and operating software are recorded, authorizing users by defining user access rights to the information stored on the recording medium, issuing a portable medium to each authorized user, the portable medium having information regarding the defined access rights recorded thereon, inserting the recording medium and the portable medium into readers fitted to the computer platform, configuring the computer platform of the authorized user into a secure workstation by executing security functions based upon parameters recorded on the recording medium, the portable medium, and the computer platform, loading the operating software from the recording medium to the computer platform after security functions are executed, enabling the information stored on the recording medium to be accessed according to the defined access rights, and enabling secure communications between the computer platform and a connected network.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention as claimed.
REFERENCES:
patent: 5191611 (1993-03-01), Lang
patent: 5327497 (1994-07-01), Mooney et al.
patent: 5444850 (1995-08-01), Chang
patent: 5784462 (1998-07-01), Tomida et al.
patent: 5960085 (1999-09-01), De La Huerga
patent: 0 089 876 A1 (1983-09-01), None
patent: 0 421 409 A2 (1991-04-01), None
patent: 0 737 907 A2 (1996-10-01), None
patent: WO 95/24696 (1995-09-01), None
Paul C. Clark et al., “Bits: A Smartcard Protected Operating System”, vol. 37, No. 11, Nov. 1, 1994, pp. 66-70 and 94.
Ferry Jean-Christophe
Michel Gilles
Truong Andr{acute over (e)}
Advanced PC Technologies (APCT)
Jack Todd
Morgan & Lewis & Bockius, LLP
Peeso Thomas R.
LandOfFree
Method of making secure and controlling access to... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method of making secure and controlling access to..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method of making secure and controlling access to... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2493785