Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-01-05
2002-06-11
Hua, Ly V. (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C705S068000, C705S337000
Reexamination Certificate
active
06405317
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to a security system for a transaction processing system.
BACKGROUND OF THE INVENTION
WOSA/XFS (Windows Open Services Architecture for Extended Financial Services) is an emerging standard enabling financial institutions, whose branch and office solutions run on the Windows NT platform, to develop applications independent of vendor equipment.
FIG. 1
shows the standard WOSA model. Using this model, an application
10
communicates hardware requests
12
to various hardware devices in an ATM
14
via a WOSA manager
20
. The application issues transaction requests
12
which are hardware independent, and thus vendor independent. The requests are queued by the WOSA manager
20
which manages concurrent access to the ATM hardware
14
from any number of applications
10
.
When a piece of hardware is installed on the ATM, it registers its controlling software, known as a service provider module (SPM)
30
, with the WOSA manager by using, for example, the Windows registry. The WOSA manager
20
is thus able to relay a hardware request
12
to an appropriate SPM
30
, using the Windows registry as a look-up table. The SPM
30
takes relayed hardware independent requests
16
from the WOSA manager and actuates the appropriate piece of hardware to process the requests. The results of a request can be returned by an SPM
30
synchronously via the WOSA manager
20
or asynchronously by generating a Windows event.
A number of companies other than the Applicant, including Microsoft Corporation, Keybank Incorporated of Cleveland, Ohio and Diebold Incorporated of Canton, Ohio have mooted the idea of using an automatic teller machine (ATM) to provide access to Internet services, for example, for executing financial transactions, ticket reservation and information retrieval.
It is an object of the present invention to provide a security system for a transaction processing system.
DISCLOSURE OF THE INVENTION
Accordingly, the present invention provides a security system for a transaction processing system in which a transaction manager runs in a first process and is responsive to transaction requests from one or more applications and a service provider layer is adapted to relay transaction requests passed from said transaction manager to associated hardware for execution; said security system comprising: a security module adapted to store application rights to execute transaction requests; and a supervisor application adapted to register with said security module, said supervisor application being adapted to communicate with the or each application to determine application rights to execute transaction requests and to store said access rights in said security module; wherein the security module is responsive to requests from the service provider layer to determine an application's right to execute a transaction request.
It will be seen that the security system according to the invention enables a supervisor application to deny to other applications certain services provided by other peripheral SPMs controlling hardware in a simple and efficient manner.
In a second aspect the invention provides a transaction processing system including: a transaction manager running in a first process and responsive to transaction requests from one or more applications; a service provider layer including a set of service provider modules, each service provider module being adapted to relay transaction requests passed from said transaction manager to an associated hardware module; a security module adapted to store application rights to execute transaction requests; a supervisor application adapted to register with the security module, said supervisor application being adapted to communicate with the or each application to determine application rights to execute transaction requests and to store said access rights in said security module; wherein said service provider layer is adapted to communicate with said security module to determine if an application has appropriate access rights before executing a transaction request.
The invention further provides an ATM including the transaction processing system according to the invention.
REFERENCES:
patent: 5764789 (1998-06-01), Pare, Jr. et al.
patent: 5813009 (1998-09-01), Johnson et al.
patent: 6092202 (2000-07-01), Veil et al.
patent: 6275785 (2001-08-01), Currie et al.
patent: 0 442 838 (1991-08-01), None
patent: 0 442 839 (1991-08-01), None
patent: 0 447 339 (1991-09-01), None
patent: 2 288 676 (1995-10-01), None
Atkin Philip James
Currie Stuart
Flenley John Martin
Herzberg Louis P.
Hua Ly V.
International Business Machines - Corporation
LandOfFree
Security module for a transaction processing system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Security module for a transaction processing system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Security module for a transaction processing system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2949219