Telephonic communications – Call or terminal access alarm or control
Reexamination Certificate
1996-03-27
2001-01-23
Tsang, Fan S. (Department: 2742)
Telephonic communications
Call or terminal access alarm or control
C379S128000, C379S129000, C379S139000, C379S145000, C379S168000, C379S184000, C379S189000, C379S194000
Reexamination Certificate
active
06178236
ABSTRACT:
BACKGROUND
The present invention concerns the provision of security to computing devices and pertains particularly to providing password protection which utilizes a variable master password.
In many computing devices it is desirable to prohibit access by utilizing passwords. For example, in some phone systems available from Siemens Rolm Communications, Inc., having a business address of 2205 Grand Avenue Parkway, Austin Tex. 78728, configuration data is protected through a customer-defined password mechanism. However, a customer may forget the chosen password and thus not be able to change the configuration of the phone or access the functions protected by the password.
Various schemes have been considered to allow a customer to recover from the loss of a password. In one scheme, the customer calls a technical support number. The technical support representative provides the user with a master password which is effective for the phone model. The customer then uses the master password to change the configuration of the phone or access the functions protected by the password. The master password is also used to program a new password which the customer will remember.
One problem with the use of a master password which is effective across a phone model is that once the master password becomes known to users, this renders password protection compromised and thus ineffective.
Alternatively, each individual phone could have its own master password. When the customer calls a technical support number after losing his or her password, the technical support representative asks for the serial number of the telephone. The service representative then consults a list of all serial numbers which includes corresponding master passwords.
One problem with the use of a personalized master password for each individual phone is the extra cost required to program each phone with its own personalized master password. In addition, if any portion of the list of personalized master passwords is lost, then there would be no way to unlock the pertinent phones.
SUMMARY OF THE INVENTION
In accordance with the preferred embodiment of the present invention, access is granted to a portion of a computing system. For example, access is granted to a configuration menu of a telephone system. In order to grant access, a password is received from a user. A variable password is also calculated. The variable password varies with time. For example, the variable password varies with a current date and with a time of day stored and updated by the computing system. The password received from the user is compared with the calculated variable password. When the password received from the user is equal to the calculated variable password, access is granted. In addition, in the preferred embodiment, when the password received from the user is equal to a user-defined password previously entered into the computing system, access is also granted.
The use of a variable password as a master password allows a user to recover from the loss of a password. For example, each telephone system of a particular telephone system model can utilize the same variable password. Then if the user forgets the user-defined password, the user can call a technical support number. The technical support representative obtains from the user the time (e.g., date and time of day) displayed by the telephone system. Using this information and the relevant algorithm, the technical support representative calculates the current valve for the variable master password for the time displayed by the telephone system. The technical support representative then provides the current value for the variable master password for the time (e.g., date and time of day) displayed by the telephone system to the user. The user uses this variable master password to access the configuration menu. Once inside the configuration menu the user can either remove the password or program a new password.
The use of a variable master password allows for protection against the loss by the user of a user-defined password. Because the variable master password uses the same algorithm to be calculated, there is no extra cost required to program each telephone. Also there is no list of personalized master passwords which can be lost. In addition, a user who knows a variable master password cannot use the variable master password on other phones, once the current value for the variable master password changes. This insures the continuing integrity of the password protection.
REFERENCES:
patent: 4601011 (1986-07-01), Grynberg
patent: 4720860 (1988-01-01), Weiss
patent: 4800590 (1989-01-01), Vaughan
patent: 4819267 (1989-04-01), Cargile et al.
patent: 4959860 (1990-09-01), Watters et al.
patent: 5060263 (1991-10-01), Bosen et al.
patent: 5375243 (1994-12-01), Parzych et al.
patent: 5485368 (1996-01-01), Ogaki et al.
patent: 5612993 (1997-03-01), Hanaoka et al.
“Siemens Optiset NI-1200 Family Desktop Terminal User Guide”, Form No. GU30-1597-01; Part No. 98D6639, EC No. A92579, Oct. 1995, pp. 33, 34, 54 and 55.
Dunn Tave P.
Jreij Elie A.
Hoosain Allan
Siemens Information and Communication Networks Inc.
Tsang Fan S.
LandOfFree
Method and system for providing password protection does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for providing password protection, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for providing password protection will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2520562