`
`WORLD INTELLECTUAL PROPERTY ORGANIZATION
`International Bureau
`
`
`
`INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT)
`(51) International Patent Classification 6;
`GO6F 1/00, GO8B 5/22
`
`(11) International Publication Number:
`
`WO 95/19593
`
`USER ID
`
`preventing
`of
`A method
`
`
`unauthorised a_hostaccess to
`
`computer system (1) by a user at
`a remote terminal
`(2)
`is provided
`using paging system technology.
`In
`the method, a user inputs his user
`identification code input
`into the
`terminal
`(2) which transmits same
`to the host computer system (1).
`The system then generates a random
`code (Code A) and subjects Code A
`to a transformation characteristic of
`a transformation algorithm identified
`by the input user identification code
`so as to generate a transformed code
`(Code B). Code A is transmitted via
`a paging system (7),
`to a receiver
`(6) held by the user. The receiver
`(6) comprises transformation means
`adapted to transform the received
`Code A to a second transformed
`code (Code C), and means (9) for
`displaying Code C to the user. The
`user then inputs the displayed Code
`C to the terminal (2) which trasmits
`it to the host system (1). The input
`Code C is then compared with Code
`B and access is only permitted if
`Code C matches Code B.
`
`(43) International Publication Date:
`
`20 July 1995 (20.07.95)
`
`(21) International Application Number:
`
`PCT/GB95/00059
`
`(22) InternationalFiling Date:
`
`12 January 1995 (12.01.95)
`
`(30) Priority Data:
`9400602.0
`9415779.9
`
`14 January 1994 (14,01.94)
`4 August 1994 (04.08.94)
`
`GB
`GB
`
`(81) Designated States: AM, AT, AU, BB, BG, BR, BY
`CN, CZ, DE, DK, EE, ES, FI, GB, GE, HU,JP.
`KP, KR, KZ, LK, LR, LT, LU, LV, MD, MG,
`MX, NL, NO, NZ, PL, PT, RO, RU, SD, SE, SI, SK, TJ,
`TT, UA, US, UZ, VN, European patent (AT, BE, CH, DE,
`DK,ES, FR, GB, GR,IE, IT, LU, MC, NL, PT, SE), OAPI
`patent (BF, BJ, CF, CG, CI, CM, GA, GN,'ML, MR, NE,
`SN, TD, TG), ARIPO patent (KE, MW, SD, SZ).
`
`Jeremy
`KEW, Michael,
`(71)(72) Applicants and Inventors:
`[GB/GB]; Heron Bridge, Collapit Creek, Kingsbridge,
`Devon TQ7 3BB (GB). LOVE, James, Simon [GB/GB];
`18 Monterey Court, Varndean Drive, Brighton, East Sussex
`BNI 6TE (GB).
`
`Published
`*
`With international search report.
`Before the expiration of the time limit for amending the
`claims and to be republished in the event of the receipt of
`amendments.
`
`(74) Agent: BRAY,Lilian, Janet; LJ. Bray & Co., Raw Holme,
`Midgehole Road, Hebden Bridge, West Yorkshire HX7 7AF
`(GB).
`
`(54) Title) A COMPUTER SECURITY SYSTEM
`
`(57) Abstract
`
`Lome
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 1 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 1 of 26
`
`
`
`FOR THE PURPOSES OF INFORMATION ONLY
`
`Codes used to identify States party to the PCT onthe front pages of pamphlets publishing international
`applications under the PCT.
`
`Viet Nam \*
`
`United Kingdom
`Georgia
`Guinea
`Greece
`Hungary
`Ireland
`Italy
`- Japan
`Kenya
`Kyrgystan
`Democratic People’s Republic
`of Korea
`Republic of Korea
`Kazakhstan
`Liechtenstein
`Sri Lanka
`Luxembourg
`Latvia
`Monaco
`Republicof Moldova
`Madagascar
`Mali
`Mongolia
`
`AT
`AU
`BB
`
`Austria
`Australia
`Barbados
`Belgium
`Burkina Faso
`Bulgaria
`Benin
`Brazil
`Belarus
`Canada
`Central African Republic
`Congo
`Switzerland
`Cate d'Ivoire
`Cameroon
`China
`Czechoslovakia
`Czech Republic
`Germany
`Denmark
`Spain
`Finland
`France
`Gabon
`
`Mauritania
`Malawi
`Niger
`Netherlands
`Norway
`New Zealand
`Poland
`Portugal
`Romania
`Russian Federation
`Sudan
`Sweden
`Slovenia
`Slovakia
`Senegal
`Chad
`Togo
`Tajikistan
`Trinidad and Tobago
`Ukraine
`United States of America
`Uzbekistan
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 2 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 2 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`A COMPUTER SECURITY SYSTEM
`
`invention relates to a computer security
`The present
`system and comprises a method and apparatus for preventing
`unauthorized access to a host computer system.
`
`to gain
`require users
`systems
`computer
`large
`Many
`access via a remote terminal using a telephone link.
`In
`cases where access to the computer system is restricted to
`authorised personnel, attempts by unauthorised persons to
`gain access are referred to as
`"hacking".
`It
`is common
`practice
`for
`security systems
`to be
`installed in the
`computer system in an attempt
`to verify the identity of a
`user. However,
`to date no completely successful computer
`security system has been devised.
`
`improved
`now been devised an
`has
`There
`security system based on pager technology.
`
`computer
`
`input
`
`to the
`
`invention
`According to a first aspect of the present
`is provided a method of preventing unauthorised
`there
`access to a host computer
`system by a user at a remote
`terminal comprising the steps of
`accepting a user
`identification code
`terminal by the user;
`generating a random code (Code A);
`subjecting Code A to a transformation characteristic
`of a transformation algorithm identified by the input user
`identification code so as to generate a transformed code
`(Code B);
`to a receiver
`transmitting Code A via a paging system,
`- held by the user,
`the receiver comprising transformation
`means adapted to transform the received Code A to a second
`transformed code (Code C), and means for displaying Code C
`to the user;
`accepting input of Code C to the terminal by the user;
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 3 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 3 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`comparing Code C with Code B; and
`permitting access to the host system only if Code ¢
`Matches Code B.
`
`invention
`According to a second aspect of the present
`there is provided apparatus
`for preventing unauthorized
`access to a host computer
`system by a user at a remote
`terminal,
`the apparatus comprising
`means
`for accepting a user
`identification code input
`to the terminal by the user;
`means
`for generating a random code (Code A), and for
`subjecting Code
`A
`to a
`transformation to generate
`a
`transformed code (Code B);
`a transmitter
`for
`transmitting Code A via a paging
`system:
`the receiver comprising
`a receiver held by the user,
`transformation means adapted to transform the received Code
`A to a second transformed code
`(Code C),
`and means
`for
`displaying Code C to the user;
`means for accepting input of Code C by the user;
`means for comparing Code C with Code B: and
`means for permitting access to the host system if Code
`C matches Code B.
`
`It will be appreciated that the receiver carried by an
`authorized user will have logic circuitry programmed with a
`transformation algorithm which is characteristic of
`that
`receiver, When
`the user enters his user
`identification
`code,
`the host computer system identifies the corresponding
`transformation algorithm in a database from the code and
`transforms the random code (Code A)
`to a new Code B in such
`a manner
`that the Code C, produced by the user's receiver
`from the transmitted code, will be identical to Code B with
`which it is compared. Thus, only a user both with knowledge
`of
`the
`user
`identification
`code
`and
`holding
`the
`corresponding receiver can gain access to the host system.
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 4 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 4 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`transformation algorithms associated with each
`The
`receiver may be completely different, or may be the same
`base
`algorithm which
`is
`convoluted with
`a
`code
`corresponding to the user's identification cade so as to
`generate characteristic transformed codes. Preferably,
`the
`algorithms used are all, so called, one-way algorithms,
`
`should preferably be
`identification code
`‘The user
`treated by the user as a secret code and not be marked on
`the
`receiver.
`It
`is
`thus
`comparable with a personal
`identification number
`(PIN)
`familiar
`from many other
`contexts.
`
`the receiver can only be enabled for
`Preferably also,
`a predetermined period to permit
`it
`to transform the
`received Code A to the transformed Code C by input of a
`second user
`identification code by the user. This second
`code may also be
`in the
`form of
`a PIN.
`In this way
`additional security is provided since an unauthorised user
`cannot gain access to the system even if he has possession
`of
`the receiver and knows
`the user
`identification code
`without
`knowledge
`of
`the
`second
`identification
`or
`activation code.
`
`incorporating Code A which
`the signal
`Preferably also,
`is transmitted by the paging system also incorporates an
`identifier to enable the receiver to pick out
`the signal
`from a plurality which may be being transmitted at the same
`time.
`
`always
`preferably
`is
`receiver
`the
`addition,
`In
`responsive to reception of
`its identifier regardless of
`whether or not it has been enabled by the user. Hence,
`the
`receiver
`is responsive to reception of
`its identifier in
`circumstances when the authorised user is not attempting to
`gain access to the host system.
`In this way the receiver
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 5 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 5 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`at
`attempt
`an
`that
`user
`authorised
`the
`alert
`can
`therefore,
`unauthorised access is being made. Preferably,
`the receiver emits an alarm or otherwise operates to alert
`the user in these circumstances.
`
`The means for displaying Code C on the receiver can be
`liquid crystal display or other conventional display
`a
`means. Also,
`the means by which the signal
`is transmitted
`via
`the
`paging
`system and
`the means
`by which
`the
`transmitted signal
`is received by the receiver may both
`utilise technology which
`is generally conventional
`in
`paging systems.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`In a second more sophisticated embodiment,
`preferably comprises the additional steps of
`generating an access code by the terminal based on the
`identification code and at
`least one of a terminal
`user
`for
`identifying the
`remote
`terminal,
`a
`network
`code
`identification code for identifying which of a plurality of
`networks
`the
`remote
`terminal
`is
`connected
`to,
`and
`a
`software
`code
`identifying the presence
`or
`absence
`of
`particular software stored at the remote terminal site and
`accessible by its CPU;
`transmitting the access
`system;
`deconstructing the access code to produce at least one
`computer
`identification code and the user
`identification
`code;
`
`the method
`
`computer
`
`code
`
`to the host
`
`generating a second random code (Code D);
`subjecting Code D and the computer identification code
`transformation characteristic of
`a
`transformation
`to a
`algorithm so as to generate a transformed code (Code E);
`subjecting Code A to a transformation characteristic
`of both the transformation algorithm identified by the
`input user identification code and Code E so as to generate
`the transformed code (Code B);
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 6 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 6 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`terminal which also
`to the remote
`D
`passing Code
`subjects Code D and the computer
`identification code to a
`transformation characteristic of a transformation algorithm
`80 as to generate a transformed code (Code F);
`remote
`passing Code
`F
`to the
`receiver
`from the
`terminal which also subjects Code A to a transformation
`characteristic
`of
`both
`the
`transformation
`algorithm
`identified by the input user identification code and Code F
`so as to generate the transformed code (Code C).
`
`As before the terminal compares Code C with Code B and
`only permits access to the host system if Code C matches
`Code
`B.
`However,
`it will
`be
`appreciated
`that
`this
`embodiment
`can be used to verify that
`the actual
`remote
`terminal being used is an authorised terminal.
`This will
`mean that in practice if the terminal
`is authorised, Code F
`will also equal Code E,
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`the - method
`
`comprises
`
`the
`
`further
`
`Preferably also,
`additional steps of
`code to produce the user
`deconstructing the access
`identification code, a first computer
`identification code
`characteristic
`of
`the
`computer
`hardware
`identifying
`portions
`of
`the
`access
`code
`and
`a
`second
`computer
`identification code characteristic of the computer software
`identifying portions of the access code;
`generating a second random code (Code D1) and a third
`random code (Code D2);
`computer
`first
`the
`and
`D1
`subjecting
`Code
`identification code to a transformation characteristic of a
`transformation algorithm so as
`to generate a transformed
`code (Code El):
`computer
`second
`the
`and
`D2
`Code
`subjecting
`identification code to a transformation characteristic of a
`transformation algorithm so as
`to generate a transformed
`code (Code E2); and
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 7 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 7 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`combining in a predetermined fashion Codes El and E2
`or parts thereof to produce the transformed code (Code E);
`passing Code Dl and Code D2 to the remote terminal
`(2)
`subjects
`Code
`D1
`and
`the
`first
`computer
`which
`identification code to a transformation characteristic of a
`transformation algorithm so as
`to generate a transformed
`code (Code Fl), and which
`subjects Code D2 and the second
`computer
`identification
`code
`to
`a
`transformation
`Characteristic
`of
`a
`transformation algorithm so as_
`to
`generate a transformed code (Code F2); and
`combining in a predetermined fashion Codes Fl and F2
`or parts thereof to produce the transformed code (Code F).
`
`.
`
`that not only can
`therefore,
`_It will be appreciated,
`the actual
`terminal be verified but
`the network system it
`is connected to can be verified too along with software
`which is accessible to the terminal. The
`latter can be
`checked by running security software which monitors
`the
`type of
`software which can be
`run by the terminal and
`supplies
`appropriately
`encrypted
`identification
`codes
`dependent on this software.
`
`in this way the system can be used to display
`Hence,
`information which,
`for
`example,
`can
`be made
`sensitive
`available for viewing only and not for further analysis at
`the remote terminal.
`
`the receiver preferably
`In this second embodiment,
`the form of a security key which is linked to the
`takes
`remote terminal. Preferably,
`the receiver is linked to the
`central
`processing unit either
`by
`a plug and
`socket
`arrangement or by an infrared transmission system for the
`passage of information therebetween.
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`invention will now
`The various aspects of the present
`be described by way of example with reference to the
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 8 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 8 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`accompanying drawings,
`
`in which:-
`
`is a schematic view of a first embodiment of a
`1
`Fig.
`computer security system according to the invention; and
`
`1 but of a second
`is a view similar to Fig.
`2
`Fig.
`embodiment of
`the system and additionally showing logic
`operations carried out by various components of the system.
`
`With reference first to Fig. 1, a host computer system
`typically one of
`several
`arranged in a
`local area
`1,
`network (LAN), may be accessed from any one or more of a
`series of
`remote terminals 2, 3,
`4 via a telephone line
`link, To gain access to the host system 1, a user at one of
`the terminals, say terminal 2, must first verify his or her
`identity by
`satisfying a
`security barrier
`system or
`security server 5, which is effectively interposed between
`the remote terminals 2, 3, 4 and the host system 1.
`
`6 which includes
`receiver unit
`The user carries a
`received
`codes.
`encryption
`of
`encryption means
`for
`include logic circuitry to do this
`Typically,
`the unit will
`which
`preferably itself
`includes
`an EPROM or erasable
`programmable read only memory where the algorithm required
`is
`stored. As previously
`mentioned,
`this algorithm is
`preferably a one-way algorithm.
`
`in the EPROM an
`6 also stores
`receiver unit
`The
`identity code. This identity code is a key for the one-way
`algorithm and is such that when applied to the algorithm,
`together with a code to be encrypted the resultant code is
`characteristic of the particular receiver unit 6.
`
`When the user seeks access to the host system 1 via
`the terminal 2, he enters his user
`identification code.
`This code may take any suitable form, for example his
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 9 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 9 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`preferably a more secure code such as a
`name or
`actual
`PIN. The security server
`5
`includes a database of all
`authorised users and their authorised receiver units 6, and
`identifies
`the
`corresponding
`identity
`code
`for
`the
`appropriate receiver unit 6. The security server
`5
`then
`generates a random code (Code A) and subjects this number
`to an encryption using the same one-way algorithm as
`is
`stored
`in
`the user's
`receiver
`6
`together with
`the
`corresponding identity code.
`In this way a transformed code
`(Code B)
`is produced.
`
`In addition to producing the transformed Code B,
`the
`security server
`5 also transmits
`the random code
`to a
`paging system 7 along with an indentifier or
`identifying
`tag which can be recognized by the receiver unit 6. The
`identifying tag and the random code are then broadcast by
`the
`paging system 7,
`typically using a
`radiofrequency
`transmitter,
`in a
`fashion similar to conventional paging
`systems. Whilst the receiver unit 6 will pick up all codes
`broadcast on a particular frequency,
`the receiver unit
`6
`will use the identifier to pick out the appropriate signal
`meant
`for
`it
`from a plurality which may
`be
`being
`transmitted at the same time.
`
`After or before entering his identification code into
`the terminal 2,
`the user also activates the receiver unit 6
`
`identification code, which is
`by entering a second user
`also preferably in the form of a secret PIN, via a keypad
`8. Preferably,
`the
`receiver unit
`6
`can
`receive
`the
`broadcast
`signal
`regardless
`of whether
`it
`has
`been
`activated
`or
`not,
`but
`activation
`enables
`the
`logic
`circuitry of
`the receiver unit
`6
`to permit
`it to encrypt
`the received random code.
`The receiver unit
`6
`therefore
`
`identity code
`and the
`received random number
`the
`uses
`stored in its own EPROM to produce a transformed code (Code
`C) via its own characteristic algorithm. This transformed
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 10 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 10 of 26
`
`
`
`WO 95/19593
`
`,
`
`PCT/GB95/00059
`
`Code C is then displayed to the user on a display means 9,
`preferably a
`liquid crystal display,
`for a predetermined
`length of time such as five minutes.
`
`The terminal 2, at the behest of the security server 5
`prompts the user to input
`the transformed Code C displayed
`by the receiver unit 6. After input,
`the security server 5
`compares
`the input Code C with the transformed code, Code
`B, it produced by encryption of the random code, Code A. If
`Code B and Code C are identical, access to the host system
`1
`is permitted.
`
`the
`of
`embodiment
`sophisticated
`second more
`A
`invention is shown in Fig.
`2 and the same reference numbers
`are used in Fig.
`1 as have been used in Fig.
`1
`to indicate
`Similar
`features
`of
`the
`system.
`In
`addition,
`logic
`operations carried out by various components of the system
`are shown in the rounded edged boxes.
`
`the
`second embodiment enables verification of
`This
`actual remote terminal 2,
`the network system to which it is
`connected, and the software it has access to.
`In this way,
`highly secure information can be made available for viewing
`but not made available to terminals which may have the
`capability to store or process the information further.
`
`the receiver
`However, whereas in the first embodiment,
`comprise a
`unit 6 would probably, but not necessarily,
`stand-alone piece of equipment,
`in this embodiment
`the
`receiver unit
`6
`is
`intended to be
`linked to the remote
`terminal
`2
`for
`the passage of
`information therebetween.
`This linkage could be by any conventional means, such as a
`plug/socket arrangement whereby the unit 6
`is plugged into
`one of
`the output ports of
`the terminal
`2 or an infrared
`transmission system.
`In this way,
`the receiver unit 6 forms
`a security key for the system and must be connected to the
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 11 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 11 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`10
`
`terminal 2 before the latter can be used to access the host
`system 1.
`
`2 also comprises a central processing
`terminal
`The
`(CPU)
`in its own right and is preferably in the form
`unit
`of a personal computer
`(PC).
`In a similar fashion to the
`security key 6,
`the terminal
`2 will also have
`its own
`terminal
`identity code.
`In addition,
`it
`runs
`security
`software which monitors
`other
`software which
`can
`be
`accessed and run by the terminal. The security software
`supplies appropriately encrypted software identity codes
`dependent on this software.
`
`the
`system to which
`network
`The
`connected can also be verified. For example,
`token ring identification code
`can
`be
`purpose.
`
`ig
`2
`terminal
`the terminal's
`used
`for
`this
`
`as
`the system operates
`2,
`to Fig.
`reference
`With
`follows. The user first attaches the receiver unit
`6 or
`security key to the terminal
`2 and enables the unit 6 by
`entering his
`second user identification code in the form
`of a secret PIN, via the keypad 8. This PIN is known only
`to the user and the receiver unit 6 could be constructed so
`that this number can be changed by the user by following a
`predetermined routine.
`
`The user's first identification code (USER ID), which
`Can again comprise
`the user's name is entered into the
`terminal 2.
`In this embodiment, it is the security software
`running on the terminal
`2 which enables the dialogue with
`the user. This security software now generates an access
`code or what can be considered as an access "claim" based
`on
`the user's identification code
`(USER ID)
`and one or
`more,
`and preferably all of
`the terminal
`identity code
`(TERMINAL ID),
`the network identification code (NETWORK
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 12 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 12 of 26
`
`
`
`WO 95/19593
`
`‘
`
`PCT/GB95/00059
`
`11
`
`ID), and one or more software identity codes (SOFTWARE ID),
`This access code or claim is passed to the security server
`5 of
`the host computer
`system 1
`that
`it
`is desired to
`
`access,
`
`The security server 5 deconstructs the access code or
`claim into its constituent parts.
`In the same way as the
`first
`embodiment,
`it uses
`the user
`identification code
`(USER
`ID)
`to
`access
`its
`database
`to
`locate
`the
`corresponding identity code for
`the appropriate receiver
`unit 6. As before,
`the security server 5 then generates a
`random code
`(Code
`A)
`and
`subjects
`this number
`to an
`encryption using the same one-way algorithm as is stored in
`the user's receiver 6 to produce the transformed code (Code
`B). However,
`in this embodiment a third code
`(Code E)
`is
`used as
`a
`second encryption key. This
`third Code
`E
`is
`obtained by using the other identification codes comprising
`the access claim as will now be described.
`
`identity code
`The security server takes the terminal
`and network identity code and combines
`these or parts of
`these in a predetermined manner
`to form a hardware code
`(HARDWARE
`ID) or first computer
`identification code,
`It
`then generates a second random number
`(Code D1) which is
`encrypted using a predetermined one-way
`algorithm,
`to
`produce a first transformed code (Code El).
`
`software
`the
`similar operation is performed on
`A
`identity codes
`(SOFTWARE ID).
`If more
`than one of
`these
`comprises part of the access claim,
`then they are combined
`or parts of them are combined in a predetermined manner to
`form a single code which comprises
`the second computer
`identification code.
`The security server
`5 generates
`a
`third random number
`(Code D2), which is encrypted using a
`predetermined
`one-way
`algorithm to
`produce
`a
`second
`transformed code (Code E2).
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 13 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 13 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`12
`
`The first and second transformed codes, Code El and
`
`to
`Code E2, are then combined in a predetermined manner
`form a single transformed code which comprises the Code E
`which is used in the production of Code B.
`
`As
`
`in the first
`
`embodiment,
`
`the security server
`
`5
`
`transmits
`the first
`random code, Code A, along with an
`indentifier or
`identifying tag which can be recognized by
`the security key 6 to the paging system 7. The identifying
`tag and the random code, Code A, are then broadcast by the
`paging system 7 for the security key 6
`to pick up,
`identity
`and store.
`
`the security server 5 passes the
`In addition however,
`second and third random numbers, Code D1 and Code D2, along
`with
`the
`transformed code, Code B,
`back to the host
`
`computer system 1. The host computer system 1
`
`then passes
`
`the second and third random numbers, Code Dl and Code D2,
`back to the terminal 2. The the security software running
`on the terminal
`2 uses the Codes Dl and D2 along with the
`hardware
`and software
`identification codes,
`which
`it
`
`constructed as part of
`
`the
`
`access
`
`claim,
`
`to produce
`
`respectively transformed Codes Fl and F2. These are then
`
`are then combined in the same predetermined manner as the
`Codes El and E2 to produce a single transformed code, Code
`F,
`
`This single transformed code, Code F,
`
`is then passed
`
`2 to the security key 6. The security key
`by the terminal
`is now able to encrypt the received Code A using the Code F
`and the user
`identification code it contains via the one-
`
`way
`
`algorithm in
`
`its
`
`logic circuitry to produce
`
`the
`
`transformed code, Code C.
`
`is then displayed on the
`The resultant code, Code C,
`‘display means 9 of the security key for the user to enter
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 14 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 14 of 26
`
`
`
`WO95/19593
`
`PCT/GB95/00059
`
`13
`
`the host computer
`the behest of
`2 at
`into the terminal
`can
`then compare
`the entered
`System 1.
`The
`system 1
`transformed code, Code C, with that, Code B,
`transmitted to
`it from the security server 5. Access
`to the system 1
`is
`then only permitted if the two codes, Code B and Code C,
`are identical,
`
`It will be appreciated that for Code B and Code C to
`identical,
`then Codes
`E and F will also be identical
`be
`assuming that
`the one-way algorithms used to produce same
`are also equivalent.
`
`the computer security system not only verifies
`Thus,
`the user's identification code and the security key 6
`that
`also the
`terminal
`2
`and
`its
`network and
`stored
`but
`software.
`
`It will be appreciated that a less complex security
`system code could simply verify the computer hardware being
`used and not
`the software.
`In this case a Single random
`generated code, Code D,
`can be encrypted to produce a
`Single transformed code, Code E, which can then be used
`directly in the encryption of Code A..
`
`in
`As
`algorithms
`algorithms.
`
`first
`the
`used in the
`
`the
`preferably all
`embodiment,
`system should comprise
`one-way
`
`in both embodiments the receiver unit or
`In addition,
`security key 6 is preferably always responsive to reception
`of its identifier regardless of whether or not it has been
`enabled by the user. Hence,
`the receiver 6 is responsive to
`reception of
`its
`identifier
`in circumstances when
`the
`authorised user
`is not attempting to gain access to the
`host
`system.
`In this way the receiver
`6
`can be used to
`alert the authorised user that an attempt at unauthorised
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 15 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 15 of 26
`
`
`
`WO95/19593
`
`PCT/GB95/00059
`
`14
`
`conventional
`is being made as well as act as a
`access
`pager which can request
`the user to log into a particular
`computer
`system 1 or otherwise receive pager messages.
`Thus, a host computer system 1 can request users to log in
`to receive,
`for example, electronic mail, or to carry out
`other operations.
`
`5
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 16 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 16 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`15
`
`CLAIMS
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`identification code
`
`input
`
`to the
`
`A method of preventing unauthorised access to a host
`1.
`computer
`system (1)
`by a user at a remote terminal
`(2)
`comprising the steps of
`accepting a user
`terminal by the user;
`generating a random code (Code A);
`subjecting Code A to a transformation characteristic
`of a transformation algorithm identified by the input user
`identification code so as to generate a transformed code
`(Code B);
`to a
`A via a paging system (7),
`transmitting Code
`receiver (6) held by the user,
`the receiver (6) comprising
`transformation means adapted to transform the received Code
`A to a second transformed code (Code C), and means
`(9) for
`displaying Code C to the user;
`accepting input of Code C to the terminal
`.
`
`(2) by the
`
`user;
`
`comparing Code C with Code B; and
`permitting access to the host system (1) only if Code
`C matches Code B.
`
`the
`in Claim 1, wherein
`claimed
`as
`A method
`2.
`transformation algorithm identified by
`the
`input user
`identification code comprises a one-way algorithm.
`
`A method as claimed Claim 1 or Claim 2, wherein the
`3.
`receiver (6) can only be enabled for a predetermined period
`to permit
`it
`to transform the received Code
`A
`to the
`transformed Code C by input of a second user identification
`code by the user.
`
`to 3,
`1
`claimed in any one of Claims
`A method as
`4,
`wherein
`the
`signal
`incorporating
`Code
`A which
`is
`transmitted by the paging system (7) also incorporates an
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 17 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 17 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`16
`
`the signal
`identifier to enable the receiver to pick out
`from a plurality which may be being transmitted at the same
`time.
`
`A method as claimed in Claim 4, wherein the receiver
`5.
`is always
`responsive to reception of
`its identifier
`(6)
`regardless of whether or not
`it has been enabled by the
`user.
`
`to 5,
`claimed in any one of Claims
`A method as
`6.
`central
`wherein
`the
`remote
`terminal
`(2)
`comprises
`a
`processing
`unit
`(CPU)
`and
`the method
`comprises
`the
`additional steps of
`
`1
`
`(2) based on
`generating an access code by the terminal
`the user identification code and at least one of a terminal
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`network
`a
`terminal,
`remote
`identifying the
`for
`code
`identification code for identifying which of a plurality of
`networks
`the
`remote
`terminal
`is
`connected
`to,
`and
`a
`software
`code
`identifying the presence or
`absence
`of
`particular software stored at the remote terminal site and
`accessible by its CPU;
`transmitting the access
`system (1);
`
`to the host
`
`computer
`
`code
`
`deconstructing the access code to produce at least one
`computer
`identification code and the user
`identification
`
`code;
`
`generating a second random code (Code D);
`subjecting Code D and the computer identification code
`transformation characteristic of
`a
`transformation:
`to a
`algorithm so as to generate a transformed code (Code E);
`subjecting Code A to a transformation characteristic
`of both the transformation algorithm identified by the
`input user identification code and Code E so as to generate
`the transformed code (Code B);
`(2) which also
`passing Code D to the remote terminal
`subjects Code D and the computer identification code to a
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 18 of 26
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 18 of 26
`
`
`
`WO 95/19593
`
`PCT/GB95/00059
`
`17
`
`transformation characteristic of a transformation algorithm
`so as to generate a transformed code (Code F);
`passing Code
`F to the receiver
`(6)
`from the remote
`terminal which also subjects Code A to a
`transformation
`characteristic
`of
`both
`the
`transformation
`algorithm
`identified by the input user identification code and Code F
`so as to generate the transformed code (Code C);.
`
`5
`
`10
`
`claimed
`
`in Claim 6,
`
`comprising the
`
`15
`
`20
`
`25
`
`30
`
`as
`A method
`7.
`additional steps of
`code to produce the user
`deconstructing the access
`identification code, a first computer
`identification code
`characteristic
`of
`the
`computer
`hardware
`identifying
`portions
`of
`the
`access
`code
`and
`a_
`second
`computer
`identification code characteristic of the computer software
`identifying portions of the access code;
`generating a second random code (Code D1) and a third
`random code (Code D2);
`,
`computer
`first
`and
`D1
`‘subjecting
`Code
`the
`identification code to a transformation characteristic of a
`transformation algorithm so as
`to generate a transformed
`code (Code E1);
`computer
`second
`the
`and
`D2
`Code
`subjecting
`identification code to a transformation characteristic of a
`transformation algorithm so as
`to generate a transformed
`code (Code E2);
`combining in a predetermined fashion Codes Fl and E2
`or parts thereof to produce the transformed code (Code E);
`passing Code Dl and Code D2 to the remote terminal
`(2)
`subjects
`Code
`D1
`and
`the
`first
`computer
`which
`identification code to a transformation characteristic of a
`transformation algorithm so as
`to generate a transformed
`code (Code Fl), and which
`subjects Code D2 and the second
`computer
`identification
`code
`to
`a
`transformation
`
`35 as_tocharacteristic of a transformation algorithm so
`
`
`generate a transformed code (Code F2); and
`
`
`
`UNIFIED PATENTS EXHIBIT 1007
`Page 19 of 26
`
`UNIFIED PATENT