AU733558B2 - Method for protecting a communications system from unauthorized access - Google Patents
Method for protecting a communications system from unauthorized access Download PDFInfo
- Publication number
- AU733558B2 AU733558B2 AU60876/98A AU6087698A AU733558B2 AU 733558 B2 AU733558 B2 AU 733558B2 AU 60876/98 A AU60876/98 A AU 60876/98A AU 6087698 A AU6087698 A AU 6087698A AU 733558 B2 AU733558 B2 AU 733558B2
- Authority
- AU
- Australia
- Prior art keywords
- password
- system manager
- functional units
- accordance
- functional unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M3/00—Automatic or semi-automatic exchanges
- H04M3/38—Graded-service arrangements, i.e. some subscribers prevented from establishing certain connections
- H04M3/382—Graded-service arrangements, i.e. some subscribers prevented from establishing certain connections using authorisation codes or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Telephonic Communication Services (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Communication Control (AREA)
- Exchange Systems With Centralized Control (AREA)
Description
-1- METHOD FOR PROTECTING A COMMUNICATIONS SYSTEM FROM UNAUTHORIZED
ACCESS
The present invention relates generally to the field of communications and, in particular, to a method for protecting a communications system from unauthorized access.
In modern communications systems, great quantities of information (data and programs) are stored that are necessary for the operation and particularly for the userspecific configuration of the system. The information is distributed among various functional units of the system. Specifically, it involves data that is identical for all users 0lo (global data), personal data on the users, and device-specific data of functional units of the system. These data must be protected against unauthorized access. The management of the information is preferably done in a central location whence it is transmitted when necessary to the concerned functional units of the system via data connections. From EP 0 735 785 Al is known a communications system with a central system manager that can be used as a dealer system. When the system is started up, the system manager ensures that all functional units up to and including the t-miiiai-devices are supplied with the necessary information. When the system manager, for example a commercial personal computer, can be connected to the system via a known interface, the possibility that unauthorized third parties can access the system cannot be excluded with absolute 20 certainty.
Thus the task of the present invention is to preclude, under all circumstances, unauthorized access to information stored in a communication system.
o oo According to one aspect of the present invention there is provided a method for protecting a communications system from unauthorized access to information that is stored in the functional units of the system and that can be supplied thereto for configuration by a system manager via data connections, wherein a password corresponding to the access authorization is entered in the system manager, and wherein r at every startup of the system or of parts of the system, an address identifying the 30 system manager is transmitted to at least one of the functional units of the S: communications system affected by the startup whereupon the functional unit sets up with this address a connection to the system manager, wherein 7, the system manager then transmits the password to the functional unit, and [R:\LIBPP]2160.doc:eaa -lathe functional unit then transmits the password to all functional units reachable by it, and wherein at every subsequent establishment of a data connection from a system manager to functional units, this password is appended to the connection setup information and verified by each of the addressed functional units for agreement with the password it has stored.
The comparison of the password stored in all functional units with a password that 0 *9* 0 *0 *0 e P17056 is compulsorily transmitted during establishment of a data connection ensures that no unauthorized access to stored information is possible. If a participating functional unit determines during establishment of a data connection that the transmitted password does not agree with the password stored in that unit, access to information stored in that unit is denied. Additional implementation forms and advantages of the method can be seen from the description below.
The invention is described in greater detail below with the aid of a drawing as an example. The drawing shows a digital communications system that is constructed in accordance with the principle known from EP 0 735 785 Al with central and distributed functional units. The communications system consists essentially of a switching section VT and a great number of terminal devices EG connected to the switching section VT. Also connected to the switching section VT is a system manager SM. A computer with large memory capacity and with a video display can be provided as the system manager SM.
The switching section VT is comprised of a circuit switching network SWU, to which the circuit switching groups SLMY1 SLMY3 are connected. Each circuit switching group SLMY is connected on one side via an 8 Mbit line to a circuit switching network SWU and on the other side each via individual 8 Mbit lines to three multiplexers MUX. The circuit switching group SLMY has a coupler for switching the voice, data and signaling channels (time slots) coming from the circuit switching network SWU to the multiplexers. Ten terminal devices EG are each connected via their own 2 Mbit line to each multiplexer MUX. The multiplexers MUX have a coupler that switches the voice and signaling channels of the 8 Mbit line coming from the circuit switching groups SLMY to the appropriate terminal devices EG. The multiplexers MUX are controlled by the associated circuit switching groups SLMY. The circuit switching network SWU is a digital coupler with a control unit ST that serves to switch connections. This configuration P17056 makes it possible to connect any desired terminal devices EG with one another via the circuit switching groups SLMY and the circuit switching network SWU, and to exchange user information in the form of data or program code and also voice information through these connections. An exchange of data between terminal devices EG takes place for example when the current operating state of other terminal devices, such as the busy condition, is to be indicated in a terminal device. Moreover, external lines, such as analog or digital lines (trunks La, leased lines Lb and dedicated lines Ls) leading to the public telecommunications network OEN, are connected via an interface module SLB to the circuit switching network SWU so that the terminal devices EG can also enter into connection via the switching section VT with partners that are not connected to this communications system. The number of circuit switching groups SLMY, multiplexers MUX and terminal devices EG shown in the drawing is to be considered an example for the purpose of the present explanation; of course another configuration of the communications system realized in accordance with this principle is also possible.
The terminal devices EG form the interface between the users and the communications system. They make available to the user a great number of convenient features depending on the application. For example, in an embodiment of the communications system used for foreign exchange dealings in banks, the terminal devices EG have for various inputs and outputs (such as destination selection) a keyboard with program-controlled LCD (Liquid Crystal Display) legends. Furthermore, a display screen with user guidance as well as handsfree and monitoring functions can also be provided in the terminal devices EG. In order to fulfill all these functions, each terminal device EG has its own processor that controls the relevant functions by means of software stored in an associated program memory or data memory, respectively. The software involved is switching software and operator software. The switching software controls all functions connected with communication, such as the monitoring and switching of connections P17056 (voice channels) to the multiplexers MUX and the circuit switching groups SLMY. The operator software primarily assumes control of the user interface with the keyboard and the display screen.
In the case of enhancements or user-specific modifications, it can become necessary to update information stored in functional units SLMY, MUX, EG of the system. Thus for example, information stored in the terminal devices EG (programs and/or data) must be updated because users desire a different configuration or additional features at their workplace. For this purpose, the appropriate information must be transmitted to the appropriate terminal devices EG. Another possible update in the terminal devices EG is comprised of the relabeling of a destination key because the associated line has changed.
In the course of enhancements to the communications system, it can also become necessary to supply all terminal devices EG with new program versions. In this case, the terminal devices EG must be supplied with new program code and/or data. A change to the data in a circuit switching unit SLMY relates, for example, to the activation of a particular call forwarding route in the "night service" operating state.
The management of the information necessary for operation of the system and user-appropriate configuration of functional units SLMY, MUX and EG are performed by the system manager SM. The system manager SM forms the interface between the operator and the system. It is connected to the circuit switching network SWU via a special interface (So-interface with 2 B channels at 64 kbit/s and one D channel at 16 kbit/s) and an interface module SSB. The system manager SM has a large database, which contains among other things the data and programs for the configuration of the circuit switching groups SLMY, the multiplexers MUX and the terminal devices EG.
For the transmission of information to a terminal device EG, for example terminal P17056 device EGn, the operator (system administrator) initiates at the system manager SM a function "Supply terminal device with new information". A loading procedure activated by this establishes a connection via the circuit switching network SWU, the circuit switching unit SLMY I and the multiplexer MUX I from the system manager SM to the terminal device EGn, which is identified by a device number known to the system manager SM.
During this process, a free channel (time slot) is seized on the connection lines between the circuit switching unit SLMY1 and the multiplexer MUX1 and between the multiplexer MUXI and the selected terminal device EGn, by which means the transmission between the system manager SM and the terminal device EGn can take place via a data (pointpoint) connection, for example with the HDLC protocol. As soon as the connection has been established, the terminal device EGn delivers a readiness message to the system manager SM, whereupon the transmission of the information to the terminal device EGn begins. As soon as all information has been transmitted to the terminal device EGn, the system manager SM receives an appropriate disconnect message from the terminal device EGn, whereupon it terminates the connection with the terminal device EGn. In like fashion, information can be transmitted from the system manager SM to selected circuit switching units SLMY or multiplexers MUX using analogous procedures.
The system manager SM can in its simplest form be a commercial personal computer that may be connected via a So-interface to the communications system. Access from the system manager SM to the communications system requires knowledge of the necessary procedures and protocols on the part of the human operator. Despite all conceivable security measures, the possibility that unauthorized third parties can acquire the necessary knowledge cannot be excluded with absolute certainty. Also for this reason, unauthorized access to the communications system and its functional units SLMY, MUX and EG cannot be completely excluded. For this reason, it must be prevented at all events that unauthorized third parties can gain access to the system and extract any information P17056 or undertake manipulations that cause service interruptions.
In principle, not only accesses that take place from a system manager SM belonging to the communications system are possible. Accesses that originate from a system manager SME connected to the public communications network OEN are also possible. In addition, accesses are also possible from a system manager SMF connected to a foreign communications system KA that can establish connections with the communications system in question via the public communications network OEN. If these are unauthorized accesses, they must be prevented under all circumstances.
The method in accordance with the invention satisfies this requirement. It provides that a certain password is entered at the system manager SM which governs access to the communications system that is managed by the system manager SM. At every startup at the initial installation startup and at later startups of the communications system or of parts of the system, at least one of the system's functional units affected by the startup has transmitted to it an address with which this functional unit can establish a data connection to the system manager SM. Preferably selected as address recipients are functional units that can directly reach as many peripheral functional units of the communications system as possible in a simple way. A centrally located functional unit is selected as the address sender. In the case at hand, the address is sent by the control unit ST of the circuit switching network SWU to the circuit switching groups SLMYI,..., SLMY3. The address is entered into the control unit ST upon initial installation startup via a central control terminal BT that is used for configuration of the switching section. After receiving the address, the circuit switching groups SLMY1, SLMY3 each establish a connection via the circuit switching network SWU to the system manager SM and prompt it to transmit the current password. Then the password is transmitted through the established connection by the system manager SM to the circuit switching groups SLMY1, P17056 SLMY3. Following termination of the connection between the circuit switching group SLMY and the system manager SM, each circuit switching group SLMY transmits the password to the associated multiplexer MUX via signaling channels and thence to the connected terminal devices EG. The password is stored in all functional units SLMY, MUX and EG of the communications system.
When a terminal unit EG is newly attached to a connection of the communications system, the terminal unit is logged on to the associated circuit switching group SLMY through a procedure initiated in the terminal unit, whereupon it transmits to the terminal device the current password among other things.
Security can be additionally increased if the system manager SM checks, prior to transmitting the password to a requesting circuit switching group SLMY, using its source address, whether the circuit switching group SLMY is authorized at all to receive the password. Security can be further increased in that the system manager SM verifies an entered password on the basis of various criteria (syntax, etc.) before accepting it.
Every time a connection is set up by the system's own system manager SM or a foreign system manager SME or SMF for the purpose of exchanging information with functional units of the communications system, the system manager must send the password along with the connection request. Each functional unit involved in the connection (circuit switching group SLMY, multiplexer MUX and terminal device EG) verifies whether the password transmitted in the connection setup information agrees with its stored password. If this is not the case, the functional unit denies access to the information that is stored in it and is to be protected. Likewise, the password is verified when functional units, such as two terminal devices EG, wish to exchange data with one another.
1-j 7
A
P!7056 The system administrator either a person authorized by the operator of the system or a person authorized by the manufacturer of the system can enter the password at the system manager SM and later change it either as needed or as prompted by the system manager SM. It is also conceivable that the system manager SM automatically, i.e.
without the participation of the system administrator, changes the password periodically or at arbitrary times. In this case, the valid password is not known to anyone, which considerably increases security against unauthorized access.
When the password is changed at the system manager SM, it transmits the new o0 password with a change identifier as described to all circuit switching groups SLMY, which then pass on the new password to all functional units MUX and EG of the communications system that they can reach directly, where it replaces the old password.
To increase security, a further embodiment of the method provides for the old password to be transmitted simultaneously with the new password when the password is being changed, whereby the new password is only accepted in the affected functional unit when the old password received agrees with the already existing old password.
Claims (6)
1. A method for protecting a communications system from unauthorized access to information that is stored in the functional units of the system and that can be supplied thereto for configuration by a system manager via data connections, wherein a password corresponding to the access authorization is entered in the system manager, and wherein at every startup of the system or of parts of the system, an address identifying the system manager is transmitted to at least one of the functional units of the communications system affected by the startup whereupon the functional unit sets up with this address a connection to the system manager, wherein the system manager then transmits the password to the functional unit, and wherein the functional unit then transmits the password to all functional units reachable by it, and wherein at every subsequent establishment of a data connection from a system manager to functional units, this password is appended to the connection setup information and verified by each of the addressed functional units for agreement with the password it has stored.
2. The method in accordance with claim 1, wherein during establishment of data connections between functional units the password is appended to the connection setup *see information and verified by each of the addressed functional units for agreement with the password it has stored. ooo: 3. The method in accordance with claim 1 or 2, wherein the system manager, prior to transmitting the password to a functional unit requesting the password, verifies the :o o authorization of that functional unit. oo 30 4. The method in accordance with claim 1, wherein when the password is being changed, the new password is transmitted along with a change message to at least one functional unit, that then transmits the new password to all functional units reachable by 1R:\LIBPP]2160.doc:caa The method in accordance with claim 4, wherein both the old password and the new password are transmitted to the functional unit along with the change message.
6. The method in accordance with claim 4 or 5, wherein the password can be changed by a system administrator at the system manager at any time, or upon prompting by the system manager.
7. The method in accordance with claim 4 or 5, wherein the password can be changed automatically by the system manager either periodically or at arbitrary times.
8. The method in accordance with one of the preceding claims, wherein a password entered at the system manager is verified upon entry on the basis of predetermined criteria.
9. A method for protecting a communications system from unauthorized access to information that is stored in the functional units of the system and that can be supplied thereto for configuration by a system manager in a data connections, substantially as herein described with reference to the accompanying drawings. 9. 20 DATED this twelfth Day of December, 2000 Siemens Schweiz AG 9 *fee o Patent Attorneys for the Applicant .000 ooo SPRUSON FERGUSON 9 o 10: o9ooo 9.o9 .9o°9 o9 oo 9 9o 9go 9 9 9o
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CH59297 | 1997-03-12 | ||
| CH592/97 | 1997-03-12 | ||
| PCT/CH1998/000099 WO1998041003A1 (en) | 1997-03-12 | 1998-03-11 | Method for protecting a communications facility against unauthorized access |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| AU6087698A AU6087698A (en) | 1998-09-29 |
| AU733558B2 true AU733558B2 (en) | 2001-05-17 |
Family
ID=4190573
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AU60876/98A Ceased AU733558B2 (en) | 1997-03-12 | 1998-03-11 | Method for protecting a communications system from unauthorized access |
Country Status (7)
| Country | Link |
|---|---|
| EP (1) | EP0923836A1 (en) |
| JP (1) | JP2000511384A (en) |
| CN (1) | CN1227025A (en) |
| AU (1) | AU733558B2 (en) |
| CA (1) | CA2254093A1 (en) |
| NO (1) | NO985166L (en) |
| WO (1) | WO1998041003A1 (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1996025001A1 (en) * | 1995-02-08 | 1996-08-15 | Robert Bosch Gmbh | Method of initiating remote maintenance of a private branch exchange |
| EP0735785A1 (en) * | 1995-03-27 | 1996-10-02 | Siemens Schweiz AG | Communication system with switched servers |
| EP0745924A2 (en) * | 1995-05-31 | 1996-12-04 | AT&T Corp. | User-transparent security method and apparatus for authenticating user terminal access to a network |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE59206051D1 (en) * | 1992-02-28 | 1996-05-23 | Siemens Ag | Process for hierarchically administrable, identification-oriented release control for operator task-related access instructions to a database of a program-controlled communication system |
| US5497411A (en) * | 1994-03-14 | 1996-03-05 | Pellerin; Joseph C. E. | Telecommunications card-access system |
| DE4439068C2 (en) * | 1994-11-02 | 1999-12-09 | Deutsche Telekom Ag | Method and device for protection against unauthorized use of communication connections |
-
1998
- 1998-03-11 AU AU60876/98A patent/AU733558B2/en not_active Ceased
- 1998-03-11 EP EP98905202A patent/EP0923836A1/en not_active Withdrawn
- 1998-03-11 WO PCT/CH1998/000099 patent/WO1998041003A1/en not_active Application Discontinuation
- 1998-03-11 CN CN 98800614 patent/CN1227025A/en active Pending
- 1998-03-11 CA CA 2254093 patent/CA2254093A1/en not_active Abandoned
- 1998-03-11 JP JP10539025A patent/JP2000511384A/en active Pending
- 1998-11-05 NO NO985166A patent/NO985166L/en unknown
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1996025001A1 (en) * | 1995-02-08 | 1996-08-15 | Robert Bosch Gmbh | Method of initiating remote maintenance of a private branch exchange |
| EP0735785A1 (en) * | 1995-03-27 | 1996-10-02 | Siemens Schweiz AG | Communication system with switched servers |
| EP0745924A2 (en) * | 1995-05-31 | 1996-12-04 | AT&T Corp. | User-transparent security method and apparatus for authenticating user terminal access to a network |
Also Published As
| Publication number | Publication date |
|---|---|
| NO985166L (en) | 1999-01-12 |
| WO1998041003A1 (en) | 1998-09-17 |
| NO985166D0 (en) | 1998-11-05 |
| JP2000511384A (en) | 2000-08-29 |
| EP0923836A1 (en) | 1999-06-23 |
| AU6087698A (en) | 1998-09-29 |
| CN1227025A (en) | 1999-08-25 |
| CA2254093A1 (en) | 1998-09-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5812656A (en) | System for providing prioritized connections in a public switched network | |
| JPH03210847A (en) | Communication circuit netz | |
| KR100658241B1 (en) | Authentication method and authentication device for secured communications between an atm mobile terminal and an atm access node of a wireless atm radio communication network | |
| EP0511497B1 (en) | Secure communication network | |
| US5574870A (en) | Method for the commissioning of an interface to be allocated to different transmission paths in a program-controlled communication system | |
| US5995604A (en) | Method of preventing fraudulent toll calls by key system users | |
| US20030139200A1 (en) | Communication system, system information download method, main apparatus, and server apparatus | |
| US20020057677A1 (en) | Method for the realization of a service for the automatic transmission of packet data, as well as communication network, information computer and program module for it | |
| US5802155A (en) | Method and apparatus for controlling regular and supressed ringing connections in a telecommunications network | |
| AU733558B2 (en) | Method for protecting a communications system from unauthorized access | |
| US7177411B1 (en) | System for implementing telephone services, control unit for an automatic switch and telephone and computer integration server | |
| Cisco | Setting Up ISDN Basic Rate Service | |
| US7602897B2 (en) | Method for supporting the mobility of a subscriber across a communication system | |
| US5999607A (en) | Method and apparatus for restricting dialing authorization in communication devices | |
| CA2182243C (en) | System for providing prioritized connections in a public switched network | |
| US20020049850A1 (en) | Data communications method and system | |
| KR100204581B1 (en) | Interface method of vod service in the exchange | |
| US6289091B1 (en) | Method of making changes in a directory number administration, and directory number administration facility | |
| KR100725131B1 (en) | System and its method for providing dynamic leased line service | |
| WO2003101145A1 (en) | Isdn interface apparatus | |
| EP1561335A1 (en) | A telephone fraud prevention system | |
| US8320413B2 (en) | Communication method using one access | |
| US6621898B1 (en) | Method of communication between an automatic branch exchange and a messaging system providing at least one voice service, automatic branch exchange and messaging system implementing a method of this kind | |
| JP3470877B2 (en) | Button telephone device with power outage function | |
| SK106797A3 (en) | Method of remote maintenance |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FGA | Letters patent sealed or granted (standard patent) | ||
| MK14 | Patent ceased section 143(a) (annual fees not paid) or expired |