GB2060228A - Computer System - Google Patents

Computer System Download PDF

Info

Publication number
GB2060228A
GB2060228A GB8032266A GB8032266A GB2060228A GB 2060228 A GB2060228 A GB 2060228A GB 8032266 A GB8032266 A GB 8032266A GB 8032266 A GB8032266 A GB 8032266A GB 2060228 A GB2060228 A GB 2060228A
Authority
GB
United Kingdom
Prior art keywords
computer
received
coded signal
terminal
signal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB8032266A
Other versions
GB2060228B (en
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mastiff Security Systems Ltd
Original Assignee
Mastiff Security Systems Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mastiff Security Systems Ltd filed Critical Mastiff Security Systems Ltd
Priority to GB8032266A priority Critical patent/GB2060228B/en
Publication of GB2060228A publication Critical patent/GB2060228A/en
Application granted granted Critical
Publication of GB2060228B publication Critical patent/GB2060228B/en
Expired legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/02Input arrangements using manually operated switches, e.g. using keyboards or dials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/0008General problems related to the reading of electronic memory record carriers, independent of its reading method, e.g. power transfer
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/28Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Human Computer Interaction (AREA)
  • Burglar Alarm Systems (AREA)

Abstract

A main frame computer (31) is coupled to a computer terminal (32) including a detector (21) indicating whether a coded signal is being received (18) from a "hands-free" token (33) carried by the terminal operator. Only if the signals are being received is the terminal (11) operable, either because its power supply is turned on, or because it is not latched out, or because it is interrogated by the computer (31) and gives an appropriate response. <IMAGE>

Description

SPECIFICATION Computer Systems This invention relates generally to the protection of computer systems from fraudulent use. A typical computer system has a main frame computer coupled to a computer terminal, or some other peripheral device, such as a cheque reader, coupled to the main frame computer through a data bus and an address bus. The peripheral device can be used by someone remote from the main frame computer for addressing the computer, and feeding input to it, and extracting information from it.
An object of the present invention is to provide some protection of such a system against operation of the terminal or peripheral device by an unauthorised person.
In accordance with one aspect of the present invention, a computer terminal or other peripheral device has a receiver and a detector capable of detecting whether the receiver is receiving a coded signal, and means for controlling the operation of the device in dependence on whether a coded signal is being received.
The coded signal may be provided by a pocket token suitable for hands-free operation, that is to say capable of delivering a coded signal to the receiver, even when in the pocket or the handbag of a user provided the user is adjacent the peripheral device.
The preferred tokens are conveniently the okens described in British Patent Specification No. 141411 9, and British Patent Specification No. 1414120. Those Patent Specifications describe the use of tokens for controlling access to a secured area, and they are equally applicable to protection of a computer terminal as described above. However, other sorts of coded signal generating tokens can be used. The important thing is that the token should be capable of releasing the latch when in the pocket of the operator so that the operator does not need to use hjs hands to unlock the terminal before starting to operate it. Operation will be available automatically provided the operator arrives carrying the appropriate token.
It can be arranged that the peripheral device has a latch which normally prevents operation but which can be released if the coded signal is being received. Again it can be arranged that if the coded signal is notbeing received, the power supply to the peripheral device is cut off. Again the detector can be arranged to set the peripheral device if coded signals are being received, so that the peripheral device can respond to an interrogation from the main frame computer by delivering a signal which the main frame computer can interpret as showing that the coded signal is being received.
It may be useful in some circumstances to have a detector of a presence at the peripheral device, for example a photoelectric device, or an infra-red device, which is arranged to give a signal responsive to the presence of a person at the peripheral device for rendering the peripheral device in-operative unless coded signals are also being received.
In an alternative method of protecting a computer system, the bus between a main frame computer and a peripheral device includes an integrity protection unit which normally passes signals in either direction, but which can be programmed so that certain signals can only be passed at pre-programmed times or perhaps can only be arranged to pass certain signals if they are passing in one direction rather than the other.
The invention may be carried into practice in various ways, and certain embodiments will now be described by way of example with reference to the accompanying drawings in which: Figure 1 is a diagram of a single computer protection system; Figure 2 is a diagram of a multiple terminal system; Figure 3 s a diagram of a system similar to Figure 1, but with a body sensing feature; Figure 4 is a diagram of an arrangement enabling a computer terminal to be interrogated by a main frame computer before the main frame computer responds to operation of the terminal; and Figure 5 is a diagram of a system for protecting a computer system by means of an integrity protection unit.
In the arrangement in Figure 1, a computer terminal 11 is connected by lines 12 to a computer, through lines 13 to a keyboard, through lines 14 to a visual display unit, and through a line 15 to an electrical supply. The terminal contains control electronics indicated generally at 16, and connected to the line 15 through a normally open relay contact 17. A pickup aerial 18 which is shown as positioned within the terminal, but may be external, is capable of picking up signals generated by a token in the pocket of a user, and those signals are amplified at 1 9 and fed to a detector 21 powered from the supply at 15 and capable of detecting whether particular signals are being picked up at 18. If so, the detector 21 is arranged to hold the contacts 17 closed, so that the control electronics 16 can be energised from the supply.
This provides a simple arrangement whereby unless a keyboard operator has a token generating the appropriate coded signals, the control electronics 16 are not energised and operation of the keyboard is ineffective.
Figure 2 shows a modification of the arrangement of Figure 1, suitable for use where there are a number of terminals 11, and where it is desired that a terminal can be operated if the operator is carrying any one of a number of differently coded tokens. In this case, the output from each amplifier 19 is connected to a different input of a multiple code detector 22 which is arranged, if it detects that one of the appropriate coded signals is present, to supply through a delay unit 23 a signal to operate a relay 24 controlling the normally-open contact 17. The delay may, for example, be adjustable in one minutes steps to be anything between 1 and 5 minutes.
Either of the arrangements of Figures 1 and 2 may be used in conjunction with a body sensor, as indicated in Figure 3. The body sensor, may for example, be a passibe infra-red detector positioned on the terminal to respond to infra-red radiation from a body in a position to operate the keyboard. However, it could equally well be a photo-electric beam detector or a pressure mat, or a radar detector. Whichever body sensor is used, it can be arranged that a normally-closed contact 26 is held open as long as a body is being sensed. The contact 6 is connected in parallel with the normally-open contact 17 which is closed when an appropriate signal is picked up at 18.In this case the relay 24 is operated from a timer 23 which is arranged to open the contacts 17 if a body is being sensed but no appropriate signal is being picked up, that is if both contacts 26 and 27 are open, for longer than a short delay time. The delay time will allow the authorised user to leave the terminal temporarily without operating the relay 24. The timer 23 may in addition to, or instead of, operating the switch 1 7, operate an alarm.
The arrangement of Figure 4 has the feature that a main frame computer 31 can interrogate a terminal 32 and will only respond to instructions from the terminal if the interrogation reveals that a token 33 is present at the terminal. Thus, the terminal has an aerial 18 as already described, and an amplifier 19 and a detector 21. The difference is that the detector 21 is coupled to the control electronics 16 through interrogation lines 34. It is then not necessary to have a latch or means for cutting off the power supply to the terminal because the main frame computer can be programmed so that as soon as there is any attempt to communicate with the computer 31 from the terminal 32, the computer 31 interrogates the terminal before responding to instructions.The interrogation lines 34 are coupled to the electronics 1 6 so that if a token 33 is present at 18, then the electronics will be set perhaps by the closing of a switch, or by the setting up of an appropriate code, or in some other way to be able to respond to the interrogation from the main frame computer 31, over lines 12.
It is possible to address a main computer 31 from a terminal, or other peripheral device, by way of Post Office lines 36, as shown in Figure 5, provided a modem 37, that is a device capable of modulating and demodulating coded signals is included between the address and data buses 38 and 39 from the main computer, and the Post Office line 36. However it may be possible to feed input to, or extract information from, the main computer fraudulently by someone who has, or can get access to, a terminal connected to a Post Office line, and who knows the appropriate codes to be used by peripheral devices in addressing the main computer.
In order to reduce the danger of such fraudulent use of the system, a computer integrity protection unit 41 can be connected in the buses 38 and 39 leading to the modem 37, and the unit 41 is then programmed to allow signals to pass only in accordance with certain conditions. For example, the unit 41 might be programmed so that it will not pass a signal for erasing information from the main computer if that signal is passing in the direction from the Post Office line to the main computer. Normally it is required that information can be erased from the main computer only in response to instructions generated at the main computer, and not received externally.
Alternatively the unit 41 may be programmed so that it will only pass information from a peripheral device for entering information in the main computer if the information is passed at a certain time, which will be a time when authorised people know that that type of information can be fed to the main computer.
Anybody fraudulently trying to feed such information to the main computer at other times will not be able to pass the unit 41. Such a computer integrity protection unit 41 can be included in series in the data and address buses leading to a peripheral device 42, other than by way of a modem and Post Office line, and the unit 41 can be programmed in a similar manner to that already described.
The portable token referred to at 33 will generally be one that can be carried in the pocket or the handbag of an authorised terminal operator being capable of transmitting coded signals to the receiver 18 without the token being taken out of the pocket or handbag, provided it is close to the terminal.
Such a token could have its own source of power to be capable of transmitting the coded signals continuously throughout the day, or to be capable of being switched on by a radio signal from the computer terminal when the authorised person approaches the terminals, so that power from the battery in the token will not be consumed when the person is not at the computer terminal.

Claims (9)

Claims
1. A computer terminal or other peripheral device for a computer system, having a receiver and a detector capable of detecting whether the receiver is receiving a coded signal, and means for controlling the operation of the device in dependence on whether a coded signal is being received.
2. A device as claimed in Claim 1 in combination with a pocket token suitable for hands-free operation for delivering the coded signal.
3. A device as claimed in Claim 1 or Claim 2 having a latch which normally prevents operation but which can be released if the coded signal is being received.
4. A device as claimed in Claim 1 or Claim 2 arranged to have the power supply cut off if the coded signal is not being received.
5. A device as claimed in Claim 1 or Claim 2 arranged to be set if coded signals are being received so that the device can respond to an interrogation from a main frame computer by delivering a signal that the coded signal is being received.
6. A device as claimed in any of the preceding claims including a detector of the presence of an individual at the peripheral device arranged to give a signal for rendering the device inoperative unless coded signals are also being received.
7. A device as claimed in any preceding claim including a settable delay unit for delaying the control of the device for a set time following loss of a coded signal.
8. A computer terminal or other computer peripheral device arranged substantially as herein specifically described with reference to any figure of the accompanying drawings.
9. A device as claimed in any of the preceding claims in a computer system in which the bus between a main frame computer and a peripheral device includes an integrity protection unit which normaly passes signals in either direction, but which can be programmed so that certain signals can only pass in accordance with a programme.
GB8032266A 1979-10-09 1980-10-07 Computer system Expired GB2060228B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB8032266A GB2060228B (en) 1979-10-09 1980-10-07 Computer system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB7935020 1979-10-09
GB8032266A GB2060228B (en) 1979-10-09 1980-10-07 Computer system

Publications (2)

Publication Number Publication Date
GB2060228A true GB2060228A (en) 1981-04-29
GB2060228B GB2060228B (en) 1984-02-29

Family

ID=26273142

Family Applications (1)

Application Number Title Priority Date Filing Date
GB8032266A Expired GB2060228B (en) 1979-10-09 1980-10-07 Computer system

Country Status (1)

Country Link
GB (1) GB2060228B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2143063A (en) * 1983-07-08 1985-01-30 Colin Rogers Parameter checking apparatus
DE3627124A1 (en) * 1985-08-06 1987-02-12 Pitney Bowes Inc MACHINE LOCKING SYSTEM
GB2188762A (en) * 1986-04-04 1987-10-07 Philip Hall Bertenshaw Secure data communication system
DE3712127A1 (en) * 1986-04-10 1987-10-15 Pitney Bowes Inc Franking machine data transmission system
US4807140A (en) * 1983-11-10 1989-02-21 Saulnier Dominique C Electronic label information exchange system
GB2223610A (en) * 1988-08-01 1990-04-11 Expert Electronic Co Ltd Power control security system for a computer
EP0929024A1 (en) * 1998-01-07 1999-07-14 Ian David Evans Method and apparatus for preventing unintentional perusal of computer display information
GB2336225A (en) * 1998-04-09 1999-10-13 Ital Audio Limited An in-line keyswitch for disabling computer keyboards or monitors
WO2001018634A1 (en) * 1999-09-09 2001-03-15 First Access Access validation system
WO2003040896A1 (en) * 2001-11-05 2003-05-15 Secure Access Management Aps Personal access control system
GB2390205A (en) * 2002-06-20 2003-12-31 Derek Witherington Security code transmitter
US7248892B2 (en) 2001-05-14 2007-07-24 Innovision Research & Technology Plc Electrical devices
WO2009053122A1 (en) * 2007-10-25 2009-04-30 Siemens Aktiengesellschaft Method for operating a system and system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
USRE35364E (en) 1985-10-29 1996-10-29 The Chamberlain Group, Inc. Coding system for multiple transmitters and a single receiver for a garage door opener

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2143063A (en) * 1983-07-08 1985-01-30 Colin Rogers Parameter checking apparatus
US4807140A (en) * 1983-11-10 1989-02-21 Saulnier Dominique C Electronic label information exchange system
DE3627124A1 (en) * 1985-08-06 1987-02-12 Pitney Bowes Inc MACHINE LOCKING SYSTEM
GB2178696A (en) * 1985-08-06 1987-02-18 Pitney Bowes Inc Postage metering locking system
GB2178696B (en) * 1985-08-06 1990-02-21 Pitney Bowes Inc Postage metering locking system
GB2188762A (en) * 1986-04-04 1987-10-07 Philip Hall Bertenshaw Secure data communication system
GB2188762B (en) * 1986-04-04 1989-11-15 Philip Hall Bertenshaw Secure data communication system
DE3712127A1 (en) * 1986-04-10 1987-10-15 Pitney Bowes Inc Franking machine data transmission system
GB2223610A (en) * 1988-08-01 1990-04-11 Expert Electronic Co Ltd Power control security system for a computer
EP0929024A1 (en) * 1998-01-07 1999-07-14 Ian David Evans Method and apparatus for preventing unintentional perusal of computer display information
GB2336225A (en) * 1998-04-09 1999-10-13 Ital Audio Limited An in-line keyswitch for disabling computer keyboards or monitors
WO2001018634A1 (en) * 1999-09-09 2001-03-15 First Access Access validation system
US7248892B2 (en) 2001-05-14 2007-07-24 Innovision Research & Technology Plc Electrical devices
US7313422B2 (en) 2001-05-14 2007-12-25 Innovision Research & Technology Plc Electrical devices
US7373170B2 (en) 2001-05-14 2008-05-13 Innovision Research & Technology Plc Electrical devices
US7376439B2 (en) 2001-05-14 2008-05-20 Innovision Research & Technology Plc Electrical devices
US7392059B2 (en) 2001-05-14 2008-06-24 Innovision Research & Technology Plc Electrical devices
WO2003040896A1 (en) * 2001-11-05 2003-05-15 Secure Access Management Aps Personal access control system
GB2390205A (en) * 2002-06-20 2003-12-31 Derek Witherington Security code transmitter
WO2009053122A1 (en) * 2007-10-25 2009-04-30 Siemens Aktiengesellschaft Method for operating a system and system

Also Published As

Publication number Publication date
GB2060228B (en) 1984-02-29

Similar Documents

Publication Publication Date Title
GB2060228A (en) Computer System
US6040771A (en) Intelligent safe system
CA1277394C (en) Accessory-expandable, radio-controlled, door operator with multiple security levels
EP0722157B1 (en) Anti-theft protection system for valuables
US3833895A (en) Intrusion alarm with indication of prior activation
US6570498B1 (en) Integrated access system
CA2077459A1 (en) Security arrangement
MY109086A (en) Personal computer system with security features and method
KR960035306A (en) Input / output monitoring system
CN108756483A (en) Door lock shutdown condition detection method and detecting system
US4757304A (en) Vehicle security system
US4183019A (en) Money clip with light sensitive detector
EP0475616B1 (en) Programmable security locks
US4943799A (en) Portable alarm system with sealed enclosure
EP1395958B1 (en) Magnetic lock device operated by means of transponder
EP0027058A1 (en) Computer system
US4751396A (en) Infra-red security system
GB2100897A (en) Personnel identification device
CA1111927A (en) Money clip with light sensitive detector
AU2216395A (en) Fault monitoring event detection device
JPH09177396A (en) Electronic lock device for door
GB2219676A (en) A locking control system for preventing unauthorized entry into a secure area
EP0537010A1 (en) Door locking system
JPH09231448A (en) Personal security system used at self-service terminal
JPS643719A (en) Data processor

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 19931007