GB2268602A - Enhancing security of data transfer - Google Patents
Enhancing security of data transfer Download PDFInfo
- Publication number
- GB2268602A GB2268602A GB9213479A GB9213479A GB2268602A GB 2268602 A GB2268602 A GB 2268602A GB 9213479 A GB9213479 A GB 9213479A GB 9213479 A GB9213479 A GB 9213479A GB 2268602 A GB2268602 A GB 2268602A
- Authority
- GB
- United Kingdom
- Prior art keywords
- data processing
- processing device
- connection
- another
- switching circuit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M11/00—Telephonic communication systems specially adapted for combination with other electrical systems
- H04M11/06—Simultaneous speech and data transmission, e.g. telegraphic transmission over the same conductors
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Communication Control (AREA)
Abstract
A data processing system for use in a communications network including a multiplicity of data processing devices that are selectively connectible to one another includes a first data processing device 1 which responds to the establishment of a first connection with a second data processing device 11 by breaking the first connection and establishing a second connection with the second data processing device 11 by using a predetermined destination code of the second data processing device. The power supply to the first data processing device 1 is controlled by a switching circuit 2.
Description
Improvements in and relating to Data Transfer
The present invention relates to data transfer and more particularly to a method of transferring information between data processing devices connectible to one another via a communications network, to a communications network including a multiplicity of data processing devices that are selectively connectible to one another and to a data processing system for use in such a method or network.
The facilities provided by a data processing system may include not only the processing and storage of information at a particular location of a business, but also the supply of some or all of the stored information to other data processing devices at locations which are some distance from the data processing device which has the information. The connection between data processing devices may be by way of a public or private telephone system, that is, the connection may require the use of equipment which is shared by a plurality of data processing devices. The use of a shared resource such as a telephone line creates a security problem. For example, a data processing device belonging to a business concern may receive requests for some or all of the information which it can supply from other data processing devices which should not have access to that information.
It is an object of the present invention to provide a method of transferring information between data processing devices, a communications network and a data processing system which include a measure of security restricting a data processing device to supplying information to, or receiving information from only preselected recipients
The present invention provides a method of transferring information between a data processing system including a first data processing device and another data processing device, the devices being connectible via a communications network including a multiplicity of data processing devices, in which method the following sequential steps take place::
a second data processing device establishes a first connection via the communications network with the first data processing device,
the first connection is broken,
the data processing system uses a predetermined destination code to establish a second connection via the communications network with said another data processing device, a requirement for the establishment of the second connection being that the first connection has been established and broken, the predetermined code being known to the data processing system prior to establishment of the first connection, and
information is transferred between the first and said another data processing devices.
By taking the surprising step of breaking the first connection immediately after it has been made and by then having the data processing system use a predetermined destination code to establish a second connection, the security of the connection from the first data processing device to said another device is very much improved.
Only after establishment of the second connection does any transfer of information take place. Thus even if the first connection made to the first data processing device is not an authorised one and even if the person making the connection is able to persuade the first data processing device that the connection is authorised, the unauthorised caller will not be party to the second connection and will not therefore be able to benefit from the transfer of information.
In most cases, the second date processing device, which establishes the first connection, will also be the device to which. the second connection is to be made and therefore said another data processing device is the second data processing device. It is, however, within the scope of the invention for the transfer of information between the data processing systems to be triggered by a third system that is not party to the transfer of information.
In order to provide further security for the transfer of information, another requirement for the establishment of the second connection may be that the first connection is established at a time lying within a predetermined period known to the data processing system prior to establishment of the first connection.
The communications network may be a telephone network, commonly a public telephone network, and the predetermined code may be a telephone number for said another data processing device.
A power supply to the first data processing device may be switched on to enable the second data processing device to establish the first connection with the first data processing device.
In the event of a requirement for the establishment of the second connection not being satisfied, a power supply to the first data processing system may be switched off.
The present invention also provides a data processing system for use in a communications network including a multiplicity of data processing devices that are selectively connectible to one another, the data processing system including a first data processing device which responds to the establishment of a first connection with a second data processing device by breaking the first connection with the second data processing device and establishing a second connection with another data processing device by using a predetermined destination code which is the destination code of said another data processing device.
As indicated above, said another data processing device may be the second data processing device.
The first data processing device is preferably capable of treating the application of electrical power to its power supply terminals as a request for the establishment of the second connection with said another data processing device.
The data processing system preferably includes a switching circuit for controlling the connection and disconnection of the first data processing device and the second data processing device.
The first data processing device is preferably capable of signalling to the switching circuit the completion of information transfer, the switching circuit being arranged to respond to such a signal by disconnecting the first data processing device.
The first data processing device is preferably capable of signalling to the switching circuit that the first connection has been established at a time other than a time specified, the switching circuit being arranged to respond to such a signal by disconnecting the first data processing device.
The first data processing device is preferably capable of signalling to the switching circuit a failure to complete connection with the second data processing device, the switching circuit being arranged to respond to such a signal by disconnecting the first data processing device.
The switching circuit preferably includes a pulseduration discriminator which is capable of discriminating between input pulses which exceed a set duration and other pulses for detecting pulses from the second data processing device.
The switching circuit preferably includes an optically coupled switching device having supply terminals connected to power source terminals and to power supply terminals of the first data processing device, the optically coupled switch having a control terminal connected to the pulse-duration discriminator.
The switching circuit is preferably arranged to disconnect the first data processing device by disconnecting the first data processing device from its power supply. Disconnection of the power supply is advantageous in that it avoids the need for the first data processing device to be connected to the power supply at times when it is not connected to another device and makes the first data processing device completely inoperative.
The present invention also provides a communications network including a data processing system as defined above and a multiplicity of data processing devices that are selectively connectible to one another.
An illustrated embodiment of the invention will now be described, by way of example, with reference to the accompanying drawings, in which:
Fig. 1 is a schematic drawing of an embodiment of
the invention in which a data processing
system is connected in a telephone network,
Fig. 2 is a flow chart illustrating the operation of
the data processing system, and
Fig. 3 is a schematic drawing of a switching circuit
included in the data processing system shown
in Fig. 1.
Referring to Fig. 1 of the accompanying drawings, the data processing system A includes a first data processing device 1, for example a computer, a switching circuit 2, an electrical power source 3 for the data processing device 1, and a modem 4. The modem 4 is connected to a telephone line 9 of a public telephone network and the modem 4 is connectible via the network to a modem 10 of a second data processing system B. The modem 10 is connected to a second data processing device 11, for example a computer.
The electrical power source 3 has a power supply line 7 which goes to the first data processing device 1 by way of the switching circuit 2, and the switching circuit 2 is connected to receive requests from the modem 4 for signal connection by way of a line 5. The switching circuit 2 is connected, also, to receive signals from the first data processing device 1 by way of a line 6. The first data processing device 1 and the modem 4 are connected to each other by way of handshaking and data lines 8.
In the operation of the system shown in Fig. 1, the second data processing device 11 acts as a master to the first data processing device 1, in that the first data processing device 1 is caused to supply the second data processing device 11 with information when requested to do so by the second data processing device 11. The generation of signals suitable for telephone lines is carried out by the modems 4 and 10.
The power supply line 7 is interrupted by the switching circuit 2, which serves as a manually operable power supply switch, unless a request for connection is received by way of the line 5 from the first modem 4.
Referring now also to Fig. 2, in operation, the data processing device 1 is sensitive to the state of the power supply line 7. In what will be referred to as the remote mode (step 20) the data processing device is switched off but in response to an incoming call (step 21A), supply power is provided from the power source 3 via the switching circuit 2 on the power supply line 7, the first data processing device 1 is powered up (step 21B), the call is answered (step 22) and a handshaking routine (step 23) is attempted.
The first data processing device 1 is authorised to communicate with the second data processing device 11 only at a specified time or times, and, if the handshaking routine is completed (step 24), the first data processing device 1 checks that the actions are taking place during an authorised period (step 25 - timeslot comparison). The data processing device has stored in a memory one or more time periods during which connection with the device 11 is authorised. So long as the actions are being carried out during an authorised period (step 26) the first data processing device 1 disconnects the incoming call (step 27) and makes another connection (i.e. initiates an outgoing call) with the second data processing device 11 (step 28) on a preset number that has previously been stored in a memory of the first data processing device 1.
The first data processing device 1 then performs a handshaking routine (steps 29 and 30) with the second device 11 followed by an information transfer routine (steps 31 and 32) assuming that the handshaking routine is completed. On the completion of information transfer, the first data processing device 1 sends a signal to disconnect the incoming call (step 33A) and disconnects itself from its power source 3 (step 33B) and then returns to checking for a connection request (step 21).
If any one of the standard handshaking routines or the time check. routine is not completed, the first data processing device 1 signals the switching circuit 2 to disconnect the call (step 33A) and disconnect itself from its power source (step 33B) and then returns to the remote mode (step 20).
It is evident that, irrespective of the source of the request for information, the first data processing device 1 supplies its information to the second data processing device 11. Thus the information remains' secure even when the request for information is from an unauthorised caller and that caller penetrates the system to the extent of passing all the standard system checks, because the information is passed to a predetermined destination only. The standard system checks are the handshaking routines executed at steps 23, 24, 29 and 30 and the time check routine carried out at steps 25 and 26. The failure of any one of those standard checks results in the first data processing device 1 disconnecting the call and disconnecting itself from its power source.
Fig. 3 of the accompanying drawings shows further detail of the switching circuit 2. The circuit includes a mains transformer 300 having mains input applied to its primary winding, a rectifier bridge 301 connected to its secondary winding, and a voltage regulator 302 connected to the output terminals of the bridge rectifier 301 serving as the power supply for the switching circuit 2.
The neutral and earth leads of the mains input to the transformer 300 also go directly to the first data processing device 1 and the line lead of the mains supply goes to the first data processing device 1 by way of a power triac 303. An optically triggered triac 304 is included in the trigger circuit of the power triac 303 and the driving element for the optically triggered triac, a light-emitting diode, is connected in the collector circuit of an NPN bipolar transistor 305. An inverting logic gate 306 and an OR logic gate 307 are connected in series in the base circuit of the transistor 305. The OR gate has two input terminals, one being connectible to a positive voltage by way of a single-pole single-throw switch 308 and the other being connected to the output terminal of a bistable flip-flop consisting of two cross-connected NOR gates 309 and 310.A control terminal of the bistable flip-flop is connected to the output terminal of a two-input AND gate 311 the input terminals of which are connected to the input and output terminals, respectively, of two monostable multivibrators 312 and 313 which are connected in cascade.
The input terminal of the monostable multivibrator 312 is connected to one input terminal 314 of the switching circuit. Another input terminal 316 of the switching circuit is connected to the input terminal of a third monostable multivibrator 315. The output terminal of the monostable multivibrator 315 is connected to a second control terminal of the bistable flip-flop consisting of the NOR gates 309 and 310.
In the operation of the switching circuit shown in
Fig. 3, a pulse is applied to the input terminal 314 when a request occurs for a connection and that pulse is also applied to one input terminal of the AND gate 311. The monostable multivibrators 312 and 313 serve to provide a pulse at the second input terminal of the AND gate 311 and provided that the pulse detected at the terminal 314 is still present the AND gate 311 provides an output pulse. Thus the AND gate 311 provides an output pulse only if the pulse at the terminal 314 exceeds a predetermined set duration. Other pulses at the terminal 314 of shorter duration will not lead to the AND gate 311 providing an output pulse. The output pulse from the AND gate 311 "sets" the bistable flip-flop made up of the NOR gates 309 and 310 to provide a "high" input to one terminal of the NOR gate 307.
The behaviour of the NOR gate 307 depends on the condition of the switch 308 and assuming that the switch 308 is open the NOR gate 307 provides a "low" output only when the bistable flip-flip consisting of the
NOR gates 309 and 310 provides a "high" output.
With the switch 308 open and the bistable flip-flop consisting of the NOR gates 309 and 310 providing a "high" output, the inverter 306 provides a "high" output which makes the transistor 305 conductive. The transistor 305, when conductive, switches on the optically-coupled triac 304 which, in turn, switches on the power triac 303 and power is supplied to the first data processing device 1. The power triac 303 continues to conduct until the bistable flip-flop consisting of the
NOR gates 309 and 310 is "reset" by a signal from the third monostable multivibrator 315, which produces a pulse after a pulse is applied to the terminal 316. The first data processing device 1 sends a pulse to the terminal 316 when it wishes to switch off its power supply.
With the switch 308 closed, the NOR gate 307 provides a "low" output regardless of the output state of the bistable flip-flop consisting of the NOR gates 309 and 310, and the power triac 303 is switched in continuously. The switch 308 is closed manually by a user when it is desired to operate the data processing device locally in a conventional manner. After such operation the switch 308 is returned to the open position.
In the embodiment of the invention described above, the first data processing device 1 is arranged to switch itself off and disconnect the telephone line connection in the event that any of its system checks is not passed.
An alternative would be to arrange for the. device simply to disconnect the telephone line connection.
Whilst the invention has been described in terms of just two data processing systems, it should be understood that there could be a multiplicity of such systems. For example, there could be a single second data processing system and a multiplicity of first systems each arranged to operate in the same manner as the system A; in that case the second data processing systems may call each of the first systems at a respective time and information may be transferred to and from each of the first devices in turn, each first device being authorised to receive a call from the second system at a respective time. It would also be possible to have a system involving a multiplicity of second data processing systems; the first data processing system would then select one of a multiplicity of stored numbers; for example, according to the time at which the call was received from the second system or according to a code transmitted with the call from the second system.
It will be seen that the embodiments of the invention described above provide a high degree of security for the first data processing device, ensuring that transfer of information to or from that device takes place only with other devices located at one or more predetermined telephone numbers.
Claims (19)
1. A method of transferring information between a data processing system including a first data processing device and another data processing device, the devices being connectible via a communications network including a multiplicity of data processing devices, in which method the following sequential steps take place::
a second data processing device establishes a first connection via the communications network with the first data processing device,
the first connection is broken,
the data processing system uses a predetermined destination code to establish a second connection via the communications network with said another data processing device, a requirement for the establishment of the second connection being that the first connection has been established and broken, the predetermined code being known to the data processing system prior to establishment of the first connection, and
information is transferred between the first and said another data processing devices.
2. A method as claimed in claim 1 in which said another data processing device is the second data processing device.
3. A method according to claim 1 or claim 2 in which another requirement for the establishment of the second connection is that the first connection is established at a time lying within a predetermined period known to the data processing system prior to establishment of the first connection.
4. A method as claimed in any preceding claim in which the communications network is a telephone network and the predetermined code is a telephone number for said another date processing device.
5. A method according to any preceding claim in which a power supply to the first data processing device is switched on to enable the second data processing device to establish the first connection with the first data processing device.
6. A method according to any preceding claim in which a power supply to the first data processing device is switched off in the event that a requirement for the establishment of the second connection is not satisfied.
7. A method of transferring information between a data processing system including a first data processing device and another data processing device, the method being substantially as herein described with reference to and as illustrated by the accompanying drawings.
8. A data processing system for use in a communications network including a multiplicity of data processing devices that are selectively connectible to one another, the data processing system including a first data processing device which responds to the establishment of a first connection with a second data processing device by breaking the first connection with the second data processing device and establishing a second connection with another data processing device by using a predetermined destination code of said another data processing device.
9. A system as claimed in claim 8 in which said another data processing device is the second data processing device.
10. A system as claimed in claim 8 or 9 in which the first data processing device is capable of treating the application of electrical power to its power supply terminals as a request for the establishment of the second connection with said another data processing device.
11. A system as claimed in any one of claims 8 to 10 including a switching circuit for controlling the connection and disconnection of the first data processing device and a second data processing device.
12. A system as claimed in claim 11 in which the first data processing device is capable of signalling to the switching circuit the completion of information transfer, the switching circuit being arranged to respond to such a signal by disconnecting the first data processing device.
13. A system as claimed in claim 11 or claim 12 which is capable of signalling to the switching circuit that the first connection has been established at a time other than a time specified, the switching circuit being arranged to respond to such a signal by disconnecting the first data processing device.
14. A system as claimed in any one of claims 11 to 13 in which the first data processing device is capable of signalling to the switching circuit a failure to complete connection with the second data processing device, the switching circuit being arranged to respond to such a signal by disconnecting the first data processing device.
15. A system as claimed in any one of claims 11 to 14 in which the switching circuit includes a pulseduration discriminator which is capable of discriminating between input pulses which exceed a set duration and other pulses, for detecting pulses from the second data processing device.
16. A system as claimed in claim 15 in which the switching circuit includes an optically coupled switching device having supply terminals connected to power source terminals and to power supply terminals of the first data processing device, the optically coupled switch having a control terminal connected to the pulse-duration discriminator.
17. A system as claimed in any one of claims 11 to 16 in which the switching circuit is arranged to disconnect the first data processing device by disconnecting the first data processing device from its power supply.
18. A data processing system for use in a com munications network including a multiplicity of data processing devices that are selectively connectible to one another, the system being substantially as herein described with reference to and as illustrated by the accompanying drawings.
19. A communications network including a data processing system as claimed in any one of claims 8 to 18 and a multiplicity of data processing devices that are selectively connectible to one another.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB9213479A GB2268602A (en) | 1992-06-25 | 1992-06-25 | Enhancing security of data transfer |
| AU43512/93A AU4351293A (en) | 1992-06-25 | 1993-06-25 | Improvements in and relating to data transfer |
| PCT/GB1993/001344 WO1994000942A1 (en) | 1992-06-25 | 1993-06-25 | Improvements in and relating to data transfer |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB9213479A GB2268602A (en) | 1992-06-25 | 1992-06-25 | Enhancing security of data transfer |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| GB9213479D0 GB9213479D0 (en) | 1992-08-12 |
| GB2268602A true GB2268602A (en) | 1994-01-12 |
Family
ID=10717711
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB9213479A Withdrawn GB2268602A (en) | 1992-06-25 | 1992-06-25 | Enhancing security of data transfer |
Country Status (3)
| Country | Link |
|---|---|
| AU (1) | AU4351293A (en) |
| GB (1) | GB2268602A (en) |
| WO (1) | WO1994000942A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2276229A1 (en) * | 1999-07-20 | 2011-01-19 | Mosaid Technologies Incorporated | Device for telephony and data communication |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2168831A (en) * | 1984-11-13 | 1986-06-25 | Steebek Systems Ltd | Password-protected data link |
| EP0242808A1 (en) * | 1986-04-17 | 1987-10-28 | Kabushiki Kaisha Myukomu | Method and system for confirming user in modem communications |
| US4876717A (en) * | 1986-09-30 | 1989-10-24 | American Telephone And Telegraph Company | Adjunct processor for providing computer facility access protection via call transfer |
| US4922521A (en) * | 1986-09-05 | 1990-05-01 | U.S. Philips Corporation | System for providing secure telecommunication access to a computer |
| GB2229020A (en) * | 1989-03-06 | 1990-09-12 | Chris Keiron Ellis | Security device to limit remote access to computers over a telecommunication network |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4490785A (en) * | 1982-05-07 | 1984-12-25 | Digital Equipment Corporation | Dual path bus structure for computer interconnection |
| JPS633540A (en) * | 1986-06-23 | 1988-01-08 | Kokusai Denshin Denwa Co Ltd <Kdd> | Power supply control system for data terminal equipment |
| FR2650141B1 (en) * | 1989-07-21 | 1995-09-29 | Trt Telecom Radio Electr | METHOD FOR MANAGING A LINK BETWEEN TWO MODEMS AND MODEM ALLOWING THE IMPLEMENTATION OF THIS METHOD |
| JP3071007B2 (en) * | 1991-10-22 | 2000-07-31 | 富士通株式会社 | Communication network control method |
-
1992
- 1992-06-25 GB GB9213479A patent/GB2268602A/en not_active Withdrawn
-
1993
- 1993-06-25 AU AU43512/93A patent/AU4351293A/en not_active Abandoned
- 1993-06-25 WO PCT/GB1993/001344 patent/WO1994000942A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2168831A (en) * | 1984-11-13 | 1986-06-25 | Steebek Systems Ltd | Password-protected data link |
| EP0242808A1 (en) * | 1986-04-17 | 1987-10-28 | Kabushiki Kaisha Myukomu | Method and system for confirming user in modem communications |
| US4922521A (en) * | 1986-09-05 | 1990-05-01 | U.S. Philips Corporation | System for providing secure telecommunication access to a computer |
| US4876717A (en) * | 1986-09-30 | 1989-10-24 | American Telephone And Telegraph Company | Adjunct processor for providing computer facility access protection via call transfer |
| GB2229020A (en) * | 1989-03-06 | 1990-09-12 | Chris Keiron Ellis | Security device to limit remote access to computers over a telecommunication network |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2276229A1 (en) * | 1999-07-20 | 2011-01-19 | Mosaid Technologies Incorporated | Device for telephony and data communication |
Also Published As
| Publication number | Publication date |
|---|---|
| WO1994000942A1 (en) | 1994-01-06 |
| AU4351293A (en) | 1994-01-24 |
| GB9213479D0 (en) | 1992-08-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA1210879A (en) | Telecommunications system | |
| US5198806A (en) | Remote control and secure access for personal computers | |
| US5343514A (en) | Telephone line powered system | |
| US5715296A (en) | Concurrent wireless/landline interface apparatus | |
| US5946616A (en) | Concurrent wireless/landline interface apparatus and method | |
| US5812637A (en) | Concurrent wireless/landline interface apparatus with testing means | |
| US4815031A (en) | Method for granting a request to authorized data terminal users accessing from any locations | |
| US7089034B1 (en) | Concurrent wireless/landline interface | |
| US4520233A (en) | Telephone line security apparatus | |
| EP0569453B1 (en) | Method for signalling/communication within an entrance telephone system and an entrance telephone system communicating according to the method | |
| US6650030B2 (en) | Electrical device having a power supply unit, a transformer power supply unit and a control card for an electrical device | |
| EP0856221A1 (en) | A telecommunications switch | |
| GB2268602A (en) | Enhancing security of data transfer | |
| US6134241A (en) | Telecommunication system | |
| US5991386A (en) | Method and arrangement for the connection of multiple terminals to one subscriber line of the telephone network, and a terminal | |
| KR200241108Y1 (en) | exchanging system having a voice signal end alarming device | |
| JPS6074866A (en) | Starting system of terminal device | |
| JPH06253030A (en) | Data transmitter | |
| JPS6147037B2 (en) | ||
| JPS62262550A (en) | Detection circuit for busy state of branch telephone set | |
| JPS62112463A (en) | Communication equipment provided with telephone function | |
| KR100506270B1 (en) | Door phone subscriber circuit linked to key phone system | |
| GB2100957A (en) | Call diverter | |
| JP3349487B2 (en) | No ringing communication device | |
| US20010038685A1 (en) | Telephone control via an external contact closure |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |