GB2367976A - Generating an access code when a user attempts to gain access to a remote location and causing it to be sent to a mobile communication device - Google Patents

Generating an access code when a user attempts to gain access to a remote location and causing it to be sent to a mobile communication device Download PDF

Info

Publication number
GB2367976A
GB2367976A GB0014970A GB0014970A GB2367976A GB 2367976 A GB2367976 A GB 2367976A GB 0014970 A GB0014970 A GB 0014970A GB 0014970 A GB0014970 A GB 0014970A GB 2367976 A GB2367976 A GB 2367976A
Authority
GB
United Kingdom
Prior art keywords
access
access code
remote location
communication device
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0014970A
Other versions
GB0014970D0 (en
Inventor
Allen Robert Yaxley
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
INNOVATION VENTURE Ltd
Original Assignee
* INNOVATION VENTURE LIMITED
INNOVATION VENTURE LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by * INNOVATION VENTURE LIMITED, INNOVATION VENTURE LTD filed Critical * INNOVATION VENTURE LIMITED
Priority to GB0014970A priority Critical patent/GB2367976A/en
Publication of GB0014970D0 publication Critical patent/GB0014970D0/en
Publication of GB2367976A publication Critical patent/GB2367976A/en
Application status is Withdrawn legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/083Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or paths for security, e.g. using out of band channels

Abstract

A system 1, for controlling access to a remote location 2 connected to a public communication network 3 includes control means 4 and a registry 5. The control means 4 acts as a gateway to web sites 6,7 which form part of the remote location 2. When a user 10 wishes to access the remote location 2, a connection to the location 2 is established and the user 10 is connected to the control means 4. The control means 4 prompts the user 10 to identify himself by means of a previously allocated user name and then checks the user name against the registry 5. If there is no bar to providing access, the control means 4 generates a unique access code which is valid for only a predetermined period of time. The control means 4 then verifies the status of a GSM cellular telephone 11 which is recorded in the registry 5 as belonging to the user 10 and, having received positive verification, sends the access code to that telephone 11.

Description

1 2367976 A METHOD AND SYSTEM OF CONTROLLING ACCESS TO A REMOTE LOCATION

FIELD OF THE INVENTION

This invention relates to a method of controlling access to a remote location forming part of a communications network and to a system employing such a method of access control.

BACKGROUND TO THE INVENTION

Access to communication networks, or to locations forming part of such 5 networks, is usually controlled. A common way of controlling access is to provide a user with a password. The user enters his name and password and if these match the location's records access is allowed. A problem with this method of access control is that it is very difficult to or impossible to prevent access where a user has his password stolen and a third party uses this 10 information to gain access.

In an attempt to overcome this problem it has been proposed that the device, usually a computer, used to access the network be identified. This method presupposes that users will tend to use the same device and can be useful where this is indeed so. The method fails, however, where users do not use 5 the same device repeatedly or where the device is stolen.

OBJECT OF THE INVENTION It is an object of this invention to provide a method and system of controlling access to remote location which will at least partially alleviate some of the abovementioned problems.

SUMMARY OF THE INVENTION

In accordance with this invention there is provided a method of controlling 10 access to a remote location which includes:

generating an access code when a user attempts to gain access to the location; sending the access code to a mobile communication device; and permitting access to the remote location if the user provides the access code 15 to the remote location within a predetermined period of time.

Further features of the invention provide for the access code to be generated once a user identification has been provided; for the details of the mobile communication device to be supplied to the location previous to access being sought; and for the user identification and details of the mobile communication 20 device to be checked against registry prior to the access code being sent to the mobile communication device.

Still further features of the invention provide for the access code to be sent at least partially by a wireless transmission; for transmission to occur over a GSM network; and for transmission to be in a short message service (SIVIS) 25 format.

Yet further features of the invention provide for a unique access code to be generated each time a user attempts to gain access to the remote location; and for each access code to have a predetermined period of validity associated therewith, 5 The invention also provides a system for controlling access to a remote location comprising control means to generate an access code when a user attempts to gain access to the remote location and to cause the access code to be sent to a mobile communication device.

Further features of the invention provide for the mobile communication device 10 to be independent to the device used to attempt to gain access to the remote location; for the access code to be sent to a GSM device, preferably a cellular telephone; and for the access code to be sent in an SMS format.

Still further features of the invention provide for the control means to generate an access code after being provided with a user identification; for the control 15 means to form part of the remote location or to be remote therefrom; for the control means to check the user identification and mobile communication device details against a register prior to sending the access code to the mobile communication device; and for the register to include records from a service provider to the mobile communication device.

20 Yet further features of the invention provide for the control means to generate a unique access code each time a user attempts to gain access to the remote location; and for each access code to be valid for a predetermined period of time.

Further features of the invention provide for the remote location to be 25 accessible through a communication network; and for the communication network to be a public communication network, preferably the Internet.

BRIEF DESCRIPTION OF THE DRAWINGS

The invention will be described, by way of example only, with reference to Figure 1 which is a schematic diagram of a communication network.

DETAILED DESCRIPTION OF THE DRAWINGS

A system (1) for controlling access to a remote location (2) connected to a public communication network (3), in this embodiment the Internet, is shown 5 in Figure 1 and includes control means (4) and a registry (5). The control means (4) acts as a gateway to web sites (6,7) which form part of the remote location (2) and operates in the following manner.

When a user (10) connected to the network (3) through a computer (not shown) wishes to gain access to the remote location (2) a connection to the 10 location (2) is established in the normal way and the user (10) connected to the control means (4). The control means (4) prompts the user (10) to identify himself by means of a user name which is allocated to the user (10) in a signing up procedure at the time the user (10) first attempts to use the remote location (2). Once the user (10) has provided his user name, the control 15 means (4) checks the user name against the registry (5) to ensure that access can be provided. If there is no bar to providing access to the user (10) the control means (4) generates a unique access code which is valid for a predetermined period of time, in this embodiment five minutes. The control means (4) then sends the access code to a GSM cellular telephone (11) 20 which is recorded in the registry (5) as belonging to the user (10).

However, before the access code is actually sent the control means (4) connects to a registry (12) of the service provider (13) of the cellular telephone (11) and verifies that the cellular telephone (11) is registered in the name of the user (10) and that no bars have been placed on the cellular 25 telephone (111).

If no problems are identified during the, check of the registry (12) the control means (4) sends the access code in SMS format to the cellular telephone (11) using the transmitter network (14) of the service provider (13) in conventional fashion.

5 Once the user (10) receives the access code on his cellular telephone (11) it is provided to the control means (4) which permits access to the remote location (2) if it is the same as the code it issued.

It is envisaged that the system will be effective in identifying persons wishing to gain access to remote I ocations as an independent channel of 10 communication is used to provide the person with a constantly changing access code. The use of GSM cellular telephones is particularly attractive as these devices operate on a SIM card which uniquely identifies a telephone, Also, such telephones are fast becoming the communication tool of choice for many people which in turn means that the devices are constantly at hand to 15 such people.

A further advantage of the system is that stolen or lost cellular telephones can easily be barred thus making it difficult to use a the cellular telephone to gain access to the remote location by stealing it.

It will be appreciated that any kind of remote location requiring access control, 20 especially those which permit financial transactions to be effected, could be used with the system. It will further be appreciated that many other embodiments of a system exist which fall within scope of the invention especially as regards the information required from the user and the means in which the access code is sent to the user. For example, a user name and 25 password could be required before the access code is generated and sent.

Also, any suitable mobile communication device could be used including paging devices.

6

Claims (10)

CLAIMS:
1. A method of controlling access to a remote location which includes:
generating an access code when a user attempts to gain access to the location; 5 sending the access code to a mobile communication device; and permitting access to the remote location if the user provides the access code to the remote location within a predetermined period of time.
2. A method as claimed in claim I wherein the access code is generated 10 once a user identification has been provided; the details of the mobile communication device are supplied to the location previous to access being sought; and the user identification and details of the mobile communication device are checked against registry prior to the access code being sent to the mobile communication device.
3. A method as claimed in claim I or 2 wherein the access code is sent at least partially by wireless transmission over a GSM network and in a short message service (SMS) format.
20
4. A method as claimed in any preceding claim wherein a unique access code is generated each time a user attempts to gain access to the remote location, and each access code has a predetermined period of validity associated therewith.
5. A system for controlling access to a remote location comprising control means to generate an access code when a user attempts to gain access to the remote location and to cause the access code to be sent to a mobile 5 communication device.
6. A system as claimed in claim 5 wherein the mobile communication device is independent of the device used to attempt to gain access to the remote location; and the access code is sent to a GSM device in an SMS 10 format.
7. A system as claimed in claim 6 wherein said GSM device is a cellular telephone.
15
8. A system as claimed in claim 6 or 7 wherein the control means is adapted to generate an access code after being provided with a user identification and to check the user identification and mobile communication device details against a register prior to sending the access code to the mobile communication device, the register including records from a service provider 20 to the mobile communication device.
9. A system as claimed in any of claims 5 to 8 wherein the control means is adapted to generate a unique access code each time a user attempts to gain 8 access to the remote location and each access code is valid for a predetermined period of time.
10. A system as claimed in any of claims 5 to 9 wherein the remote 5 location is accessible through a communication network; for example a public communication network, preferably the Internet.
GB0014970A 2000-06-19 2000-06-19 Generating an access code when a user attempts to gain access to a remote location and causing it to be sent to a mobile communication device Withdrawn GB2367976A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0014970A GB2367976A (en) 2000-06-19 2000-06-19 Generating an access code when a user attempts to gain access to a remote location and causing it to be sent to a mobile communication device

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
GB0014970A GB2367976A (en) 2000-06-19 2000-06-19 Generating an access code when a user attempts to gain access to a remote location and causing it to be sent to a mobile communication device
PCT/IB2001/001070 WO2001099382A2 (en) 2000-06-19 2001-06-19 A method and system of controlling access to a remote location
AU74373/01A AU7437301A (en) 2000-06-19 2001-06-19 A method and system of controlling access to a remote location

Publications (2)

Publication Number Publication Date
GB0014970D0 GB0014970D0 (en) 2000-08-09
GB2367976A true GB2367976A (en) 2002-04-17

Family

ID=9893957

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0014970A Withdrawn GB2367976A (en) 2000-06-19 2000-06-19 Generating an access code when a user attempts to gain access to a remote location and causing it to be sent to a mobile communication device

Country Status (3)

Country Link
AU (1) AU7437301A (en)
GB (1) GB2367976A (en)
WO (1) WO2001099382A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006026206A2 (en) * 2004-08-27 2006-03-09 Astav, Inc. Protecting a service provider from abuse

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7444676B1 (en) 2001-08-29 2008-10-28 Nader Asghari-Kamrani Direct authentication and authorization system and method for trusted network of financial institutions
US8281129B1 (en) 2001-08-29 2012-10-02 Nader Asghari-Kamrani Direct authentication system and method via trusted authenticators
FI20020733A0 (en) 2002-04-16 2002-04-16 Nokia Corp Method and system for user authentication communication device
CN101447872B (en) * 2007-11-27 2011-09-28 阿里巴巴集团控股有限公司 User identity authentication method, system thereof and identifying code generating maintenance subsystem

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996021314A1 (en) * 1994-12-30 1996-07-11 Helfgott & Karas, P.C. A remotely authorized data transaction system
US5675647A (en) * 1994-02-07 1997-10-07 Le Groupe Videotron Ltee Cable TV system using passwords
WO2000022794A2 (en) * 1998-10-13 2000-04-20 Nokia Mobile Phones Limited Method of accessing a server computer
WO2001015462A1 (en) * 1999-08-23 2001-03-01 Nokia Corporation Sending initial password through an sms
EP1107089A1 (en) * 1999-12-11 2001-06-13 Connectotel Limited Strong authentication method using a telecommunications device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU1390395A (en) * 1994-01-14 1995-08-01 Michael Jeremy Kew A computer security system
US5668876A (en) * 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
FI112895B (en) * 1996-02-23 2004-01-30 Nokia Corp A method for obtaining at least one user-specific identification information
DE19718103A1 (en) * 1997-04-29 1998-06-04 Kim Schmitz Data transmission system authorise method e.g. for telebanking

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5675647A (en) * 1994-02-07 1997-10-07 Le Groupe Videotron Ltee Cable TV system using passwords
WO1996021314A1 (en) * 1994-12-30 1996-07-11 Helfgott & Karas, P.C. A remotely authorized data transaction system
WO2000022794A2 (en) * 1998-10-13 2000-04-20 Nokia Mobile Phones Limited Method of accessing a server computer
WO2001015462A1 (en) * 1999-08-23 2001-03-01 Nokia Corporation Sending initial password through an sms
EP1107089A1 (en) * 1999-12-11 2001-06-13 Connectotel Limited Strong authentication method using a telecommunications device

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006026206A2 (en) * 2004-08-27 2006-03-09 Astav, Inc. Protecting a service provider from abuse
WO2006026206A3 (en) * 2004-08-27 2006-06-22 Astav Inc Protecting a service provider from abuse
US7467411B2 (en) 2004-08-27 2008-12-16 Astav, Inc. Protecting a service provider from abuse

Also Published As

Publication number Publication date
AU7437301A (en) 2002-01-02
WO2001099382A3 (en) 2002-03-21
GB0014970D0 (en) 2000-08-09
WO2001099382A2 (en) 2001-12-27

Similar Documents

Publication Publication Date Title
KR101234194B1 (en) Apparatus and method for downloading of sim data in mobile communication system
EP1191763B1 (en) Access authentication system for a wireless environment
JP4364431B2 (en) How to authenticated through a communication network, arranged and apparatus
US7890122B2 (en) Location privacy manager for a wireless communication device and method thereof
US8335488B2 (en) Key control with real time communications to remote locations
US6405030B1 (en) System for interception of digital cellular phone communication
JP3749284B2 (en) Message transfer device for voice and data processing communications network
CA2501158C (en) Contact validation and trusted contact updating in mobile wireless communications devices
US7873989B2 (en) Wireless access device
CN1176564C (en) Enabling conformance to legislative requirements for mobile devices
US7236598B2 (en) Systems and methods for communication protection
EP1547426B1 (en) Identification of a terminal with a server
CN1046178C (en) Process for operating mobile radiotelephone system
US20040162998A1 (en) Service authentication in a communication system
JP3312335B2 (en) User authentication method, user authentication system and a recording medium
EP0717898B1 (en) A method of messaging in a communication system
US5481611A (en) Method and apparatus for entity authentication
KR100506432B1 (en) Method for enabling pki functions in a smart card
US20030061503A1 (en) Authentication for remote connections
US6442250B1 (en) Systems and methods for transmitting messages to predefined groups
US8437740B2 (en) Key control with real time communications to remote locations
CN100531249C (en) Over-the-air subsidy lock resolution
CA2200508C (en) Security for controlled access systems
KR101116806B1 (en) Method And System For The Authentication Of A User Of A Data Processing System
CN1116771C (en) Method and system for message processing in telecommunication system

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)