RU2684483C1 - Device for protection against unauthorized data access stored on computer - Google Patents

Abstract

FIELD: computer equipment.SUBSTANCE: invention relates to protection of information from unauthorized access. Device comprises several sections of device with corresponding microcontroller, wherein microcontroller of each section of device receives user-entered password for logging into system, which is transmitted to microcontroller of second section of device as password for logging into system, further transmitting instruction to microcontroller next section of device for comparing passwords, further, issuing a command to unlock access to the system after establishing a match of passwords, a second section of the device, which comprises a microcontroller of a second section of the device, having a database of symbols and values of positions of the rheocords on axes of potentiometers, obtaining a password for logging into the system, transmitting to the third section microcontroller with a password comparison unit, wherein the passwords are identical when the password comparison unit is balanced, a command is sent to unlock the user access to the system, the password comparison unit comprises four potentiometers connected to the measuring bridge.EFFECT: technical result consists in improvement of reliability of protection of computer and information from unauthorized access.20 cl, 8 dwg

Description

FIELD OF TECHNOLOGY

The invention relates to the field of computer technology, in particular, to the field of information security, and can be used to protect against unauthorized access to a computer, as well as data (information) stored on a computer or in data warehouses associated with a computer, and can also be used for trusted computer boot.

BACKGROUND

In connection with the rapid development of information technology, the problem of attempts by unauthorized access to computers by cybercriminals is becoming increasingly important. Currently, various methods, systems and devices are known to ensure that malicious users prevent unauthorized access to data stored on a computer. So, attackers can use the user's password recorded by such a user on a piece of paper stored in a drawer of the user's desk. Also, attackers can use various methods, systems and devices to detect and intercept the user's password. For unauthorized access to a user's computer, attackers can use special programs, in particular, “password interceptors”, which allow attackers to “intercept” a password entered by a user. Currently, many computers are equipped with login programs that are responsible for logging in (the user) into the system, for example, the MS Windows operating system includes a login program (Winlogon). In the particular case, such existing programs for entering the system can be used by cybercriminals to gain access to information stored on the user's computer. Typically, such existing programs for logging in to the system store the password, which is compared by the program for logging in with the user password for logging into the system, in the data store (for example, on the hard disk) of the computer, so that, in the particular case, the attacker can use software and / or hardware-software tools for obtaining a user password or for substituting the results of a password comparison (a password stored on a computer and a password entered by a user to enter the system). Also, password comparison is usually carried out by such programs for entering the system, which can be used by cybercriminals to gain unauthorized access to the system and to data stored in the computer’s data store, computer data stores, etc.

The prior art method for ensuring information security when working in virtual secure environments (see RU 2011139377/08, publ. 05/10/2013), which includes writing to the memory block of long-term non-volatile memory of at least one operating system configured to work in this virtual secure network, loading the specified operating system after the user enters an identifier confirming that the user is allowed to work in this virtual secure network, encrypting the source packet of the Internet gateway tocola and inclusion of the encrypted source packet in the output packet of the Internet protocol, characterized in that at least one removable block of long-term non-volatile memory is allocated for recording the said operating system, each of the users of the virtual secure network is provided with said separate removable block of long-term non-volatile memory; from a computer, said removable block of long-term non-volatile memory, if necessary, blocking access to this virtually secure network through the other virtual networks.

The disadvantage of this solution is, at least, the lack of comparison of passwords with the device using potentiometers and a measuring unit, including potentiometers connected to the measuring bridge. Another disadvantage of this solution is the lack of password storage, which compares the user password entered on the computer to enter the system on the device. Another drawback of this solution is the lack of saving (recording or rewriting) the password, which compares the user password entered on the computer to enter the system using the display connected to the device. Another drawback of this solution is the lack of password conversion (password for entering the system entered by the user using the interface element of the (special) application and stored in the device) into the values (values) of potentiometers and the lack of comparison of the converted passwords using the password comparison node.

Also known from the prior art is an electronic device, a control system, a recording medium and a method for using an additional code (see RU 2016108315, published September 19, 2017), wherein the electronic device having a security code input function comprises a code input unit receiving a security code, and a code control unit that determines whether the security code received by the code input unit is an authentication code to enter the normal authentication operation mode or a control code containing a separate additional code used in an additional situation, wherein the code control unit allows the electronic device to perform an operation corresponding to the authentication code when the security code received by the code input unit is an authentication code, while the code control unit performs an additional operation corresponding to the additional code when the security code is control code containing additional code.

The disadvantage of this solution is, at least, the lack of comparison of passwords with the device using potentiometers and a measuring unit, including potentiometers connected to the measuring bridge. Another disadvantage of this solution is the lack of password storage, which compares the user password entered on the computer to enter the system on the device. Another drawback of this solution is the lack of saving (recording or rewriting) the password, which compares the user password entered on the computer to enter the system using the display connected to the device. Another drawback of this solution is the lack of password conversion (password for entering the system entered by the user using the interface element of the (special) application and stored in the device) into the values (values) of potentiometers and the lack of comparison of the converted passwords using the password comparison node.

Also, the prior art system and method for protecting the entered password from interception (see RU 2461869, publ. 09/20/2012), and the password conversion system contains an input interception device designed to intercept data input from the input device and transmit intercepted data data to the anomaly detection device, wherein said data contains an input password; an anomaly detection device for detecting input anomalies in intercepted data received from an input intercept device; an anomaly database intended for storing predetermined anomalies and symbol sequences corresponding to each anomaly; a password conversion device for: finding correspondences between anomalies detected by the anomaly detection device and anomalies stored in the anomaly database; determining the corresponding sequences of characters in the case if correspondence between the anomalies detected by the anomaly detection device and the anomalies stored in the anomaly database is found; replacing anomalies in the intercepted data with the corresponding sequence of characters; Submitting the converted password to the authentication form.

The disadvantage of this solution is, at least, the lack of comparison of passwords with the device using potentiometers and a measuring unit, including potentiometers connected to the measuring bridge. Another disadvantage of this solution is the lack of password storage, which compares the user password entered on the computer to enter the system on the device. Another drawback of this solution is the lack of saving (recording or rewriting) the password, which compares the user password entered on the computer to enter the system using the display connected to the device. Another drawback of this solution is the lack of password conversion (password for entering the system entered by the user using the interface element of the (special) application and stored in the device) into the values (values) of potentiometers and the lack of comparison of the converted passwords using the password comparison node.

The prior art also knows a method of protecting a computer (see RU 2628142, published August 15, 2017), moreover, a method of protecting a computer from unauthorized access to information stored in it, based on equipping the computer with a built-in information protection hardware (ASIS) installed in the form a daughter board into one of the slots on the computer’s motherboard, characterized in that a specific slot with an expanded set of contacts is allocated on the motherboard for installing an ASIS, and at least m transit through its redundant contacts Here, one electric circuit, the opening of which is guaranteed to lead to loss of the computer’s performance, and at least one physical switching element is connected to the corresponding contacts on the ASPI board, which ensures the closure / opening of the aforementioned circuit or circuits when installing / removing the ASPI board.

The disadvantage of this solution is, at least, the lack of comparison of passwords with the device using potentiometers and a measuring unit, including potentiometers connected to the measuring bridge. Another disadvantage of this solution is the lack of password storage, which compares the user password entered on the computer to enter the system on the device. Another drawback of this solution is the lack of saving (recording or rewriting) the password, which compares the user password entered on the computer to enter the system using the display connected to the device. Another drawback of this solution is the lack of password conversion (password for entering the system entered by the user using the interface element of the (special) application and stored in the device) into the values (values) of potentiometers and the lack of comparison of the converted passwords using the password comparison node.

The prior art also knows a system and method for protecting personal information based on the confirmation of the owner (see KR 101528785, publ. 06/15/2015), and the system has access to information about the owner and receives personal information about the owner, and the passwords set by the company are compared or a security service, simultaneously with the owner’s passwords, the system including a user device configured to generate an encryption key using a PIN (initial identification number), recognized by User memory or user biometric information, such as fingerprints, iris, and veins; a key repository configured to issue a new key to provide an encryption key to financial institutions, hospitals, government agencies, companies, etc., moreover, the encryption key is obtained by providing identification data to the owner who wants to publish and use information about the user, to control the information of the owner, those. use information with the consent of a third party, key generation using a PIN or biometric key and encryption key; a privacy controller configured to generate an access key that provides the user with access to personal data by combining the user key generated by the keystore and the institution key used by financial institutions, hospitals, government agencies or companies when using personal data; and a server, which includes an application for managing clients of companies or institutions, which asks the owner of personal information if he wants his information to be used, and a third party used information about the owner when requesting to use information about the owner.

The disadvantage of this solution is, at least, the lack of comparison of passwords with the device using potentiometers and a measuring unit, including potentiometers connected to the measuring bridge. Another disadvantage of this solution is the lack of password storage, which compares the user password entered on the computer to enter the system on the device. Another drawback of this solution is the lack of saving (recording or rewriting) the password, which compares the user password entered on the computer to enter the system using the display connected to the device. Another drawback of this solution is the lack of password conversion (password for entering the system entered by the user using the interface element of the (special) application and stored in the device) into the values (values) of potentiometers and the lack of comparison of the converted passwords using the password comparison node.

Also known from the prior art is a method and system for protecting a computer system (see CN 103198247, published July 10, 2013), the method for protecting computer security comprising matching information and a secret key on a portable storage device with a first secret key and a second secret key that are stored in the BIOS (basic input / output system) of the computer for reliable protection of the computer. The absence of a password in the process of protecting a computer, protecting computer security and user authentication can be implemented using a (standard, general) storage device, and it does not require downloading and installing specific programs, additional chips or specific devices.

The disadvantage of this solution is, at least, the lack of comparison of passwords with the device using potentiometers and a measuring unit, including potentiometers connected to the measuring bridge. Another disadvantage of this solution is the lack of password storage, which compares the user password entered on the computer to enter the system on the device. Another drawback of this solution is the lack of saving (recording or rewriting) the password, which compares the user password entered on the computer to enter the system using the display connected to the device. Another drawback of this solution is the lack of password conversion (password for entering the system entered by the user using the interface element of the (special) application and stored in the device) into the values (values) of potentiometers and the lack of comparison of the converted passwords using the password comparison node.

The prior art also known secure computer (see CN 201266379, publ. 01.07.2009), which contains a display and a host computer. The host computer contains a power switch. A secure computer is characterized in that the host computer also contains a switch that is connected in series with the power switch, so that it can effectively prevent an attacker ("hacker") and an unforeseen user from remotely turning on the computer. A secure computer allows an attacker and an unforeseen user to feel helpless; Password protection added to the computer system allows double security, thereby possessing a high level of security, and is suitable for computer users who need increased security.

The disadvantage of this solution is, at least, the lack of comparison of passwords with the device using potentiometers and a measuring unit, including potentiometers connected to the measuring bridge. Another disadvantage of this solution is the lack of password storage, which compares the user password entered on the computer to enter the system on the device. Another drawback of this solution is the lack of saving (recording or rewriting) the password, which compares the user password entered on the computer to enter the system using the display connected to the device. Another drawback of this solution is the lack of password conversion (password for entering the system entered by the user using the interface element of the (special) application and stored in the device) into the values (values) of potentiometers and the lack of comparison of the converted passwords using the password comparison node.

It is worth noting that the above technical solutions are remotely similar, but less perfect, in comparison with the proposed invention.

The present invention allows to overcome at least part of the above disadvantages or all of these disadvantages, as well as realize the advantages of the present invention, as described in the present invention.

SUMMARY OF THE INVENTION

The technical result is to expand the functionality and increase the efficiency and reliability of protecting the computer and information from unauthorized access.

 The specified technical result is achieved due to the fact that the device for protection against unauthorized access to data stored on the computer, connected to the computer, contains: a first section of the device, which is connected to the second section of the device and contains a microcontroller of the first section of the device, the microcontroller of the first section of the device : receives the password for entering the computer system from the computer’s memory, and the password for entering the computer system is entered by the user using the one connected to the computer an input device using the application user interface element, installed on the computer, and is transmitted to a computer application installed in the computer memory; transmits to the microcontroller of the second section of the device, the user-entered password for entering the computer system received from the computer’s memory; sends a command to the microcontroller of the second section of the device to compare the password to enter the computer system transmitted from the microcontroller of the first section of the device and the password stored in the microcontroller of the third section of the device and transmitted by the microcontroller of the third section of the device to the microcontroller of the second section of the device, the microcontroller of the second section of the device using password comparison node of the second section of the device; having received a command to unlock access to a user in the computer system from the microcontroller of the second section of the device, sends a command to the application installed on the computer to unlock user access to the computer system after determining the identity of the passwords by the microcontroller of the second section of the device using the password comparison node in the password comparison process; the second section of the device, which is connected with the first section of the device and the third section of the device and contains: a microcontroller of the second section of the device, which: contains a database of characters and their corresponding values of the positions of the rechords on the axes of the potentiometers of the password comparison node; receives a password to enter the computer system from the microcontroller of the first section of the device; receives a command to compare passwords from the microcontroller of the first section of the device; having received a command to compare passwords from the microcontroller of the first section of the device, it searches for password symbols for entering the computer system in the database received from the microcontroller of the first section of the device, and obtains from the database the values of the rechord positions on the axes of the potentiometers of the password comparison node for the password symbols for entering into the computer system; transfers the values of rheochord positions on the axes of the potentiometers of the password comparison node for password symbols received from the database for entering the computer system to the first potentiometer of the password comparison node; having received a command to compare passwords from the microcontroller of the first section of the device, sends the command to the microcontroller of the third section of the device to retrieve the password stored in the microcontroller of the third section of the device; receives a password from the microcontroller of the third section of the device stored in the microcontroller of the third section of the device with which the password is compared for entering the computer system by the microcontroller of the second section of the device using the password comparison node; having received from the microcontroller of the third section of the device a password stored in the microcontroller of the third section of the device, searches for the password characters received from the microcontroller of the third section of the device in the database and obtains from the database the values of the rechord positions on the axes of the potentiometers of the password comparison node for the password symbols received from microcontroller of the third section of the device; transfers the values of rheochord positions on the axes of the potentiometers of the password comparison node for password symbols received from the microcontroller of the third section of the device, received from the database, to the second potentiometer of the password comparison node; compares the password for entering the system by a computer received from the microcontroller of the first section of the device with the password received from the microcontroller of the third section of the device using the password comparison node, and the passwords are determined by the microcontroller of the second section of the device as identical passwords when the password comparison node is balanced; sends a command to unlock access to the user in the computer system in the microcontroller of the first section of the device; a password comparison unit, which is connected to the microcontroller of the second section of the device and contains the first potentiometer, second potentiometer, third potentiometer and fourth potentiometer connected to the measuring bridge, and the values of reochord positions on the axes of the potentiometers for input password symbols are transmitted to the first potentiometer by the microcontroller of the second section of the device to the computer system obtained by the microcontroller in the second section of the device from the microcontroller in the first section of the device, and to the second potentiometer rokontrollerom second section of the apparatus positions rheochords transmitted values on the axes of the potentiometers password symbols obtained microcontroller device of the second section of the third section of the apparatus of the microcontroller; the third section of the device, which is connected to the second section of the device and contains a microcontroller, which: stores the password, which is the correct password for accessing the computer system and with which the password entered by the user for entering the computer system by the microcontroller of the second section of the device is compared, and the password is written to the microcontroller of the third section of the device is carried out by the user using a display connected to the third section of the device; having received a command to retrieve the password stored in the microcontroller of the third section of the device, it extracts the password stored in the microcontroller of the third section of the device and transfers such a password to the microcontroller of the second section of the device.

In the particular case of implementation, the device is characterized in that the password transmitted to the microcontroller of the first section of the device is stored in the microcontroller of the first section of the device.

In the particular case of implementation, the device is characterized in that the microcontroller of the third section of the device and the microcontroller of the first section of the device contain a database of symbols and the corresponding values of the positions of the rechords on the axes of the potentiometers and transmit to the microcontroller of the second section of the device the values of the positions of the rechords on the axes of the potentiometers for password symbols corresponding to characters of such passwords.

In the particular case of implementation, the device is characterized in that the microcontroller of the first section of the device stores the password entered by the user for entering the computer system in the values of the rechord positions on the axes of the potentiometers and the microcontroller of the third section of the device stores the password recorded in the microcontroller of the third section of the device using the one connected to the third section display devices in the values of the positions of the rechords on the axes of the potentiometers.

In the particular case of implementation, the device is characterized in that the microcontroller of the first section of the device and the microcontroller of the third section of the device pass passwords to the microcontroller of the second section of the device character-by-character.

In the particular case of implementation, the device is characterized in that the potentiometers of the password measuring unit are motorized potentiometers.

In the particular case of implementation, the device is characterized in that the values of the positions of the rechords on the axes of the potentiometers are stored in the database of the values of the positions of the rechords on the axes of the potentiometers in digital values of the number of revolutions of the axes of the potentiometers of the password comparison node.

In the particular case of implementation, the device is characterized in that the third section of the device is a detachable section of the device from the second section of the device.

In the particular case of implementation, the device is characterized in that the display connected to the third section of the device is connected to the microcontroller of the third section of the device, the display being configured to display the password stored in the microcontroller of the third section of the device and / or with the possibility of the user entering the password with which comparing the password for entering the computer system with the microcontroller of the second section of the device using the password comparison node to save the third one with the microcontroller ktsii device.

In the particular case of implementation, the device is characterized in that when the microcontroller sends the first section of the device the command to the application installed on the computer to unlock access to the user in the computer system, access to such a computer system is initially blocked by the application installed on the computer loaded with the computer system.

In the particular case of implementation, the device is characterized in that the password comparison node is balanced when the values of the rechord positions on the axes of the potentiometers of the measurement node for the password symbols for entering the computer system transferred to the microcontroller of the second section of the device from the microcontroller of the first section of the device on the first potentiometer coincide being part of the measuring bridge, and for the password symbols transmitted to the microcontroller of the second section of the device from the microcontroller of the third section of the device, on the first potentiometer, which is part of the measuring bridge.

In the particular case of implementation, the device is characterized in that the display connected to the third section of the device is configured to connect an input device to it or includes an input device.

In the particular case of implementation, the device is characterized in that the communication between the device and the computer, as well as between the computer and the sections of the device, as well as between the sections of the device, system is carried out via wired communication and / or wireless communication, including through a local area network, and / or the Internet, and / or mobile or satellite communications, and / or a USB interface, and / or an RS-232 / COM port standard interface, and / or PCI Express, and / or Bluetooth, and / or Wi- Fi, and / or GSM, 3G, 4G, LTE, trunking, and / or via transmission channels ultra-low power data forming complex wireless networks with a mesh topology, and / or ZigBee, and / or terminals, and / or wires, and / or soldering, and / or riveting.

In the particular case of implementation, the device is characterized in that the device contains a fourth section of the device, which is connected to the third or second section of the device and contains a microcontroller of the fourth section of the device, which stores lists of allowed and prohibited identifiers of user accounts in the system, and the microcontroller of the fourth section of the device connected to a display connected to the fourth section of the device and allowing the user to enter a user account identifier for login and in the computer system and / or for storing at least one user account identifier with which the user account identifier entered by the user for entering the computer system by the password comparison node is compared.

In the particular case of implementation, the device is characterized in that the user account identifier for entering the computer system is entered by the user using an input device connected to the computer using the application user interface element installed on the computer and transferred to the computer memory by the application installed on the computer.

In a particular implementation, the device is characterized in that the user account identifier for entering the computer system is transmitted to the third potentiometer of the password comparison node and the user account identifier stored in the microcontroller of the fourth section of the device, with which the user account identifier for login is compared into the computer system, transmitted to the fourth potentiometer of the password comparison node.

In the particular case of implementation, the device is characterized in that the transfer of user account identifiers to the third and fourth potentiometers of the password comparison node is carried out after the microcontroller converts the second section of the device of the symbol of user account identifiers into the values of the rechords on the axes of the potentiometers of the password comparison node using the database.

In the particular case of implementation, the device is characterized in that the microcontroller of the second section of the device compares the user account ID entered to enter the computer system with at least one user account identifier stored in the list of allowed user account identifiers and / or a list of prohibited user account identifiers using a password comparison node, and account identifiers users are defined by the microcontroller of the second section of the device as identical user account identifiers when the password comparison node is balanced.

In the particular case of implementation, the device is characterized in that when comparing user account identifiers with a password comparison node, if the user account identifier entered by the user to enter the computer system is present in the list of allowed user account identifiers, then the user is given access to the application installed on the computer into the computer system; If it is present in the list of forbidden identifiers of user accounts, then the user is not granted access to the application installed on the computer; access is granted to the computer system; If it is not in the list of forbidden identifiers of user accounts and in the list of allowed identifiers of user accounts, then the application installed on the computer gives the user access to the computer system in a protected and / or restricted mode of the system, in an isolated system environment, in a dedicated environment for the user to work with computer system.

BRIEF DESCRIPTION OF THE DRAWINGS

Additional objectives, features and advantages of this technical solution will be clear from reading the following description of the implementation of the technical solution with reference to the accompanying drawings, in which:

FIG. 1 illustrates an exemplary embodiment of the described device associated with a computer;

FIG. 2 illustrates an exemplary embodiment of a measurement bridge circuit;

FIG. 3 illustrates an exemplary embodiment of one embodiment of a potentiometer replacing a measurement bridge resistor, an exemplary embodiment of which is shown in FIG. 2;

FIG. 4 illustrates an exemplary embodiment of a user interface element for entering a login and password for logging into a system or for storing a password in a described device, or for entering a login (and password) using a display connected to the described device.

FIG. 5 illustrates an exemplary embodiment of a user interface element for entering a password for logging in or for storing a password in the described device;

FIG. 6 illustrates a flowchart of an exemplary embodiment of a user interaction process with the described device and a computer with an installed (special) application, as well as the interaction between the described device and the computer;

FIG. 7 illustrates a flowchart of an exemplary embodiment of a step for comparing passwords with a device illustrated in FIG. 6;

FIG. 8 illustrates an example of a general purpose computer system.

DETAILED DESCRIPTION

The objects and features of the present invention, methods for achieving these objects and features will become apparent by reference to exemplary embodiments. However, the present invention is not limited to the exemplary embodiments disclosed below, it can be embodied in various forms. The essence described in the description is nothing more than the specific details provided to assist the specialist in the field of technology in a comprehensive understanding of the invention, and the present invention is defined only in the scope of the attached claims.

In the particular case, the terms “component”, “element”, “section”, “system”, “module”, “part”, “block”, “assembly”, “component” and the like, used in the present description of the invention, are used to denote computer entities (e.g., computer-related objects, computing entities), which may be hardware, in particular equipment (e.g., device, tool, apparatus, apparatus, part of the device, including, but not limited to, a processor microprocessor, microcontroller ohm, printed circuit board, etc.), software (for example, executable software code, a compiled application, module, part of the software and / or code, etc.), firmware (firmware, in particular firmware ( microcontroller), from the English firmware, the firmware may include (its) operating system) or hardware and software (in particular, hardware with software installed on it, including firmware). So, for example, a component can be a process that is executed (executed) on a processor, processor, controller, executable file, program, function, method, library, subprogram and / or electrical, electronic, computing device (e.g., microcomputer, computer, etc.). e.), parts of such devices, or a combination of software or hardware.

In FIG. 1 shows an exemplary embodiment of the described device associated with a computer.

The described device 100 connected to the computer 101 allows the user to enter (enter) a password for entering the system (the password of the "applicant for the system" password) and the password stored by the user in the described device 100 (the password of the system user, in particular, the user who owns computer 101). Also, the described device 100 in conjunction with the (special) application, which is the software installed on the computer 101, allows you to block and unblock user access to the system (in particular, to the operating system of the computer 101).

It is worth noting that computer 101 can be a server, a computer system, a monoblock, a single-board computer, a set-top box (for example, a set-top box for a TV, in particular, but not limited to, a game console), a media center, Plug PC, a workstation, one of the Internet devices for example, a netbook, an Internet tablet, a tablet netbook, a nettop, and any other computing device, desktop or mobile, for example, a smartphone, phone, tablet. Computer 101 is connected to at least one storage device for data (information), for example, a hard disk drive (HDD), a solid-state drive (SSD, the English solid-state drive ), a hybrid hard drive (SSHD, English solid-state hybrid drive), a storage network (SAN / Storage Area Network), a network storage system / NAS (Network Attached Storage) and / or any other device that allows at least writing to the device, reading from the device and / or storing data on the device. Data in data warehouses can be stored in any known format, for example, in a database (DB), for example, in the form of at least one table or a set of related or unrelated database tables. It is worth noting that at least one of the mentioned databases can be hierarchical, object, object-oriented, object-relational, relational, network and / or functional database, each of which can be centralized, concentrated, distributed, heterogeneous, homogeneous, fragmented / partitioned, replicated, spatial, temporal, spatio-temporal, cyclic, super-large database, etc., and for the management, creation and use of databases can be used lzovatsya different database management systems (DBMS). Also, data in data warehouses can be stored in at least one file, in particular, in the form of a text file, or data can be stored in any at least one other data / information storage format currently known or in the format data invented later.

It is worth noting that an operating system and a (special) application described in the framework of the present invention are installed on the said data warehouse (user, administrator (computer 101), etc.).

Computer 101 may be connected to the said device (or in a particular case, a module) for storing data (information) with any known (or invented later) type (method, type) of wired communication (for example, via a USB interface, an RS-232 / COM port, PCI Express interface, etc.) and / or wireless communication (for example, Bluetooth, Wi-Fi, mobile cellular (GSM), including 3G, 4G, LTE, in particular, in the 850 / 900/1800/1900 MHz, satellite communications, trunked communications and ultra-low power data channels, forming complex wireless mesh network (ZigBee) etc.), in particular using at least one module (wired and / or wireless) communication.

It is also worth noting that the mentioned (special) application is a program (application) for logging into the system, and the (special) application, in the particular case, can be a component of an operating system (OS), for example, Microsoft Windows (MS Windows), UNIX OS, BSD OS, GNU / Linux OS, etc., responsible for logging in.

It is also worth noting that a (special) application can include at least one executable file, in particular, launched by at least one process of the system (in particular, the operating system). The mentioned (special) application, in a particular case, is used to implement a dialogue (system) with the user (in particular, to enter a password for the user to enter the system, for example, using the user interface), moreover, the (special) application ((special) application to enter the system) can use at least one software library, which together with the (special) application can be used to carry out the said dialogue (system) with the user. In the particular case, the (special) application can handle pressing at least one key and / or at least one combination (combination, sequence, etc.) of buttons (keys), in particular, buttons of an input device 111 , for example, Ctrl + Shift, Ctrl + Alt + Del, Ctrl + Shift + Esc, etc., to display a user interface element for a user to enter a password to enter the system.

Such a mentioned user interface element may be, for example, at least one text field (edit field, from English textbox) or at least one software “window” (515, FIG. 5), at least with one text field (525, FIG. 5), etc.).

Also, the (special) application may include a user interface element, for example, a soft button (535, FIG. 5), for the user to confirm the password for entering the system.

It is worth noting that the said user interface element can be displayed to the user automatically (in particular, after turning on the computer 101, logging off the system by the user, in particular, at the end of the session with the user, when connecting the described device 100 to the computer 101, etc. .), for example, when you turn on the computer 101 (for example, by the user or programmatically, including remotely).

The mentioned (special) application, in a particular case, displays on the computer screen 101 (for example, a monitor connected to computer 101), an invitation to enter (the user) into the system, for example, in the form of at least one user interface element, in particular, a graphical user interface element, a text user interface element, etc. After a user logs on to the system, the mentioned (special) application can launch commands and programs of the (operating) system and / or, in a particular case, unlock the (operating) system the ability to run commands and programs of the (operating) system.

Moreover, the user is logged into the system after successful completion by the device 100 (in particular, the second section of the device 171) of checking the correctness of the password entered by the user for entering the system, in particular, when the password for entering the system entered by the user (and, in particular, saved in the microcontroller 162 of the first section of the device 161) and the stored password in the microcontroller 182 of the device 100 using a display (mini-display) 131, as described in the framework of the present invention.

In the particular case, the mentioned (special) application is the process responsible for starting a user session (logon), in particular, for starting a user with the (operating) system, and ending a user session (logoff), in particular, for ending a user with system. Such a mentioned process can be activated, for example, after the user presses the mentioned buttons (including combinations, sequences of buttons, etc.) or automatically, for example, when the computer 101 is turned on (for example, by the user or programmatically, including remotely) . It is worth noting that the above process demonstrates (presents) to the user a software (dialog) “window” (515, FIG. 5) for the user to enter a password to enter the system on a device designed to reproduce a video signal and visually display information (data) received from computer 101, in particular on a monitor, display, etc. computer 101 (on the screen of a monitor, display, etc. computer 101).

The said (special) application also monitors (monitors) the pressing of the said buttons (button combinations, etc.) to display interface elements for displaying a dialog (in particular, a program (dialog) “window” (515, FIG. 5)) with a user to enter a user password to enter the system in certain configurations, for example, in the configuration for the first user (user 1) of the computer 101, in the configuration for the second user (user 2) of the computer 101, etc.

It is worth noting that, in the particular case, the mentioned (special) application "makes sure" that (receives a command about) that the necessary keys (buttons) are pressed, in particular, on input device 111, and no other application monitors the password for logon system and does not replace (does not replace) the dialog box of the (special) application with another dialog box, in particular, which is at least one user interface element and / or contains at least one such interface element user, e.g. text field (5 25, FIG. 5), an example of which is shown in FIG. 5.

In the particular case, the (special) application is a (critically) important component of the (operating) system and (always) can be launched (function, work) in the background of the system.

It is worth noting that, in the particular case, the system is logged in (by a special) application (using the (special) application), and the login interface of the (special) application blocks the user’s access to the system, in particular, it can hide system elements from the user , for example, system software components such as the Taskbar, Desktop, Task Manager, Start menu (for Windows OS), etc., and present the user with a user interface (an example of which is shown in FIG. 5) for user input elem password to login.

It is also worth noting that the (special) application is downloaded (in particular, launched) together with the system (in particular, the operating system installed on computer 101) and displays a user interface element for the user to enter a password (consisting of characters, for example, letters, numbers, special characters, “signs” (“icons”), images, in particular, “icons”, from English, icon, etc.) to enter the system.

It is also worth noting that a (special) application can block (or replace) a standard login, in particular, a program (application) for entering the system, for example, Winlogon for Windows.

In a particular case, the user-entered password (in particular, password characters) for entering the system is transferred for comparison not to the (special) application (in particular, how well-known programs for entering the system work, for example, Winlogon), but to the described device 100 in particular in microcontroller 162, as described in more detail below. If the described device 100 confirms the correctness of the password entered by the user for entering the system, then the user (by a special) application is granted access to the system, in particular, the unlocking of (hidden from the user) elements of the system is performed. After giving the user access to the system, the (special) application can shut down or continue to operate in the background, for example, until the user logs out, in particular, until the user completes the session with the system. If the device 100 does not establish the fact that the password entered by the user for entering the system is correct, then the (special) application can continue to display the user interface element (for example, as shown in FIG. 5) for the user to enter the password for entering the system or (special) application can block the login to the system (access to the system), and may also require entering another (additional) password, for example, a master password (from the English Master Password), in particular, also stored in the described device, on Example, in the microcontroller 182. Such a mentioned other (additional) password, in a particular case, can be used, for example, by a (special) application to provide access to the system or to enable a user to enter a password to enter the system if such a possibility was blocked by a (special) application.

Also, it is worth noting that when an user (a system user or an unauthorized user (another) user) accesses the system, attempts to remotely access the system by a user who does not know the password to enter the system, etc.), in particular, when deleting or when attempting to delete the mentioned (special) application from the computer 101 memory, by means of the system (for example, software and / or firmware), the user disconnecting the said (special) application Nia, may be notified (e.g., using user interface elements) of the possible risks associated with disconnection (special) application, for example, about the risk of unauthorized access to the system (the system), the risk of stopping of operation of system processes, etc. In the particular case, during or after the user disconnects the (special) application, the system can turn off data input processing (in particular, characters), for example, can turn off data input processing using the user pressing the said buttons (keys) of input device 111 or display 131 ( including an input device of a display 131 or an input device connected to a display 131), etc. In the particular case, the system (and (special) application) will not respond to the mentioned buttons (or combinations, sequences, etc. of buttons) of the input device 111 or to user actions carried out using the display 131, in particular, when recording or rewriting the password (in particular, password characters) to the microcontroller 182. In this particular case, so that the user can enter the system, the user may need to restart (restart) computer 101 in order to restart the (special) application on computer 101, per hour In order to ensure that the (special) application loads along with the loading of the (operating) system of computer 101.

In the particular case, the described device 100 consists of sections (modules), and includes a first section of the device 161, a second section of the device 171, a third section of the device 181 and may include a fourth section of the device. It is worth noting that in the particular case, at least two such sections (for example, the first section of the device 161 and the second section of the device 171, the third section of the device 181 and the fourth section of the device, which will be described later, etc.) of the device 100 can assemble in a single case (small size) using the block method (in the particular case, the block method of installation).

The described device 100 (or at least one part thereof, for example, the first section of the device 161 and / or the second section of the device 171, and / or the third section of the device 181, etc.) is connected to the computer 101, in particular, is connected to the computer 101. It should be noted that the described device 100 may be located outside (outside the case) of the computer 101 or inside (within the case) of the computer 101.

When a user logs into the system, the above-mentioned (special) application allows the user to enter a password to enter the system, as well as transmit the user-entered password to enter the system to the described device 100, in particular, to the microcontroller 162 of the first section of the device 161. Also (special ) the application allows you to receive a command (s) to unlock the system login from the described device 100, in particular, from the microcontroller 162 of the first section of the device 161. It is worth noting that user input p Rola logon may be performed by means of at least one input device 111 using the user interface (special) application. It is worth noting that the user interface can be a graphical user interface (GUI; also graphical user interface, GUI; GUI - from the English graphical user interface), a text user interface (TPI, TUI - from the English Text user interface; also CUI - from Character Character Interface), tactile, gestural, voice, material (tactile), etc. In a particular case, input device 111 may be a keyboard, a scanner, a video and web camera, a digital camera, a microphone, a computer mouse, a graphic tablet, a touch screen, devices based on computer vision, etc. The user-entered password for entering the system is stored in the random access memory (RAM) of the computer 101 and, using the means of the computer 101 (in particular, from the RAM of the computer 101), is transmitted to the described device 100, in particular, to the microcontroller 162 of the first section of the device 161, ( special) application. The user-entered password for entering the system is compared by the described device 100, in particular, by the microcontroller 172 of the second section of the device 171 using the potentiometers 174 and 175 of the comparison node for the passwords (and logins) 173 of the second section of the device 171, with the password saved (recorded or rewritten using display 131, as described in the framework of the present invention) in the third section of the device 181, in particular, in the microcontroller 182. Depending on the results of the verification of the correctness of the user password for input yes to the system by comparing the microcontroller 172 (using the firmware of the microcontroller 172) using the potentiometers 174 and 175 of the password comparison node (the node for comparing the values of the positions of the reo chord (reo-chord engine) on the axes of the potentiometers) 173 the password entered by the user to enter the system with the password saved in the microcontroller 182, the microcontroller 162, receiving a command from the second section of the described device 171 about the coincidence or non-coincidence of the passwords, transmits a command (notification) to the mentioned (special) Appendix to lock or unlock the login. So, if the user-entered password for logging into the system with the microcontroller 182 matches the microcontroller 172 (using the firmware of the microcontroller 172) sends the microcontroller 162 a command to unlock the login, and the microcontroller 162 (using the firmware of the microcontroller 162) transmits (special) the application the command to unlock the login (access) to the system, after which the (special) application unlocks the user’s login, in particular, provides the user access to the system for the user, in a particular case, “unlocks” the system login and closes (in particular, by stopping the display) the user interface element for the user to enter the password for the system and the system login lock screen, if one was displayed to the user. Thus, in the particular case, blocking the entrance to the system is controlled (and, in the particular case, is ensured) by at least the microcontroller 162 of the first section of the device 161, in particular, the firmware of the microcontroller 162.

It is worth noting that the user-entered password for entering the system transmitted to the microcontroller 162 of the first section of the device 161 can be stored in the microcontroller 162 (in the memory of the microcontroller, in particular, in the non-volatile memory of the microcontroller, for example, which is the firmware of the microcontroller) of the first section of the device 161. Thus Thus, the microcontroller 172 (using the firmware of the microcontroller 172) using the potentiometers 174 and 175 of the password comparison node 173 of the second section of the device 171 compares ennogo user password to enter the system 162 stored in the microcontroller with a stored password in the microcontroller 182 of the third section of the apparatus 181.

It is worth noting that the microcontroller 162 of the first section of the device 161 also transmits to the microcontroller 172 the second section of the device 171 received from the (special) application user password for entering the system to verify the microcontroller 172 (using the firmware of the microcontroller 172) using the password comparison node 173, in particular of at least the potentiometer 174 and the potentiometer 175 of the password comparison node 173, the correctness of the user-entered password for entering the system by means of in the second section of the described device 171, a user-entered password for entering the system with the saved password in the microcontroller 182 transmitted by the microcontroller 182 to the microcontroller 172. In the particular case, the microcontroller 162 of the first section of the device 161 and the microcontroller 182 of the third section of the device 181 transmit the passwords to the microcontroller 172 the second section of the device 171 character by character (character by character), in particular, until the user has completely entered the password to enter the system or until they are completely transferred all password symbols, or until the password comparison node 173 detects a mismatch (not identity) of the password symbols (password transmitted from microcontroller 162 and password transmitted from microcontroller 182).

It should be noted that potentiometers 174 and 175 (as well as potentiometers 191 and 192, which are described in more detail below) can be motorized two-channel potentiometers, for example, potentiometers of the RK 168 series (2x100K, type B) or potentiometers such as KSP-4. It is worth noting that a motorized two-channel potentiometer (174, 175, 191, 192) is usually used as a regulating element in electronic equipment and can have a dustproof design and additional mounting on a printed circuit board, and the motor (engine) leads can be soldered. Also, a motorized two-channel potentiometer (174, 175, 191, 192) may have a thrust retainer on the body and a mounting thread under the M8 nut. It is also worth noting that the rotation of the axis of each of the potentiometers (174, 175, 191, 192) with the corresponding movement of the slider (rechord) along the axis for the necessary adjustment device 100 described is carried out by a micromotor (micromotor) with a gearbox (mini-reducer) controlled by a microcontroller 172 using the firmware of the microcontroller 172. The accuracy of the potentiometers (174, 175, 191, 192) adjustment is plus or minus one to three (+/- 1-3) revolutions, which determines the accuracy of the rechord (slider) position on the sweat axis nciometer (which is used as a value for comparing passwords), and the accuracy mentioned depends on the choice of the gear ratio of the gearbox. It is also worth noting that a tachometer (in particular, a tachometer) is installed on the axis of the potentiometer (174, 175, 191, 192), which measures the number (number) of revolutions of the axis of the potentiometer (174, 175, 191 , 192), which fixes a certain position of the rechord on the axis of the potentiometer (174, 175, 191, 192) with the output (transfer) of this value to the microcontroller 172 for controlling (potentiometers (174, 175, 191, 192)). Thus, each character of the password (entered by the user to enter the system or stored in the microcontroller 182) corresponds to a certain position of the rechord on the axis of the potentiometer (the value of the position of the rechord of the potentiometer (174, 175, 191, 192). So, for example, the first character of the password entered by the user to enter the system corresponds to one position of the rechord (on the axis) of the potentiometer 174, the second character of the password entered by the user to enter the system corresponds to another position of the rechord (on the axis) of the potentiometer 174, etc., the first the symbol of the password stored in the microcontroller 182 corresponds to one position of the rechord (on the axis) of the potentiometer 175, the second symbol of the password stored in the microcontroller 182 corresponds to another position of the rechord (on the axis) of the potentiometer 175, etc. Thus, the microcontroller 172 sets (sets) the values of the positions of the reochords (on the axes) of the potentiometers (174, 175, 191, 192) on the corresponding shoulders (176, 177, 178, 179) of the password comparison node 173, and the microcontroller sets the 172 position values the rechords (on the axes) of the potentiometers (174, 175, 191, 192) on the respective shoulders (176, 177, 178, 179) of the password comparison node 173 are carried out by converting the microcontroller 172 (firmware of the microcontroller 172) to each of the characters the user password entered to enter the system the password stored in the microcontroller 182 (as well as optionally characters of identifiers (names) of user accounts in the computer system) to the output values (rechord positions (on the axes)) of the corresponding potentiometers (174, 175, 191, 192) of the corresponding arms (176, 177 , 178, 179) of the password comparison node 173, as described in more detail below. The mentioned adjustment accuracy of the potentiometers (174, 175, 191, 192), and therefore the measurement accuracy, in particular, corresponds to the measurement accuracy of a digital potentiometer, for example, a digital potentiometer of the MCP4XXXX series, in particular, digital potentiometers MCP41010.

It is also worth noting that the microcontroller 172 contains a database (in a particular case, a database is created in the microcontroller 172, for example, using the microcontroller programmer and / or computer 101, and / or display 131, etc.), in which characters that may be present in the password (entered by the user to enter the system and / or password stored in the microcontroller 182) and the corresponding values of the positions of the rechord (slider-reochord) on the axis of the potentiometer, in particular, in the form of a figure of the number of revolutions of the axis of the potential meters, in particular, measured by the tachometer and transferred to the microcontroller 172 for storage (storage). It is worth noting that the password entered by the user (in particular, the password characters) for entering the system in the user interface element of the (special) application is transmitted (by the (special) application) to the microcontroller 162 (for saving (storing), in particular, for temporary storage ( memorization)). Next, the user-entered password for entering the system by the microcontroller 162 (in particular, the firmware of the microcontroller 162) transmitted to the microcontroller 162 is transmitted to the microcontroller 172. The microcontroller 172 (the microcontroller 172 using the firmware of the microcontroller 172) converts the password, in particular, the characters of the password entered by the user for entry into the system, in the values of the positions of the rechord (engine-reochord) on the axis of the potentiometer, which, in the particular case, includes searching for the first character of the user-entered pair I to enter the system in the aforementioned database of the microcontroller 172 (which stores the characters (passwords) with the corresponding values of the positions of the rechord (reochord engine) on the axis of the potentiometer) and the corresponding password symbol for entering the system, in particular, the digital value (digits) revolutions of the axis of the potentiometer. The microcontroller 172 transmits the (control) command to the micromotor (micromotor) of the potentiometer 174 to move (position) the reochord to the position corresponding to the aforementioned digit (digital value) of the number of revolutions of the axis of the potentiometer found in the database and, in a particular case, remember (by the microcontroller 172, in particular , in the firmware of the microcontroller 172) its (digit (digital value) of the number of revolutions of the axis of the potentiometer), and the above figure ((digital value) the number of revolutions of the axis of the potentiometer, in the particular case corresponds The at least one character of the password entered by the user for entering the system or the password entered by the user for entering the system) is remembered by the firmware of the microcontroller 172 for subsequent comparison by the microcontroller 172 using the password comparison node 173 with a similar number ((digital value) the number of revolutions of the axis of the potentiometer, in the particular case of the corresponding (being) at least one character of the password transmitted from the microcontroller 182 to the microcontroller 172 or the password transmitted from the micro controller 182 in the microcontroller 172) stored in the firmware of the microcontroller 182.

The microcontroller 172 searches for the second character of the password entered by the user to enter the system in the aforementioned database of the microcontroller 172 and the corresponding character of the entered password to enter the system, in particular, the digital value of the rotational speed of the axis of the potentiometer with the microcontroller 172 transmitting the (control) command to the micromotor of the potentiometer 174 move the rechord to the position corresponding to the digit of the number of revolutions of the axis of the potentiometer and, in the particular case, remember it, and the process is repeated for all digits entered user password to enter the system. It is worth noting that the characters of the password stored in the microcontroller 182, transmitted to the microcontroller 172 for comparing the passwords by the device 100, are also converted (as well as the characters of the user-entered password to enter the system) to the values of the rechord positions (reochord slider) on the axis of the potentiometer by the microcontroller 172 In particular, such a conversion is carried out by the microcontroller 172 using the aforementioned password database and the corresponding values of the positions of the reochord (reochord engine) on the axis of the potentiometer, with stored in the microcontroller 172. Further, the microcontroller 172 transmits (control) commands to the micromotor (micromotor) of the potentiometer 175 to move (position) the reochord to the positions corresponding to the above-mentioned figures (digital values) of the rotational speed of the axis of the potentiometer found in the database and, in a particular case, remember them for all password characters, with which the password entered by the user to enter the system is compared. Next, the password comparison node 173 compares the passwords, in particular, the corresponding password symbols, for example, the first character of the user password for entering the system (and transmitted to the microcontroller 172 through the microcontroller 162) and the first character of the password stored in the microcontroller 182 (and transmitted to the microcontroller 172), then the second symbol, etc., moreover, the comparison of the password symbols is carried out in the format of the corresponding values of the positions of reochords (reochord engines) on the axes of the potentiometers.

It is also worth noting that, in the particular case, the use of a (special) application in conjunction with the described device 100 (in particular, the transmission of a password entered by the user (in particular, password symbols) to enter the system into the microcontroller 162 of the first section of the device 161, storage the password in the microcontroller 182, with which (in particular, with the symbols of which) the user entered the password (in particular, the password characters) to enter the system is compared, as well as the comparison of these passwords using the second section of the apparatus 171, in particular, the microcontroller 172 and at least the password comparison unit 173) excludes logon attempts (including unauthorized access to the system), bypassing the device 100 described.

As mentioned above, the second section of the described device 171 compares the stored password in the microcontroller 182 of the third section of the device 181 and the user-entered password for logging into the system (in particular, stored in the microcontroller 162), in particular, the characters are compared (converted to the values of the rechord positions (reochord engine) on the axis of the potentiometer) the mentioned passwords (and, in the particular case, user logins). The second section of the device 171 includes a microcontroller 172, as well as a potentiometer 174 and a potentiometer 175 of the password comparison node 173, which are used to compare the password for entering the system entered by the user through the input device 111 and the stored password in the microcontroller 182, in particular, stored with using the display 131. Also, the second section of the device 171 includes a potentiometer 191 and a potentiometer 192 of the password comparison node 173, using which, in a particular case, the comparison of accounting records Use of the user (logins), in particular, by the same principle as password comparison.

It is worth noting that the password comparison node 173, in a particular case, is (in particular, implemented) a measuring bridge (Wheatstone bridge, Wheatstone bridge, from the English - Wheatstone bridge), an approximate version of the circuit of which is shown in FIG. 2, in particular, implemented using potentiometers (in particular, motorized potentiometers), as shown in FIG. 3.

The microcontroller 172 of the second section of the described device 171 receives the password entered by the microcontroller 162 (in particular, stored in the microcontroller 162) for the user to enter the system, and the microcontroller 172 converts the password entered by the user (in particular, the password characters ) to enter the system in the values of the positions of the reochord (slider-reochord) on the axis of the potentiometer. Further, the microcontroller 172 transmits such a user-entered password (in particular, password characters) to enter the system on the upper left shoulder 176 (on the potentiometer 174) of the password comparison unit 173, in particular (((control) command) to the micromotor of the potentiometer 174 to move the rechord to a position corresponding to the aforementioned figure (digital value) of the number of revolutions of the axis of the potentiometer found in the database), in particular, the microcontroller 172 transfers the aforementioned converted to The result is a rechord (rechord engine) on the axis of the character potentiometer of the password entered by the user to enter the system on the upper left shoulder 176 of the password comparison node 173.

Also, the microcontroller 172 transmits to the microcontroller 182 the command to transmit the stored (in the microcontroller 182) password to the password comparison node 173 via the microcontroller 172, i.e. the microcontroller 172 transmits to the microcontroller 182 the command to transmit the stored (in the microcontroller 182) password to the microcontroller 172, which is converted (the characters of which are converted) in the microcontroller 172 into the values of the rechord (slider-reochord) positions on the axis of the potentiometer. Next, the microcontroller 182 transfers the aforementioned saved (in the microcontroller 182) password to the microcontroller 172. Next, the microcontroller 172 transmits such a transmitted password to the microcontroller 172 and transfers it to the upper right shoulder 177 (to the potentiometer 175) of the password comparison node 173, in particular, ((( control) command) on the micromotor of the potentiometer 175 to move the rechord to the position corresponding to the aforementioned figure (digital value) of the number of revolutions of the axis of the potentiometer found in the database. So, in a particular case, the microcontroller 172 transmits the aforementioned converted into magnitudes of the rechord (slider-rechord) positions on the potentiometer axis of the symbols of the stored (in the microcontroller 182) password to the upper right shoulder 177 of the password comparison node 173.

It is worth noting that the conversion to the values of the positions of the rechord (engine-reochord) on the potentiometer axis by the microcontroller 172 (characters) of the password entered by the user for the system (in particular, stored in the microcontroller 162) and the conversion by the microcontroller 172 (characters) of the saved password in the microcontroller 182 transferred to the microcontroller 172, can be implemented as for the whole password (for the character set of the password), the password entered by the user for entering the system and transmitted to the microcontroller 172, and for everything saved password for the microcontroller 182 and transmitted to the microcontroller 172, and for each character the password entered by the user for entering the system and transmitted to the microcontroller 172, and for each character of the stored password in the microcontroller 182 and transmitted to the microcontroller 172.

Thus, in the particular case, the microcontroller 172 converts each of the mentioned passwords (in particular, each character of each password) into a set of values of the rechord positions (reochord slider) on the axis of the potentiometer for the password entered by the user from microcontroller 162 to microcontroller 172 for entry into the system and into the set of values of the positions of the rechord (slider-reochord) on the axis of the potentiometer for the stored password transmitted to the microcontroller 172 from the microcontroller 182. It is worth noting that in this case, the microcontroller 172 (using potentiometers 174 and 175 of the password comparison node 173) can compare the sum of the values of the positions of the rechord (slider-reochord) on the axis of the potentiometer of the set of values of the positions of the reochord (slider-reochord) on the axis of the potentiometer for the transmitted from the microcontroller 162 to the microcontroller 172 the password entered by the user for entering the system and the sum of the values of the positions of the rechord (reochord engine) on the axis of the potentiometer of the set of values of the rechord positions (reochord engine) on the axis a potentiometer for the stored password transmitted to the microcontroller 172 from the microcontroller 182. Also, in a particular case, the microcontroller 172 (using potentiometers 174 and 175 of the password comparison node 173) can compare each of the values of the rechord positions (reochord engine) on the axis of the potentiometer (for each password symbol) from the above set of rechord position values (engine -reochord) on the axis of the potentiometer for the password entered by the user for the user to enter the system with the corresponding value of the position of the rechord (slider-reochord) on the axis of the potentiometer (for each symbol of the password) from the aforementioned set of values of the positions of the rechord (slider-reochord) on the axis of the potentiometer for the stored password transmitted from the microcontroller 182. So, for example, the first value of the position of the rechord (engine-reochord) on the axis of the potentiometer (for the first character of the password) from the set of values of the position of the rechord (engine-reochord) on the axis of the potentiometer for the password entered by the user to enter the system from the microcontroller 162 to the microcontroller 172 is compared with the corresponding value of the position of the reochord (slider-reochord) on the axis of the potentiometer (for the first character of the password) from the set of values of the position of the rechord (slider-reochord) on the axis of the potentiometer for transmitted from the microcontrol Era 182 stored password, etc.

It is also worth noting that, in the particular case, at least one password, in particular, a password entered by the user (password symbols) for entering the system (in particular, stored in microcontroller 162) and / or password (in microcontroller 182) can be converted (to the magnitude (s) of the position of the rechord (slider-reochord) on the axis of the potentiometer) by the corresponding microcontroller, for example, the password entered by the user to enter the system (in particular, stored in the microcontroller 162) can be converted to the microcontroller ohm 162 to the value (magnitude) of the position of the reochord (slider-reochord) on the axis of the potentiometer, and the stored password (in microcontroller 182) can be converted by the microcontroller 182 into the value (magnitude) of the position of the rechord (slider-reochord) on the axis of the potentiometer, and such converted passwords (in particular, password symbols) are transmitted to the corresponding shoulders (in particular, to potentiometers 174 and 175 of the arms 176 and 177) of the password comparison unit 173 or to the microcontroller 172 for transmission by the microcontroller 172 to the corresponding shoulders (in particular and, potentiometers 174 and 175) of the password comparison node 173.

It is also worth noting that the microcontroller 162 of the first section of the device 161 can contain a database of symbols and the corresponding values of the positions of the rechords on the axes of the potentiometers and, in the particular case, converts the password symbols for entering the system into the values of the positions of the rechord on the axis of the potentiometer and transfers them to the microcontroller 172 the second section of the device 171 values of the positions of the rechord on the axis of the potentiometer, corresponding to the password symbols for user login to the system, transmitted installed on the computer 101 (special) application iem in the microcontroller 162.

It is also worth noting that the microcontroller 182 of the third section of the device 181 may contain a database of symbols and the corresponding values of the positions of the rechords on the axes of the potentiometers and, in the particular case, converts the symbols of the password transmitted (stored) by the display 131 into the microcontroller into the values of the rechord on the axis of the potentiometer 162, and transmits to the microcontroller 172 of the second section of the device 171 the values of the rechord positions on the axis of the potentiometer corresponding to the symbols of the password transmitted (stored) by the display 131 in the microcontroller Ller 162.

Also, the user-entered password for logging into the system can be stored in the microcontroller 162 in the form of user-entered characters or as the value of the position of the reochord (slider-reochord) on the axis of the potentiometer (or the values of the positions of the rechord (slider-reochord) on the axis of the potentiometer, in if the mentioned conversion is performed for each password character). It is also worth noting that the password stored in the microcontroller 182 can be stored in the microcontroller 182 in the form of entered characters (character strings, etc.) by the user or in the form of the position of the rechord (slider-reochord) on the axis of the potentiometer (or position values reochord (reochord engine) on the axis of the potentiometer, in case the aforementioned conversion is carried out for each password symbol).

The microcontroller 172 of the described device 100, using potentiometers (174, 175) of the password comparison unit 173, compares said passwords (a user-entered password for entering the system, in particular, stored in the microcontroller 162, and a password stored in the microcontroller 182), in particular password characters i.e. the password transferred to the upper left shoulder 176 of the comparison node is compared (the user-entered password for entering the system, in particular, stored in the microcontroller 162), in the particular case, in the form of the mentioned value (s) of the position of the reochord (reochord engine) on the axis a potentiometer and a password transmitted to the upper right shoulder 177 of the password comparison node 173 (the password stored in the microcontroller 182), in the particular case, in the form of the aforementioned value (s) of the position of the reochord (reochord engine) on the axis of the potentiometer.

If the password comparison node 173 is balanced, which is the coincidence (identity) of the passwords, in particular, the entire password or all (and each) of the password characters, for example, the first character of the first password (entered by the user to enter the system) - with the first character of the second ( the password stored in the microcontroller 182), the second character of the first password - with the second character of the second password, etc. (i.e., the values of the position of the rechord (slider-reochord) on the axis of the potentiometer for the first character of the first password with the value of the position of the rechord (slider-reochord) on the axis of the potentiometer for the first character of the second password, etc.), then the microcontroller 172 (with using the firmware of the microcontroller 172) sends (sends) a command (notification, signal, etc.) to the microcontroller 162 to unlock the system input, and the microcontroller 162 (using the firmware of the microcontroller 162) sends the command to unlock the input to the (special) application and into the system, after which the (special) application unlocks the user's login to the system, in particular, gives the user access to the system.

It should be noted that in the particular case, the lower shoulders (the left lower shoulder 178 and the right lower shoulder 179) of the password comparison node 173 do not participate in the comparison of passwords and are an internal design feature of the described device 100 and are used for measurement stability.

In another special case, as mentioned above, the lower two arms (the left lower arm 178 and the right lower arm 179 with the corresponding potentiometers 191 and 192) of the password comparison node 173 can be used for comparison using the microcontroller 172 identifiers (logins) of user accounts in a computer system, in particular, characters of such user account identifiers entered in the user interface element, for example, in the login text box 415, as shown in FIG. 4. Such a comparison of user account identifiers (logins), in the particular case, allows the described device 100 to use the (special) application two-level protection of information (data) of the computer 101, in the particular case to implement a two-level system of data (information) protection, in a special case which is a software implementation of Microsoft Credential Provider. So, for example, to the described device 100, a fourth section of the device can be connected (connected), including a microcontroller and a display (mini-display), in which (in the microcontroller’s firmware) lists of allowed (white list) and forbidden (black list) are stored logins (identifiers (names) of user accounts in the computer system (computer system)) to enter the system. In the particular case, when a user enters a login, for example, in the login text box of login 415 (FIG. 4), using the display (mini-display) of the fourth section of the device or using a (special) application, the microcontroller of the fourth section of the device (including, with using the microcontroller 172) or the microcontroller 172, using the lower left shoulder 178 and the lower right shoulder 179 (potentiometers 191 and 192) of the password comparison node 173, compares the user login with logins stored in the “black” directory lawsuit of logins and / or “white” list of logins that are mentioned above, i.e. in the particular case, the microcontroller of the fourth section of the device (including using the microcontroller 172) or the microcontroller 172 searches for the user-entered login in the “white” list of logins and / or in the “black” list of logins.

If the user-entered login is present in the “white” list of logins (and the password entered by the user to enter the system matches the password stored in the microcontroller 182), then the user is granted access to the system as described in the framework of the present invention, in particular, (special ) application. If the user-entered login is present in the "black" list of logins (and the password entered by the user to enter the system matches or does not match the password stored in microcontroller 182), then the user is not granted access to the system, as described in the framework of the present invention, in particular (special) application. If the user entered login is not in the “black” list of logins and in the “white” list of logins (for example, the user logs in for the first time or the “black” list of logins is empty and / or the “white” list of logins is empty), then the user can be provided access, in particular, by a (special) application, to the system in a protected and / or restricted mode (of the system), for example, by using an application that, in a particular case, allows you to create an isolated environment or a dedicated environment for user Vatel with the computer system 101, or virtual, cloud, etc. a system that, in particular, allows for the safe execution of applications (computer programs). Such an application can be a “sandbox” (from the English “sandbox”) or an application that “freezes” a system, in particular, an operating system, in particular, creates a “cast” of the state of the operating system to which the computer system 101 can be restored. It’s worth note that one example of such an application may be Toolwiz Time Freeze, which allows you to “freeze” (the operating) system and return it to its original state, for example, after it turns out that an unauthorized user has logged in (for example, speculator), in particular, whose login was not contained in the “white” list of logins and / or “black” list of logins. Thus, a user whose login was not contained in the “white” list of logins and / or the “black” list of logins will gain access to a system instance (virtual (“cloud”) system), so that when a user changes (state) of the system, it can be restored at a time when such a user has not yet logged in. In the process of the user’s work in such an instance of the system (in the process of user interaction with the system), the computer system 101, system applications, computer administrator 101, security service using software and hardware, etc. can verify the user's reliability, for example, monitor the user's actions, for example, to identify the user as an attacker, including tracking user-installed applications, hacking attempts of the system and / or applications, changing the system, in particular, system files, attempting to boot (and installation) on the computer 101 malware, etc. If during such a check it is established (by the computer system 101, the system applications, the computer administrator 101, the security service using software and hardware, etc.) that the user is not an attacker, then such an application will freeze the computer system 101 can be stopped (closed), and the user can continue to work in the system of computer 101, and the user name can be added (by the system of computer 101, system applications, the administrator of computer 101, service b security using software and hardware, etc.) to the white list. Otherwise (if the user is an attacker), the login of such a user can be added to the black list. It should be noted that the fourth section of the device can be connected to the third section of the device 181 and / or to the second section of the device 171.

It should be noted that the fourth section of the device is connected to the third and / or second section of the device and contains a microcontroller of the fourth section of the device, which stores lists of allowed and forbidden identifiers of user accounts in the system (logins), and the microcontroller of the fourth section of the device is connected to the display connected to the fourth section of the device, and such a display allows the user to at least enter the user account identifier for logging in and / or save, by at least one user account identifier, with which the user account identifier for entering the system for entering the system by the password comparison node 173 is compared. It is also worth noting that the user account identifier for entering the system can be entered by the user using a device connected to the computer input using a user interface element, for example, a text input field of login 415 (FIG. 4), (special) application installed on the computer 101, and further, such a user account identifier entered by the user is transmitted by the application installed on the computer to the computer’s memory, which is then transferred to the microcontroller 162 of the first section of the device 161 and then transmitted along with the login comparison command into a microcontroller 172 for conversion into values of the positions of the rechords on the axes of the potentiometers of the password comparison node 173 using the database (search in the database for comparison symbols of logins and the corresponding values of the positions of the rechords on the axes of the potentiometers of the password comparison node 173 using the database), which are then transmitted to the password comparison node 173, in particular, to the potentiometer 191.

It is worth noting that the user account identifier stored in the microcontroller of the fourth section of the device, with which the user account identifier for entering the system is compared, is transmitted to the fourth potentiometer 192 of the password comparison node 173.

It is worth noting that the microcontroller 172 of the second section of the device 171 compares the user-entered user account identifier for logging into at least one user account identifier stored in the list of allowed user account identifiers and / or the list of prohibited account identifiers users using the password comparison node 173, the user account identifiers being determined by the microcontroller 172 in the second section of the device 171 as identical user account identifiers when the password comparison node 173 is balanced.

As mentioned above, in the third section of the device 181, in particular, in the microcontroller 182, the (saved) password set by the user is set using the display 131 connected to the device 100. Also, the stored password is changed in the third section of the device 181 using the display 131. It is worth noting that in the particular case, in the microcontroller 182 of the third section of the device 181 several passwords can be stored (in particular, can be saved by the user using the display 131), For example, for several systems of computer 101 (in particular, systems installed on computer 101, for example, one password is used for the (operating) system of Microsoft Windows, the other for the Unix-like (operating) system based on the Linux kernel, etc. ), or several passwords for different users of the system. In the particular case, during or after saving such a password to the microcontroller 182, the user can select the (active) password that will be transmitted by the microcontroller 182 to the second section of the device 171 (in particular, to the microcontroller 172) during the comparison of passwords (in particular, ( active) password stored in the microcontroller 182 and the password entered by the user to enter the system) in the second section of the device 171.

It should be noted that in the particular case the third section of the device 181 (containing the microcontroller 182) can be a removable section and is connected, in particular, connected (connected), for example, using a connector, to the second section of the device 171, in particular, at least , to the microcontroller 172 (and, in the particular case, to the potentiometer 175). In the particular case, the third section of the device 181 can be a non-removable, in particular, integral, section of the described device 100 associated with the second section of the device 171. Also, in the particular case, the third section of the device 181 can be output to one side of the housing of the device 100 or computer 101 (for example, using at least one extension cord, adapter, connector, etc. from the second section of device 171). In this particular case, for a user to enter the system (in particular, using the password for entering the system entered in the (special) application by the user), it is necessary to connect (join), for example, by the user (computer 101), administrator of computer 101, etc. ., of the third section of the device 181 to the second section of the device 171. Thus, in such a particular case, the user cannot log into the system without connecting the third section of the device 181 to the second section of the device 171, since for the user to enter the system (and, in a particular case, for user interaction with the system, in particular, for the user to work with the system), it is necessary that the third section of the device 181 is connected (in particular, connected) with the second section of the device 171. It should be noted that connecting the display 131 to the third sections of the device 181, in particular, to the microcontroller 182, is optional while the user is working with the system, in particular, when the user logs on to the system with a password to enter the system using the (special) application.

It is worth noting that, in the particular case, when the third section of the device 181 is disconnected from the second section of the device 171, a (special) application can block user access to the system until the third section of the device 181 is connected. In the particular case, the (special) application is constantly (or regularly), for example, with a certain frequency (once per second, several seconds, minutes, several minutes, hours, etc.) checks if the third section of the device 181 is connected to the second section of the device 171, in particular through the interface that is used to communicate the described device 100 with the computer 101, and / or, in the particular case, which is used to communicate the third section of the device 181 with the second section of the device 171). Also, to monitor (by a (special) application) the presence of the connection of the third section of the device 181 to the second section of the device 171, a limit switch can be used, in particular, installed (placed) on the second section of the device 171 (or at least one part of the limit switch can be placed on the second section of the device 171, and the other part of the limit switch can be placed on the third section of the device 181). Such a limit switch can transmit, using the connecting device 100 described and the interface computer 101, to a (special) application a signal (in particular, data) about the presence or absence of a connection of the third section of the device 181 to the second section of the device 171. In the particular case, after connecting the third sections of the device 181 to the second section of the device 171, the user may need to (re) enter the password to enter the system, in particular, the (special) application may “ask” the user to enter the password for logging into the system as described in the framework of the present invention, for example, using a text box of a graphical user interface or in any other way as described in the framework of the present invention.

 It should be noted that in the particular case when there is power to the disconnected third section of the device 181 from the second section of the device 171, for example, from an external power source or from a display 131 connected to the third section 181 (either integrated in the third section 181 or integrated in the display 131, or connected to the display 131), the user can save (write or rewrite the password) in the microcontroller 182 of the third section of the device 181.

It is also worth noting that, in the particular case, the third section of the device 181 can be made in a separate case, and the first section of the device 161 and the second section of the device 171 can be made in a separate case, and, in the particular case, when connecting two such cases ( in particular, using connectors) a single body of the described device 100 is formed. It should be noted that a single body of the described device 100 can be formed from the first, second, third and fourth sections of the device, if four sections of the device are used as described above.

It is also worth noting that, in special cases, for example, when there is no need for user interaction with the system, after the user has completed work with the computer 101 or after the user has completed the session with the system, the third section of the device 181 can be disconnected from the second section of the device 171, in particular , the connection between the third section of the device 181 and the second section of the device 171 can be “broken”, for example, the connection (wired or wireless) between the third section of the device 181 and the second section of the device 171, and the third section of the device 181 can be placed in a safe place (storage), for example, in a safe, to ensure the safety and security of the password stored in the microcontroller 182 of the third section of the device 181. It should also be noted that the display 131 may be disconnected from the third section of the device 181, in particular from the microcontroller 182 (for example, can be removed from the connector for connecting the display 131 of the third section of the device 181) and can also be placed in a safe place (storage), in particular, to prevent ascheniya unauthorized access to the password (for example, to view a password) stored in the third section of the apparatus 181, in particular in the microcontroller 182.

Said display 131 is a removable module (in particular, a device) and, in a particular case, is attachable (connected) to microcontroller 182. It should also be noted that display 131 may be a non-removable, in particular integral, display connected to microcontroller 182. In the particular case, the display 131 can be displayed on one side of the housing of the device 100 or computer 101 (for example, using at least one extension cord, adapter, connector, etc., associated with the second section of the device 171, in particular at the extreme th least to the microcontroller 172).

Also, it is worth noting that the display 131, used to enter and change the password to be stored in the microcontroller 182, can be connected to the third section of the device 100, in particular, to the microcontroller 182, for example, using a connector, in a particular case, output to one from the sides of the case of the described device 100. As mentioned above, the microcontroller 182 of the third section of the device 181 transfers the stored password in the microcontroller 182 to the password comparison node 173, in particular, to the upper right shoulder 177 (on the potentiometer 175) the password comparison unit 173 through microcontroller 172.

The said display 131 connected (connected, connected) to the microcontroller 182, in particular, is equipped with a connector through which it is connected to the third section of the device 181, in particular, to the microcontroller 182 (to the connector of the microcontroller 182). It is worth noting that in a particular case, the display 131 is equipped with an adapter for connection to the microcontroller 182, which can also be equipped with a connector, which in a particular case is located on the housing of the described device 100 (or moved outside the described device 100) and allows (the user) to connect or disconnect the display from the device, in particular from the third section of the device 181 (in the particular case, from the microcontroller 182). It is worth noting that, in the particular case, when the described device 100 is placed in the computer 101, the connector connected to the microcontroller 182 (the connector of the microcontroller 182) for connecting the display 131 can be placed (installed, in particular, fixed) on the computer case 101. It is also worth note that the microcontroller 182 can be connected to the display 131 by any known type (type, method, etc.) of communication (in particular, wired or wireless), as mentioned in the present description of the invention.

As mentioned above, in the microcontroller 182 (in particular, in the memory of the microcontroller 182, which in a particular case is a non-volatile memory of the microcontroller 182, for example, the firmware of the microcontroller 182), a password entered by the user using the display 131 is recorded or rewritten, and This saved password is a (reference) password that provides the user with access to the system, i.e. when a user enters a password for entering the system using the input device 111, such a password for entering the system is compared, as described in the framework of the present invention, with the stored password in the microcontroller 182.

Said display 131 (when connected to the device 100, in particular, to the microcontroller 182 of the third section of the device 181) can be used to display to the user the password stored in the microcontroller 182, for example, so that the user can see such a saved password if he forgot him (in particular, to remember the saved password).

As mentioned above, the display 131 is used when the user enters a password (in particular, password characters) in order to store such a password in the microcontroller 182 of the third section of the device 181. Thus, the display 131 using at least one user interface element can be the password is displayed (in particular, password characters) entered by the user in order to save it (write or rewrite) to the microcontroller 182.

The display of the entered password (for saving in the microcontroller 182) and / or the saved password (in the microcontroller 182) on the display 131 can be carried out using a user interface, for example, a graphical user interface (in particular, a window interface, a web interface, etc. ), a text user interface (in particular, a command line interface), etc.

It is worth noting that the input of a password (in particular, password symbols) stored (written or rewritten) into the microcontroller 182 can be carried out using one of the known types of input devices, for example, the same as input device 111, display keyboard 131 (in particular , which is the software, hardware or software and hardware part of the display 131), including the keyboard connected to the display 131, etc. Such a keyboard may be an on-screen keyboard (in particular, a virtual keyboard), and the display screen may be configured to perform touch input, i.e. the display screen 131 may be a touch screen (in particular, a touchscreen - from the English. touchscreen). It is worth noting that the display 131 may be a resistive display, a projection-capacitive display, a surface-capacitive display, a display on surface-acoustic waves, a touch-scan display, etc.

It should be noted that when saving (writing or rewriting) the password to the microcontroller 182, the display 131 may display at least one user interface element, in particular, a graphical user interface element, for example, a software “window” (515 in FIG. 4 and FIG. 5) and a text field, for example, a text field (password) 525 in FIG. 4 and FIG. 5), or a text user interface, and such an element of the user interface allows the user to enter a password (password characters) when recording or rewriting it in microcontroller 182.

It is also worth noting that the user interface displayed on the display 131 may include at least one user interface element for confirming the password to be stored in the microcontroller 182 or to display the password stored in the microcontroller 182, or to call (graphical, text etc.) a menu and / or any other (graphical, text, etc.) interface element, for example, for recording or rewriting (in particular, re-saving) a password in microcontroller 182. For example, a graphical interface Users may comprise dc key (Engl. button), for example, a soft key, as a software button 535 (FIG. 4 and FIG. 5) to confirm the password to be stored (when recording or rewriting) the user in the microcontroller 182.

In a particular case, the display 131 is an auxiliary device of the microcontroller 182. Also, the display 131 frees the user (from boring and inconvenient) to remember the password required to enter the system, since the password required to enter the system is stored in the microcontroller 182 and can be obtained by the display 131 from the microcontroller 182 and displayed on the demand 131 by the display 131 to the user, in particular by connecting (attaching) the display 131 to the third section of the device 181, in particular, at least e, to microcontroller 182.

It is worth noting that in the particular case, instead of the display 131, an input device, for example, an input device 111, can be connected to the microcontroller 182 to enter a password to store it in the microcontroller 182, and, in the particular case, the input device may include (in particular , can be equipped with) a module (in particular, a device) for displaying data, in particular, a screen, or such an input device can be connected to another device, in particular, allowing at least display data (information), for example, a smartphone , P anshetom, projector, etc.

In the particular case, when connecting (attaching) the input device to the microcontroller 182, any of the known types of adapters (adapters) can be used, and such an adapter can include at least one microcontroller, microprocessor, etc., allowing, for example, , converting data, in particular, from the format of the input device 111 to the format of the microcontroller 182 and / or from the format of the microcontroller 182 to the format of the input device.

It should be noted that during the system’s operation, including during the user's work at the computer, for example, when the user logs on to the system (in particular, when the user enters the password to enter the system), after the user logs on to the system, etc. , the display 131 can be as connected to the device 100 (in particular, to the microcontroller 182), and can be disconnected from the device 100. So, for example, the display 131 can be disconnected from the device 100 after writing or rewriting the password in the microcontroller 182, or user can leave di a spline 131 connected to the described device 100.

It should be noted that at least one part of the described device 100, for example, at least one section of the device (the first section of the device 161 or the second section of the device 171, or the third section of the device 181, or the fourth section of the device) or, at least at least one component (for example, a display 131, a password comparison unit 173, a microcontroller (162, 172, 182), etc.) of at least one such section of the device may be located outside (outside the case) of the computer 101 or inside (within the case) of the computer 101, and at least e, one said component (s) may be associated with the described device 100 and / or computer 101, and / or another component of device 100 and / or device portion.

The connection between the described device 100 (including between the sections of the device, the components of the device, including the components of the sections of the device 100, etc.) and the computer 101, in particular, for transmitting data (signals, commands, including control commands, notifications, etc. e.) between the described device 100 and the computer 101 can be carried out using any known or later invented at least one method (device, technology, etc.) of communication between devices, in particular, that implements the transmission of data (signals and t .d ., as mentioned above) between devices, for example, in digital, analog or any other known type, format, form, etc. data transmission (signals, etc.). It is worth noting that the described device 100 and the computer 101 can be interconnected by any known (or later invented) type (method, type) of wired communication and / or wireless communication, in particular, using at least one module (wired and / or wireless) communication.

It is also worth noting that the described device 100 (including device sections, components of device sections, etc.) and computer 101 may be connected by one or another known at the present time or invented in the future directly (for example, via terminals and / or wires, soldering, riveting, etc.) or indirectly (through intermediate devices, including various types of converters, in particular, converters / converters of information, including data in analog form, digital form or in any other known form of information ) for example, through wired communication, wireless communication, through various types of connectors, etc.

It is also worth noting that the data exchange between the computer 101 and the described device 100 (in particular, with at least one section of the described device, for example, the first section of the described device 161) or between the sections of the described device 100 can be performed using at least at least one interface, protocol, etc., in particular, an interface, protocol, etc. data transmission.

So, for example, in the particular case, the described device 100 can be connected to computer 101 using a USB interface, PCI Express interface (bus) (PCIe, PCI Express X1, Mini PCI-E, SSD Mini PCI Express, ExpressCard, PCI Express 2.0, PCI Express 2.1, PCI Express 3.0, PCI Express 4.0, PCI Express 5.0), which is a computer bus using the software model of the PCI bus and a high-performance physical protocol based on serial data transfer, and can also be connected using a USB interface, Serial Peripheral Interface Bus, Universal Serial Bus, FireWire, i.Link, Direct Media Interface, Intel QuickPath Interconnect, SATA / SAS and others and terfeysov (tires), currently known or later invented.

In the particular case, the connection of the described device 100, for example, implemented using an expansion card, can be connected to a computer 101, in particular, to the motherboard of a computer 101, through one of the expansion slots using at least one adapter between different types (views, versions, etc.) of interfaces. Such an adapter can connect (in particular, for data exchange) the described device 100 (in particular, the first section of the device 161) using one interface (bus), for example, PCI Express, with computer 101 through another computer interface, for example, USB (via USB port), COM interface, IEEE1394 serial high-speed bus, etc. So, for example, if the described device 100 is implemented using a PCI Express X1 expansion card, and the motherboard is equipped with a PCI Express X16 slot, then the PCI Express X1 to PCI Express X16 adapter can be used to communicate (in particular, install) the expansion card implemented PCI Express X1 of the described device with the PCI Express X16 slot of the motherboard of the computer 101. Also, if the described device 100 is implemented using, for example, a PCI Express X1 expansion card, and the computer 101 (in particular, the motherboard of the computer 101) is equipped with a USB port, then we can t be used by the adapter USB-PCI - Express X1. Also, if the described device 100 is implemented, for example, with a PCI Express X1 expansion card, and computer 101 (in particular, the motherboard of computer 101) is equipped with a miniPCI Express connector (miniPCI-E, miniPCIe), then the miniPCIe to PCI Express adapter can be used ( in particular, miniPCIe-PCI Express X1). It should be noted that the said adapter can be installed in the housing of the described device 100, inside the computer 101 or between the described device 100 and the computer 101.

It is worth noting that in the particular case, the first section of the device 161 is connected to the computer 101 through a connector located on the motherboard of the computer 101, and is not detected (not recognized) by the operating system and / or basic input / output system (BIOS, from English basic input / output system, BIOS, BSVV) of the computer 101. In the particular case, this approach prevents unauthorized access to the described device 100 (in the particular case, at least to the microcontroller 162 and / or microcontroller 172, and / or microcontroller 182, and / or pair comparison node MDL 173, etc.), e.g., with the intention of "hacking" the described device 100, e.g., microcontroller firmware (162, 172, 182).

In the particular case, the power of the described device 100 and its components (electronic, electrical, etc.) parts (in particular sections of the described device 100, sections of the device 100, components of the sections of the device 100, etc.), for example, microcontrollers, potentiometers, etc., can be carried out through the power provided by the expansion card (card) (for example, PCI Express card), a USB port (USB interface), etc. Thus, in the particular case, the power of at least one part (in particular, the section of the described device 100) is provided from the computer 101. Also, the power of the described device 100 (or at least one section of the described device, for example, the third sections of the device 181) can be implemented using a power source, for example, a power supply, batteries, etc., and the power source can be both external and internal to the described device 100 (or at least one tion described device 100).

In the particular case, at least one part of the described device, in particular at least one section of the device (the first section of the device 161 or the second section of the device 171, or the third section of the device 181, or the fourth section of the device) may be (may be implemented), at least one printed circuit board, with components, for example, microcontrollers (162, 172, 182), potentiometers (174, 175, 191, 192), connectors, placed on such at least one printed circuit board etc. So, for example, the first section of the device 161 may include at least a microcontroller 162 located on a printed circuit board; the second section of the device 171 may include at least a microcontroller 172, potentiometers (174, 175, 191, 192) of a password comparison node 173 located on a (other) printed circuit board; the third section of the device 181 may comprise at least a microcontroller 182 located on a (third) printed circuit board.

It is worth noting that, in the particular case, one or more of the mentioned sections of the device, in particular, the components of such sections of the device (for example, microcontrollers, potentiometers, etc.), can be placed on one printed circuit board.

It is also worth noting that at least one of said printed circuit boards on which at least one said section of the device is located may be connected to a computer 101 or another printed circuit board (of the described device 100 or computer 101) by any known or invented later way.

In the particular case, the first section of the device 161 can be (can be implemented) a printed circuit board, in particular, a (PCI) PCI Express printed circuit board, with components of the first section of the device 161 placed on it, including at least a microcontroller 162. The second section of the device 171, in particular, being a (realized) printed circuit board, with components of the second section of the device 171 located on it, which include at least a microcontroller 172, potentiometers (174, 175, 191, 192) of the password comparison node 173, is associated with ( printed circuit board PCI Express (on to the components of the first section of the device 161) are placed, in particular, through a connector (electrical connector). The third section of the device 181, in particular, which is (implemented) a printed circuit board, with components of the third section of the device 181 located on it, which may include at least a microcontroller 182, connected to the printed circuit board (on which the components of the second section of the device 171 are located) in particular through the connector.

Thus, the microcontroller 162 (and other components) of the first section of the device 161 (maybe) is connected to the microcontroller 172 (and other components, for example, a potentiometer 174) of the second section of the device 171, which, in turn, is connected to the microcontroller 182 of the third section of the device 181 using communications (in particular, connections) between said printed circuit boards.

It is worth noting that each of the microcontrollers (162, 172, 182) can be an STM32 (Discovery) microcontroller with ARM architecture and include debugging functionality, in particular, include a debug board (or debug module). In the particular case, for the microcontrollers described in the framework of the present invention, KEIL software tools can be used with the uVision development environment (formatting) (MDK-ARM) and 32 Kbyte ULink ST-Link debugger / programmer, the mentioned architecture (ARM) of the microcontrollers and tools specify (determine) the formats of data, signals, etc. used in the described device 100

It is also worth noting that at least one printed circuit board of the sections of the described device (the first section of the device 161, the second section of the device 171, the third section of the device 181, the fourth section of the device) can be placed in the case of the device 100 or on the surface of the case, or can be removed from the housing of the described device 100, and at least one printed circuit board outside the housing of the described device 100 may be connected to other printed circuit boards of the described device 100 using using a wired or wireless type of communication (for example, using at least one connector, module (device) for wireless data transmission, wires, etc.) and may have its own housing.

In the particular case, the components of at least one of the described sections of the device are mounted (placed) on one (printed) PCI Express card, or the components of the first section of the device 161 and the components of the second section of the device 171 can be mounted on the (printed) PCI Express card and the components of the third section of the device 181 can be placed on another printed circuit board (not necessarily PCI Express) connected (in particular, using a connector) to the (printed) PCI Express board on which the components of the first section of the device 161 and the components of the WTO are mounted swarm sections of the device 171.

In the particular case, the first section of the device 161 may include an adapter connected to the input device 111 and connected to the microcontroller 162 through an interface for connecting peripheral devices. In the particular case, such an adapter can transmit the password entered from the input device 111 by the user for entering the system through the interface for connecting peripheral devices to the microcontroller 162. It should be noted that the mentioned interface for connecting peripheral devices can be a USB interface (USB port), PS / 2 interface (PS / 2 port), RS-232 interface (COM port / RS232 port), etc. It is also worth noting that the first section of the device may include a USB controller (realizing a USB interface), which is connected to the computer 101, in particular, to the computer motherboard, for example, through the interface (in particular, the bus, port) used by the described device 100, for example, in the particular case, as mentioned above, through the PCI Express interface, in case the described device is implemented with a PCI Express expansion card (card).

It is worth noting that microcontrollers (162, 172, 182) can be implemented using the ARM architecture (Advanced RISC Machine - an advanced RISC machine), for example, the Cortex family, or any other architecture. It is also worth noting that, in the particular case, the microcontrollers (162, 172, 182) are identical to each other (identical).

In FIG. 2 shows an exemplary embodiment of a measuring bridge circuit. The measuring bridge (Wheatstone bridge, Wheatstone bridge, from the English - Wheatstone bridge) is an electrical circuit (or device) that allows you to measure electrical resistance and, in the particular case, allows you to determine the value of the unknown electrical resistance of the resistor 229.

The principle of measuring resistance (in particular, the unknown resistance of resistor 229) is based on equalizing the potential of the middle terminals of the two branches.

One of the branches of the measuring bridge includes a two-terminal device, in particular, a resistor 229, the resistance of which is required to be measured. Another branch of the measuring bridge contains an element whose resistance can be adjusted (for example, a rheostat) 228. Between the branches (points of nodes 222 and 232) of the measuring bridge, indicator 212 can be placed. It should be noted that the indicator may be a galvanometer, a zero indicator, a voltmeter or an ammeter .

The resistance of the second branch resistor 228 is changed until the potentials of the points of the nodes 232 and 222 become equal, in particular, the readings of the indicator 212, in particular the galvanometer, become zero, that is.

In the figure of FIG. 2, resistor 229 is a resistor, the resistance to be measured. The resistance of resistor 226, resistor 227 (and, in particular, resistor 228) are known, and the resistance of resistor 228 is changed to balance the measuring bridge.

If equality holds

,

,

where R1 is the resistance of resistor 226, R2 is the resistance of resistor 228, R3 is the resistance of resistor 227, Rx is the resistance of resistor 229,

then came the "equilibrium of the bridge" ("the bridge is balanced", "the bridge is balanced"), and the potential difference (voltage) between the points of nodes 232 and 222 shown in FIG. 2 of the measuring bridge circuit is equal to zero, and the current between the points of the circuit nodes 232 and 222, in particular through the indicator 212, does not flow (equal to zero). If the measuring bridge shown in FIG. 2 is unbalanced, then the potentials of the points of the nodes 232 and 222 will not become equal, and, in particular, a change in the readings of the indicator 212, in particular, the galvanometer, will indicate that the resistance of the resistor 228 is too large or too small. The resistance value of the variable resistor 228 is adjusted until the value (indication) of the indicator 212, in particular the galvanometer, is zero. Indicator 212 allows you to determine the absence of current in the circuit with high accuracy. Therefore, in the particular case, if the resistor 226, the resistor 228 and the resistor 227 are high-precision resistors, then the unknown resistance of the resistor 229 can be measured with high accuracy. Small changes in the resistance of the resistor 228 will imbalance the measuring bridge, which is measured (in particular, visualized) by the indicator 212, in particular, a galvanometer. In the particular case, with a smooth change in the resistance of the resistor 228, the indicator 212, in particular, a galvanometer, is able to record the moment of equilibrium with high (high) accuracy. If the values (values) of the resistances of the resistors 226, 228 and 227 are measured with a small error, then the value (value) of the resistances of the resistor 229 can be calculated with high (high) accuracy.

It is worth noting that, in the particular case, the microcontroller 172 processes the signals of the password comparison node 173 (in particular, the signals of the measuring bridge, which is shown in FIG. 2, the resistors of which are replaced by potentiometers, in particular, motorized potentiometers, as shown in FIG. . 3).

It is worth noting that resistor 226 is called the upper upper arm of the measuring bridge (forms the upper upper arm of the measuring bridge), resistor 227 is called the upper upper arm of the measuring bridge (forming the upper right arm of the measuring bridge), resistor 228 is called the lower left arm of the measuring bridge (forms the lower left the shoulder of the measuring bridge), the resistor 229 is called the lower right shoulder of the measuring bridge (forms the lower right shoulder of the measuring bridge).

In FIG. 3 shows an exemplary embodiment of one of the options for a motorized potentiometer that replaces the resistor (226, 227, 228, 229) of the measuring bridge, an exemplary version of which is shown in FIG. 2. As mentioned above, a measuring bridge, an approximate version of which is shown in FIG. 2, the present invention is implemented using motorized potentiometers, so each of the resistors (323) of the measuring bridge (resistor 226, resistor 227, resistor 228, resistor 229, FIG. 2) in the measuring bridge circuit is replaced by a motorized potentiometer 333 (shown in FIG. 1, as elements 174, 175, 191, 192, respectively). It is worth noting that the motorized potentiometer 333, used instead of the resistor 323 (each of the resistors 226, 227, 228, 229, FIG. 2) of the measuring bridge, can be used motorized potentiometer RK 168.

As mentioned above, on the two (upper) arms (upper left shoulder 176 and upper right shoulder 177) of the password comparison node 173 (using the microcontroller 172), the passwords (received by the microcontroller 172 from the microcontroller 162 and the microcontroller 182) are compared, in particular, the converted passwords (in particular, password symbols) are compared to the values of the rechord positions (reochord engine) on the axes of the potentiometers, and the converted passwords (for entering the system) from the microcontroller 162 are transmitted (by the microcontroller 172) to the potentiometer 174 of the upper left shoulder 176 of the password comparison node 173, and the converted password characters from the microcontroller 182 are transmitted (by the microcontroller 172) to the upper right shoulder 177 (to the potentiometer 175) of the password comparison node 173.

It is worth noting that the upper left shoulder 176 of the password comparison node 173 is (in particular, can be implemented) a motorized potentiometer, in particular, replacing the resistor 226 (FIG. 2) in the original measuring bridge shown in FIG. 2; the upper right shoulder 177 of the password comparison node 173 is (in particular, can be implemented) a motorized potentiometer, in particular, replacing the resistor 227 (FIG. 2); the lower left shoulder 178 of the password comparison node 173 is (in particular, can be implemented) a motorized potentiometer, in particular, replacing the resistor 228 (FIG. 2); the lower right shoulder 179 of the password comparison node 173 is (in particular, can be implemented) a potentiometer, in particular, replacing the resistor 229 (FIG. 2).

It is worth noting that, in the particular case, motorized potentiometers (174, 175, 191, 192) are used (instead of resistors (226, 227, 228, 229)) to ensure sufficient accuracy in setting (setting) the values of the positions of the rechord (reochord engine) on the axes of potentiometers.

In the particular case, the microcontroller 162 of the first section of the device 161 is responsible for (in particular, controls) the upper left shoulder 176 of the password comparison node 173 through the microcontroller 172 of the second section of the device 171.

Also, the microcontroller 162 of the first section of the device 161 is responsible for communication (in particular, data exchange) with the computer 101 (in the particular case, through the microcontroller 162), in particular, the microcontroller 162 transmits data (signals, commands, password for entering the system, etc.) .d.) to the microcontroller 172, for example, the password entered by the user to enter the system and the (control) command to compare passwords, and receives data from the microcontroller 172, for example, the (control) command to unlock the system, in particular, if It was established (in particular and, by the microcontroller 172 using the password comparison node 173), that the user has entered the correct password to log into the system.

In the particular case, the microcontroller 182 of the third section of the device 181 is responsible for the upper right shoulder 177 of the password comparison node 173 through the microcontroller 172.

It is worth noting that, in the particular case, the microcontroller 162 and the microcontroller 182 are unrelated (directly) to each other, in particular, any data transfer protocols, which, in the particular case, can improve security, since, in the particular case, any ( temporary) “rupture" of the circuit increases its autonomy and security against unauthorized access.

In FIG. 4 shows an exemplary embodiment of a user interface element for entering a login and password for logging into a system or for storing a password in the described device 100, or for entering a login (and password) using a display connected to the described device.

In FIG. 5 shows an exemplary embodiment of a user interface element for entering a password for logging in or for storing a password in the described device 100.

As mentioned above, when entering a password to enter the system (in particular, followed by saving such a password to enter the system in the microcontroller 162) or when saving (writing or rewriting) the password in the microcontroller 182 of the described device 100 on the monitor screen with the computer 101 (in particular, connected to the computer 101 or which is part of the computer 101) or on the display screen 131, at least one user interface element can be displayed through which the user can enter a password for logging into the system or a password for saving in the described device 100. Such an element of the user interface may or may include at least one software “window” 515, in particular, a dialog software “window” (“window”, “window” "User dialogue, an element of a" dialogue "with the user, etc.), and such a" window "515 may contain at least one user interface element, for example, a text field 525, for a user to enter a password (for entering the system or for recording or dubbing in a microcontroller 182 of the device 100), and may also contain at least a user interface element, for example, a soft button 535 for confirming the password entered by the user (for entering the system or for recording or overwriting in the microcontroller 182 of the device 100).

As mentioned above, in the particular case, several passwords can be stored in the microcontroller 182, and the user interface element of the (special) application, for example, the software “window” 515, can contain at least one displayed, in particular, in the (special ) to the application, the user interface element for the user to select one of the saved passwords in the microcontroller 182, with which the password for entering the system (transmitted from the microcontroller 162) will be compared in the second section of the device 171, entered by the user, in particular, using at least one user interface element, for example, a text field (password) 525. That is, in the particular case, the user selects (sets, sets) the password to select it in as an active password, in particular, an active password in the microcontroller 182, and in the microcontroller 182 the fact that such a password is active and, in a particular case, will be used for comparison the next time the user tries to log into the system with the input m password to log in. The mentioned user interface element for selecting one of the saved passwords by the user can be, for example, a menu containing passwords stored in the microcontroller 182 and / or radio buttons (from the English radio button), a flag (flag button, checkmark, checkbox, from English. check box), list (from the English list box), button, tree, drop-down list (the English combo box), context menu (the English popup menu), etc.

In the particular case, said user interface element for the user to select as an active password one of the saved passwords or the password to be saved during storage (recording or rewriting) or after storing such a password in the microcontroller 182 can be displayed on the display screen 131, in particular using the software of the display 131 and / or the described device 100, in particular, the microcontroller 182.

In FIG. 6 shows a flowchart of an exemplary embodiment of a user interaction process with a described device and a computer with an installed (special) application, as well as the interaction of the described device with a computer.

In step 610, the user (or administrator, or manufacturer, or seller) of the computer 101 connects the described device 100 to the computer 101. It should be noted that, in the particular case, step 610, step 622 and step 638 can be performed before or after turning on the computer 101 Next, go to step 614. If in step 614 the user needs to remember the password stored in the microcontroller 182 of the third section of the device 181, or save (write or rewrite) the password in the microcontroller 182 of the third section of the device 181, then stvlyaetsya proceeds to step 618. It should be noted that in the special case described connection device 100 to the computer 101 may be implemented to turn on the computer 101, after turning on the computer 101, or at the time of turning on the computer 101.

In step 618, the user or the described device, and / or the (special) application, and / or computer 101 checks whether the display 131 is connected (connected, connected, etc.) to the described device 100, in particular, to the third section devices 181. If it was established in step 618, the display 131 is connected to the described device 100, in particular, connected (for example, connected) to the described device 100, then proceeds to step 626.

If it was determined in step 618 that the display 131 is not connected to the described device 100, then in step 622 the user connects (connects) the display 131 to the described device 100.

In step 626, the display 131 (using the microcontroller 182, in particular, using the firmware of the microcontroller 182, and in particular, using the display means 131) displays at least one user interface element (interface element) for entering a password (for example, as shown in FIG. 5) in order to save it (record or overwrite) in the microcontroller 182 of the third section of the device 181. It should be noted that the display 131 can also be displayed to the user stored in the microcontroller 1 82 password (and / or login), in particular using at least one user interface element. It is also worth noting that at least one user interface element can be displayed on the display 131, for example, a menu for the user to select options for actions, for example, such options may include: displaying a password, recording a password, rewriting (changing) a password, and etc.

Next, in step 630, the user, using at least one user interface element, enters a password (and / or login) to record or rewrite the password in microcontroller 182 of the third section of device 181.

Further, in step 634, the password (and / or login) entered by the user in step 630 is stored (recorded or rewritten, in particular, recorded (by means of microcontroller 182), in particular, “on top” of the previously saved password (or in the particular case, in addition to the previously saved password), if there was one) in the microcontroller 182, in particular, after the user confirms the password (the password entered).

Further, in optional step 638, the display can be disconnected (for example, by the user) from the third section of the device 181.

 If in step 614 the user does not need to remember the password (and / or login) or save the password in microcontroller 182, in particular, the user needs to log in, then proceed to step 642.

In step 642, the user on the screen (in particular, the monitor) of the computer 101 with a (special) application installed on the computer 101 displays a user interface element (for example, as shown in FIG. 5) for the user to enter a password (and / or login) for logging in. It is worth noting that after turning on the computer 101 (for example, by a user or remotely), the operating system of the computer 101 is loaded. At the same time or after the computer 101 is loaded, the computer starts, in particular, loading the (special) application, in particular, blocking the (standard) software (programs, applications) for entering the system (if installed on computer 101), and instead of the dialog box (standard) software for ode mapping is performed in said user interface element which, in the particular case is a dialog box for the logon.

Next, in step 646, the user enters the password (and / or login) to enter the system in the displayed user interface element (and, in the particular case, the user confirms the entered password to enter the system). The user-entered password for entering the system, in particular, is transferred to the Random Access Memory (RAM) of the computer 101.

Next, in step 650, the (special) application installed on the computer 101 transfers the user-entered password (and / or login) to enter the system (from the RAM of the computer 101) to the described device 100, in particular, to the microcontroller 162 of the first section of the device 161 ( and, in the particular case, it saves (writes) the transmitted password for logging in to the microcontroller 162).

Next, in step 654 (which is shown in FIG. 7), the described device 100 compares the password (and / or login) transmitted (and recorded) to the microcontroller 162 with the password stored in the microcontroller 182.

Next, in step 660, the (special) application unblocks the system (providing the user with access to the system), if it was determined by the described device 100 in step 654 that the password entered by the user for entering the system matches the password stored in microcontroller 182.

In FIG. 7 shows a block diagram of an exemplary option for comparing passwords in the described device, in particular, step 654 is shown (FIG. 6).

In step 717, the first section of the device 161, in particular, the microcontroller 162 of the first section of the device 161, transmits (transmitted in step 650 to the microcontroller 162 and, in particular, the password for logging into the second section of the device 171 stored in the microcontroller 162, in in particular, in the microcontroller 172 of the second section of the device 171. Also, in step 717, the microcontroller 162 transmits to the second section of the device 171, in particular, the microcontroller 172, commands for comparing passwords.

Next, in step 727, the second section of the device 171, in particular, the microcontroller 172, executes the received command to compare the passwords. The microcontroller 172 converts into the values of the positions of the rechord (engine-reochord) on the axis of the potentiometer (characters) of the password for entering the system transmitted to the microcontroller 172 of the second section of the device 171. It is worth noting that the mentioned conversion is performed by matching the microcontroller 172 characters of the password entered by the user for login with characters that may be present in the password and which are stored in the database of the microcontroller 172, and by receiving (subtracting) the micro by the controller 172 from the database corresponding to such characters of the password entered by the user to enter the system of values of the positions of the reochord (slider-reochord) on the axis of the potentiometer, in particular, in the form of a number of revolutions of the axis of the potentiometer, which are also stored in the database of the microcontroller 172.

Next, in step 737, the microcontroller 172 transmits the re-chord (engine-re-chord) converted to the position values on the axis of the password potentiometer (password symbols) to enter the system, to the password comparison node 173, in particular, to the potentiometer 174.

Next, in step 747, the second section of the device 171, in particular, the microcontroller 172, transmits to the third section of the device 181, in particular, the microcontroller 182 of the third section of the device 181, the command to retrieve the password (in particular, password characters) stored in the third section devices 181, in particular, in the microcontroller 182. Also in step 747, the microcontroller 182 of the third section of the device 181 transmits to the microcontroller 172 of the second section of the device 171 the password (password characters) stored in the third section of the device 181.

Next, in step 757, the second section of the device 171, in particular, the microcontroller 172, converts the transmitted password (password symbols) from the microcontroller 182 into the second section of the device 171, in particular, to the microcontroller 172, into the values of the reochord (reo-chord) positions on the axis of the potentiometer in particular, the aforementioned conversion is carried out by matching the microcontroller 172 characters transferred to the microcontroller 172 stored password in the microcontroller 182 with characters that may be present in the password and which are stored in the database of the microcontroller 172, and by obtaining (subtracting) by the microcontroller 172 from the database the stored password in the microcontroller 182 corresponding to such symbols of the reochord (slider-reochord) values on the axis of the potentiometer, in particular, in the form of a digit the revolutions of the axis of the potentiometer, which are also stored in the database of the microcontroller 172.

 Next, in step 767, the microcontroller 172 transmits the password converted to the position values of the rechord (slider-reochord) on the axis of the potentiometer to the password stored in the microcontroller 182 and transmitted to the microcontroller 172 to the password comparison node 173, in particular, to the potentiometer 175. It should be noted that the microcontroller 172 can transfer the command to the password comparison node 173 to compare the passwords, in particular, the converted passwords (converted password characters to the values of the positions of the rechord (engine-reochord) on the axis along the password tensiometer for entering the system and the converted symbols of the password transmitted from the microcontroller 182 to the values of the positions of the reochord (reochord slider) on the axis of the potentiometer).

In step 777, if the password comparison node 173 is balanced, which is the fact that the passwords match (in particular, each of the password characters, for example, the first character of the first password - with the first character of the second password, the second character of one password - with the second character of the second password and t .d.), in particular, the correctness of the password entered by the user to enter the system, the second section of the device 171, in particular, the microcontroller 172, transmits to the first section of the device 161, in particular, to the microcontroller 162, a command (in particular, a notification) About, that login can be unlocked. Further, the described device 100, in particular, the first section of the device 161, in particular, the microcontroller 162 of the first section of the device 161, transmits a command (in particular, a notification) to the (special) application that the login can be unlocked.

The following is an exemplary version of the (source) program code, in particular listing, of the (special) application described in the present invention, in particular, an example for the Windows operating system, and the text after the "//" characters are comments on the source below code:

// Declare as a private member of the class form a variable of type HWND (window handle (from the English handle window)) and two procedures (“logon” and “check”), which are described below.

type

 TForm1 = class (TForm)

 ...

private

 {Private declarations}

 h1: HWND; // declare a variable containing the window identifier

 procedure logon (); // announcement of the system blocking procedure, including, but not limited to, the Desktop and the Taskbar, until the password for entering the system is entered correctly by the user (until the user enters the correct password for entering the system)

 procedure check (); // announcement of the “check” procedure to start checking the correctness of the password entered by the user for entering the system

public

 {Public declarations}

end;

// Next (in the "implementation" section) the procedures are created

// The “check” procedure below starts the verification of the correctness of the password entered by the user for entering the system. If the described device 100 confirms the correctness of the user-entered password for entering the system (by comparing, as described in the framework of the present invention, the user-entered password for entering the system and the password stored in the microcontroller 182 of the third section of the device 181), then (by the application) the user is provided access to the system, in particular, unlocks at least the “Desktop” and the “Taskbar”. After giving the user access to the system, the (special) application can shut down or continue to function in the background, for example, until the user logs out. If the user password for entering the system does not match the password stored in the microcontroller 182, then the (special) application continues to display the user interface element (for example, as shown in FIG. 5) for the user to enter the password for entering the system.

procedure TForm1.check ();

begin

 pass enter M3 // digital input of the microcontroller (M3) 162 of the first section of the device 161

then // if the device 100 determines that the password entered by the user to enter the system matches the password stored in the microcontroller 182

 begin

  // (special) application receives (“recognizes”) the desktop identifier

  h1: = FindWindow ('Progman', nil);

  // (special) application is allowed to work with the desktop, in particular, the (special) application is given access to the desktop

  ShowWindow (h1, sw_show);

  // special) application receives the taskbar identifier

  h1: = FindWindow ('Shell_traywnd', nil);

  // (special) application is allowed to work with the taskbar, in particular, the (special) application is granted access to the taskbar

  ShowWindow (h1, sw_show);

  halt; // close the program

 end // otherwise (if the device 100 determines that the password entered by the user to enter the system matches the password stored in the microcontroller 182), a message is presented (displayed) to the user (for example, using at least one interface element user) that the user password for entering the system is not correct

 else ShowMessage ('Wrong password!');

end;

// The “logon” procedure below blocks the desktop and the system’s taskbar, and then checks to see if the user is trying to disable the (special) application, for example, using the task manager. If the task manager window is open, then the (special) application closes (in a particular case, minimizes) it.

procedure TForm1.logon ();

begin

 // get the id of the desktop

 h1: = FindWindow ('Progman', nil);

 ShowWindow (h1, sw_hide); // hide (close, in particular, minimize) Desktop

 // search for the taskbar

 h1: = FindWindow ('Shell_traywnd', nil);

 ShowWindow (h1, sw_hide); // taskbar is hidden

 // checks to see if the task manager is running //

 h1: = FindWindow (nil, 'Windows Task Manager');

// if Task Manager is running, then it closes

 if (h1 <> 0) then PostMessage (h1, WM_QUIT, 1, 0);

end;

// Next, the “check” and “logon” procedures are called. So, for example, in the particular case, when the user presses the “Enter” button, the “check” procedure is called.

procedure TForm1.Button1Click (Sender: TObject);

begin

 check;

end;

// In order not to bother the user by clicking the button on the form, this operation can be simulated by pressing the <Enter> key in the "pass" field, which creates the "pass.OnKeyРеss" event handler.

procedure TForm1.passKeyPress (Sender: TObject; var Key: Char);

begin

 if key = # 13 then // if the "Enter" button (key) is pressed

  check; // then the check procedure is called

end;

// # 13 - Enter key code

// For the first timer, the OnTimer event will contain only the call to the “logon” procedure

procedure TForm1.Timer1Timer (Sender: TObject);

begin

 logon;

end;

// For the second timer (for which the "Interval" property has a value of 1000), the following code is added to the "OnTimer" event handler:

procedure TForm1.Timer2Timer (Sender: TObject);

begin

 h1: = FindWindow ('Progman', nil); // Desktop Search

 ShowWindow (h1, sw_hide); // Desktop is hiding

 CloseWindow (h1); // minimize the desktop window

 pass.SetFocus; // move the cursor to the text box

end;

// Minimizing the Desktop window closes the Start system menu if it is open. Ultimately, the user does not have access to the Desktop, the taskbar, the Start menu, and the task manager, however, despite the fact that the (special) application does not have a title, the user can still close it using the <Alt key combination + F4>. To disable this feature, an OnCloseQuery main form event handler is created and the following code is added to it:

procedure TForm1.FormCloseQuery (Sender: TObject; var CanClose: Boolean);

begin

 CanClose: = False;

end;

// Next, the (special) application is provided with autoload by specifying the path to it in the system registry. To work with the registry, a link to the "Registry" module is added to the "uses" section, and then the following OnCreate form event handler is created:

procedure TForm1.FormCreate (Sender; TObject);

var

 Reg: TRegistry; // variable for working with the registry

begin

 Reg: = TRegistry.Create;

 Reg.RootKey: = HKEY_CURRENT_USER; // only for current user

 Reg.OpenKey ('Software \ Microsoft \ Windows \ CurrentVersion \ Run', true); // open the startup section in the registry and write the name and full path to the (special) application

 Reg.WriteString ('Logon', Application.ExeName);

 Reg.CloseKey; // close the registry

 Reg.Free; // memory is freed

end;

In FIG. 8 shows an example of a general-purpose computer system that includes a multi-purpose computing device in the form of a computer 20 or a server, or a module of the system described in the present invention, including a processor 21, system memory 22, and system bus 23 that couples various system components, including system memory with 21 processor.

The system bus 23 may be any of various types of bus structures, including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures. System memory includes read-only memory (ROM) 24 and random access memory (RAM) 25. The ROM 24 stores the basic input / output system 26 (BIOS), consisting of basic routines that help exchange information between elements within the computer 20, for example, at the time of launch.

Computer 20 may also include a hard disk drive 27 for reading from and writing to a hard disk, not shown, a magnetic disk drive 28 for reading from or writing to a removable magnetic disk 29, and an optical disk drive 30 for reading from or recording to a removable optical disc 31 such as a compact disc, a digital video disc, and other optical means. The hard disk drive 27, the magnetic disk drive 28, and the optical disk drive 30 are connected to the system bus 23 by means of the hard disk drive interface 32, the magnetic disk drive interface 33, and the optical drive interface 34, respectively. Storage devices and their respective computer-readable means provide non-volatile storage of computer-readable instructions, data structures, (software) modules and other data for the computer 20.

Although the typical configuration described here uses a hard disk, a removable magnetic disk 29, and a removable optical disk 31, one skilled in the art will appreciate that other types of computer-readable media that can store data that are accessible by a computer may also be used in a typical operating environment. such as magnetic cassettes, flash memory cards, digital video disks, Bernoulli cartridges, random access memory (RAM), read-only memory (ROM), etc.

Various software modules, including operating system 35, may be stored on a hard disk, magnetic disk 29, optical disk 31, ROM 24, or RAM 25. Computer 20 includes a file system 36 associated with or included with the operating system 35 or more software application 37, other program modules 38, and program data 39. A user can enter commands and information into a computer 20 using input devices such as a keyboard 40 and pointing device 42. Other input devices (not shown) may include It includes a microphone, joystick, gamepad, satellite dish, scanner, or any other.

These and other input devices are connected to the processor 21 often through a serial port interface 46 that is connected to the system bus, but can be connected via other interfaces, such as a parallel port, game port, or universal serial bus (USB). A monitor 47 or other type of visual display device (in particular, a data presentation) is also connected to the system bus 23 via an interface, for example, a video adapter 48. In addition to the monitor 47, personal computers typically include other peripheral output devices (not shown), such as speakers and printers.

Computer 20 may operate in a networked environment through logical connections to one or more remote computers 49. The remote computer (or computers) 49 may be another computer, server, router, network PC, peer to peer device, or other node on a single network, and typically also includes includes most or all of the elements described above with respect to computer 20, although only an information storage device 50 is shown. Logical connections include a local area network (LAN) 51 and a global computer network (GCS) ) 52. Such network environments are usually common in institutions, corporate computer networks, and the Internet.

A computer (in particular, a personal computer) 20 used in a LAN network environment is connected to a local area network 51 via a network interface or adapter 53. Computer 20 used in a GKS network environment typically uses a modem 54 or other means to establish communication with a global computer network 52, such as the Internet.

The modem 54, which may be internal or external, is connected to the system bus 23 via the serial port interface 46. In a networked environment, program modules or parts thereof described with reference to computer 20 may be stored on a remote information storage device. It should be noted that the network connections shown are typical, and other means may be used to establish communication communication between computers.

It is worth noting that the proposed device is inexpensive, and, in a particular case, according to various estimates, the cost of the described device does not exceed 10,000 rubles.

The design of the proposed device is technological, and the proposed device uses elements and finished products manufactured industrially, the device is industrially applicable and efficient.

In conclusion, it should be noted that the information provided in the description are examples that do not limit the scope of the present invention defined by the claims. One skilled in the art will recognize that there may be other embodiments of the present invention consistent with the spirit and scope of the present invention.

Claims (45)

1. Device for protection against unauthorized access to data stored on a computer, connected to a computer and containing: - the first section of the device, which is connected with the second section of the device and contains a microcontroller of the first section of the device, and the microcontroller of the first section of the device:  - receives a password for entering the computer system from the computer’s memory, and the password for entering the computer system is entered by the user using an input device connected to the computer using the application user interface element installed on the computer and transferred to the computer memory by the application installed on the computer;  - transmits to the microcontroller of the second section of the device the user-entered password for entering the computer system received from the computer’s memory;  - sends a command to the microcontroller of the second section of the device to compare the password for entering the computer system transmitted from the microcontroller of the first section of the device and the password stored in the microcontroller of the third section of the device and transmitted by the microcontroller of the third section of the device to the microcontroller of the second section of the device, the microcontroller of the second section of the device with using the password comparison node of the second section of the device;  - having received a command to unlock access to the user in the computer system from the microcontroller of the second section of the device, sends the command to the application installed on the computer to unlock access to the user in the computer system after determining the password identity by the microcontroller of the second section of the device using the password comparison node in the password comparison process; - the second section of the device, which is associated with the first section of the device and the third section of the device and contains:  - a microcontroller of the second section of the device, which:  - contains a database of symbols and corresponding values of the positions of the rechords on the axes of the potentiometers of the password comparison node;  - receives a password to enter the computer system from the microcontroller of the first section of the device;  - receives a command to compare passwords from the microcontroller of the first section of the device;  - having received a command to compare passwords from the microcontroller of the first section of the device, it searches for password symbols for entering the computer system in the database received from the microcontroller of the first section of the device, and obtains from the database the values of the rechord positions on the axes of the potentiometers of the password comparison node for password symbols for computer logon;  - transfers the values of the rechord positions on the axes of the potentiometers of the password comparison node for password symbols received from the database to enter the computer system to the first potentiometer of the password comparison node;  - having received a command to compare passwords from the microcontroller of the first section of the device, sends the command to the microcontroller of the third section of the device to retrieve the password stored in the microcontroller of the third section of the device;  - receives a password from the microcontroller of the third section of the device stored in the microcontroller of the third section of the device with which the password is compared for entering the computer system by the microcontroller of the second section of the device using the password comparison node;  - having received from the microcontroller of the third section of the device the password stored in the microcontroller of the third section of the device, searches for the password characters received from the microcontroller of the third section of the device in the database and obtains from the database the values of the rechord positions on the axes of the potentiometers of the password comparison node for the password symbols received from the microcontroller of the third section of the device;  - transfers the values of the positions of the rechords on the axes of the potentiometers of the password comparison node for the password symbols received from the microcontroller of the third section of the device to the second potentiometer of the password comparison node;  - compares the password for entering the system by the computer received from the microcontroller of the first section of the device with the password received from the microcontroller of the third section of the device using the password comparison node, and the passwords are determined by the microcontroller of the second section of the device as identical passwords when the password comparison node is balanced;  - sends a command to unlock access to the user in the computer system in the microcontroller of the first section of the device;  - a password comparison unit, which is connected to the microcontroller of the second section of the device and contains the first potentiometer, second potentiometer, third potentiometer and fourth potentiometer connected to the measuring bridge, and to the first potentiometer by the microcontroller of the second section of the device, the values of the rechord positions on the axes of the potentiometers for password symbols for enter the system of the computer received by the microcontroller in the second section of the device from the microcontroller in the first section of the device, and on the second potentiometer m krokontrollerom second section of the apparatus positions rheochords transmitted values on the axes of the potentiometers password symbols obtained microcontroller device of the second section of the third section of the apparatus of the microcontroller; - the third section of the device, which is connected with the second section of the device and contains a microcontroller, which:  - stores the password, which is the correct password for accessing the computer system and with which the password entered by the user for entering the computer system by the microcontroller of the second section of the device is compared, and the password is written to the microcontroller of the third section of the device using the display connected to the third section of the device;  - having received a command to extract the password stored in the microcontroller of the third section of the device, it extracts the password stored in the microcontroller of the third section of the device and transfers such a password to the microcontroller of the second section of the device. 2. The device according to claim 1, characterized in that the password transmitted to the microcontroller of the first section of the device is stored in the microcontroller of the first section of the device. 3. The device according to claim 1, characterized in that the microcontroller of the third section of the device and the microcontroller of the first section of the device contain a database of symbols and the corresponding values of the positions of the rechords on the axes of the potentiometers and transmit to the microcontroller of the second section of the device the values of the positions of the rechords on the axes of the potentiometers for password symbols corresponding to the characters of such passwords. 4. The device according to claim 2 and 3, characterized in that the microcontroller of the first section of the device stores the user-entered password for entering the computer system in the values of the rechord positions on the axes of the potentiometers and the microcontroller of the third section of the device stores the password recorded in the microcontroller of the third section of the device using connected to the third section of the display device in the values of the positions of the rechords on the axes of the potentiometers. 5. The device according to claim 1, characterized in that the microcontroller of the first section of the device and the microcontroller of the third section of the device pass passwords to the microcontroller of the second section of the device character by character. 6. The device according to claim 1, characterized in that the potentiometers of the password measuring unit are motorized potentiometers. 7. The device according to claim 1, characterized in that the values of the positions of the rechords on the axes of the potentiometers are stored in the database of the values of the positions of the rechords on the axes of the potentiometers in digital values of the number of revolutions of the axes of the potentiometers of the password comparison node. 8. The device according to claim 1, characterized in that the third section of the device is a detachable section of the device from the second section of the device. 9. The device according to claim 1, characterized in that the display connected to the third section of the device is connected to the microcontroller of the third section of the device, and the display is configured to display a password stored in the microcontroller of the third section of the device, and / or with the ability to enter a password by the user, which compares the password for entering the computer system by the microcontroller of the second section of the device using the password comparison node to save the third section of the device in the microcontroller. 10. The device according to claim 1, characterized in that when the microcontroller sends the first section of the device to an application installed on the computer to unlock access to the user in the computer system, access to such a computer system is initially blocked by the application installed on the computer that is downloaded with the computer system. 11. The device according to claim 1, characterized in that the password comparison node is balanced when the values of the rechord positions on the axes of the potentiometers of the measurement node for the password symbols for entering the computer system transferred to the microcontroller of the second section of the device from the microcontroller of the first section of the device match at the first potentiometer, which is part of the measuring bridge, and for the password symbols transmitted to the microcontroller of the second section of the device from the microcontroller of the third section of the device, on the first potentiometer, part of the measuring bridge. 12. The device according to claim 1, characterized in that the display connected to the third section of the device is configured to connect an input device to it or includes an input device. 13. The device according to claim 1, characterized in that the communication between the device and the computer, as well as between the computer and the sections of the device, as well as between sections of the device, system is carried out by means of wired communication and / or wireless communication, including through local computing networks, and / or the Internet, and / or mobile or satellite communications, and / or a USB interface, and / or an RS-232 / COM port standard interface, and / or PCI Express, and / or Bluetooth, and / or Wi-Fi, and / or GSM, 3G, 4G, LTE, trunking, and / or via data channels from supernova kim power, forming the complex wireless networks with mesh topology, and / or the ZigBee and / or terminals and / or wires, and / or soldering and / or riveting. 14. The device according to claim 1, characterized in that the device contains a fourth section of the device, which is connected with the third or second section of the device and contains a microcontroller of the fourth section of the device, which stores lists of allowed and prohibited identifiers of user accounts in the system, and the fourth microcontroller section of the device is associated with a display that connects to the fourth section of the device and allows the user to enter the user account identifier to enter the computer system EPA and / or for storing at least one user account identifier, which compares the entered user ID of the user account to log on to the computer passwords comparison node system. 15. The device according to 14, characterized in that the user account identifier for entering the computer system is entered by the user using the input device connected to the computer using the application user interface element installed on the computer, and transferred to the computer memory by the application installed on the computer . 16. The device according to 14 or 15, characterized in that the user account identifier for entering the computer system is transmitted to the third potentiometer of the password comparison node and the user account identifier stored in the microcontroller of the fourth section of the device with which the user identifier entered is compared user records for entering the computer system, is transmitted to the fourth potentiometer of the password comparison node. 17. The device according to clause 16, characterized in that the transfer of user account identifiers to the third and fourth potentiometers of the password comparison node is carried out after the microcontroller converts the second section of the device of the symbol of user account identifiers into the values of the rechords on the axes of the potentiometers of the password comparison node using the base data. 18. The device according to clause 16, characterized in that the microcontroller of the second section of the device compares the user account ID entered to enter the computer system with at least one user account identifier stored in the list of allowed user account identifiers and / or a list of prohibited user account identifiers using a password comparison node, moreover, user account identifiers are defined are shared by the microcontroller of the second section of the device as identical user account identifiers when the password comparison node is balanced. 19. The device according to 14, characterized in that when comparing user account identifiers with a password comparison node, if the user account identifier entered by the user to enter the computer system:  - is present in the list of allowed user account identifiers, then the user with the application installed on the computer provides access to the computer system;  - is present in the list of forbidden identifiers of user accounts, then the user is not granted access, the application installed on the computer provides access to the computer system;  - is not in the list of prohibited user account identifiers and in the list of allowed user account identifiers, then the user installed on the computer application is given access to the computer system in a protected and / or restricted mode of the system, in an isolated system environment, in a dedicated environment for the user with a computer system. 20. The device according to claim 1, characterized in that the equilibrium of the measuring bridge is achieved when the ratio of the resistance of the second potentiometer to the resistance of the first potentiometer is equal to the ratio of the resistance of the fourth potentiometer to the resistance of the third potentiometer, and this equality is measured by the microcontroller of the second section of the device.

Images