WO2001063383A1 - Procede d'acces autorise a des ressources de donnees informatiques personnelles - Google Patents

Procede d'acces autorise a des ressources de donnees informatiques personnelles Download PDF

Info

Publication number
WO2001063383A1
WO2001063383A1 PCT/BY2000/000002 BY0000002W WO0163383A1 WO 2001063383 A1 WO2001063383 A1 WO 2001063383A1 BY 0000002 W BY0000002 W BY 0000002W WO 0163383 A1 WO0163383 A1 WO 0163383A1
Authority
WO
WIPO (PCT)
Prior art keywords
resource
key
password
stored
restored
Prior art date
Application number
PCT/BY2000/000002
Other languages
English (en)
Inventor
Valentin Alexandrovich Mischenko
Andrei Evgenievich Vatutin
Original Assignee
Mischenko Valentin Alexandrovi
Andrei Evgenievich Vatutin
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mischenko Valentin Alexandrovi, Andrei Evgenievich Vatutin filed Critical Mischenko Valentin Alexandrovi
Priority to PCT/BY2000/000002 priority Critical patent/WO2001063383A1/fr
Priority to AU2000227873A priority patent/AU2000227873A1/en
Publication of WO2001063383A1 publication Critical patent/WO2001063383A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Definitions

  • the present invention relates to means for providing authorized access to personal computer data resources.
  • the invention may be used for protection of personal computer data from unauthorized access.
  • unauthorized access is disallowed by means of a specially selected password.
  • a specially selected password As a rule, such a password must be stored in the nonvolatile memory, and may be either read out or collated by a hacker or another unfair person.
  • a password or a list of passwords is stored in the computer memory and may be read out by unauthorized person.
  • a plurality of all available password variants in practice is limited to a small set of symbols corresponding to the symbols of a common language, which is even more limited by the fact that the choice is always associated with a person selecting a password.
  • An ideal password for protection is the password, the length of which is equal to the length of the protected data array or even exceeds its length.
  • the password of the kind allows to encode the resource to be protected without using any repeated features, making thereby practically impossible any unauthorized encoding.
  • long passwords are difficult to memorize and easy to make a mistake.
  • An example of the attempt to agree the contradiction between the requirement of having a long key and the advantage of easy memorizing of a password, may serve the CryptoMania software created in OAO " InfoTeKS" ("Safe protection for the information in files!, By Alexander Kalfa, Computer Press, March 1999".
  • This software provides for generating a long licensed password for the software purchaser.
  • the user introduces his password, which is composed of a part of words of the associative phrase that is known only to the user.
  • a licensed password may be accessible to several users, or it may be stolen.
  • a personal password may be matched as well, whereas a probability of selection may be substantially limited due to the fact that a keyboard comprises a limited number of symbols, and groups of symbols constitute parts of words.
  • the invention is aimed at solving a problem of the need to have a long password for providing a higher level of protection and a problem of difficulty of memorizing of a long password, as well as a problem of storing a password in the computer memory.
  • the problems are solved in the following way.
  • the known method for providing protection of personal data resources takes advantage of a password and transformation of the resource by using as a password a fragment of an associative array (notional text) selected by a user.
  • the selected fragment is transferred into the main memory and is used as an initiating sequence of symbols, which is transformed according to the encoding algorithm including randomization with chaining up to obtaining a password of a preset length (greater then or equal to the length of the secured resource).
  • the initial resource is encoded by the obtained password and is stored in the encoded form, and the initial resource, the password and the selected fragment are deleted from the computer memory.
  • the algorithm of transforming of the selected fragment into an encoding password may include randomizing or hashing with chaining.
  • the algorithm of transforming of the password may be stored either in the nonvolatile memory or on a separate carrier, which may also serve as an additional access password.
  • a notional text of a large length should be used for an associative array.
  • This may be a text generally used in the work, a help, a reference book, etc. In this case, it is desirable that the content or/and the structure of the text was well known to the user.
  • a real image or a styling one with solitary elements, desktop, homepage, etc. may also be used for the associative array.
  • a notional text of a rather large length that is greater than or equal to the length of the resource to be protected.
  • the password for encoding the resource was stored in the volatile memory. Unlike other systems for protection from unauthorized access, according to the proposed method, the password for encoding of the resource is deleted from the memory after the resource was encoded.
  • the following method for providing access to the personal resource of computer data means that takes advantage of a password and restoring of a resource transformed according to the afore described method, is characterized in that the same fragment of the associated array is selected as a password, the selected fragment is transferred to the nonvolatile memory and is used as an initial sequence of symbols, which is transformed under the preset encoding algorithm up to obtaining a password of a preset length (greater than or equal to the length of the initial text), thereafter the stored resource is decoded with the help of the obtained password and the restored resource is used.
  • the method is also characterized in that the password for decoding (restoring) the resource is stored in the volatile memory.
  • the password for encoding/restoring the resource is deleted from the
  • the password for encoding/restoring the resource is deleted from the volatile memory after restoring the resource, and the selected fragment is stored in the volatile memory.
  • the restored resource is stored in the nonvolatile memory, and after termination of work it should be deleted from the memory, or it should be transformed. This is determined by the passive or active mode of use of the resource.
  • the restored resource may be stored in the memory within a preset period of time.
  • the said resource may be changed in the course of operation, therefore after termination of work with the resource, which was restored and changed during operation, the renewed resource is transformed (encoded) by the stored password, thereafter the password and the restored array are deleted.
  • the restored resource When in the process of operation the restored resource is changed, then after termination of work with the restored resource, the resulting (changed) resource is transformed (encoded) by the stored password, thereafter the password and the initial array are deleted, and the anew- encoded resource is stored.
  • a password is generated anew, and the resource modified in the course of operation is transformed (encoded), thereafter the password and the resource modified in the process of operation are deleted, while the encoded resource is stored.
  • the resource to be protected Under the resource to be protected one should understand a specific array of information, a software or data, which are considered confidential, and therefore are to be protected.
  • the resource of that kind is stored in a special region of the computer memory and may be transformed or transferred.
  • the resource may also be a database or a specific text or file with a software, image, etc.
  • the method is carried out in the following way.
  • any notional text or a group of texts available for free access and/or exchange at least in the reading mode is used any notional text or a group of texts available for free access and/or exchange at least in the reading mode.
  • This may be a text of any work, an article, an instruction, a help, a reference book, etc.
  • the text should be enough long and multiform, so that one was able to select a notional fragment of the required length.
  • the text and the fragment from the text used as a password is selected by the user on the principle that the entire text was enough familiar for the user and the selected fragment had an associative meaning.
  • an initial data for forming a password one may use a visual and/or notional image of the beginning and of the end of the fragment.
  • a password is not the numbers of pages, lines and symbols but rather the total content o ⁇ the fragment.
  • the user should memorize neither the whole password, nor its length, etc.
  • the user should only remember the location of the source (a file name and a path to the file) and the notional and/or visual content of the password.
  • the selected fragment may be also represented as a password or a password phrase.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Document Processing Apparatus (AREA)

Abstract

L'invention concerne un procédé permettant l'accès autorisé à des ressources de données informatiques personnelles, dans lequel un utilisateur sélectionne un mot de passe sous forme d'un segment d'un texte long. Ce segment sélectionné est transformé en une clé servant à l'encodage des ressources de données utilisées. Les données sont stockées en mémoire sous la forme codée. Ce procédé fournit une clé longue pour encoder les ressources utilisées, et assure une mémorisation facile d'un long mot de passe selon des caractéristiques associatives.
PCT/BY2000/000002 2000-02-24 2000-02-24 Procede d'acces autorise a des ressources de donnees informatiques personnelles WO2001063383A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/BY2000/000002 WO2001063383A1 (fr) 2000-02-24 2000-02-24 Procede d'acces autorise a des ressources de donnees informatiques personnelles
AU2000227873A AU2000227873A1 (en) 2000-02-24 2000-02-24 Method for providing authorized access to personal computer data resources

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/BY2000/000002 WO2001063383A1 (fr) 2000-02-24 2000-02-24 Procede d'acces autorise a des ressources de donnees informatiques personnelles

Publications (1)

Publication Number Publication Date
WO2001063383A1 true WO2001063383A1 (fr) 2001-08-30

Family

ID=4083751

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/BY2000/000002 WO2001063383A1 (fr) 2000-02-24 2000-02-24 Procede d'acces autorise a des ressources de donnees informatiques personnelles

Country Status (2)

Country Link
AU (1) AU2000227873A1 (fr)
WO (1) WO2001063383A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010134940A (ja) * 2001-10-25 2010-06-17 Research In Motion Ltd エンコードされたメッセージの処理のための多段階システムおよびその方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5485519A (en) * 1991-06-07 1996-01-16 Security Dynamics Technologies, Inc. Enhanced security for a secure token code
US5677952A (en) * 1993-12-06 1997-10-14 International Business Machines Corporation Method to protect information on a computer storage device
EP0901060A2 (fr) * 1997-09-05 1999-03-10 Fujitsu Limited Dispositif et procédé de commande de données sécurisée

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5485519A (en) * 1991-06-07 1996-01-16 Security Dynamics Technologies, Inc. Enhanced security for a secure token code
US5677952A (en) * 1993-12-06 1997-10-14 International Business Machines Corporation Method to protect information on a computer storage device
EP0901060A2 (fr) * 1997-09-05 1999-03-10 Fujitsu Limited Dispositif et procédé de commande de données sécurisée

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010134940A (ja) * 2001-10-25 2010-06-17 Research In Motion Ltd エンコードされたメッセージの処理のための多段階システムおよびその方法
US8194857B2 (en) 2001-10-25 2012-06-05 Research In Motion Limited Multiple-stage system and method for processing encoded messages
US20120216032A1 (en) * 2001-10-25 2012-08-23 Research In Motion Limited Multiple-stage system and method for processing encoded messages
US8526618B2 (en) 2001-10-25 2013-09-03 Research In Motion Limited Multiple-stage system and method for processing encoded messages

Also Published As

Publication number Publication date
AU2000227873A1 (en) 2001-09-03

Similar Documents

Publication Publication Date Title
US5425102A (en) Computer security apparatus with password hints
US8561174B2 (en) Authorization method with hints to the authorization code
US5416841A (en) Cryptography system
US9740849B2 (en) Registration and authentication of computing devices using a digital skeleton key
US7739733B2 (en) Storing digital secrets in a vault
US6986050B2 (en) Computer security method and apparatus
US7461399B2 (en) PIN recovery in a smart card
AU674560B2 (en) A method for premitting digital secret information to be recovered.
EP1043862A2 (fr) Génération de clés cryptographiques répétables basées sur des paramètres variables
US20120303965A1 (en) System for and method of managing access to a system using combinations of user information
WO2001077788A2 (fr) Procede et systeme pour l'acces securise
EP3652665B1 (fr) Procédé d'enregistrement et d'authentification d'un utilisateur d'un système en ligne
RU2309450C1 (ru) Способ защиты частной информации пользователя в системе обработки информации
JP2007310819A (ja) パスワード解析への耐性を高めたパスワード生成方法及びこのパスワードを用いた認証装置
WO2001063383A1 (fr) Procede d'acces autorise a des ressources de donnees informatiques personnelles
EP3729312A1 (fr) Procédé et dispositif d'authentification
WO2004054297A1 (fr) Generateur de mot de passe a utilisation unique destine a un telephone mobile
JPH0239260A (ja) パスワード制御装置
JP2007336241A (ja) 電子割符照合システム
Stamm Passwords and Authentication
WO2024009052A1 (fr) Stockage sécurisé de données
CN111066013A (zh) 用于对装置的访问管理的方法和访问系统
Sherfield et al. Thematic Graphical User Authentication: Graphical User Authentication Using Themed Images on Mobile Devices
Highland QETUOADGJLXVN or the selection and use of passwords for security
Joshi et al. Secure E-mailing System Using Pair Based Scheme and AES with Session Password

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase