WO2001063383A1 - Procede d'acces autorise a des ressources de donnees informatiques personnelles - Google Patents
Procede d'acces autorise a des ressources de donnees informatiques personnelles Download PDFInfo
- Publication number
- WO2001063383A1 WO2001063383A1 PCT/BY2000/000002 BY0000002W WO0163383A1 WO 2001063383 A1 WO2001063383 A1 WO 2001063383A1 BY 0000002 W BY0000002 W BY 0000002W WO 0163383 A1 WO0163383 A1 WO 0163383A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- resource
- key
- password
- stored
- restored
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Definitions
- the present invention relates to means for providing authorized access to personal computer data resources.
- the invention may be used for protection of personal computer data from unauthorized access.
- unauthorized access is disallowed by means of a specially selected password.
- a specially selected password As a rule, such a password must be stored in the nonvolatile memory, and may be either read out or collated by a hacker or another unfair person.
- a password or a list of passwords is stored in the computer memory and may be read out by unauthorized person.
- a plurality of all available password variants in practice is limited to a small set of symbols corresponding to the symbols of a common language, which is even more limited by the fact that the choice is always associated with a person selecting a password.
- An ideal password for protection is the password, the length of which is equal to the length of the protected data array or even exceeds its length.
- the password of the kind allows to encode the resource to be protected without using any repeated features, making thereby practically impossible any unauthorized encoding.
- long passwords are difficult to memorize and easy to make a mistake.
- An example of the attempt to agree the contradiction between the requirement of having a long key and the advantage of easy memorizing of a password, may serve the CryptoMania software created in OAO " InfoTeKS" ("Safe protection for the information in files!, By Alexander Kalfa, Computer Press, March 1999".
- This software provides for generating a long licensed password for the software purchaser.
- the user introduces his password, which is composed of a part of words of the associative phrase that is known only to the user.
- a licensed password may be accessible to several users, or it may be stolen.
- a personal password may be matched as well, whereas a probability of selection may be substantially limited due to the fact that a keyboard comprises a limited number of symbols, and groups of symbols constitute parts of words.
- the invention is aimed at solving a problem of the need to have a long password for providing a higher level of protection and a problem of difficulty of memorizing of a long password, as well as a problem of storing a password in the computer memory.
- the problems are solved in the following way.
- the known method for providing protection of personal data resources takes advantage of a password and transformation of the resource by using as a password a fragment of an associative array (notional text) selected by a user.
- the selected fragment is transferred into the main memory and is used as an initiating sequence of symbols, which is transformed according to the encoding algorithm including randomization with chaining up to obtaining a password of a preset length (greater then or equal to the length of the secured resource).
- the initial resource is encoded by the obtained password and is stored in the encoded form, and the initial resource, the password and the selected fragment are deleted from the computer memory.
- the algorithm of transforming of the selected fragment into an encoding password may include randomizing or hashing with chaining.
- the algorithm of transforming of the password may be stored either in the nonvolatile memory or on a separate carrier, which may also serve as an additional access password.
- a notional text of a large length should be used for an associative array.
- This may be a text generally used in the work, a help, a reference book, etc. In this case, it is desirable that the content or/and the structure of the text was well known to the user.
- a real image or a styling one with solitary elements, desktop, homepage, etc. may also be used for the associative array.
- a notional text of a rather large length that is greater than or equal to the length of the resource to be protected.
- the password for encoding the resource was stored in the volatile memory. Unlike other systems for protection from unauthorized access, according to the proposed method, the password for encoding of the resource is deleted from the memory after the resource was encoded.
- the following method for providing access to the personal resource of computer data means that takes advantage of a password and restoring of a resource transformed according to the afore described method, is characterized in that the same fragment of the associated array is selected as a password, the selected fragment is transferred to the nonvolatile memory and is used as an initial sequence of symbols, which is transformed under the preset encoding algorithm up to obtaining a password of a preset length (greater than or equal to the length of the initial text), thereafter the stored resource is decoded with the help of the obtained password and the restored resource is used.
- the method is also characterized in that the password for decoding (restoring) the resource is stored in the volatile memory.
- the password for encoding/restoring the resource is deleted from the
- the password for encoding/restoring the resource is deleted from the volatile memory after restoring the resource, and the selected fragment is stored in the volatile memory.
- the restored resource is stored in the nonvolatile memory, and after termination of work it should be deleted from the memory, or it should be transformed. This is determined by the passive or active mode of use of the resource.
- the restored resource may be stored in the memory within a preset period of time.
- the said resource may be changed in the course of operation, therefore after termination of work with the resource, which was restored and changed during operation, the renewed resource is transformed (encoded) by the stored password, thereafter the password and the restored array are deleted.
- the restored resource When in the process of operation the restored resource is changed, then after termination of work with the restored resource, the resulting (changed) resource is transformed (encoded) by the stored password, thereafter the password and the initial array are deleted, and the anew- encoded resource is stored.
- a password is generated anew, and the resource modified in the course of operation is transformed (encoded), thereafter the password and the resource modified in the process of operation are deleted, while the encoded resource is stored.
- the resource to be protected Under the resource to be protected one should understand a specific array of information, a software or data, which are considered confidential, and therefore are to be protected.
- the resource of that kind is stored in a special region of the computer memory and may be transformed or transferred.
- the resource may also be a database or a specific text or file with a software, image, etc.
- the method is carried out in the following way.
- any notional text or a group of texts available for free access and/or exchange at least in the reading mode is used any notional text or a group of texts available for free access and/or exchange at least in the reading mode.
- This may be a text of any work, an article, an instruction, a help, a reference book, etc.
- the text should be enough long and multiform, so that one was able to select a notional fragment of the required length.
- the text and the fragment from the text used as a password is selected by the user on the principle that the entire text was enough familiar for the user and the selected fragment had an associative meaning.
- an initial data for forming a password one may use a visual and/or notional image of the beginning and of the end of the fragment.
- a password is not the numbers of pages, lines and symbols but rather the total content o ⁇ the fragment.
- the user should memorize neither the whole password, nor its length, etc.
- the user should only remember the location of the source (a file name and a path to the file) and the notional and/or visual content of the password.
- the selected fragment may be also represented as a password or a password phrase.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Document Processing Apparatus (AREA)
Abstract
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/BY2000/000002 WO2001063383A1 (fr) | 2000-02-24 | 2000-02-24 | Procede d'acces autorise a des ressources de donnees informatiques personnelles |
AU2000227873A AU2000227873A1 (en) | 2000-02-24 | 2000-02-24 | Method for providing authorized access to personal computer data resources |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/BY2000/000002 WO2001063383A1 (fr) | 2000-02-24 | 2000-02-24 | Procede d'acces autorise a des ressources de donnees informatiques personnelles |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2001063383A1 true WO2001063383A1 (fr) | 2001-08-30 |
Family
ID=4083751
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/BY2000/000002 WO2001063383A1 (fr) | 2000-02-24 | 2000-02-24 | Procede d'acces autorise a des ressources de donnees informatiques personnelles |
Country Status (2)
Country | Link |
---|---|
AU (1) | AU2000227873A1 (fr) |
WO (1) | WO2001063383A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2010134940A (ja) * | 2001-10-25 | 2010-06-17 | Research In Motion Ltd | エンコードされたメッセージの処理のための多段階システムおよびその方法 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5485519A (en) * | 1991-06-07 | 1996-01-16 | Security Dynamics Technologies, Inc. | Enhanced security for a secure token code |
US5677952A (en) * | 1993-12-06 | 1997-10-14 | International Business Machines Corporation | Method to protect information on a computer storage device |
EP0901060A2 (fr) * | 1997-09-05 | 1999-03-10 | Fujitsu Limited | Dispositif et procédé de commande de données sécurisée |
-
2000
- 2000-02-24 AU AU2000227873A patent/AU2000227873A1/en not_active Abandoned
- 2000-02-24 WO PCT/BY2000/000002 patent/WO2001063383A1/fr active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5485519A (en) * | 1991-06-07 | 1996-01-16 | Security Dynamics Technologies, Inc. | Enhanced security for a secure token code |
US5677952A (en) * | 1993-12-06 | 1997-10-14 | International Business Machines Corporation | Method to protect information on a computer storage device |
EP0901060A2 (fr) * | 1997-09-05 | 1999-03-10 | Fujitsu Limited | Dispositif et procédé de commande de données sécurisée |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2010134940A (ja) * | 2001-10-25 | 2010-06-17 | Research In Motion Ltd | エンコードされたメッセージの処理のための多段階システムおよびその方法 |
US8194857B2 (en) | 2001-10-25 | 2012-06-05 | Research In Motion Limited | Multiple-stage system and method for processing encoded messages |
US20120216032A1 (en) * | 2001-10-25 | 2012-08-23 | Research In Motion Limited | Multiple-stage system and method for processing encoded messages |
US8526618B2 (en) | 2001-10-25 | 2013-09-03 | Research In Motion Limited | Multiple-stage system and method for processing encoded messages |
Also Published As
Publication number | Publication date |
---|---|
AU2000227873A1 (en) | 2001-09-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5425102A (en) | Computer security apparatus with password hints | |
US8561174B2 (en) | Authorization method with hints to the authorization code | |
US5416841A (en) | Cryptography system | |
US9740849B2 (en) | Registration and authentication of computing devices using a digital skeleton key | |
US7739733B2 (en) | Storing digital secrets in a vault | |
US6986050B2 (en) | Computer security method and apparatus | |
US7461399B2 (en) | PIN recovery in a smart card | |
AU674560B2 (en) | A method for premitting digital secret information to be recovered. | |
EP1043862A2 (fr) | Génération de clés cryptographiques répétables basées sur des paramètres variables | |
US20120303965A1 (en) | System for and method of managing access to a system using combinations of user information | |
WO2001077788A2 (fr) | Procede et systeme pour l'acces securise | |
EP3652665B1 (fr) | Procédé d'enregistrement et d'authentification d'un utilisateur d'un système en ligne | |
RU2309450C1 (ru) | Способ защиты частной информации пользователя в системе обработки информации | |
JP2007310819A (ja) | パスワード解析への耐性を高めたパスワード生成方法及びこのパスワードを用いた認証装置 | |
WO2001063383A1 (fr) | Procede d'acces autorise a des ressources de donnees informatiques personnelles | |
EP3729312A1 (fr) | Procédé et dispositif d'authentification | |
WO2004054297A1 (fr) | Generateur de mot de passe a utilisation unique destine a un telephone mobile | |
JPH0239260A (ja) | パスワード制御装置 | |
JP2007336241A (ja) | 電子割符照合システム | |
Stamm | Passwords and Authentication | |
WO2024009052A1 (fr) | Stockage sécurisé de données | |
CN111066013A (zh) | 用于对装置的访问管理的方法和访问系统 | |
Sherfield et al. | Thematic Graphical User Authentication: Graphical User Authentication Using Themed Images on Mobile Devices | |
Highland | QETUOADGJLXVN or the selection and use of passwords for security | |
Joshi et al. | Secure E-mailing System Using Pair Based Scheme and AES with Session Password |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase |