WO2003069476A1 - Method and apparatus for generating an access code - Google Patents

Method and apparatus for generating an access code Download PDF

Info

Publication number
WO2003069476A1
WO2003069476A1 PCT/US2003/004544 US0304544W WO03069476A1 WO 2003069476 A1 WO2003069476 A1 WO 2003069476A1 US 0304544 W US0304544 W US 0304544W WO 03069476 A1 WO03069476 A1 WO 03069476A1
Authority
WO
WIPO (PCT)
Prior art keywords
generating
access code
housing
casing
code
Prior art date
Application number
PCT/US2003/004544
Other languages
French (fr)
Inventor
Mario Houthooft
Original Assignee
Vasco Data Security, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vasco Data Security, Inc. filed Critical Vasco Data Security, Inc.
Priority to EP03716036A priority Critical patent/EP1483643A1/en
Priority to AU2003219763A priority patent/AU2003219763A1/en
Publication of WO2003069476A1 publication Critical patent/WO2003069476A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00658Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys
    • G07C9/00674Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys with switch-buttons
    • G07C9/00698Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys with switch-buttons actuated in function of displayed informations
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/33Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password

Definitions

  • the present invention relates to secure transaction devices, and more particularly to a method and apparatus for generation of a session key or access code by opening the device.
  • table attack a table is built out of the relationship between the stimulus and the response or password generated therefrom. If the system for controlling access is relative static, a table can be built in a relatively short time so that given any particular stimulus, one intent on breaking into the system can determine the appropriate password from the table.
  • time compression This is accomplished by speeding up the clock to generate passwords appropriate to the future so as to more rapidly build a table for one of the other types of attack. Accordingly, when the future time arrives, the password is known and used to break into the system.
  • the present invention is embodied in a device that is analogous to a key in that it is a small portable device that can be conveniently carried by the user and that can be employed to obtain access to computers and software and for secure communications.
  • the key contains solid state or semiconductor electronic elements that can execute one of a plurality of prescribed algorithms to produce a code which the computer receives and which affords access to the computer, computer software, or provides secure communications if the code is correct.
  • the present invention includes a semiconductor device encased within a casing .
  • the operations of the semiconductor device and methods of generating codes are known in the art. Detailed information regarding the operations of the semiconductor device and methods for generating codes can be found in United States Patent No.4,819,267, filed June 6, 1987, United States Patent No. 4,609,777, filed December 23, 1985, issued September 2, 1986,
  • the computer manipulates the current date by an algorithm corresponding to that in the key to produce the internal password.
  • the password generated by the key device is compared to the password generated in the computer before access is allowed to the computer or information stored in the computer.
  • the user activates the device by simply opening the device.
  • a trigger sends an electrical pulse to the code generation device which calculates the session key or access code and displays it on a display.
  • the device includes a timing feature such that the session key or access code is only displayed for a prescribed period of time before the display becomes blank and a user must reactivate the device.
  • One embodiment provides a hardware device that must be employed to gain access to computers and software and for secure communications. Access to the computers and software is achieved by producing and displaying a password which must be input by the user and by arranging the circuitry in the key so that it produces, each time the device is used, a different password in accordance with an algorithm that is virtually impossible to predict.
  • Fig. 1 is a perspective view of a security token of an embodiment of the invention in an open position.
  • Fig. 2 is a top view of the security token shown in Fig. 1 in an open position.
  • Fig. 3 is a side view of the security token shown in Fig. 1 in an open position.
  • Fig. 4 is a perspective view of the active portion of the security token shown in Fig. 1.
  • Fig. 5 is a top view of the active portion of the security token shown in Fig.
  • Fig. 6 is cross-sectional view of the security token of Fig. 1 in a closed position.
  • Fig. 7 is a cross-sectional view of the security token of Fig. 1 in an open position.
  • Fig. 8 depicts a line drawing the active portion of the security token of Fig. 1.
  • Fig. 9 is a top view of the interior chip contained within the security token of
  • Fig. 10 is a view of the underside of the security token of Fig. 1 shown in an open position.
  • Fig. 11 A, 11 B, 1 C and 11 D are a closed top view, a closed bottom view, a closed side view and an opened top view of another embodiment of the invention similar to
  • Fig. 1 shows a perspective view of one embodiment of a security token 100.
  • the security token 100 is comprised of two main components, a cover portion 102 and a active portion 104.
  • the active portion 104 includes a display 106.
  • the display 106 may be an LCD display, LED display, TFT display or any other display type that allows a user to visually perceive the contests of the display 106.
  • the active portion 104 contains a code generation device (not shown).
  • the code generation device is connected to the display 106, such that the display 106 can display the code generated by the code generation device.
  • the cover portion 102 is detachably and slideably coupled to the active portion 104.
  • the cover portion 102 can be moved relative to the active portion 104 between an open position (Fig. 1 , Fig. 11D) and a closed position (Fig. 11A, 11 B, 11C). In an open position, view of the display 106 is unobstructed by the cover portion 102. In a closed position, view of the display 106 is at least partially obstructed by the cover portion
  • the display 106 is completely covered by the cover portion 102 when the security token 100 is in a closed position.
  • the security token when the security token 100 is in a closed position, the security token has a generally elliptical shape when view from the top side (Fig. 11 A).
  • the cover 102 may have a recessed area 108 to accommodate a logo or material to facilitate opening and closing of the security token 100 by a user.
  • the cover portion 102 and the active portion 104 may be formed in any shape. In one embodiment, the cover portion 102 and the active portion 104 are formed to facilitate opening and closing of the device.
  • Fig 2 depicts a top view of the security token 100 shown in Fig. 1.
  • Fig. 2 shows the cover portion 102, the active portion 104 and the display.
  • the active portion 104 has a first lip 202 and the cover portion has a second lip 204.
  • the first and second lips 202, 204 are provided to facilitate opening of the security token 100 and may be formed in any convenient shape.
  • Fig. 3 depicts a side view of the security token 100 shown in Fig. 1.
  • Fig. 3 shows the cover portion 102 and the active portion 104.
  • the active portion is comprised of an upper piece 302 and a lower piece 304.
  • the upper piece and piece of the active portion are sealed together with a code generation device (not shown) and display 106 between them.
  • the upper piece 302 and the lower piece 304 may be detachably coupled or the exterior of the entire active portion 104 may be formed as a single piece.
  • the cover portion 102 is comprised of an upper piece 306 and a lower piece 308.
  • the upper piece 306 and the lower piece 308 are sealed together.
  • the upper piece 306 and the lower piece 308 may be coupled together in a detachable matter or the entire cover portion 102 may be formed as a single piece.
  • the lower piece 308 of the cover portion 102 includes a cantilevered clipping arm 310.
  • the clip arm 310 is attached to the lower piece 308 of the cover portion 102 by a support 312.
  • the back-span portion of the cantilevered clip arm 310 has a spacer 314.
  • the spacer 314 may be absent or attached to the cover portion 102.
  • the design of the cantilevered clipping arm 310 and support 312 can take other forms.
  • Fig.4 is a perspective view of the active portion 104 of the security token 100 separated from the cover.
  • the active portion further includes a position securing latch 402 located on the upper piece 302.
  • the securing latch 402 is a cantilevered segment integral with the top piece 302 of the active portion 104 of the security token that has a protrusion 404 at its distal end.
  • the protrusion 404 is designed to engage securing fixtures (not shown) located within the cover portion of the security token 100 and inhibit movement of the cover portion 102 relative to the active portion 102 of the security token 100.
  • securing fixtures not shown
  • the cover portion 102 and the active portion 104 are temporarily secured relative to each other and the user must provide sufficient force to disengage the protrusion 404 from the securing fixture to move the cover portion 102 relative to the active portion 104 in order to close the device.
  • the protrusion 404 can engage a securing fixture in a similar manner to that described above, to inhibit movement of the device from a closed position to an open position.
  • the securing latches may take varying forms, be located in varying positions or may be absent.
  • the protrusion 404 can provide a clicking noise as the protrusion 404 is dropped into a recess in the cover portion 102.
  • the top piece 302 also includes an aperture 406. The aperture 406 is located such that a triggering portion 408 of the code generation device (not shown) extends through the aperture 406.
  • the embodiment shown in Fig. 4 also includes a second protrusion 410 located on the bottom piece of the active portion 104.
  • the second protrusion 410 is designed to engage a separation prevention fixture (not shown) located within the cover portion 102 when the cover portion 102 is move to a certain position relative to the active portion 104.
  • the second protrusion 410 is designed and located to prevent separation of the cover portion 102 from the active portion 104.
  • the second protrusion may take varying forms, be located in varying positions or may be absent.
  • Fig. 5 is top view of the active portion 104 of the security token 100.
  • Fig. 5 shows the securing latch 402 with a transverse protrusion 404 at the distal end and the aperture 406.
  • Fig. 5 further shows the triggering portion 408 of the code generation device (not shown) extending through the aperture 406.
  • the aperture 406 and the triggering portion 408 are shown adjacent to the securing latch, it should be apparent to those skilled in the art that the locations of these elements may be located in alternate positions.
  • Fig. 6 is a cross-sectional, perspective view of the underside of the security token 100 in a closed position.
  • the section of the top piece 302 of the active portion 104 containing the display 106 is located within the top piece 306 of the cover portion 102.
  • the code generation device 602 is secured to the top piece 302 of the active portion 104 using a plurality of fasteners 604 to ensure movement of the code generation device 602 within the active portion 104 is inhibited.
  • the code generation device may be secured within the active portion 104 in alternate manners.
  • Fig.6 further shows the triggering portion 408 of the code generation device 602 located within a recessed path 606 within the top piece 306 cover portion 102 such that translation within a fixed distance of the cover portion 102 relative to the active portion 104 is possible without the triggering portion 408 of the code generation device 602 coming into contact with any surface.
  • a triggering platform 608 with a curved lead-in ramp 609 located at one end of the recessed path 606.
  • the triggering platform 608 is designed such that when the device is moved into an open position, the triggering portion 408 of the code generation device 602 is depressed thus activating the code generation device and causing the display 106 to display a code calculated in accordance with a prescribed algorithm.
  • the triggering platform may be located in various positions.
  • the code generation device 602 and cover portion 102 may be designed such that release of the triggering portion activates the code generation device and display of the resulting code.
  • Fig. 7 shows the security token described above with reference to Fig. 6 in an open position.
  • depression of the triggering portion 408 provides an electrical pulse to the code generation device 602.
  • This electrical pulse causes the code generation device 602 to calculate a code based on a prescribed algorithm and the calculated code to be displayed on the display 106.
  • the code generation device 602 and the display 106 will only display the calculated code for a prescribed period.
  • the display will become blank and a user will have to close and open the device again to obtain a code from the device. This period can be adjusted in the factory as the device is being build or later on via programming apertures 1002.
  • Fig. 7 further shows a securing fixture 704 located on the inside of the top piece 306 of the cover portion 102.
  • the securing fixture 704 is designed to engage the protrusion 404 in the manner described above with regards to Fig. 4. As described above, the securing fixture 704 may take numerous alternate forms serving the described function.
  • Fig. 8 depicts the active portion 104 of the security token 100.
  • Fig. 8 shows the securing latch 402 with the protrusion 404 at its distal end and the fasteners 604 securing the code generation device 602 within the active portion 104 of the security token 100.
  • Fig. 8 further depicts the triggering portion 408 of the code generation device 602.
  • the triggering portion includes a pivot pin 802 attached to the trigger 804.
  • Fig. 9 shows the code generation device 602 contained within the active portion 104.
  • the code generation device 602 is formed on a single silicon ship and includes the triggering portion 408, a power source 902 and fastening apertures 904.
  • the power source 902 is battery.
  • alternative power sources may be used.
  • the fastening apertures 904 are used to secure the code generation device 602 within the active portion 104 of the security token 100.
  • FIG. 10 shows a perspective view of the underside of the security token 100 in an open position.
  • the bottom piece 304 of the active portion 104 of the security token 100 includes programming apertures 1002.
  • the programming apertures 1002 provide a user limited access to the code generation device 602 and allow a user to perform a number of administrative functions. The user may reset the code generation device 602, disable the code generation device 602, program the code generation device 602 with a seed value, synchronize an internal clock (not shown)of the code generation device 602 with another device, or perform other functions allowed by the code generation device 602. [0050] Fig.
  • FIG. 10 shows the bottom piece 304 of the active portion 104 of the security token 100 having an arced region 1004 and the bottom piece 308 of the cover portion 102 of the security token having a complimentary arced recess 1006.
  • the arced region is designed to accommodate the battery 902 of the code generation device.
  • a smaller battery or alternate power source may be used. Therefore, the arched design of the bottom pieces 304, 308 is not critical.

Abstract

A semiconductor device (100) that functions as a key to control access to a computer or a software program resident in a computer or provides for secure communications is disclosed. The device (100) executes an algorithm that combines a root and a seed to produce a password, when a portion of the device (100) is slid to an open position exposing a display (106) which presents the password. The password is input to the computer. The computer uses an equivalent algorithm to produce a password within the computer. Comparison or other methods are employed to allow access to the computer or computer program or to allow for secure communications. The device (100) is activated and provides a user with a code based on a predetermined algorithm for a prescribed period when a user opens the device (100).

Description

METHOD AND APPARATUS FOR GENERATING AN ACCESS CODE
CLAIM OF PRIORITY [0001] This application claims priority from provisional application "METHOD AND
APPARATUS FOR GENERATING AN ACCESS CODE" Application No. 60/356,888 filed February 13, 2002, and which application is incorporated herein by reference.
CROSS-REFERENCE TO RELATED U.S. PATENTS [0002] The present application is related to the following United States Patents, which Patents are assigned to the owner of the present invention, and which Patents are incorporated by reference herein in their entirety: [0003] United States Patent No. 4,599,489, entitled "SOLID STATE KEY FOR
CONTROLLING ACCESS TO COMPUTER SOFTWARE," filed on February 22, 1984 and issued on July 8, 1986.
[0004] United States Patent No. 4,609,777, entitled "SOLID STATE KEY FOR
CONTROLLING ACCESS TO COMPUTER SOFTWARE," filed on December 23, 1985 and issued on September 2, 1986.
[0005] United States Patent No. 4,819,267, entitled, SOLID STATE KEY FOR
CONTROLLING ACCESS TO COMPUTER SYSTEMS AND TO COMPUTER SOFTWARE AND/OR SECURE COMMUNICATION," filed on June 9, 1987 and issued on April 4, 1989.
FIELD OF INVENTION
[0006] The present invention relates to secure transaction devices, and more particularly to a method and apparatus for generation of a session key or access code by opening the device.
BACKGROUND
[0007] Numerous techniques for limiting access to computer systems (also known as access management) and software (also known as software protection), and for enabling secure communications of data are practiced. In multiuser systems it is typical for each user to have an identification code and/or a password which the user must enter before gaining access to the system. Security of the system can be compromised when an authorized user reveals his or her identification code and/or password to unauthorized persons or the access code is discovered by a systematic attack such as that used by hackers. [0008] Another technique employed, particularly with respectto application software that is provided on magnetic diskettes, is to encode on the diskette a protective routine that prevents the making of usable copies with standard copy methods. This technique has had only moderate success in preventing unauthorized use or unauthorized copying because programs for disabling such protective routines are widely available.
[0009] Further techniques for securing computers, software and communications include the use of seemingly random generated passwords affording the appropriate access. In some systems, these passwords are generated independently of where access is desired and in other systems the random passwords are generated in response to an inquiry or stimulus from the computer, software or communication source to which access is desired.
For these types of systems, there are a number of approaches used by hackers and those intent on stealing valuable information in order to break into the system. One of the approaches is known as the "table attack" or "clear text attack." In the table attack, a table is built out of the relationship between the stimulus and the response or password generated therefrom. If the system for controlling access is relative static, a table can be built in a relatively short time so that given any particular stimulus, one intent on breaking into the system can determine the appropriate password from the table.
[0010] Another approach to break into such systems is known as the "cypher text attack." This approach is appropriate when the response or password results from a known or predictable stimulus. An analysis of the relationship between the stimulus and the response using standard cryptographic analysis techniques allows passwords appropriate to the future to be predicted.
[0011] Still a further approach or attack applicable to time dependent devices is time compression. This is accomplished by speeding up the clock to generate passwords appropriate to the future so as to more rapidly build a table for one of the other types of attack. Accordingly, when the future time arrives, the password is known and used to break into the system.
SUMMARY [0012] The present invention is embodied in a device that is analogous to a key in that it is a small portable device that can be conveniently carried by the user and that can be employed to obtain access to computers and software and for secure communications. The key contains solid state or semiconductor electronic elements that can execute one of a plurality of prescribed algorithms to produce a code which the computer receives and which affords access to the computer, computer software, or provides secure communications if the code is correct. The present invention includes a semiconductor device encased within a casing . The operations of the semiconductor device and methods of generating codes are known in the art. Detailed information regarding the operations of the semiconductor device and methods for generating codes can be found in United States Patent No.4,819,267, filed June 6, 1987, United States Patent No. 4,609,777, filed December 23, 1985, issued September 2, 1986,
United States Patent No. 4,599,489, filed February 22, 1984, issued July 8, 1986, United States Patent Application No. 09/789,197, filed February 20, 2001 and United States Patent Application No. 60/287,858, filed May 1 , 2001 , the assignee of such patents and patent applications being the assignee of the present invention, and which patents and patent applications are incorporated by reference herein in their entirety.
[0013] In order for the software in the computer to be able to produce an internal password for comparison with the user input password, the computer manipulates the current date by an algorithm corresponding to that in the key to produce the internal password. The password generated by the key device is compared to the password generated in the computer before access is allowed to the computer or information stored in the computer.
[0014] The user activates the device by simply opening the device. When the device is opened, a trigger sends an electrical pulse to the code generation device which calculates the session key or access code and displays it on a display. In one embodiment, the device includes a timing feature such that the session key or access code is only displayed for a prescribed period of time before the display becomes blank and a user must reactivate the device.
[0015] One embodiment provides a hardware device that must be employed to gain access to computers and software and for secure communications. Access to the computers and software is achieved by producing and displaying a password which must be input by the user and by arranging the circuitry in the key so that it produces, each time the device is used, a different password in accordance with an algorithm that is virtually impossible to predict.
[0016] Additionally, the advent of large scale integrated circuit technology, such as manifested in existent wristwatches and the like, permits a key to be produced at a moderate cost, particularly when compared to the cost of many software programs, that is long lasting and portable.
[0017] Furthermore, current technology allows digital techniques to be used which afford exponential expansion of the number of possible combinations by merely extending by one or more bits the size of the numbers that the apparatus employs in producing a password. [0018] The foregoing, together with other objects, features and advantages, will be more apparent after referring to the following specification and the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS [0019] The present invention is described with respect to particular exemplary embodiments thereof and reference is accordingly made to the drawings in which:
[0020] Fig. 1 is a perspective view of a security token of an embodiment of the invention in an open position.
[0021] Fig. 2 is a top view of the security token shown in Fig. 1 in an open position. [0022] Fig. 3 is a side view of the security token shown in Fig. 1 in an open position.
[0023] Fig. 4 is a perspective view of the active portion of the security token shown in Fig. 1.
[0024] Fig. 5 is a top view of the active portion of the security token shown in Fig.
1 [0025] Fig. 6 is cross-sectional view of the security token of Fig. 1 in a closed position.
[0026] Fig. 7 is a cross-sectional view of the security token of Fig. 1 in an open position.
[0027] Fig. 8 depicts a line drawing the active portion of the security token of Fig. 1. [0028] Fig. 9 is a top view of the interior chip contained within the security token of
Fig. 1.
[0029] Fig. 10 is a view of the underside of the security token of Fig. 1 shown in an open position.
[0030] Fig. 11 A, 11 B, 1 C and 11 D are a closed top view, a closed bottom view, a closed side view and an opened top view of another embodiment of the invention similar to
Fig. 1.
DETAILED DESCRIPTION [0031] Fig. 1 shows a perspective view of one embodiment of a security token 100. The security token 100 is comprised of two main components, a cover portion 102 and a active portion 104. The active portion 104 includes a display 106. The display 106 may be an LCD display, LED display, TFT display or any other display type that allows a user to visually perceive the contests of the display 106. The active portion 104 contains a code generation device (not shown). The code generation device is connected to the display 106, such that the display 106 can display the code generated by the code generation device. [0032] In one embodiment, the cover portion 102 is detachably and slideably coupled to the active portion 104. The cover portion 102 can be moved relative to the active portion 104 between an open position (Fig. 1 , Fig. 11D) and a closed position (Fig. 11A, 11 B, 11C). In an open position, view of the display 106 is unobstructed by the cover portion 102. In a closed position, view of the display 106 is at least partially obstructed by the cover portion
102. In one embodiment, the display 106 is completely covered by the cover portion 102 when the security token 100 is in a closed position. In the embodiment shown in Fig. 1, when the security token 100 is in a closed position, the security token has a generally elliptical shape when view from the top side (Fig. 11 A). [0033] In one embodiment, the cover 102 may have a recessed area 108 to accommodate a logo or material to facilitate opening and closing of the security token 100 by a user. Additionally, the cover portion 102 and the active portion 104 may be formed in any shape. In one embodiment, the cover portion 102 and the active portion 104 are formed to facilitate opening and closing of the device. [0034] Furthermore, the active portion 104 may be formed in any desirable configuration sufficiently large enough to accommodate the code generation device. [0035] Fig 2 depicts a top view of the security token 100 shown in Fig. 1. Fig. 2 shows the cover portion 102, the active portion 104 and the display. In the embodiment shown in Fig. 2, the active portion 104 has a first lip 202 and the cover portion has a second lip 204. The first and second lips 202, 204 are provided to facilitate opening of the security token 100 and may be formed in any convenient shape.
[0036] Fig. 3 depicts a side view of the security token 100 shown in Fig. 1. Fig. 3 shows the cover portion 102 and the active portion 104. The active portion is comprised of an upper piece 302 and a lower piece 304. In one embodiment, the upper piece and piece of the active portion are sealed together with a code generation device (not shown) and display 106 between them. In alternate embodiments, the upper piece 302 and the lower piece 304 may be detachably coupled or the exterior of the entire active portion 104 may be formed as a single piece. [0037] In one embodiment, the cover portion 102 is comprised of an upper piece 306 and a lower piece 308. In one embodiment, the upper piece 306 and the lower piece 308 are sealed together. However, in alternate embodiments the upper piece 306 and the lower piece 308 may be coupled together in a detachable matter or the entire cover portion 102 may be formed as a single piece. [0038] In the embodiment shown in Fig. 3, the lower piece 308 of the cover portion 102 includes a cantilevered clipping arm 310. The clip arm 310 is attached to the lower piece 308 of the cover portion 102 by a support 312. In one embodiment, the back-span portion of the cantilevered clip arm 310 has a spacer 314. In alternate embodiments, the spacer 314 may be absent or attached to the cover portion 102. Furthermore, the design of the cantilevered clipping arm 310 and support 312 can take other forms. The cantilevered clipping arm 310 and the support 312 may take any form that is convenient that allow a user to attach the security token 100 to either the user's clothing, brief case or any other item. [0039] Fig.4 is a perspective view of the active portion 104 of the security token 100 separated from the cover. In one embodiment, the active portion further includes a position securing latch 402 located on the upper piece 302. In the embodiment shown in Fig. 4, the securing latch 402 is a cantilevered segment integral with the top piece 302 of the active portion 104 of the security token that has a protrusion 404 at its distal end. The protrusion 404 is designed to engage securing fixtures (not shown) located within the cover portion of the security token 100 and inhibit movement of the cover portion 102 relative to the active portion 102 of the security token 100. Thus, when the security token 100 is in an open position, the cover portion 102 and the active portion 104 are temporarily secured relative to each other and the user must provide sufficient force to disengage the protrusion 404 from the securing fixture to move the cover portion 102 relative to the active portion 104 in order to close the device. In the closed position, the protrusion 404 can engage a securing fixture in a similar manner to that described above, to inhibit movement of the device from a closed position to an open position. In alternate embodiments, the securing latches may take varying forms, be located in varying positions or may be absent. When the device is opened or closed, the protrusion 404 can provide a clicking noise as the protrusion 404 is dropped into a recess in the cover portion 102. [0040] In one embodiment, the top piece 302 also includes an aperture 406. The aperture 406 is located such that a triggering portion 408 of the code generation device (not shown) extends through the aperture 406.
[0041] The embodiment shown in Fig. 4 also includes a second protrusion 410 located on the bottom piece of the active portion 104. The second protrusion 410 is designed to engage a separation prevention fixture (not shown) located within the cover portion 102 when the cover portion 102 is move to a certain position relative to the active portion 104.
The second protrusion 410 is designed and located to prevent separation of the cover portion 102 from the active portion 104. In alternate embodiment, the second protrusion may take varying forms, be located in varying positions or may be absent. [0042] Fig. 5 is top view of the active portion 104 of the security token 100. Fig. 5 shows the securing latch 402 with a transverse protrusion 404 at the distal end and the aperture 406. Fig. 5 further shows the triggering portion 408 of the code generation device (not shown) extending through the aperture 406. Although in the embodiments shown in Figs. 4 and 5 the aperture 406 and the triggering portion 408 are shown adjacent to the securing latch, it should be apparent to those skilled in the art that the locations of these elements may be located in alternate positions.
[0043] Fig. 6 is a cross-sectional, perspective view of the underside of the security token 100 in a closed position. In the embodiment shown in Fig. 6, the section of the top piece 302 of the active portion 104 containing the display 106 is located within the top piece 306 of the cover portion 102. The code generation device 602 is secured to the top piece 302 of the active portion 104 using a plurality of fasteners 604 to ensure movement of the code generation device 602 within the active portion 104 is inhibited. In alternate embodiments, the code generation device may be secured within the active portion 104 in alternate manners. [0044] Fig.6 further shows the triggering portion 408 of the code generation device 602 located within a recessed path 606 within the top piece 306 cover portion 102 such that translation within a fixed distance of the cover portion 102 relative to the active portion 104 is possible without the triggering portion 408 of the code generation device 602 coming into contact with any surface. In the embodiment shown in Fig. 6, there is a triggering platform 608 with a curved lead-in ramp 609 located at one end of the recessed path 606. The triggering platform 608 is designed such that when the device is moved into an open position, the triggering portion 408 of the code generation device 602 is depressed thus activating the code generation device and causing the display 106 to display a code calculated in accordance with a prescribed algorithm. In alternate embodiments, the triggering platform may be located in various positions. Furthermore, the code generation device 602 and cover portion 102 may be designed such that release of the triggering portion activates the code generation device and display of the resulting code.
[0045] Fig. 7 shows the security token described above with reference to Fig. 6 in an open position. In the embodiment shown in Fig.7, depression of the triggering portion 408 provides an electrical pulse to the code generation device 602. This electrical pulse causes the code generation device 602 to calculate a code based on a prescribed algorithm and the calculated code to be displayed on the display 106. However, the code generation device 602 and the display 106 will only display the calculated code for a prescribed period. At the expiration of the prescribed period, the display will become blank and a user will have to close and open the device again to obtain a code from the device. This period can be adjusted in the factory as the device is being build or later on via programming apertures 1002. [0046] Fig. 7 further shows a securing fixture 704 located on the inside of the top piece 306 of the cover portion 102. The securing fixture 704 is designed to engage the protrusion 404 in the manner described above with regards to Fig. 4. As described above, the securing fixture 704 may take numerous alternate forms serving the described function. [0047] Fig. 8 depicts the active portion 104 of the security token 100. Fig. 8 shows the securing latch 402 with the protrusion 404 at its distal end and the fasteners 604 securing the code generation device 602 within the active portion 104 of the security token 100. Fig. 8 further depicts the triggering portion 408 of the code generation device 602. In one embodiment, the triggering portion includes a pivot pin 802 attached to the trigger 804. The pressure is applied to the external portion of the triggering portion 408, the trigger 804 pivots around the pivot pin 802 and activates the code generation device. However, alternate embodiments in which the code generation device is otherwise activated are contemplated. [0048] Fig. 9 shows the code generation device 602 contained within the active portion 104. The code generation device 602 is formed on a single silicon ship and includes the triggering portion 408, a power source 902 and fastening apertures 904. In the embodiment shown in Fig. 9, the power source 902 is battery. However, alternative power sources may be used. The fastening apertures 904 are used to secure the code generation device 602 within the active portion 104 of the security token 100. [0049] Fig. 10 shows a perspective view of the underside of the security token 100 in an open position. The bottom piece 304 of the active portion 104 of the security token 100 includes programming apertures 1002. The programming apertures 1002 provide a user limited access to the code generation device 602 and allow a user to perform a number of administrative functions. The user may reset the code generation device 602, disable the code generation device 602, program the code generation device 602 with a seed value, synchronize an internal clock (not shown)of the code generation device 602 with another device, or perform other functions allowed by the code generation device 602. [0050] Fig. 10 shows the bottom piece 304 of the active portion 104 of the security token 100 having an arced region 1004 and the bottom piece 308 of the cover portion 102 of the security token having a complimentary arced recess 1006. In the embodiment shown in Fig. 10, the arced region is designed to accommodate the battery 902 of the code generation device. However, in alternate embodiment a smaller battery or alternate power source may be used. Therefore, the arched design of the bottom pieces 304, 308 is not critical. [0051] The foregoing description of the preferred embodiments of the present invention has been provided for the purposes of illustration and description. It is not intended to be exhaustive or to limit the invention to the precise forms disclosed. Many modifications and variations will be apparent to the practitioner skilled in the art. Embodiments were chosen and described in order to best describe the principles of the invention and its practical application, thereby enabling others skilled in the art to understand the invention, the various embodiments and with various modifications that are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the following claims and their equivalents.

Claims

CLAIMSWhat is claimed is:
1. An apparatus for generating an access code comprising: a code generation device having a display; a first casing; and a second casing containing said code generation device; said second casing being moveably attached to said first casing such that in conjunction with said second casing being in a first position relative to said first casing said code generation device is activated and a code is displayed via said display.
2. The apparatus for generating an access code of claim 1 , wherein said code generation device has a triggering section, said triggering section being actuated when said second casing is in said first position relative to said second casing.
3. The apparatus for generating an access code of claim 2, wherein said triggering section extends through said second casing.
4. The apparatus for generating an access code of claim 3, wherein at least a portion of said second casing is slidably coupled within said opening of said second casing.
5. The apparatus for generating an access code of claim 4, wherein when said first casing is in a position relative to said second casing other than said first position, view of at least a portion of said display is inhibited by said first casing.
6. The apparatus for generating an access code of claim 5, wherein when said first casing is in a second position relative to said second casing, view of said entire display is inhibited.
7. The apparatus for generating an access code of claim 6, wherein in when said first casing is in a second position relative to said second casing, the apparatus has a generally elliptical shape.
8. The apparatus for generating an access code of claim 7 further comprising: a first securing mechanism to at least partially secure said first casing relative to said second casing in said first position.
9. The apparatus for generating an access code of claim 8 further comprising: a second securing mechanism to at least partially secure said first casing relative to said second casing in said second position.
10. The apparatus for generating an access code of claim 9, wherein said first case and said second case are inseparable.
11. The apparatus for generating an access code of claim 1 , wherein said code is displayed is said display for a predetermined period.
12. A method of generating an access code comprising the steps of: opening a security token; calculating an access code in conjunction with the opening of said security token; and displaying said access code when said security token is in an open position.
13. The method of generating an access code described in claim 12 further comprising the step of: limited the during that said access code is displayed.
14. The method of generating an access code described in claim 12, wherein said step of opening a security token includes the step of: moving a first portion of said security token into a first position relative to a second portion of said security token such that a trigger is actuated.
15. The method of generating an access code described in claim 14 further comprising the step of: moveably securing a said first portion of said security token in said first position relative to said second portion of said security token.
16. The method of generating an access code described in claim 15 further comprising the step of: moveably securing a said first portion of said security token in a second position relative to said second portion of said security token such that display of said access code is inhibited.
17. The method of generating an access code described in claim 16 further comprising the step of: coupling said first portion of said security token and said second portion of said security token such that said first portion and said second portion may not be decoupled.
18. An apparatus for generating an access code comprising: a code generation device having a display; a first housing; and a second housing containing said code generation device; said second housing having an aperture such that display is visible through said aperture; said second housing being moveably attached to said first housing such that in conjunction with said second housing being in an open position relative to said first housing said code generation device is activated and a code is displayed via said display.
19. The apparatus for generating an access code of claim 18, wherein said code generation device has a triggering section, said triggering mechanism being actuated when said second housing is in said open position relative to said second housing.
20. The apparatus for generating an access code of claim 19, wherein said triggering mechanism extends through said second housing.
21. The apparatus for generating an access code of claim 20, wherein at least a portion of said second housing is slidably coupled within said opening of said second housing.
22. The apparatus for generating an access code of claim 21 , wherein when said first housing is in a position relative to said second housing other than said open position, view of at least a portion of said display is inhibited by said first housing.
23. The apparatus for generating an access code of claim 22, wherein when said first housing is in a closed position relative to said second housing, view of said entire display is inhibited.
24. The apparatus for generating an access code of claim 23, wherein in when said first housing is in a closed position relative to said second housing, the apparatus has a generally elliptical shape.
25. The apparatus for generating an access code of claim 24 further comprising: a first securing mechanism to at least partially secure said first housing relative to said second housing in said open position.
26. The apparatus for generating an access code of claim 25 further comprising: a second securing mechanism to at least partially secure said first housing relative to said second housing in said closed position.
27. The apparatus for generating an access code of claim 26, wherein said first case and said second case are inseparable.
28. The apparatus for generating an access code of claim 27, wherein said code is displayed is said display for a predetermined period after actuation of said triggering mechanism.
PCT/US2003/004544 2002-02-13 2003-02-12 Method and apparatus for generating an access code WO2003069476A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP03716036A EP1483643A1 (en) 2002-02-13 2003-02-12 Method and apparatus for generating an access code
AU2003219763A AU2003219763A1 (en) 2002-02-13 2003-02-12 Method and apparatus for generating an access code

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US35688802P 2002-02-13 2002-02-13
US60/356,888 2002-02-13

Publications (1)

Publication Number Publication Date
WO2003069476A1 true WO2003069476A1 (en) 2003-08-21

Family

ID=27734699

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2003/004544 WO2003069476A1 (en) 2002-02-13 2003-02-12 Method and apparatus for generating an access code

Country Status (3)

Country Link
EP (1) EP1483643A1 (en)
AU (1) AU2003219763A1 (en)
WO (1) WO2003069476A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7562218B2 (en) 2004-08-17 2009-07-14 Research In Motion Limited Method, system and device for authenticating a user
US7921209B2 (en) 2004-09-22 2011-04-05 Research In Motion Limited Apparatus and method for integrating authentication protocols in the establishment of connections between computing devices
US7921455B2 (en) 2003-07-17 2011-04-05 Authenex, Inc. Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5748889A (en) * 1995-07-18 1998-05-05 Lee S. Weinblatt Monitoring identity of computer users accessing data bases, and storing information about the users and the accessed data base

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5748889A (en) * 1995-07-18 1998-05-05 Lee S. Weinblatt Monitoring identity of computer users accessing data bases, and storing information about the users and the accessed data base

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7921455B2 (en) 2003-07-17 2011-04-05 Authenex, Inc. Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions
US7562218B2 (en) 2004-08-17 2009-07-14 Research In Motion Limited Method, system and device for authenticating a user
US7921209B2 (en) 2004-09-22 2011-04-05 Research In Motion Limited Apparatus and method for integrating authentication protocols in the establishment of connections between computing devices
US8533329B2 (en) 2004-09-22 2013-09-10 Blackberry Limited Apparatus and method for integrating authentication protocols in the establishment of connections between computing devices

Also Published As

Publication number Publication date
AU2003219763A1 (en) 2003-09-04
EP1483643A1 (en) 2004-12-08

Similar Documents

Publication Publication Date Title
US20050113071A1 (en) Mobile terminal, method of controlling the same, and computer program of the same
EP1648109A3 (en) Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
CA3006804C (en) Security interface for a mobile device
US8164419B2 (en) Electronic lock box with time-related data encryption based on user-selected pin
US20060107073A1 (en) System and method for equipment security cable lock interface
US7716383B2 (en) Flash-interfaced fingerprint sensor
US20080246584A1 (en) Locking digital pen
WO2003081400A3 (en) Integrated circuit security and method therefor
SK97797A3 (en) Programmable electronic locking device and a lock, insert and key
CA2326266A1 (en) Device security mechanism based on registered passwords
WO2003048907A2 (en) Protection device for portable computers
EP1296214A3 (en) Method for activating a control unit mounted in a housing protected against unauthorised data access
AU2001258589A1 (en) Security device and article incorporating same
GB2387975B (en) Security cabinet system for controlling with user's id data
GB2360618A (en) Fingerprint reader and method of identification
TWI550435B (en) Control system operated by mobile devices
WO2003093613A3 (en) Security system
WO2003069476A1 (en) Method and apparatus for generating an access code
CN1908354A (en) Trick lock
JP2006330914A (en) Information processor and its control method
WO2001020463A1 (en) Security arrangement
US20030229795A1 (en) Secure assembly of security keyboards
CN108831009A (en) A kind of financial level security password input unit
CA2693318C (en) Multi-level data storage
CN208255884U (en) Laptop

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2003716036

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2003716036

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP

WWW Wipo information: withdrawn in national office

Ref document number: 2003716036

Country of ref document: EP