WO2003069476A1 - Method and apparatus for generating an access code - Google Patents
Method and apparatus for generating an access code Download PDFInfo
- Publication number
- WO2003069476A1 WO2003069476A1 PCT/US2003/004544 US0304544W WO03069476A1 WO 2003069476 A1 WO2003069476 A1 WO 2003069476A1 US 0304544 W US0304544 W US 0304544W WO 03069476 A1 WO03069476 A1 WO 03069476A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- generating
- access code
- housing
- casing
- code
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00658—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys
- G07C9/00674—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys with switch-buttons
- G07C9/00698—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys with switch-buttons actuated in function of displayed informations
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/30—Individual registration on entry or exit not involving the use of a pass
- G07C9/32—Individual registration on entry or exit not involving the use of a pass in combination with an identity check
- G07C9/33—Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
Definitions
- the present invention relates to secure transaction devices, and more particularly to a method and apparatus for generation of a session key or access code by opening the device.
- table attack a table is built out of the relationship between the stimulus and the response or password generated therefrom. If the system for controlling access is relative static, a table can be built in a relatively short time so that given any particular stimulus, one intent on breaking into the system can determine the appropriate password from the table.
- time compression This is accomplished by speeding up the clock to generate passwords appropriate to the future so as to more rapidly build a table for one of the other types of attack. Accordingly, when the future time arrives, the password is known and used to break into the system.
- the present invention is embodied in a device that is analogous to a key in that it is a small portable device that can be conveniently carried by the user and that can be employed to obtain access to computers and software and for secure communications.
- the key contains solid state or semiconductor electronic elements that can execute one of a plurality of prescribed algorithms to produce a code which the computer receives and which affords access to the computer, computer software, or provides secure communications if the code is correct.
- the present invention includes a semiconductor device encased within a casing .
- the operations of the semiconductor device and methods of generating codes are known in the art. Detailed information regarding the operations of the semiconductor device and methods for generating codes can be found in United States Patent No.4,819,267, filed June 6, 1987, United States Patent No. 4,609,777, filed December 23, 1985, issued September 2, 1986,
- the computer manipulates the current date by an algorithm corresponding to that in the key to produce the internal password.
- the password generated by the key device is compared to the password generated in the computer before access is allowed to the computer or information stored in the computer.
- the user activates the device by simply opening the device.
- a trigger sends an electrical pulse to the code generation device which calculates the session key or access code and displays it on a display.
- the device includes a timing feature such that the session key or access code is only displayed for a prescribed period of time before the display becomes blank and a user must reactivate the device.
- One embodiment provides a hardware device that must be employed to gain access to computers and software and for secure communications. Access to the computers and software is achieved by producing and displaying a password which must be input by the user and by arranging the circuitry in the key so that it produces, each time the device is used, a different password in accordance with an algorithm that is virtually impossible to predict.
- Fig. 1 is a perspective view of a security token of an embodiment of the invention in an open position.
- Fig. 2 is a top view of the security token shown in Fig. 1 in an open position.
- Fig. 3 is a side view of the security token shown in Fig. 1 in an open position.
- Fig. 4 is a perspective view of the active portion of the security token shown in Fig. 1.
- Fig. 5 is a top view of the active portion of the security token shown in Fig.
- Fig. 6 is cross-sectional view of the security token of Fig. 1 in a closed position.
- Fig. 7 is a cross-sectional view of the security token of Fig. 1 in an open position.
- Fig. 8 depicts a line drawing the active portion of the security token of Fig. 1.
- Fig. 9 is a top view of the interior chip contained within the security token of
- Fig. 10 is a view of the underside of the security token of Fig. 1 shown in an open position.
- Fig. 11 A, 11 B, 1 C and 11 D are a closed top view, a closed bottom view, a closed side view and an opened top view of another embodiment of the invention similar to
- Fig. 1 shows a perspective view of one embodiment of a security token 100.
- the security token 100 is comprised of two main components, a cover portion 102 and a active portion 104.
- the active portion 104 includes a display 106.
- the display 106 may be an LCD display, LED display, TFT display or any other display type that allows a user to visually perceive the contests of the display 106.
- the active portion 104 contains a code generation device (not shown).
- the code generation device is connected to the display 106, such that the display 106 can display the code generated by the code generation device.
- the cover portion 102 is detachably and slideably coupled to the active portion 104.
- the cover portion 102 can be moved relative to the active portion 104 between an open position (Fig. 1 , Fig. 11D) and a closed position (Fig. 11A, 11 B, 11C). In an open position, view of the display 106 is unobstructed by the cover portion 102. In a closed position, view of the display 106 is at least partially obstructed by the cover portion
- the display 106 is completely covered by the cover portion 102 when the security token 100 is in a closed position.
- the security token when the security token 100 is in a closed position, the security token has a generally elliptical shape when view from the top side (Fig. 11 A).
- the cover 102 may have a recessed area 108 to accommodate a logo or material to facilitate opening and closing of the security token 100 by a user.
- the cover portion 102 and the active portion 104 may be formed in any shape. In one embodiment, the cover portion 102 and the active portion 104 are formed to facilitate opening and closing of the device.
- Fig 2 depicts a top view of the security token 100 shown in Fig. 1.
- Fig. 2 shows the cover portion 102, the active portion 104 and the display.
- the active portion 104 has a first lip 202 and the cover portion has a second lip 204.
- the first and second lips 202, 204 are provided to facilitate opening of the security token 100 and may be formed in any convenient shape.
- Fig. 3 depicts a side view of the security token 100 shown in Fig. 1.
- Fig. 3 shows the cover portion 102 and the active portion 104.
- the active portion is comprised of an upper piece 302 and a lower piece 304.
- the upper piece and piece of the active portion are sealed together with a code generation device (not shown) and display 106 between them.
- the upper piece 302 and the lower piece 304 may be detachably coupled or the exterior of the entire active portion 104 may be formed as a single piece.
- the cover portion 102 is comprised of an upper piece 306 and a lower piece 308.
- the upper piece 306 and the lower piece 308 are sealed together.
- the upper piece 306 and the lower piece 308 may be coupled together in a detachable matter or the entire cover portion 102 may be formed as a single piece.
- the lower piece 308 of the cover portion 102 includes a cantilevered clipping arm 310.
- the clip arm 310 is attached to the lower piece 308 of the cover portion 102 by a support 312.
- the back-span portion of the cantilevered clip arm 310 has a spacer 314.
- the spacer 314 may be absent or attached to the cover portion 102.
- the design of the cantilevered clipping arm 310 and support 312 can take other forms.
- Fig.4 is a perspective view of the active portion 104 of the security token 100 separated from the cover.
- the active portion further includes a position securing latch 402 located on the upper piece 302.
- the securing latch 402 is a cantilevered segment integral with the top piece 302 of the active portion 104 of the security token that has a protrusion 404 at its distal end.
- the protrusion 404 is designed to engage securing fixtures (not shown) located within the cover portion of the security token 100 and inhibit movement of the cover portion 102 relative to the active portion 102 of the security token 100.
- securing fixtures not shown
- the cover portion 102 and the active portion 104 are temporarily secured relative to each other and the user must provide sufficient force to disengage the protrusion 404 from the securing fixture to move the cover portion 102 relative to the active portion 104 in order to close the device.
- the protrusion 404 can engage a securing fixture in a similar manner to that described above, to inhibit movement of the device from a closed position to an open position.
- the securing latches may take varying forms, be located in varying positions or may be absent.
- the protrusion 404 can provide a clicking noise as the protrusion 404 is dropped into a recess in the cover portion 102.
- the top piece 302 also includes an aperture 406. The aperture 406 is located such that a triggering portion 408 of the code generation device (not shown) extends through the aperture 406.
- the embodiment shown in Fig. 4 also includes a second protrusion 410 located on the bottom piece of the active portion 104.
- the second protrusion 410 is designed to engage a separation prevention fixture (not shown) located within the cover portion 102 when the cover portion 102 is move to a certain position relative to the active portion 104.
- the second protrusion 410 is designed and located to prevent separation of the cover portion 102 from the active portion 104.
- the second protrusion may take varying forms, be located in varying positions or may be absent.
- Fig. 5 is top view of the active portion 104 of the security token 100.
- Fig. 5 shows the securing latch 402 with a transverse protrusion 404 at the distal end and the aperture 406.
- Fig. 5 further shows the triggering portion 408 of the code generation device (not shown) extending through the aperture 406.
- the aperture 406 and the triggering portion 408 are shown adjacent to the securing latch, it should be apparent to those skilled in the art that the locations of these elements may be located in alternate positions.
- Fig. 6 is a cross-sectional, perspective view of the underside of the security token 100 in a closed position.
- the section of the top piece 302 of the active portion 104 containing the display 106 is located within the top piece 306 of the cover portion 102.
- the code generation device 602 is secured to the top piece 302 of the active portion 104 using a plurality of fasteners 604 to ensure movement of the code generation device 602 within the active portion 104 is inhibited.
- the code generation device may be secured within the active portion 104 in alternate manners.
- Fig.6 further shows the triggering portion 408 of the code generation device 602 located within a recessed path 606 within the top piece 306 cover portion 102 such that translation within a fixed distance of the cover portion 102 relative to the active portion 104 is possible without the triggering portion 408 of the code generation device 602 coming into contact with any surface.
- a triggering platform 608 with a curved lead-in ramp 609 located at one end of the recessed path 606.
- the triggering platform 608 is designed such that when the device is moved into an open position, the triggering portion 408 of the code generation device 602 is depressed thus activating the code generation device and causing the display 106 to display a code calculated in accordance with a prescribed algorithm.
- the triggering platform may be located in various positions.
- the code generation device 602 and cover portion 102 may be designed such that release of the triggering portion activates the code generation device and display of the resulting code.
- Fig. 7 shows the security token described above with reference to Fig. 6 in an open position.
- depression of the triggering portion 408 provides an electrical pulse to the code generation device 602.
- This electrical pulse causes the code generation device 602 to calculate a code based on a prescribed algorithm and the calculated code to be displayed on the display 106.
- the code generation device 602 and the display 106 will only display the calculated code for a prescribed period.
- the display will become blank and a user will have to close and open the device again to obtain a code from the device. This period can be adjusted in the factory as the device is being build or later on via programming apertures 1002.
- Fig. 7 further shows a securing fixture 704 located on the inside of the top piece 306 of the cover portion 102.
- the securing fixture 704 is designed to engage the protrusion 404 in the manner described above with regards to Fig. 4. As described above, the securing fixture 704 may take numerous alternate forms serving the described function.
- Fig. 8 depicts the active portion 104 of the security token 100.
- Fig. 8 shows the securing latch 402 with the protrusion 404 at its distal end and the fasteners 604 securing the code generation device 602 within the active portion 104 of the security token 100.
- Fig. 8 further depicts the triggering portion 408 of the code generation device 602.
- the triggering portion includes a pivot pin 802 attached to the trigger 804.
- Fig. 9 shows the code generation device 602 contained within the active portion 104.
- the code generation device 602 is formed on a single silicon ship and includes the triggering portion 408, a power source 902 and fastening apertures 904.
- the power source 902 is battery.
- alternative power sources may be used.
- the fastening apertures 904 are used to secure the code generation device 602 within the active portion 104 of the security token 100.
- FIG. 10 shows a perspective view of the underside of the security token 100 in an open position.
- the bottom piece 304 of the active portion 104 of the security token 100 includes programming apertures 1002.
- the programming apertures 1002 provide a user limited access to the code generation device 602 and allow a user to perform a number of administrative functions. The user may reset the code generation device 602, disable the code generation device 602, program the code generation device 602 with a seed value, synchronize an internal clock (not shown)of the code generation device 602 with another device, or perform other functions allowed by the code generation device 602. [0050] Fig.
- FIG. 10 shows the bottom piece 304 of the active portion 104 of the security token 100 having an arced region 1004 and the bottom piece 308 of the cover portion 102 of the security token having a complimentary arced recess 1006.
- the arced region is designed to accommodate the battery 902 of the code generation device.
- a smaller battery or alternate power source may be used. Therefore, the arched design of the bottom pieces 304, 308 is not critical.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP03716036A EP1483643A1 (en) | 2002-02-13 | 2003-02-12 | Method and apparatus for generating an access code |
AU2003219763A AU2003219763A1 (en) | 2002-02-13 | 2003-02-12 | Method and apparatus for generating an access code |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US35688802P | 2002-02-13 | 2002-02-13 | |
US60/356,888 | 2002-02-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2003069476A1 true WO2003069476A1 (en) | 2003-08-21 |
Family
ID=27734699
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2003/004544 WO2003069476A1 (en) | 2002-02-13 | 2003-02-12 | Method and apparatus for generating an access code |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP1483643A1 (en) |
AU (1) | AU2003219763A1 (en) |
WO (1) | WO2003069476A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7562218B2 (en) | 2004-08-17 | 2009-07-14 | Research In Motion Limited | Method, system and device for authenticating a user |
US7921209B2 (en) | 2004-09-22 | 2011-04-05 | Research In Motion Limited | Apparatus and method for integrating authentication protocols in the establishment of connections between computing devices |
US7921455B2 (en) | 2003-07-17 | 2011-04-05 | Authenex, Inc. | Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5748889A (en) * | 1995-07-18 | 1998-05-05 | Lee S. Weinblatt | Monitoring identity of computer users accessing data bases, and storing information about the users and the accessed data base |
-
2003
- 2003-02-12 EP EP03716036A patent/EP1483643A1/en not_active Withdrawn
- 2003-02-12 AU AU2003219763A patent/AU2003219763A1/en not_active Abandoned
- 2003-02-12 WO PCT/US2003/004544 patent/WO2003069476A1/en not_active Application Discontinuation
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5748889A (en) * | 1995-07-18 | 1998-05-05 | Lee S. Weinblatt | Monitoring identity of computer users accessing data bases, and storing information about the users and the accessed data base |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7921455B2 (en) | 2003-07-17 | 2011-04-05 | Authenex, Inc. | Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions |
US7562218B2 (en) | 2004-08-17 | 2009-07-14 | Research In Motion Limited | Method, system and device for authenticating a user |
US7921209B2 (en) | 2004-09-22 | 2011-04-05 | Research In Motion Limited | Apparatus and method for integrating authentication protocols in the establishment of connections between computing devices |
US8533329B2 (en) | 2004-09-22 | 2013-09-10 | Blackberry Limited | Apparatus and method for integrating authentication protocols in the establishment of connections between computing devices |
Also Published As
Publication number | Publication date |
---|---|
AU2003219763A1 (en) | 2003-09-04 |
EP1483643A1 (en) | 2004-12-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20050113071A1 (en) | Mobile terminal, method of controlling the same, and computer program of the same | |
EP1648109A3 (en) | Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function | |
CA3006804C (en) | Security interface for a mobile device | |
US8164419B2 (en) | Electronic lock box with time-related data encryption based on user-selected pin | |
US20060107073A1 (en) | System and method for equipment security cable lock interface | |
US7716383B2 (en) | Flash-interfaced fingerprint sensor | |
US20080246584A1 (en) | Locking digital pen | |
WO2003081400A3 (en) | Integrated circuit security and method therefor | |
SK97797A3 (en) | Programmable electronic locking device and a lock, insert and key | |
CA2326266A1 (en) | Device security mechanism based on registered passwords | |
WO2003048907A2 (en) | Protection device for portable computers | |
EP1296214A3 (en) | Method for activating a control unit mounted in a housing protected against unauthorised data access | |
AU2001258589A1 (en) | Security device and article incorporating same | |
GB2387975B (en) | Security cabinet system for controlling with user's id data | |
GB2360618A (en) | Fingerprint reader and method of identification | |
TWI550435B (en) | Control system operated by mobile devices | |
WO2003093613A3 (en) | Security system | |
WO2003069476A1 (en) | Method and apparatus for generating an access code | |
CN1908354A (en) | Trick lock | |
JP2006330914A (en) | Information processor and its control method | |
WO2001020463A1 (en) | Security arrangement | |
US20030229795A1 (en) | Secure assembly of security keyboards | |
CN108831009A (en) | A kind of financial level security password input unit | |
CA2693318C (en) | Multi-level data storage | |
CN208255884U (en) | Laptop |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2003716036 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 2003716036 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: JP |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: JP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2003716036 Country of ref document: EP |