WO2004097607A1 - Systeme de gestion et reproduction d'un mot de passe - Google Patents
Systeme de gestion et reproduction d'un mot de passe Download PDFInfo
- Publication number
- WO2004097607A1 WO2004097607A1 PCT/IE2004/000061 IE2004000061W WO2004097607A1 WO 2004097607 A1 WO2004097607 A1 WO 2004097607A1 IE 2004000061 W IE2004000061 W IE 2004000061W WO 2004097607 A1 WO2004097607 A1 WO 2004097607A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- password
- target
- pbx
- management system
- target system
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
Definitions
- the present invention relates to a password management and replication system and in particular a system for:
- PBX private branch exchange
- a private branch exchange is a phone switch serving a business organisation that is usually located on the organisation's premises.
- a PBX is owned and operated by the organisation rather than a telephone company (which may however, be a supplier or a service provider to the organisation) .
- a PBX provides services including internal calling and access to the public switched telephone network (PSTN) .
- PSTN public switched telephone network
- a PBX switches calls between an organisation's users on local lines whilst allowing all its users to share a number of external phone lines.
- the main function of a PBX is to save an organisation the cost of requiring a line for each user to the telephone company's central office.
- PBX systems have dramatically changed since those early days and are now typically digital in nature with stored programme control systems.
- This fundamental change in the underlying technology of PBX systems has dramatically changed the range of facilities offered by modern PBX systems, so that now after more than twenty years of stored programme control development, PBX systems can now provide more features and functions than any one customer probably needs.
- the increased range of services e.g. voicemail, integrated services digital network (ISDN) , direct inwards system access (DISA) , external call forward and remote system access
- ISDN integrated services digital network
- DISA direct inwards system access
- external call forward and remote system access e.g. voicemail, integrated services digital network (ISDN) , direct inwards system access (DISA) , external call forward and remote system access
- Phreaking refers to (a) the theft of telecommunications e.g. by making stolen long distance or trunk telephone calls or (b) in general to the process of security cracking in any other context (especially, but not exclusively, on telecommunications networks) .
- Phreakers can gain access to PBX systems through a number of routes including administration and maintenance ports and the use of through dialling features on the PBX systems.
- PBX systems allow for some sort of through dialling capability.
- One such facility basically allows calls to be placed to an outside number from the PBX system if the user can identify themselves as an authorised user through the voicemail system.
- Another through dialling feature namely direct inward system access (DISA) lines
- DISA direct inward system access
- DISA lines allow employees to call a local or toll free line into a PBX system and on entering a security code use the PBX system to dial long distance calls that are billed back to the main PBX location.
- this feature can be very useful for staff who travel frequently, who can use a DISA number to allow them to access their organisation's PBX system from any telephone and use the PBX system to access corporate sites rather than the more expensive public long-distance network
- DISA lines also represent a significant security risk to the organisation's PBX system. It is clear that if a user's DISA security codes were obtained by an unauthorised person it could lead to significant toll fraud.
- Phreakers can illegally access the remote maintenance port and carry out reprogramming to establish previously described access routes and disable reporting features of the target system, such as call detail recording. Since attacks on PBX systems can originate outside the country in which the target PBX is located and phreakers typically cover their trails by way of complicated chains of PBX hacking, it may prove extremely difficult to identify the responsible party, should a PBX system be hacked into.
- Call selling is a process in which fraudsters who have gained illegal access to a PBX system sell high tariff calls below their true market value. Such call selling operations have been uncovered in numerous places around the world and in many cases have cost the PBX system owners thousands of dollars.
- PBX systems are typically supplied by a vendor with a set of default passwords.
- the number of passwords required to gain access to a PBX system depends on the specific system in question but in general, most PBX systems employ at least two levels of passwords.
- a PBX system When a PBX system is installed at a client's premises, the default passwords are changed by the vendor installation and engineering staff. The resulting passwords must be used in all subsequent procedures in which access to the system is required (e.g. routine maintenance, fault diagnosis and specific programming to reflect personnel movements within the client organisation, additions and changes to the system) . In such circumstances, a PBX system is typically accessed either (a) remotely via a modem which is connected to the remote access maintenance port, or (b) by on-site engineering staff connecting directly to the system maintenance port .
- PBX systems which are connected to the customers' local area network (LAN) can be accessed during a TELNET session in which the engineer selects the system's PBX Internet Protocol (IP) address and manually inputs the PBX password.
- IP Internet Protocol
- vendors also face the problem of ensuring that the passwords remain private.
- the vendor's engineering staff must know the password to a PBX system, in order to perform routine maintenance etc. on the system.
- the passwords may become known outside the vendor's company, thereby increasing the risk of hacking into a vendor's PBX system.
- the vendor typically uses the same password on most of his PBX installations, a departing employee with knowledge of the password is taking with them know-how of some substantial value. In particular, the vendor may suffer substantial revenue loss if the departing employee offers his services to the vendor's customer base.
- a password management system comprising a password changing means which in turn comprises a password generating means and a password communication means, wherein an at least one password generated by the password generating means is communicated by the password communication means to a target system.
- the target system is a telecommunications system.
- the target system is a PBX system.
- the password management system further comprises a password replication means.
- the password replication means employs the password generating means to generate a replica of the at least one current-, password of the target system.
- the password replication means employs the date of a password replication request together with an identifier of the target system to generate a replica of the at least one current password of the target system.
- the password replication means displays the replica of the at least one current password of the target system to a user.
- access to the password replication means is restrictable to selected personnel.
- the password management system further comprises a password activated access management system which employs the password generating means to generate a replica of the current at least one password of a target system without displaying the replica of the at least one current password of the target system.
- the password activated access management system resides on at least one computing device.
- the password activated access management system resides on at least one mobile computing device.
- access to the target system is provided by connection of at least one of the at least one computing device to the target system.
- the at least one of the at least one computing device is connectable to the target system directly through a communications port.
- the at least one of the at least one computing device is connectable to the target system through a LAN.
- a password management system comprising a password changing means residing in a target system which in turn comprises a password generating means and a password communication means, wherein an at least one password generated by the password generating means is communicated by the password communication means to the target system.
- the password changing means is triggered by the target system.
- the password communication means is in communication with the password generating means to retrieve an at least one password generated by the password generating means.
- the password communication means transmits the at least one password generated by the password generating means to the target system.
- the password changing means is capable of instructing the target system to replace an at least one password stored on the target system with the at least one password generated by the password generating means.
- a password management system comprising a password changing means which in turn comprises a password generating means and a password communication means, wherein the password changing means and the password communication means are resident in a server in communication with the target system and at least one password generated by the password generating means is communicated by the password communication means to the target system.
- a password management system comprising a password changing means which in turn comprises a password generating means and a password communication means, wherein the password changing means and the password communication means are resident in a server in communication with the target system over a PSTN and at least one password generated by the password generating means is communicated by the password communication means to the target system.
- the password changing means is capable of instructing the target system to replace an at least one password stored on the target system with the at least one password generated by the password generating means.
- the password changing means further comprises a password verification means which is capable of verifying the password transmitted to the target system, before the password is stored by the target system.
- a password management system comprising a password changing means which in turn comprises a password generating means and a password communication means, wherein the password changing means and the password communication means are resident in a server which is in direct communication with the target system wherein the server is located in proximity to the target system, and at least one password generated by the password generating means is communicated by the password communication means to the target system.
- the password changing means is triggered by a scheduler in the password management system.
- the password changing means is capable of instructing the target system to replace an at least one password stored on the target system with the at least one password generated by the password generating means.
- the password generating means encrypts the passwords.
- the password generating means employs an algorithm for password encryption.
- a method of changing an at least one password of a target system comprising the steps of: generating at least one new password; establishing communications with the target system; transmitting the at least one password to the target system; instructing the target system to replace its at least one existing password with the at least one transmitted password; wherein the target system for the password change is a telecommunications system.
- the method of password change includes a triggering mechanism whose frequency can be set by the user.
- a method of changing the at least one password of a target system from a remote server through a PSTN comprising the steps of: (a) generating at least one new password; (b) establishing communications with the target system; (c) transmitting the at least one password to the target system; (d) verifying the at least one transmitted password; and (e) instructing the target system to replace its at least one existing password with the at least one transmitted password.
- a method of changing the at least one password of a target system from a proximal server through a direct connection to the target system comprising the steps of: (a) generating at least one new password; (b) establishing communications with the target system; (c) transmitting the at least one password to the target system; and (d) instructing the target system to replace its at least one existing password with the at least one transmitted password.
- a method of displaying the current at least one password of a target PBX system to restricted personnel comprising the steps of: (a) checking whether the requester is authorised to obtain password status data; (b) obtaining an identifier of the target PBX system; (c) obtaining the date/time of the replication request; (d) combining the identifier of the target PBX system with the date/time of the replication request to generate a replica of the password of the current password of the target PBX system; and (e) displaying the current at least one password of the target system to the requester.
- a ninth aspect of the invention there is provided a method of enabling an authorised person to gain access to a password protected target PBX system without displaying the at least one current password of the target PBX system to the authorised person comprising the steps of: (a) connecting the computing device to the target PBX system; (b) checking whether the requester is authorised to gain access to the target PBX system; (c) obtaining an identifier of the target PBX system; (d) obtaining the date/time of the connection to the target PBX system; (e) combining the identifier of the target PBX system with the date/time of the connection to the target PBX system to generate a replica of the at least one current password of the target PBX system; (f) establishing communications with the target PBX system and transmitting the replica of the at least one current password of the target PBX system to the target PBX system; wherein the password is not displayed to the authorised person during or after transmission to the target system.
- a password management system capable of running the methods of the previous aspects of the invention.
- a password management product capable of running the methods of the previous aspects of the invention, resident on a storage means .
- the storage means is a disk.
- the object of the invention is to overcome the problems of the prior art.
- Traditional password models employ a fixed password which can be manually changed by a user. Typically these passwords are changed infrequently (e.g. once a month) if changed at all.
- the present invention inverts the traditional password model and provides a automatic dynamic password management system.
- the present invention provides a system for managing and automating the secure deployment of multiple passwords to multiple PBX systems.
- the system enables the passwords of target PBX systems to be changed on a regular basis the frequency of which can be established by the user. Since the password changing process is conducted automatically, the passwords can be changed much more frequently than those of a traditional manual password changing system. For instance, it may be possible to change passwords every day/hour etc.
- the passwords generated by the password management system are transmitted to target PBX systems in encrypted form.
- a further innovative development provided by the present invention is the use of the dynamic paradigm underlying the password changing system in the password generation process.
- one of the key variables used in generating a password is the date and/or time at which the password change was originally initiated.
- the present invention not only dynamically changes the passwords of client PBX systems it also dynamically changes the generation process for the passwords themselves. Collectively, these two processes dramatically increase the complexity of the problem faced by hackers in attempting to obtain the passwords of a PBX system.
- At least two modes of operation of the password management system generate and transmit passwords to a target PBX system in a closed system which is physically or otherwise protected from external unauthorised public access.
- the password generating software module is directly integrated into a PBX system, so that there is no password transmission to the PBX system from an external source.
- the present invention does not maintain an archive of the passwords generated by the password changing system.
- the absence of the archive is intended to ensure that there is no central repository of the passwords of client PBX systems that might be accessed by unauthorised persons.
- the lack of an available record of the current password of a client PBX system makes it very difficult for vendors to perform routine maintenance and other modifications (e.g. specific programming to reflect personnel movements within a client organisation to a client PBX system.
- the present invention provides a method of generating replicas of the current passwords of client PBX systems through the synchronisation of an external device with the password changing system of a client PBX, without requiring the connection of the external device to the client PBX system.
- this feature provides a method for a vendor to determine the current password of a client PBX system and thereby remotely gain access to the PBX system, to perform maintenance and other routine operations on the PBX system without compromising the security of the system.
- the present invention provides a means for regenerating the current password of a client PBX system by a similar synchronisation process as that mentioned above, to enable an engineer to gain access to a client PBX system without revealing the current password to the engineer.
- the present invention is a new password management and replication system that deploys a secure method for changing, managing and replicating unique passwords for multiple PBX and adjunct systems.
- the system of the present invention is a transparent integrated suite of system control and application software modules used to change, manage and replicate passwords for one or more PBX or adjunct systems.
- the system of the present invention can also be used to provide greater security for other systems such as routers, modems and any other communications devices which are password protected.
- Figure 1 is a flow-diagram showing a broad overview of Mode 1 operations of the password management system
- Figure 2 is a flowchart providing a more detailed overview of the Startup Phase of the Mode la (Dialup Mode) operations of the password management system shown in Figure 1
- Figure 3 is a flowchart providing a more detailed overview of the Dialling Phase of the Mode la (Dialup Mode) operations of the password management system shown in Figure 1
- Figure 4 is a flowchart providing an overview of the Mode lb (Direct Connection Mode) operations of the password management system
- Figure 5 is a flow-diagram providing an overview of Mode lc (Integrated Mode) operations of the password management system
- Figure 6 is a flowchart of the User Input Manual Mode operations of the password management system
- Figure 7 is a flowchart showing an example of the operation of the password generating algorithm employed by the password management system.
- Figure 8 is a flowchart providing an overview of the Mode 2 operations (Help Desk Mode) of the password management system
- Figure 9 is a flowchart of the Mode 3 Operations (Engineer Logon Mode) of the password management system in both direct and Telnet modes
- Figure 10 is a block diagram showing the software architecture of the password management system
- Figure 11a is a block diagram showing a first configuration of an SPMS Server Module of the password management system
- Figure lib is a block diagram showing a second configuration of the SPMS Server Module of the password management system in which a dial up connection is made across a PSTN between the SPMS Server and a PBX device
- Figure lie is a block diagram showing a third configuration of the SPMS Server Module of the password management system in which the SPMS Server is directly connected to a PBX device
- Figure 12 is a flowchart of the operation of an SPMS Manager Module of the password management system.
- Table 1 lists the operational parameters included in an initialisation the password management system
- Table 2 lists the parameters included in an SPMS Master Database of the password management system.
- the password changing means and the password generating means will be known as the SPMS Server Module and the password generation algorithm respectively.
- the password replication means and the password activated access management system will be known as the SPMS Helpdesk Module and the SPMS Engineer Logon Module respectively.
- the description will first focus on the operation of the software for the password management system and will then turn to a discussion of the software architecture of the system and a detailed analysis of the operation of individual software components with a view to how these components relate to the overall functionality of the password management system.
- the Password Management System can be broadly described as having three main modes of operation, Mode 1 in which password changes are made automatically to PBX systems, Mode 2 in which a vendor/customer may obtain a replica of the current passwords of their PBX systems and Mode 3 in which an engineer may be connected to a PBX system without ascertaining the current PBX system password.
- processing is performed automatically by the password management system.
- a specific software module of the password management system is responsible for Mode 1 processing, namely the SPMS Server Module.
- the SPMS Server Module will be described in greater detail later when discussing the software architecture of the password management system.
- Mode 1 operations take different forms depending on where the SPMS Server Module is located.
- Mode 1 operation Mode la or Dialup Mode Operations
- the SPMS Server Module resides on an SPMS server which may be located some distance from the PBX system and may communicate with the target PBX system across a PSTN.
- the SPMS server may be located adjacent to the target PBX system and in communication with the target PBX system through its serial port .
- Mode 1 operations namely Mode lc or Integrated Mode Operations
- the SPMS Server Module resides in a target PBX system.
- the SPMS Server Module If the SPMS Server Module is located on the SPMS server and not the target PBX system, then regardless of the location of the SPMS server, on commencement of Mode 1 operations the SPMS Server Module must identify and connect to a target PBX to enable password change. All the information required for making a connection to the target PBX and changing the passwords of the target PBX system (e.g. target modem number, modem speed, parity, system type and current passwords) are contained in a database associated with the SPMS Server Module (i.e. the SPMS Server Module Database) .
- the SPMS Server Module Database i.e. the SPMS Server Module Database
- FIG. 1 is a flow-diagram showing a broad overview of Mode 1 operations (including the PBX connecting steps of Mode la and Mode lb operations) .
- Mode la and Mode lb require additional operational steps than Mode lc (in connecting to a target PBX system)
- this broad overview of the Mode 1 operations will focus on the steps performed by all three forms of Mode 1 operations and will later deal with the steps specifically associated with each of three forms of Mode 1 operations.
- the SPMS Server Module once the SPMS Server Module makes contact with a target PBX 10 and logs onto 12 the target PBX , the SPMS Server Module generates a new password 14 for the target PBX.
- the SPMS Server Module then changes the existing password of the target PBX to the newly generated password 16 and updates 18 appropriate databases and then logs off the target PBX 20.
- the number of passwords which can be changed during Mode 1 operations can be varied according to the requirements of the target PBX system and customer/vendor requirements and set by the variable StrLevel which is stored in an initialisation file.
- Mode 1 operations are performed periodically at intervals established in the SPMS Server Module Database.
- the intervals for such Mode 1 operations can be set as daily, weekly or monthly in accordance with vendor/client requirements.
- Mode 1 operation on a target PBX is unsuccessful, repeated attempts are made at the Mode 1 operations.
- the number of repeat attempts at Mode 1 operation is also established in the SPMS Server Module Database and can be varied according to specific vendor/client ' s requirements.
- an alert is raised, a history file is generated and an email message generated to the system manager.
- the email address of the recipient system manager is specified by the field EmailAddrl in Table 1.
- Mode 1 operations of the password management system the description will now provide a detailed description of the stages involved in the Mode 1 Operations focussing on the specific steps performed in each of the three different forms of Mode 1 operations.
- the Mode la operation of the SPMS system is designed to enable a vendor to distribute passwords to multiple client PBX systems from a single site.
- an SPMS server is remotely located from a target PBX and communicates with the target PBX through a PSTN.
- the SPMS Server Module is launched by the scheduler of the server's Operating System.
- the first task of the SPMS Server Module once launched is to read data from an Initialisation file stored on disk 30.
- the variables stored in the initialisation file are shown in Table 1. For security purposes this file is encrypted.
- the SPMS Server Module completes the Initialisation Phase of the Mode la operations by verifying the integrity of the initialisation file.
- the initialisation stage is implemented by the Program_start () routine which enables the scheduler to launch the SPMS Server Module.
- the Program start () routine initialises the SPMS Server Module and in turn calls the following routines:
- the Startup Phase of the Mode la operations shown in Figure 1 is shown in greater detail in Figure 2.
- the Startup Phase comprises a combination of sub routines ( GetLicenses () that read and verify license agreements 32.
- the SPMS Server Module connects 34 to a SPMS Master Database 35.
- the variables stored in the SPMS Master Database 35 are shown in Table 2. Since the Mode la operation of the SPMS system permits a vendor to transmit passwords to multiple sites, it will be understood that the SPMS Master Database 35 contains multiple entries, wherein each entry contains the values of the variables (specified in Table 2) specific to a given client PBX system.
- the SPMS Server Module queries 36 the SPMS Master Database 35 to download the various parameters stored within, and associated with each PBX. These parameters include the telephone number of the target PBX system, the Baud rate of remote PBX system, a site specific identifier (namely Si telD) and the current passwords of the target PBX system.
- the software elements responsible for connecting to and querying the SPMS Master Database 36 are as follows:
- ConnectDatabase This routine connects to the SPMS Master Database for loading stored PBX parameters, it uses Jet for Access and SQL Databases. If a connection cannot be made then an error is flagged and processed.
- Mode la and Mode lb operations i.e. where the SPMS Server Module is resident on an SPMS server and not on the target PBX system
- the Startup Phase of the Mode 1 operations is completed and the SPMS Server Module implements the Dialling Phase of the Mode la/Mode lb operations.
- the Dialling Phase connects the SPMS server to the target PBX system.
- the connection to the target PBX is made by dialling the target PBX through the PSTN.
- Mode lb operations connection is made directly to the target PBX system.
- Dialling Phase The Dialling Phase of the Mode la operations shown in Figure 1 is shown in greater detail in Figure 3.
- the SPMS server operating under MScomm opens an appropriate serial port and dials 40 the target PBX system using the PBX parameters of the relevant client PBX system (determined from the client records retained on the SPMS Master Database, the variables stored in the SPMS Master Database are shown in Table 2) .
- the SPMS Server then waits for a "connect” to be received from the called Modem 42, upon receipt of the "connect", the SPMS Server polls 44 for a system prompt from the PBX. Upon receipt of the system prompt, the SPMS Server then "Logs On” 46 to the remote system using the current password stored in its SPMS Master Database 35.
- the variables stored in the SPMS Master Database 35 are shown in Table 2.
- Dial This routine dials the target PBX telephone number stored in record 1 of the database and waits for connection from the remote modem.
- TmrDiaK This routine waits a predetermined length of time (the length of which is specified in the initialisation file) for "connection" from remote modem to be received.
- Step 1 The current values of a number of password descriptor variables are read from a database stored in the PBX.
- the password descriptor variables in question include the following: (i) the current level 1 and level 2 passwords (for a two level security system) (namely strCurrentLevellPas sword and strCurrL2Password) (ii) the type of PBX in question (namely StrType_Of_PBX) (iii)the maximum password length (namely intMaxPasswordLength) (iv) A customer/vendor site specific identification code (namely strSi teld)
- Step 2 A new set of passwords is generated and stored 115 in the password descriptor variables strNewLl Pas sword and strNewL2Pas sword (for a two- level security system) .
- the two steps mentioned above provide a broad description of the password changing process, however, the specific details of the manner in which password change is performed varies depending on the type of PBX on which the password change is being implemented. For instance, in one type of PBX system the password changing system software module loads an overlay and sets the values PBX variables NewPassWordl and NewPassWord2 to strNewLlPas sword and strNewL2 Pa sword respectively.
- the password changing system software module may make a backup of the existing password file with a time and date stamp, and overwrite the current values of the PBX password variables with strNewLlPas sword and strNewL2 Pas sword respectively.
- the password changing system software module updates its history and client detail databases with the details of the old and new password parameters. This information can then be used as a full audit trail of the target PBX passwords, in the event of problems arising with procedures and subroutines used in communicating with a target PBX.
- the veracity of the passwords communicated by the SPMS Server Module to the target PBX system over a PSTN is checked 50 to verify that the passwords transmitted to and provisionally stored in the target PBX system are in fact the passwords newly generated by the SPMS Server Module. If so, it then transmits a request to the remote system to store them. Once this task is complete the SPMS Server then records all of the transactions in its history and client details databases. If not then the password cycle is executed a further time.
- UpdateHistoryFile O This routine writes the values of variables associated with a password changing session to a History database.
- the variables in question include details of the Old passwords, New Passwords and the date of the password change.
- the above variables are stored in the history database for easy retrieval in the event of problems occurring.
- the SPMS Server Module logs off the target PBX 52 and terminates the call.
- the SPMS Server Module then reads the next record from the SPMS Master Database and dials the next PBX system 54.
- EODatabase a Boolean variable EODatabase is set true.
- the software calls the End of Program EOP () routine which conducts all the end of program tasks such as closing all the databases and communication ports, emailing the details and results of all transactions to EmailAddrl and then calling closedown () .
- End of Program EOP routine which conducts all the end of program tasks such as closing all the databases and communication ports, emailing the details and results of all transactions to EmailAddrl and then calling closedown () .
- DialNext This routine moves the password management system software module to the next PBX record in the SPMS database.
- the DialNext O routine checks to see if it is the last record +1, if so it calls the End of Program routines (EOP) .
- EOP End of Program
- the EOP routine processes end of program tasks as follows: (1) CloseConnections 0 Closes all databases and ports. (2) Email () Generates a file containing success and failure statistics and emails the file to the recipient designated in the initialisation file (refer to Table 1) field Emailaddrl . (3) EndProgram O Ends the Program by carrying out an orderly shutdown.
- DialNext O routine finds that the next record in the SPMS server database is not the last client record (i.e. records still exist), all parameters are reset with respect to the last call.
- Control is then handed back to the ConnectDatabase () routine to retrieve the next record and a call is placed to routine Dial 0 .
- the password management system software module then loops through the steps following the Dialling, Password Change and Transmission End Phases until no records remain.
- a routine onComm O raises a comEvReceive flag and hands control over to a Decodelnput () routine.
- the Decodelnput ( ) routine interrogates the inbound data stream and depending on its content redirects the password management system program flow to the various routines assigned to handle it.
- the Decodelnput 0 routine also updates the GUI with copies of actual inbound and outbound data.
- the Mode la operations of the SPMS software provides an automatic, dynamic password changing system which enables a vendor to overcome the logistical problems of managing the deployment of multiple passwords to multiple PBX systems .
- This system thereby increases the security of client PBX systems by reducing the risk of hackers obtaining the passwords of client PBX systems through reducing the effective lifetime of a PBX password.
- the passwords newly generated by the SPMS software are communicated to target PBX systems through private, non-publicly accessible media.
- the passwords are generated by a PC (owned by a client PBX owner) which is physically located adjacent to a target PBX system.
- the PC is connected to the target PBX system through a direct serial connection therebetween.
- Mode lc operations of the SPMS system takes the process of protecting the security of the passwords transmitted to a target PBX system a step further, by incorporating the SPMS password changing module of the SPMS system into a target PBX system itself, thus producing an autonomous, dynamic, automatic password changing system which does not need external connection to a PC or server.
- the installation of the software in each case is intended for a single user (i.e. client PBX system) .
- the Mode lb and Mode lc operations of the SPMS software would not be suitable for transmitting passwords to multiple PBX sites from a single server. Consequently the SPMS Master Databases 35 (see Table 2 for details) for the Mode lb and Mode lc operations, do not contain multiple entries for multiple PBX sites, but instead contain entries for the single PBX site to which each SPMS Master Database 35 is connected.
- Mode lb and Mode lc operations of the SPMS software Having provided a broad overview of the principle of operation of the Mode lb and Mode lc operations of the SPMS software, the description will continue with a more detailed discussion of the Mode lb and Mode lc operations in turn.
- Mode lb Software resides in a Server located proximal to a Target PBX
- the SPMS server 60 is directly connected to a target PBX system 62 via a serial port.
- the SPMS Server Module logs on to the target PBX system 62 using passwords stored in its database in accordance with the Dialling and Startup Phases described for Mode la operations.
- the SPMS Server Module changes the old passwords of the target PBX system for new passwords in accordance with the Change Password Phase previously described for Mode la operations.
- the connection between the SPMS server and the target PBX system is made directly through the serial ports of both systems, rather than a PSTN, the chances of transmission errors being introduced into the passwords is reduced and thus verification of the transmitted passwords is not required.
- FIG. 5 shows Mode lc operations.
- the SPMS Server Module lies dormant within a client's PBX system 100 until it is launched by the PBX scheduler, at a prescribed time 105.
- the SPMS Server Module retrieves operational parameters 110 from an initialisation file stored in a PBX database.
- the operational parameters contained in the initialisation file are shown in Table 1.
- variable strAuto_run is set "I" (to indicate that the SPMS Server Module and Password Generation Module are integrated into the target PBX) and the SPMS Server Module which is resident in the PBX changes the password of the PBX.
- the password changing system software module updates its history and client detail databases with the details of the old and new password parameters. This information can then be used as a full audit trail of the target PBX passwords, in the event of problems arising with procedures and subroutines used in communicating with a target PBX.
- Modes la and lb of operation can also be operated manually as in Figure 6.
- the description of the Mode 1 operations so- far has focussed on the method of initiating a password changing session and the method of communicating newly generated passwords from the SPMS software (whether resident on a server, dedicated PC or within a PBX system itself) to a target PBX.
- the description has so far shown how the SPMS software provides a dynamic automated method of changing the passwords of PBX systems.
- the description has not shown how the passwords themselves are generated by the SPMS software.
- the password generation algorithm of the SPMS software extends the concept of the dynamic password changing capability of the SPMS software to form the basis for the password generating function of the software.
- the SPMS software implements a dynamic process for automatically changing PBX passwords, the software also employs the dynamic nature of the password changing process to generate the passwords themselves.
- Key to the operation of the password generating algorithm is the date/time at which a password changing operation is initiated.
- the algorithm combines the date/time of the operation together with other specific variables to generate a variable which when encrypted provides a resultant password.
- Figure 7 shows an exemplary operation of the password generation algorithm.
- the password generation algorithm employs two variables, namely the Si telD and the date to generate passwords for a PBX system.
- the Si telD variable is a character or integer representation of a client's site name.
- the string "TEST” is used as a Si telD 270.
- the date variable is represented as 28/01/2003 272.
- the SitelD variable and the date variable are combined 274 to produce a single string of characters which is assigned to a further variable entitled Str_2_Encrypt .
- the Str_2_encrypt variable becomes TEST28012003 276.
- the SPMS encryption algorithm 278 will reverses the string to produce a new variable Str_Encrypted which in the case of the present example becomes 30021082TSET.
- the Str_Encrypted variable becomes the Password for Site TEST on 28 th January 2003 280.
- the run date of the password generation algorithm is 13/03/2003 (and using the same SitelD "TEST" as used earlier) , the Str_encrypted variable becomes 30023031TSET.
- the above Algorithm also uses strong encryption methods (e.g. EIGamal, 3DES (Data encryption standard) , AES (Advanced Encryption Standard) , RSA IDEA (International Data Encryption Algorithm) , Blowfish or CAST) to enhance the security provided by the Str_encrypted password.
- strong encryption methods e.g. EIGamal, 3DES (Data encryption standard) , AES (Advanced Encryption Standard) , RSA IDEA (International Data Encryption Algorithm) , Blowfish or CAST
- the password generating process is employed in all of the operations of the SPMS software.
- the password generating process is employed for: (a) generating new passwords to change the passwords of target PBX systems (b) generating replicas of current passwords of PBX systems to enable authorised persons to gain access to the target PBX systems.
- a vendor In order to gain access to a client PBX system to perform routine maintenance and other operations (e.g. restrictions on user-accounts etc) on the system, a vendor must know the current password (s) of the client PBX system. Under traditional password management systems, this did not create a particular problem for vendors, because the vendor typically used a single password for all of its installations or the passwords were changed very infrequently.
- PBX passwords are changed automatically by the SPMS software (without the intervention of the vendor) and can be changed at frequent intervals. Since no external record is kept of the passwords of a client PBX system (to enhance the security of the system) , the vendor would have some difficulties in determining the password of the client PBX system and in gaining access to client PBX systems to perform routine maintenance etc.
- the Mode 2 operations of the SPMS system provides a tool which enables a vendor to generate a replica of the current password of a client PBX system.
- Central to the password regeneration process of the Mode 2 operations is the fact that there is no distribution of current PBX passwords from a target PBX system, central server or other archive to the Mode 2 operations user. Consequently there is no need for a vendor's PC to be in any way connected to a target PBX system or other password archive to determine a current PBX password.
- the Mode 2 operations of the SPMS software employs the inherent determinism of the original password generating algorithm for the client PBX system to enable the regeneration of a replica of a current PBX password.
- Mode 2 operations of the SPMS software are primarily intended for the use of a PBX vendor, it is also envisaged that this mode of operations could also be used by the vendor's customers should the customers require knowledge of the current password of their PBX systems.
- the designated employee of the vendor or customer users are requested to enter a password (henceforth known as the customer ID) 130. If the password entered by the personnel is authenticated by the Helpdesk module, the module requests the authorised user to enter a site Name/ID which specifically identifies the target PBX.
- the password generating algorithm (described above) combines the site Name/ID of the target PBX system with the date/time stamp of the password request to generate 134 a replica of the current password of the identified target PBX system.
- Key to the password replication process is the synchronisation of the clock of the vendor's PC (running the Helpdesk Module) and the clock of : (a) the server connected to a target PBX system through a PSTN (in Mode la operations) or (b) a PC directly linked to a target PBX system (in Mode lb operations) or (c) the target PBX system itself (in Mode lc operations) .
- the clock of the vendor's PC running the Helpdesk Module
- the password (s) generated by the Mode 2 operations may not match the actual current password (s) of the target PBX system.
- the password is displayed 136 to the appropriate Help Desk personnel .
- a module known as an Engineer Logon Module is provided to engineers of the vendor company.
- the Engineer Logon Module enables an engineer to directly connect to a client's PBX system for the purpose of service, maintenance and authorised system programming, without revealing the current password (s) of the client PBX system.
- An engineer may connect a mobile computing device (e.g. a laptop computer) to a PBX system either directly through a serial port or through a client's local area net (LAN) via a SPMS Telnet session (provided that the target PBX system itself is connected to the LAN) .
- a mobile computing device e.g. a laptop computer
- LAN local area net
- the Engineer Logon Module is launched.
- the Engineer Logon Module reads data from an Initialisation file stored on disk.
- the initialisation file contains various parameters and flags e.g. maximum allowed password length, frequency of allowed engineer logons, Baud Rate of connection, port settings and User authentication details.
- the initialisation file is encrypted, furthermore these authentication details once set cannot be altered.
- the engineer is requested to enter a password (henceforth known as the engineer password) . If the password entered by the engineer is authenticated by the Engineer Logon Module 140, the Engineer Logon Module 140 will request the authorised engineer to enter a site Name/ID 142 ( strSi telD) which specifically identifies the PBX system to which access is requested.
- a password herein known as the engineer password
- the Engineer logon Module 140 will request the authorised engineer to enter a site Name/ID 142 ( strSi telD) which specifically identifies the PBX system to which access is requested.
- the Engineer Logon Module 140 employs the password generating algorithm (previously described) to combine the site Name/ID with the date/time of the engineer logon request to generate a replica of the current passwords 144 of the target PBX system.
- the password regeneration process depends on the inherent determinism of the original password generation algorithm and on the synchronisation of the clock of the engineer's laptop (or other mobile computing device) with the clock of the: (a) server connected to the target PBX through a PSTN (in Mode la operations) or (b) PC directly connected to the target PBX (in Mode lb operations) or (c) the target PBX system itself (in Mode lc operations) .
- the Engineer Logon Module will log the engineer onto the required PBX system 146. at the selected level.
- the Engineer logon Mode 3 operations
- the engineer is requested to close the Engineer Logon Module and launches his preferred communications package to continue.
- the password management system includes a system manager program 200 that comprises an interface management program 210 and four client programs which will be known henceforth as modules.
- the four modules of the password management system are known in turn as the SPMS Server Module 212, the SPMS Helpdesk Module 214, the SPMS Engineer Logon Module 216, and the SPMS Manager Module 218. All modules are capable of being run under the Windows or Unix operating systems. Whilst each module is capable of operating independently of the others, each module also conforms to a set of rules from which passwords are constructed and retrieved. Each of the four modules are discussed in greater detail below.
- SPMS Server Module 212
- the SPMS Server Module 212 has the task of communicating with a target PBX system and changing its password (s) . Thus the SPMS Server Module 212 facilitates the Mode 1 Operations of the password management system.
- the SPMS Server Module has three possible configurations shown in Figures 11a, lib and lie respectively. These three configurations are designed to facilitate the different forms of Mode 1 operations described earlier.
- the SPMS Server Module 212 In its first configuration ( Figure 11a) the SPMS Server Module 212 resides within a client's PBX system 240. Consequently, the SPMS Server Module 212 in its first configuration, is a single system programme device which can be shipped with new PBX's or added to existing systems as an upgrade.
- the first configuration ( Figure 11a) of the SPMS Server Module 212 is designed to enable the automated password updating of Mode 1 operations, to overcome any problems which might arise from dialling target PBX's over a public switched telephone network.
- the SPMS Server Module 212 is a multi system device which can reside on a separate SPMS server 242 (under control of the vendor company) and communicates across a Public Switched Telephone Network (PSTN) 244 with the target PBX 240.
- PSTN Public Switched Telephone Network
- the second configuration of the SPMS Server Module 212 includes a database (SQL or Access) which contains records of all target PBX's. Records can be added to the database at any time using the SPMS Manager function (to be described later) .
- the SPMS Server Module 212 In its third configuration ( Figure lie) the SPMS Server Module 212 resides on an SPMS server 246 located beside the client's PBX system 240 and connected directly to the PBX system 240 by way of a serial port. This is desirable in situations where the customer nominates to control his own system passwords.
- the SPMS Server Module 212 includes a GUI which can be edited during manual mode.
- the variables which can be selected and actioned through the GUI include: (a) BaudRate: used to set communications speed with remote modem. (b) Com Port : used to communicate with SPMS server Modem (c) Frequency used to select the Frequency of Remote Password update. (d) Advance used to advance the database by a single record (e) Moveto start of Database (f) Moveto previous record (g) Moveto end of database. (h) Send a Carriage return to remote modem. (i) View History file entries. (j) View history of Passwords for a given site. (k) View system date (1) Dial current entry
- the SPMS Help Desk Module 214 is an executable program file which is installed on a standard PC of a nominated customer and/or vendor.
- the SPMS Helpdesk Module 214 is used by a PBX Vendor service centre and/or customer service centre as a password finder to regenerate the password of a specific PBX system at any given time.
- the SPMS Helpdesk Module 214 is the software component of the password management system which enables its Mode 2 operations (Help Desk Mode) .
- the SPMS Helpdesk Module 214 includes a GUI which allows the user to set various parameters such as: (a) Site ID/Name (used to identify an individual vendor help desk/customer site) . (b) Frequency (used to determine the frequency of update)
- GUI of the SPMS Helpdesk Module 214 displays the vendor Co. name, User name and user ID authorised by license.
- the SPMS Helpdesk Module 214 is a secure program which is password protected. As also discussed in relation to the Mode 2 operations, a specific SPMS Helpdesk Module 214 can only be used by a single customer and/or vendor company . The SPMS Helpdesk Module 214 uses the common password generation algorithm (previously described) to replicate the password (s) stored in the Server Master Database.
- the third module is SPMS Engineer Logon Module 216.
- the SPMS Engineer Logon Module 216 is an executable program installed at nominated standard laptop PCs and is used by mobile Engineering Staff. The function of the SPMS Engineer Logon Module 216 is to automatically log an engineer onto a PBX system without revealing the current password (s) of the PBX system. Thus the SPMS Engineer Logon Module 216 facilitates the Mode 3 operations of the password management system.
- the SPMS Engineer Logon Module 216 is a secure programme which is password protected. To enhance the security of the password management system, the SPMS Engineer Logon Module 216 is only operable from the single laptop computer on which it is installed. To facilitate different methods of connection of an engineer's laptop to a target PBX system, the SPMS Engineer Logon Module 216 is itself provided with two separate modules .
- the first module is known as the Direct Engineer Logon Module 220. This module requires an engineer's PC to be directly connected between a PC's Serial port and a PBX for communication between the engineer's PC and the target PBX system to take place.
- the second module is known as the Telnet Session Engineer Logon Module 222. This module enables an engineer's PC to remotely connect to a target PBX through a LAN.
- the SPMS Engineer Logon Module 216 uses the common password generation algorithm (previously described) .
- the SPMS Manager Module 218 is a software tool used to input data and parameters to the SPMS Master Database.
- the SPMS Manager Module 218 has many components providing typical database and communications features that can be managed via this interface.
- the SPMS Manager Module 218 can be run in a standalone or networked environment. All data entered into the system through the SPMS Manager Module 218 is stored in the SPMS Master database .
- the functions of the SPMS Manager Module 218 can be broadly divided into SPMS Master Database operations and Maintenance operations.
- Figure 12 shows a number of the software elements which enable the SPMS Manager Module 218 to perform its functions.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
Abstract
L'invention concerne un système de gestion de mot de passe comprenant des moyens de modification du mot de passe qui comprennent, à leur tour, des moyens de génération de mot de passe et des moyens de communication de mot de passe, au moins un mot de passe généré par les moyens de génération de mot de passe étant communiqué par les moyens de communication de mot de passe à un système cible, notamment un système PBX. Le système de gestion de mot de passe comporte trois modes principaux opérationnels, à savoir le mode (1) dans lequel les modifications de mot de passe sont effectuées automatiquement sur les systèmes PBX, le mode (2) dans lequel un vendeur/client peut obtenir une reproduction des mots de passe actuels de leurs systèmes PBX et le mode (3) dans lequel un ingénieur peut être connecté à un système PBX sans qu'il ait besoin d'avoir identifié le mot de passe du système PBX actuel. Le système de gestion de mot de passe améliore le modèle de mot de passe traditionnel, qui utilise un mot de passe fixe, qu'un utilisateur peut modifier manuellement et fournit un système de gestion de mot de passe automatique, et par conséquent dynamique et sûr.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IE20030336 | 2003-05-02 | ||
IES2003/0336 | 2003-05-02 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2004097607A1 true WO2004097607A1 (fr) | 2004-11-11 |
Family
ID=33397632
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IE2004/000061 WO2004097607A1 (fr) | 2003-05-02 | 2004-04-30 | Systeme de gestion et reproduction d'un mot de passe |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2004097607A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11328297B1 (en) * | 2008-06-30 | 2022-05-10 | Amazon Technologies, Inc. | Conducting transactions with dynamic passwords |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4609777A (en) * | 1984-02-22 | 1986-09-02 | Gordian Systems, Inc. | Solid state key for controlling access to computer software |
US4720860A (en) * | 1984-11-30 | 1988-01-19 | Security Dynamics Technologies, Inc. | Method and apparatus for positively identifying an individual |
WO1997036221A1 (fr) * | 1996-03-27 | 1997-10-02 | Siemens Business Communication Systems, Inc. | Procede de mise en place de protection par mot de passe et dispositif correspondant |
WO2001031840A1 (fr) * | 1999-10-29 | 2001-05-03 | Nokia Corporation | Procede et dispositif d'identification fiable d'un utilisateur dans un systeme informatique |
-
2004
- 2004-04-30 WO PCT/IE2004/000061 patent/WO2004097607A1/fr active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4609777A (en) * | 1984-02-22 | 1986-09-02 | Gordian Systems, Inc. | Solid state key for controlling access to computer software |
US4720860A (en) * | 1984-11-30 | 1988-01-19 | Security Dynamics Technologies, Inc. | Method and apparatus for positively identifying an individual |
WO1997036221A1 (fr) * | 1996-03-27 | 1997-10-02 | Siemens Business Communication Systems, Inc. | Procede de mise en place de protection par mot de passe et dispositif correspondant |
WO2001031840A1 (fr) * | 1999-10-29 | 2001-05-03 | Nokia Corporation | Procede et dispositif d'identification fiable d'un utilisateur dans un systeme informatique |
Non-Patent Citations (1)
Title |
---|
TZONG-CHEN W ET AL: "Authenticating passwords over an insecure channel", COMPUTERS & SECURITY, ELSEVIER SCIENCE PUBLISHERS. AMSTERDAM, NL, vol. 15, no. 5, 1996, pages 431 - 439, XP004013733, ISSN: 0167-4048 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11328297B1 (en) * | 2008-06-30 | 2022-05-10 | Amazon Technologies, Inc. | Conducting transactions with dynamic passwords |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109831327B (zh) | 基于大数据分析的ims全业务网络监视智能化运维支撑系统 | |
US7302570B2 (en) | Apparatus, system, and method for authorized remote access to a target system | |
US7415509B1 (en) | Operations architectures for netcentric computing systems | |
EP1804418A1 (fr) | Systeme d'authentification de mot de passe dynamique et procede associe | |
CN112765245A (zh) | 一种电子政务大数据处理平台 | |
US6141752A (en) | Mechanism for facilitating secure storage and retrieval of information on a smart card by an internet service provider using various network computer client devices | |
CN201846355U (zh) | 安全咨询系统 | |
US20070186115A1 (en) | Dynamic Password Authentication System and Method thereof | |
CN109286632B (zh) | 一种基于区块链的大数据授权存证方法和系统 | |
CN100499652C (zh) | 通信设备、验证设备及验证方法、操作方法 | |
US20040054930A1 (en) | Flexible license file feature controls | |
CN106230843A (zh) | 一种为智能手机配置云虚拟手机的方法、服务器和系统 | |
CN104718526A (zh) | 安全移动框架 | |
WO2003017069A2 (fr) | Integrite de donnees | |
US20040059747A1 (en) | Method and apparatus for restoring computer resources | |
CN109831463A (zh) | 用于操作系统登录验证的智能终端安全防护系统 | |
EP1018231B1 (fr) | Systeme de chiffrement de donnees pour transmission par l'internet | |
CN109309645A (zh) | 一种软件分发安全保护方法 | |
CN108965317B (zh) | 一种网络数据防护系统 | |
US20060190567A1 (en) | System and Method for Providing Customers With Secure Data Access to a Management System | |
CN108134822A (zh) | 基于区块链的存储系统的下载方法 | |
CN116647326A (zh) | 基于区块链的嵌入式网关系统 | |
WO2004097607A1 (fr) | Systeme de gestion et reproduction d'un mot de passe | |
Wallich | Wire pirates | |
IE20040301A1 (en) | Password management and replication system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
122 | Ep: pct application non-entry in european phase |