Method and apparatus for allowing access to secured computer resources by utilzing a password and an external encryption algorithm

Patent 5949882 Issued on September 7, 1999. Estimated Expiration Date:

December 13, 2016. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.

Abstract Claims Description Full Text

Patent References

Cryptographic communications system and method
Patent #: 4405829
Issued on: 09/20/1983
Inventor: Rivest , et al.

Apparatus and methods for granting access to computers
Patent #: 4799258
Issued on: 01/17/1989
Inventor: Davies

Data communication systems and methods
Patent #: 4890323
Issued on: 12/26/1989
Inventor: Beker, et al.

Process and apparatus for the protection of secret elements in a network of encrypting devices with open key management
Patent #: 4969188
Issued on: 11/06/1990
Inventor: Schobi

Fair cryptosystems and methods of use
Patent #: 5276737
Issued on: 01/04/1994
Inventor: Micali

Fair cryptosystems and methods of use
Patent #: 5315658
Issued on: 05/24/1994
Inventor: Micali

Hard disk password security system
Patent #: 5375243
Issued on: 12/20/1994
Inventor: Parzych, et al.

Security access and monitoring system for personal computer
Patent #: 5377269
Issued on: 12/27/1994
Inventor: Heptig, et al.

Personal computer access control system
Patent #: 5432851
Issued on: 07/11/1995
Inventor: Scheidt, et al.

Enhanced security for a secure token code
Patent #: 5485519
Issued on: 01/16/1996
Inventor: Weiss

More ...

Inventor

Angelo, Michael F.

Assignee

Compaq Computer Corporation

Application

No. 766721 filed on 12/13/1996

US Classes:

713/185, Using record or token235/380, Credit or identification card systems340/5.26, Code rotating or scrambling340/5.54, Password340/5.74, Access to electrical information713/172Intelligent token

Examiners

Primary: Gregory, Bernarr E.

Attorney, Agent or Firm

AKin, Gump, Strauss Hauer & Feld

International Classes

H04L 009/00
H04L 009/08

Abstract

A method for permitting access to secured computer resources based upon a two-piece user verification process. In one embodiment of the invention, the user verification process is carried out during a secure power-up procedure. At some point during the secure power-up procedure, the computer user is required to provide an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an encryption key that is unique or of limited production. The computer user is then required to enter a plain text user password. Once entered, the user password is encrypted using the encryption algorithm contained in the external token to create a peripheral password. The peripheral password is compared to a value stored in either secure system memory or in memory contained within a secured resource itself. If the two values match, access to the secured resource is permitted. In an alternate embodiment of the invention, the two-piece authentication process is conducted during normal computer operation outside of the secure power-on sequence. In this embodiment of the invention, the user password is entered by means of a secure keyboard communications channel. In either embodiment, the two-piece nature of the authorization process requires the presence of both the user password and the external token in order to generate the peripheral password.