Browse Prior Art Database

Self Modifying Lockword for One Time Use Instruction

IP.com Disclosure Number: IPCOM000080477D
Original Publication Date: 1973-Dec-01
Included in the Prior Art Database: 2005-Feb-27
Document File: 2 page(s) / 14K

Publishing Venue

IBM

Related People

Preiss, RJ: AUTHOR

Abstract

A method for generating and handling self-modifying lockwords (passwords) is described. They can be used to secure the access to particular information in a data processing system. 1) Access to secured information is obtainable only with the following restrictions: a. a current token number is required with the current lockword. The current token and current lockword are usable only once, and b. a particular time period (e.g. from 9:10 A.M. to 9:20 A.M.) is known to the user as the only time period during which access may be granted with the current lockword and token. 2) Access is obtainable only once with the current values of the lockword and token number recorded on a user token, and usable only during a particular time period.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 2

Self Modifying Lockword for One Time Use Instruction

A method for generating and handling self-modifying lockwords (passwords) is described. They can be used to secure the access to particular information in a data processing system. 1) Access to secured information is obtainable only with the following restrictions: a. a current token number is required with the current lockword. The current token and current lockword are usable only once, and b. a particular time period (e.g. from 9:10 A.M. to 9:20 A.M.) is known to the user as the only time period during which access may be granted with the current lockword and token. 2) Access is obtainable only once with the current values of the lockword and token number recorded on a user token, and usable only during a particular time period. 3) Only a limited number of unsuccessful access tries are permitted in the limited time period (e.g., three tries). 4) A next lockword value is automatically generated from the current lockword value and the current token value by the system using an embedded algorithm. (The system does not provide the lockword to the user.) 5) A human administrator uses a system to issue tokens on which the next lockword and token number are recorded. 6) The next token number and time period are determined independently by the human administrator. The next lockword is calculated by the same algorithm as in 4) above.

The system control program contains a "security guarding routine", which receives each currently inputted lockword value and compares it to the current value in the guarding routine. If the lockwords are equal, the routine grants the user access to the secured information. When access is granted, future use of the current lockword, is automatically invalidated by the "security guarding routine", because the routine generates a new lockword value from the current and the token values as part of the granting of access. The user must then go to the human administrator to be assigned the next lockword, next token and next access time before the user can again obtain access to the secured information.

A "lockword control routine" is called by the "security guarding routine", when access is granted and is passed the currently inputted l...