Browse Prior Art Database

Control Unit Dialback for Security

IP.com Disclosure Number: IPCOM000115594D
Original Publication Date: 1995-May-01
Included in the Prior Art Database: 2005-Mar-30
Document File: 4 page(s) / 129K

Publishing Venue

IBM

Related People

Gillaspy, R: AUTHOR [+3]

Abstract

Disclosed is a system whereby a dependent display controller can accept a connection, verify the authority of the user, break the connection and call the user at a telephone number determined by the application program. The database for maintaining user names and telephone numbers is maintained in a centralized location, which can be accessed by multiple applications. An extension to 3270 datastream allows additional commands to be issued to the controller that initiate a call back attempt.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

Control Unit Dialback for Security

      Disclosed is a system whereby a dependent display controller
can accept a connection, verify the authority of the user, break the
connection and call the user at a telephone number determined by the
application program.  The database for maintaining user names and
telephone numbers is maintained in a centralized location,  which can
be accessed by multiple applications.  An extension to 3270
datastream allows additional commands to be issued to the controller
that initiate a call back attempt.

      Previous methods of achieving this level of security involved a
device external to the controller that contained the database and
handled
security.  This solution allows the database to be maintained at a
central location, and gives the application program control over
security.

      This method provides a mechanism for the application program
to screen out unauthorized ASCII device users without additional
hardware.  It also allows the phone number database to exist in a
central location.  Fig. 1 shows existing technology.

      Advantages to this method are additional security for hosts
with switched devices coming in through an attached subsystem with no
changes to the host computer's programs.

Disadvantages to this method are:
  o  An external device is required.
  o  A database of phone numbers must be maintained on or near this
      extra piece of equipment.
  o  Multiple control units may require multiple external devices,
      each with an separate database.
  o  Individual applications cannot select the security level.

      There is already a session being established between the
control unit and the host application.  This proposal is to extend
that relationship to allow the host to send commands to the control
unit to disconnect and then dial back the ASCII display.  Fig. 2
shows the proposed method.

The following is a functional description of the procedure:
  1.  ASCII device dials in to the control unit
  2.  Control unit accepts connect
  3.  Operator now LOGONS to an application
  4.  Application sends a command to the control unit that will:
      a.  DISCONNECT (DROP DTR) the ASCII terminal
      b.  DIAL OUT with a supplied telephone number to reestablish
the
           CONNECTION
      c....