Claims
- 1. A method for preventing access to a computer system, comprising a processing unit or the like, a disk unit for floppy disks, display and a keyboard, comprising the steps of
- recording, on a floppy disk, a personal identification code that includes the user's name and an encrypted personal access cede, the encryption being carried out by means of a one-way encryption function,
- recording on the same floppy disk, an authenticity code which is formed from the personal identification code and a system access code, which system access code is used as an encryption key, and is stored in a permanent memory accessible only to a system administrator,
- inserting the floppy disk into the disk unit before start-up of said computer system,
- in starting-up, said computer system reading at least the personal identification code in said information and the authenticity code from the floppy disk,
- said computer system then checking the authenticity of the read information by using the system access code stored in the permanent memory as an encryption key to forms respective authenticity code which is compared with the authenticity code read from the floppy disk,
- said computer system subsequently, at least in the case of the read information being authenticated, requesting the user via the display to enter his name and his personal access code in non-encrypted form via the keyboard,
- said computer system checking, after the entering has been carried out, the user's name read from the floppy disk against the user's name as entered via the keyboard.
- the computer system encrypting the entered non-encrypted personal access code by means of the one-way encrypting function, and, subsequently, checking the result against the encrypted personal access code read from the floppy disk, and
- said computer system giving the user access to the computer system only in the case of a positive result of all three checks, namely, the read information being authenticated, the read user's name corresponding to the keyboard entered user's named, and the read encrypted personal access code corresponding to the non-encrypted keyboard entered personal access code following encryption.
- 2. Method as claimed in claim 1, wherein information stating the extent to which the user is authorised to access the computer system is recorded in encrypted form on said floppy disk together with the personal identification code, wherein said computer decrypts the extent of use information in the case of said positive result of all three checks, and wherein the computer system gives the user access to the extent stated by information.
- 3. Method as claimed in claim 2, wherein the information about the extent of use of the authorisation is encrypted and decrypted by means of an encrypting key which is a function of the user's name and the system access code lockably stored in the computer system.
- 4. Method as claimed in claim 1, comprising recording, on the floppy disk, additional information which in combination with the system access code permits updating of the contents of said floppy disk.
Priority Claims (1)
Number |
Date |
Country |
Kind |
9202427 |
Aug 1992 |
SEX |
|
Parent Case Info
This application is a continuation of application Ser. No. 08/211,728, filed as PCT/SE93/00702 Aug. 24, 1994, published as WO94/04972 Mar. 3, 1994, now abandoned.
US Referenced Citations (4)
Foreign Referenced Citations (4)
Number |
Date |
Country |
0 427 465 A2 |
May 1991 |
EPX |
0 481 770 A2 |
Apr 1992 |
EPX |
3212785 A1 |
Oct 1986 |
DEX |
WO 9204671 |
Mar 1992 |
WOX |
Non-Patent Literature Citations (2)
Entry |
IEEE Communications Magazine, vol. 29, No. 6, pp. 42-48 (Jun. 1991), Hans-Peter Konigs, "Cryptographic Identification Methods in the Process of Standardization". |
"Using A Local Password For Two-Step Authentication", IBM Technical Disclosure Bulletin, vol. 35, N0. 4A, Sep. 1992, pp. 373-375. |
Continuations (1)
|
Number |
Date |
Country |
Parent |
211728 |
May 1994 |
|