GB2355331A - Keyboard with password identification - Google Patents
Keyboard with password identification Download PDFInfo
- Publication number
- GB2355331A GB2355331A GB0025325A GB0025325A GB2355331A GB 2355331 A GB2355331 A GB 2355331A GB 0025325 A GB0025325 A GB 0025325A GB 0025325 A GB0025325 A GB 0025325A GB 2355331 A GB2355331 A GB 2355331A
- Authority
- GB
- United Kingdom
- Prior art keywords
- identification
- password
- keyboard
- buffer zone
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Input From Keyboards Or The Like (AREA)
Abstract
In keyboard apparatus with a password-identification device, a keyed-in password passes via an unreadable and protective identification buffer zone 34 to an identification controller 43 which uses an identification table 44 for password identification. A conventional keyboard buffer zone 33 is used for non-password data input from the keyboard. In the case that a comparison between the password and password data stored in the identification table is positive, the user is allowed to use the computer system and the identification buffer zone 34 is cleared. By providing the identification process independent of the CPU 41 and the identification software used for setting-up the table 44, any hacker is then prohibited from the computer system, and thus various security problems in a conventional password-identification system can be resolved.
Description
2355331 KEYBOARD APPARATUS WITH A PASSWORDIDENTIFICATION DEVICE AND METHOD
FOR CONTROLLING THE SAME BACKGROUND OF THE INVENTION
(1) Field of the Invention
The invention relates to a keyboard apparatus with a passwordidentification device and a method for controlling the same, and more particularly to a design by which security problems of a conventional password-identification system can be improved by processing hardware identification upon inputting security information through a keyboard and by separating identification process from CPU as well as the identification software.
(2) Description of the Prior Art
Conventionally, the password identification system is controlled by software. For example, as shown in FIG. 1, when the user initiates a password identification system, the respective software will generate a security code chart 12 in accordance with a predetermined password 10 by the user via an identification software 11 - Thereafter, before every usage, the identification software 11 will request a user password 10'. After the user keys in the password 10' through a keyboard, the identification software 11 will compare the password 10' with the pregenerated security code chart 12. In the case that the comparison is positive, the user will be permitted to access the system and the memory facility such as a hard disk for finther data input/output processing. Nevertheless, aforesaid identification procedures cannot rule out the possibility of hacker's overseeing. The security code chart 12 generated by the identification software 11 might be easily replaced or modified by the hacker, or the - I - comparison result between passwords 10 and 10' might be easily imitated.
For example, in the case that the predetermined password by the user is an "abc", a 66& 1 71 will be generated as the security code chart 12 and will be stored in the memory. However, the data in the memory is obviously not protected by the identification software I I - Some software such as SOFT ICE can be handily used to locate the address of the password 10 in the memory. As long as a hacker can used a password "'xxx" compiled from a "cde" to replace the predetermined "&l" during the identification process, he or she can easily get through the identification process and can do anything to the system and the memory therein.
In the aforesaid discussion regarding the password identification, the entry of the password, either by the user or by the hacker, is made via aninput device such as a keyboard. Generally, a conventional keyboard includes a keyboard array and a keyboard controller (as seen in FIG.3) for communicating with a computer system via a keyboard buffer zone. That is, the key-in of the password follows the same style as the key-in of general word strings, in which both need to pass the same keyboard buffer zone before reaching the computer system for performing further identification procedures of the user at a CPU of the computer system.
Nevertheless, aforesaid conventional identification procedures have the following disadvantages in consideration of security.
1. Because the keyboard buffer zone is open to all users and does not include a clear step after every usage, any intended user can retrieve illegally the undeleted password information staying in the keyboard buffer zone.
2. Because the identification is performed by the CPU, it is quite possible that a hacker can get the password information by simply altering the operational procedures of the CPU.
I Because the memory of the computer system is not particularly secured, the identification software might be easily attacked by the hacker (as aforesaid description).
SUMMARY OF THE INVENTION
Accordingly, it is an object of the present invention to provide a keyboard apparatus with a password-identification device and a method for controlling the password-identification device, by which aforesaid disadvantages in both the conventional software identification system and the input device can be improved.
According to the present invention, the password-identification device integrates various hardware for excluding the CPU and the identification software from the identification procedures. So, the security problem in a conventional identification system can be resolved.
Accordingly, the keyboard of present invention includes therein a unreadable and protective identification buffer zone, an identification controller and an identification table for identifying passwords. The identification buffer zone incorporates with the original keyboard buffer zone to process key-in streams from the keyboard. The password data is sent directly into the identification buffer zone. Then, the identification controller will compare the password data obtained from the identification buffer zone with the existed data stored in the identification table. If the identification is positive, the user is permitted into the computer system and all data in the identification buffer zone will be cleared up. Thereby, no residue password data can be obtained from the keyboard.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention will now be specified with reference to its preferred embodiments illustrated in the drawings, in which FIG. I is a flow chart of conventional software identification; FIG.2 is a block diagram of the preferred system in accordance with the present invention; and FIG.3 is a flow chart showing the operation of the preferred system in accordance with the present invention.
DESCRIPTION OF THE PREFERRED EMBODIMENT
The invention disclosed herein is directed to a keyboard apparatus with a password-identification device and a method for controlling the same. In the following description, numerous details are set forth in order to provide a thorough understanding of the present invention. It will be appreciated by one skilled in the art that variations of these specific details are possible while still achieving the results of the present invention. In other instances, well-known components are not described in detail in order not to unnecessarily obscure the present invention.
Referring now to FIG.2, a system framework in accordance with the present invention is shown. the keyboard apparatus with a passwordidentification device 20 mainly includes an input section 30 and an identification section 40.
The input section 30 of the present invention can include a conventional keyboard controller 3 1, a keyboard array 32, a keyboard buffer zone 33 identical with a conventional design, and an identification buffer zone 34.
The identification section 40 of the present invention can include a CPU 41, a system controller 42, an identification controller 43, an identification table 44, and related software 45.
By providing a bus 50 such as a PCI, an ISA, or the like,, the input section 30 and the identification section can establish the communication in between.
The keyboard controller 31 is used to identify the input data from the keyboard array 32. In the case that the input is a normal stream, it will be stored in the keyboard buffer zone 33. In the case that the input is a password, it will be stored in the identification buffer zone 34.
The system controller 42 adopts the data in the keyboard buffer zone 33 and then forwards the data to the CPU 41 for ffirther processing.
The identification controller 43, as an independent device constructed inside the system controller 42, is used to adopts the password data in the identification buffer zone 34 and then compares it with the existed password data stored in the identification table 44 for determining the legality of the user.
The identification table 44 is built by the software 45 right at the first usage of the system. At that time, the software 45 led the user to setup the password data (so called the existed password data in previous description) and to save the password data in the identification table 44. While at the following usage, the identification of passwords is always performed by the identification controller 43; unless confronting a renewal process such as adding a new user, changing password, and so on.
Referring now to FIG.3, a flow chart of the system in accordance with the present invention is shown. While at the very first usage of the system, the software 45 will perform to setup the identification table 44. The user needs to follow irLstructions from the software 45 to establish a password into the identification table 44 (Step a) as the existed password data for future comparison. Thereafter, the identification of passwords will be nothing to do with the software 45. Upon a following usage, a user can utilize the keyboard array 32 to input any data. The keyboard controller 31 will determine whether the input a normal stream or a password (Step b). In the case that the input is a normal stream, it will be forwarded to the keyboard buffer zone 33 controlled by the keyboard controller 31 (Step c). Then, the system controller 42 will perform the normal processing as a conventional keyboard apparatus upon the input data (Step d). In the case that the input is a password data, the keyboard controller 31 will forward the input into the identification buffer zone 34 (Step e). At the same time, the user or a hacker can only obtain a substitute symbol stream (as (( 11) for example) with respect to the bit number of the password to the keyboard buffer zone 33. Also, the keyboard controller 31 proceeds to forward the substitute symbol stream to the software 45 and the CPU 41 via the keyboard buffer zone 33 and the system controller 42. Thereby, anyone can only read the substitute symbol stream from the identification buffer zone 34, the CPU 41 and the software 45. The password data is thus safely kept.
After the identification controller 43 gets the password data from the identification buffer zone 34, a comparison between the input password data and the existed password data in the identification table 44 will be performed (Step f). If the comparison is positive, the system will allow the user to access all its resources. On the other hand, if the comparison is negative, the identification fails and the system will deny the user immediately. Thereby, the system resources can be well protected from any illegal hacker right at the password identification process.
After the identification process, the identification controller 43 will proceed to clear up the identification buffer zone 34 (Step g).
According to the present invention, the input of password will be sent into the identification buffer zone 34, instead of the keyboard buffer zone 33 that accepts normal or regular input from the keyboard. In this case, it is assumed that the computer system can determine whether or not the current key-in is a password. Actually, this assumption can be true because the password input usually occurs at every beginning of every usage of the computer system. Alternatively, a special or function key (not shown in figures) on the keyboard can be assigned or built to the computer system, by which every punch of this special key can be detected by the keyboard controller 31 for fin-ther notifying the system to put the current key-in into the identification buffer zone 34.
-6.
By providing the unreadability of the identification buffer zone 34 (only the substitute symbol stream is released), the aforesaid protection process and the clear-up process right after every password identification, the system of the present invention does provide sufficient security to the. user's password data. Also, the password identification of the system is performed by the identification controller 43, which is independent of CPU 41 execution. Therefore, the password identification process can bypass the software 45 and the CPU 41, by which the problems in the password identification of a conventional system can be well resolved.
According to the aforesaid description, the keyboard apparatus with a password-identification device and the method for controlling the same in accordance with the present invention can perform the password identification independent of the CPU and the identification software. Also, because the password identification in the present invention is performed by the independent identification controller, the substitute symbol stream is provided to replace the input password, and the identification buffer zone is cleared after the password identification, thus the hacker can not read any secret data from the keyboard buffer zone. It is obvious that various disadvantages of the conventional identification process are successfully improved by the present invention.
VVhile the present invention has been particularly shown and described with reference to preferred embodiments, it will be understood by those skilled in the art that various changes in form and detail may be without departing from the spirit and scope of the present invention.
Claims (5)
1. A keyboard apparatus with a password-identification device, comprising an input section and an identification section, wherein the input section finther including: a keyboard buffer zone for storing temporarily normal streams; an identification buffer zone for storing temporarily password data; and a keyboard controller for judging input data from a keyboard array, the input data forwarded to store in the keyboard buffer zone in case of being the normal stream, the input data forwarded tostore in the identification buffer zone in case of being the password data; and wherein the identification section further including: a CPU; a system controller for adopting the normal stream from the keyboard buffer zone and then to forward the normal stream to the CPU for further processing; an identification controller, as an independent device constructed inside the system controller, for adopting the password data from the identification buffer zone and then to compare the password data with an existed password data stored in an identification table for determining legality of the password data; and the identification table, for storing the existed password data for future comparison.
2. The keyboard apparatus with a password-identification device according to claim I further including software for leading a user to setup said existed password data into said identification table.
I The keyboard apparatus with a password-identification device according to claim 1, wherein said input section and said identification section communicate via a bus such as a PCI, a ISA, or the like.
4. A keyboard identification method with a password-identification process, mainly keying in secret message under hardware identification and excluding a CPU and identification software from the identification process, comprising:
a. setting up an identification table by a software; b. determining an input a normal stream or a password message, the input forwarded to store in a keyboard buffer zone for normal processing in case of being the normal stream, and the input forwarded to store in an identification buffer zone for password processing in case of being the password message; c. performing the password-identification process, by performing a comparison between the password message and an existed password data in the identification table, allowing usage of a system havi g the CPU in case of a positive comparison, and denying the usage in case of a negative comparison; and d. clearing up the identification buffer zone.
5. The keyboard identification. method with a password-identification process according to claim 4, wherein said identification controller generates a substitute symbol stream with respect to bit number of the password message into the keyboard buffer zone, right after inputting the password message.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN99121691A CN1095112C (en) | 1999-10-14 | 1999-10-14 | Security cipher confirming keyboard and method thereof |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| GB0025325D0 GB0025325D0 (en) | 2000-11-29 |
| GB2355331A true GB2355331A (en) | 2001-04-18 |
| GB2355331B GB2355331B (en) | 2001-11-28 |
Family
ID=5282085
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB0025325A Expired - Fee Related GB2355331B (en) | 1999-10-14 | 2000-10-16 | Keyboard apparatus with a password-identification device and method for controlling the same |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN1095112C (en) |
| GB (1) | GB2355331B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2040229A1 (en) * | 2007-09-18 | 2009-03-25 | Axalto SA | Method and system for obtaining a pin validation signal in a data processing unit |
| CN102521546A (en) * | 2011-12-22 | 2012-06-27 | 福建联迪商用设备有限公司 | Method for realizing mutual authentication of self-service terminal and pin pad |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102255109B (en) * | 2011-04-06 | 2014-11-19 | 宇龙计算机通信科技(深圳)有限公司 | Authentication method for mobile terminal battery, and mobile terminal thereof |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0763791A1 (en) * | 1995-09-14 | 1997-03-19 | Hewlett-Packard Company | Computer keyboard unit with smartcard interface |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FR2389284A1 (en) * | 1977-04-27 | 1978-11-24 | Cii Honeywell Bull | INFORMATION PROCESSING SYSTEM PROTECTING THE SECRET OF CONFIDENTIAL INFORMATION |
| FR2392447A1 (en) * | 1977-05-26 | 1978-12-22 | Cii Honeywell Bull | INFORMATION PROCESSING SYSTEM PROTECTING THE SECRET OF CONFIDENTIAL INFORMATION |
| JP2553495B2 (en) * | 1985-05-14 | 1996-11-13 | キャダムシステム 株式会社 | Program keyboard mechanism |
-
1999
- 1999-10-14 CN CN99121691A patent/CN1095112C/en not_active Expired - Fee Related
-
2000
- 2000-10-16 GB GB0025325A patent/GB2355331B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0763791A1 (en) * | 1995-09-14 | 1997-03-19 | Hewlett-Packard Company | Computer keyboard unit with smartcard interface |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2040229A1 (en) * | 2007-09-18 | 2009-03-25 | Axalto SA | Method and system for obtaining a pin validation signal in a data processing unit |
| WO2009037259A1 (en) * | 2007-09-18 | 2009-03-26 | Axalto Sa | Method and system for obtaining a pin validation signal in a data processing unit |
| US8347105B2 (en) | 2007-09-18 | 2013-01-01 | Gemalto Sa | Method and system for obtaining a PIN validation signal in a data processing unit |
| CN102521546A (en) * | 2011-12-22 | 2012-06-27 | 福建联迪商用设备有限公司 | Method for realizing mutual authentication of self-service terminal and pin pad |
| CN102521546B (en) * | 2011-12-22 | 2014-10-08 | 福建联迪商用设备有限公司 | Method for realizing mutual authentication of self-service terminal and pin pad |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1252550A (en) | 2000-05-10 |
| CN1095112C (en) | 2002-11-27 |
| GB2355331B (en) | 2001-11-28 |
| GB0025325D0 (en) | 2000-11-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6857076B1 (en) | Data security for digital data storage | |
| US9003177B2 (en) | Data security for digital data storage | |
| US7861094B2 (en) | Data security for digital data storage | |
| US8572392B2 (en) | Access authentication method, information processing unit, and computer product | |
| US20030163738A1 (en) | Universal password generator | |
| US8782403B1 (en) | Method and apparatus for securing confidential data for a user in a computer | |
| CN104778954B (en) | A kind of CD subregion encryption method and system | |
| KR102542213B1 (en) | Real-time encryption/decryption security system and method for data in network based storage | |
| EP0334503A2 (en) | Data-processing apparatus and method | |
| GB2355331A (en) | Keyboard with password identification | |
| CN111859423A (en) | Information security encryption method and device | |
| US9684784B2 (en) | Systems and methods for securely storing data | |
| US20090249085A1 (en) | Security module and personalization method for such a security module | |
| JP3227536B2 (en) | Keyboard device and password authentication method using the same | |
| JP2006209198A (en) | Image forming device and image security program | |
| JP2006228139A (en) | Security management system | |
| JP2009003700A (en) | Program for permitting prescribed processing of application | |
| Schneier | Security pitfalls in cryptographic design | |
| WO2023140826A1 (en) | Device and methods for protecting computer systems against unauthorized access | |
| CN115917542A (en) | Data protection system | |
| JPH05282506A (en) | Ic card with optical memory and card processor | |
| JP2004260359A (en) | Data processor | |
| KR101416547B1 (en) | Method for automatic encryption and decryption of important file | |
| CN116561783A (en) | Data encryption method, device, storage medium and computer equipment | |
| CN115270150A (en) | Communication data encryption method, device, equipment and storage medium thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PCNP | Patent ceased through non-payment of renewal fee |
Effective date: 20041016 |