[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO1999011022A1 - Computer access control - Google Patents

Computer access control Download PDF

Info

Publication number
WO1999011022A1
WO1999011022A1 PCT/US1998/017798 US9817798W WO9911022A1 WO 1999011022 A1 WO1999011022 A1 WO 1999011022A1 US 9817798 W US9817798 W US 9817798W WO 9911022 A1 WO9911022 A1 WO 9911022A1
Authority
WO
WIPO (PCT)
Prior art keywords
computer
authorized user
operating space
user code
transponder
Prior art date
Application number
PCT/US1998/017798
Other languages
French (fr)
Inventor
Thomas G. Xydis
Original Assignee
Xydis Thomas G
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xydis Thomas G filed Critical Xydis Thomas G
Priority to KR1020007002102A priority Critical patent/KR20010023459A/en
Priority to DE69833121T priority patent/DE69833121T2/en
Priority to CA002296461A priority patent/CA2296461C/en
Priority to AU92077/98A priority patent/AU9207798A/en
Priority to JP2000508169A priority patent/JP3809067B2/en
Priority to EP98944562A priority patent/EP0993716B1/en
Publication of WO1999011022A1 publication Critical patent/WO1999011022A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly

Definitions

  • the subject invention relates to a method of controlling a computer system, and, more specifically, to a method of authenticating authorized users of the computer system.
  • a method of controlling a computer system comprising the steps of: disposing a computer in an operating space; supplying operating power to the computer; and placing the computer in a lockout mode to prevent operation of the computer software by a user.
  • a database of authorized user codes is compiled and a first authorized user code is placed in the operating space.
  • the operating space is scanned for the presence of an authorized user code and the presence of the first authorized user code is sensed in the operating space.
  • the first authorized user code is compared to the database for verification and the computer is unlocked for use by the first authorized user in response to sensing the authorized user code in the operating space.
  • the sensing for the presence of the first authorized user code in the operating space continues as the operation of the computer software by the authorized user is taking place.
  • a relocking the computer in the lockout mode occurs at the termination of the first authorized user code in the operating space as well as a locking of the software in a re-lockout operational status at the time of relocking to prevent operation of the computer software by a user.
  • the method is distinguished by a re-unlocking of the computer in response to sensing the first authorized user code upon re-introduction of the first authorized user code into the operating space and at the re-lockout operational status of the software whereby the authorized user may continue operation of the computer in the mode at which the first authorized user code was removed from the operating space.
  • the subject invention provides a method of not only placing a computer system in a lockout mode but also unlocking the computer in response to re-entry of the authorized user carrying an authorized user code into the computer space and in the operational status of the software at which the computer was placed in the lockout mode by the absence of the authorized user code. Therefore, the computer automatically goes to the lockout mode when the user leaves the computer space and automatically unlocks to the same place when that same user re-enters the computer space whereby the user is relieved of completely re-negotiating with the computer for access to the desired software program.
  • Figure 1 is a schematic view showing a computer system employed in the subject invention
  • Figure 2 is a block diagram of the components of the subject invention
  • FIG. 3 is a flow diagram showing one sequence of the steps of the subject invention.
  • Figure 4 is a flow diagram showing another sequence of the steps of the subject invention.
  • Figure 5 is a flow diagram showing yet another sequence of the steps of the subject invention.
  • a computer system is generally shown at 10 in Figure 1 for executing and the subject invention includes a method of controlling the computer system 10.
  • the system 10 includes a computer 12 operatively connected to a monitor 14 and a keyboard 16.
  • the computer 12 is disposed in an operating space which is limited to the space in which an operator would normally remain while operating the computer 12. Electrical power is supplied to the computer 12 through a switch 19 from an electrical outlet in the customary manner.
  • the system 10 also includes a radio frequency transceiver 20 and a radio frequency transponder 22.
  • the transceiver 20 may be internal or external to the computer 12 and transmits a radio frequency signal for scanning the operating space surrounding the computer 12.
  • a schematic of the system 10 is shown in Figure 2.
  • the computer 12 has the normal power switch 19 for supplying electrical operating power to the computer 12.
  • a communications controller 24 places the computer 12 in a lockout mode to prevent operation of the computer 12 software by any user.
  • the lockout mode is selectable in the computer 12 software.
  • the keyboard 16, including the mouse are disabled and the monitor 14 screen is blanked (e.g., a message or a screen saver), leaving the computer 12 free to function. This allows other operations to continue when in the lockout mode, such as printing and downloads. In addition, remote control of the computer 12 would be prevented in the lockout mode.
  • the computer 12 includes a database 26 of authorized user codes which is compiled and placed in the computer 12 by an authorized authority, i.e., a supervisor or control person. Normally, a specific code is inserted into the database 26 for each individual user and the database 26 could comprise one or more codes.
  • the transponder 22 places a specific authorized user code in the operating space surrounding the computer 12.
  • the transponder 22 is a radio frequency transmitter which contains one authorized user code.
  • each authorized user is issued a transponder 22 with that person's specific user code.
  • the method includes scanning the operating space for the presence of an authorized user code and sensing the presence of the first authorized user code in the operating space.
  • the scanning of the operating space is further defined as transmitting a radio frequency signal from the radio frequency transceiver 20.
  • the sensing of the radio frequency signal is further defined as placing a transponder 22 in the operating space and energizing the transponder 22 to send a response radio frequency signal carrying the first authorized user code, and receiving the response radio frequency at the transceiver 20.
  • the energizing of the transponder 22 is further defined as switching by a switch 27 controlling a source of energy, e.g., battery 28, on the transponder 22 to the normally off condition and switching the source of energy to the on condition only in response to the radio signal from the transceiver 20.
  • the transceiver 20 transmits a radio frequency signal which is lead by a wake-up signal which initiates a wake-up circuit on the transponder
  • the energizing of the transponder 22 may be defined as activating circuitry in the transponder 20 needed to process a signal received from the transceiver 20 and to respond to it. This circuitry is only activated in response to a radio signal from the transceiver 20.
  • the transceiver 20 transmits a radio frequency signal of which the first part is a wake-up signal. This wake-up signal initiates a wake-up circuit which switches the transponder 22 from a low current state (in which it is only capable of receiving and recognizing a wake-up signal) and a high current state in which it can process the signal from the transceiver 20, and responding accordingly.
  • the transponder 22 may transmit a radio frequency signal on a periodic basis (whenever it is activated by the user) and the transceiver 20 merely looks for the signal. Also, the transponder 22 may send an initiation signal into the computer 12 and wherein the scanning the operating space is further defined as scanning the operating space only in response to this initiation signal. Instead of a radio signal, the transceiver 20 may communicate with the transponder 22 via an infrared light frequency signal.
  • the computer 12 includes a comparator 29 for comparing the first authorized user code to the database 26 for verification, i.e., the first transponder 22 to enter the operating space.
  • the comparator 29 compares the authorized user code transmitted by the transponder 22 and received by the transceiver 20 to the database 26 of authorized users.
  • the communications controller 24 unlocks the computer 12 for use by the first authorized user in response to that sensing of the authorized user code in the operating space.
  • the manner in which the authorization occurs is selectable in the initial setup of the system. Upon authorization the computer 12 may just boot up.
  • an authorized user must be present when the computer 12 is turned on by the switch 27 before the computer 12 will boot up.
  • the computer 12 may boot up upon being powered by closing the switch 27 but stops at a log in screen and scans the operating space only when a user attempts to log in.
  • the scanner will only look for that user who logged in as controlled by the communications controller 24.
  • the method therefore, includes the step of logging into the computer 12 by the first authorized user and wherein the scanning of the operating space is further defined as scanning the operating space only for the presence of the first authorized user code in response to the logging in by the first authorized user.
  • the method includes the step of continuing the sensing for the presence of that first authorized user code in the operating space. And, in the event of termination of the first authorized user code in the operating space, a re-locking the computer 12 in the lockout mode occurs by the communications controller 24. At this time of relocking, a locking of the software in a re-lockout operational status is accomplished by a computer resource controller 30 to prevent operation of the computer 12 software by a user. Accordingly, the computer 12 locks out when an authorized user using the computer 12 leaves the operating space, i.e., more specifically, when the authorized user's transponder 22 leaves the operation space, the computer 12 is placed in the lockout mode.
  • the sensing for the presence of the first authorized user code in the operating space is further defined as sensing for predetermined periods of time separated by predetermined periods of time of non-sensing. This is controlled by a timer 32 connected to the communications controller 24. This sensing continues after the authorized transponder 22 has been removed from the operation space.
  • the software also includes the ability to allow a supervisor to review and monitor the applications or processes an authorized user is using or used.
  • the method includes the step of re-unlocking the computer 12 in response to sensing the first authorized user code upon re-introduction of the first authorized user code into the operating space and at the re-lockout operational status of the software whereby the authorized user may continue operation of the computer 12 in the mode at which the first authorized user code was removed from the operating space.
  • an authorized user may leave the operating space with the transponder 22 and upon re-entry, the computer 12 will unlock at the same operational status or mode in which it was placed in the lockout mode.
  • the method may also include the compiling of an access database 34 to link each of the authorized users to a predetermined array software for access upon unlocking of the computer 12.
  • the array or designated software programs accessible by one authorized user may be different from the array or designated software programs accessible by another authorized user.
  • the system 10 may also include other functions 36, such as a scanner, printer, etc.
  • the system 10 merely looks for the authorized user code to boot up.
  • an authorized user code must be present in the operating space for the computer 12 to boot up. If the computer 12 is powered up and cannot find an authorized user code for a predetermined length of time as established by the timer 32, then an error message may appear on the monitor 14 and the transceiver 20 stops scanning for a transponder 22. A sample message might be "press space key for access”.
  • the computer 12 is allowed to boot up when the power switch 27 is closed without an authorized user code present in the operating space, but stops at the log in screen on the monitor 14.
  • the transceiver 20 only begins to scan the operating space when a user tries to log in. In response to the log in, the transceiver 20 will only scan for the user code assigned to the person who logged in, i.e., it will not use the entire list of authorized users in the database 26. Yet another initiation procedure is to allow the computer 12 to just boot up to the locked out mode whereupon the transceiver 20 merely scans for an authorized user code.
  • the sequence of Figure 4 shows how the computer 12 verifies that the authorized user code remains in the operating space.
  • the sequence of Figure 5 illustrates how an authorized user gets back into the computer 12 after the computer 12 is in the lockout mode.
  • the unlocking from the lockout mode is software selectable.
  • One option is for the transceiver 20 to continually scan the operating space.
  • Another option is for the scanning to continue in response to depression of one or more keyboard 16 keys.
  • the transceiver 20 may scan only for the last authorized user code. It is important, however, that the computer 12 will unlock and return to the same operational mode in which it was placed in the lockout mode so that the authorized user takes up where the user left off.
  • multiple authorized users may be running independent sessions on the same computer 12 with each authorized user having access via the access database 34 only to authorized software and programs.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Lock And Its Accessories (AREA)
  • Selective Calling Equipment (AREA)
  • Safety Devices In Control Systems (AREA)
  • Control By Computers (AREA)
  • Vehicle Body Suspensions (AREA)
  • Debugging And Monitoring (AREA)
  • Exchange Systems With Centralized Control (AREA)

Abstract

A method of controlling a computer system (10) comprising the steps of: disposing a computer (12) in an operating space and placing the computer (12) in a lockout mode to prevent operation of the computer software by a user. A database (26) of authorized user codes is compiled in the computer. A transponder (20) places a first authorized user code in the operating space and a transceiver (18) scans the operating space for the presence of a transponder transmitting an authorized user code and senses the presence of the first authorized user code in the operating space. A comparator (29) compares the first authorized user code to the database (26) for verification to unlock the computer (12) for use by the first authorized user in response to sensing the authorized user code in the operating space. The authorized user then is free to operate the computer software while the sensing for the presence of a transponder (20) transmitting an authorized user code in the operating space is continued.

Description

COMPUTER ACCESS CONTROL
BACKGROUND OF THE INVENTION
1. Field of the Invention
The subject invention relates to a method of controlling a computer system, and, more specifically, to a method of authenticating authorized users of the computer system.
2. Description of the Prior Art
Various systems are known for controlling the operation of a computer system. One such system is disclosed in U.S. Patent 5,202,929 to Lemelson wherein physical characteristics of a user are automatically analyzed and compared to the characteristics of authorized users. The computer is enabled and disabled as the authorized user comes and goes. Another system is disclosed in U.S. Patent 5, 131 ,038 to Puhl et al. wherein verification of the authorized user is accomplished by communication between radio frequency transceivers.
SUMMARY OF THE INVENTION AND ADVANTAGES
A method of controlling a computer system comprising the steps of: disposing a computer in an operating space; supplying operating power to the computer; and placing the computer in a lockout mode to prevent operation of the computer software by a user. A database of authorized user codes is compiled and a first authorized user code is placed in the operating space. The operating space is scanned for the presence of an authorized user code and the presence of the first authorized user code is sensed in the operating space. The first authorized user code is compared to the database for verification and the computer is unlocked for use by the first authorized user in response to sensing the authorized user code in the operating space. The sensing for the presence of the first authorized user code in the operating space continues as the operation of the computer software by the authorized user is taking place. A relocking the computer in the lockout mode occurs at the termination of the first authorized user code in the operating space as well as a locking of the software in a re-lockout operational status at the time of relocking to prevent operation of the computer software by a user. The method is distinguished by a re-unlocking of the computer in response to sensing the first authorized user code upon re-introduction of the first authorized user code into the operating space and at the re-lockout operational status of the software whereby the authorized user may continue operation of the computer in the mode at which the first authorized user code was removed from the operating space.
Accordingly, the subject invention provides a method of not only placing a computer system in a lockout mode but also unlocking the computer in response to re-entry of the authorized user carrying an authorized user code into the computer space and in the operational status of the software at which the computer was placed in the lockout mode by the absence of the authorized user code. Therefore, the computer automatically goes to the lockout mode when the user leaves the computer space and automatically unlocks to the same place when that same user re-enters the computer space whereby the user is relieved of completely re-negotiating with the computer for access to the desired software program.
BRIEF DESCRIPTION OF THE DRAWINGS
Other advantages of the present invention will be readily appreciated as the same becomes better understood by reference to the following detailed description when considered in connection with the accompanying drawings wherein:
Figure 1 is a schematic view showing a computer system employed in the subject invention; Figure 2 is a block diagram of the components of the subject invention;
Figure 3 is a flow diagram showing one sequence of the steps of the subject invention;
Figure 4 is a flow diagram showing another sequence of the steps of the subject invention;; and Figure 5 is a flow diagram showing yet another sequence of the steps of the subject invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
Referring to the Figures, wherein like numerals indicate like or corresponding parts throughout the several views, a computer system is generally shown at 10 in Figure 1 for executing and the subject invention includes a method of controlling the computer system 10.
The system 10 includes a computer 12 operatively connected to a monitor 14 and a keyboard 16. The computer 12 is disposed in an operating space which is limited to the space in which an operator would normally remain while operating the computer 12. Electrical power is supplied to the computer 12 through a switch 19 from an electrical outlet in the customary manner. The system 10 also includes a radio frequency transceiver 20 and a radio frequency transponder 22. The transceiver 20 may be internal or external to the computer 12 and transmits a radio frequency signal for scanning the operating space surrounding the computer 12. A schematic of the system 10 is shown in Figure 2. The computer 12 has the normal power switch 19 for supplying electrical operating power to the computer 12. A communications controller 24 places the computer 12 in a lockout mode to prevent operation of the computer 12 software by any user. The lockout mode is selectable in the computer 12 software. In the preferred lockout mode, the keyboard 16, including the mouse, are disabled and the monitor 14 screen is blanked (e.g., a message or a screen saver), leaving the computer 12 free to function. This allows other operations to continue when in the lockout mode, such as printing and downloads. In addition, remote control of the computer 12 would be prevented in the lockout mode.
The computer 12 includes a database 26 of authorized user codes which is compiled and placed in the computer 12 by an authorized authority, i.e., a supervisor or control person. Normally, a specific code is inserted into the database 26 for each individual user and the database 26 could comprise one or more codes.
The transponder 22 places a specific authorized user code in the operating space surrounding the computer 12. In the preferred embodiment, the transponder 22 is a radio frequency transmitter which contains one authorized user code. In other words, each authorized user is issued a transponder 22 with that person's specific user code. The method includes scanning the operating space for the presence of an authorized user code and sensing the presence of the first authorized user code in the operating space. The scanning of the operating space is further defined as transmitting a radio frequency signal from the radio frequency transceiver 20. The sensing of the radio frequency signal is further defined as placing a transponder 22 in the operating space and energizing the transponder 22 to send a response radio frequency signal carrying the first authorized user code, and receiving the response radio frequency at the transceiver 20. The energizing of the transponder 22 is further defined as switching by a switch 27 controlling a source of energy, e.g., battery 28, on the transponder 22 to the normally off condition and switching the source of energy to the on condition only in response to the radio signal from the transceiver 20. In the preferred embodiment, the transceiver 20 transmits a radio frequency signal which is lead by a wake-up signal which initiates a wake-up circuit on the transponder
22 to switch energy on from a small battery 28 carried by the transponder 22. Therefore, the energizing of the transponder 22 may be defined as activating circuitry in the transponder 20 needed to process a signal received from the transceiver 20 and to respond to it. This circuitry is only activated in response to a radio signal from the transceiver 20. In the preferred embodiment, the transceiver 20 transmits a radio frequency signal of which the first part is a wake-up signal. This wake-up signal initiates a wake-up circuit which switches the transponder 22 from a low current state (in which it is only capable of receiving and recognizing a wake-up signal) and a high current state in which it can process the signal from the transceiver 20, and responding accordingly.
Alternatively, the transponder 22 may transmit a radio frequency signal on a periodic basis (whenever it is activated by the user) and the transceiver 20 merely looks for the signal. Also, the transponder 22 may send an initiation signal into the computer 12 and wherein the scanning the operating space is further defined as scanning the operating space only in response to this initiation signal. Instead of a radio signal, the transceiver 20 may communicate with the transponder 22 via an infrared light frequency signal.
The computer 12 includes a comparator 29 for comparing the first authorized user code to the database 26 for verification, i.e., the first transponder 22 to enter the operating space. The comparator 29 compares the authorized user code transmitted by the transponder 22 and received by the transceiver 20 to the database 26 of authorized users. When that first authorized user code matches a code stored in the database 26, the communications controller 24 unlocks the computer 12 for use by the first authorized user in response to that sensing of the authorized user code in the operating space.
The manner in which the authorization occurs is selectable in the initial setup of the system. Upon authorization the computer 12 may just boot up.
In other words, an authorized user must be present when the computer 12 is turned on by the switch 27 before the computer 12 will boot up. Alternatively, the computer 12 may boot up upon being powered by closing the switch 27 but stops at a log in screen and scans the operating space only when a user attempts to log in. In this case, the scanner will only look for that user who logged in as controlled by the communications controller 24. The method, therefore, includes the step of logging into the computer 12 by the first authorized user and wherein the scanning of the operating space is further defined as scanning the operating space only for the presence of the first authorized user code in response to the logging in by the first authorized user.
Once the authorized user is identified, operation of the computer 12 software by the authorized user may freely occur. However, the method includes the step of continuing the sensing for the presence of that first authorized user code in the operating space. And, in the event of termination of the first authorized user code in the operating space, a re-locking the computer 12 in the lockout mode occurs by the communications controller 24. At this time of relocking, a locking of the software in a re-lockout operational status is accomplished by a computer resource controller 30 to prevent operation of the computer 12 software by a user. Accordingly, the computer 12 locks out when an authorized user using the computer 12 leaves the operating space, i.e., more specifically, when the authorized user's transponder 22 leaves the operation space, the computer 12 is placed in the lockout mode. The sensing for the presence of the first authorized user code in the operating space is further defined as sensing for predetermined periods of time separated by predetermined periods of time of non-sensing. This is controlled by a timer 32 connected to the communications controller 24. This sensing continues after the authorized transponder 22 has been removed from the operation space.
Dependent upon the initial system setup, it may be required for the user to tap the space bar to regain access. This would prevent a computer from scanning for a user all night or for weeks while the user is on vacation. It can operate by scanning for the user as the user is using the computer, but, if the user leaves the computer space for more than a predetermined time interval, the computer would stop searching for the user until the user performs a simple key action, such as depressing a key. The computer would again search for the user's transponder and only grant access it the user's code was present. A simple message could be printed on the screen, such as
"DEPRESS THE SPACE BAR FOR ACCESS". The software also includes the ability to allow a supervisor to review and monitor the applications or processes an authorized user is using or used.
The method includes the step of re-unlocking the computer 12 in response to sensing the first authorized user code upon re-introduction of the first authorized user code into the operating space and at the re-lockout operational status of the software whereby the authorized user may continue operation of the computer 12 in the mode at which the first authorized user code was removed from the operating space. In other words, an authorized user may leave the operating space with the transponder 22 and upon re-entry, the computer 12 will unlock at the same operational status or mode in which it was placed in the lockout mode.
The method may also include the compiling of an access database 34 to link each of the authorized users to a predetermined array software for access upon unlocking of the computer 12. In other words, the array or designated software programs accessible by one authorized user may be different from the array or designated software programs accessible by another authorized user. The system 10 may also include other functions 36, such as a scanner, printer, etc.
The flow charts depicted in Figures 3 through 5 show operation of the system 10 and steps of the method.
As to initial authorization, three basic options exist. In the first, the system 10 merely looks for the authorized user code to boot up. When the computer 12 is first turned on by the switch 27 , an authorized user code must be present in the operating space for the computer 12 to boot up. If the computer 12 is powered up and cannot find an authorized user code for a predetermined length of time as established by the timer 32, then an error message may appear on the monitor 14 and the transceiver 20 stops scanning for a transponder 22. A sample message might be "press space key for access". Alternatively, the computer 12 is allowed to boot up when the power switch 27 is closed without an authorized user code present in the operating space, but stops at the log in screen on the monitor 14. The transceiver 20 only begins to scan the operating space when a user tries to log in. In response to the log in, the transceiver 20 will only scan for the user code assigned to the person who logged in, i.e., it will not use the entire list of authorized users in the database 26. Yet another initiation procedure is to allow the computer 12 to just boot up to the locked out mode whereupon the transceiver 20 merely scans for an authorized user code.
The sequence of Figure 4 shows how the computer 12 verifies that the authorized user code remains in the operating space. The sequence of Figure 5 illustrates how an authorized user gets back into the computer 12 after the computer 12 is in the lockout mode. The unlocking from the lockout mode is software selectable. One option is for the transceiver 20 to continually scan the operating space. Another option is for the scanning to continue in response to depression of one or more keyboard 16 keys. In this case, the transceiver 20 may scan only for the last authorized user code. It is important, however, that the computer 12 will unlock and return to the same operational mode in which it was placed in the lockout mode so that the authorized user takes up where the user left off. Furthermore, multiple authorized users may be running independent sessions on the same computer 12 with each authorized user having access via the access database 34 only to authorized software and programs.
The invention has been described in an illustrative manner, and it is to be understood that the terminology which has been used is intended to be in the nature of words of description rather than of limitation.
Obviously, many modifications and variations of the present invention are possible in light of the above teachings. It is, therefore, to be understood that within the scope of the appended claims, wherein reference numerals are merely for convenience and are not to be in any way limiting, the invention may be practiced otherwise than as specifically described.

Claims

CLAEVIS
What is claimed is:
L A method of controlling a computer (12) system (10) comprising the steps of: disposing a computer (12) in an operating space; supplying operating power to the computer (12); placing the computer (12) in a lockout mode to prevent operation of the computer (12) software by a user; compiling a database (26) of authorized user codes; placing a first authorized user code in the operating space; scanning the operating space for the presence of an authorized user code and sensing the presence of the first authorized user code in the operating space; comparing the first authorized user code to the database (26) for verification; unlocking the computer (12) for use by the first authorized user in response to sensing the authorized user code in the operating space; operating the computer software by the authorized user; continuing the sensing for the presence of the first authorized user code in the operating space; relocking the computer (12) in the lockout mode at the termination of the first authorized user code in the operating space and locking the software in a re-lockout operational status at the time of relocking to prevent operation of the computer (12) software by a user; and re-unlocking the computer (12) in response to sensing the first authorized user code upon re-introduction of the first authorized user code into the operating space and at the re-lockout operational status of the software whereby the authorized user may continue operation of the computer (12) in the mode at which the first authorized user code was removed from the operating space.
2. A method as set forth in claim 1 wherein the continuing the sensing for the presence of the first authorized user code in the operating space is further defined as sensing for predetermined periods of time separated by predetermined periods of time of non-sensing.
3. A method as set forth in claim 1 including the step of logging into the computer (12) by the first authorized user and wherein the scanning the operating space is further defined as scanning the operating space only for the presence of the first authorized user code in response to the logging in by the first authorized user.
4. A method as set forth in claim 1 including the step of sending an initiation signal into the computer (12) and wherein the scanning the operating space is further defined as scanning the operating space only in response to the initiation signal.
5. A method as set forth in claim 1 compiling an access database (34) to link each of the authorized users to a predetermined array software for access upon unlocking of the computer (12).
6. A method as set forth in claim 1 placing a radio frequency transceiver (20) on the computer (12) and wherein the scanning of the operating space is further defined as transmitting a radio frequency signal from the radio frequency transceiver (20).
7. A method as set forth in claim 6 wherein the sensing of the radio frequency signal is further defined as placing a transponder (22) in the operating space and energizing the transponder (22) to send a response radio frequency signal carrying the first authorized user code, and receiving the response radio frequency at the transceiver (20).
8. A method as set forth in claim 7 wherein the energizing of the transponder (22) is further defined as switching a source of energy on the transponder (22) to the normally off condition and switching the source of energy to the on condition only in response to the radio signal
9. A method as set forth in claim 1 placing an infrared frequency transceiver (20) on the computer (12) and wherein the scanning of the operating space is further defined as transmitting an infrared frequency signal from the transceiver (20).
10. A method as set forth in claim 9 wherein the sensing of the infrared frequency signal is further defined as placing a transponder (22) in the operating space and energizing the transponder (22) to send a response infrared frequency signal carrying the first authorized user code, and receiving the response infrared frequency at the transceiver (20).
11. A method as set forth in claim 10 wherein the energizing of the transponder (22) is further defined as switching a source of energy on the transponder (22) to the normally off condition and switching the source of energy to the on condition only in response to the infrared signal.
PCT/US1998/017798 1997-08-27 1998-08-27 Computer access control WO1999011022A1 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
KR1020007002102A KR20010023459A (en) 1997-08-27 1998-08-27 Computer access control
DE69833121T DE69833121T2 (en) 1997-08-27 1998-08-27 ACCESS CONTROL FOR COMPUTER SYSTEM
CA002296461A CA2296461C (en) 1997-08-27 1998-08-27 Computer access control
AU92077/98A AU9207798A (en) 1997-08-27 1998-08-27 Computer access control
JP2000508169A JP3809067B2 (en) 1997-08-27 1998-08-27 Computer access control
EP98944562A EP0993716B1 (en) 1997-08-27 1998-08-27 Computer access control

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US08/920,544 US6070240A (en) 1997-08-27 1997-08-27 Computer access control
US08/920,544 1997-08-27

Publications (1)

Publication Number Publication Date
WO1999011022A1 true WO1999011022A1 (en) 1999-03-04

Family

ID=25443924

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1998/017798 WO1999011022A1 (en) 1997-08-27 1998-08-27 Computer access control

Country Status (10)

Country Link
US (1) US6070240A (en)
EP (1) EP0993716B1 (en)
JP (1) JP3809067B2 (en)
KR (1) KR20010023459A (en)
CN (1) CN1126322C (en)
AT (1) ATE315291T1 (en)
AU (1) AU9207798A (en)
CA (1) CA2296461C (en)
DE (1) DE69833121T2 (en)
WO (1) WO1999011022A1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001023694A1 (en) * 1999-09-27 2001-04-05 Tactel Ab Automatic locking system
GB2360610A (en) * 2000-03-22 2001-09-26 Newmark Technology Group Plc Computer access control and security system
EP1236085A1 (en) * 1999-12-01 2002-09-04 Ensure Technologies Inc. Method of linking authorized users to a plurality of devices
SG93268A1 (en) * 1999-09-28 2002-12-17 Swatch Ag Method for authorising access to computer applications
DE10155092A1 (en) * 2001-11-09 2003-05-28 Siemens Ag Release or activation method for computer software, especially for time-limited software use, whereby a computer communicates with a separate transponder that provides an activation code for time limited use of a program component
JP2006325232A (en) * 1999-12-01 2006-11-30 Ensure Technologies Inc Radio based proximity token with multiple antennas
CN1318963C (en) * 2000-02-11 2007-05-30 英特尔公司 Protected boot flow
EP1912150A1 (en) * 2006-09-18 2008-04-16 Seco Technology Co., Ltd. Device and method for restricting and managing data transmission
EP2110329B1 (en) 2008-04-18 2016-05-11 MULTIVAC Sepp Haggenmüller SE & Co. KG Packaging machine with at least one reporting device and data carrier

Families Citing this family (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8352400B2 (en) 1991-12-23 2013-01-08 Hoffberg Steven M Adaptive pattern recognition based controller apparatus and method and human-factored interface therefore
US6070243A (en) * 1997-06-13 2000-05-30 Xylan Corporation Deterministic user authentication service for communication network
US6593845B1 (en) * 1998-01-09 2003-07-15 Intermac Ip Corp. Active RF tag with wake-up circuit to prolong battery life
US6367020B1 (en) * 1998-03-09 2002-04-02 Micron Technology, Inc. System for automatically initiating a computer security and/or screen saver mode
US6401209B1 (en) * 1998-03-09 2002-06-04 Micron Technology, Inc. Method for automatically initiating a computer security and/or screen saver mode
US7966078B2 (en) 1999-02-01 2011-06-21 Steven Hoffberg Network media appliance system and method
US6560711B1 (en) * 1999-05-24 2003-05-06 Paul Given Activity sensing interface between a computer and an input peripheral
US7007174B2 (en) * 2000-04-26 2006-02-28 Infoglide Corporation System and method for determining user identity fraud using similarity searching
ES2188444T3 (en) * 2000-05-05 2003-07-01 Edomat Deutschland Treuhand Un PROCEDURE FOR THE MANAGEMENT AND ADMINISTRATIVE CONTROL OF DEVICES OF THE AERONAUTICAL INDUSTRY TO BE SUBJECTED TO CHECKS.
US6837422B1 (en) * 2000-09-01 2005-01-04 Heimann Systems Gmbh Service unit for an X-ray examining device
US20020073306A1 (en) * 2000-09-08 2002-06-13 Gaspare Aluzzo System and method for protecting information stored on a computer
US6763315B2 (en) 2000-11-29 2004-07-13 Ensure Technologies, Inc. Method of securing access to a user having an enhanced security proximity token
US20020129285A1 (en) * 2001-03-08 2002-09-12 Masateru Kuwata Biometric authenticated VLAN
US20020141586A1 (en) * 2001-03-29 2002-10-03 Aladdin Knowledge Systems Ltd. Authentication employing the bluetooth communication protocol
US7302571B2 (en) * 2001-04-12 2007-11-27 The Regents Of The University Of Michigan Method and system to maintain portable computer data secure and authentication token for use therein
US8209753B2 (en) * 2001-06-15 2012-06-26 Activcard, Inc. Universal secure messaging for remote security tokens
US20040218762A1 (en) * 2003-04-29 2004-11-04 Eric Le Saint Universal secure messaging for cryptographic modules
US20030034877A1 (en) * 2001-08-14 2003-02-20 Miller Brett E. Proximity detection for access control
US7069444B2 (en) * 2002-01-25 2006-06-27 Brent A. Lowensohn Portable wireless access to computer-based systems
US6829606B2 (en) * 2002-02-14 2004-12-07 Infoglide Software Corporation Similarity search engine for use with relational databases
US7299364B2 (en) * 2002-04-09 2007-11-20 The Regents Of The University Of Michigan Method and system to maintain application data secure and authentication token for use therein
JP2004102682A (en) * 2002-09-10 2004-04-02 Nec Corp Terminal lock system and terminal lock method
US7295115B2 (en) * 2002-10-18 2007-11-13 Aeroscout, Ltd. Radio-frequency identification (RFID) tag employing unique reception window and method therefor
DE10350174A1 (en) * 2002-11-29 2004-06-24 Siemens Ag Logging users onto data processing devices involves getting authentication data, deriving identity/access rights, granting access independently of starting operating system/data processing application
GB2400196A (en) * 2003-04-02 2004-10-06 Nec Technologies Restricting access to a mobile phone, laptop etc. using an authorization procedure involving a separate transceiver
US20050076242A1 (en) * 2003-10-01 2005-04-07 Rolf Breuer Wireless access management and control for personal computing devices
US20050204144A1 (en) * 2004-03-10 2005-09-15 Kabushiki Kaisha Toshiba Image processing apparatus and personal information management program
US7061366B2 (en) * 2004-04-12 2006-06-13 Microsoft Corporation Finding location and ranging explorer
US7031809B2 (en) * 2004-05-21 2006-04-18 Jens Erik Sorensen Remote control of automobile component arrangements
JP2005352710A (en) * 2004-06-10 2005-12-22 Hitachi Ltd Individual authenticating device
US7725716B2 (en) * 2004-06-28 2010-05-25 Japan Communications, Inc. Methods and systems for encrypting, transmitting, and storing electronic information and files
US7760882B2 (en) * 2004-06-28 2010-07-20 Japan Communications, Inc. Systems and methods for mutual authentication of network nodes
US20060026268A1 (en) * 2004-06-28 2006-02-02 Sanda Frank S Systems and methods for enhancing and optimizing a user's experience on an electronic device
DE102004045001A1 (en) * 2004-09-16 2005-09-01 Siemens Ag Computer workstation with access protection, e.g. by a password regulated screen-saver, has an additional distance sensor for measuring the distance of a user from the computer and controlling access protection accordingly
US7748636B2 (en) * 2004-11-16 2010-07-06 Dpd Patent Trust Ltd. Portable identity card reader system for physical and logical access
US8553885B2 (en) * 2005-01-27 2013-10-08 Blackberry Limited Wireless personal area network having authentication and associated methods
US7213768B2 (en) * 2005-03-16 2007-05-08 Cisco Technology, Inc. Multiple device and/or user association
US7298272B2 (en) * 2005-04-29 2007-11-20 Hewlett-Packard Development Company, L.P. Remote detection employing RFID
US7330119B2 (en) * 2005-04-29 2008-02-12 Hewlett-Packard Development Company, L.P. Remote measurement employing RFID
US7330120B2 (en) * 2005-04-29 2008-02-12 Hewlett-Packard Development Company, L.P. Remote measurement of motion employing RFID
US20060271788A1 (en) * 2005-05-24 2006-11-30 An-Sheng Chang Access method for wireless authentication login system
US8370639B2 (en) * 2005-06-16 2013-02-05 Sensible Vision, Inc. System and method for providing secure access to an electronic device using continuous facial biometrics
US20060294388A1 (en) * 2005-06-22 2006-12-28 International Business Machines Corporation Method and system for enhancing user security and session persistence
US20060290519A1 (en) * 2005-06-22 2006-12-28 Boate Alan R Two-way wireless monitoring system and method
US7607014B2 (en) * 2005-06-30 2009-10-20 Hewlett-Packard Development Company, L.P. Authenticating maintenance access to an electronics unit via wireless communication
US20070006298A1 (en) * 2005-06-30 2007-01-04 Malone Christopher G Controlling access to a workstation system via wireless communication
US7737847B2 (en) * 2005-06-30 2010-06-15 Hewlett-Packard Development Company, L.P. Wireless monitoring for an electronics system
US7400252B2 (en) * 2005-06-30 2008-07-15 Hewlett-Packard Development Company, L.P. Wireless monitoring of component compatibility in an electronics system
US7336153B2 (en) * 2005-06-30 2008-02-26 Hewlett-Packard Development Company, L.P. Wireless temperature monitoring for an electronics system
US8191161B2 (en) * 2005-12-13 2012-05-29 Microsoft Corporation Wireless authentication
CN1991686B (en) * 2005-12-31 2012-10-10 联想(北京)有限公司 Computer electric power management device and method
DE102007000972A1 (en) * 2007-10-25 2009-04-30 Siemens Ag Method for operating a system and system
US8543831B2 (en) * 2007-11-14 2013-09-24 Qimonda Ag System and method for establishing data connections between electronic devices
TWI425379B (en) * 2008-12-30 2014-02-01 Mstar Semiconductor Inc Automatic lock and automatic unlock method for computer system and computer system thereof
US9509676B1 (en) * 2013-04-30 2016-11-29 United Services Automobile Association (Usaa) Efficient startup and logon
US9430624B1 (en) * 2013-04-30 2016-08-30 United Services Automobile Association (Usaa) Efficient logon
US9363264B2 (en) 2013-11-25 2016-06-07 At&T Intellectual Property I, L.P. Networked device access control

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5343529A (en) * 1993-09-28 1994-08-30 Milton Goldfine Transaction authentication using a centrally generated transaction identifier
US5629981A (en) * 1994-07-29 1997-05-13 Texas Instruments Incorporated Information management and security system
US5748084A (en) * 1996-11-18 1998-05-05 Isikoff; Jeremy M. Device security system
US5836010A (en) * 1995-03-14 1998-11-10 Samsung Electronics Co., Ltd. Personal computer using chip-in card to prevent unauthorized use

Family Cites Families (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5202929A (en) * 1979-09-24 1993-04-13 Lemelson Jerome H Data system and method
GB8408538D0 (en) * 1984-04-03 1984-05-16 Senelco Ltd Transmitter-responder systems
NL8501581A (en) * 1985-06-03 1987-01-02 Nedap Nv METHOD FOR SELECTIVE FILLING OR EMPTYING STORAGE OR STOCK TANKS.
US4951249A (en) * 1986-10-24 1990-08-21 Harcom Security Systems Corp. Method and apparatus for controlled access to a computer system
GB8627253D0 (en) * 1986-11-14 1986-12-17 Newmark Plc Louis Computer security system
FR2607264B1 (en) * 1986-11-25 1989-05-05 Jacques Lewiner IMPROVEMENTS TO PROXIMITY IDENTIFICATION DEVICES
EP0295658B1 (en) * 1987-06-16 1993-09-08 Casio Computer Company Limited Nameplate apparatus incorporating communication unit
US4837568A (en) * 1987-07-08 1989-06-06 Snaper Alvin A Remote access personnel identification and tracking system
US4980913A (en) * 1988-04-19 1990-12-25 Vindicator Corporation Security system network
US5581763A (en) * 1988-06-14 1996-12-03 Progressive Technology Inc. Secure architecture and apparatus using an independent computer cartridge
US5493283A (en) * 1990-09-28 1996-02-20 Olivetti Research Limited Locating and authentication system
US5131038A (en) * 1990-11-07 1992-07-14 Motorola, Inc. Portable authentification system
GB2257278B (en) * 1991-06-28 1995-01-25 Esselte Meto Int Gmbh Security and information display
NL9101506A (en) * 1991-09-06 1993-04-01 Nederland Ptt Method for securing personal computers, computer terminals and the like
US5373282A (en) * 1992-02-04 1994-12-13 Carter; Ronald L. Dealer information and security apparatus and method
US5406261A (en) * 1993-01-11 1995-04-11 Glenn; James T. Computer security apparatus and method
US5668929A (en) * 1993-01-21 1997-09-16 Hirsch Electronics Corporation Speech activated security systems and methods
US5477215A (en) * 1993-08-02 1995-12-19 At&T Corp. Arrangement for simultaneously interrogating a plurality of portable radio frequency communication devices
US5841868A (en) * 1993-09-21 1998-11-24 Helbig, Sr.; Walter Allen Trusted computer system
AUPM402394A0 (en) * 1994-02-23 1994-03-17 Monaad Corporation Pty Limited Security access arrangement
US5615277A (en) * 1994-11-28 1997-03-25 Hoffman; Ned Tokenless security system for authorizing access to a secured computer system
US5736935A (en) * 1995-03-14 1998-04-07 Trw Inc. Keyless vehicle entry and engine starting system
US5892901A (en) * 1997-06-10 1999-04-06 The United States Of America As Represented By The Secretary Of The Navy Secure identification system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5343529A (en) * 1993-09-28 1994-08-30 Milton Goldfine Transaction authentication using a centrally generated transaction identifier
US5629981A (en) * 1994-07-29 1997-05-13 Texas Instruments Incorporated Information management and security system
US5836010A (en) * 1995-03-14 1998-11-10 Samsung Electronics Co., Ltd. Personal computer using chip-in card to prevent unauthorized use
US5748084A (en) * 1996-11-18 1998-05-05 Isikoff; Jeremy M. Device security system

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001023694A1 (en) * 1999-09-27 2001-04-05 Tactel Ab Automatic locking system
SG93268A1 (en) * 1999-09-28 2002-12-17 Swatch Ag Method for authorising access to computer applications
JP2006325232A (en) * 1999-12-01 2006-11-30 Ensure Technologies Inc Radio based proximity token with multiple antennas
EP1236085A1 (en) * 1999-12-01 2002-09-04 Ensure Technologies Inc. Method of linking authorized users to a plurality of devices
EP1236085A4 (en) * 1999-12-01 2004-11-10 Ensure Technologies Inc Method of linking authorized users to a plurality of devices
CN1318963C (en) * 2000-02-11 2007-05-30 英特尔公司 Protected boot flow
GB2360610A (en) * 2000-03-22 2001-09-26 Newmark Technology Group Plc Computer access control and security system
DE10155092B4 (en) * 2001-11-09 2006-10-05 Siemens Ag Activation method for a utility part of a computer program and associated facilities
DE10155092A1 (en) * 2001-11-09 2003-05-28 Siemens Ag Release or activation method for computer software, especially for time-limited software use, whereby a computer communicates with a separate transponder that provides an activation code for time limited use of a program component
CN100426176C (en) * 2001-11-09 2008-10-15 西门子公司 Release method and relevant device for computer application program product
US7555654B2 (en) 2001-11-09 2009-06-30 Siemens Aktiengesellschaft Apparatus, transponder, computer program product and method for enabling an active part of a computer program
EP1912150A1 (en) * 2006-09-18 2008-04-16 Seco Technology Co., Ltd. Device and method for restricting and managing data transmission
EP2110329B1 (en) 2008-04-18 2016-05-11 MULTIVAC Sepp Haggenmüller SE & Co. KG Packaging machine with at least one reporting device and data carrier
EP2110329B2 (en) 2008-04-18 2020-11-04 MULTIVAC Sepp Haggenmüller SE & Co. KG Packaging machine with at least one reporting device

Also Published As

Publication number Publication date
AU9207798A (en) 1999-03-16
KR20010023459A (en) 2001-03-26
DE69833121T2 (en) 2006-08-31
EP0993716A1 (en) 2000-04-19
EP0993716A4 (en) 2000-12-20
US6070240A (en) 2000-05-30
CA2296461C (en) 2008-05-13
CA2296461A1 (en) 1999-03-04
DE69833121D1 (en) 2006-03-30
ATE315291T1 (en) 2006-02-15
JP2001514424A (en) 2001-09-11
EP0993716B1 (en) 2006-01-04
CN1268270A (en) 2000-09-27
CN1126322C (en) 2003-10-29
JP3809067B2 (en) 2006-08-16

Similar Documents

Publication Publication Date Title
US6070240A (en) Computer access control
EP3309330B1 (en) Electronic locking device dual authentication system using electronic key
US7109843B2 (en) Remote control system for controlling a vehicle with priority of control access being assigned to the most recent user of the vehicle
US7015791B2 (en) Keyless entry module and method
US5736935A (en) Keyless vehicle entry and engine starting system
US7791452B2 (en) Wireless access control and event controller system
WO2008073616A2 (en) Access control system
US20060139149A1 (en) Method, apparatus and system for controlling access to a cabinet
CN100516441C (en) Remote controllable door-lock device
WO2006058415A1 (en) Security access device and method
WO2001023694A1 (en) Automatic locking system
EP1502172B1 (en) Information security
MXPA00001691A (en) Computer access control
KR102656623B1 (en) Wireless door lock
KR102656622B1 (en) Wireless door lock
JP2597044B2 (en) IC card
KR200300160Y1 (en) Door Locking Device with Fingerprint recognition function
KR200378868Y1 (en) Apparatus for authenticating opening and closing of door
KR20220016561A (en) Door lock system and supporting door lock module
KR20200042281A (en) Smart door lock
KR20010056453A (en) Card-key type apparatus for locking and releasing door in auto mobile and method of the same
WO2000065181A1 (en) Anti-theft apparatus
KR20100032238A (en) Digital door lock selectively operable in one of automatic and manual modes and a control method thereof
CA2179352A1 (en) Secure electronic entry system

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 98808545.3

Country of ref document: CN

AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref document number: 2296461

Country of ref document: CA

Ref document number: 2296461

Country of ref document: CA

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 1998944562

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: PA/a/2000/001691

Country of ref document: MX

ENP Entry into the national phase

Ref document number: 2000 508169

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 1020007002102

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 1998944562

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWP Wipo information: published in national office

Ref document number: 1020007002102

Country of ref document: KR

WWW Wipo information: withdrawn in national office

Ref document number: 1020007002102

Country of ref document: KR

WWG Wipo information: grant in national office

Ref document number: 1998944562

Country of ref document: EP