Note : Les descriptions sont présentées dans la langue officielle dans laquelle elles ont été soumises.
WO90/109t9 2 ~ $/00142
Controiler card and associated reading unit
.
~he present invention relates to a controller card and
an associated reading unit which permits access to a
computer, main frame or data base or hardware to
which it is connected.
The use of cards as a means for gaining access to computers
is well known in the art. The card is used as an identifying
member which, once it is accepted, permits access only with
respect to an individual code related to the identifying code
on the card. When confirmation of the acceptance of the
individual code has been obtained, a specific program stored
in the computer is started. This program specifies the
competence of the possessor of the card and permits access
in accordance with this competence. Thus, the competence of
different users is always incorporated in the program. Any
amendment requires amendment of the main program. Such a
process has great deficiencies, in particularly as regards
to security and integrity. With respect to security, all
information is avaiable to the programmer who thereby obtains
an uncontrolled positoin of power. Since the programmer has
access to all in~ormation as well as to the competence of
each user, which moreover he or she has specified himself,
it is clear that with such a process sensitive information
lacks a satisfactory security protection. A system which to
such a high degree is based on the contributions of a single
person is of course very vulnerable. It is also time consuming
and inflexible, as the activity depends on the presence and
availability of this single person. The system is also time
consuming, as the competence of each user is stored. This
implies taht the computer must constantly search the competence
of the various users to permit access, which implies a long
searching time as the computer is occupied by ~his operating
step. Also a large storage capacity is required.~
Another substantlal deficiancy of existing system relates
to the integr.ity. Problems rela~ng to secrecy and integrity
are presently considerable. In various sectors of the society,
such as nursing, insurance, banking, defense, industry etc,
the same problem complex is met: How can sensitive information
WO90/t0919 ~ 2 PCT/SE90/00142
be protected? How can access to and authority to gain access
to or to use data or the like be apportioned and/or limited?
Computers exist which are provided with means for permitting
access by means of magnetic code cards, IC cards with for
example ~OM, EPROM with associated readers and program ware.
The use of so called "smart cards", i.e. cards having a
memory circuit, is carried out so that information is stored.
Such a "smart card", when used for example for medicinal
purposes, enables data about the patient, for example blood
pressure, to be stored. When the card is inserted the blood
pressure of the individual for a certain specified period of
time is read. Data which have been stores in this manner
are only particulars, information or the like and forms only
working data, i.e. memory data intended for processing or
comparison.
US patent 3 764 742 discloses a cryptographic identifying
card. This cryptographic card is used as an identification
system. After identification the software program iakes over
and gives the user access to a given account or the like.
In this connection a programmer is required who makes up
an extensive program for this purpose.
The present invention is intended to eliminate such disad-
vantages, and the invention is more particularly disclosed
by the following description, the accompanying drawings and
the patant claims.
The controller card according to the invention comprises
at least an identifying code which is associated with an
individual code and at least one using andtor refërence
characteristic in co-operation with a discriminating operative
`system (input/output characteristic system) which constantly
~checks and controls that the use of the controller card is
carried out in accordance with the-directions and limitations
which are associated with the-using and/or reference charac-
teristics comprised in the-card. When using the card according
to the invention the identifying code is checked, whereupon
the user is directed to state the individual code. On agreement
between the individual code and the identifying code the
using and/or reference characteristics which are comprised
in the card are raed in a reading unit, whereupon access to
. .
WO90/10919 3 2 ~ 3 ~ PCT/SE90/00142
or access to and use of the computer, the data base or
the hardware to which it is connected, is granted in
accordance with the directions and limitations of the
using and/or reference characteristics. In the reading
unit the using and/or reference characteristics are read
in co-operation with an input/output system whereupon
access is permltted in accordance with the meaning of
the characteristics. As soon as the identifying code has
been confirmed by statement and acceptance of the individual
code, whereupon access has been permitted, a reading of
the using and/or reference characteristics comprised in
the card is started. Thereupon the possessor is permitted
access access or access and use of the computer, data base
or the like in accordance with the directions and limitations
of the using andlor reference characteristics. The using
characteristics specify a limitation, for example time, date,
area, level characteristics, which are comprised in the
controller card. This means that even if someone would know
the individual code of a single possessor, he or she cannot
find out which limitations this implies as regards access
or access and use of the computer or the like. Existing
systems on the other hand permit access according to stored
competence data which are related to the identifying code.
The controller card according to the invention permits access
or access and use of the computer, data base or hardware of
other type during a certain period of the day, during speci-
fied days, within a specified area and at a specified level.
Provided that identification has taken place, i.e. that the
identifying code of the card is accepted and/or the indivi-
dual code corresponds to the identifying code, the possessorcan make use of the card only in accordance with the using
and/or reference characteristics which ar~ imposed on him,
for example a certain time of the day ana specified days.
When these conditions are fulfilled, the possessor is allowed
to enter into his area, for example Cad, word-processing or
other area, and only with respect to the correct level
characteristic, i.e. that the possessor can for example only
update, copy etc.
i
wo go/10919 ~ 3 ~ ~ PCT/SE90/00142
~igure l shows a controller card according to the invention.
Figure 2 shows the reading unit corresponding to a controller
card.
Figure 3 shows schematically a series of events taking place
when inserting the card and when the identifying code is
accepted.
Figure l shows a controller card l. The controller card is
provided with a magnetic layer l , bar codes or the like.
In the card layer l there is provided an identifying code 2,
which corresponds to an individual code 3, and thereupon
follows at least one formatted using characteristic 4, which
is digitalized, coded or the like. This may be for example:
te m p o r a l u s i n g c h a r a c t e r i s t i c s,
i.e. specifying the time when the card is valid of access or
access and use,
d a t e u s i n g c h a r a c t e r i s t i c s, i.e.
specifying the period of time, such as days, months or
particular intervals, when the card is valid of access or
access and use,
a r e a u s i n g c h a r a c t e r i s t i c s, i.e.
specifying the area processing, for example CAD, book-keeping,
word-processing etc. to which access or access and use are
permitted.
l e v e l u s i n g c h a r a c t e r i s t i c s, i.e.
relating to the level within a certain area of use, for
example erasure, copying, opening of new documents etc, to
which access and use are permitted.
Since the card comprises using characteristics, the card
obtains a watching function and becomes a controller card
which can retain the possessor from unauthorized use of the
computer. Thëreby, the use of the computer or hardware
~ . . ~ . .................... ~ .
- whereto the controller card is connected can for example
be controlled so thàt the-possessor will not obtain accèss
in ùnauthorized time, date or month, during periods of
vacation etc~ If the competence or position or the like of
an employee is changed, the controller card is exchanged.
Thereby the competence and the access to the data processing
will be administered in a very simple manner. Additionally,
WO9U/10919 5 ~ , r~ Pcr/sEso/ool4~
..~
the use of the card produces an activation of the memory
unit of the processing reglster, which thereby documents
the identity of the user, the processing time, the
operations carried out and the time.
Using characteristics provided in the card opens up a
novel perspective with respect to security and integrlty
in a computerized society.
Existing cards with identifying codes from banking automatons
and other automatons, as well as identifying cards for com-
puters, h~ve had great deficiencies, since these cards can
be used by others at an other point of time or because of
the fact that several persons have access to the same
identifying card. The problem is that it is not possible to
show what each individual user has done. The present system
permits an identification which gives access to the use of
the computer, but it is not checked physically that the
user has authority to make use of the computer at certain
times, certain dates or the like.
When the user inserts his controller card in the reading unit,
his identifying code is read. If this is correct he is
requested to give his individual code whereupon the possessor
of the controller card indicates his individual code. If
this individual code corresponds to the identifying code
the possessor has identified himself. After this identification
the use characteristics or reference characteristics are
read whereupon access or access and use are permitted.
Figure 2 shows schematically the controller card with associated
reading unit according to the invention. The controller card 5
is used in co-operation with a reading unit 6 connected to
a key-board 7. The reading unit 6 with associated key-board 7
are connected to a processor 8, a memory unit and to the
input/output characteristic:system. These are connected to
an I/O identifying system wherè the identifying code`of the
individual is read whereupon a specific code for''the individual
is enter,ed and checked to correspond to the identifying code
'by the identifying circuit.
The memory unit comprises directories connected to an operating
register memory unit 10 which records the time of use, the
operations performed, when and by whom.
- : ~' . , '
'
.
W090/lO919 6 PCT/SE90/00~42
~ S~
Figure 3 shows schematically the sequence of operations
when a controller card is inserted into the reading unit.
When the controller card is inserted in the associated
reading unit the identifying code is checked whereupon the
individual code is requested. Upon agreement with the
entered individual code with the identifying code the c
computer or the like is opened and access or access and
use thereof are controlled in accordance with the limitations
and directions of the using and/or reference characteristics.
These using and reference characteristics comprise charac-
teristics for time, date, arèa, level etc.
An operating register memory unit co-operates with the
reading and different directories so that the whole sequence
of events is recorded. Access is now granted according to the
references and directions included in the formatted use and
reference characteristics. ~pon insertion of the controller
card and identification and acceptance the using and/or
reference characteristics are read. When the card includes
for example the temporal characteristics
tl = 8.00
t2 = 16.00
the possessor will have access or access and use of the
computer or the like between 8.00 and 16.00.
If there are only area characteristics its using and/or
reference characteristics are read whereupon the authorized
area is opened: for example Cad/cam directory, word-processing,
calculation, book-keeping etc. The area characteristic can
be for example invoicing in which case this area is opened.
Invoicing may be a directory for invoicing for services.
When the invoicing directory has been opened, access can thus
be limited to"'this area alone.
.....
Level,-characteristics relate to limitations within the
,. _ .
operating a~ea.In the example of invoicing it may be restric-
tions for example only to open up new files, i.e. write,
invoice'new services, or only to update in existing files.
All activities are recorded in the memory unit for the operating
register with the associated time when they were carried out.
Access is controlled according to the using and/or reference
characteristics under constant surveillance which is carried
WO90/tO919 2 ~ PCT/SE90100142
in co-operation with an input/output system. This input/
output system is a surveillance system which is active
in the background.
If the user tries to gain access to the operative system or
in any other way attempts to enter any other areas than
the authorized, the I/O system will prevent access and
the attempt to gain access to the operative system or the
like will be recorded.
In hospitals, government offices and the like it will be
possible by means of c card to obtain directly the use of
the computer for a certain duty, such as for example
retrieving, reading, updating journals and the like. The
integrity will be considerably greater than today. The
persons performing the work will also be recorded constantly.
It will not be recorded in the program which person has which
authority; in other words no programmer knows about the
person who is authori2ed within a certain area. Each possessor
has knowledge only of his own and/or reference characteristics.
Thus the controller card gives a very good secrecy and integrity -
protection and is moreover particularly easily administered.
When amendments are required with respect to the access
only the controller card has to be exchanged. Thus it will
no longer be necessary to program the competence in the
computer. It will not be necessary to disclose which duties
each person has. In each controller card using and/or reference
characteristics are included. In this manner a great flexi-
bility has been obtained.
To the time and date using characteristics area and level
using and/or reference characteristics are added. Thus the
control is total in all respects. After the identity has been
checked the possessor can use, gain access to data or the
like only within a given area characteristic. The area
characteristic permits access to the associated directory
according to the read out level characteristic. The input/
output system constantly carries surveillance of the use
of the card s`o that no transgression occurs. Attempts at
transgression are recorded and may release alarm of report.
The input/output system permits the establishment of a
operation memory register.
WO9~/109l9 8 PCT/SE90/00142
CJ ~
If a controller card includes a reference characteristic
to another controller card, access or access and use of the
computer or the like is subjected to a further restriction
which is included in the reference characteristic. This
may be for example that the possessor of the card has
access only to the single journal, that of the card
possessor himself, the file of the banking card possessor
himself, or that access or access and use are permitted
only if some other person has given his permission by
inserting his card.
If the computer is provided with two reading units, this
may mean that it is desired to have the using and reference
characteristics of one controller card connected to the
reference characteristics of another controller card and
that checking of the reference characteristics takes place
simultaneously before the input/output system gives access
according to the restrictions in the reference characteristic
or characteristics. In this manner further strengthening of
the control has been included. The reference characteristics
~ 20 may be ~ed where double check is necessary, such as opening
a strony-room or the like.
The invention is not limited to the above description, but
many use characteristics and reference characteristics can
be added. The number of reference characteristics and
reading units can be multiplied.
:,. . ; . ~ . . :
... .. . . . ............. . ~
` ' , ' '` ' .
