The present invention relates generally to a trusted security system and in particular to a system for protecting and controlling access to data using a system of electronic keys and a memory device.
There is an increasing number of computers in use in business today. These computers have a large amount of propriety information which must be protected from unauthorized access. Additionally, secure transfer of sensitive information is a concern, since many forms of data transfer are susceptible to intrusion by computer hackers and other unauthorized persons.
Data often has varying levels of security and associated with those security levels are the various classes of persons who are authorized to access that data. A single password, therefore, is ineffective at adequately protecting sensitive data.
One system for preboot protection for a data security system is provided by PCT application WO 95/24696, by Mooney et al., which provides a secure computer controlling access to data storage devices via a card reader. Another system relates to protection of material on storage media and for transferring material on storage media to various recipients according to U.S. Pat. No. 5,191,611 to Gerald S. Lang. Yet another system relates to a method and apparatus for the integrated compression and encryption (concryption) of data according to U.S. Pat. No. 5,479,512 to Kenneth P. Weiss. However, none of these systems provides an access control/crypto system including communications means for conducting appropriate communications between a number of smart card readers and smart cards.
Therefore, there is a need in the art for an access control/crypto system which has redundant security features and having restricted access to a single user per access smart card. There is also a need for an access control/crypto system which protects information regardless of the means by which the information is transferred from the source to the destination. The system should provide secure information transfer over common communications carriers, such as the Internet and world wide web. The system must also provide for controlled, secure decryption at the destination by only authorized users. There is also a need for a sophisticated access hierarchy for such a system to accord varying levels of security to various classes of users.
An access control/crypto system having a smart card reader and an access control program for requesting information from a user to determine if the user is authorized to access the computer. The access control/crypto system uses encryption and smart card technology as a means for securing files stored on the system, telecommunicated globally or archived to a chosen media. The system includes an access hierarchy, combined with the issuance of smart cards, to control the various levels of access provided by the system.
An alternate embodiment of the present system provides secure file transfer by encrypting sensitive files at a first site, transferring the encrypted version to a second site, providing an authorized user at the second site with a secret password, and decrypting the file at the second site using the secret password under control of the authorized user. This embodiment provides secure transfer of information regardless of the transfer means used. In addition, the access hierarchy may be incorporated into this embodiment to provide varying levels of security for both the transmitter of information and the receiver of the information.
In one embodiment, the systems at both the first site and the second site are programmable to perform encryption or decryption, providing a secure bidirectional file transfer system which may optionally use any mode of communication available without risking loss or decryption of sensitive information. In an alternate embodiment, a compression feature is incorporated prior to file encryption to compress the data file, so that the encrypted version of the file is transferred more easily to the second site. The received file is decrypted and decompressed to provide the original file, provided the user at the second site has the appropriate secret password and the requisite access to the system via the smart card and card reader means.
Other embodiments are described which feature automatic file handling, so that unencrypted files are removed and erased from the system during the encryption process to ensure that the sensitive information is not accidentally left on the system and vulnerable to unauthorized persons. After encryption, the encrypted files are accorded special extensions to identify the file as the encrypted version of the original file, and the original file is overwritten to render the original file unrecoverable. This means that the user must have the appropriate key to decrypt the encrypted file and ensures security of the sensitive information. Another aspect of the present system is an access control/crypto system including communication means for providing proper communications with a number of smart card readers and smart cards. This aspect allows the system to automatically select appropriate communications for a particular of smart card reader and smart card. Further embodiments are discussed, however, these are intended to illustrate the present system and not intended in a limiting or exclusive sense.