Field of the Invention
The invention lies in the data processing and processor security fields. More specifically, the invention relates to a method for checking whether authorization exists for at least two data processing devices which are connected to one another to interchange data with one another, and to a configuration for carrying out the method.
Nowadays, data interchange between two or more data processing facilities is a normal activity. In this context, the question as to whether the data processing facilities that are connected to one another are authorized to interchange data in general or to interchange specific data is becoming increasingly important. Such a check is required whenever the information or data that are accessible in a data processing device are intended to be accessible only to a specific group of people or to the data processing facilities associated with that group of people.
Normally, this check is carried out in such a way that secret identification or keywords are interchanged which allow the authorization to be identified. The problem with the conventional method is the fact that, if the data transmission path is monitored, the keyword can be extracted by virtue of its regular use. Furthermore, there is a risk that, if the keyword is stored in at least one of the data processing facilities, it can easily be extracted. In both cases, there is a risk of misuse of a keyword, and thus of unauthorized access to information.
It is accordingly an object of the invention to provide a method for authorization checking and a corresponding configuration for carrying out the novel method, which overcomes the above-mentioned disadvantages of the heretofore-known devices and methods of this general type and which increases the level of difficulty in determining the keyword.
With the foregoing and other objects in view there is provided, in accordance with the invention, a method of checking whether authorization exists for at least two mutually interconnected data processing devices to exchange data with one another. The method comprises the following steps:
producing check data in each of at least two data processing devices in response to a trigger signal;
transmitting the check data from one of the data processing devices to another one of the data processing devices;
comparing, in the other data processing device, the check data produced therein with the check data transmitted from the one data processing device; and
deciding, based on an outcome of the comparing step, whether authorization exists for data interchange between the at least two data processing devices.
Due to the fact that check data are not permanently stored in the data processing devices which are provided for data interchange but are instead in each case produced in a new way before the data interchange, it is impossible to extract any permanently stored keyword or password. Due to the fact, furthermore, that it is possible to produce different check data before each data transmission, the difficulty in determining the check data by monitoring the data transmission path is also increased.
In accordance with an added feature of the invention, the trigger signal is simultaneously supplied to the at least two data processing devices.
In accordance with an alternative feature of the invention, the trigger signal is received first with one of the at least two data processing devices.
In accordance with an additional feature of the invention, a preliminary determination is effected as to which of the at least two data processing devices is to process the comparing step.
In accordance with again a further feature of the invention, a determination is rendered as to which of the at least two data processing devices is to carry out the comparison of the check data based on which of the at least two data processing devices produces the check data first.
In accordance with again another feature of the invention, the check data are transmitted in encrypted form. Furthermore, it is possible to compare the check data in encrypted form.
With the above and other objects in view there is also provided, in accordance with the invention, a configuration for performing the above-outlined method for checking whether authorization exists for at least two mutually interconnected data processing devices to exchange data with one another. The configuration comprises:
at least two mutually interconnected data processing devices;
each of the data processing devices having an input for receiving trigger signal;
each of the data processing devices having a data generator and an interface device adapted to receive and to transmit data; and
at least one of the data processing devices having a comparison device adapted to compare check data produced in the at least one data processing device with check data received from another of the data processing devices, and to transmit a comparison signal.
When the trigger signal is supplied simultaneously to the data processing devices provided for the data transmission, it is not possible for either that data processing device which receives the trigger signal first or has produced the check data first, or for a data processing device where a different selection scheme is used to define who transmits the check data for checking and who receives that data, to predict directly the time at which the check data are transmitted from which data processing device to which data processing device. Furthermore, it is possible by encryption to make it harder to extract the check data. In each case, it is provided that the check data are compared with one another in one of the data processing devices, and the check result is used to decide whether or not data interchange is authorized.
Other features which are considered as characteristic for the invention are set forth in the appended claims.
Although the invention is illustrated and described herein as embodied in a method for authorization checking and configuration for carrying out the method, it is nevertheless not intended to be limited to the details shown, since various modifications and structural changes may be made therein without departing from the spirit of the invention and within the scope and range of equivalents of the claims.
The construction and method of operation of the invention, however, together with additional objects and advantages thereof will be best understood from the following description of specific embodiments when read in connection with the accompanying drawings.