The present invention relates generally to a data processing system, and in particular concerns the assurance of confidential security in a terminal processing system which includes a host unit and terminal equipment connected thereto.
There has been known a terminal processing system in which a number of input/output terminals are connected to a host unit constituted by a computer, terminal control equipment or the like for performing various data processing operations.
In recent years, it has become possible to process rapidly a mass quantity of data in a terminal processing system of the type mentioned above through centralized data processing by means of a central computer or through distributed or dispersed data processing, as a result of which the inputting and outputting of data to and from the terminals and hence data access at the terminals can be effected in a facilitated manner.
On the other hand, the ease in making access to data brings about many problems, such as the destruction of data, leakage of secret or confidential information and the like. To deal with such problems, various measures have been proposed. Among them, there can be mentioned a security system in which the identity or password of the user is confirmed through appropriate operations at the terminal before the processing as required is initiated or when access to data is requested. In another security system, data transfer is performed for identification of the user between the host computer and the terminal in precedence to the processing as requested. In connection with the security system in which identification data is transferred between the host computer and the terminals for assuring security in the use of the system, it is known that the identification data is previously set in memories or switch circuits of the host computer and the terminals, respectively, and wherein, for establishment of communication, the identification data is mutually exchanged between the host computer and the terminal to which a request for data access is issued. When coincidence is recognized between the identification data, then communication is allowed to be established between the host computer and the terminal in question.
In contrast, in the case of the first mentioned security system which resorts to operations in the terminal, there arises a problem that different terminals can not be discriminated from one another so that access to the host computer may possibly be allowed from any of the terminals through the same operation. On the other hand, in the case of the second mentioned security system in which the identification data is mutually transferred, it is required to set the identification data by switches on the side of the terminal. Further, because the exchange of the identification data or code is executed constantly in a predetermined sequence with a predetermined invariable code value, the security can not be assured in a satisfactory manner, involving possibly leakage of confidential data.