In recent years, with the number of computers in use increasing at rapid rates, the risk that data and software stored in computers may be accessed by unauthorized persons has also been increasing. Furthermore, the increased use of such computers makes the presence of such data and software in the computers a more tempting target for would-be thieves. In many applications, systems of computers have been established for interconnected communications. In such instances, one computer located at a first location is able to communicate with another computer at a second location, in order to use either data or software stored in the second computer. Large networks of computers have been established whereby one computer can communicate with any other computer. As well, communication links between only two stations are common.
Communication generally speaking is most useful if it is two-way communication between two such computer stations. In many instances, such two-way communication is established via a public telephone linkup between the stations. Once the telephone linkup is established, the two computers can communicate with each other relatively freely.
In order to connect a computer to a telephone line a device, known generally as a modem, is used. The modem translates the digital signals from a computer into analog signals which can be transmitted over the telephone lines. Similarly, when a modem receives an analog signal from a telephone line it will translate such signal into a digital signal suitable for use by its computer. The modem acts as an interfacing link between the computer and the telephone line. In effect, the computer can talk through a modem much in the same way that a human can talk through the microphone of a telephone.
In operation, two computers are connected to each other via a telephone line through their respective modems. The dialing unit on a first modem at the first location dials a telephone number of the second location. The modem at the second location will "answer" the telephone and connect the first computer to the second. Once the connection is established, the first computer can communicate with the second and vice versa.
In such systems it has been a severe problem that any person at any other telephone location could telephone either of the two computers. In particular, an unauthorized person at a third location with his own computer and modem could simply telephone the other computers and thereby gain access to the computer files contained therein. The unauthorized user could then either simply copy information contained in such files for his own benefit, alter such files in a way that might not be detectable to the owner or authorized user, destroy the files, or otherwise tamper with the information stored in the other computer for his own purposes. Such activities by an unauthorized user may damage the competitive edge of one person in the marketplace or may in fact impair the actual ability of a person to perform work in the marketplace. As well, unauthorized use of confidential information, perhaps related to private individuals, is a dangerous possibility.
It would therefore be highly advantageous to provide a device to restrict access to a computer over the telephone lines to authorized users only. While some computers are provided with internal hardware/software controls in order to restrict access to the computer (for example, by passwords), in the past such hardware/software controls have been an expensive addition to the actual computer itself. It would therefore be advantageous if the computer access device were a separate device which could simply be connected to the computer, or its modem when required.
Furthermore, conventional password access systems transmit passwords from one computer to another by standard and well known analog signals and codes. For example, transmission across telephone lines may use a sinusoidal signal at a pre-determined standard frequency. Such signal may be modulated in accordance with a standard code, such as the ASCII code, for example to encode letters or other information. Thus, any unauthorized user with knowledge of such standard signals and codes is free to attempt to communicate with another computer. Although one unauthorized access attempt may not itself be successful, there is a risk that the correct password may be delivered on a subsequent attempt. For example, the unauthorized user may transmit a string of ASCII characters to the computer simply by trial and error. This can be accomplished by either physically inputting the codes via a terminal or by running a computer program to perform such function automatically. Such a program, if left running constantly, may very well gain access to a restricted computer by ultimately delivering a string of ASCII code which corresponds to a correct password.
Therefore, it would be advantageous to provide an access security device which uses a non-standard signals and codes. Before an unauthorized user could attempt to gain access, he would have to know both the particular signal and code in use. Without such knowledge, the unauthorized user could not even communicate with the restricted-access computer with respect to the correct passwords necessary for entry.
It would be even more advantageous if the nonstandard code used in the access security device could be changed from time to time or even during a single transmission. While decoding would theoretically remain possible, such changes would render decoding virtually impossible because of the amount of time necessary to do the decoding.
Of course, authorized users need access to their own computers. In conventional systems, authorized users have personal knowledge of the necessary passwords. Such personal knowledge is necessary so that the user may log on to the computer by typing in the appropriate password. However, the need for personal knowledge of the passwords introduces security problems. An authorized user may note his password in writing. An unauthorized user may read the written note, may watch the authorized user log on, or may induce the authorized user to tell him the password. Once the unauthorized user has learned the password, he is free to obtain access to the restricted computer from any telephone location.
Accordingly, it would therefore be advantageous if the access security device could automatically establish communication with another computer. The elimination of a human-inputted password eliminates some of the security problems found in conventional systems. The authorized user would have no need to know the passwords. There would therefore be no risk that knowledge of the passwords may be leaked to unauthorized personnel. Furthermore, for physical security it would be advantageous if the access security device could be permanently installed at a particular location.
In addition to the above advantages, other advantages and benefits could be achieved. For example, it would be advantageous if the device were able to record all attempts at establishing communication with the computer. Both authorized and unauthorized attempts could be recorded. As a further advantage, it would be possible for all unauthorized attempts to be immediately reported to a security agency, which could act to trace the unauthorized telephone call and to institute appropriate criminal proceedings.
It will be appreciated that, while the access security device has been discussed in relation to a computer application, such an access security device could be used in any instance where it is desired to limit access by telephone to authorized users only. For example, telephone answering machines contain information which may be confidential. Conventional answering machines can be played back over the telephone to any person delivering a correct code signal to the machine. Similarily, it might be desirable to be able to control a building security system by telephone. For example, in the event of an emergency, it might be desirable to telephone the building and deliver a coded signal to turn the system off. Access to such security system by definition must be restricted. Accordingly, in such situations it would be desirable to interpose an access security device between the telephone answering mechanism and the telephone line itself.