1. Field of the Invention
The present invention relates to a data processing system which protects the secrecy of confidential data.
2. Description of the Prior Art
Any data processing system includes a data processing machine connected to an apparatus for transmitting data to the machine. Of these systems, some are intended to process information made up of both data of a routine nature and confidential data. In such systems the confidential data is generally used to authorize the dialogue between the machine and the operator via the said data transmitting apparatus. There are a number of specific cases which are typical of systems of this nature, and these will be described briefly herein by way of example.
The first case is that in which the data processing machine includes a member intended to process a predetermined confidential item of data generally referred to as a key. To prevent any illicit use the key is changed regularly. In such a system, the operator first has to transmit an item of confidential data corresponding to the key, via the data transmitting device of the machine, to the member which holds the key. In this member a comparison is made between the confidential item of data received and the key, and if they are the same the member authorizes a dialogue between the machine and the operator for data of any kind, be it confidential or otherwise. However, to avoid any misunderstanding in the remainder of the description, what is termed confidential data will be the data which is used as a key to open the dialogue between the machine and the operator. Also, the said member which holds the key will be referred to below as the auxilliary member, in particular because of its function in the system and its interchangeable nature.
The second example of a known system relates to systems which employ credit cards. In cases where the credit cards contains only the personal key of the card holder, these systems are similar to those of the previous example, and the auxiliary member is formed by each of the various credit cards. It is known, however, that the trend is towards introducing an integrated circuit device into cards for crediting and/or debiting. In such systems, the auxiliary member thus no longer processes simply the confidential data, but also certain of the items of data passing between the machine and the operator.
In all these systems, it may be noted that the keyboard available to the operator is used to transmit both confidential data intended for the auxiliary member and also data intended for the machine after the auxiliary member has authorized a dialogue. The keyboard is thus a public device at the disposal of a large number of people, but can only be used to good effect after the correct key has been transmitted. Thus, it is possible for an unauthorized user to use either the keyboard or the space which separates the keyboard from the auxiliary member to discover the key which an operator will subsequently transmit to the auxiliary member.
In the case of the first example, assuming the key has been discovered, it will then be possible for the unauthorized user to gain direct access to the machine. In the case of the second example the unauthorized user will have to steal a card from an operator who meets his requirements. With the introduction of cards incorporating integrated circuit devices, particularly in the case of credits and debits performed at a remote banking terminal or at the cash-desks of shops, theft or cards containing a key is expected to become a greater problem.
In all the systems which have just been described, the secrecy of the confidential data has so far been protected at the auxiliary member. In the systems of the first example the key is changed regularly and in the systems of the second example either a limited number of attempts is allowed for transmitting the confidential data or else the card or the integrated circuit device embodies means to prevent anybody from discovering the key. However, the unauthorized user still has the opportunity of working via keyboard or via the space which separates the keyboard from the machine.
A primary object of the present invention is to protect the secrecy of confidential data in data processing systems.