Prior art industrial security systems typically ignore significant security threats, particularly in connection with communication sessions conducted with remote terminals. For example, prior art systems often implement an authentication procedure, but ignore session security. Authentication procedures attempt to determine whether an authentic user rather than an impostor or hacker is attempting to access the system. Session security refers to the transmission of encrypted data during a communication session. In a typical authentication process, a user supplies authentication data which must match like authentication data stored at a host computer. Consequently, the host computer is vulnerable to hacking activities which may access the authentication data stored therein.
In addition, prior art systems often transmit passwords, personal identification numbers, encryption keys, and the like in the clear between a remote terminal and a host. Such data items are commonly used to determine authenticity. However, prior art systems are often vulnerable to eaves dropping by wire tapping or RF reception. Eaves dropping is a serious and likely threat for remote communication sessions, and becomes an even greater threat when remote communications take place over RF communication links. Eaves dropping may allow an impostor or hacker to learn all data being transferred during the communication session. In addition, eaves dropping may further allow an impostor or hacker to duplicate the passwords, personal identification numbers, encryption keys, and the like that will trick the host into later granting access to the impostor.
Automatic call-back represents another technique often adopted to help determine authenticity. With automatic call-back, when a remote terminal calls a host computer via phone lines, a host computer terminates the call and automatically calls a predetermined phone number. If the calling party is authentic, the called back number should be for the remote terminal. However, this technique is vulnerable to call-forwarding at the predetermined phone number, and it severely limits mobility of the remote user.
A few prior art systems have attempted to provide session security. However, such systems require security-critical remote terminals. Security-critical terminals include data which, if discovered by an impostor or hacker, will allow the impostor or hacker to access the host. Consequently, the remote terminals are a potential point of attack. To combat this vulnerability, the security-critical remote terminals are often bulky, physically secure housings which make tampering difficult and evident should it occur. The bulkiness of typical security-critical remote terminals tends to make them less mobile than many remote computer system users require.