Abstract: A plurality of digital data processing systems are interconnected as nodes in a telecommunication network. When two intelligent nodes are conneected and one local node determines that a process which it is executing requires the use of resources held at the second remote node, the local system sends a request to the remote system. It is desirable that the remote system handle the request from the local system as it handles all other requests so that source integrity is maintained. The local system, in response to a request from a local application program which it is sevicing, sends a corresponding transaction request along a communication link to the remote system. This transaction request passes directly from node to node without going through any intermediate controller. The remote system receives the request and creates a new unit of work. The remote system then performs the unit of work and sends the result back to the local node.

Abstract: A method and apparatus whereby the senders and receivers of messages sent over a transmission system including a Host CPU may guarantee the integrity of the data content of the message and also the absolute identity of the sender. Each user of the system as well as the Host CPU contains an identical key-controlled block-cipher cryptographic device with data chaining for encrypting and decrypting messages as required, wherein each user has knowledge of only his own cryptographic key and wherein the Host CPU has access to the unique cryptographic keys of all users of the system stored in a high security storage area available only to said CPU. Stated very generally, the originator of a message A sends a message to a receiver B which includes a transaction or message portion X and a unique digital signature portion Y which is a function both of the message and the senders unique cryptographic key K.sub.A. The receiver then communicates with the CPU for verification of the signature Y.

Abstract: A cryptographic system for encrypting a block of binary data under the control of a key consisting of a set of binary symbols. The cryptographic system may be utilized within a data processing environment to ensure complete privacy of data and information that is stored or processed within a computing system. All authorized subscribers who are permitted access to data within the network are assigned a unique key consisting of a combination of binary symbols. The central processing unit within the computing network contains a complete listing of all distributed authorized subscriber keys. All communications transmitted from terminal input are encrypted into a block cipher by use of the cryptographic system operating under the control of the subscriber key which is inputed to the terminal device. At the receiving station or central processing unit, an identical subscriber key which is obtained from internal tables stored within the computing system is used to decipher all received ciphered communications.

Abstract: A chip-testing method, which allows Large-Scale-Integrated circuit (LSI) logic chips to be tested on wafer without necessitating expensive equipment involving high-precision step-and-repeat mechanisms, and which further allows chips to be tested individually in the connected-on-module environment. The circuit configuration and method are applicable to the testing of LSI-logic chips which may comprise various circuit structures including latches and combinatorial networks in many combinations and which may be fabricated in any circuit technology.The basic idea is to configure the chips and wafers in such a way that the LSSD provisions already incorporated in the chips can be utilized also for the on-wafer and on-module testing. The arrangements, which can be made with a "cut-away", or "deactivate" or an "extend-usage" approach, include five major extensions in the chip-image design.

Abstract: A method and apparatus for providing improved error-recovery and cryptographic strength when enciphering blocks which succeed short blocks in a Key-Controlled Block-Cipher Cryptographic System with chaining. Beginning with a pre-existing current chaining value (V), the system determines whether a current input block (X) of data to be encrypted is a full block or a short block. Both in the previous system and in proposed improvement, if the block is a full block, the system first combines the chaining value (V) with said full block (X) by a reversible operation such as exclusive-or and then block-enciphers the result of said exclusive-or under control of the user's cryptographic key (K) to produce an output cipher full block (Y); but if the block is a short block, of length L.sub.

Abstract: A Cryptographic Architecture for improving the security of Cash-Issuing or similar Terminal Systems when it is necessary to operate Off-Host. Each Terminal is connected to a central Controller which is in turn connected to a central Host. The Master cryptographic key for use in the personal identification mechanism provided in the system is stored in the Controller rather than the terminal. Means are provided whereby said Controller performs customer identification operations when the Host is not available to do so. Only data input at the Terminal is utilized in transmission between the Terminal and the Controller whereby the master system key is never exposed at either the Terminal or the communication link. Additionally, a Terminal status message is utilized with each transaction to prevent a "stale" message from being used to bypass the security procedures by means of eavesdropping or the like.

Abstract: A cryptographic system for enciphering a block of binary data under the control of a unique key consisting of a set of binary symbols. A clear message represented in binary data format is transformed into a cipher message (and vise versa) by operating on blocks of clear information utilizing the operations of directional shifting of a derivative form of said clear data in a multidimensional matrix shifting and storage device. Further, cryptographic power is introduced to the system by performing a non-affine substitution operation during a shift operation on segments of information stored in said matrix. The shifting function, as well as the substitution function, is a function of said unique key. The system is further mathematically invertible, that is, the same hardware may be utilized for both encipherment and decipherment by merely reversing the sequence of operations.

Abstract: This is a cipher system for enciphering a stream of binary data by means of a product cipher. A clear message represented in a binary data format is transformed into a cipher message by operating on each bit of clear information with a complex modulo-two addition function. This function is dependent on previous internal cipher digits transmitted and varies for each message bit processed. The function is developed by continually shifting a key matrix under the control of a varying control matrix. The control matrix is formed from the sub-product of the complex function developed in generating each cipher bit.

Abstract: A computer system architecture and method for performing the Discrete Fourier Transform on a set of N sampled input signals wherein N is chosen to be the product of a group of predetermined relatively prime factors (n.sub.1 .multidot.n.sub.2 .multidot.....multidot.n.sub.L). The present architecture then proceeds to the solution of the Fourier transform via a unique nested loop solution method, wherein each loop is specifically related to each factor and wherein no multiplications are performed in the outer loops said method being further characterized by the fact that the system control is automatically passed to the next inner loop whenever a multiplication instruction is encountered. A unique predetermined sequence of operations which is unique to each factor (n.sub.l) is built into the system controls and automatic control means proceed from one sequence to another depending upon the factors (n) associated with a chosen N.

Abstract: A Minimum Delay Module Assembly, having unrestricted accessibility for servicing, that provides substantially constant electrical and thermal environments for all portions of the assembly regardless of configuration. The assembly comprises a plurality of vertical page modules in which each page module is vertically hinged to the adjacent page module. Electrical interconnections are provided between the page modules by means of cable assemblies which enter each page module in the edge thereof adjacent said hinges. Individual self contained cooling means are provided for each page module so that the flow of air is up through the bottom of each page module and out through the top thereof. Resilient conduit means may be utilized to supply a pressurized coolant to each page module regardless of the configuration of the module assembly.

Abstract: A pressure sensing device having applicability as a simple pressure sensor and which is particularly adapted for use as a pen in a Signature Verification System, said device including a unique mounting structure for the pressure sensing stylus by flexible support means mounted on a substantially rigid base. The support means has a pressure sensing element mounted thereon. The flexible support means comprises two spaced members so disposed that their deflections and the output of the pressure sensing element are substantially independent of the angle of pressure on the stylus. In the special purpose embodiment useful for Signature Verification the stylus comprises a pen and the device further includes two orthogonally disposed accelerometers for sensing accelerations of said pen during the writing of a signature.

Abstract: Method and apparatus are disclosed for verifying a sample signature based on comparison of the dynamics of a reference and a sample signature. More particularly, second derivative values of pen displacements (i.e. acceleration) and continuous pressure pattern signals are periodically sampled for both a reference and sample signature and a comparison of these second derivative values and pressure patterns is made. To effect the comparisons the two groups (reference and sample) of both second derivative and pressure pattern signals are segmented and corresponding segments are individually correlated. Successive comparisons of the same segment pairs are performed utilizing successive shifting of the phases between the two segments being correlated to find regions of highest possible correlation. A running account of the maximum cross correlation values for all of the segment pairs of the two signatures are kept.

Abstract: A computer system organization which allows a program to specify a predetermined security level for other programs which it invokes, while at the same time being subject to security restraints placed on it either by a higher priority level invoking program or by the operating system. A plurality of security levels organized as a hierarchy which may be established by both problem programmers, and the operating system are then controlled by the operating system. A program cannot change its previously assigned level. Only a higher level invoking program can make such an alteration. A new program's security level indicator must be validated and then a protection code or `mask` of a predetermined size related to the security level must be validated. The system utilizes a plurality of special purpose bits in every data word which bits contain the protection field. Level indicators for the particular program determine the use of the protection field.

Abstract: A computer operating system security mechanism employing a non-penetrable hardware means for storing privileged instruction identification data for preventing direct unauthorized access to certain privileged instructions forming a part of the computer operating system; and further including memory address data boundary storage means for each said privileged instruction for preventing indirect access to such privileged instructions in memory by unauthorized branch instructions. The mechanism includes means associated with the computing system instruction register for recognizing privileged instruction and branch instructions. Storage means are included for each privileged instruction it is desired to protect for storing the address of the privileged instruction itself in memory, and both the upper and lower boundary address in memory relating to each such privileged instruction.

Abstract: A Block-Cipher Cryptographic System utilizing a unique user supplied key to control the cryptographic function and including means for modifying an input data block prior to performing a key-controlled transformation operation thereon. Said means includes means for extracting a segment of data utilized in a prior cryptographic transformation of the system and combining said segment with the input data block. The means for combining comprises a transformation which is a discrete valued function which in the preferred embodiment is an exclusive-or. In the preferred embodiment of the invention a block of ciphertext data is combined with the just succeeding input data block by an exclusive-or operation prior to the key-controlled transformation operation which produces said ciphertext blocks.

Abstract: An extremely high density memory array in which every intersection between two insulated orthogonal sets of drive lines define a nonvolatile memory device is described. Each device utilizes the area directly under the intersection of sets of lines to selectively store charges therein under control of suitable writing pulses. Reading is accomplished utilizing capacitive coupling through the device. The array comprises insulated metallic word lines orthogonal to doped bit lines defined within the surface of a semiconductor body. The insulation between the word lines and the bit lines has a dual charge state and is capable of storing charges. A unique structure is utilized whereby a highly doped layer is formed at the surface of the semiconductor body and of the same conductivity type as the body. The bit lines are composed of two distinct layers of an opposite conductivity type to that of said body wherein the layer closest to the surface is less highly doped.

Abstract: A process and apparatus are presented for making in-situ an energy sensitive surface on a passive support medium from at least two materials which in combination render said surface energy sensitive, comprising means for forming a separate mist of each of said materials and causing said separate mist to simultaneously contact said support media so that said materials controllably mix as they strike said medium. The particular process is utilized in a printing, copying and or recording environment wherein, said energy sensitive surface is formed on-line immediately prior to exposing said surface to an energy source. Said mists may be mixed at the point of contact with said medium or premixed within said mist forming means prior to striking said support medium.

Abstract: This invention relates to apparatus for automatically connecting computer terminals and the like to telephone lines and further includes means for automatically analyzing telephone line call progress signals indicative of line status. The apparatus includes a band pass filter, variable gain amplifier, AM detector, a wave shaper, a signal cadence detector and means responsive to said cadence detector for indicating line status.

Abstract: A method and apparatus for effecting character segmentation in a cursive script handwriting analysis system which comprises obtaining the continuous x and y coordinates and the x and y velocities of a writing instrument forming said cursive character. Continuously averaging the x displacement associated with all the x and y extremal points of a handwritten character where the x or the y velocity equals zero. Successively examining the x displacement for each x-extremal and determining if the x displacement of said extremal exceeds a predetermined threshold value relative to the average x displacement of the current character and if so indicating that said new extremal is located in the next character and that a segmentation mark should be placed at a predetermined distance along the ligature between the just analyzed extremal and the previously analyzed extremal.

Abstract: An input-output port control subsystem for use with a computer system having separate source and destination buses incorporated therein. Said system including circuitry for controlling operations of said system and said input/output subsystem, said subsystem including a bidirectional input/output bus for transferring data to and from said system, and separate gating means for selectively connecting said source and destination buses to said bidirectional I/O bus. External devices are connected to said bus thru an adaptor unit which is directly connected to said processing system by appropriate control lines. The input/output subsystem is adapted to operate either under programmed I/O control mode thru the central processing system or in cycle steal mode wherein the I/O devices themselves request cycle steal service time on the I/O bus thru their connected adaptor.