Abstract: A device for the securing of information systems, notably for a system used in the field of microcomputers, comprising at least one SCSI port having means for the enciphering of confidential information travelling through the system and comprising a peripheral communicating with the information system by an SCSI bus that has an interface between the SCSI bus and a bus internal to the peripheral, placing information management and storage means in a state of communication with the enciphering means contained in the peripheral as well as with an interface between a user and the peripheral, making it possible to provide the security services for the confidential information travelling through the peripheral, independently of the standards of the bus and operating system used by the information system.

Abstract: In bonding machines such as a wire bonding machine, a lock which makes the changing of bonding data impossible is placed on specific data setting mode items, which are stored in a memory, via a data setting mode locking circuit. The changing of data in such locked data setting modes is made possible only if a password inputted is the same as a previously set-in password.

Abstract: In an inverse transport processor, program component packet payloads of respective program components are multiplexed to a memory data input port and directed to mutually exclusive areas of random access memory (RAM). The processor includes multiple direct memory access circuitry for writing the payloads of component data to the mutually exclusive blocks of the memory. Memory access for read and write functions are arbitrated so that no incoming program data can be lost, and all component processors are serviced.

Abstract: The optimal design of the SPS Receiver is disclosed. The optimal SPS Receiver includes the digital filter with adjustable characteristics in each digital processing channel. The optimal design of the SPS Receiver is achieved by adjusting the filter characteristics of each digital filter to match the observed spectrum of the unknown W code satellite signals. The matching operation can be performed for each satellite channel with its own secret W code signal.

Abstract: A method of securely testing a cryptographic device need not be carried out in a secure testing facility by cleared personnel. First, a test cycle total count number is provided. Then, for each of a plurality of test cycles, the number being determined from the test cycle total count number, an input data signal is provided to the cryptographic device. The input data signal is encrypted to determine an encrypted signal, and the encrypted signal is then decrypted to determine a decrypted signal. Finally, the input data signal is compared to the decrypted signal. A cryptographic device includes receiving circuitry for receiving the input data signal and encryption circuitry that encrypts the input data signal to determine the encrypted signal. Decryption circuitry decrypts the encrypted signal to determine a decrypted signal, and comparing circuitry compares the input data signal to the decrypted signal.

Abstract: A data ciphering device that has special application in implementing the Digital European Cordless Telephone (DECT) standard data ciphering algorithm which requires a lengthy procedure of key loading and logic operations during the stages of pre-ciphering and ciphering which require clocks operating at different frequencies. The device performs parallel mode loading of the shift registers, with a ciphering keyword. It also calculates, in a first cycle, during the pre-ciphering, the values of the bits of each shift register that determine the value of the next shift in order to, in a second cycle, effect parallel mode shifting in these registers with a value equal to the sum of the two previous shift values. During the ciphering process, the shifting is done in the registers, in parallel mode and in a single data clock cycle, with a value equivalent to the serial value obtained by the algorithm.

Abstract: The integrity or the signator of an electronic document can be verified by embedding a security object, for example, supported by an object linking and embedding (OLE) capability, in the electronic document at a location selected by the signator. The embedded security object includes security information and an identifier for invoking the processing of the security information. The security information may include a document digest that characterizes the electronic document at the time the security object was embedded, a signature digest that identifies the signator and that characterizes the instance of the embedded security object, and the signator's electronic chop, which may be the signator's digitized signature or other graphic image. In addition, the security information can be encrypted using either private key encryption or public key encryption.

Abstract: A transaction processing system comprises at least one transaction terminal (10, 11, 12) having means to receive characteristic data from a user, which characteristic data is required to generate a characteristic image associated with the user, such as an image of the user's signature, from data stored in a data processing system (14); and logic for generating a transaction message by combining transaction data with the characteristic data in such a way that the transaction data is required to recover the characteristic data from the message. The data processing system (14) comprises means to store the user data, to receive and store the message, to recover the characteristic data from the message using the transaction data, and to reconstruct the characteristic image from the user data using the characteristic data to establish that the transaction was valid by associating the characteristic image with the transaction data.

Abstract: A multi-component system for linking a user to a product or service provider includes a user processing device, a storage device, and a provider device. The storage device stores provider-specific application software, user-specific data, and a file management program. The storage device and the processing device are coupled to each other to form a user device which communicates with the provider device. Under direction of the file management program, the processing device carries out a recognition methodology which determines whether the processing device and the storage device are authorized to operate with each other. This aspect of the system makes it possible to render the storage device operable only with a specific user processing device, referred to as the principal processing device. This, in turn, reduces the possibility of fraud since the storage device cannot be used without the principal processing device.

Abstract: Preventing unauthorized monitoring of wireless data transmissions is accomplished by routing requests for data, from communication units (114) operating on wireless communication systems (101), to a security gateway (103) which determines a transmission security level, based on the type of data requested, the identity of the data requester, and the identity of the database containing the requested data. Once this is determined, the security gateway (103) establishes a secure communication with the communication unit according to the transmission security level. If the secure communication was successful, the security gateway (103) routes the requested data to the communication unit (114).

Abstract: Data on a CD-PROM disk is selectively accessed in a secure manner by selectively encoding binary digital passwords and decryption keys onto the same disk in a separate area. Passwords and decryption keys may be programmed onto the disk after manufacture, such as at the point of sale, by selectively obliterating the readability of bits in addressable sectors. A binary digital key is then later recognized as the result of a string of addressable sectors, with the readable and unreadable sectors providing the digital string. In an embodiment, a manufacturer may place several or all versions and features of a large program on a single CD-ROM, encrypted, and later provide keys to enable only selected ones of the features and versions for retrieval. By programming a password or decryption key over an area of a programming region having a storage capacity of at least a megabyte, and in some cases several megabytes, existing methods of intercepting and defeating such security schemes may be defeated.

Abstract: In the preliminary authentication stage, the mobile station (35) is authenticated by sending from the home network (30) to the roamed network (31), a plurality of pairs of first random numbers (RNDa.sub.1, . . . , RNDa.sub.n) and calculation results (SRESa.sub.1, . . . , SRESa.sub.n) of the cipher function (f), which calculation is performed at the home network using the secret key (ki) and the first random numbers (RNDa.sub.1, . . . , RND.sub.an), by sending, from the roamed network to the mobile station, third random numbers formed by coupling second random numbers (RNDb.sub.1, . . . , RNDb.sub.m) produced at the roamed network with the first random numbers (RNDa.sub.1, . . . , RNDan), by sending, from the mobile station to the roamed network, calculation results (SRESa.sub.1, . . . , SRESa.sub.n, SRESb.sub.1, . . . , SRESb.sub.

Abstract: Unauthorized distribution of data within a wireless communication system (101-102) can be detected by coupling a security gateway (103) between the wireless communication system (101-102) and a public data base system (104). When the public data base system (104) sends data to a requesting member of the wireless communication system (101-102), the data is intercepted by the security gateway (103). As the security gateway (103) is receiving the data, it is searching the data for a security tag. When a security tag is found, the security gateway (103) determines whether the security tag is assigned to the particular data base transmitting the data (105-106). If the security tag is not assigned to the particular data base, the security gateway identifies the particular data base as a potential unauthorized distributor of data (117).

Abstract: A method and apparatus for digital cellular telephone encryption includes a switch when a choice between compatibility security and a higher security is required. Plaintext is converted into ciphertext using a three-stage transformation process. In a first stage, the plaintext is transformed using a secret key to control encrypting by an invertible transformation process. In a second stage, the output of the first stage is transformed by an involutory transformation, which is unkeyed when the compatibility switch is in a compatibility setting and keyed when the compatibility switch is in a secure setting. In a third stage, the output of the second stage is transformed by the inverse of the transformation performed in the first stage. The compatibility switch is used to toggle between compatibility with a less secure encryption standard and a key-based secure encryption.

Abstract: A selective broadcasting method operative to transmit a plurality of message data signals to a corresponding plurality of subscriber subsets within a set of subscribers, the method comprising receiving an indication of a privileged set comprising an individual subset and transmitting a message data signal from which a key can be extracted by members of the privileged set and cannot be extracted by any set of members outside the privileged set whose number of members is less than a predetermined resiliency, wherein the length of the message data signal is less than the sum of lengths of the message data signals required if an individual message data signal is transmitted to each subscriber in the privileged set.

Abstract: A motor-generator set stator core includes a plurality of flat thin annular winding support plates, a pair of improved annular end plates, and a plurality of elongated flat attachment members for retaining the end plates and support plates assembled together. The improved annular end plates have substantially right triangular configurations in cross-section which are the reverse or a mirror image of one another. At hypotenuses of the right triangular cross-sections of the end plates are inner surfaces which have tapered or conical configurations that are the reverse of one another so as to conform to the outside tapered profile of the end turns of the stator windings. At short sides of the right triangular cross-sections of the end plates are radial planar surfaces which engage the opposite outer side portions of the stacked support plates.

Abstract: A carriage assembly embodying pre-recorded media such as tape or film, and typically a VHS or other standard reel-type video cassette, incorporate built-in self-contained control means. This includes a timer operable to define a pre-set user period, e.g. a hire period from a video library, during which normal replay and other operation of the assembly can take place, and inhibiting means, for example an electrically powered oscillator automatically activated at the end of the period to prevent or inhibit replay or other operation, in the case of the oscillator by emitting a signal picked up by the play back head of the user's equipment so that the image and/or sound is degraded and "jammed." In alternative constructions the inhibiting means act on mechanism of the assembly itself or its interfacing with the equipment to prevent further playback. A counter or other register or memory means may also be incorporated to record usage. The timer can only be reset by use of a code key device.

Abstract: A method and system for privately communicating signals over a wireless communications network include the steps of and circuitry and instructions for processing communication signals in a first signal processing circuit within a first communications controller circuit at a first location to produce processed communication signals. The processed communication signals may be processed voice communication signals or any arbitrary data stream that is to be communicated from one point to another. These processed communication signals are then enciphered and transmitted from the first location to a second location over a wireless communications network where a second communications controller circuit deciphers and decompresses the received communication signals. The enciphering and deciphering may occur in a digital signal processor of the communications controller circuit.

Abstract: A cyber wallet in the form of stored and protected account information, which may be "carried" on a tamper resistant portable electronic storage medium such as a smartcard, or stored on the customer's computer (or personal digital assistant, PCMCIA card, or the like) together with the browser/mosaic software, is provide to a customer for the purpose of making electronic payments from the possessor of the wallet to a merchant at a remote site on the Internet. Security of the information contained in the wallet is provided by a public key file containing public keys to be used for encrypting the payment information into an authorization ticket which is sent by the wallet to the merchant, and then forwarded to the account servicer for decryption, the decryption key being in the form or a private key held only by the account servicer, and to which the merchant and other parties have no access.

Abstract: In a managed repeater having an address learn capability wherein receipt at a particular port of a data packet having a received source address different from a stored source address associated with the particular port replaces the stored source address with the received source address, a source address locking circuit includes an address learn circuit associated with the particular port, for replacing the stored source address with the received source address when the stored source address does not match the received source address, and an address lock register for the particular port, coupled to the address learn circuit, for storing a bit value to disable the address learn circuit from replacing the stored source address with the received source address. This managed repeater provides improved security in a network having source address updating by allowing an administrator to disable the source address update for a particular port in the managed repeater.