Glen Paul Double | Researchain

Archive Network Publication Hotspot Collaboration

Network

Latest external collaboration on country level. Dive into details by clicking on the dots.

Explore More

Hotspot

Dive into the research topics where Glen Paul Double is active.

Explore More

Publication

Featured researches published by Glen Paul Double.

Ibm Systems Journal | 1991

Transaction security system

Dennis G. Abraham; George M. Dolan; Glen Paul Double; James Virgle Stevens

An electronic funds transfer system (EFT) is described in which retail terminals located in stores are connected through a public switched telecommunication system to card issuing agencies data processing centers. Users of the system are issued with intelligent secure bank cards, which include a microprocessor, ROS and RAM stores. The POS includes a personal key (KP) and an account number (PAN) stored on the card when the issuer issues it to the user. Users also have a personal identity number (PIN) which is stored or remembered separately. A transaction is initiated at a retail terminal when a card is inserted in an EFT module connected to the terminal. A request message including the PAN and a session key (KS) is transmitted to the issuers data processing center. The issuer generates an authentication parameter (TAP) based upon its stored version of KP and PIN and a time variant parameter received from the terminal. The TAP is then returned to the terminal in a response message, and based upon an imputed PIN, partial processing of the input PIN and KP on the card a derived TAP is compared with the received TAP in the terminal. A correct comparison indicating that the entered PIN is valid. The request message includes the PAN encoded under the KS and KS encoded under a cross-domain key. Message authentication codes (MAC) are attached to each message and the correct reception and regeneration of a MAC on a message including a term encoded under KS indicates that the received KS is valid and that the message originated at a valid terminal or card.

annual computer security applications conference | 1990

An evaluation system for the physical security of computing systems

Steve Harris Weingart; Steve R. White; William C. Arnold; Glen Paul Double

Physical security technology is being used more often to protect the integrity of computing systems and the assets they contain. A physical security rating system is defined in terms of the difficulty of mounting a successful physical attack against it, quality assurance documentation and system testing. An evaluation system is presented for determining adequate physical security, as a function of the environment in which the system is placed and the value of the assets resident in the system.<<ETX>>

Archive | 1991