GB2395304A - A digital locking system for physical and digital items using a location based indication for unlocking - Google Patents

Abstract

The invention concerns a "Position Sensitive Key and Lock Device" system which is suitable for restricting access to digital data or physical objects based on the geographical location, determined from a terrestrial or outer space co-ordinate location system, at which the items are accessed. The system uses a Secure Key derived from the geographical coordinates as a decryption key to allow a user to access physical locks or previously encrypted data. Preferably the digital data comprises music, video or other information and the physical objects preferably include structures or (shipping) containers. The coordinate location system is preferably GPS although other systems, based on e.g. radio beacons, can be used that provide latitude, longitude and altitude (or ellipsoid) coordinates or their analogues, e.g. Cartesian coordinates. Also disclosed is allowing access at multiple locations; maintaining stored data in encrypted format whilst making it readable; a security feature whereby geographical location data for a device is sent to a user; the use of a physical embodiment of the Secure Key; time limiting access to the locked items; recording of the details of accesses to a device fined with the system of the invention; transmission of a new access location to a device associated with the items to be accessed.

Description

Position Sensitive Key and Lock This Position Sensitive Key and Lock

system is a method to apply secure protection locking and unlocking of a Device such as computer devices, computer software, digital music, digital video, information and physical objects, structures or containers using an absolute position determined by all terrestrial or outer space coordinate location systems.

The Position Sensitive Key and Lock system utilises a secure Lock and Key principle with invention's Key Creator computer software program, invention's Secure Locking computer software program and Secure Unlocking computer software program.

The Position Sensitive Key and Lock system determines the numeric reference of the latitude, longitude and ellipsoid/altitude position of a Device and encrypts, using cryptography, that numeric reference into a cipher key, software key or coded mechanical recognition system to create a high security code Secure Key.

The Position Sensitive Key and Lock system uses the unique identity of the cryptography code embedded within the Secure Key to encrypt (lock) or decrypt (unlock) computer software, information and locks on physical objects, structures or containers if the Device is in the correct latitude, longitude and ellipsoid/altitude position If the Device is stolen the Position Sensitive Key and Lock system will provide information on the whereabouts of the stolen Device.

The invention utilises Earth or Outer Space position location systems such as Global Positioning System (GPS), radio, radio beacon, microwave, laser, magnetic, gyroscope, celestial or any method or device that will provide a latitude, longitude and ellipsoid/ altitude accurate location. The latitude, longitude and ellipsoid/altitude position can also be 3-D Cartesian X Y Z accurate location, Geographical Information Systems (GIS), and by the UK's National Grid Reference system or any other position determining system. The invention will also use the three dimensional location systems for determining accurate positions in Outer Space outside the normal Earth positioning systems. Page 1

in absolute position of the latitude, longitude and ellipsoid/altitude is determined for the location of a Device.

The description of a 'Device' is either a computer, a mobile telephone, any appliance

that contain a Central Processing Unit (CPU) or microprocessor chip, Subscriber Identity Module - Mobile Equipment (SIM Card), Smart Card, Hand held computers, Palm Top computers, Box with a CPU in their inventions positional system lock, Containers with a CPU in their positional system lock, Containers on Road, Rail, Air, Sea or Space with a CPU in their positional system lock, Safes and Vaults with a CPU in their positional system lock, all doors, gates and exits and entrance mechanisms with a CPU in their positional system lock.

That location can be a local latitude, longitude and ellipsoid/altitude position or a remote latitude, longitude and ellipsoid/altitude position.

With the Position Sensitive Key and Lock device's Central Control Unit obtaining a latitude, longitude and ellipsoid/altitude position of a Device from a remote position the master program communicates with the remote device and confirms its current position. That Central Control Unit will then create the Secure Key. The Secure Key can be used remotely or transmitted or delivered to the local Device With the use of the Position Sensitive Key and Lock device for secure delivery or collection of products in a Container it may be several or many latitude, longitude and ellipsoid/altitude positions that are logged and embedded within the Container CPU to enable that Container to be opened or closed securely when it is has travelled to and/or located at those proposed delivery positions.

The invention's Key Creator software applies an encryption code of the latitude, longitude and ellipsoid/altitude position to produce a Secure Key utilising cryptography and security systems such as those listed in Appendix 1 of this document or other cryptography systems. The Secure Key is encrypted to ensure that the latitude, longitude and ellipsoid/altitude position is hidden within that encryption code and only the inventions Secure Unlocking computer software can access the hidden code.

Page 2

o lock and protect a computer program, software, information or container held within a Device the Secure Locking computer software program examines the Secure Key utilising the invention's decryption technique and then checks that the Device is in the correct latitude, longitude and ellipsoid/altitude position. If it is located correctly then the Secure Locking computer software program encrypts the computer program, software or information held within that Device using the Position Sensitive Key and Lock cryptography secure wrapping technique. This wrapping technology is called the Secure Wrap'. Any information, computer program, or locked information is securely protected by this Secure Wrap encryption process and access is only gained whilst the Secure Key is within the Device and that Device is in the correct latitude, longitude and ellipsoid/altitude position. If an attempt is made to use the Secure Wrapped information or computer program at a different location or on an un-licensed Device the cryptography used within the Secure Wrap will not allow the contents to be used or examined. If a person or mechanism is required to use or look at a computer program, software or information held within a Device, then the Secure Unlocking computer software program is activated. This Secure Unlocking computer software program examines the latitude, longitude and ellipsoid/altitude position through the Device's Earth or Outer Space position location system and if this is verified as correct by the Secure Unlocking computer software when it examines the Secure Key the computer program, software or information is unlocked and could be used by the person or a mechanism requiring access. The unlocked computer program, software or information is still held in cryptography format whilst it is in the unlock useable or readable format so that in the event of the information being stolen or transferred to another device it cannot be accessed. Remote vendors or providers who provide computer programs, software or information, and utilise the invention, would receive a request from a user or client to be provided with a computer program, software or information. The invention's software held within the vendors or providers Computer Device, termed Central Control Unit, at the vendors or providers location can examine remotely the clients Earth or Outer Space position location system to determine that client's Device's accurate latitude, longitude and ellipsoid/altitude position. It is then possible for the vendors or provider's Device to utilise the inventions Secure Locking program and create a Secure Key for their client and to encrypt the computer programs, software or Page 3

nformation with Secure Wrap. It then transmits that Secure Wrapped computer program, software or information plus the Secure Key to the client's Device.

Alternatively the vendors or providers Computer Device could have the client's Secure Key transmitted to the vendors or providers Computer Device and the vendors or providers Computer Device would utilise the inventions Secure Locking computer software program to encrypt the computer program, software or information and carry out a Secure Wrap of that software or information. That Securely Wrapped software or information would be transmitted or sent to the Client.

When the client wishes to use the provided computer program, software or information the Position Sensitive Key and Lock's Secure Unlocking computer software program would examine the Secure Key, obtain the encrypted code, decrypt that code and verify that the encrypted location is the same as the latitude, longitude and ellipsoid/altitude position through the client's Device's Earth or Outer Space position location system. If verified as correct by the Secure Unlocking computer software the computer program, software or information would be unlocked and could be used or read by that client.

If the user's Device is moved to a different latitude, longitude and ellipsoid/altitude position the computer programs, software or information that were previously accessible from the original position could not now be accessed. The inventions Position Sensitive Key and Lock program would access the new latitude, longitude and ellipsoid/altitude position and inform the inventions Control Centre Device of the new position and inform the client of that new position. This is important information in the event that the Device is stolen. In the event of the Device's Earth or Outer Space position location system being disconnected but the Device transmits any message to the internet the invention's Position Sensitive Key and Lock program sends a message covertly to the inventions Control Centre Device providing detailed information of the new URL ( Uniform Resource Locator - an address) or email address of the user's Device enabling the owner to trace the location of their Device through the ISP (Information Service Provider). This feature of the invention's software is that the low level computer program used by the Position Sensitive Key and Lock program is not visible to the Task Manager file on the Computer Device and cannot be seen in the Applications or Processes section of the Task Manager. This low level file is known as a Stealth File and is activated at predetermined time intervals and when the Device is turned on. The Stealth Program confirms that latitude, longitude and ellipsoid/ altitude position is correct in accordance with Secure Key embedded algorithms and Page 4

hat the Device still has the position of the latitude, longitude and ellipsoid/altitude equipment connected to it and functioning. If the Stealth Program cannot confirm either of these facts when the devices is next connected to the internet it initiates an executable low level instruction file that will inform the Control Centre Device of the IP or other address of the Device and the IP address or other address that the Device is transmitting to. This information will be used to identify the location of a stolen Device or a user's identity who is using the Devices illegally.

The Position Sensitive Key and Lock program would also link to Mechanical Devices such as locks on lorries, vans, containers, safes, vaults, cash register draw, any container whether static or moveable. Position Sensitive Key and Lock program is embedded within the CPU mechanism inside the mechanical lock. The Position Sensitive Key and Lock program unlock key can be held on an exterior device that can be inserted into the Position Sensitive Key and Lock. It can be placed on or nearby to the Position Sensitive Key and Lock and transmitted to the lock.

If a person or a mechanism wishes to unlock the mechanism then the Secure Unlocking computer software program is activated. This Secure Unlocking computer software program examines the latitude, longitude and ellipsoid/altitude position through the Device's Earth or Outer Space position location system and if this is verified as correct by the Secure Unlocking computer software when it examines the Secure Key the mechanism is unlocked and access made to the Mechanical Device on or within the container. The Position Sensitive Key and Lock program would link into navigational and tracking systems located within a vehicle, plane, train, ship or any other system that transports, humans, animals or product and could be programmed to open or close a mechanical lock by the use of Position Sensitive Key and Lock software integrated within those transport systems when they arrive at a specific latitude, longitude and ellipsoid/altitude position. In certain applications when a Container is moved from its latitude, longitude and ellipsoid/altitude position it will automaticall be locked for security. With portable devices such as palm top, notebook and laptop computers the Secure Key is issued with a Time License if required. This Time License will allow the portable device to unlock software, information or mechanical locks connected or on Page 5

hat portable device for certain periods of time whilst that Device is away from its normal latitude, longitude and ellipsoid/altitude position. The period of time is determined by the vendor and client and can be periods of 1 day, 7 day or any contracted period of time. After the expiry of that Time License the Secure Key will not be able to unlock the Position Sensitive Key and Lock. When the portable device returns to its normal base station the portable device will confirm the latitude, longitude and ellipsoid/altitude position and renew the Time License for contracted period of time agreed by the vendor and client.

The Secure Locking program can create a Secure Key coded with a mechanical recognition system where a Physical Key can be created with mechanical features.

These mechanical features relate to embedded code which can be decrypted to relate to the latitude, longitude and ellipsoid/altitude positions of the Device or Mechanical Device to allow locking and unlocking of Computer Information or allow locking and unlocking of a Mechanical Device. The method of creating a Mechanical Lock Device could utilise embedded latitude, longitude and ellipsoid/altitude position coded shapes on a Mortice Key, Cylinder Rim Lock, High Security Multi-Point Locking System, Punched Card, Magnetic Card, Smart SIM Card or any other Mechanical Device including those devices emitting a frequency of Light or Radio.

With secure delivery and collection systems the user could transmit securely many delivery and collection latitude, longitude and ellipsoid/altitude positions to the Mechanical Position Lock and when that vehicle, plane, train, ship, container or any other transport system arrives at those positions the Mechanical Position Lock system allows the lock to be opened.

With certain applications the company providing the delivery and collection service the inventions system can inform that Company of the latitude, longitude and ellipsoid/altitude locations of its transport, the time the Mechanical Position Lock was unlocked and when it was locked up again. If the transport vehicle was locked or unlocked at the incorrect latitude, longitude and ellipsoid/altitude locations then the inventions system could notify the Company of this action.

When the transport company wishes to inform one of its transport vehicles to collect or deliver to a new latitude, longitude and ellipsoid/altitude location then that Company's Computer Devices Secure Locking computer software program would Page 6

reate a Secure Key. The Secure Key would be transmitted to the transport vehicles tracking system or to the driver's mobile telephone system. A device such as a connector from the mobile telephone to a USB Subscriber Identity Module (SIM Card) connector would send the Secure Key to the microprocessor in the SIM card. When the transport vehicle driver arrives at the new latitude, longitude and ellipsoid/altitude location he/she inserts the USB connector into the port/slot located on the Mechanical Position Lock. The SIM card transmits the Secure Key to the Mechanical Position Lock and the Secure Unlocking computer software inside the CPU within the Mechanical Position Lock can access the hidden latitude, longitude and ellipsoid/altitude location within the Secure Key, confirm that the position is correct and then unlock the container.

Page 7

Description - Appendage l.OCryptography Methods

Appended on the following pages are some of the various Cryptography methods, available to a user of the invention, when developing the inventions Key Creator software to produce the Secure Key and by that created Secure Key when utilised by the Secure Unlocking computer software program to unlock computer programs, software, information or mechanical devices that access the inventions principle of examining the latitude, longitude and ellipsoid/altitude position before allowing the lock or un-lock to take place. The user of the invention of locking or unlocking according to latitude, longitude and ellipsoid/altitude position of computer programs, software, information or mechanical device may use any of the principles appended within this Appendage or any other method not appended within this Appendage. The Position Sensitive Key and Lock system's Secure Key standards will be incorporated as World standards into these appended security technologies.

As a trade-secret cryptographic algorithm used in European cellular telephones which will be incorporated into the Position Sensitive Key and Lock system's Secure Key. Access control a method of restricting access to resources, allowing only privileged entities access. This access control will be incorporated into the Position Sensitive Key and Lock system's Secure Key.

Additional recipient request key a special key whose presence indicates that all messages encrypted to its associated base key should also be automatically encrypted to it. Sometimes referred to by its marketing term, additional decryption key. This feature can incorporated into the Position Sensitive Key and Lock system's Secure Key.

AES (Advanced Encryption Standard) NIST approved standards, usually used for the next 20 -30 years. These standards will be incorporated incorporated into the Position Sensitive Key and Lock system's Secure Key.

AKEP (Authentication Key Exchange Protocol) key transport based on symmetric encryption allowing two parties to exchange a shared secret key, secure against passive adversaries. This sharing methodology can be incorporated into the Position Sensitive Key and Lock system's Secure Key.

Algorithm (encryption) a set of mathematical rules (logic) used in the processes of encryption and decryption. This will be used by the Position Sensitive Key and Lock system's Secure Key.

Algorithm (hash) a set of mathematical rules (logic) used in the processes of Page g

message digest creation and key/signature generation. This will be used by the I'osition Sensitive Key and Lock system's Secure Key.

Anonymity of unknown or undeclared origin or authorship, concealing an entity's identification. All applications used by the Position Sensitive Key and Lock system's Secure Key will have anonymity ANSI (American National Standards Institute) develops standards through various Accredited Standards Committees (ASC). The X9 committee focuses on security standards for the financial services industry. The ANSI standards are to be used by the Position Sensitive Key and Lock system's Secure Key.

API (Application Programming Interface) provides the means to take advantage of software features, allowing dissimilar software products to interact upon one another. API standards will be used by the Position Sensitive Key and Lock system's Secure Key to integrate with varies operating systems and software programs.

ASN.1 (Abstract Syntax Notation One) ISO/IEC standard forencodingrulesused in ANSI X.509 certificates, two types exist - DER (Distinguished Encoding Rules) and BER (Basic Encoding Rules). This will be used by the Position Sensitive Key and Lock system's Secure Key.

Asymmetric keys a separate but integrated user key-pair, comprised of one public key and one private key. Each key is one way, meaning that a key used to encrypt information can not be used to decrypt the same data. These will be incorporated into the Position Sensitive Key and Lock system's Secure Key.

Authentication to prove genuine by corroboration of the identity of an entity. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key.

Authorization certificate an electronic document to prove one's access or privilege rights, also to prove one is who they say they are. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Authorization to convey official sanction, access or legal power to an entity. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. Blind signature ability to sign documents without knowledge of content, similar to a notary public.

Block cipher a symmetric cipher operating on blocks of plain text and cipher text, usually 64 bits. Although this is incorporated into the Position Sensitive Key and Lock system's Secure Key standards the main applications will be using 2048 bit and 4096 bit cipher keys.

Blowfish a 64-bit block symmetric cipher consisting of key expansion and data Page Al

encryption. A fast, simple, and compact algorithm in the public domain written by Bruce Schneier. Although this is incorporated into the Position Sensitive Key and Lock system's Secure Key standards the main applications will be using 2048 bit and 4096 bit cipher keys.

CA (Certificate Authority) a trusted third party (TTP) who creates certificates that consist of assertions on various attributes and binds them to an entity and/or to their public key. Clients can incorporate this into the Position Sensitive Key and Lock system's Secure Key standards.

CAPI (Crypto API) Microsoft's crypto APT for Windows-based operating systems and applications. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Capstone an NSA-developed cryptographic chip that implements a US government Key Escrow capability. This cryptographic chip can have Position Sensitive Key and Lock system's Secure Key standards.

CASTa 64-bit block cipher using 64-bit key, six S-boxes with 8-bit input and 32-bit output, developed in Canada by Carlisle Adams and Stafford Tavares. This 64 bit cipher key can have Position Sensitive Key and Lock system's Secure Key standards.

CBC (Cipher Block Chaining) the process of having plain text XORed with the previous cipher text block before it is encrypted, thus adding a feedback mechanism to a block cipher. A process that can be used by the Position Sensitive Key and Lock system's Secure Key standards.

CDK (Crypto Developer Kit) a documented environment, including an API for third parties to write secure applications using a specific vendor's cryptographic library.

This can be used by the Position Sensitive Key and Lock system's Secure Key standards. CD-PROM a method of manufacturing a CD which combines both CD-ROM and CD Recordable. This is now developed by PanLok into a Unique Identifier secure method of delivering information called KodaLok. This will incorporate the Position Sensitive Key and Lock system's Secure Key standards.

Certificate (digital certificate) an electronic document attached to a public key by a trusted third party, which provides proof that the public key belongs to a legitimate owner and has not been compromised. This will incorporate the Position Sensitive Key and Lock system's Secure Key standards.

CFM (Cipher Feedback Mode) a block cipher that has been implemented as a self synchronizing stream cipher. This will incorporate the Position Sensitive Key and Lock system's Secure Key standards.

Page l<)

ROSA (Common Data Security Architecture) Intel Architecture Labs (IAL) developed this framework to address the data security problems inherent to Internet and Intranet for use in Intel and others' lnternet products. This will incorporate the Position Sensitive Key and Lock system's Secure Key standards.

Certification endorsement of information by a trusted entity.

CHAP (Challenge Authentication Protocol) a session-based, two-way password authentication scheme. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Cipher text the result of manipulating either characters or bits via substitution, transposition, or both. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Clear text characters in a human readable form or bits in a machinereadable form (also called plain text).

CODE EXECUTION A program normally starts at the program start point and executes the machine code instructions until it reaches an instruction which tells the operating system that the program has finished. This takes place at speeds of millions of instructions per second. It is possible however to interrupt the CODE EXECUTION by means of debuggers and follow the execution of individual instructions while observing what changes are made to memory. In this case the CODE EXECUTION has been slowed down by factors of many millions so that a human can follow what the program is doing. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Confidentiality the act of keeping something private and secret from all but those who are authorized to see it. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Cookie PersistentClientState HTTP Cookie -afire or token of sorts,that is passedfrom thewebserver to theweb client (your browser) that is used to identify you and could record personal information such as ID and password, mailing address, credit card number, and other information.

CopyLok a system of copy protection developed by Pan Technology Limited to prevent compact discs from being copied. The system uses artificial intelligence, cryptographics, polymorphics and a range of block cipher keys. Later developments have allowed this product to integrate with Unique Identifier techniques and developed for secure delivery of on-line information. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

CRAB a 1024-byte block cipher (similar to MD5), using techniques froma one-way Page ll

hash function, developed by Burt Kaliski and Matt Robshaw at RSA Laboratories. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. CRC CALCULATIONS A CRC is a mathematical way of determining if the contents of a large amount of data have been corrupted or patched by representing the contents as a single value (typically 32 bits of information). CRCs are typically used to determine if the contents of a message transmitted over the Internet or other communications channel have been garbled during transmission. If so the message is retransmitted. A CRC CALCULATION can also be used to determine if a program has been modified by a cracker, for example if a SINGLE BYTE PATCH is made to a program then the CRC CALCULATION for the contents of that program would result in a different CRC value. The change in value indicates that a patch has been made.

This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. Credentials something that provides a basis for credit or confidence.

CRL (Certificate Revocation List) an online, up-to-date list of previously issued certificates that are no longer valid.

Cross-certification two or more organizations or Certificate Authorities that share some level of trust. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Cryptanalysts the art or science of transferring cipher text into plain text without initial knowledge of the key used to encrypt the plain text. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

CRYPTOKI same as PKCS.

Cryptography the art and science of creating messages that have some combination of being private, signed, unmodified with non-repudiation. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Cryptosystem a system comprised of cryptographic algorithms, all possible plain text, cipher text, and keys. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Data integrity a method of ensuring information has not been altered by unauthorized or unknown means. This will be incorporated into the PositionSensitive Key and Lock system's Secure Key standards.

DEAD LISTING The machine code of a program consists of bytes of data. This can be converted into a readable representation of the original program. For example the byte value 90 (in hexadecimal) can be represented as 144 (decimal). This value could Page {2.

represent a data value (for example a counter) or it could represent an assembly code instruction (in this case the instruction NOP, which means 'No-Operation'). A DEAD LISTING can be created of a program by a disassembler, this is a program that attempts to take the machine code bytes and represent them either as data or as assembly code. The output is a text file which can be read by a human. i.e. a DEAD LISTING. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Decryption the process of turning cipher text back into plain text. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

DES (Data Encryption Standard) a 64-bit block cipher, symmetric algorithm also known as Data Encryption Algorithm (DEA) by ANSI and DEA-1 by ISO. Widely used for over 20 years, adopted in 1976 as FIPS 46. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Dictionary attack a calculated brute force attack to reveal a password by trying obvious and logical combinations of words. Counter systems will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Diffie-Hellman the first public key algorithm, invented in 1976, using discrete logarithms in a finite field. This will be incorporated into the Position Sensitive Key

and Lock system's Secure Key standards.

Digital cash electronic money that is stored and transferred through a variety of complex protocols. The electronic funds transfer standards will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Direct trust an establishment of peer-to-peer confidence. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Discrete logarithm the underlying mathematical problem used in/by asymmetric algorithms, like Diffie-Hellman and Elliptic Curve. It is the inverse problem of modular exponentiation, which is a one-way function. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

DMS(Defense Messaging System) standards designed by the U.S. Department of Defense to provide a secure and reliable enterprise-wide messaging infrastructure for government and military agencies. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

DNSSEC (Domain Name System Security Working Group) a proposed IETF draft that will specify enhancements to the DNS protocol to protect the DNS against unauthorized modification of data and against masquerading of data origin. It will add data integrity and authentication capabilities to the DNS via digital signatures. This Page \3

will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. DSA (Digital Signature Algorithm) a public key digital signature algorithm proposed by NIST for use in DSS. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Digital signature an electronic identification of a person or thing created by using a public key algorithm. Intended to verify to a recipient the integrity of data and identity of the sender of the data. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

DSS (Digital Signature Standard) a NIST proposed standard (PIPS) for digital signaturesusing DSA. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

ECC (Elliptic Curve Cryptosystem) a unique method for creating public key algorithmsbased on mathematical curves over finite fields or with large prime

numbers. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

EDI (Electronic Data Interchange) the direct, standardized computer-tocomputer exchange of business documents (purchase orders, invoices, payments, inventory analyses, and others) between your organization and your suppliers and customers.

This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. EES(EscrowedEncryption Standard) a proposed U.S. government standard for escrowing private keys. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Elgamal scheme used for both digital signatures and encryption based on discrete logarithms in a finite field; can be used with the DSA function. This will be

incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Encryption the process of disguising a message in such a way as to hide its substance. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Entropy a mathematical measurement of the amount of uncertainty or randomness.

FEAL a block cipher using 64-bit block and 64-bit key, design by A. Shimizu and S. Miyaguchi at NTT Japan. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Filter a function, set of functions, or combination of functions thatapplies somenumber oftransforms to itsinput set, yielding an output set containing only those Page

members of the input set that satisfy the transform criteria. The selected members may or may not be further transformed in the resultant output set. An example would be a search function that accepts multiple strings having a boolean relationship (( like a or like b) but of co tai i g c), and optionally forces the case of the found strings in the resultant output. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Fingerprint a unique identifier for a key that is obtained by hashing specific portions of the key data. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

FIPS (Federal Information Processing Standard) a U.S. government standard published by NIST. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Firewall a combination of hardware and software that protects the perimeter of the public/private network against certain attacks to ensure some degree of security. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. GAK(Government Access to Keys) a method for the government to escrow individual's private key. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Gost a 64-bit symmetric block cipher using a 256-bit key, developed in the former Soviet Union.

GSS-API (Generic Security Services API) a high-level security API based upon IETF RFC 1508, which isolates session-oriented application code from implementation details. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Hash function a one-way hash function - a function that produces a messagedigest that cannot bereversedto producedthe original. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

HEX EDITORS The machine instructions for a program are copied from the users hard disk drive into memory before the program is executed. If the contents of the file are modified prior to loading then the execution of the program can be changed, for example to remove a copy protection by means of a SINGLE BYTE PATCH or by more extensive changes involving many dozen or hundreds of byte changes. Since the simplest representation of the contents of a file are as hexadecimal bytes (base 16 rather than base 10 for decimal) then there are many HEX EDITORS that can be used to facilitate these patches. These will be incorporated into the Position Sensitive Key and Pager lS

Lock system's Secure Key standards.

HMAC a key-dependent one-way hash function specifically intended for use with MAC (Message Authentication Code), and based upon IETF RFC 2104. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Hierarchical trust a graded series of entities that distribute trust in an organized fashion, commonly used in ANSI X.509 issuing certifying authorities. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

HTTP (Hypertext Transfer Protocol) a common protocol used to transfer documents between servers or from a server to a client.

IDEA (International Data Encryption Standard) a 64-bit block symmetric cipher using 128-bit keys based on mixing operations from different algebraic groups.

Considered one of the strongest algorithms. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

IETF (Internet Engineering Task Force) a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. The Position Sensitive Key and Lock system's Secure Key standards will be issued to IETF.

Identity certificate a signed statement that binds a key to the name of an individual

and has the intended meaning of delegating authority from that named individual to the public key. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Initialization vector (IV) a block of arbitrary data that serves as the starting point for a block cipher using a chaining feedback mode (see cipher block chaining).

Integrity assurance that data is not modified (by unauthorized persons) during storage or transmittal. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

IPSec a TCP/IP layer encryption scheme under considerationwithin the IETF. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. ISA/KMP (Internet Security Association, Key Mgt. Protocol) defines the procedures for authenticating a communicating peer, creation and management of Security Associations, key generation techniques, and threat mitigation, for example, denial of service and replay attacks. The Position Sensitive Key and Lock system's Secure Key standards will be issued to ISA.

ISO (International Organization for standardization) responsible for a wide range Page b

of standards, like the OSI model and international relationship with ANSI on X.509. The Position Sensitive Key and Lock system's Secure Key standards will be issued to ISO ITU-T (International Telecommunication Union-Telecommunication) formally the CCITT (Consultative Committee for International Telegraph and Telephone), a worldwide telecommunications technology standards organization. The Position Sensitive Key and Lock system's Secure Key standards will be issued to ITU KBS knowledge based systems using expert systems - a form of technology under the general heading of Artificial Intelligence. This will be incorporated into the Posi tion Sensitive Key and Lock system's Secure Key standards.

Kerberos a trusted third-party authentication protocol developed at MIT. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Key a means of gaining or preventing access, possession, or control represented by any one of a large number of values. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Key escrow/recovery a mechanism that allows a third party to retrieve the cryptographic keys used for data confidentiality, with the ultimate goal of recovery of encrypted data. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Key exchange a scheme for two or more nodes to transfer a secret session key across an unsecured channel. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Key length the number of bits representing the key size; the longer the key, the stronger it is. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Key management the process and procedure for safely storing and distributing accurate cryptographic keys; the overall process of generating and distributing cryptographic key to authorized recipients in a secure manner. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Key splitting a process for dividing portions of a single key between multiple parties, none having the ability to reconstruct the whole key. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

LDAP (Lightweight Directory Access Protocol) a simple protocol that supports access and search operations on directories containing information such as names, phone numbers, and addresses across otherwise incompatible systems over the Internet. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Page 1)

lexical section a distinct portion of a message that contains a specific class of data, for example, clear-signed data, encrypted data, and key data. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MAA (Message Authenticator Algorithm) an ISO standardthat produces a 32bit hash,designed for IBM mainframes. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MAC (MessageAuthentication Code) a key-dependent one-way hash function, requiring the use of the identical key to verify the hash. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MD2 (Message Digest2) 128-bit one-way hash function designed by Ron Rivest, dependent on a random permutation of bytes. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MD4 (Message Digest4) 128-bit one-way hash function designed by Ron Rivest, using a simple set of bit manipulations on 32-bit operands. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MD5 (Message Digests) improved, more complex version of MD4, but still a 128-bit one-way hash function. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Message digest a number that is derived from a message. Change a single character in the message and the message will have a different message digest. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. MIC (Message Integrity Check) originally defined in PEM for authentication using MD2 or MD5. Micalg (message integrity calculation) is used in secure MIME implementations. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MIME (Multipurpose Internet Mail Extensions) a freely available set of specifications that offers a way to interchange text in languages with different character

sets, and multimedia email among many different computer systems that use Internet mail standards. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MMB (Modular Multiplication-based Block) based on IDEA, Joan Daemen developed this 128-bit key /128-bit block size symmetric algorithm, not used because of its susceptibility to linear cryptanalysts. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MOSS (MIME Object Security Service) defined in RFC 1848, it facilitates encryption Page pi;

and signature services for MIME, including key management based on asymmetric techniques (not widely used). This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MSP (Message Security Protocol) the military equivalent of PEM, an X.400 compatible application level protocol for securing e-mail, developed by the NSA in late 1980. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

MTI a one-pass key agreement protocol by Matsumoto, Takashima, and Imai that provides mutual key authentication without key confirmation or entity authentication.

This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. Multimedia the seamless integration of data, text, images and sound within a single digital information environment.

NAT (Network Address Transl ator) RFC 1631, a router connecting two networks together; one designated as inside, is addressed with either private or obsolete addresses that need to be converted into legal addresses before packets are forwarded onto the other network (designated as outside). This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

NIST (National Institute for Standards and Technology) a division of the U.S. Dept.

Of Commerce that publishes open, interoperability standards called FIPS.

Non-repudiation preventing the denial of previous commitments or actions.

Oakely the "Oakley Session Key Exchange" provides a hybrid Diffie-Hellman session key exchange for use within the ISA/KMP framework. Oakley provides the important property of "Perfect Forward Secrecy." This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

One-time pad a large non-repeating set of truly random key letters used for encryption, considered the only perfect encryption scheme, invented by Major J. Mauborgne and G. Vernam in 1917. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

One-way hash a function of a variable string to create a fixed length value representing the original pre-image, also called message digest, fingerprint, message integrity check (MIC). This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Orange Book the National Computer Security Center book entitledDepartment of Defense Trusted Computer Systems Evaluation Criteria that defines security requirements.

This will be incorporated into the Position Sensitive Key and Lock system's Secure Key Page Iq

standards. PAP (Password Authentication Protocol) an authentication protocol that allows PPP peers to authenticate one another, does not prevent unauthorized access but merely identifies the remote end. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Passphrase an easy-to-remember phrase used for better security than a single password; key crunching converts it into a random key. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Password a sequence of characters or a wordthat a subject submits to a system for purposes of authentication, validation, or verification. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

PCT (Private Communication Technology) a protocol developed by Microsoft and Visa for secure communications on the lnternet. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

PEM(Privacy Enhanced Mail) a protocol to provide secure internet mail, (RFC 1421 1424) including services for encryption, authentication, message integrity, and key management. PEM uses ANSI X.509 certificates. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

PE PATCHERS these are more sophisticated HEX EDITORS that rather than blindly interpreting the contents of an executable file as hexadecimal values are programmed to 'know' the format of windows exe files (PE, or Portable Executable files). A PE PATCHER allows a less experienced cracker to make changes to some of the structures in a PE file without the user needing to have an extensive knowledge of this file format. For example, the program start address (the location of the first instruction to execute) could easily be changed in a PE PATCHER. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Perfect forward secrecy a cryptosystem in which the cipher text yields no possible information about the plain text, except possibly the length. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Polymorphism a system whereby Panlok limited use the polymorphic technology to examine embedded code. In the case of CopyLok the polymorphic code may look for between 6 to 16 watermarks. Eaxh time it looks for the code it may be six, seven or more - up to sixteen codes. The next time the program is executed it looks for a different set of codes. In simple terms polymorphic means looking for different information each time the program is executed. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Page

Primitive filter a function that applies a single transformto its input set, yielding an output set containing only those members of the input set that satisfy the transform criteria. An example would be a search function that accepts only a single string and outputs a list of line numbers where the string was found. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Pretty Good Privacy (POP) an application and protocol (RFC 1991) for secure e-

mail and file encryption developed by Phil R. Zimmermann. Originally published as Freeware, the source code has always been available for public scrutiny. PGP uses a variety of algorithms, like IDEA, RSA, DSA, MD5, SHA-1 for providing encryption, authentication, message integrity, and key management. PGP is based on the "Web-of-

Trust" model and has worldwide deployment. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

POP/MIME an IETF standard (RFC 2015) that provides privacy and authentication using the Multipurpose Internet Mail Extensions (MIME) security content types described in RFC1847, currently deployed in PGP 5. 0 and later versions. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

PKCS (Public Key CryptoStandards) a setoidefacto standards for public key cryptography developed in cooperation with an informal consortium (Apple, DEC, Lotus, Microsoft, MIT, RSA, and Sun) that includes algorithmspecific and algorithm-

independent implementation standards. Specifications defining message syntax and

other protocols controlled by RSA Data Security Inc. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

PKI (Public Key Infrastructure) a widely available and accessible certificate system for obtaining an entity's public key with some degree of certainty that you have the "right" key and that it has not been revoked. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Plain text (or clear text) the human readable data or message before it is encrypted.

Pseudo-random number a number that results from applying randomizing algorithms to input derived from the computing environment, for example, mouse coordinates. See random number. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Private key the privately held "secret" component of an integrated asymmetric key pair, often referred to as the decryption key. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Procdump When a program runs it takes a copy of the contents of the program from the users hard disk drive and loads it into memory prior to being exectuted.

Page;l

PROCDUMP does the reverse process, it takes the contents of memory and creates a copy of the program on the users hard disk drive. The usefulness of this is when the program is dumped after certain checks or decryptions have been carried out by the program execution. In this case it may be possible to create a program which is already decrypted or which has already carried out any security tests and thus by-pass these tests. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Public key the publicly available component of an integrated asymmetric key pair often referred to as the encryption key. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

RADIUS (Remote Authentication Dial-In User Service) an IETF protocol (developed by Livingston, Enterprise), for distributed security that secures remote access to networks and network services against unauthorized access. RADIUS consists of two pieces - authentication server code and client protocols. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Random number an important aspect to many cryptosystems, and a necessary element in generating a unique key(s) that are unpredictable to an adversary. True random numbers are usually derived from analog sources, and usually involve the use of special hardware. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

RC2 (Rivest Cipher 2) variable key size, 64-bit block symmetric cipher, a trade secret held by RSA, SDI. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

RC4 (Rivest Cipher 4) variable key size stream cipher, once a proprietary algorithm of RSA Data Security, Inc. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

RC5 (Rivest Cipher 5) a block cipher with a variety of arguments, block size, key size, and number of rounds. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

RIPE-MD an algorithm developed for the European Community's RIPE project, designed to resist known cryptanalysts attacks and produce a 128-bit hash value, a variation of MD4. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

REDOC a U.S.-patented block cipher algorithmdeveloped by M. Wood, using a 160 bit key and an 80-bit block. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Page ha

Revocation retraction of certification or authorization. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

RFC (Request for Comment) an IETF document, either FYI (For Your Information) RFC sub-series that are overviews and introductory or STD RFC sub-series that identify specify Internet standards. Each RFC has an RFC number by which it is indexed and by which it can be retrieved (www. ietf.org). This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

ROT-13 (Rotation Cipher) a simple substitution (Caesar) cipher, rotating each 26 letters 13 places. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

RSA short for RSA Data Security, Inc.; or referring to the principals Ron Rivest, Adi Shamir, and Len Adleman; or referring to the algorithm they invented. The RSA algorithm is used in public key cryptography and is based on the fact that it is easy to multiply two large prime numberstogether, but hard to factor them out of the product.

This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. SAFER (Secure And Fast Encryption Routine) a non-proprietary block cipher 64 bit key encryption algorithm. It is not patented, is available license free, and was developed by Massey, who also developed IDEA. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Salt a random string that is concatenated with passwords (or random numbers) before being operated on by a one-way function. This concatenation effectively lengthens and obscures the password, making the cipher text less susceptible to dictionary attacks.

This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. SDSI (Simple DistributedSecurity Infrastructure) a newPKI proposal from Ronald L. Rivest (MIT), and Butler Lampson (Microsoft). It provides a means of defining groups and issuing group-membership, access-control lists, and security policies.

SDSI's design emphasizes linked local name spaces rather than a hierarchical global name space. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SEAL (Software-optimized Encryption ALgorithm) a fast stream cipher for 32-bit machines designed by Rogaway and Coppersmith. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Secret key either the "private key" in public key (asymmetric) algorithms or the "session key" in symmetric algorithms. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. Page 13

Secure channel a means of conveying information from one entity to another such that an adversary does not have the ability to reorder, delete, insert, or read (SSL, IPSec, whispering in someone's ear). This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Self-signed key a public key that has been signed by the corresponding private key for proof of ownership. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SEPP (Secure Electronic Payment Protocol) an open specification for secure

bankcard transactions over the Internet. Developed by IBM, Netscape, GTE, Cybercash, and MasterCard. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SESAME (Secure European System for Applications in a Multi-vendor Environment) European research and development project that extended Kerbros by adding authorization and access services. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Session key the secret (symmetric) key used to encrypt each set of data on a transaction basis. A different session key is used for each communication session. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. SET (Secure Electronic Transac lion) provides for secure exchange of credit card numbers over the Internet. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SHA-1 (Secure Hash Algorithm) the 1994 revision to SHA, developed by NIST, (FIPS 180-1) used with DSS produces a 160-bit hash, similar to MD4, which is very popular and is widely implemented. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SINGLE BYTE PATCH If a conditional jump would normally jump if (for exam pie) a licence number were valid then the conditional jump could be modified into an un conditional jump. This can be achieved by changing a single byte value which repre sents the type of instruction, i.e. a SINGLE BYTE PATCH. In this case the patch ensures that the jump to the 'valid licence code' is always made irrespective of the previous test. This will be incorporated into the Position Sensitive Key and Lock system's Se cure Key standards.

Single sign-on onelog-onprovides access to allresourcesofthe network. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SKIP (Simple Key for IP) simple key-management for Internet protocols, developed Page;+

by Sun Microsystems, Inc. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Skipjack the SO-bit key encryption algorithm contained in NSA's Clipper chip. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. SKMP (Secure key Management Protocol) an IBM proposed key-recovery architecture that uses a key encapsulation technique to provide the key and message recovery to a trusted thirdparty escrow agent. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

S/MIME (Secure Multipurpose Mail Extension) a proposed standard developed by Deming software and RSA Data Security for encrypting and/or authenticating MIME data. S/MIME defines a format for the MIME data, the algorithms that must be used for interoperability (RSA, RC2, SHA-1), and the additional operational concerns such as ANSI X.509 certificates and transport over the lnternet. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SNAPI (Secure Network API) a Netscape driven API for security services that provide ways for resources to be protected against unauthorized users, for communication to be encrypted and authenticated, and for the integrity of information to be verified. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SPKI (Simple Public Key Infrastructure) an IETF proposed draft standard, (by Ellison, Frantz, and Thomas) public key certificate format, associated signature and other formats, and key acquisition protocol. Recently merged with Ron Rivest's SDSI proposal. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SSH (Secure Shell) an IETF proposed protocol for securing the transport layer by providing encryption, cryptographic host authentication, and integrity protection. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. SSH (Site Security Handbook) the Working Group (WG) of the Internet Engineering Task Force has been working since 1994 to produce a pair of documents designed to educate the Internet community in the area of security. The first document is a complete reworking of RFC 1244, and is targeted at system and network administrators, as well as decision makers (middle management) .

SSL (Secure Socket Layer) developed by Netscape to provide security and privacy over the Internet. Supports server and client authentication and maintains the Page (IS

security and integrity of the transmission channel. Operates at the transport layer and mimics the "sockets library," allowing it to be application independent. Encrypts the entire communication channel and does not support digital signatures at the message level. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

SST (Secure Transaction Technology) a secure payment protocol developed by Microsoft and Visa as a companion to the PCT protocol. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Stream cipher a class of symmetric key encryption where transformation can be changed for each symbol of plain text being encrypted, useful for equipment with little memory to buffer data. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

STU-III (Secure Telephone Unit) NSA designed telephone for secure voice and low-speed data communications for use by the U.S. Dept. of Defense and their contractors. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Substitution cipher the characters of the plain text are substituted with other characters to form the cipher text. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

S/WAN (Secure Wide Area Network) RSA Data Security, Inc. driven specifications

for implementing IPSec to ensure interoperability among firewall and TCP/IP products. S/WAN's goal is to use IPSec to allow companies to mixand-match firewall and TCP/IP stack products to build Internet-based Virtual Private Networks (VPNs).

This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. Symmetric algorithm a.k.a., conventional, secret key, and single key algorithms; the encryption and decryption key are either the same or can be calculated from one another. Two subcategories exist - Block and Stream. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

TACACS+ (Terminal Access Controller Access Control System) a protocolthat provides remoteaccess authentication, authorization, and related accounting and logging services, used by Cisco Systems. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Timestamping recording the time of creation or existence of information. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. Page DJb

TLS (Transport Layer Security) an IETF draft, version 1 is based on the Secure Sockets Layer (SSL) version 3.0 protocol, and provides communications privacy over the Internet.

TLSP (Transport Layer Security Protocol) lSO 10736, draft international standard.

This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. Transposition cipher the plain text remains the same but the order of the characters is transposed. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Triple DES an encryption configuration in which the DES algorithm is used three times with three different keys. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Trust a firm belief or confidence in the honesty, integrity, justice, and/or reliability of a person, company, or other entity. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

TTP (Trust Third-Party) a responsible party in which all participants involved agree upon in advance, to provide a service or function, such as certification, by binding a public key to an entity, time-stamping, or key-escrow. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

UEPS (Universal Electronic Payment System) a smart-card (secure debit card) -based banking application developed for South Africa where poor telephones make on-line verification impossible. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Validation a means to provide timeliness of authorization to use or manipulate information or resources. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Verification to authenticate, confirm, or establish accuracy. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

VPN (Virtual Private Network) allows private networks to span from the end user, across a public network (Internet) directly to the Home Gateway of choice, such as your company's Intranet. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

WAKE (Word Auto Key Encryption) produces a stream of 32-bit words, which can be XORed with plain text stream to produce cipher text, invented by David Wheeler.

* This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. Page;2

Web of Trust a distributed trust model used by POP to validate the ownership of a public key where the level of trust is cumulative based on the individual's knowledge of the "introducers." This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

W3C (World Wide Web Consortium) an international industry consortium founded in 1994 to develop common protocols for the evolution of the World Wide Web. The W3C standards will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

XOR exclusive-or operation; a mathematical way to represent differences. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards. X.509v3 an ITU-T digital certificate that is an internationally recognized electronic document used to prove identity and public key ownership over a communication network. It contains the issuer's name, the user's identifying information, and the issuer's digital signature, as well as other possible extensions in version 3. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

X9.17 an ANSI specification that details the methodology for generating random

and pseudo-random numbers. This will be incorporated into the Position Sensitive Key and Lock system's Secure Key standards.

Page 3$

1 The Position Sensitive Key and Lock device is a secure protection locking and protection unlocking of computer software, digital music, digital video, information and physical objects, structures or containers using an absolute position determined by all terrestrial or outer space coordinate location systems.

2 The Position Sensitive Key and Lock device is a secure Lock and Key principle utilised with invention's Key Creator computer software program, invention's Secure Locking computer software program and a Secure Unlocking computer software program. 3 The Position Sensitive Key and Lock device utilises Earth or Outer Space position location systems such as Clobal Positioning System (GPS), radio, radio beacon, microwave, laser, magnetic, gyroscope, celestial or any method or device that will provide a latitude, longitude and ellipsoid/altitude accurate location.

4 The Position Sensitive Key and Lock device determines the latitude, longitude and ellipsoid/altitude position will also be determined from 3D Cartesian X Y Z accurate location, Geographical Information Systems (GIS), and by the UK's National Grid Reference system and any other position determining system.

5 The Position Sensitive Key and Lock device will also use three dimensional location systems for determining accurate positions in Outer Space outside the normal Earth positioning systems.

6 The Position Sensitive Key and Lock device determines an absolute position of the latitude, longitude and ellipsoid/altitude for the location of a Device. A 'Device' is either a computer, a mobile telephone, any device that contain a Central Processing Unit (CPU) or microprocessor chip, Subscriber Identity Module - Mobile Equipment (SIM Card), Smart Card, Hand held computers, Palm Top computers, Box with a CPU in their inventions positional system lock, Containers with a CPU in their positional system lock, Containers on Road, Rail, Air, Sea or Space with a CPU in their positional system lock, Safes and Vaults with a CPU in their positional system lock, all doors, gates and exits and entrance mechanisms with a CPU in their positional system lock.

Page 291

7 The Position Sensitive Key and Lock device will determine a location which can be a local latitude, longitude and ellipsoid/altitude position or a remote latitude, longitude and ellipsoid/altitude position.

8 With the Position Sensitive Key and Lock device's Central Control Unit obtaining a latitude, longitude and ellipsoid/altitude position of a Device from a remote position the master program communicates with the remote device and confirms its current position.

9 After the the Position Sensitive Key and Lock device obtains the X, Y. Z coordinate position of the Device the Central Control Unit will create the Secure Key.

The Secure Key can be used remotely or transmitted or delivered to the local Device 10 With the use of the Position Sensitive Key and Lock device for secure delivery or collection of products in a Container it may be several or many latitude, longitude and ellipsoid/altitude positions that are logged and embedded within the Container CPU to enable that Container to be opened or closed securely when it is has travelled to and/or located at those proposed delivery positions.

11 The Position Sensitive Key and Lock device's Key Creator software applies an encryption code of the latitude, longitude and ellipsoid/altitude position to produce a Secure Key utilising cryptography and security systems such as those listed in Appendix 1 of this document or other cryptography systems. The Secure Key is encrypted to ensure that the latitude, longitude and ellipsoid/altitude position is hidden within that encryption code and only the Secure Unlocking computer software can access the hidden code.

12 To lock and protect a computer program, software or information held within a Device the Secure Locking computer software program examines the Secure Key and utilising a decryption technique it checks that the Device is in the correct latitude, longitude and ellipsoid/altitude position. If it is located correctly the Secure Locking computer software program encrypts the computer program, software or information held within that Device using the Position Sensitive Key and Lock cryptography secure wrapping technique. This wrapping technology is called the 'Secure Wrap'. Any information, computer program, or locked information is securely protected by this Secure Wrap encryption process and access is only gained whilst the Secure Key is Page 30

within the Licensed Device and that Device is in the correct latitude, longitude and ellipsoid/altitude position. If an attempt is made to use the Secure Wrapped information or computer program at a different location or on an un-licensed Device the cryptography used within the Secure Wrap will not allow the contents to be used or examined. 13) This Secure Wrap of a computer program, software or information ensures that the The Position Sensitive Key and Lock device will only allow access to the computer program, software, information or container when the Device is located at the correct latitude, longitude and ellipsoid/altitude position.

14 If a person or mechanism is required to use or look at a computer program, software or information held within a Device, the Secure Unlocking computer software program is activated. This Secure Unlocking computer software program examines the latitude, longitude and ellipsoid/altitude position through the Device's Earth or Outer Space position location system and if this is verified as correct by the Secure Unlocking computer software when it examines the Secure Key the computer program, software or information is unlocked and could be used by the person or a mechanism requiring access. The unlocked computer program, software or information is still held in cryptography format whilst it is in the unlock useable or readable format so that in the event of the information being stolen or transferred to another device it cannot be accessed. 15 Remote vendors or providers who provide computer programs, software or information, and utilise the The Position Sensitive Key and Lock, would receive a request from a user or client to be provided with a computer program, software or information. The The Position Sensitive Key and Lock's software held within the vendors or providers Computer Device, termed Central Control Unit, at the vendors or providers location can examine remotely the clients Earth or Outer Space position location system to determine that client's Device's accurate latitude, longitude and ellipsoid/altitude position. The vendors or provider's Device utilises the Position Sensitive Key and Lock's software Secure Locking program creates a Secure Key for their client and to encrypt the computer programs, software or information with Secure Wrap. Page 31

16 The Position Sensitive Key and Lock's software transmits the Secure Wrapped computer program, software or information plus the Secure Key to the client's Device.

17 The vendors or providers Computer Device could have the client's Secure Key transmitted to the vendors or providers Computer Device and the vendors or providers Computer Device would utilise the inventions Secure Locking computer software program to encrypt the computer program, software or information and carry out a Secure Wrap of that software or information. That Securely Wrapped software or information would be transmitted or sent to the Client.

18 When the client wishes to use the provided computer program, software or information the Position Sensitive Key and Lock's Secure Unlocking computer software program would examine the Secure Key, obtain the encrypted code, decrypt that code and verify that the encrypted location is the same as the latitude, longitude and ellipsoid/altitude position through the client's Device's Earth or Outer Space position location system. If verified as correct by the Secure Unlocking computer software the computer program, software or information would be unlocked and could be used or read by that client.

19 If the user's Device is moved to a different latitude, longitude and ellipsoid/ altitude position the computer programs, software or information that were previously accessible from the original position will not now be accessable.

20 The inventions Position Sensitive Key and Lock program would access a new latitude, longitude and ellipsoid/altitude position and inform the inventions Control Centre Device of the new position and inform the client of that new position. This is important information in the event that the Device is stolen.

21 In the event of the Device's Earth or Outer Space position location system being disconnected but the Device transmits any message to the internet the Position Sensitive Key and Lock program sends a message covertly to the inventions Control Centre Device, utilising the Stealth Program technique described in Claim 22,

providing detailed information of the new URL ( Uniform Resource Locator an address) or email address of the user's Device enabling the owner to trace the location of their Device through the ISP (Information Service Provider).

Page 32.

2 The Stealth Program program within the Position Sensitive Key and Lock's software is the low level computer program used by the Position Sensitive Key and Lock program is not visible by computer programs such as the Task Manager file on a Computer Device and cannot be seen in the Applications or Processes section of the Task Manager. This low level file is known as a Stealth File and is activated at predetermined time intervals and when the Device is turned on. The Stealth Program confirms that latitude, longitude and ellipsoid/altitude position is correct in accordance with Secure Key embedded algorithms and that the Device still has the position of the latitude, longitude and ellipsoid/altitude equipment connected to it and functioning. If the Stealth Program cannot confirm either of these facts when the devices is next connected to the internet it initiates an executable low level instruction file that will inform the Control Centre Device of the IP or other address of the Device and the IP address or other address that the Device is transmitting to. This information will be used to identify the location of a stolen Device or a user's identity who is using the Devices illegally.

23 The Position Sensitive Key and Lock program would also link to Mechanical Devices such as locks on lorries, vans, containers, safes, vaults, cash register draw, any container whether static or moveable. Position Sensitive Key and Lock program is embedded within the CPU mechanism inside the mechanical lock. The Position Sensitive Key and Lock program unlock key can be held on an exterior device that can be inserted into the Position Sensitive Key and Lock. It can be placed on or nearby to the Position Sensitive Key and Lock and transmitted to the lock.

24 If a person or a mechanism wishes to unlock a mechanism containing the Position Sensitive Key and Lock program the Secure Unlocking computer software program is activated. This Secure Unlocking computer software program examines the latitude, longitude and ellipsoid/altitude position through the Device's Earth or Outer Space position location system and if this is verified as correct by the Secure Unlocking computer software when it examines the Secure Key the mechanism is unlocked and access is made to the Mechanical Device on or within the container.

25 The Position Sensitive Key and Lock program would link into navigational and tracking systems located within a vehicle, plane, train, ship or any other system that transports, humans, animals or product and could be programmed to open or close a mechanical lock by the use of Position Sensitive Key and Lock software integrated Page 33

within those transport systems when they arrive at a specific latitude, longitude and ellipsoid/altitude position.

26 In certain applications when a Container is moved from its latitude, longitude and ellipsoid/altitude position it will automaticall be locked for security.

27 With portable devices such as palm top, notebook and laptop computers the Secure Key is issued with a Time License if required. This Time License will allow the portable device to unlock software, information or mechanical locks connected or on that portable device for certain periods of time whilst that Device is away from its normal latitude, longitude and ellipsoid/altitude position. The period of time is determined by the vendor and client and can be periods of 1 day, 7 day or any contracted period of time. After the expiry of that Time License the Secure Key will not be able to unlock the Position Sensitive Key and Lock. When the portable device returns to its normal base station the portable device will confirm the latitude, longitude and ellipsoid/altitude position and renew the Time License for contracted period of time agreed by the vendor and client.

28 The Secure Locking program can create a Secure Key coded with a mechanical recognition system where a Physical Key can be created with mechanical features.

These mechanical features relate to embedded code which can be decrypted to relate to the latitude, longitude and ellipsoid/altitude positions of the Device or Mechanical Device to allow locking and unlocking of Computer Information or allow locking and unlocking of a Mechanical Device.

29 The Mechanical Lock Device will utilise embedded latitude, longitude and ellipsoid/altitude position coded shapes on a Mortice Key, Cylinder Rim Lock, High Security Multi-Point Locking System, Punched Card, Magnetic Card, Smart SIM Card or any other Mechanical Device including those devices emitting a frequency of Light or Radio.

30 Secure delivery and collection systems the user will transmit securely many delivery and collection latitude, longitude and ellipsoid/altitude positions to the Mechanical Position Lock and when that vehicle, plane, train, ship, container or any other transport system arrives at those positions the Mechanical Position Lock system allows the lock to be opened.

Page 34-

31 On certain applications the company providing the delivery and collection service the inventions system will inform that Company of the latitude, longitude and ellipsoid/altitude locations of its transport, the time the Mechanical Position Lock was unlocked and when it was locked up again. If the transport vehicle was locked or unlocked at the incorrect latitude, longitude and ellipsoid/altitude locations the Position Sensitive Key and Lock system would notify the Company of this action. 32 When the transport company wishes to inform one of its transport

vehicles to collect or deliver to a new latitude, longitude and ellipsoid/altitude location that Company's Computer Devices Secure Locking computer software program would create a Secure Key. The Secure Key would be transmitted to the transport vehicles tracking system or to the driver's mobile telephone system. A device such as a connector from the mobile telephone to a USB Subscriber Identity Module (SIM Card), as claimed in Claim 6, connector would send the Secure Key to the microprocessor in the SIM card. When the transport vehicle driver arrives at the new latitude, longitude and ellipsoid/altitude location they insert the USB connector into the port/slot located on the Mechanical Position Lock. The SIM card transmits the Secure Key to the Mechanical Position Lock and the Secure Unlocking computer software inside the CPU within the Mechanical Position Lock can access the hidden latitude, longitude and ellipsoid/altitude location within the Secure Key, confirm that the position is correct and unlock the container.

Page 3S

Claims (45)

Amendments to the claims have been bled as follows CLAIMS Patent Application Number GB 0226517.1

1. A digital cryptographic locking system for locking an item wherein the key is derived from the geographical location of a Device, the locked items being either physical or data *ems.

2. The system according to Claim 1 wherein the geographical coordinates used locate the latitude longitude and ellipsoid position of the Device.

3. The system according to Claim 1 wherein the geographical coordinates used locate the latitude longitude and altitude position of the Device.

4. The system according to any of the previous claims wherein the geographical coordinates used for unlocking the item are provided by a terrestrial system.

5. The system according to any of the previous claims wherein the geographical coordinates used for unlocking the item are provided by a satellite system.

6. The system according to Claim 5 wherein the satellite system is the Global Position System (GPS) or equivalent.

7. The system of any of the preceding claims wherein the Device is one of: a computer, a mobile phone, a palmtype Device, a microchip, a CPU.

8. The system of any of the preceding claims wherein the locked item is a physical container.

9. Data locked by the cryptographic system as in Claim 1 is one of: computer software, computer programmer, digital files, transmitted information, digital music, digital video, audio, text messages, digital images, digital photographs.

10. Data as in Claim 9 locked by the cryptographic system as in Claim 1 can be locked by a remote Device having the locking system and transmitted from that remote Device to the local Device by terrestrial or satellite communication systems.

Page 3to

11. Data unlocked by the cryptographic system as in Claims 4, 5 and 6 is one of: computer software, computer programmer, digital files, transmitted information, digital music, digital video, audio, text messages, digital images, digital photographs.

12. Data as in Claim 11 unlocked by the cryptographic system as in Claims 4, 5 and 6 ca,, be unlocked by a remote Device having The unlocking system fund transmitted troll, that remote Device to the local Device by rerresrriai or sareiiire coll=liCliOlt byblll enabling the local Device to use that data providing that local Device is in the correct position as required in Claims 4, 5 and 6.

13. A Stealth Program is cryptographically integrated within the invention's Position Sensitive Key and Lock program that monitors the Device to ensure that it is in the correct geographic position or that the satellite and terrestrial position equipment is still connected. If it detects that the geographic location has changed or the geographic location equipment is disconnected then each time the equipment is connected to the internet the Stealth Program sends a message to the Central Control Unit informing the controller of the IF Address of that computer and name of the Information Service Provider (ISP) being used for that transmission. In the event that the Device was stolen then the police or any other legal authority would request the IP Address name and postal address from the current ISP so that they would locate that stolen Device.

14. Physical containers locked by the cryptographic system as in Claim 8 can be: a mobile physical container or static physical container.

15. A physical container is unlocked by the cryptographic system as in Claims 4, 5 and 6 when it is positioned correctly as in Claims 2 and 3.

16. A physical container can be unlocked by a remote Device having the unlocking system and transmitted from that remote Device to the physical container by terrestrial or satellite communication systems providing that the physical container is in the correct position as required in Claims 4, 5 and 6.

Page 3}

17. A service bureau acting as a Central Control Unit can request an encrypted code from the Device as in Claim 7 which confirms to the Central Control Unit that the Device is in the correct position in accordance with Claims 4, 5 and 6.

8. A service bureau acting as a Central Control Unit can receive the encrypted code as in Claim 17 and encrypt the data as in Claim 1 then transmit that data to the Device by terrestrial or satellite communication systems. The Device can then access the data rasrrurred trot me Central woni-rol Unit after the Device has cor.úil-l-l,ed its geographcai coordinates as m Cialms 4, 5 and b.

19. A physical container can receive one or many lock or unlock instructions from a Device as in Claim 7 that will enable the physical container to be locked or unlocked according to correct position as required in Claims 4, 5 and 6.

20. To create the Secure Key as in Claim 1 utilises any of the known cryptography systems.

21. The Secure Key is encrypted to ensure that the geographic position is hidden within that encryption code and only the Secure Unlocking computer software can access the hidden code.

22. To lock and protect a computer program, software or information held within a Device the Secure Locking computer software program examines the Secure Key and utilising a decryption technique it checks that the Device is in the correct geographical coordinates. If it is located correctly the Secure Locking computer software program encrypts the computer program, software or information held within that Device using the Position Sensitive Key and Lock cryptography secure wrapping technique. This wrapping technology is called the 'Secure Wrap'. Any Data locked or physical container lock is securely protected by this Secure Wrap encryption process and access is only gained whilst the Secure Key is within the Licensed Device and that Device is in the geographical coordinate. If an attempt is made to use the Secure Wrapped information or computer program at a different location or on an un-licensed Device the cryptography used within the Secure Wrap will not allow the contents to be used or examined. Page fig

23. This Secure Wrap of Data ensures that the Position Sensitive Key and Lock Device will only allow access to the Data or physical container when the Device is located at the correct geographical coordinate.

24. If a person or mechanism is required to use or look at Data as in Claim 9 held within a Device, the Secure Unlocking computer software program is activated. This Secure Unlocking computer software program examines the geographical coordinate Slough the De-vice's terrestrial or satellite position location system. Ad if 'is is verified as correct by the Secure unlocking computer software whelp it exailules ale Secure Key the Data is unlocked and can be used by the person or a mechanism requiring access. The unlocked Data is still held in cryptographic format whilst it is in the unlock useable or readable format so that in the event of the information being stolen or transferred to another Device it cannot be accessed.

25. A Secure Key as in Claim 1 is created in the Device or physical container by the Position Sensitive Key and Lock software program using cryptographic technology.

26. A Secure Key is derived by the Device or physical container examining its geographical coordinates using the Position Sensitive Key and Lock software program as in Claim 24 by changing those coordinates as in Claims 4, 5 and 6 to a digital number from which a cryptographic cipher code is extracted which is then formed into the Secure Key.

27. The geographic coordinates are hidden in the Secure Key by the cryptographic code.

28. Remote vendors or providers who provide Data as in Claim 9, and utilise the Position Sensitive Key and Lock, would receive a request from a user or client to be provided with Data as in Claim 9. The Position Sensitive Key and Lock's software held within the vendors or providers Computer Device, termed Central Control Unit, at the vendors or providers location can examine remotely the clients Secure Key which in turn examines the devices geographical coordinate without disclosing this geographical coordinate to the vendor. The Secure Key confirms that this Device is in the correct location. The vendors or provider's Device utilises the Position Sensitive Key and Lock's software Secure Locking program to create the Data in the Secure Wrap format to transmit to their client.

Page 35

29. The Position Sensitive Key and Lock's software at the Central Control Unit transmits the Secure Wrapped Data to the client's Device.

30. The vendors or providers Computer Device can have the client's Secure Key transmitted to the vendors or providers Computer Device and the vendors or providers Computer Device would utilise the inventions Secure Locking computer software program to encrypt the Data as in Claim 9 and carry out a Secure Wrap of that Data utilising the cipher code embedded within, Me Secure Key. That Securely Mapped Dara can Glen be transmitted or sent to The Client.

31. When the client wishes to use the provided Data the Position Sensitive Key and Lock's Secure Unlocking computer software program would examine the Secure Key, obtain the encrypted code, decrypt that code and verify that the encrypted location is the correct geographic position through the client's satellite or terrestrial position location system. If verified as correct by the Secure Unlocking computer software the Data would be unlocked and can be used or read by that client.

32. If the user's Device is moved to a different geographic position the Data that was previously accessible from the original geographic position will not now be accessable.

33. If the client wished to locate their Device to a different geographic position then the inventions Position Sensitive Key and Lock program would access a new latitude, longitude and ellipsoid/altitude position and inform the inventions Control Centre Unit Device of the new position and inform the client of that new position. Permission is then granted to the client and the Position Sensitive Lock and Key program will create a new geographic location Secure Key. This is important information in the event that the Device is stolen.

34. In the event of the Device's satellite or terrestrial position location system being disconnected but the Device transmits any message to the internet the Position Sensitive Key and Lock program sends a message covertly to the inventions Control Centre Device, utilising the Stealth Program technique as in Claim 13 and described in Claun 35, providing detailed information of the new IF Address and Information Page 0

Service Provider of the user's Device enabling the owner to trace the location of their stolen Device.

35. The Stealth Program within the Position Sensitive Key and Lock's software is the low level computer program used by the Position Sensitive Key and Lock program is not visible by computer programs such as the Task Manager file on a Computer Device and cannot be seen in the Applications or Processes section of the Task Manager. This low level file is '--lown as Me inventions Stealth Pile and is activated at predetelll,ed time intervals and when The Device is turned on. 1 he Stealul rrograrn conrims that geographic position is correct in accordance with Secure Key embedded algorithms and that the Device still has the correct position of the geographic location and the correct satellite or terrestrial equipment connected to it and functioning. If the Stealth Program cannot confirm either of these facts when the devices is next connected to the internet it initiates an executable low level instruction file that will inform the Control Centre Unit Device of the current IF or new IP address of the Device and the ISP address or new ISP address that the Device is transmitting to. This information will be used to identify the location of a stolen Device or a user's identity who is using the Devices illegally.

36. The Position Sensitive Key and Lock program also connects to Physical Containers, as in Claim 8, such as locks on lorries, vans, containers, safes, vaults, cash register draw, and any container whether static or moveable. Position Sensitive Key and Lock program is embedded within a Device as in Claim 7 connected to that physical container inside the mechanical lock. The Position Sensitive Key and Lock program unlock key can be held on an exterior Device as in Claim 7 that can be inserted into the Position Sensitive Key and Lock. It can be placed on or nearby to the Position Sensitive Key and Lock and transmitted to the inventions Position Sensitive Key and Lock.

37. If a person or a mechanism wishes to unlock a mechanical lock on a physical container containing the Position Sensitive Key and Lock program the Secure Unlocking computer software program is activated. This Secure Unlocking computer software program examines the geographic position through the Device's satellite or terrestrial position location system and if this is verified as correct by the Secure Unlocking computer software when it examines the Secure Key the mechanism is Page Al

r l ( unlocked and access is made available to the mechanical lock on or within the physical container.

38. The Position Sensitive Key and Lock program would link into navigational and tracking systems located within a vehicle, plane, train, ship and all other system that transports, humans, animals or any product and can be programmed to open or close a mechanical lock by the use of Position Sensitive Key and Lock software integrated within Hose physical containers wl,en they arrive a. a specific geographic position..

39. In certain applications when a Physical Container is moved from its geographic position it will automatically be locked for security.

40. With portable devices such as palm top, notebook, laptop computers and any portable Device as in Claim 7 the Secure Key is issued with a Time License if required.

This Time License will allow the portable Device to unlock Data on that portable Device for certain periods of time whilst that Device is away from its normal geographic position. The period of time is determined by the vendor and client and can be periods of 1 day, 7 day or any contracted period of time. After the expiry of that Time License the Secure Key will not be able to unlock the Position Sensitive Key and Lock Data. When the portable Device returns to its normal geographic position the portable Device will confirm the geographic position using its satellite and terrestrial location system and renew the Time License for the contracted period of time agreed by the vendor and client.

41. The Secure Locking program can create a Secure Key coded with a mechanical recognition system where a Physical Key can be created with mechanical features.

These mechanical features relate to embedded code which can be decrypted to relate to the geographic positions of the Device or Physical Container to allow locking and unlocking of Computer Information or allow locking and unlocking of a Mechanical Device on a Physical Container when it is in the correct geographic location.

42. The Mechanical Lock Device will utilise embedded geographic position coded shapes on a Mortice Key, Cylinder Rim Lock, High Security MultiPoint Locking System, Punched Card, Magnetic Card, Smart SIM Card and any other Mechanical Device including those devices emitting a frequency of Light or Radio.

Pager AL

l l l ( l (

43. With secure delivery and collection systems the user can transmit securely many delivery and collection geographic positions to the Mechanical Position Lock and when that vehicle, plane, train, ship, container and any other physical container arrives at those positions the Mechanical Position Lock system allows the lock to be opened.

44. On certain applications the company providing the delivery and collection service the inventions system will inform that Company of the geographic locations of its transport, the time the Mechanical Position Lock was unlocked and when it was locked up again. If the transport vehicle was locked or unlocked at the incorrect geographic locations the Position Sensitive Key and Lock system would notify the Company of this action.

45. When the transport company wishes to inform one of its physical containers to collect or deliver to a new geographic location that Company's Computer Devices Secure Locking computer software program would create a Secure Key. The Secure Key would be transmitted to the transport vehicles tracking system or to the driver's mobile telephone system or mobile Device as in Claim 7. A Device such as a connector from a mobile Device as in Claim 7, mobile telephone to a USB Subscriber Identity Module tSIM Card), and any other method of connecting from a Device as in Claim 7, connector would send the Secure Key to the microprocessor in the SIM card or mobile Device. When the transport vehicle driver arrives at the new geographic location they insert the connector from the mobile Device into the port or slot located on the Mechanical Position Lock. The mobile Device can also transmit the Secure Key to the Mechanical Position Lock and the Secure Unlocking computer software inside the CPU or microchip within the Mechanical Position Lock can access the hidden geographic location within the Secure Key, confirm that the geographic position is correct and unlock the physical container.

-O- Ref JM/1/10/2003 Page 87