| 摘要 |
The invention relates to a method and to an arrangement for a rights ticket system for increasing the security of access control to computer resources. According to the invention, in a safe environment, a person that is especially trustworthy produces for a computer a host card with identity information specific of said computer and a personalized set of data in the form of a signed ticket. Said ticket contains information on the rights of a user for at least one RTS computer or on resources of said RTS computer, but also identity information on the host card already produced for the RTS computer. In order to protect the tickets, a common secret information is established that is shared by the host card and the tickets allocated to said host card. After receipt, the user decrypts the signed ticket with the private key of his user card, and then verifies and it stores it in the user card. Access to an RTS computer is enabled only after a mutual authentication via the common secret information between the user card of the user and the host card of the respective computer. |
