Smart card security information configuration and recovery system

US 20020029348A1
Filed: 07/30/2001
Published: 03/07/2002
Est. Priority Date: 07/28/2000
Status: Active Grant

First Claim

Patent Images

1. A process for storing and recovering security information stored on a first smart card that is used to uniquely access a client computer and secure logins into networks and Web sites, comprising the steps of:

providing a secure server;

creating a password and challenge question;

wherein said password is used to access said server if said first smart card is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a smart card;

retrieving the ID number of said first smart card and other user and system specific information;

storing said first smart card ID and said other user and system specific information on said server, providing access key creation means on said server for creating a first access key;

storing said first access key on said server, and providing configuration means for configuring said client to boot only if said first smart card is readable by said client or said first access key is entered.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A smart card security information configuration and recovery system provides a secure Web site and server that allows smart card users to easily create and obtain smart cards and passwords. The client program accesses the smart card inserted into the client computer and retrieves the smart card'"'"'s ID and other user and system information and sends them to the server which creates an access key. The access key and the smart card ID are stored in the client computer'"'"'s CMOS or non-volatile memory for boot-up access. The client computer will boot only if the proper smart card is installed or the proper access key is entered when the smart card is unavailable. If the user loses his smart card, then he must gain access to his computer through the access key which the server issues after the user logs in. When the user wants to get a new smart card issued, he logs onto the server which is sent the new smart card'"'"'s ID that replaces the previous smart card'"'"'s ID and the server generates a new access key and stores it. The new access key and the smart card'"'"'s ID are stored in the client computers CMOS or non-volatile memory for boot access.

Citations

46 Claims

1. A process for storing and recovering security information stored on a first smart card that is used to uniquely access a client computer and secure logins into networks and Web sites, comprising the steps of:
- providing a secure server;
  
  creating a password and challenge question;
  
  wherein said password is used to access said server if said first smart card is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a smart card;
  
  retrieving the ID number of said first smart card and other user and system specific information;
  
  storing said first smart card ID and said other user and system specific information on said server, providing access key creation means on said server for creating a first access key;
  
  storing said first access key on said server, and providing configuration means for configuring said client to boot only if said first smart card is readable by said client or said first access key is entered.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
- - 2. The process of claim 1, wherein an emergency diskette is created and said client can boot using said diskette instead of said first smart card.
  - 3. The process of claim 1, wherein the user accesses said server through another computer;
    - wherein said server requires the user to log in; and
      
      wherein said server displays said access key to the user if said log in is correct.
  - 4. The process of claim 1, wherein the user enters said first access key into said client;
    - and wherein said client boots in response to said first access key.
  - 5. The process of claim 1, further comprising the steps of:
    - wherein the user requests that said server issue a second smart card to replace said first smart card;
      
      wherein the user makes said request through said client;
      
      retrieving the ID number from said second smart card;
      
      replacing said first smart card'"'"'s ID with said second smart card'"'"'s ID on said server, and wherein said configuration means configures said client to boot if said second smart card is readable, thereby replacing said first smart card.
  - 6. The process of claim 5, wherein said server requires the user to enter the proper user and/or other system specific information to validate said request.
  - 7. The process of claim 5, further comprising the step of:
    - wherein said access key creation means creates a second access key;
      
      replacing said first access key with said second access key on said server, and wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
  - 8. The process of claim 5, further comprising the step of:
    - providing morphing means for recreating the personal computing environment stored on said first smart card onto said second smart card.
  - 9. The process of claim 8, wherein said morphing means transfers the encryption and other rights of said first smart card to said second smart card.
  - 10. The process of claim 1, further comprising the step of:
    - wherein said access key creation means creates a second access key upon request by the user, replacing said first access key with said second access key on said server; and
      
      wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
  - 11. The process of claim 1, further comprising the step of:
    - providing automatic login means resident on said client for logging onto networks and/or Web sites, without the user'"'"'s intervention, using the user'"'"'s information stored on said first smart card.
  - 13. The process of claim 12, further comprising the step of:
    - creating a password and challenge question; and
      
      wherein said password is used to access said server if said first smart card is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a smart card.
  - 14. The process of claim 12, wherein an emergency diskette is created and said client can boot using said diskette instead of said first smart card.
  - 15. The process of claim 13, wherein the user accesses said server through another computer;
    - wherein said server requires the user to log in; and
      
      wherein said server displays said access key to the user if said log in is correct.
  - 16. The process of claim 12, wherein the user enters said first access key into said client;
    - and wherein said client boots in response to said first access key.
  - 17. The process of claim 12, further comprising the steps of:
    - wherein the user requests that said server issue a second smart card to replace said first smart card;
      
      wherein the user makes said request through said client;
      
      retrieving the ID number from said second smart card;
      
      replacing said first smart card'"'"'s ID with said second smart card'"'"'s ID on said server, and wherein said configuration means configures said client to boot if said second smart card is readable, thereby rep lacing said first smart card.
  - 18. The process of claim 17, wherein said server requires the user to enter the proper user and/or other system specific information to validate said request.
  - 19. The process of claim 17, further comprising the step of:
    - wherein said access key creation means creates a second access key;
      
      replacing said first access key with said second access key on said server, and wherein said configuration means configures said client to boot if said second access key is entered, thereby rep lacing said first access key.
  - 20. The process of claim 17, further comprising the step of:
    - providing morphing means for recreating the personal computing environment stored on said first smart card onto said second smart card.
  - 21. The process of claim 20, wherein said morphing means transfers the encryption and other rights of said first smart card to said second smart card.
  - 22. The process of claim 12, further comprising the step of:
    - wherein said access key creation means creates a second access key upon request by the user;
      
      replacing said first access key with said second access key on said server, and wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
  - 23. The process of claim 12, further comprising the step of:
    - providing automatic login means on said client for logging onto networks and/or Web sites, without the user'"'"'s intervention, using the user'"'"'s information stored on said first smart card.
  - 25. The method of claim 24, wherein an emergency diskette is created and said client can boot using said diskette instead of said first smart card.
  - 26. The method of claim 24, wherein the user accesses said server through another computer;
    - wherein said server requires the user to log in; and
      
      wherein said server displays said access key to the user if said log in is correct.
  - 27. The method of claim 24, wherein the user enters said first access key into said client;
    - and wherein said client boots in response to said first access key.
  - 28. The method of claim 24, further comprising the steps of:
    - wherein the user requests that said server issue a second smart card to replace said first smart card;
      
      wherein the user makes said request through said client;
      
      retrieving the ID number from said second smart card;
      
      replacing said first smart card'"'"'s ID with said second smart card'"'"'s ID on said server, and wherein said configuration means configures said client to boot if said second smart card is readable, thereby replacing said first smart card.
  - 29. The method of claim 28, wherein said server requires the user to enter the proper user and/or other system specific information to validate said request.
  - 30. The method of claim 28, further comprising the step of:
    - wherein said access key creation means creates a second access key;
      
      replacing said first access key with said second access key on said server; and
      
      wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
  - 31. The method of claim 28, further comprising the step of:
    - providing morphing means for recreating the personal computing environment stored on said first smart card onto said second smart card.
  - 32. The method of claim 31, wherein said morphing means transfers the encryption and other rights of said first smart card to said second smart card.
  - 33. The method of claim 24, further comprising the step of:
    - wherein said access key creation means creates a second access key upon request by the user, replacing said first access key with said second access key on said server; and
      
      wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
  - 34. The method of claim 24, further comprising the step of:
    - providing automatic login means resident on said client for logging onto networks and/or Web sites, without the user'"'"'s intervention, using the user'"'"'s information stored on said first smart card.
  - 36. The method of claim 35, further comprising the step of:
    - creating a password and challenge question; and
      
      wherein said password is used to access said server if said first smart card is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a smart card.
  - 37. The method of claim 35, wherein an emergency diskette is created and said client can boot using said diskette instead of said first smart card.
  - 38. The method of claim 36, wherein the user accesses said server through another computer, wherein said server requires the user to log in;
    - and wherein said server displays said access key to the user if said log in is correct.
  - 39. The method of claim 35, wherein the user enters said first access key into said client;
    - and wherein said client boots in response to said first access key.
  - 40. The method of claim 35, further comprising the steps of:
    - wherein the user requests that said server issue a second smart card to rep lace said first smart card;
      
      wherein the user makes said request through said client;
      
      retrieving the ID number from said second smart card;
      
      replacing said first smart card'"'"'s ID with said second smart card'"'"'s ID on said server; and
      
      wherein said configuration means configures said client to boot if said second smart card is readable, thereby rep lacing said first smart card.
  - 41. The method of claim 40, wherein said server requires the user to enter the proper user and/or other system specific information to validate said request.
  - 42. The method of claim 40, further comprising the step of:
    - wherein said access key creation means creates a second access key;
      
      replacing said first access key with said second access key on said server, and wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
  - 43. The method of claim 40, further comprising the step of:
    - providing morphing means for recreating the personal computing environment stored on said first smart card onto said second smart card.
  - 44. The method of claim 43, wherein said morphing means transfers the encryption and other rights of said first smart card to said second smart card.
  - 45. The method of claim 35, further comprising the step of:
    - wherein said access key creation means creates a second access key upon request by the user, replacing said first access key with said second access key on said server, and wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
  - 46. The method of claim 35, further comprising the step of:
    - providing automatic login means resident on said client for logging onto networks and/or Web sites, without the user'"'"'s intervention, using the user'"'"'s information stored on said first smart card.

12. A process for storing and recovering security information stored on a first smart card that is used to uniquely access a client computer, comprising the steps of:
- providing a secure server;
  
  retrieving the ID number of said first smart card and other user and system specific information;
  
  storing said first smart card ID and said other user and system specific information on said server;
  
  providing access key creation means on said server for creating a first access key;
  
  storing said first access key on said server; and
  
  providing configuration means for configuring said client to boot only if said first smart card is readable by said client or said first access key is entered.

24. A program storage medium readable by a computer, tangibly embodying a program of instructions executable by the computer to perform method steps for storing and recovering security information stored on a first smart card that is used to uniquely access a client computer, comprising the steps of:
- providing a secure server;
  
  creating a password and challenge question;
  
  wherein said password is used to access said server if said first smart card is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a smart card;
  
  retrieving the ID number of said first smart card and other user and system specific information;
  
  storing said first smart card ID and said other user and system specific information on said server, providing access key creation means on said server for creating a first access key;
  
  storing said first access key on said server; and
  
  providing configuration means for configuring said client to boot only if said first smart card is readable by said client or said first access key is entered.

35. A program storage medium readable by a computer, tangibly embodying a program of instructions executable by the computer to perform method steps for storing and recovering security information stored on a first smart card that is used to uniquely access a client computer, comprising the steps of:
- providing a secure server;
  
  retrieving the ID number of said first smart card and other user and system specific information;
  
  storing said first smart card ID and said other user and system specific information on said server;
  
  providing access key creation means on said server for creating a first access key;
  
  storing said first access key on said server; and
  
  providing configuration means for configuring said client to boot only if said first smart card is readable by said client or said first access key is entered.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
O2 Micro International Limited (O2 Micro Incorporated)
Original Assignee
360 Degree Web Incorporated
Inventors
Li, Miao, Kuo, Chih Jen, Du, Sterling D.

Granted Patent

US 6,981,152 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/31 User authentication

G06F 21/34 involving the use of extern...

Smart card security information configuration and recovery system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

46 Claims

Specification

Solutions

Use Cases

Quick Links

Smart card security information configuration and recovery system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

46 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links