Portable network encryption keys
First Claim
1. A portable storage device containing network identification information for a processing unit that is connectable to a data communications network and includes a device reader for reading the portable storage device, the portable storage device comprising storage and an access controller, the storage holding a network identity for the processing unit and at least one encryption key, and the access controller being operable to control access to the storage by implementing key-key encryption.
2 Assignments
0 Petitions
Accused Products
Abstract
A portable storage device, for example a secure smart card, contains network identification information for a processing unit that is connectable to a data communications network, which processing unit includes a device reader for reading the portable storage device. The portable storage device includes storage and an access controller. The storage holds a network identity for the processing unit and at least one encryption key. The access controller is operable to control access to the storage by implementing key-key encryption. An embodiment of the invention thus provides a medium not only for storing a network identity for processing unit, but also for other secure information such as an encryption key associated therewith. The processing unit is operable to access a secure portion of the storage of the portable storage device by supplying a request key to the access controller of the portable storage device, and, in response to receipt of an access key from the access controller, to send an encrypted command to access the content of the storage of the portable storage device. In response to the return of an access key, the processing unit can be operable to use the access key to encrypt a command for access to a secure storage in the portable storage device.
72 Citations
36 Claims
- 1. A portable storage device containing network identification information for a processing unit that is connectable to a data communications network and includes a device reader for reading the portable storage device, the portable storage device comprising storage and an access controller, the storage holding a network identity for the processing unit and at least one encryption key, and the access controller being operable to control access to the storage by implementing key-key encryption.
-
13. A processing unit connectable to a data communications network, the processing unit having a device reader for a portable storage device that includes storage and an access controller, the storage holding a network identity for the processing unit and at least one encryption key, and the access controller controlling access to the storage by implementing key-key encryption, the processing unit being operable to access a secure portion of the storage of the portable storage device by supplying a key-encrypted request to the access controller, and, in response to receipt of an access key from the access controller, being operable to send an encrypted command to access the content of the storage of the portable storage device.
- 21. A control program for a processing unit connectable to a data communications network, the processing unit having a device reader for a portable storage device that includes storage and an access controller, the storage holding a network identity for the processing unit and at least one encryption key, and the access controller controlling access to the storage by implementing key-key encryption, the control program being operable to access a secure portion of the storage of the portable storage device by supplying a key-encrypted request to the access controller, and, in response to receipt of an access key from the access controller, being operable to send an encrypted command to access the content of the storage of the portable storage device.
-
31. A method securing encryption keys for use in a processing unit connectable to a data communications network, the method comprising:
-
providing a portable storage device for a processing unit that is connectable to the data communications network and includes a device reader for reading the portable storage device, which portable storage device comprises storage and an access controller;
providing in the storage a network identity for the processing unit and at least one encryption key; and
implementing key-key encryption in the access controller for controlling access to the storage. - View Dependent Claims (32, 33, 34, 35, 36)
-
Specification