Universal secure messaging for remote security tokens
First Claim
1. A method for establishing a secure end-to-end communications connection between a security token enabled computer system and a security token associated with a wireless intelligent remote device comprising the steps of:
- a. performing a first security transaction which authenticates said security token to said security token enabled computer system, b. establishing a secure communications connection between said security token and said security token enabled computer system which incorporates a shared symmetric key set generated during said first security transaction, c. assigning at least one key from said shared symmetric key set to a dedicated communications channel accessible to said security token, and d. performing a second security transaction which authenticates a user to said security token.
3 Assignments
0 Petitions
Accused Products
Abstract
An anonymous secure messaging method, system and computer program product for implementation over a wireless connection. The invention allows the securely exchange of information between a security token enabled computer system and an intelligent remote device having an operatively coupled security token thereto over the wireless connection. The invention establishes an anonymous secure messaging channel between the security token and the security token enabled computer system, which allows the intelligent remote device to emulate a locally connected security token peripheral device without requiring a physical connection. A dedicated wireless communications channel is incorporated to prevent several concurrent wireless connections from being established with the security token and potentially compromising the security of the information being sent on concurrent wireless connections.
-
Citations
53 Claims
-
1. A method for establishing a secure end-to-end communications connection between a security token enabled computer system and a security token associated with a wireless intelligent remote device comprising the steps of:
-
a. performing a first security transaction which authenticates said security token to said security token enabled computer system, b. establishing a secure communications connection between said security token and said security token enabled computer system which incorporates a shared symmetric key set generated during said first security transaction, c. assigning at least one key from said shared symmetric key set to a dedicated communications channel accessible to said security token, and d. performing a second security transaction which authenticates a user to said security token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for establishing a secure end-to-end communications connection between a security token enabled computer system and a security token associated with a wireless intelligent remote device comprising the steps of,
a. establishing a wireless communications connection between said intelligent remote device and said security token enabled computer system, b. performing a first security transaction which authenticates said security token to said security token enabled computer system, c. establishing an exclusive secure communications connection between said security token and said security token enabled computer system, and d. performing a second security transaction which authenticates a user to said security token.
-
24. A system for establishing a secure end-to-end communications connection between a security token enabled computer system and a security token associated with a wireless intelligent remote device comprising;
said security token enabled computer system including;
a first security transaction means for at least authenticating said security token to said security token enabled computer system;
a first secure communications connection means for at least establishing a cryptographically encoded link between said security token enabled computer system and said security token;
said intelligent remote device including;
a security token interface means for at least operatively coupling said security token to said intelligent remote device;
a user interface means for at least receiving and routing a critical security parameter provided by said user to said security token interface means;
said security token including;
a second secure communications connection means for at least establishing said cryptographically encoded link in conjunction with said first secure communications connection means;
a dedicated communications channel means for preventing a concurrent cryptographically encoded link from being established with said security token; and
a second security transaction means for at least authenticating said user to said security token using at least said critical security parameter. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
36. A system for establishing a secure end-to-end communications connection between a security token enabled computer system and a security token associated with a wireless intelligent remote device comprising;
- said security token enabled computer system including;
a first processor;
a first memory coupled to said first processor;
at least one remote authentication application operatively stored in a first portion of said first memory having logical instructions executable by said first processor to;
authenticate said security token;
establish a secure end-to-end communications connection with said security token;
said intelligent remote device including;
a second processor;
a second memory coupled to said second processor;
a security token interface coupled to said second processor;
a user interface coupled to said second processor; and
,at least one remote device interface application operatively stored in a portion of said second memory having logical instructions executable by said second processor to;
emulate a security token device interface locally coupled to at least said security token enabled computer system; and
,conditionally receive and route a critical security parameter provided by said user via said user interface to said security token; and
said security token including;
at least a third processor;
a third memory coupled to said at least a third processor;
a communications and electromagnetic power interface coupled to said at least a third processor and said security token interface;
at least one token remote authentication application operatively stored in a second portion of said third memory having logical instructions executable by said at least a third processor to;
establish said secure end-to-end communications connection in conjunction with said security token enabled computer system;
restrict said secure end-to-end communications connection to a single wireless communications channel; and
authenticate said user based at least in part on said critical security parameter. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
- said security token enabled computer system including;
-
49. A computer program product embodied in a tangible form readable by a security token processor, wherein said computer program product includes executable instructions stored thereon for causing said security token processor to,
a. utilize one or more security token emulation services provided by an intelligent remote device processor, b. establish a secure end-to-end communications connection in conjunction with a security token enabled computer system processor, c. restrict said secure end-to-end communications connection to a single wireless secure communications channel, and d. authenticate a user.
Specification