Method and system for establishing a communications pipe between a personal security device and a remote computer system
First Claim
1. A method for establishing a communications pipe between at least one PSD (40) and at least one Remote Computer System (50) over a network (45) using at least one Client (10) as a host to said at least one PSD (40), said at least one Client (10) and said at least one Remote Computer System (50) being in functional communications using a packet-based communications protocol over said network (45), said method comprising the steps of:
- a) generating or retrieving, in said at least one Remote Computer System (50), a request (200;
500) to access said at least one PSD (40), said request (200;
500) being in a high-level messaging format, b) converting, in said at least one Remote Computer System (50), said request (200;
500) from said high-level messaging format to a PSD-formatted request message (220;
520), c) encapsulating, in said at least one Remote Computer System (50), said PSD-formatted request message (220;
520) with said packet-based communications protocol, thus producing an encapsulated PSD-formatted request message (210;
530), d) transmitting (230, 240;
535, 540) said encapsulated PSD-formatted request message (210;
530), using said packet-based communications protocol, from said at least one Remote Computer System (50) to said at least one Client (10) via said network (45), e) extracting, in said at least one Client (10), said PSD-formatted request message (260, 270;
560, 570) from said encapsulated PSD-formatted request message (250;
550), f) transmitting said PSD-formatted request message (260, 270;
560, 570) from said at least one Client (10) to said at least one PSD (40), g) processing, in said at least one PSD (40), said PSD-formatted request message (260, 270;
560, 570), thus producing a PSD-formatted response message (360, 370;
660, 670), h) transmitting said PSD-formatted response message (360, 370;
660, 670) from said at least one PSD (40) to said at least one Client (10), i) encapsulating, in said at least one Client (10), said PSD-formatted response message (360, 370;
660, 670) with said packet-based communications protocol, thus producing an encapsulated PSD-formatted response message (350;
650), j) transmitting (330, 340;
635;
640) said encapsulated PSD-formatted response message (350;
650), using said packet-based communications protocol, from said at least one Client (10) to said at least one Remote Computer System (50) via said network (45), k) extracting, in said at least one Remote Computer System (50), said PSD-formatted response message (320;
630) from said encapsulated PSD-formatted response message (310;
610), and l) converting, in said at least one Remote Computer System (10), said PSD-formatted response message (320;
630) into a high-level response message (300;
600), and m) processing said high-level response message in said at least one Remote Computer System (50).
4 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a method and a system for establishing a communications path (the “pipe” 75) over a communications network (45) between a Personal Security Device (PSD 40) and a Remote Computer System (50) without requiring means for converting high-level messages such as API-level messages to PSD-formatted messages such as APDU-formatted messages (and inversely) to be installed on a local Client (10) in which a PSD (40) is connected.
-
Citations
16 Claims
-
1. A method for establishing a communications pipe between at least one PSD (40) and at least one Remote Computer System (50) over a network (45) using at least one Client (10) as a host to said at least one PSD (40), said at least one Client (10) and said at least one Remote Computer System (50) being in functional communications using a packet-based communications protocol over said network (45), said method comprising the steps of:
-
a) generating or retrieving, in said at least one Remote Computer System (50), a request (200;
500) to access said at least one PSD (40), said request (200;
500) being in a high-level messaging format,b) converting, in said at least one Remote Computer System (50), said request (200;
500) from said high-level messaging format to a PSD-formatted request message (220;
520),c) encapsulating, in said at least one Remote Computer System (50), said PSD-formatted request message (220;
520) with said packet-based communications protocol, thus producing an encapsulated PSD-formatted request message (210;
530),d) transmitting (230, 240;
535, 540) said encapsulated PSD-formatted request message (210;
530), using said packet-based communications protocol, from said at least one Remote Computer System (50) to said at least one Client (10) via said network (45),e) extracting, in said at least one Client (10), said PSD-formatted request message (260, 270;
560, 570) from said encapsulated PSD-formatted request message (250;
550),f) transmitting said PSD-formatted request message (260, 270;
560, 570) from said at least one Client (10) to said at least one PSD (40),g) processing, in said at least one PSD (40), said PSD-formatted request message (260, 270;
560, 570), thus producing a PSD-formatted response message (360, 370;
660, 670),h) transmitting said PSD-formatted response message (360, 370;
660, 670) from said at least one PSD (40) to said at least one Client (10),i) encapsulating, in said at least one Client (10), said PSD-formatted response message (360, 370;
660, 670) with said packet-based communications protocol, thus producing an encapsulated PSD-formatted response message (350;
650),j) transmitting (330, 340;
635;
640) said encapsulated PSD-formatted response message (350;
650), using said packet-based communications protocol, from said at least one Client (10) to said at least one Remote Computer System (50) via said network (45),k) extracting, in said at least one Remote Computer System (50), said PSD-formatted response message (320;
630) from said encapsulated PSD-formatted response message (310;
610), andl) converting, in said at least one Remote Computer System (10), said PSD-formatted response message (320;
630) into a high-level response message (300;
600), andm) processing said high-level response message in said at least one Remote Computer System (50). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A Client (10) for establishing a communications pipe between at least one PSD (40) and at least one Remote Computer System (50) over a network (45) using said Client (10) as a host to said at least one PSD (40), said Client (10) comprising:
-
a) PSD interface means (25) for functionally connecting said at least one PSD (40) to said Client (10), b) Client communications means (105C) for transmitting and receiving messages over said network (45) using a packet-based-communications protocol, c) Client processing means (15) comprising;
c1) means for receiving incoming message packets (250;
550) over said network (45) using said Client communications means (105C), for extracting incoming PSD-formatted messages (260, 270;
560, 570) from said incoming message packets (250;
550), and for transmitting said incoming PSD-formatted messages (260, 270;
560, 570) to said PSD (40) through said PSD interface means (25), andc2) means for receiving outgoing PSD-formatted messages (360, 370;
660, 670) coming from said PSD (40) through said PSD interface (25), for encapsulating said outgoing PSD-formatted messages (360, 370;
660, 670) into outgoing message packets (350;
650), and for transmitting said outgoing message packets (350;
650) over said network (45) using said Client communications means (105C).
-
-
10. A Remote Computer System (50) for establishing a communications pipe between at least one PSD (40) and said Remote Computer System (50) over a network (45) using a Client (10) as a host to said at least one PSD (40), said Remote Computer System (50) comprising:
-
a) Remote Computer System communications means (105S) for transmitting and receiving messages over said network using a packet-based-communications protocol, b) first Remote Computer System data processing means (55) for converting PSD-formatted messages into high-level messages, and inversely, c) second Remote Computer System data processing means (100) for implementing high-level programs, d) third Remote Computer System data processing means (70) comprising;
d1) means for receiving incoming message packets (310;
610) over said network (45) using said Remote Computer System communications means (105S), for extracting incoming PSD-formatted messages (320;
630) from said incoming message packets (310;
610), and for transmitting said incoming PSD-formatted messages (320;
630) to said second Remote Computer System data processing means (100) through said first Remote Computer System data processing means (55), andd2) means for receiving outgoing PSD-formatted messages (220;
520) coming from said second Remote Computer System data processing means (100) through said first Remote Computer System data processing means (55), for encapsulating said outgoing PSD-formatted messages (220;
520) into outgoing message packets (210;
530), and for transmitting said outgoing message packets (210;
530) over said network (45) using said Remote Computer System communications means (105S). - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
Specification