Data integrity
First Claim
1. A method for consuming non-reconciled tokens, said method comprising:
- reading a stored token from a first storage area;
calculating control information corresponding to said stored token;
reading predetermined control information corresponding to said stored token from a second storage area, wherein said first storage area is separate from said second storage area;
comparing said control information to said predetermined control information; and
consuming said stored token conditional on said control information matching said predetermined control information.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for consuming tokens used to control access to restricted resources held at a user'"'"'s machine (106) is disclosed. The method comprises: reading a stored token form a first storage area of the user'"'"'s machine (106), calculating control information for verifying the integrity of the stored token, reading predetermined control information corresponding to the stored token from a second storage area, comparing the control information to the predetermined control information; and consuming the stored token conditional on the control information matching the predetermined control information. The first and second storage areas are separate to help reduce the vulnerability of the tokens to selective replay attack.
71 Citations
109 Claims
-
1. A method for consuming non-reconciled tokens, said method comprising:
-
reading a stored token from a first storage area;
calculating control information corresponding to said stored token;
reading predetermined control information corresponding to said stored token from a second storage area, wherein said first storage area is separate from said second storage area;
comparing said control information to said predetermined control information; and
consuming said stored token conditional on said control information matching said predetermined control information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for storing consumable non-reconciled tokens, said method comprising:
-
receiving a token from a token provider;
storing said token in a first storage area;
obtaining predetermined control information corresponding to said token; and
storing said predetermined control information in a second storage area, wherein said first storage area is separate from said second storage area. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A method for supplying consumable non-reconciled tokens, said method comprising:
-
generating a unique token;
storing a copy of said unique token in at least one data storage device;
providing said unique token to a data processing apparatus to store in a first storage area; and
operating said data processing apparatus to store predetermined control information corresponding to said unique token in a second storage area separate from said first storage area. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
-
-
57. A computer program operable to configure a data processing apparatus to implement a method for consuming non-reconciled tokens said method comprising:
-
reading a stored token from a first storage area;
calculating control information corresponding to said stored token;
reading predetermined control information corresponding to said stored token from a second storage area wherein said first storage area is separate from said second storage area;
comparing said control information to said predetermined control information; and
consuming said stored token conditional on said control information matching said predetermined control information. - View Dependent Claims (58)
-
-
59. A data processing apparatus for providing access to resources in exchange for consumption of a consumable non-reconciled token, said data processing apparatus comprising:
-
a controller operable to access at least one data storage device, wherein said at least one data storage device is configured to provide at least a first and a separate second storage area, wherein said first storage area contains data encoding a stored token and said second storage area contains data encoding predetermined control information corresponding to said stored token; and
a processor configured to;
a) read said stored token from said first storage area;
b) calculate control information corresponding to said stored token;
c) read predetermined control information corresponding to said stored token from said second storage area;
d) compare said control information to said predetermined control information; and
e) permit access to resources and consume said stored token conditional on said control information matching said predetermined control information. - View Dependent Claims (60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77)
-
-
78. A data processing apparatus for generating and distributing consumable non-reconciled tokens, said data processing apparatus comprising:
-
a communications interface;
at least one data storage device; and
a processor configured to;
a) generate a unique token;
b) provide a copy of said unique token to said at least one data storage device for storage; and
c) provide said unique token via said communications interface to a further data processing apparatus to store in a first storage area, wherein said data processing apparatus stores predetermined control information corresponding to said unique token in a second storage area separate from said first storage area. - View Dependent Claims (79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98)
-
-
99. A method for hiding data, comprising:
-
generating a digital fingerprint from a data file stored in a first storage area; and
hiding said digital fingerprint by storing at least part of said digital fingerprint in a second storage area, wherein said first storage area is separate from said second storage area. - View Dependent Claims (100, 101, 102, 103, 104, 105)
-
-
106. A computer program operable to configure a data processing apparatus to implement a method for storing consumable non-reconciled tokens, said method comprising:
-
receiving a token from a token provider;
storing said token in a first storage area;
obtaining predetermined control information corresponding to said token; and
storing said predetermined control information in a second storage area, wherein said first storage area is separate from said second storage area. - View Dependent Claims (107)
-
-
108. A computer program operable to configure a data processing apparatus to implement a method for storing consumable non-reconciled tokens, said method comprising:
-
generating a unique token;
storing a copy of said unique token in at least one data storage device;
providing said unique token to a data processing apparatus to store in a first storage area; and
operating said data processing apparatus to store predetermined control information corresponding to said unique token in a second storage area separate from said first storage area. - View Dependent Claims (109)
-
Specification