Intelligent remote device

US 20050136964A1
Filed: 12/22/2003
Published: 06/23/2005
Est. Priority Date: 12/22/2003
Status: Active Grant

First Claim

Patent Images

1. A method for accessing a security token enabled computer system using an intelligent remote device as a communications interface for a security token comprising the steps of:

a. establishing a wireless communications connection between at least an intelligent remote device and a security token enabled computer system, b. providing a critical security parameter associated with a user to a security token operatively coupled to said intelligent remote device, and c. authenticating said critical security parameter by said security token.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An intelligent remote device equipped with a security token operatively coupled thereto is processing communications with a security token enabled computer system over a wireless private network. The intelligent remote device is adapted to emulate a local security device peripheral connected to the computer system. Multiple computer systems may be authenticated to using the intelligent remote device. Additionally, various secure communications connections mechanisms are described which are intended to augment existing security protocols available using wireless network equipment. Authentication of a user supplied critical security parameter is performed by the security token. The critical security parameter may be provided locally via the intelligent remote device or received from the wireless network and routed to the security token. Aural, visual or vibratory feedback may be provided to the user to signal a successful authentication transaction.

92 Citations

View as Search Results

39 Claims

1. A method for accessing a security token enabled computer system using an intelligent remote device as a communications interface for a security token comprising the steps of:
- a. establishing a wireless communications connection between at least an intelligent remote device and a security token enabled computer system, b. providing a critical security parameter associated with a user to a security token operatively coupled to said intelligent remote device, and c. authenticating said critical security parameter by said security token.
- View Dependent Claims (2, 3, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method according to claim 1 wherein step 1.a further includes the step of authenticating at least said security token to said security token enabled computer system.
  - 3. The method according to claim 1 further including the step of allowing said user access to at least one secure resource if said critical security parameter is successfully authenticated by said security token.
  - 6. The method according to claim 1 wherein said critical security parameter is provided from said security token enabled computer system and sent over said wireless communications connection to said security token.
  - 7. The method according to claim 1 wherein said critical security parameter is provided from said intelligent remote device and sent directly to said security token.
  - 8. The method according to claim 1 wherein said critical security parameter is provided from another computer system and sent to said security token over another wireless connection established between said intelligent remote device and said another computer system.
  - 9. The method according to claim 1 further including the step of providing aural or visual feedback to said user following successful authentication to at least said security token enabled computer system.
  - 10. The method according to claim 1 further including the step of sending an access request message from said intelligent remote device to said security token enabled computer system to initiate establishment of said wireless communications connection
  - 11. The method according to claim 10 wherein said access request message includes at least a first identifier associated with said intelligent remote device, a second identifier associated with said security token or a wireless network address associated with said intelligent remote device.
  - 12. The method according to claim 1 wherein said intelligent remote device includes a personal data assistant, a cellular telephone, a network appliance or a personal security device.

4. The method according to claim I wherein said wireless communications connection includes at least one secure communications protocol comprising secure socket layer, transport layer security, private communications technology, internet protocol security or a secure messaging session.
- View Dependent Claims (5)
- - 5. The method according to claim 4 wherein said wireless communications connection further includes an APDU communications pipe.

13. A method for accessing a security token enabled computer system using an intelligent remote device as a communications interface for a security token comprising the steps of:
- a. establishing a secure communications connection between a security token and a security token enabled computer system via an intelligent remote device, b. authenticating at least said security token to said security token enabled computer system, c. providing a critical security parameter associated with a user to said security token, and d. authenticating said critical security parameter by said security token.
- View Dependent Claims (14, 15)
- - 14. The method according to claim 13 wherein said secure communications connection comprises an optical wireless connection, a radio frequency wireless connection, an electrical connection or a combination thereof.
  - 15. The method according to claim 13 wherein said secure communications connection includes at least one secure communications protocol comprising secure socket layer, transport layer security, private communications technology, internet protocol security or a secure messaging session.

16. The method according to step 13 wherein said secure communications connection may be initiated from either said intelligent remote device or said security token enabled computer system.

17. A system for accessing a security token enabled computer system using an intelligent remote device as a communications interface for a security token comprising:
- an intelligent remote device including means for;
  
  communicating with at least a security token enabled computer system over at least a wireless communications connection, operatively coupling a security token to said intelligent remote device, receiving a critical security parameter provided by a user, and emulating a security token peripheral device locally connected to said security token enabled computer system;
  
  said security token including means for;
  
  receiving a critical security parameter associated with said user, authenticating said critical security parameter; and
  
  said security token enabled computer system including means for;
  
  utilizing said intelligent remote device as said security token peripheral device, and allowing said user access to at least one secure resource following successful authentication of said critical security parameter.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 18. The system according to claim 17 wherein said computer system further includes means for sending an access request message to said security token enabled computer system.
  - 19. The system according to claim 18 wherein said access request message includes at least a first identifier associated with said intelligent remote device, a second identifier associated with said security token or a wireless network address associated with said intelligent remote device.
  - 20. The system according to claim 17 wherein said at least a wireless communications connection includes at least one secure communications protocol comprising secure socket layer, transport layer security, private communications technology, internet protocol security or a secure messaging session.
  - 21. The system according to claim 17 wherein said security token enabled computer system further includes means for providing said critical security parameter to said security token over said wireless communications connection.
  - 22. The system according to claim 21 wherein said critical security parameter is provided from said security token enabled computer system and sent over said wireless communications connection to said security token.
  - 23. The system according to claim 17 wherein said critical security parameter is provided from said intelligent remote device and sent directly to said security token.
  - 24. The system according to claim 17 wherein said critical security parameter is provided from another computer system and sent to said security token over another wireless connection established between said intelligent remote device and said another computer system.
  - 25. The system according to claim 17 wherein said intelligent remote device or said security token enabled computer system further includes means for providing aural or visual feedback to said user upon successful completion of said two-factor authentication transaction.
  - 26. The system according to claim 17 wherein said intelligent remote device includes a personal data assistant, a cellular telephone, a network appliance or a personal security device.

27. A system for accessing a security token enabled computer system using an intelligent remote device as a communications interface for a security token comprising:
- an intelligent remote device in processing communications with at least a security token enabled computer system over a communications connection, said intelligent remote device including;
  
  a device processor, a device memory coupled to said device processor, a security token interface means coupled to said device processor, and at least one remote device application operatively stored in at least a portion of said device memory, said at least one remote device application having logical instructions executable by said device processor to;
  
  exchange information with said at least a security token enabled computer system and said security token, receive a critical security parameter provided by a user;
  
  emulate a security token peripheral device locally connected to said security token enabled computer system;
  
  said security token operatively coupled to said intelligent remote device via said security token interface means, said security token including;
  
  a token processor, a token memory coupled to said token processor, at least one token application operatively stored in at least another portion of said token memory, said at least one token application having logical instructions executable by said token processor to;
  
  receive said critical security parameter provided by said user, authenticate said received critical security parameter; and
  
  , said security token enabled computer system including;
  
  a computer processor, a computer memory coupled to said computer processor, and at least one computer application operatively stored in at least a portion of said computer memory, said at least one computer application having logical instructions executable by said computer processor to;
  
  exchange information with at least said intelligent remote device security token enabled computer system over said communications connection, receive a critical security parameter provided by said user, utilize said intelligent remote device as said locally connected security token peripheral device, and allow access to at least one secure resource following a successful authentication of said critical security parameter.
- View Dependent Claims (28, 29, 30, 31)
- - 28. The system according to claim 27 wherein said critical security parameter may be provided to said security token via at least said intelligent remote device or said security token enabled computer system.
  - 29. The system according to claim 27 wherein said at least one device application further includes logical instructions executable by said device processor to send an access request message to said security token enabled computer system to invoke establishment of said communications connection between at least said intelligent remote device and said security token enabled computer system
  - 30. The system according to claim 27 wherein said communications connection includes at least one secure communications protocol comprising secure socket layer, transport layer security, private communications technology, intemet protocol security or a secure messaging session.
  - 31. The system according to claim 27 wherein said security token enabled computer system and said intelligent remote device include means for exchanging information over said communications connection via an APDU communications pipe.

32. A set of application program interfaces embodied on a computer readable medium for execution by a processor included in an intelligent remote device and a security token enabled computer system which allows the intelligent remote device to emulate a security token peripheral device locally connected to the security token enabled computer system comprising:
- a first interface that exchanges information between a security token and a remote security token enabled computer system in a protocol native to said security token; and
  
  , a second interface that receives and routes a critical security parameter to said security token.
- View Dependent Claims (33, 34, 35, 36)
- - 33. The set of application interface programs according to claim 32 wherein said first interface converts said information into said native protocol.
  - 34. The set of application interface programs according to claim 32 wherein said first interface extracts said information from communications packets already in said native protocol.
  - 35. The set of application interface programs according to claim 32 wherein said critical security parameter is received from a local user interface.
  - 36. The set of application interface programs according to claim 32 wherein said critical security parameter is received from a remote user interface.

37. A computer program product embodied in a tangible form readable by a plurality of processors in processing communications, wherein said computer program product includes executable instructions stored thereon for causing one or more of said plurality of processors to;
- a. establish a secure communications connection between a security token and a security token enabled computer system via an intelligent remote device, b. authenticate at least said security token to said security token enabled computer system, c. provide a critical security parameter associated with a user to said security token, and d. authenticate said critical security parameter by said security token.
- View Dependent Claims (38, 39)
- - 38. The computer program product according to claim 37 wherein said tangible form includes magnetic media, optical media or logical media.
  - 39. The computer program product according to claim 37 wherein said executable instructions are stored in a code format including byte code, compiled, interpreted, compliable or interpretable.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assa Abloy AB
Original Assignee
Activcard Ireland, Limited
Inventors
Le Saint, Eric F., Fedronic, Dominique Louis Joseph

Granted Patent

US 7,907,935 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/522
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

H04L 63/0853   using an additional device,...

H04L 63/166   at the transport layer

H04W 12/069   using certificates or pre-s...

H04W 12/08   Access security

Intelligent remote device

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

92 Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

Intelligent remote device

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

92 Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links