Data access security implementation using the public key mechanism
First Claim
1. A smart card in which application programs and data items are linked in a manner that allows secure access to the data items, providing application programs the right to access a data item while preventing security breaches, allowing applications and data to be independently updated, and allowing multiple applications to share the data item, comprising:
- a microprocessor;
a memory connected to the microprocessor and storing;
a file-system having a first application program having associated therewith a first public key and a data file having associated therewith a second public key, wherein the first application program comprises a data access logic operable to cause the microprocessor to attempt to access the data file;
an operator system program having an authorization logic having instructions operable to cause the microprocessor to compare the public key associated with the first application program and permitting access if the public key associated with the first application program corresponds to public key associated with the data file.
1 Assignment
0 Petitions
Accused Products
Abstract
Providing application programs the right to access a data item while preventing security breaches, allowing applications and data to be independently updated, and allowing multiple applications to share the data item. Each application program has associated therewith a first public key and each data file has associated therewith a second public key. If these public keys match for a particular application program and data file, the application program is granted access to the data file.
157 Citations
10 Claims
-
1. A smart card in which application programs and data items are linked in a manner that allows secure access to the data items, providing application programs the right to access a data item while preventing security breaches, allowing applications and data to be independently updated, and allowing multiple applications to share the data item, comprising:
-
a microprocessor;
a memory connected to the microprocessor and storing;
a file-system having a first application program having associated therewith a first public key and a data file having associated therewith a second public key, wherein the first application program comprises a data access logic operable to cause the microprocessor to attempt to access the data file;
an operator system program having an authorization logic having instructions operable to cause the microprocessor to compare the public key associated with the first application program and permitting access if the public key associated with the first application program corresponds to public key associated with the data file.
-
-
2. A smart card in which application programs and data items are linked in a manner that allows secure access to the data items, providing application programs the right to access a data item while preventing security breaches, allowing applications and data to be independently updated, and allowing multiple applications to share the data item, comprising:
-
a file system having at least one data item with a first public key associated therewith;
an operating system for managing the execution of application programs loaded onto the smart card and having an authorization logic for verifying that application programs have use rights allowing access to data items that such application programs seek to access wherein the authorization logic is operable to compare a public key associated with any such application program and the first public key associated with a data item the any such application program seeks to access. - View Dependent Claims (3, 4, 5, 6)
-
-
7. A method of operating a multi-application smart card to ensure that only application programs that have appropriate access rights to access protected data items, comprising:
-
associating a first public key with a protected data item;
associating a second public key with an application program;
causing a microprocessor of the multi-application program to execute the application program;
determining that the application program is seeking access to the protected data item;
in response to determining that the application program is seeking access to the protected data item, comparing the first public key to the second public key and based on that comparison determining the access right of the application program to the data item. - View Dependent Claims (8, 9, 10)
-
Specification