Method and apparatus for securing communications between a smartcard and a terminal

US 20060085848A1
Filed: 10/19/2004
Published: 04/20/2006
Est. Priority Date: 10/19/2004
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

receiving a command to initiate a local link transport layer protection protocol session between a terminal and one of a smartcard and a smartcard reader;

participating in a handshake process between the terminal and one of the smartcard and the smartcard reader, the handshake process including mutual authentication; and

providing data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach for securing communication between a terminal and one of a smartcard and a smartcard reader. A command to initiate a local link transport layer protection protocol session between a terminal and one of a smartcard and a smartcard reader is received at the smartcard or smartcard reader. Responsive to the command, the smartcard or smartcard reader then participates in a handshake process between the terminal and one of the smartcard and the smartcard reader. The handshake process includes mutual authentication. Data is then provided from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process.

Citations

43 Claims

1. A method comprising:
- receiving a command to initiate a local link transport layer protection protocol session between a terminal and one of a smartcard and a smartcard reader;
  
  participating in a handshake process between the terminal and one of the smartcard and the smartcard reader, the handshake process including mutual authentication; and
  
  providing data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein receiving the command to initiate the local link transport layer protection protocol session between the terminal and one of the smartcard and the smartcard reader includes receiving the command to initiate the local link transport layer protection protocol session between a personal computer and one of the smartcard and the smartcard reader.
  - 3. The method of claim 2 wherein receiving the command to initiate the local link transport layer protection protocol session between the terminal and one of the smartcard and the smartcard reader includes receiving the command to initiate the local link transport layer protection protocol session between a personal computer and one of a Subscriber Identity Module (SIM), a Universal SIM (USIM) card, a Removable User Identity Module (RUIM), an IP Multimedia Services Identity Module (ISIM), a Wireless Identity module (WIM), a Java Card and a reader.
  - 4. The method of claim 1 wherein providing data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process includes providing data over a wireless link via a trusted tunnel.
  - 5. The method of claim 4 wherein providing data over the wireless link includes providing data over one of a Bluetooth link a wireless local area network (WLAN) connection and a wireless link operating in the 2.4 GHz ISM (Industrial, Scientific and Medical) band.
  - 6. The method of claim 1 wherein providing data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process includes providing data over a wired link.
  - 7. The method of claim 6 wherein providing data over the wired link includes providing data over a Universal Serial Bus link.
  - 8. The method of claim 1 wherein participating in the handshake process includes using TLS (Transport Layer Security) key derivation procedures.

9. A method comprising:
- issuing a command to initiate a local link transport layer protection protocol session between a terminal and one of a smartcard and a smartcard reader;
  
  participating in a handshake process between the terminal and one of the smartcard and the smartcard reader, the handshake process including mutual authentication; and
  
  receiving data from one of the smartcard and the smartcard reader via a trusted tunnel after successful completion of the handshake process.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 10. The method of claim 9 wherein issuing a command to initiate a local link transport layer protection protocol in response to a host application accessible by the terminal invoking a client application to be executed by the smartcard 210.
  - 11. The method of claim 10 wherein the host application is an Extensible Authentication Protocol Subscriber Identity Module (EAP-SIM) application and the client application is a Wireless Local Area Network-SIM (WLAN-SIM) application.
  - 12. The method of claim 9 wherein issuing the command to initiate the local link transport layer protection protocol session between the terminal and one of the smartcard and the smartcard reader includes issuing the command to initiate the local link transport layer protection protocol session between a personal computer and one of the smartcard and the smartcard reader.
  - 13. The method of claim 12 wherein issuing the command to initiate the local link transport layer protection protocol session between the terminal and one of the smartcard and the smartcard reader includes issuing the command to initiate the local link transport layer protection protocol session between a personal computer and one of a Subscriber Identity Module (SIM), a Universal SIM (USIM) card, a Removable User Identity Module (RUIM), an IP Multimedia Services Identity Module (ISIM), a Wireless Identity module (WIM), a Java Card and a reader.
  - 14. The method of claim 9 wherein receiving data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process includes receiving data over a wireless link via a trusted tunnel.
  - 15. The method of claim 14 wherein receiving data over the wireless link includes receiving data over one of a Bluetooth link a wireless local area network (WLAN) connection and a wireless link operating in the 2.4 GHz ISM (Industrial, Scientific and Medical) band.
  - 16. The method of claim 9 wherein receiving data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process includes receiving data over a wired link.
  - 17. The method of claim 16 wherein receiving data over the wired link includes receiving data over a Universal Serial Bus link.
  - 18. The method of claim 9 wherein receiving data via the trusted tunnel includes receiving data using TLS (Transport Layer Security) cryptographic procedures.

19. An apparatus comprising:
- one of a smartcard and a smartcard reader; and
  
  a data store storing a local link transport layer protection protocol client, the local link transport layer protection protocol client to implement in conjunction with a local link transport layer protection protocol server a local link transport layer protection protocol to establish a trusted tunnel between one of the smartcard and the smartcard reader and a terminal.
- View Dependent Claims (20, 21, 22, 23)
- - 20. The apparatus of claim 19 wherein one of the smartcard and the smartcard reader includes one of a Subscriber Identity Module (SIM), a Universal SIM (USIM) card, a Removable User Identity Module (RUIM), an IP Multimedia Services Identity Module (ISIM), a Wireless Identity module (WIM), a Java Card and a reader.
  - 21. The apparatus of claim 20 wherein the terminal includes one of personal computing system and a personal digital assistant.
  - 22. The apparatus of claim 19 wherein the reader includes one of a mobile telephone and a personal digital assistant.
  - 23. The apparatus of claim 19 wherein one of the smartcard and the smartcard reader is to be coupled to the terminal over a local link connection, the trusted tunnel to be provided over the local link connection, the local link connection being one of a Bluetooth, a Wireless Local Area Network (WLAN), a connection operating in the 2.4 GHz ISM (Industrial, Scientific and Medical) band and a Universal Serial Bus (USB) connection.

24. A system comprising:
- a data store storing a local link transport layer protection protocol server, the local link transport layer protection protocol server to implement in conjunction with a local link transport layer protection protocol client, a local link transport protection protocol to establish a trusted tunnel between the system and one of a smartcard and a smartcard reader; and
  
  a battery connection to receive a battery to provide power to the system.
- View Dependent Claims (25, 26, 27, 28, 29)
- - 25. The system of claim 24 wherein the system is one of a personal computing system and a personal digital assistant.
  - 26. The system of claim 24 wherein one of the smartcard and the smartcard reader is to be coupled to the system over a local link connection, the trusted tunnel to be provided over the local link connection, the local link connection being one of a Bluetooth, a Wireless Local Area Network (WLAN), a connection operating in the 2.4 GHz ISM (Industrial, Scientific and Medical) band and a Universal Serial Bus (USB) connection.
  - 27. The system of claim 26 further comprising a Trusted Platform Module (TPM), the Trusted Platform Module to provide protected storage for data associated with the local link transport layer protection protocol.
  - 28. The system of claim 24 wherein the data store further stores a host application, the host application to invoke a client application to be executed by the smartcard, a local link transport layer protection protocol session to be invoked in response to invocation of the client application.
  - 29. The system of claim 28 wherein the host application is an Extensible Authentication Protocol Subscriber Identity Module (EAP-SIM) application and the client application is a Wireless Local Area Network-SIM (WLAN-SIM) application.

30. A machine-accessible medium storing data that, when accessed by a machine, causes the machine to:
- initiate a local link transport layer protection protocol session between a terminal and one of a smartcard and a smartcard reader;
  
  participate in a handshake process between the terminal and one of the smartcard and the smartcard reader, the handshake process including mutual authentication; and
  
  receive data from one of the smartcard and the smartcard reader via a trusted tunnel after successful completion of the handshake process.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37)
- - 31. The machine-accessible medium of claim 30 wherein initiating a local link transport layer protection protocol is in response to a host application accessible by the terminal invoking a client application to be executed by the smartcard 210.
  - 32. The machine-accessible medium of claim 30 wherein initiating the local link transport layer protection protocol session between the terminal and one of the smartcard and the smartcard reader includes issuing a command to initiate the local link transport layer protection protocol session between a personal computer and one of the smartcard and the smartcard reader.
  - 33. The machine-accessible medium of claim 32 wherein issuing the command to initiate the local link transport layer protection protocol session between the terminal and one of the smartcard and the smartcard reader includes issuing the command to initiate the local link transport layer protection protocol session between a personal computer and one of a Subscriber Identity Module (SIM), a Universal SIM (USIM) card, a Removable User Identity Module (RUIM), an IP Multimedia Services Identity Module (ISIM), a Wireless Identity module (WIM), a Java Card and a reader.
  - 34. The machine-accessible medium of claim 30 wherein receiving data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process includes receiving data over a wireless link via a trusted tunnel.
  - 35. The machine-accessible medium of claim 34 wherein receiving data over the wireless link includes receiving data over one of a Bluetooth link a wireless local area network (WLAN) connection and a wireless link operating in the 2.4 GHz ISM (Industrial, Scientific and Medical) band.
  - 36. The machine-accessible medium of claim 30 wherein receiving data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process includes receiving data over a wired link.
  - 37. The machine-accessible medium of claim 30 wherein receiving data via the trusted tunnel includes receiving data using TLS (Transport Layer Security) cryptographic procedures.

38. A machine-accessible medium storing data that, when accessed by a machine, causes the machine to:
- receive a command to initiate a local link transport layer protection protocol session between a terminal and one of a smartcard and a smartcard reader;
  
  participate in a handshake process between the terminal and one of the smartcard and the smartcard reader, the handshake process including mutual authentication; and
  
  provide data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process.
- View Dependent Claims (39, 40, 41, 42, 43)
- - 39. The machine-accessible medium of claim 38 wherein receiving the command to initiate the local link transport layer protection protocol session between the terminal and one of the smartcard and the smartcard reader includes receiving the command to initiate the local link transport layer protection protocol session between a personal computer and one of the smartcard and the smartcard reader.
  - 40. The machine-accessible medium of claim 39 wherein receiving the command to initiate the local link transport layer protection protocol session between the terminal and one of the smartcard and the smartcard reader includes receiving the command to initiate the local link transport layer protection protocol session between a personal computer and one of a Subscriber Identity Module (SIM), a Universal SIM (USIM) card, a Removable User Identity Module (RUIM), an IP Multimedia Services Identity Module (ISIM), a Wireless Identity module (WIM), a Java Card and a reader.
  - 41. The machine-accessible medium of claim 38 wherein providing data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process includes providing data over a wireless link via a trusted tunnel.
  - 42. The machine-accessible medium of claim 38 wherein providing data from one of the smartcard and the smartcard reader to the terminal via a trusted tunnel after successful completion of the handshake process includes providing data over a wired link.
  - 43. The machine-accessible medium of claim 38 wherein participating in the handshake process includes using TLS (Transport Layer Security) key derivation procedures.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Aissi, Selim, Puthenkulam, Jose P., Yelamanchi, Mrudula, Dharmadhikari, Abhay A., Matasar, Benjamin J., Dashevsky, Jane Y.

Application Number

US10/969,739
Publication Number

US 20060085848A1
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

H04L 63/0853   using an additional device,...

H04L 63/0869   for achieving mutual authen...

H04L 63/166   at the transport layer

H04W 12/069   using certificates or pre-s...

Method and apparatus for securing communications between a smartcard and a terminal

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for securing communications between a smartcard and a terminal

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links